aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2010-03-30 05:57:10 (GMT)
committerJouni Malinen <j@w1.fi>2010-03-30 05:57:10 (GMT)
commit7b1080daddb118e3ef2c1a4ed298a666aea35efe (patch)
treea3be9fae6597f2e3502b0b3d59a0b696e72077a5
parent32d5295f9d2571323dcdeefc4ab7c138f0fe6e59 (diff)
downloadhostap-7b1080daddb118e3ef2c1a4ed298a666aea35efe.zip
hostap-7b1080daddb118e3ef2c1a4ed298a666aea35efe.tar.gz
hostap-7b1080daddb118e3ef2c1a4ed298a666aea35efe.tar.bz2
MFP: Fix IGTK PN in group rekeying
IGTK get_seqnum needs to be skipped in the same way as GTK one when rekeying group keys. Previously, the old PN value (the one from the previous key) was indicated and that resulted in MMIE replay detection at the station.
-rw-r--r--src/ap/wpa_auth.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 93ccb76..12290dd 100644
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -1535,7 +1535,8 @@ static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos)
igtk.keyid[0] = gsm->GN_igtk;
igtk.keyid[1] = 0;
- if (wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, igtk.pn) < 0)
+ if (gsm->wpa_group_state != WPA_GROUP_SETKEYSDONE ||
+ wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, igtk.pn) < 0)
os_memset(igtk.pn, 0, sizeof(igtk.pn));
os_memcpy(igtk.igtk, gsm->IGTK[gsm->GN_igtk - 4], WPA_IGTK_LEN);
pos = wpa_add_kde(pos, RSN_KEY_DATA_IGTK,