From 9e27a772f2149631ca724b7a498326fa283c5ecf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mika=20Lepp=C3=A4nen?= Date: Mon, 18 Jan 2021 12:46:52 +0200 Subject: [PATCH] Disabled BR IID verify from DODAG ID Nodes no longer verify BR IID (EAPOL Authenticator EUI-64) from DODAG ID because it causes interworking issues with DODAG IDs which are not generated using BR EUI-64. --- CHANGELOG.md | 1 + source/6LoWPAN/ws/ws_pae_supp.c | 20 ++------------------ 2 files changed, 3 insertions(+), 18 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 70690d7f7c57..16b12daa9899 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ * Use all allowed channels with Brazil domain * Fixed issues related to channel change failures and bad MAC retransmission timings causing heavily decreasing performance on devices. * Corrected memory leak on Border Router key storage that could occur when key storage is allocated on low memory situation +* Nodes no longer verify BR IID (EAPOL Authenticator EUI-64) from DODAG ID because it causes interworking issues with DODAG IDs which are not generated using EUI-64. ## Release v12.7.0 (14-12-2020) diff --git a/source/6LoWPAN/ws/ws_pae_supp.c b/source/6LoWPAN/ws/ws_pae_supp.c index 13c1e149ec37..d3dc8a0220b3 100644 --- a/source/6LoWPAN/ws/ws_pae_supp.c +++ b/source/6LoWPAN/ws/ws_pae_supp.c @@ -269,6 +269,8 @@ int8_t ws_pae_supp_border_router_addr_read(protocol_interface_info_entry_t *inte int8_t ws_pae_supp_nw_key_valid(protocol_interface_info_entry_t *interface_ptr, uint8_t *br_iid) { + (void) br_iid; + pae_supp_t *pae_supp = ws_pae_supp_get(interface_ptr); if (!pae_supp) { return -1; @@ -276,24 +278,6 @@ int8_t ws_pae_supp_nw_key_valid(protocol_interface_info_entry_t *interface_ptr, tr_info("NW key valid indication"); - // Store border router EUI-64 received on bootstrap complete - memcpy(pae_supp->comp_br_eui_64, br_iid, 8); - pae_supp->comp_br_eui_64[0] ^= 0x02; - pae_supp->comp_br_eui_64_set = true; - - // Get the EUI-64 used on 4WH handshake PTK generation - uint8_t *ptk_eui_64 = sec_prot_keys_ptk_eui_64_get(&pae_supp->entry.sec_keys); - - /* If border router EUI-64 received on bootstrap complete does not match to - EUI-64 stored with keys, delete keys */ - if (!ptk_eui_64 || memcmp(ptk_eui_64, pae_supp->comp_br_eui_64, 8) != 0) { - tr_warn("Delete keys: PTK EUI-64 %s does not match to BR EUI-64 %s", - ptk_eui_64 ? tr_array(ptk_eui_64, 8) : "", tr_array(pae_supp->comp_br_eui_64, 8)); - sec_prot_keys_pmk_delete(&pae_supp->entry.sec_keys); - sec_prot_keys_ptk_delete(&pae_supp->entry.sec_keys); - sec_prot_keys_ptk_eui_64_delete(&pae_supp->entry.sec_keys); - } - // Stored keys are valid pae_supp->nw_keys_used_cnt = 0;