]> git.ipfire.org Git - thirdparty/hostap.git/commit
projects / thirdparty / hostap.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1a7963e) | patch
STA: Allow PTK rekeying without Ext KeyID to be disabled as a workaround
authorAlexander Wetzel <alexander@wetzel-home.de>
Fri, 10 Jan 2020 22:19:09 +0000 (23:19 +0100)
committerJouni Malinen <j@w1.fi>
Sun, 23 Feb 2020 11:05:19 +0000 (13:05 +0200)
commit1f90a49d028debceb748ab91b7685ae774451e8f
tree039a94724d640b46232122ec7a9d311fe665be7ftree | snapshot
parent1a7963e36fa67b865fd1486ce863e612e6b6a052commit | diff
STA: Allow PTK rekeying without Ext KeyID to be disabled as a workaround

Rekeying a pairwise key using only keyid 0 (PTK0 rekey) has many broken
implementations and should be avoided when using or interacting with
one. The effects can be triggered by either end of the connection and
range from hardly noticeable disconnects over long connection freezes up
to leaking clear text MPDUs.

To allow affected users to mitigate the issues, add a new configuration
option "wpa_deny_ptk0_rekey" to replace all PTK0 rekeys with fast
reconnects.

Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
18 files changed:
src/eapol_supp/eapol_supp_sm.c diff | blob | blame | history
src/eapol_supp/eapol_supp_sm.h diff | blob | blame | history
src/rsn_supp/wpa.c diff | blob | blame | history
src/rsn_supp/wpa.h diff | blob | blame | history
src/rsn_supp/wpa_i.h diff | blob | blame | history
wpa_supplicant/ap.c diff | blob | blame | history
wpa_supplicant/config.c diff | blob | blame | history
wpa_supplicant/config_file.c diff | blob | blame | history
wpa_supplicant/config_ssid.h diff | blob | blame | history
wpa_supplicant/ctrl_iface.c diff | blob | blame | history
wpa_supplicant/events.c diff | blob | blame | history
wpa_supplicant/ibss_rsn.c diff | blob | blame | history
wpa_supplicant/preauth_test.c diff | blob | blame | history
wpa_supplicant/wpa_cli.c diff | blob | blame | history
wpa_supplicant/wpa_supplicant.c diff | blob | blame | history
wpa_supplicant/wpa_supplicant.conf diff | blob | blame | history
wpa_supplicant/wpa_supplicant_i.h diff | blob | blame | history
wpa_supplicant/wpas_glue.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.