Last commit made on 2017-10-16
Get this branch:
git clone -b hostapd/2.6 https://git.launchpad.net/~snappy-hwe-team/snappy-hwe-snaps/+git/wifi-ap
Members of Snappy HWE Team can upload to this branch. Log in for directions.

Branch merges

Branch information

Recent commits

0125bab... by System Enablement CI Bot <email address hidden>

Merge remote tracking branch hostapd-2.6-krack-fixes

Merge-Proposal: https://code.launchpad.net/~morphis/snappy-hwe-snaps/+git/wifi-ap/+merge/332311

Author: Simon Fels <email address hidden>

Apply CVE fixes for Krack attack

See https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt for details on the different CVEs this fixes.

All patches are taken from upstream except rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch as it only applies for wpa-supplicant which we don't ship in our tree here.

71a9967... by Jouni Malinen

FT: Do not allow multiple Reassociation Response frames

The driver is expected to not report a second association event without
the station having explicitly request a new association. As such, this
case should not be reachable. However, since reconfiguring the same
pairwise or group keys to the driver could result in nonce reuse issues,
be extra careful here and do an additional state check to avoid this
even if the local driver ends up somehow accepting an unexpected
Reassociation Response frame.

Signed-off-by: Jouni Malinen <email address hidden>

9e45c23... by Jouni Malinen

TDLS: Reject TPK-TK reconfiguration

Do not try to reconfigure the same TPK-TK to the driver after it has
been successfully configured. This is an explicit check to avoid issues
related to resetting the TX/RX packet number. There was already a check
for this for TPK M2 (retries of that message are ignored completely), so
that behavior does not get modified.

For TPK M3, the TPK-TK could have been reconfigured, but that was
followed by immediate teardown of the link due to an issue in updating
the STA entry. Furthermore, for TDLS with any real security (i.e.,
ignoring open/WEP), the TPK message exchange is protected on the AP path
and simple replay attacks are not feasible.

As an additional corner case, make sure the local nonce gets updated if
the peer uses a very unlikely "random nonce" of all zeros.

Signed-off-by: Jouni Malinen <email address hidden>

63148a6... by Jouni Malinen

Fix PTK rekeying to generate a new ANonce

The Authenticator state machine path for PTK rekeying ended up bypassing
the AUTHENTICATION2 state where a new ANonce is generated when going
directly to the PTKSTART state since there is no need to try to
determine the PMK again in such a case. This is far from ideal since the
new PTK would depend on a new nonce only from the supplicant.

Fix this by generating a new ANonce when moving to the PTKSTART state
for the purpose of starting new 4-way handshake to rekey PTK.

Signed-off-by: Jouni Malinen <email address hidden>

fe0cf47... by Mathy Vanhoef <email address hidden>

Prevent installation of an all-zero TK

Properly track whether a PTK has already been installed to the driver
and the TK part cleared from memory. This prevents an attacker from
trying to trick the client into installing an all-zero TK.

This fixes the earlier fix in commit
ad00d64e7d8827b3cebd665a0ceb08adabf15e1e ('Fix TK configuration to the
driver in EAPOL-Key 3/4 retry case') which did not take into account
possibility of an extra message 1/4 showing up between retries of
message 3/4.

Signed-off-by: Mathy Vanhoef <email address hidden>

a8051b5... by Jouni Malinen

Extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases

This extends the protection to track last configured GTK/IGTK value
separately from EAPOL-Key frames and WNM-Sleep Mode frames to cover a
corner case where these two different mechanisms may get used when the
GTK/IGTK has changed and tracking a single value is not sufficient to
detect a possible key reconfiguration.

Signed-off-by: Jouni Malinen <email address hidden>

f00db73... by Mathy Vanhoef <email address hidden>

Prevent reinstallation of an already in-use group key

Track the current GTK and IGTK that is in use and when receiving a
(possibly retransmitted) Group Message 1 or WNM-Sleep Mode Response, do
not install the given key if it is already in use. This prevents an
attacker from trying to trick the client into resetting or lowering the
sequence counter associated to the group key.

Signed-off-by: Mathy Vanhoef <email address hidden>

8b79ceb... by Mathy Vanhoef <email address hidden>

hostapd: Avoid key reinstallation in FT handshake

Do not reinstall TK to the driver during Reassociation Response frame
processing if the first attempt of setting the TK succeeded. This avoids
issues related to clearing the TX/RX PN that could result in reusing
same PN values for transmitted frames (e.g., due to CCM nonce reuse and
also hitting replay protection on the receiver) and accepting replayed
frames on RX side.

This issue was introduced by the commit
0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
authenticator') which allowed wpa_ft_install_ptk() to be called multiple
times with the same PTK. While the second configuration attempt is
needed with some drivers, it must be done only if the first attempt

Signed-off-by: Mathy Vanhoef <email address hidden>

dd0b0f1... by Simon Fels

[SNAPPY] Add simple toplevel make file

9c19f4f... by Simon Fels

[SNAPPY] Add default build configuration

Based on the Ubuntu default configuration