[PATCH] hostap: send the driver the new gtk after mic failure
Jouni Malinen
j
Sun Oct 30 13:22:07 PDT 2011
On Tue, Aug 09, 2011 at 10:42:04AM +0300, Yoni Divinsky wrote:
> The GTK is renewed in the hostapd after a MIC attack
> dissassociation without informing the driver,
> causing decryption failures.
> This patch sends the new gtk to the driver after it
> is updated by the hostapd.
Thanks! Applied with some changes.
> diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
> @@ -2466,6 +2466,9 @@ void wpa_gtk_rekey(struct wpa_authenticator *wpa_auth)
> #endif /* CONFIG_IEEE80211W */
> wpa_gtk_update(wpa_auth, group);
> }
> + /* Send the Key to the device */
> + wpa_group_setkeysdone (wpa_auth,wpa_auth->group);
I changes this to call wpa_group_config_group_keys() directly in order
not to make this look like a state machine transition. In addition, it
is probably better to update both GTK keys, so I moved this to be within
the loop.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list