From: Jouni Malinen <jouni@qca.qualcomm.com>
Date: Fri, 17 Feb 2017 09:35:35 +0000 (+0200)
Subject: Mark RSN msg 1/2 key data debug dump as key material
X-Git-Tag: hostap_2_7~1575
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ecbdc1a1fc0b0c4a08fb07181a9ba0c9a23f70ac;p=thirdparty%2Fhostap.git

Mark RSN msg 1/2 key data debug dump as key material

This debug print can include GTK and IGTK, so use wpa_hexdump_key()
instead of wpa_hexdump() for it to avoid undesired exposure of keys in
debug log.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
---

diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index a95c794ac..134987338 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -1393,7 +1393,8 @@ static int wpa_supplicant_process_1_of_2_rsn(struct wpa_sm *sm,
 	int maxkeylen;
 	struct wpa_eapol_ie_parse ie;
 
-	wpa_hexdump(MSG_DEBUG, "RSN: msg 1/2 key data", keydata, keydatalen);
+	wpa_hexdump_key(MSG_DEBUG, "RSN: msg 1/2 key data",
+			keydata, keydatalen);
 	if (wpa_supplicant_parse_ies(keydata, keydatalen, &ie) < 0)
 		return -1;
 	if (ie.gtk && !(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) {