[PATCH 34/44] FT: do not change ANonce during re-sent auth request

michael-dev at fami-braun.de michael-dev at fami-braun.de
Wed Feb 24 03:53:40 PST 2016 

From: Michael Braun <michael-dev at fami-braun.de>

Otherwise the station might end up using old ANonce.

Signed-off-by: Michael Braun <michael-dev at fami-braun.de>
---
 src/ap/wpa_auth_ft.c | 15 ++++++++++++---
 src/ap/wpa_auth_i.h  |  1 +
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c
index 6158212..7dff527 100644
--- a/src/ap/wpa_auth_ft.c
+++ b/src/ap/wpa_auth_ft.c
@@ -1297,16 +1297,22 @@ static int wpa_ft_process_auth_req(struct wpa_state_machine *sm,
 	sm->pmk_r1_name_valid = 1;
 	os_memcpy(sm->pmk_r1_name, pmk_r1_name, WPA_PMK_NAME_LEN);
 
-	if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) {
+	if (!sm->ANoncePresent &&
+	    random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) {
 		wpa_printf(MSG_DEBUG, "FT: Failed to get random data for "
 			   "ANonce");
 		return WLAN_STATUS_UNSPECIFIED_FAILURE;
 	}
+	if (!sm->ANoncePresent)
+		wpa_hexdump(MSG_DEBUG, "FT: Generated ANonce",
+			    sm->ANonce, WPA_NONCE_LEN);
+	else
+		wpa_hexdump(MSG_DEBUG, "FT: Reuse ANonce",
+			    sm->ANonce, WPA_NONCE_LEN);
+	sm->ANoncePresent = 1;
 
 	wpa_hexdump(MSG_DEBUG, "FT: Received SNonce",
 		    sm->SNonce, WPA_NONCE_LEN);
-	wpa_hexdump(MSG_DEBUG, "FT: Generated ANonce",
-		    sm->ANonce, WPA_NONCE_LEN);
 
 	if (wpa_pmk_r1_to_ptk(pmk_r1, sm->SNonce, sm->ANonce, sm->addr,
 			      sm->wpa_auth->addr, pmk_r1_name,
@@ -1420,6 +1426,9 @@ u16 wpa_ft_validate_reassoc(struct wpa_state_machine *sm, const u8 *ies,
 	if (sm == NULL)
 		return WLAN_STATUS_UNSPECIFIED_FAILURE;
 
+	/* station entered ASSOC state, so next AUTH will get new ANonce */
+	sm->ANoncePresent = 0;
+
 	wpa_hexdump(MSG_DEBUG, "FT: Reassoc Req IEs", ies, ies_len);
 
 	if (wpa_ft_parse_ies(ies, ies_len, &parse) < 0) {
diff --git a/src/ap/wpa_auth_i.h b/src/ap/wpa_auth_i.h
index c634c32..ec4e40c 100644
--- a/src/ap/wpa_auth_i.h
+++ b/src/ap/wpa_auth_i.h
@@ -57,6 +57,7 @@ struct wpa_state_machine {
 	Boolean MICVerified;
 	Boolean GUpdateStationKeys;
 	u8 ANonce[WPA_NONCE_LEN];
+	Boolean ANoncePresent;
 	u8 SNonce[WPA_NONCE_LEN];
 	u8 alt_SNonce[WPA_NONCE_LEN];
 	u8 alt_replay_counter[WPA_REPLAY_COUNTER_LEN];
-- 
1.9.1

More information about the Hostap mailing list