Re: [PATCH] hostapd: SAE check confirm fail status code

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Nov 23, 2022 at 12:15:16PM +0000, Mert Ekren wrote:
> (sending this mail again with signed-off-by tag)

> When STA password check fails in wpa3 AP, there's an ambiguous response "WLAN_STATUS_UNSPECIFIED_FAILURE" in hostapd. There's a pre-defined status "CHALLENGE_FAILURE" in standard for this case.
> 
> IEEE 802.11-2022 says that status code CHALLENGE_FAILURE, needs to be sent in case the verification action fails for SAE-CONFIRM frame from a STA:"An SAE Confirm message, with a status code not equal to SUCCESS, shall indicate that a peer rejects a previously sent SAE Confirm message. An SAE Confirm message that was not successfully verified is indicated with a status code of CHALLENGE_FAILURE" .
> Hostapd, however, does not implement this status code. In ieee802_11.c the function “sae_check_confirm” is called and in case of verification failure (-1 is returned), the response is set to WLAN_STATUS_UNSPECIFIED_FAILURE (status code = 1). This is not correct and should be modified as:

Thanks, applied.
 
-- 
Jouni Malinen                                            PGP id EFC895FA

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap




[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux