mirror of
https://github.com/Telecominfraproject/wlan-ap.git
synced 2025-10-30 01:52:51 +00:00
49 lines
1.7 KiB
Diff
49 lines
1.7 KiB
Diff
Index: hostapd-2021-02-20-59e9794c/src/ap/wpa_auth_ft.c
|
|
===================================================================
|
|
--- hostapd-2021-02-20-59e9794c.orig/src/ap/wpa_auth_ft.c
|
|
+++ hostapd-2021-02-20-59e9794c/src/ap/wpa_auth_ft.c
|
|
@@ -3067,6 +3067,7 @@ static int wpa_ft_process_auth_req(struc
|
|
size_t identity_len = 0, radius_cui_len = 0;
|
|
int use_sha384;
|
|
size_t pmk_r1_len, kdk_len;
|
|
+ struct os_reltime now;
|
|
|
|
*resp_ies = NULL;
|
|
*resp_ies_len = 0;
|
|
@@ -3185,10 +3186,19 @@ pmk_r1_derived:
|
|
os_memcpy(sm->pmk_r1, pmk_r1, pmk_r1_len);
|
|
sm->pmk_r1_len = pmk_r1_len;
|
|
|
|
- if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) {
|
|
- wpa_printf(MSG_DEBUG, "FT: Failed to get random data for "
|
|
- "ANonce");
|
|
- return WLAN_STATUS_UNSPECIFIED_FAILURE;
|
|
+ if (os_get_reltime(&now) < 0 ||
|
|
+ os_reltime_expired(&now, &sm->ANonce_time, 1)) {
|
|
+ if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) {
|
|
+ wpa_printf(MSG_DEBUG, "FT: Failed to get random data for "
|
|
+ "ANonce");
|
|
+ return WLAN_STATUS_UNSPECIFIED_FAILURE;
|
|
+ }
|
|
+ sm->ANonce_time.sec = now.sec;
|
|
+ sm->ANonce_time.usec = now.usec;
|
|
+ wpa_printf(MSG_INFO, "FT: ANonce was randomized");
|
|
+ } else {
|
|
+ wpa_printf(MSG_INFO, "FT: ANonce has not expired");
|
|
+
|
|
}
|
|
|
|
wpa_hexdump(MSG_DEBUG, "FT: Received SNonce",
|
|
Index: hostapd-2021-02-20-59e9794c/src/ap/wpa_auth_i.h
|
|
===================================================================
|
|
--- hostapd-2021-02-20-59e9794c.orig/src/ap/wpa_auth_i.h
|
|
+++ hostapd-2021-02-20-59e9794c/src/ap/wpa_auth_i.h
|
|
@@ -54,6 +54,7 @@ struct wpa_state_machine {
|
|
bool MICVerified;
|
|
bool GUpdateStationKeys;
|
|
u8 ANonce[WPA_NONCE_LEN];
|
|
+ struct os_reltime ANonce_time;
|
|
u8 SNonce[WPA_NONCE_LEN];
|
|
u8 alt_SNonce[WPA_NONCE_LEN];
|
|
u8 alt_replay_counter[WPA_REPLAY_COUNTER_LEN];
|