WPA: Check wpa_eapol_key_mic() result on TX

Verify that nothing unexpected happened with EAPOL-Key Key MIC
calculation when transmitting EAPOL-Key frames from the Authenticator.
This should not be able to happen in practice, but if if it does, there
is no point in sending out the frame without the correct Key MIC value.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index c0a22dae8aaa19ca293c9ff5de4a0719c75707b1..9e7ce96ca86e518f28de8125b615029580a6575a 100644 (file)
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -1571,9 +1571,12 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth,
                        return;
                }
 
-               wpa_eapol_key_mic(sm->PTK.kck, sm->PTK.kck_len,
-                                 sm->wpa_key_mgmt, version,
-                                 (u8 *) hdr, len, key_mic);
+               if (wpa_eapol_key_mic(sm->PTK.kck, sm->PTK.kck_len,
+                                     sm->wpa_key_mgmt, version,
+                                     (u8 *) hdr, len, key_mic) < 0) {
+                       os_free(hdr);
+                       return;
+               }
 #ifdef CONFIG_TESTING_OPTIONS
                if (!pairwise &&
                    wpa_auth->conf.corrupt_gtk_rekey_mic_probability > 0.0 &&