Re: net80211: fix WEP

[Peter Hessler]

On 2018 Apr 27 (Fri) at 17:45:44 +0300 (+0300), Paul Irofti wrote:
:On Fri, Apr 27, 2018 at 04:30:50PM +0200, Stefan Sperling wrote:
:> We just found out that WEP has been broken since August 2017.
:> Apparently not many people noticed. The commit which broke
:> it was:
:> 
:> [[[
:>     CVSROOT: /cvs
:>     Module name:     src
:>     Changes by:      s...@cvs.openbsd.org    2017/08/18 11:30:12
:>     
:>     Modified files:
:>      sys/net80211   : ieee80211_crypto.c ieee80211_crypto.h 
:>                       ieee80211_proto.c 
:>     
:>     Log message:
:>     Clear WPA group keys from memory before initiating a key exchange
:>     with an access point. Prevents false positive 'reused group key'
:>     warnings in dmesg when re-associating to the same access point.
:>     Problem reported by tb@
:>     ok tb@
:> ]]]
:> 
:> Clear group keys in iee80211_newstate only if we're doing WPA.
:> Otherwise, ieee80211_crypto_clear_groupkeys() will clear WEP
:> keys configured by userland before associating.
:> (All WEP keys are group keys.)
:
:Hahahahha, isn't IEEE80211_F_WEPON a better flag to test?
:

As I understand it, we want to clear the group keys for WPA* (RSN).  So
it's better to check for the reason why.

:If not, OK.
:
:> 
:> Index: ieee80211_proto.c
:> ===================================================================
:> RCS file: /cvs/src/sys/net80211/ieee80211_proto.c,v
:> retrieving revision 1.83
:> diff -u -p -r1.83 ieee80211_proto.c
:> --- ieee80211_proto.c        6 Feb 2018 22:14:52 -0000       1.83
:> +++ ieee80211_proto.c        27 Apr 2018 14:00:22 -0000
:> @@ -948,7 +948,8 @@ justcleanup:
:>                      break;
:>              }
:>              ni->ni_rsn_supp_state = RSNA_SUPP_INITIALIZE;
:> -            ieee80211_crypto_clear_groupkeys(ic);
:> +            if (ic->ic_flags & IEEE80211_F_RSNON)
:> +                    ieee80211_crypto_clear_groupkeys(ic);
:>              break;
:>      case IEEE80211_S_SCAN:
:>              ic->ic_flags &= ~IEEE80211_F_SIBSS;
:> @@ -960,7 +961,8 @@ justcleanup:
:>              ni->ni_associd = 0;
:>              ni->ni_rstamp = 0;
:>              ni->ni_rsn_supp_state = RSNA_SUPP_INITIALIZE;
:> -            ieee80211_crypto_clear_groupkeys(ic);
:> +            if (ic->ic_flags & IEEE80211_F_RSNON)
:> +                    ieee80211_crypto_clear_groupkeys(ic);
:>              switch (ostate) {
:>              case IEEE80211_S_INIT:
:>  #ifndef IEEE80211_STA_ONLY
:> @@ -1006,7 +1008,8 @@ justcleanup:
:>              break;
:>      case IEEE80211_S_AUTH:
:>              ni->ni_rsn_supp_state = RSNA_SUPP_INITIALIZE;
:> -            ieee80211_crypto_clear_groupkeys(ic);
:> +            if (ic->ic_flags & IEEE80211_F_RSNON)
:> +                    ieee80211_crypto_clear_groupkeys(ic);
:>              switch (ostate) {
:>              case IEEE80211_S_INIT:
:>                      if (ifp->if_flags & IFF_DEBUG)
:

-- 
Thou shalt not omit adultery.