Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

OWE: Include RSNE in (Re)Association Response frame

This is not normally done in RSN, but RFC 8110 seems to imply that AP
has to include OWE AKM in the RSNE within these frames. So, add the RSNE
to (Re)Association Response frames when OWE is being negotiated.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen 7 years ago
parent
4361ab0108
commit
d8c8d85753
3 changed files with 26 additions and 1 deletions
Split View Show Diff Stats
  1. 8 1
      src/ap/ieee802_11.c
  2. 3 0
      src/ap/wpa_auth.h
  3. 15 0
      src/ap/wpa_auth_ie.c

+ 8 - 1
src/ap/ieee802_11.c
View File 

@@ -2622,7 +2622,7 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta,
 
 #endif /* CONFIG_FILS */
 
 #ifdef CONFIG_OWE
 
 	if (sta && (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE))
 
-		buflen += 50;
 
+		buflen += 150;
 
 #endif /* CONFIG_OWE */
 
 	buf = os_zalloc(buflen);
 
 	if (!buf) {
 
@@ -2661,6 +2661,13 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta,
 
 	}
 
 #endif /* CONFIG_IEEE80211R_AP */
 
 
+#ifdef CONFIG_OWE
 
+	if (sta && (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE))
 
+		p = wpa_auth_write_assoc_resp_owe(sta->wpa_sm, p,
 
+						  buf + buflen - p,
 
+						  ies, ies_len);
 
+#endif /* CONFIG_OWE */
 
+
 
 #ifdef CONFIG_IEEE80211W
 
 	if (sta && status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY)
 
 		p = hostapd_eid_assoc_comeback_time(hapd, sta, p);

+ 3 - 0
src/ap/wpa_auth.h
View File 

@@ -422,5 +422,8 @@ int wpa_auth_write_fte(struct wpa_authenticator *wpa_auth, u8 *buf, size_t len);
 
 void wpa_auth_get_fils_aead_params(struct wpa_state_machine *sm,
 
 				   u8 *fils_anonce, u8 *fils_snonce,
 
 				   u8 *fils_kek, size_t *fils_kek_len);
 
+u8 * wpa_auth_write_assoc_resp_owe(struct wpa_state_machine *sm,
 
+				   u8 *pos, size_t max_len,
 
+				   const u8 *req_ies, size_t req_ies_len);
 
 
 #endif /* WPA_AUTH_H */

+ 15 - 0
src/ap/wpa_auth_ie.c
View File 

@@ -1042,3 +1042,18 @@ int wpa_auth_uses_mfp(struct wpa_state_machine *sm)
 
 {
 
 	return sm ? sm->mgmt_frame_prot : 0;
 
 }
 
+
 
+
 
+#ifdef CONFIG_OWE
 
+u8 * wpa_auth_write_assoc_resp_owe(struct wpa_state_machine *sm,
 
+				   u8 *pos, size_t max_len,
 
+				   const u8 *req_ies, size_t req_ies_len)
 
+{
 
+	int res;
 
+
 
+	res = wpa_write_rsn_ie(&sm->wpa_auth->conf, pos, max_len, NULL);
 
+	if (res < 0)
 
+		return pos;
 
+	return pos + res;
 
+}
 
+#endif /* CONFIG_OWE */