When locating the position of the IGTK PN in the key data, we also need to
skip the KDE header, in addition to the keyid field.
Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@xxxxxxxxxxxxxx>
---
src/ap/wpa_auth.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 8dde1d0aa..e3fa23f9b 100644
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -4684,7 +4684,7 @@ int wpa_auth_resend_m3(struct wpa_state_machine *sm,
opos = pos;
pos = ieee80211w_kde_add(sm, pos);
if (pos - opos >= WPA_IGTK_KDE_PREFIX_LEN) {
- opos += 2; /* skip keyid */
+ opos += 2 + RSN_SELECTOR_LEN + 2; /* skip KDE header and keyid */
os_memset(opos, 0, 6); /* clear PN */
}
#endif /* CONFIG_IEEE80211W */
@@ -4780,7 +4780,7 @@ int wpa_auth_resend_group_m1(struct wpa_state_machine *sm,
opos = pos;
pos = ieee80211w_kde_add(sm, pos);
if (pos - opos >= WPA_IGTK_KDE_PREFIX_LEN) {
- opos += 2; /* skip keyid */
+ opos += 2 + RSN_SELECTOR_LEN + 2; /* skip KDE header and keyid */
os_memset(opos, 0, 6); /* clear PN */
}
#endif /* CONFIG_IEEE80211W */
--
2.16.2
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
