From owner-svn-src-all@freebsd.org  Sun Nov 12 14:26:23 2017
Return-Path: <owner-svn-src-all@freebsd.org>
Delivered-To: svn-src-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 33E48E72D8A;
 Sun, 12 Nov 2017 14:26:23 +0000 (UTC)
 (envelope-from cy.schubert@komquats.com)
Received: from smtp-out-so.shaw.ca (smtp-out-so.shaw.ca [64.59.136.139])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "Client", Issuer "CA" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id CD72C69838;
 Sun, 12 Nov 2017 14:26:22 +0000 (UTC)
 (envelope-from cy.schubert@komquats.com)
Received: from spqr.komquats.com ([96.50.22.10]) by shaw.ca with SMTP
 id DtDAeUi1n8LPZDtDDeDlX2; Sun, 12 Nov 2017 07:26:16 -0700
X-Authority-Analysis: v=2.2 cv=e552ceh/ c=1 sm=1 tr=0
 a=jvE2nwUzI0ECrNeyr98KWA==:117 a=jvE2nwUzI0ECrNeyr98KWA==:17
 a=sC3jslCIGhcA:10 a=YxBL1-UpAAAA:8 a=6I5d2MoRAAAA:8 a=yaAG3qJ-AAAA:8
 a=6azmR-cSAAAA:8 a=WGb3iPcmAAAA:8 a=-Vy2OzQZFe8N4X7HosAA:9
 a=DjkGPDPG-g7wXDhE:21 a=-joWIwtk7dXldF-o:21 a=XTsj52VrgMFMBEql:21
 a=QEXdDO2ut3YA:10 a=Ytm8v_FqGBcA:10 a=415uMnwt9euyry44hZUA:9
 a=KDBns9zPkFtASjw6:21 a=MMzhBxgxhSv6LlOE:21 a=jwLYlFnmYNwfE1nq:21
 a=_W_S_7VecoQA:10 a=Ia-lj3WSrqcvXOmTRaiG:22 a=IjZwj45LgO3ly-622nXo:22
 a=oLVlbjkABFOu4cUI0CGI:22 a=iGTr5Po_PWzzNro3Gps8:22 a=9JPlHzl_CvN4BZy81pxD:22
Received: from [25.84.90.114] (unknown [24.114.23.48])
 by spqr.komquats.com (Postfix) with ESMTPSA id 3E88FBCC;
 Sun, 12 Nov 2017 06:26:11 -0800 (PST)
MIME-Version: 1.0
From: Cy Schubert <Cy.Schubert@komquats.com>
Subject: RE: svn commit: r324696 - in head/contrib/wpa: src/ap src/common
 src/rsn_supp wpa_supplicant
Date: Sun, 12 Nov 2017 07:26:14 -0700
To: Gordon Tetlow <gordon@FreeBSD.org>, 
 "src-committers@freebsd.org" <src-committers@freebsd.org>, 
 "svn-src-all@freebsd.org" <svn-src-all@freebsd.org>, 
 "svn-src-head@freebsd.org" <svn-src-head@freebsd.org>
Message-Id: <20171112142611.3E88FBCC@spqr.komquats.com>
X-CMAE-Envelope: MS4wfNUI5KUdKMTLtk4n1urcyRuuJIwdcUexca0Xu1PL5+4pAvxMziqYvR/sbyTNRjy9mlaee0y2WVt4k8bi9uGm6JfYuHOrtenH5zrGcNXeHB1GL7z3ioug
 r4C+kJFcXh1PV+k481YHtJHv2cva02dpeoKxf+/l3MyDh8V6mJbgXUjLpfBK4KAzGlaTv9Q9V4YyL56RAkK6SLv9rzDOARDzv4bMkNdAXZgTy73+ryAMiE5K
 2fmjXLDQiPp5ODzLmzzQAAhvsDfiy/bkE74M0GPs93fAIDqz32nSxhStlsLxkwWX
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.25
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Nov 2017 14:26:23 -0000

This managed to get stuck in the outbox on my phone. Better late than never=
.

I think we need to start planning to upgrade to 2.6 (and 2.7 when it comes =
out), or at least thinking about it, especially with 10.x being badly out o=
f date.

Also possibly remove hostapd, instead relying on the port for that.

---
Sent using a tiny phone keyboard. Apologies for any typos and autocorrect.

Cy Schubert
<Cy.Schubert@cschubert.com> or <cy@freebsd.org>

-----Original Message-----
From: Gordon Tetlow
Sent: 17/10/2017 10:22
To: src-committers@freebsd.org; svn-src-all@freebsd.org; svn-src-head@freeb=
sd.org
Subject: svn commit: r324696 - in head/contrib/wpa: src/ap src/common src/r=
sn_supp wpa_supplicant

Author: gordon
Date: Tue Oct 17 17:22:36 2017
New Revision: 324696
URL: https://svnweb.freebsd.org/changeset/base/324696

Log:
  Update wpa_supplicant/hostapd for 2017-01 vulnerability release.
 =20
  hostapd: Avoid key reinstallation in FT handshake
  Prevent reinstallation of an already in-use group key
  Extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases
  Fix TK configuration to the driver in EAPOL-Key 3/4 retry case
  Prevent installation of an all-zero TK
  Fix PTK rekeying to generate a new ANonce
  TDLS: Reject TPK-TK reconfiguration
  WNM: Ignore Key Data in WNM Sleep Mode Response frame if no PMF in use
  WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode has not been used
  WNM: Ignore WNM-Sleep Mode Response without pending request
  FT: Do not allow multiple Reassociation Response frames
  TDLS: Ignore incoming TDLS Setup Response retries
 =20
  Submitted by:	jhb
  Obtained from:	https://w1.fi/security/2017-01/ (against later version)
  Security:	FreeBSD-SA-17:07
  Security:	CERT VU#228519
  Security:	CVE-2017-13077
  Security:	CVE-2017-13078
  Security:	CVE-2017-13079
  Security:	CVE-2017-13080
  Security:	CVE-2017-13081
  Security:	CVE-2017-13082
  Security:	CVE-2017-13086
  Security:	CVE-2017-13087
  Security:	CVE-2017-13088
  Differential Revision:	https://reviews.freebsd.org/D12693

Modified:
  head/contrib/wpa/src/ap/wpa_auth.c
  head/contrib/wpa/src/ap/wpa_auth.h
  head/contrib/wpa/src/ap/wpa_auth_ft.c
  head/contrib/wpa/src/ap/wpa_auth_i.h
  head/contrib/wpa/src/common/wpa_common.h
  head/contrib/wpa/src/rsn_supp/tdls.c
  head/contrib/wpa/src/rsn_supp/wpa.c
  head/contrib/wpa/src/rsn_supp/wpa_ft.c
  head/contrib/wpa/src/rsn_supp/wpa_i.h
  head/contrib/wpa/wpa_supplicant/ctrl_iface.c
  head/contrib/wpa/wpa_supplicant/events.c
  head/contrib/wpa/wpa_supplicant/wnm_sta.c
  head/contrib/wpa/wpa_supplicant/wpa_supplicant_i.h

Modified: head/contrib/wpa/src/ap/wpa_auth.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- head/contrib/wpa/src/ap/wpa_auth.c	Tue Oct 17 16:29:50 2017	(r324695)
+++ head/contrib/wpa/src/ap/wpa_auth.c	Tue Oct 17 17:22:36 2017	(r324696)
@@ -1893,6 +1893,21 @@ SM_STATE(WPA_PTK, AUTHENTICATION2)
 }
=20
=20
+static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm)
+{
+	if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) {
+		wpa_printf(MSG_ERROR,
+			   "WPA: Failed to get random data for ANonce");
+		sm->Disconnect =3D TRUE;
+		return -1;
+	}
+	wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce,
+		    WPA_NONCE_LEN);
+	sm->TimeoutCtr =3D 0;
+	return 0;
+}
+
+
 SM_STATE(WPA_PTK, INITPMK)
 {
 	u8 msk[2 * PMK_LEN];
@@ -2414,9 +2429,12 @@ SM_STEP(WPA_PTK)
 		SM_ENTER(WPA_PTK, AUTHENTICATION);
 	else if (sm->ReAuthenticationRequest)
 		SM_ENTER(WPA_PTK, AUTHENTICATION2);
-	else if (sm->PTKRequest)
-		SM_ENTER(WPA_PTK, PTKSTART);
-	else switch (sm->wpa_ptk_state) {
+	else if (sm->PTKRequest) {
+		if (wpa_auth_sm_ptk_update(sm) < 0)
+			SM_ENTER(WPA_PTK, DISCONNECTED);
+		else
+			SM_ENTER(WPA_PTK, PTKSTART);
+	} else switch (sm->wpa_ptk_state) {
 	case WPA_PTK_INITIALIZE:
 		break;
 	case WPA_PTK_DISCONNECT:
@@ -3206,6 +3224,14 @@ int wpa_auth_sta_wpa_version(struct wpa_state_machin=
e=20
 	if (sm =3D=3D NULL)
 		return 0;
 	return sm->wpa;
+}
+
+
+int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm)
+{
+	if (!sm || !wpa_key_mgmt_ft(sm->wpa_key_mgmt))
+		return 0;
+	return sm->tk_already_set;
 }
=20
=20

Modified: head/contrib/wpa/src/ap/wpa_auth.h
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- head/contrib/wpa/src/ap/wpa_auth.h	Tue Oct 17 16:29:50 2017	(r324695)
+++ head/contrib/wpa/src/ap/wpa_auth.h	Tue Oct 17 17:22:36 2017	(r324696)
@@ -271,6 +271,7 @@ int wpa_auth_pairwise_set(struct wpa_state_machine *sm
 int wpa_auth_get_pairwise(struct wpa_state_machine *sm);
 int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm);
 int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm);
+int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm);
 int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
 			     struct rsn_pmksa_cache_entry *entry);
 struct rsn_pmksa_cache_entry *

Modified: head/contrib/wpa/src/ap/wpa_auth_ft.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- head/contrib/wpa/src/ap/wpa_auth_ft.c	Tue Oct 17 16:29:50 2017	(r324695=
)
+++ head/contrib/wpa/src/ap/wpa_auth_ft.c	Tue Oct 17 17:22:36 2017	(r324696=
)
@@ -780,6 +780,14 @@ void wpa_ft_install_ptk(struct wpa_state_machine *sm)
 		return;
 	}
=20
+	if (sm->tk_already_set) {
+		/* Must avoid TK reconfiguration to prevent clearing of TX/RX
+		 * PN in the driver */
+		wpa_printf(MSG_DEBUG,
+			   "FT: Do not re-install same PTK to the driver");
+		return;
+	}
+
 	/* FIX: add STA entry to kernel/driver here? The set_key will fail
 	 * most likely without this.. At the moment, STA entry is added only
 	 * after association has been completed. This function will be called
@@ -792,6 +800,7 @@ void wpa_ft_install_ptk(struct wpa_state_machine *sm)
=20
 	/* FIX: MLME-SetProtection.Request(TA, Tx_Rx) */
 	sm->pairwise_set =3D TRUE;
+	sm->tk_already_set =3D TRUE;
 }
=20
=20
@@ -898,6 +907,7 @@ static int wpa_ft_process_auth_req(struct wpa_state_ma
=20
 	sm->pairwise =3D pairwise;
 	sm->PTK_valid =3D TRUE;
+	sm->tk_already_set =3D FALSE;
 	wpa_ft_install_ptk(sm);
=20
 	buflen =3D 2 + sizeof(struct rsn_mdie) + 2 + sizeof(struct rsn_ftie) +

