Re: net80211: fix WEP

Fri, 27 Apr 2018 07:46:22 -0700 

On Fri, Apr 27, 2018 at 04:30:50PM +0200, Stefan Sperling wrote:
> We just found out that WEP has been broken since August 2017.
> Apparently not many people noticed. The commit which broke
> it was:
> 
> [[[
>     CVSROOT:  /cvs
>     Module name:      src
>     Changes by:       [email protected]    2017/08/18 11:30:12
>     
>     Modified files:
>       sys/net80211   : ieee80211_crypto.c ieee80211_crypto.h 
>                        ieee80211_proto.c 
>     
>     Log message:
>     Clear WPA group keys from memory before initiating a key exchange
>     with an access point. Prevents false positive 'reused group key'
>     warnings in dmesg when re-associating to the same access point.
>     Problem reported by tb@
>     ok tb@
> ]]]
> 
> Clear group keys in iee80211_newstate only if we're doing WPA.
> Otherwise, ieee80211_crypto_clear_groupkeys() will clear WEP
> keys configured by userland before associating.
> (All WEP keys are group keys.)

Hahahahha, isn't IEEE80211_F_WEPON a better flag to test?

If not, OK.

> 
> Index: ieee80211_proto.c
> ===================================================================
> RCS file: /cvs/src/sys/net80211/ieee80211_proto.c,v
> retrieving revision 1.83
> diff -u -p -r1.83 ieee80211_proto.c
> --- ieee80211_proto.c 6 Feb 2018 22:14:52 -0000       1.83
> +++ ieee80211_proto.c 27 Apr 2018 14:00:22 -0000
> @@ -948,7 +948,8 @@ justcleanup:
>                       break;
>               }
>               ni->ni_rsn_supp_state = RSNA_SUPP_INITIALIZE;
> -             ieee80211_crypto_clear_groupkeys(ic);
> +             if (ic->ic_flags & IEEE80211_F_RSNON)
> +                     ieee80211_crypto_clear_groupkeys(ic);
>               break;
>       case IEEE80211_S_SCAN:
>               ic->ic_flags &= ~IEEE80211_F_SIBSS;
> @@ -960,7 +961,8 @@ justcleanup:
>               ni->ni_associd = 0;
>               ni->ni_rstamp = 0;
>               ni->ni_rsn_supp_state = RSNA_SUPP_INITIALIZE;
> -             ieee80211_crypto_clear_groupkeys(ic);
> +             if (ic->ic_flags & IEEE80211_F_RSNON)
> +                     ieee80211_crypto_clear_groupkeys(ic);
>               switch (ostate) {
>               case IEEE80211_S_INIT:
>  #ifndef IEEE80211_STA_ONLY
> @@ -1006,7 +1008,8 @@ justcleanup:
>               break;
>       case IEEE80211_S_AUTH:
>               ni->ni_rsn_supp_state = RSNA_SUPP_INITIALIZE;
> -             ieee80211_crypto_clear_groupkeys(ic);
> +             if (ic->ic_flags & IEEE80211_F_RSNON)
> +                     ieee80211_crypto_clear_groupkeys(ic);
>               switch (ostate) {
>               case IEEE80211_S_INIT:
>                       if (ifp->if_flags & IFF_DEBUG)

Reply via email to