Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_wpa_supplicant_8 / cf3d32697462903daaaa0e11bc9031e0366ffa46
commitcf3d32697462903daaaa0e11bc9031e0366ffa46[log] [tgz]
authorMathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>Wed Jul 12 16:03:24 2017 +0200
committerGlen Kuhne <kuh@google.com>Tue Sep 19 14:06:18 2017 -0700
treeb62fd07f6d225cc7ace4ffce8a29916966663322
parenta01347240c781d1c9cd4c4ed342796f7910597b9 [diff]
Prevent reinstallation of an already in-use group key

Track the current GTK and IGTK that is in use and when receiving a
(possibly retransmitted) Group Message 1 or WNM-Sleep Mode Response, do
not install the given key if it is already in use. This prevents an
attacker from trying to trick the client into resetting or lowering the
sequence counter associated to the group key.

Change-Id: I6c63c06b6b2fb289549289051e7024859bd8a5c0
Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
Signed-off-by: Glen Kuhne <kuh@google.com>
Merged-In: I54f22e16b4fca5c541fd7f7e6cf6c9503e875f4e
Bug: 65245581
Test: WiFi integration tests
3 files changed
tree: b62fd07f6d225cc7ace4ffce8a29916966663322
  1. hostapd/
  2. hs20/
  3. src/
  4. wpa_supplicant/
  5. .gitignore
  6. Android.mk
  7. CleanSpec.mk
  8. CONTRIBUTIONS
  9. COPYING
  10. MODULE_LICENSE_BSD_LIKE
  11. README