Modified: head/contrib/wpa/src/ap/wpa_auth_i.h
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- head/contrib/wpa/src/ap/wpa_auth_i.h	Tue Oct 17 16:29:50 2017	(r324695)
+++ head/contrib/wpa/src/ap/wpa_auth_i.h	Tue Oct 17 17:22:36 2017	(r324696)
@@ -64,6 +64,7 @@ struct wpa_state_machine {
 	struct wpa_ptk PTK;
 	Boolean PTK_valid;
 	Boolean pairwise_set;
+	Boolean tk_already_set;
 	int keycount;
 	Boolean Pair;
 	struct wpa_key_replay_counter {

Modified: head/contrib/wpa/src/common/wpa_common.h
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- head/contrib/wpa/src/common/wpa_common.h	Tue Oct 17 16:29:50 2017	(r324=
695)
+++ head/contrib/wpa/src/common/wpa_common.h	Tue Oct 17 17:22:36 2017	(r324=
696)
@@ -213,8 +213,20 @@ struct wpa_ptk {
 	size_t kck_len;
 	size_t kek_len;
 	size_t tk_len;
+	int installed; /* 1 if key has already been installed to driver */
 };
=20
+struct wpa_gtk {
+	u8 gtk[WPA_GTK_MAX_LEN];
+	size_t gtk_len;
+};
+
+#ifdef CONFIG_IEEE80211W
+struct wpa_igtk {
+	u8 igtk[WPA_IGTK_MAX_LEN];
+	size_t igtk_len;
+};
+#endif /* CONFIG_IEEE80211W */
=20
 /* WPA IE version 1
  * 00-50-f2:1 (OUI:OUI type)

