aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant/config.c
diff options
context:
space:
mode:
authorMax Stepanov <Max.Stepanov@intel.com>2015-10-14 09:26:33 (GMT)
committerJouni Malinen <j@w1.fi>2015-11-01 19:00:22 (GMT)
commit73ed03f33323414ba02e50c15149bcb1c37d57e8 (patch)
tree861aaa8f5bbddd46b1bd588a6cf21bc2de64f984 /wpa_supplicant/config.c
parentea6030c77f119056868e9b8df06f3200943c61ef (diff)
downloadhostap-73ed03f33323414ba02e50c15149bcb1c37d57e8.zip
hostap-73ed03f33323414ba02e50c15149bcb1c37d57e8.tar.gz
hostap-73ed03f33323414ba02e50c15149bcb1c37d57e8.tar.bz2
wpa_supplicant: Add GTK RSC relaxation workaround
Some APs may send RSC octets in EAPOL-Key message 3 of 4-Way Handshake or in EAPOL-Key message 1 of Group Key Handshake in the opposite byte order (or by some other corrupted way). Thus, after a successful EAPOL-Key exchange the TSC values of received multicast packets, such as DHCP, don't match the RSC one and as a result these packets are dropped on replay attack TSC verification. An example of such AP is Sapido RB-1732. Work around this by setting RSC octets to 0 on GTK installation if the AP RSC value is identified as a potentially having the byte order issue. This may open a short window during which older (but valid) group-addressed frames could be replayed. However, the local receive counter will be updated on the first received group-addressed frame and the workaround is enabled only if the common invalid cases are detected, so this workaround is acceptable as not decreasing security significantly. The wpa_rsc_relaxation global configuration property allows the GTK RSC workaround to be disabled if it's not needed. Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Diffstat (limited to 'wpa_supplicant/config.c')
-rw-r--r--wpa_supplicant/config.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
index 03b91a2..db5de5f 100644
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -3540,6 +3540,7 @@ struct wpa_config * wpa_config_alloc_empty(const char *ctrl_interface,
config->rand_addr_lifetime = DEFAULT_RAND_ADDR_LIFETIME;
config->key_mgmt_offload = DEFAULT_KEY_MGMT_OFFLOAD;
config->cert_in_cb = DEFAULT_CERT_IN_CB;
+ config->wpa_rsc_relaxation = DEFAULT_WPA_RSC_RELAXATION;
if (ctrl_interface)
config->ctrl_interface = os_strdup(ctrl_interface);
@@ -4246,6 +4247,7 @@ static const struct global_parse_data global_fields[] = {
{ INT_RANGE(fst_priority, 1, FST_MAX_PRIO_VALUE), 0 },
{ INT_RANGE(fst_llt, 1, FST_MAX_LLT_MS), 0 },
#endif /* CONFIG_FST */
+ { INT_RANGE(wpa_rsc_relaxation, 0, 1), 0 },
};
#undef FUNC