From patchwork Thu Aug 20 05:31:16 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chittur Subramanian Raman X-Patchwork-Id: 1348177 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2001:8b0:10b:1231::1; helo=merlin.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=quarantine dis=none) header.from=maxlinear.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=merlin.20170209 header.b=N4jdbXGu; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=maxlinear.com header.i=@maxlinear.com header.a=rsa-sha256 header.s=selector header.b=sVSqFCDu; dkim-atps=neutral Received: from merlin.infradead.org (merlin.infradead.org [IPv6:2001:8b0:10b:1231::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4BXCvj0Y47z9sR4 for ; Thu, 20 Aug 2020 15:32:17 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Type: MIME-Version:Message-ID:Date:Subject:To:From:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Owner; bh=QDR6GrzkCg2NvhYN+gGPcsaFyvATpghD0GdLWzEwG28=; b=N4j dbXGuHeyIfWvGVr27SRa37lLe2e5QshWyaKbz8Lnrd5LZL+XITX1Y2GPkzBCi7e0Lc2kBMy2a4zpD rI7YnkIMlHmUBXLlVDiSalJVN/SaXX8zWMG8jjFmxycijT+2ZtX0MvjwzQJdBJh5e/CzbUquKI9G2 yHzVIIuN0Cz1qdzXsVSRl/JOOvUjbIS8ls5rDA0n55SVLn7S88UcEqo/c4fBaMWc+1J0N3aUkmWF1 Z+iOZrtoA6o1kgWrgacADqoHM24CjmFD1Hsj1Heo1pYjJvOLcMICdhSww2cc9BvN0aWeWt1MuqArg 7clpngPbKgA+zGZyEqMuIMOrsxXkExA==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k8dAX-0008EA-Ne; Thu, 20 Aug 2020 05:31:21 +0000 Received: from us-smtp-delivery-1.mimecast.com ([205.139.110.120] helo=us-smtp-1.mimecast.com) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k8dAV-0008DW-F0 for hostap@lists.infradead.org; Thu, 20 Aug 2020 05:31:20 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=maxlinear.com; s=selector; t=1597901478; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type; bh=56BLko4oJNzB3dPcDKu/Ke/zMfsB6yP66QL4efDYP58=; b=sVSqFCDuGhuE6lF44sTrnwFJwFPcPo2UDuGEpqicBZ3DPXdray+2/Rswn8i2n1PGnx9+DT k5c6HeiizdMfC1gXi9lBgl3MUdd1DMNXmYxj5RdBIarHE9ctr2Aw4bOqjBlL4/PvWd518R 7H8L29Ll0NbHqz6PKKhipETCw3/+38k= Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12lp2170.outbound.protection.outlook.com [104.47.55.170]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-30-WEonA1chMCCQj05XWdwX0Q-1; Thu, 20 Aug 2020 01:31:16 -0400 X-MC-Unique: WEonA1chMCCQj05XWdwX0Q-1 Received: from DM6PR19MB3788.namprd19.prod.outlook.com (2603:10b6:5:248::11) by DS7PR19MB4407.namprd19.prod.outlook.com (2603:10b6:5:2c0::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3283.20; Thu, 20 Aug 2020 05:31:16 +0000 Received: from DM6PR19MB3788.namprd19.prod.outlook.com ([fe80::4c77:23e:f0d0:646e]) by DM6PR19MB3788.namprd19.prod.outlook.com ([fe80::4c77:23e:f0d0:646e%3]) with mapi id 15.20.3305.025; Thu, 20 Aug 2020 05:31:16 +0000 From: Chittur Subramanian Raman To: "hostap@lists.infradead.org" Subject: [PATCH] Avoid Diffie-Hellman Element inclusion in Association Thread-Topic: [PATCH] Avoid Diffie-Hellman Element inclusion in Association Thread-Index: AdZ2sxVeVl7BG5q1Sj2PHstoMgaaaA== Date: Thu, 20 Aug 2020 05:31:16 +0000 Message-ID: Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-version: 11.5.1.3 dlp-reaction: no-action x-originating-ip: [106.51.234.139] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 4fd6366e-0b46-46be-9d4c-08d844ca4285 x-ms-traffictypediagnostic: DS7PR19MB4407: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:8273; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 2paz5FN52vJNsoX2kpNduE/54bfoeXxpba6dsMACE+uRRUso+p3p0/3lnVbD80rNcsK0w51NBtxxw/jsQukORCZGJdeSWLfLxcvMmFKrZnoGg4m78aWhRQkLBuzkeu4YqMiJufNP5Wi5lwhpuK+YNNEHgBiEobRwkMfZntFwelG5+Vt78aZw916NzmLko2nuwcTKW88uo49Ohy5oBjHvIKqbSXOHluJn2m/GVXpoetVanluoyhPqd+Qk1mODe8lo1KT33wkA9Mb2JU2s5X78LezWd5BEuS9q2K97XLh8AmIErDUUSTl0S0JlmPC/QSXHBPSYk6U2ITqgEmVMuehxNw== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR19MB3788.namprd19.