diff options
| author |   stsp <stsp@openbsd.org> | 2017-03-01 19:28:48 +0000 |
|---|---|---|
| committer | stsp <stsp@openbsd.org> | 2017-03-01 19:28:48 +0000 |
| commit | 98998980f534aa528027c3e9b37e5cf6594ebe2c (patch) | |
| tree | 60f49e2e3146677d27a411ba57762a49f2af5ba6 /sys/net80211/ieee80211_input.c | |
| parent | Split vmm.c into two files: vm.c for the VM child, vmm.c for the parent (diff) | |
| download | wireguard-openbsd-98998980f534aa528027c3e9b37e5cf6594ebe2c.tar.xz wireguard-openbsd-98998980f534aa528027c3e9b37e5cf6594ebe2c.zip | |
Fix a bug allowing a man-in-the-middle attack against WPA wireless clients.
A malicious AP could trick clients into connecting to the malicious AP
instead of the desired AP. All frames would then be sent in the clear.
This problem was found and reported by Mathy Vanhoef who also provided
an initial patch which we improved together.
Diffstat (limited to 'sys/net80211/ieee80211_input.c')
| -rw-r--r-- | sys/net80211/ieee80211_input.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/net80211/ieee80211_input.c b/sys/net80211/ieee80211_input.c index 84c0caf7c42..4dff49f2d41 100644 --- a/sys/net80211/ieee80211_input.c +++ b/sys/net80211/ieee80211_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ieee80211_input.c,v 1.186 2017/02/02 16:47:53 stsp Exp $ */ +/* $OpenBSD: ieee80211_input.c,v 1.187 2017/03/01 19:28:48 stsp Exp $ */ /*- * Copyright (c) 2001 Atsushi Onoe @@ -2319,6 +2319,7 @@ ieee80211_recv_assoc_resp(struct ieee80211com *ic, struct mbuf *m, */ if (ic->ic_flags & IEEE80211_F_RSNON) { /* XXX ic->ic_mgt_timer = 5; */ + ni->ni_rsn_supp_state = RSNA_SUPP_PTKSTART; } else if (ic->ic_flags & IEEE80211_F_WEPON) ni->ni_flags |= IEEE80211_NODE_TXRXPROT; |