Modified: head/contrib/wpa/src/rsn_supp/tdls.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- head/contrib/wpa/src/rsn_supp/tdls.c	Tue Oct 17 16:29:50 2017	(r324695)
+++ head/contrib/wpa/src/rsn_supp/tdls.c	Tue Oct 17 17:22:36 2017	(r324696)
@@ -112,6 +112,7 @@ struct wpa_tdls_peer {
 		u8 tk[16]; /* TPK-TK; assuming only CCMP will be used */
 	} tpk;
 	int tpk_set;
+	int tk_set; /* TPK-TK configured to the driver */
 	int tpk_success;
 	int tpk_in_progress;
=20
@@ -192,6 +193,20 @@ static int wpa_tdls_set_key(struct wpa_sm *sm, struct=
=20
 	u8 rsc[6];
 	enum wpa_alg alg;
=20
+	if (peer->tk_set) {
+		/*
+		 * This same TPK-TK has already been configured to the driver
+		 * and this new configuration attempt (likely due to an
+		 * unexpected retransmitted frame) would result in clearing
+		 * the TX/RX sequence number which can break security, so must
+		 * not allow that to happen.
+		 */
+		wpa_printf(MSG_INFO, "TDLS: TPK-TK for the peer " MACSTR
+			   " has already been configured to the driver - do not reconfigure",
+			   MAC2STR(peer->addr));
+		return -1;
+	}
+
 	os_memset(rsc, 0, 6);
=20
 	switch (peer->cipher) {
@@ -209,12 +224,15 @@ static int wpa_tdls_set_key(struct wpa_sm *sm, struct=
=20
 		return -1;
 	}
=20
+	wpa_printf(MSG_DEBUG, "TDLS: Configure pairwise key for peer " MACSTR,
+		   MAC2STR(peer->addr));
 	if (wpa_sm_set_key(sm, alg, peer->addr, -1, 1,
 			   rsc, sizeof(rsc), peer->tpk.tk, key_len) < 0) {
 		wpa_printf(MSG_WARNING, "TDLS: Failed to set TPK to the "
 			   "driver");
 		return -1;
 	}
+	peer->tk_set =3D 1;
 	return 0;
 }
=20
@@ -690,7 +708,7 @@ static void wpa_tdls_peer_clear(struct wpa_sm *sm, str
 	peer->cipher =3D 0;
 	peer->qos_info =3D 0;
 	peer->wmm_capable =3D 0;
-	peer->tpk_set =3D peer->tpk_success =3D 0;
+	peer->tk_set =3D peer->tpk_set =3D peer->tpk_success =3D 0;
 	peer->chan_switch_enabled =3D 0;
 	os_memset(&peer->tpk, 0, sizeof(peer->tpk));
 	os_memset(peer->inonce, 0, WPA_NONCE_LEN);
@@ -1153,6 +1171,7 @@ skip_rsnie:
 		wpa_tdls_peer_free(sm, peer);
 		return -1;
 	}
+	peer->tk_set =3D 0; /* A new nonce results in a new TK */
 	wpa_hexdump(MSG_DEBUG, "TDLS: Initiator Nonce for TPK handshake",
 		    peer->inonce, WPA_NONCE_LEN);
 	os_memcpy(ftie->Snonce, peer->inonce, WPA_NONCE_LEN);
@@ -1745,6 +1764,19 @@ static int wpa_tdls_addset_peer(struct wpa_sm *sm, s=
tr
 }
=20
=20
+static int tdls_nonce_set(const u8 *nonce)
+{
+	int i;
+
+	for (i =3D 0; i < WPA_NONCE_LEN; i++) {
+		if (nonce[i])
+			return 1;
+	}
+
+	return 0;
+}
+
+
 static int wpa_tdls_process_tpk_m1(struct wpa_sm *sm, const u8 *src_addr,
 				   const u8 *buf, size_t len)
 {
@@ -1998,7 +2030,8 @@ skip_rsn:
 	peer->rsnie_i_len =3D kde.rsn_ie_len;
 	peer->cipher =3D cipher;
=20
-	if (os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) !=3D 0) {
+	if (os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) !=3D 0 ||
+	    !tdls_nonce_set(peer->inonce)) {
 		/*
 		 * There is no point in updating the RNonce for every obtained
 		 * TPK M1 frame (e.g., retransmission due to timeout) with the
@@ -2014,6 +2047,7 @@ skip_rsn:
 				"TDLS: Failed to get random data for responder nonce");
 			goto error;
 		}
+		peer->tk_set =3D 0; /* A new nonce results in a new TK */
 	}
=20
 #if 0
@@ -2170,6 +2204,14 @@ static int wpa_tdls_process_tpk_m2(struct wpa_sm *sm=
,=20
 			   "ignore TPK M2 from " MACSTR, MAC2STR(src_addr));
 		return -1;
 	}
+
+	if (peer->tpk_success) {
+		wpa_printf(MSG_INFO, "TDLS: Ignore incoming TPK M2 retry, from "
+			   MACSTR " as TPK M3 was already sent",
+			   MAC2STR(src_addr));
+		return 0;
+	}
+
 	wpa_tdls_tpk_retry_timeout_cancel(sm, peer, WLAN_TDLS_SETUP_REQUEST);
=20
 	if (len < 3 + 2 + 1) {

