RE: [PATCH v2 02/14] AP: Support PASN with SAE key derivation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

> -----Original Message-----
> From: Jouni Malinen <j@xxxxx>
> Sent: Thursday, January 21, 2021 16:01
> To: Peer, Ilan <ilan.peer@xxxxxxxxx>
> Cc: hostap@xxxxxxxxxxxxxxxxxxx
> Subject: Re: [PATCH v2 02/14] AP: Support PASN with SAE key derivation
> 
> On Wed, Dec 16, 2020 at 01:00:53PM +0200, Ilan Peer wrote:
> > diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
> 
> > +static const char *sae_get_password(struct hostapd_data *hapd,
> 
> > -	if (rx_id && hapd->conf->sae_pwe != 3)
> > -		use_pt = 1;
> > -	else if (status_code == WLAN_STATUS_SUCCESS)
> > -		use_pt = 0;
> > -	else if (status_code == WLAN_STATUS_SAE_HASH_TO_ELEMENT ||
> > -		 status_code == WLAN_STATUS_SAE_PK)
> > -		use_pt = 1;
> 
> > +static struct wpabuf *auth_build_sae_commit(struct hostapd_data
> > +*hapd,
> 
> > +	if (status_code == WLAN_STATUS_SUCCESS)
> > +		use_pt = 0;
> > +	else if (status_code == WLAN_STATUS_SAE_HASH_TO_ELEMENT)
> > +		use_pt = 1;
> 
> What happened here to that rx_id && sae_pwe != 3 check and why? Isn't
> this breaking that case?
> 
> Similarly, this seems to be breaking SAE-PK due to that missing
> WLAN_STATUS_SAE_PK check.
> 

This is a mistake I made when preparing the patches for this submission. 
The implementation I have includes the support of the missing parts above.

> Undesired whitespace changes make this diff more difficult to read than
> necessary with the two functions getting mixed up. Anyway, it looks clear
> that the sae_get_password() here is based on an older snapshot of
> auth_build_sae_commit() implementation and instead of moving the current
> implementation to a helper function, this moves back in time for that moved
> segment and breaks newer items.
> 
> > +static int pasn_wd_handle_sae_commit(struct hostapd_data *hapd,
> > +	if (alg != WLAN_AUTH_SAE || seq != 1 || status !=
> > +WLAN_STATUS_SUCCESS) {
> 
> And just like for station side, this AP implementation seems to be unaware of
> SAE H2E, so same questions apply here.
> 

Same as my answer for the previous patch. The core implementation was done
prior to SAE H2E.

Let me know if you would like a fixed version of this patch, and I'll prepare it.

Regards,

Ilan.

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux