From beae255a723b825d36bc2094a089a29221d391e8 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Fri, 24 Nov 2017 12:13:26 +0200 Subject: [PATCH] WPA: Check wpa_eapol_key_mic() result on TX Verify that nothing unexpected happened with EAPOL-Key Key MIC calculation when transmitting EAPOL-Key frames from the Authenticator. This should not be able to happen in practice, but if if it does, there is no point in sending out the frame without the correct Key MIC value. Signed-off-by: Jouni Malinen --- src/ap/wpa_auth.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index c0a22dae8..9e7ce96ca 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -1571,9 +1571,12 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth, return; } - wpa_eapol_key_mic(sm->PTK.kck, sm->PTK.kck_len, - sm->wpa_key_mgmt, version, - (u8 *) hdr, len, key_mic); + if (wpa_eapol_key_mic(sm->PTK.kck, sm->PTK.kck_len, + sm->wpa_key_mgmt, version, + (u8 *) hdr, len, key_mic) < 0) { + os_free(hdr); + return; + } #ifdef CONFIG_TESTING_OPTIONS if (!pairwise && wpa_auth->conf.corrupt_gtk_rekey_mic_probability > 0.0 && -- 2.47.2