Modified: head/contrib/wpa/src/rsn_supp/wpa.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- head/contrib/wpa/src/rsn_supp/wpa.c	Tue Oct 17 16:29:50 2017	(r324695)
+++ head/contrib/wpa/src/rsn_supp/wpa.c	Tue Oct 17 17:22:36 2017	(r324696)
@@ -605,6 +605,12 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *s
 	const u8 *key_rsc;
 	u8 null_rsc[8] =3D { 0, 0, 0, 0, 0, 0, 0, 0 };
=20
+	if (sm->ptk.installed) {
+		wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
+			"WPA: Do not re-install same PTK to the driver");
+		return 0;
+	}
+
 	wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
 		"WPA: Installing PTK to the driver");
=20
@@ -643,6 +649,7 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *s
=20
 	/* TK is not needed anymore in supplicant */
 	os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN);
+	sm->ptk.installed =3D 1;
=20
 	if (sm->wpa_ptk_rekey) {
 		eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL);
@@ -692,11 +699,23 @@ struct wpa_gtk_data {
=20
 static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
 				      const struct wpa_gtk_data *gd,
-				      const u8 *key_rsc)
+				      const u8 *key_rsc, int wnm_sleep)
 {
 	const u8 *_gtk =3D gd->gtk;
 	u8 gtk_buf[32];
=20
+	/* Detect possible key reinstallation */
+	if ((sm->gtk.gtk_len =3D=3D (size_t) gd->gtk_len &&
+	     os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) =3D=3D 0) ||
+	    (sm->gtk_wnm_sleep.gtk_len =3D=3D (size_t) gd->gtk_len &&
+	     os_memcmp(sm->gtk_wnm_sleep.gtk, gd->gtk,
+		       sm->gtk_wnm_sleep.gtk_len) =3D=3D 0)) {
+		wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
+			"WPA: Not reinstalling already in-use GTK to the driver (keyidx=3D%d tx=
=3D%d len=3D%d)",
+			gd->keyidx, gd->tx, gd->gtk_len);
+		return 0;
+	}
+
 	wpa_hexdump_key(MSG_DEBUG, "WPA: Group Key", gd->gtk, gd->gtk_len);
 	wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
 		"WPA: Installing GTK to the driver (keyidx=3D%d tx=3D%d len=3D%d)",
@@ -731,6 +750,15 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *s
 	}
 	os_memset(gtk_buf, 0, sizeof(gtk_buf));
=20
+	if (wnm_sleep) {
+		sm->gtk_wnm_sleep.gtk_len =3D gd->gtk_len;
+		os_memcpy(sm->gtk_wnm_sleep.gtk, gd->gtk,
+			  sm->gtk_wnm_sleep.gtk_len);
+	} else {
+		sm->gtk.gtk_len =3D gd->gtk_len;
+		os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len);
+	}
+
 	return 0;
 }
=20
@@ -788,7 +816,7 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *
 	    (wpa_supplicant_check_group_cipher(sm, sm->group_cipher,
 					       gtk_len, gtk_len,
 					       &gd.key_rsc_len, &gd.alg) ||
-	     wpa_supplicant_install_gtk(sm, &gd, key->key_rsc))) {
+	     wpa_supplicant_install_gtk(sm, &gd, key->key_rsc, 0))) {
 		wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
 			"RSN: Failed to install GTK");
 		os_memset(&gd, 0, sizeof(gd));
@@ -802,6 +830,58 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *
 }
=20
=20
+#ifdef CONFIG_IEEE80211W
+static int wpa_supplicant_install_igtk(struct wpa_sm *sm,
+				       const struct wpa_igtk_kde *igtk,
+				       int wnm_sleep)
+{
+	size_t len =3D wpa_cipher_key_len(sm->mgmt_group_cipher);
+	u16 keyidx =3D WPA_GET_LE16(igtk->keyid);
+
+	/* Detect possible key reinstallation */
+	if ((sm->igtk.igtk_len =3D=3D len &&
+	     os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) =3D=3D 0) ||
+	    (sm->igtk_wnm_sleep.igtk_len =3D=3D len &&
+	     os_memcmp(sm->igtk_wnm_sleep.igtk, igtk->igtk,
+		       sm->igtk_wnm_sleep.igtk_len) =3D=3D 0)) {
+		wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
+			"WPA: Not reinstalling already in-use IGTK to the driver (keyidx=3D%d)"=
,
+			keyidx);
+		return  0;
+	}
+
+	wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
+		"WPA: IGTK keyid %d pn %02x%02x%02x%02x%02x%02x",
+		keyidx, MAC2STR(igtk->pn));
+	wpa_hexdump_key(MSG_DEBUG, "WPA: IGTK", igtk->igtk, len);
+	if (keyidx > 4095) {
+		wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
+			"WPA: Invalid IGTK KeyID %d", keyidx);
+		return -1;
+	}
+	if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
+			   broadcast_ether_addr,
+			   keyidx, 0, igtk->pn, sizeof(igtk->pn),
+			   igtk->igtk, len) < 0) {
+		wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
+			"WPA: Failed to configure IGTK to the driver");
+		return -1;
+	}
+
+	if (wnm_sleep) {
+		sm->igtk_wnm_sleep.igtk_len =3D len;
+		os_memcpy(sm->igtk_wnm_sleep.igtk, igtk->igtk,
+			  sm->igtk_wnm_sleep.igtk_len);
+	} else {
+		sm->igtk.igtk_len =3D len;
+		os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len);
+	}
+
+	return 0;
+}
+#endif /* CONFIG_IEEE80211W */
+
+
 static int ieee80211w_set_keys(struct wpa_sm *sm,
 			       struct wpa_eapol_ie_parse *ie)
 {
@@ -812,30 +892,14 @@ static int ieee80211w_set_keys(struct wpa_sm *sm,
 	if (ie->igtk) {
 		size_t len;
 		const struct wpa_igtk_kde *igtk;
-		u16 keyidx;
+
 		len =3D wpa_cipher_key_len(sm->mgmt_group_cipher);
 		if (ie->igtk_len !=3D WPA_IGTK_KDE_PREFIX_LEN + len)
 			return -1;
+
 		igtk =3D (const struct wpa_igtk_kde *) ie->igtk;
-		keyidx =3D WPA_GET_LE16(igtk->keyid);
-		wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: IGTK keyid %d "
-			"pn %02x%02x%02x%02x%02x%02x",
-			keyidx, MAC2STR(igtk->pn));
-		wpa_hexdump_key(MSG_DEBUG, "WPA: IGTK",
-				igtk->igtk, len);
-		if (keyidx > 4095) {
-			wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
-				"WPA: Invalid IGTK KeyID %d", keyidx);
+		if (wpa_supplicant_install_igtk(sm, igtk, 0) < 0)
 			return -1;
-		}
-		if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
-				   broadcast_ether_addr,
-				   keyidx, 0, igtk->pn, sizeof(igtk->pn),
-				   igtk->igtk, len) < 0) {
-			wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
-				"WPA: Failed to configure IGTK to the driver");
-			return -1;
-		}
 	}
=20
 	return 0;
@@ -1483,7 +1547,7 @@ static void wpa_supplicant_process_1_of_2(struct wpa_=
s
 	if (ret)
 		goto failed;
=20
-	if (wpa_supplicant_install_gtk(sm, &gd, key->key_rsc) ||
+	if (wpa_supplicant_install_gtk(sm, &gd, key->key_rsc, 0) ||
 	    wpa_supplicant_send_2_of_2(sm, key, ver, key_info))
 		goto failed;
 	os_memset(&gd, 0, sizeof(gd));
@@ -2251,7 +2315,7 @@ void wpa_sm_deinit(struct wpa_sm *sm)
  */
 void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
 {
-	int clear_ptk =3D 1;
+	int clear_keys =3D 1;
=20
 	if (sm =3D=3D NULL)
 		return;
@@ -2277,11 +2341,11 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u=
8 *
 		/* Prepare for the next transition */
 		wpa_ft_prepare_auth_request(sm, NULL);
=20
-		clear_ptk =3D 0;
+		clear_keys =3D 0;
 	}
 #endif /* CONFIG_IEEE80211R */
=20
