]> git.ipfire.org Git - thirdparty/hostap.git/commitdiff
SAE: Check that peer's rejected groups are not enabled
authorJouni Malinen <jouni@codeaurora.org>
Fri, 6 Sep 2019 12:40:39 +0000 (15:40 +0300)
committerJouni Malinen <j@w1.fi>
Tue, 15 Oct 2019 12:39:22 +0000 (15:39 +0300)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
wpa_supplicant/sme.c

index 6b50fe72aaf8ffb19425c4d2ff9a7991973049bc..fbec8967f8027994781ac43c1a302a578425b5ac 100644 (file)
@@ -1093,6 +1093,52 @@ void sme_external_auth_trigger(struct wpa_supplicant *wpa_s,
 }
 
 
+static int sme_sae_is_group_enabled(struct wpa_supplicant *wpa_s, int group)
+{
+       int *groups = wpa_s->conf->sae_groups;
+       int default_groups[] = { 19, 20, 21, 0 };
+       int i;
+
+       if (!groups)
+               groups = default_groups;
+
+       for (i = 0; groups[i] > 0; i++) {
+               if (groups[i] == group)
+                       return 1;
+       }
+
+       return 0;
+}
+
+
+static int sme_check_sae_rejected_groups(struct wpa_supplicant *wpa_s,
+                                        const struct wpabuf *groups)
+{
+       size_t i, count;
+       const u8 *pos;
+
+       if (!groups)
+               return 0;
+
+       pos = wpabuf_head(groups);
+       count = wpabuf_len(groups) / 2;
+       for (i = 0; i < count; i++) {
+               int enabled;
+               u16 group;
+
+               group = WPA_GET_LE16(pos);
+               pos += 2;
+               enabled = sme_sae_is_group_enabled(wpa_s, group);
+               wpa_printf(MSG_DEBUG, "SAE: Rejected group %u is %s",
+                          group, enabled ? "enabled" : "disabled");
+               if (enabled)
+                       return 1;
+       }
+
+       return 0;
+}
+
+
 static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction,
                        u16 status_code, const u8 *data, size_t len,
                        int external, const u8 *sa)
@@ -1201,6 +1247,12 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction,
                if (res != WLAN_STATUS_SUCCESS)
                        return -1;
 
+               if (wpa_s->sme.sae.tmp &&
+                   sme_check_sae_rejected_groups(
+                           wpa_s,
+                           wpa_s->sme.sae.tmp->peer_rejected_groups) < 0)
+                       return -1;
+
                if (sae_process_commit(&wpa_s->sme.sae) < 0) {
                        wpa_printf(MSG_DEBUG, "SAE: Failed to process peer "
                                   "commit");