path: root/wpa_supplicant/config_file.c
diff options
authorMax Stepanov <Max.Stepanov@intel.com>2015-10-14 09:26:33 (GMT)
committerJouni Malinen <j@w1.fi>2015-11-01 19:00:22 (GMT)
commit73ed03f33323414ba02e50c15149bcb1c37d57e8 (patch)
tree861aaa8f5bbddd46b1bd588a6cf21bc2de64f984 /wpa_supplicant/config_file.c
parentea6030c77f119056868e9b8df06f3200943c61ef (diff)
wpa_supplicant: Add GTK RSC relaxation workaround
Some APs may send RSC octets in EAPOL-Key message 3 of 4-Way Handshake or in EAPOL-Key message 1 of Group Key Handshake in the opposite byte order (or by some other corrupted way). Thus, after a successful EAPOL-Key exchange the TSC values of received multicast packets, such as DHCP, don't match the RSC one and as a result these packets are dropped on replay attack TSC verification. An example of such AP is Sapido RB-1732. Work around this by setting RSC octets to 0 on GTK installation if the AP RSC value is identified as a potentially having the byte order issue. This may open a short window during which older (but valid) group-addressed frames could be replayed. However, the local receive counter will be updated on the first received group-addressed frame and the workaround is enabled only if the common invalid cases are detected, so this workaround is acceptable as not decreasing security significantly. The wpa_rsc_relaxation global configuration property allows the GTK RSC workaround to be disabled if it's not needed. Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Diffstat (limited to 'wpa_supplicant/config_file.c')
1 files changed, 4 insertions, 0 deletions
diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c
index fb438ea..215388c 100644
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
@@ -1299,6 +1299,10 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config)
if (config->wps_priority)
fprintf(f, "wps_priority=%d\n", config->wps_priority);
+ if (config->wpa_rsc_relaxation != DEFAULT_WPA_RSC_RELAXATION)
+ fprintf(f, "wpa_rsc_relaxation=%d\n",
+ config->wpa_rsc_relaxation);