[4/6] eapol: use handshake_state_pmkid_matches

Message ID	20230619225746.462791-4-prestwoj@gmail.com (mailing list archive)
State	New
Headers	show Received: from mail-wm1-f46.google.com (mail-wm1-f46.google.com [209.85.128.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C74C1D2FB for <iwd@lists.linux.dev>; Mon, 19 Jun 2023 22:58:00 +0000 (UTC) From: James Prestwood <prestwoj@gmail.com> To: iwd@lists.linux.dev Cc: James Prestwood <prestwoj@gmail.com> Subject: [PATCH 4/6] eapol: use handshake_state_pmkid_matches Date: Mon, 19 Jun 2023 15:57:44 -0700 Message-Id: <20230619225746.462791-4-prestwoj@gmail.com> In-Reply-To: <20230619225746.462791-1-prestwoj@gmail.com> References: <20230619225746.462791-1-prestwoj@gmail.com> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[1/6] handshake: add force_sha1 flag to handshake_state_get_pmkid() \| expand [1/6] handshake: add force_sha1 flag to handshake_state_get_pmkid() [2/6] handshake: add FT_OVER_8021X AKM for SHA256 PMKID derivation [3/6] handshake: add handshake_state_pmkid_matches [4/6] eapol: use handshake_state_pmkid_matches [5/6] auto-t: add comment about FILS rekeys [6/6] auto-t: fix testNetconfig lease parsing

Message ID

20230619225746.462791-4-prestwoj@gmail.com (mailing list archive)

State

New

Headers

From: James Prestwood <prestwoj@gmail.com>
To: iwd@lists.linux.dev
Cc: James Prestwood <prestwoj@gmail.com>
Subject: [PATCH 4/6] eapol: use handshake_state_pmkid_matches
Date: Mon, 19 Jun 2023 15:57:44 -0700
Message-Id: <20230619225746.462791-4-prestwoj@gmail.com>
In-Reply-To: <20230619225746.462791-1-prestwoj@gmail.com>
References: <20230619225746.462791-1-prestwoj@gmail.com>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[1/6] handshake: add force_sha1 flag to handshake_state_get_pmkid() | expand

Commit Message

James Prestwood June 19, 2023, 10:57 p.m. UTC

This allows compatibility with older hostapd versions using the
SHA1 derivation for the FT-8021X AKM.
---
 src/eapol.c | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/src/eapol.c b/src/eapol.c
index 354b8fe7..7db6148e 100644
--- a/src/eapol.c
+++ b/src/eapol.c
@@ -1234,12 +1234,7 @@  static void eapol_handle_ptk_1_of_4(struct eapol_sm *sm,
 		if (!found)
 			goto error_unspecified;
 	} else if (pmkid) {
-		uint8_t own_pmkid[16];
-
-		if (!handshake_state_get_pmkid(sm->handshake, own_pmkid, false))
-			goto error_unspecified;
-
-		if (l_secure_memcmp(pmkid, own_pmkid, 16)) {
+		if (!handshake_state_pmkid_matches(sm->handshake, pmkid)) {
 			l_debug("Authenticator sent a PMKID that didn't match");
 
 			/*

[4/6] eapol: use handshake_state_pmkid_matches

Commit Message

Patch