diff options
author | gordon <gordon@FreeBSD.org> | 2017-10-17 17:30:18 +0000 |
---|---|---|
committer | gordon <gordon@FreeBSD.org> | 2017-10-17 17:30:18 +0000 |
commit | 2d112e2354053559738d08a42672a59fee3c57c5 (patch) | |
tree | 082ba203e777c347519326036f7996a70fb01335 /contrib/wpa/src/ap/wpa_auth.h | |
parent | 0cf6ce9e84d5ff13d2bfdc46abcbfd8fe1ee0128 (diff) | |
download | FreeBSD-src-2d112e2354053559738d08a42672a59fee3c57c5.zip FreeBSD-src-2d112e2354053559738d08a42672a59fee3c57c5.tar.gz |
MFC r324696: Update wpa_supplicant/hostapd for 2017-01 vulnerability release.
hostapd: Avoid key reinstallation in FT handshake
Prevent reinstallation of an already in-use group key
Extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases
Fix TK configuration to the driver in EAPOL-Key 3/4 retry case
Prevent installation of an all-zero TK
Fix PTK rekeying to generate a new ANonce
TDLS: Reject TPK-TK reconfiguration
WNM: Ignore Key Data in WNM Sleep Mode Response frame if no PMF in use
WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode has not been used
WNM: Ignore WNM-Sleep Mode Response without pending request
FT: Do not allow multiple Reassociation Response frames
TDLS: Ignore incoming TDLS Setup Response retries
Submitted by: jhb
Obtained from: https://w1.fi/security/2017-01/ (against later version)
Security: FreeBSD-SA-17:07
Security: CERT VU#228519
Security: CVE-2017-13077
Security: CVE-2017-13078
Security: CVE-2017-13079
Security: CVE-2017-13080
Security: CVE-2017-13081
Security: CVE-2017-13082
Security: CVE-2017-13086
Security: CVE-2017-13087
Security: CVE-2017-13088
Diffstat (limited to 'contrib/wpa/src/ap/wpa_auth.h')
-rw-r--r-- | contrib/wpa/src/ap/wpa_auth.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/contrib/wpa/src/ap/wpa_auth.h b/contrib/wpa/src/ap/wpa_auth.h index fd04f16..1b1442f 100644 --- a/contrib/wpa/src/ap/wpa_auth.h +++ b/contrib/wpa/src/ap/wpa_auth.h @@ -271,6 +271,7 @@ int wpa_auth_pairwise_set(struct wpa_state_machine *sm); int wpa_auth_get_pairwise(struct wpa_state_machine *sm); int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm); int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm); +int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm); int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm, struct rsn_pmksa_cache_entry *entry); struct rsn_pmksa_cache_entry * |