diff options
| author | Joshua Oreman <oremanj@rwcr.net> | 2010-05-18 23:39:32 -0400 |
|---|---|---|
| committer | Michael Brown <mcb30@ipxe.org> | 2010-05-27 01:18:25 +0100 |
| commit | 723cfad316c1fa9b0333bbc0f2059283499525f0 (patch) | |
| tree | 25e43ff9e87aa0105c3b2d742e51a74c0a851671 /src/net/80211 | |
| parent | 83efb3d7503d5948fae42d64f95597182045ca04 (diff) | |
| download | ipxe-723cfad316c1fa9b0333bbc0f2059283499525f0.tar.gz | |
[wpa] Remove PMKID checking
PMKID checking is an additional pre-check that helps detect invalid
passphrases before going through the full handshaking procedure. It
takes up some amount of code size, and is not necessary from a
security perspective. It also is implemented improperly by some
routers, which was causing iPXE to give spurious authentication
errors. Remove it for these reasons.
Signed-off-by: Joshua Oreman <oremanj@rwcr.net>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/net/80211')
| -rw-r--r-- | src/net/80211/wpa.c | 64 |
1 files changed, 0 insertions, 64 deletions
diff --git a/src/net/80211/wpa.c b/src/net/80211/wpa.c index 3e78c8d58..132d14ca5 100644 --- a/src/net/80211/wpa.c +++ b/src/net/80211/wpa.c @@ -269,44 +269,6 @@ void wpa_stop ( struct net80211_device *dev ) /** - * Check PMKID consistency - * - * @v ctx WPA common context - * @v pmkid PMKID to check against (16 bytes long) - * @ret rc Zero if they match, or a negative error code if not - */ -int wpa_check_pmkid ( struct wpa_common_ctx *ctx, const u8 *pmkid ) -{ - u8 sha1_ctx[SHA1_CTX_SIZE]; - u8 my_pmkid[SHA1_SIZE]; - u8 pmk[ctx->pmk_len]; - size_t pmk_len; - struct { - char name[8]; - u8 aa[ETH_ALEN]; - u8 spa[ETH_ALEN]; - } __attribute__ (( packed )) pmkid_data; - - memcpy ( pmk, ctx->pmk, ctx->pmk_len ); - pmk_len = ctx->pmk_len; - - memcpy ( pmkid_data.name, "PMK Name", 8 ); - memcpy ( pmkid_data.aa, ctx->dev->bssid, ETH_ALEN ); - memcpy ( pmkid_data.spa, ctx->dev->netdev->ll_addr, ETH_ALEN ); - - hmac_init ( &sha1_algorithm, sha1_ctx, pmk, &pmk_len ); - hmac_update ( &sha1_algorithm, sha1_ctx, &pmkid_data, - sizeof ( pmkid_data ) ); - hmac_final ( &sha1_algorithm, sha1_ctx, pmk, &pmk_len, my_pmkid ); - - if ( memcmp ( my_pmkid, pmkid, WPA_PMKID_LEN ) != 0 ) - return -EACCES; - - return 0; -} - - -/** * Derive pairwise transient key * * @v ctx WPA common context @@ -546,8 +508,6 @@ static int wpa_handle_1_of_4 ( struct wpa_common_ctx *ctx, struct eapol_key_pkt *pkt, int is_rsn, struct wpa_kie *kie ) { - int rc; - if ( ctx->state == WPA_WAITING ) return -EINVAL; @@ -558,30 +518,6 @@ static int wpa_handle_1_of_4 ( struct wpa_common_ctx *ctx, ctx->have_Snonce = 1; } - if ( is_rsn && pkt->datalen ) { - union ieee80211_ie *ie = ( union ieee80211_ie * ) pkt->data; - void *ie_end = pkt->data + pkt->datalen; - - if ( ! ieee80211_ie_bound ( ie, ie_end ) ) { - DBGC ( ctx, "WPA %p: malformed PMKID KDE\n", ctx ); - return wpa_fail ( ctx, -EINVAL ); - } - - while ( ie ) { - if ( ie->id == IEEE80211_IE_VENDOR && - ie->vendor.oui == WPA_KDE_PMKID ) { - rc = wpa_check_pmkid ( ctx, ie->vendor.data ); - if ( rc < 0 ) { - DBGC ( ctx, "WPA %p ALERT: PMKID " - "mismatch in 1/4\n", ctx ); - return wpa_fail ( ctx, rc ); - } - } - - ie = ieee80211_next_ie ( ie, ie_end ); - } - } - DBGC ( ctx, "WPA %p: received 1/4, looks OK\n", ctx ); wpa_derive_ptk ( ctx ); |