From: Michael Braun <michael-dev@xxxxxxxxxxxxx> Otherwise the station might end up using old ANonce. Signed-off-by: Michael Braun <michael-dev@xxxxxxxxxxxxx> --- src/ap/wpa_auth_ft.c | 15 ++++++++++++--- src/ap/wpa_auth_i.h | 1 + 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c index 6158212..7dff527 100644 --- a/src/ap/wpa_auth_ft.c +++ b/src/ap/wpa_auth_ft.c @@ -1297,16 +1297,22 @@ static int wpa_ft_process_auth_req(struct wpa_state_machine *sm, sm->pmk_r1_name_valid = 1; os_memcpy(sm->pmk_r1_name, pmk_r1_name, WPA_PMK_NAME_LEN); - if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) { + if (!sm->ANoncePresent && + random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) { wpa_printf(MSG_DEBUG, "FT: Failed to get random data for " "ANonce"); return WLAN_STATUS_UNSPECIFIED_FAILURE; } + if (!sm->ANoncePresent) + wpa_hexdump(MSG_DEBUG, "FT: Generated ANonce", + sm->ANonce, WPA_NONCE_LEN); + else + wpa_hexdump(MSG_DEBUG, "FT: Reuse ANonce", + sm->ANonce, WPA_NONCE_LEN); + sm->ANoncePresent = 1; wpa_hexdump(MSG_DEBUG, "FT: Received SNonce", sm->SNonce, WPA_NONCE_LEN); - wpa_hexdump(MSG_DEBUG, "FT: Generated ANonce", - sm->ANonce, WPA_NONCE_LEN); if (wpa_pmk_r1_to_ptk(pmk_r1, sm->SNonce, sm->ANonce, sm->addr, sm->wpa_auth->addr, pmk_r1_name, @@ -1420,6 +1426,9 @@ u16 wpa_ft_validate_reassoc(struct wpa_state_machine *sm, const u8 *ies, if (sm == NULL) return WLAN_STATUS_UNSPECIFIED_FAILURE; + /* station entered ASSOC state, so next AUTH will get new ANonce */ + sm->ANoncePresent = 0; + wpa_hexdump(MSG_DEBUG, "FT: Reassoc Req IEs", ies, ies_len); if (wpa_ft_parse_ies(ies, ies_len, &parse) < 0) { diff --git a/src/ap/wpa_auth_i.h b/src/ap/wpa_auth_i.h index c634c32..ec4e40c 100644 --- a/src/ap/wpa_auth_i.h +++ b/src/ap/wpa_auth_i.h @@ -57,6 +57,7 @@ struct wpa_state_machine { Boolean MICVerified; Boolean GUpdateStationKeys; u8 ANonce[WPA_NONCE_LEN]; + Boolean ANoncePresent; u8 SNonce[WPA_NONCE_LEN]; u8 alt_SNonce[WPA_NONCE_LEN]; u8 alt_replay_counter[WPA_REPLAY_COUNTER_LEN]; -- 1.9.1 _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap