Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Fix EAPOL-Key Install bit in Group Key 1/2 with FT and FILS auth

sm->Pair needs to be initialized to TRUE since unicast cipher is
supported and this is an ESS. However, the normal place for setting this
(WPA_PTK::INITIALIZE) is skipped with using FT protocol or FILS
authentication, so need to do that separately when forcing PTKINITDONE.

Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen 8 years ago
parent
7e6cc3288c
commit
3bbc470502
1 changed files with 2 additions and 0 deletions
Split View Show Diff Stats
  1. 2 0
      src/ap/wpa_auth.c

+ 2 - 0
src/ap/wpa_auth.c
View File 

@@ -615,6 +615,7 @@ int wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth,
 
 				"start 4-way handshake");
 
 		/* Go to PTKINITDONE state to allow GTK rekeying */
 
 		sm->wpa_ptk_state = WPA_PTK_PTKINITDONE;
 
+		sm->Pair = TRUE;
 
 		return 0;
 
 	}
 
 #endif /* CONFIG_IEEE80211R_AP */
 
@@ -625,6 +626,7 @@ int wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth,
 
 				"FILS authentication already completed - do not start 4-way handshake");
 
 		/* Go to PTKINITDONE state to allow GTK rekeying */
 
 		sm->wpa_ptk_state = WPA_PTK_PTKINITDONE;
 
+		sm->Pair = TRUE;
 
 		return 0;
 
 	}
 
 #endif /* CONFIG_FILS */