Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

FT: Fix GTK rekeying after FT protocol

Move to PTKINITDONE state and mark PTK valid after successful completion
of FT protocol. This allows the AP/Authenticator to start GTK rekeying
when FT protocol is used. Previously, the station using FT protocol did
not get the new GTK which would break delivery of group addressed
frames.

Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen 10 years ago
parent
3b25ad4cd6
commit
3d4d2348c0
2 changed files with 3 additions and 0 deletions
Split View Show Diff Stats
  1. 2 0
      src/ap/wpa_auth.c
  2. 1 0
      src/ap/wpa_auth_ft.c

+ 2 - 0
src/ap/wpa_auth.c
View File 

@@ -565,6 +565,8 @@ int wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth,
 
 		wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG,
 
 				"FT authentication already completed - do not "
 
 				"start 4-way handshake");
 
+		/* Go to PTKINITDONE state to allow GTK rekeying */
 
+		sm->wpa_ptk_state = WPA_PTK_PTKINITDONE;
 
 		return 0;
 
 	}
 
 #endif /* CONFIG_IEEE80211R */

+ 1 - 0
src/ap/wpa_auth_ft.c
View File 

@@ -898,6 +898,7 @@ static int wpa_ft_process_auth_req(struct wpa_state_machine *sm,
 
 	wpa_hexdump(MSG_DEBUG, "FT: PTKName", ptk_name, WPA_PMK_NAME_LEN);
 
 
 	sm->pairwise = pairwise;
 
+	sm->PTK_valid = TRUE;
 
 	wpa_ft_install_ptk(sm);
 
 
 	buflen = 2 + sizeof(struct rsn_mdie) + 2 + sizeof(struct rsn_ftie) +