[PATCH] Remove data->phase2_success check for accessing EAP-TTLS key material.

Michael Stapelberg stapelberg at google.com
Sat Sep 10 04:28:59 PDT 2016 

This fixes the 4-way handshake when joining a WPA-EAP wireless network which is
configured to return EAP-Success as soon as the inner EAP method is started
within an EAP-TTLS tunnel.

Such a wireless configuration is common at Chaos Computer Club events (e.g. the
yearly Chaos Communication Congress, or various smaller events which re-use the
same wireless network configuration), where 802.1x is merely used to select
VLANs and ensure individual users have different encryption keys, but NOT for
authentication.

data->phase2_success was checked in eap_ttls_isKeyAvailable and eap_ttls_getKey
since 2008 at least (commit 6fc6879bd55a394f807cbbe927df736c190cb8ab is the
earliest commit that is included in the git repository).

Commit 7f7bfba919a76bb03a7f762eab0ac00d4f5c3184 (2015-02-01) introduced the
allow_canned_success=1 configuration option, so I am assuming not removing
data->phase2_success was an oversight of that commit.

Debug log excerpt from before this commit:

[…]
wlp4s0: WPA: RX message 1 of 4-Way Handshake from 66:70:02:77:e2:70 (ver=2)
RSN: msg 1/4 key data - hexdump(len=22): […]
WPA: PMKID in EAPOL-Key - hexdump(len=22): […]
RSN: PMKID from Authenticator - hexdump(len=16): […]
wlp4s0: RSN: no matching PMKID found
EAPOL: EAP key not available
EAPOL: EAP key not available
wlp4s0: WPA: Failed to get master session key from EAPOL state machines - key handshake aborted
wlp4s0: RSN: no PMKSA entry found - trigger full EAP authentication
wlp4s0: RSN: Do not reply to msg 1/4 - requesting full EAP authentication
l2_packet_receive: src=66:70:02:77:e2:70 len=9
wlp4s0: RX EAPOL from 66:70:02:77:e2:70
RX EAPOL - hexdump(len=9): 02 00 00 05 01 7a 00 05 01
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_PAE entering state RESTART
[…]

Debug log excerpt from after this commit:

[…]
wlp4s0: WPA: RX message 1 of 4-Way Handshake from 66:70:02:77:e2:70 (ver=2)
RSN: msg 1/4 key data - hexdump(len=22): […]
WPA: PMKID in EAPOL-Key - hexdump(len=22): […]
RSN: PMKID from Authenticator - hexdump(len=16): […]
wlp4s0: RSN: no matching PMKID found
EAPOL: Successfully fetched key (len=32)
EAPOL: Successfully fetched key (len=64)
WPA: PMK from EAPOL state machines - hexdump(len=32): […]
[…]

Signed-off-by: Michael Stapelberg <stapelberg at google.com>
---
 src/eap_peer/eap_ttls.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/eap_peer/eap_ttls.c b/src/eap_peer/eap_ttls.c
index 92f94dc..0c7509c 100644
--- a/src/eap_peer/eap_ttls.c
+++ b/src/eap_peer/eap_ttls.c
@@ -1727,7 +1727,7 @@ static int eap_ttls_get_status(struct eap_sm *sm, void *priv, char *buf,
 static Boolean eap_ttls_isKeyAvailable(struct eap_sm *sm, void *priv)
 {
 	struct eap_ttls_data *data = priv;
-	return data->key_data != NULL && data->phase2_success;
+	return data->key_data != NULL;
 }
 
 
@@ -1736,7 +1736,7 @@ static u8 * eap_ttls_getKey(struct eap_sm *sm, void *priv, size_t *len)
 	struct eap_ttls_data *data = priv;
 	u8 *key;
 
-	if (data->key_data == NULL || !data->phase2_success)
+	if (data->key_data == NULL)
 		return NULL;
 
 	key = os_malloc(EAP_TLS_KEY_LEN);
-- 
2.9.3

More information about the Hostap mailing list