-	if (clear_ptk) {
+	if (clear_keys) {
 		/*
 		 * IEEE 802.11, 8.4.10: Delete PTK SA on (re)association if
 		 * this is not part of a Fast BSS Transition.
@@ -2291,6 +2355,12 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8=
 *
 		os_memset(&sm->ptk, 0, sizeof(sm->ptk));
 		sm->tptk_set =3D 0;
 		os_memset(&sm->tptk, 0, sizeof(sm->tptk));
+		os_memset(&sm->gtk, 0, sizeof(sm->gtk));
+		os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep));
+#ifdef CONFIG_IEEE80211W
+		os_memset(&sm->igtk, 0, sizeof(sm->igtk));
+		os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep));
+#endif /* CONFIG_IEEE80211W */
 	}
=20
 #ifdef CONFIG_TDLS
@@ -2322,6 +2392,9 @@ void wpa_sm_notify_disassoc(struct wpa_sm *sm)
 #ifdef CONFIG_TDLS
 	wpa_tdls_disassoc(sm);
 #endif /* CONFIG_TDLS */
+#ifdef CONFIG_IEEE80211R
+	sm->ft_reassoc_completed =3D 0;
+#endif /* CONFIG_IEEE80211R */
=20
 	/* Keys are not needed in the WPA state machine anymore */
 	wpa_sm_drop_sa(sm);
@@ -2807,6 +2880,12 @@ void wpa_sm_drop_sa(struct wpa_sm *sm)
 	os_memset(sm->pmk, 0, sizeof(sm->pmk));
 	os_memset(&sm->ptk, 0, sizeof(sm->ptk));
 	os_memset(&sm->tptk, 0, sizeof(sm->tptk));
+	os_memset(&sm->gtk, 0, sizeof(sm->gtk));
+	os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep));
+#ifdef CONFIG_IEEE80211W
+	os_memset(&sm->igtk, 0, sizeof(sm->igtk));
+	os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep));
+#endif /* CONFIG_IEEE80211W */
 #ifdef CONFIG_IEEE80211R
 	os_memset(sm->xxkey, 0, sizeof(sm->xxkey));
 	os_memset(sm->pmk_r0, 0, sizeof(sm->pmk_r0));
@@ -2870,7 +2949,7 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 su=
b
=20
 		wpa_hexdump_key(MSG_DEBUG, "Install GTK (WNM SLEEP)",
 				gd.gtk, gd.gtk_len);
-		if (wpa_supplicant_install_gtk(sm, &gd, key_rsc)) {
+		if (wpa_supplicant_install_gtk(sm, &gd, key_rsc, 1)) {
 			os_memset(&gd, 0, sizeof(gd));
 			wpa_printf(MSG_DEBUG, "Failed to install the GTK in "
 				   "WNM mode");
@@ -2879,29 +2958,11 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 =
sub
 		os_memset(&gd, 0, sizeof(gd));
 #ifdef CONFIG_IEEE80211W
 	} else if (subelem_id =3D=3D WNM_SLEEP_SUBELEM_IGTK) {
-		struct wpa_igtk_kde igd;
-		u16 keyidx;
+		const struct wpa_igtk_kde *igtk;
=20
-		os_memset(&igd, 0, sizeof(igd));
-		keylen =3D wpa_cipher_key_len(sm->mgmt_group_cipher);
-		os_memcpy(igd.keyid, buf + 2, 2);
-		os_memcpy(igd.pn, buf + 4, 6);
-
-		keyidx =3D WPA_GET_LE16(igd.keyid);
-		os_memcpy(igd.igtk, buf + 10, keylen);
-
-		wpa_hexdump_key(MSG_DEBUG, "Install IGTK (WNM SLEEP)",
-				igd.igtk, keylen);
-		if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
-				   broadcast_ether_addr,
-				   keyidx, 0, igd.pn, sizeof(igd.pn),
-				   igd.igtk, keylen) < 0) {
-			wpa_printf(MSG_DEBUG, "Failed to install the IGTK in "
-				   "WNM mode");
-			os_memset(&igd, 0, sizeof(igd));
+		igtk =3D (const struct wpa_igtk_kde *) (buf + 2);
+		if (wpa_supplicant_install_igtk(sm, igtk, 1) < 0)
 			return -1;
-		}
-		os_memset(&igd, 0, sizeof(igd));
 #endif /* CONFIG_IEEE80211W */
 	} else {
 		wpa_printf(MSG_DEBUG, "Unknown element id");

Modified: head/contrib/wpa/src/rsn_supp/wpa_ft.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- head/contrib/wpa/src/rsn_supp/wpa_ft.c	Tue Oct 17 16:29:50 2017	(r32469=
5


[The entire original message is not included.]=