[PATCH] tests: Fix clearing of IGTK PN in handshake retransmit test functions

Mathy Vanhoef Mathy.Vanhoef at cs.kuleuven.be
Sun Apr 1 10:16:47 PDT 2018


When locating the position of the IGTK PN in the key data, we also need to
skip the KDE header, in addition to the keyid field.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef at cs.kuleuven.be>
---
 src/ap/wpa_auth.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 8dde1d0aa..e3fa23f9b 100644
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -4684,7 +4684,7 @@ int wpa_auth_resend_m3(struct wpa_state_machine *sm,
 	opos = pos;
 	pos = ieee80211w_kde_add(sm, pos);
 	if (pos - opos >= WPA_IGTK_KDE_PREFIX_LEN) {
-		opos += 2; /* skip keyid */
+		opos += 2 + RSN_SELECTOR_LEN + 2; /* skip KDE header and keyid */
 		os_memset(opos, 0, 6); /* clear PN */
 	}
 #endif /* CONFIG_IEEE80211W */
@@ -4780,7 +4780,7 @@ int wpa_auth_resend_group_m1(struct wpa_state_machine *sm,
 		opos = pos;
 		pos = ieee80211w_kde_add(sm, pos);
 		if (pos - opos >= WPA_IGTK_KDE_PREFIX_LEN) {
-			opos += 2; /* skip keyid */
+			opos += 2 + RSN_SELECTOR_LEN + 2; /* skip KDE header and keyid */
 			os_memset(opos, 0, 6); /* clear PN */
 		}
 #endif /* CONFIG_IEEE80211W */
-- 
2.16.2



More information about the Hostap mailing list