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(39850400004)(396003)(376002)(346002)(366004)(66446008)(66616009)(66476007)(6916009)(83380400001)(71200400001)(4326008)(66946007)(64756008)(8936002)(8676002)(316002)(2906002)(52536014)(55236004)(186003)(66556008)(76116006)(86362001)(6506007)(478600001)(5660300002)(9686003)(26005)(107886003)(33656002)(99936003)(55016002)(7696005); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata: ngPZ8XLH2o0wbFixlnQRueWm5WKbE0SiF3J877UcQfiXSFxolWWeS4+8Ug3Zt3YjYnsvd8pdnxNimxIOwNOOScLusdhXPKQQ1U/c2BOhq3c6jK99/KrmiHEs3K8bVaA30XJrqBW3EfvBrbQZ0UTYm1e0JFsniFlhHoJXgh7yOYb51yBoH1RLGHFqdykzDJ8nwJI1Lf05VTxNA/BoiaTHG3gLh1xVedYaFNGPKAOQJlfdn3HQbvBHJvDRAcKd3K8DJYZoQKYjn72tugFg0HkkqrjtlO92Xoc3UINvLVz6LhPEX46sPn1kUUoTtYEPwiFnKOY3p0HHnWIgZUqbMNrrACvFxbXHTPs0ntbFLM/Mwrh26d+3XqGdhk+SfSWpHtWCiSeun+AUnbDOte31EmEqpr+QhVLINhKSPRra6zv/toib4mAhepJy3hpmTAhgrL11Fsq3NspRoU4uGAZwHGsNsAtiRZUcWHXNdbn0zfvDs01yGy0xYSusW5TtQzQrZ8pfXvpiMoUgHEPfcxY3vSGvQsp6B55dXDNOqxTPLWTaGPeN9ocQ8mB4TB+WjGdKJgsHuFadXasDwMDffQvZtBk0an6yOW++2ICG2WQ7UIs214+vNdEuSsWjZ6ePaP8QZqzC+AsDrS+WHQCXO7HLykBl/A== MIME-Version: 1.0 X-OriginatorOrg: maxlinear.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DM6PR19MB3788.namprd19.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 4fd6366e-0b46-46be-9d4c-08d844ca4285 X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Aug 2020 05:31:16.1268 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: dac28005-13e0-41b8-8280-7663835f2b1d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: L6cv/8y/qVJIm4isFVmpF/HqSgxVCCyICrBcOxPlRn9gZiEFezbxXcN4XB1bOUO3vIZy+dgYGLbO85E38FFuiw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS7PR19MB4407 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA115A51 smtp.mailfrom=craman@maxlinear.com X-Mimecast-Spam-Score: 0.002 X-Mimecast-Originator: maxlinear.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200820_013119_553416_7BA48D76 X-CRM114-Status: GOOD ( 12.10 ) X-Spam-Score: 1.3 (+) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (1.3 points) pts rule name description ---- ---------------------- -------------------------------------------------- 1.5 RCVD_IN_SORBS_WEB RBL: SORBS: sender is an abusable web server [106.51.234.139 listed in dnsbl.sorbs.net] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [205.139.110.120 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [205.139.110.120 listed in list.dnswl.org] 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Chittur Subramanian Raman Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Avoid Diffie-Hellman Element inclusion in Association Response frame from AP in case of PMKSA caching. As per RFC 8110 - Opportunistic Wireless Encryption, if the AP has the PMK identified by the PMKID and wishes to perform "PMK caching", he will include the PMKID in his 802.11 association response but does not include a Diffie-Hellman Parameter element. Signed-off-by: Chittur Subramanian Raman --- src/ap/ieee802_11.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index b91640070..c98e77103 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -3890,7 +3890,8 @@ rsnxe_done: #ifdef CONFIG_OWE if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) && sta && sta->owe_ecdh && status_code == WLAN_STATUS_SUCCESS && - wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_OWE) { + wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_OWE && + !wpa_auth_sta_get_pmksa(sta->wpa_sm)) { struct wpabuf *pub; pub = crypto_ecdh_get_pubkey(sta->owe_ecdh, 0);