Home-IoT/esphome
1
0
Fork 0
mirror of https://github.com/esphome/esphome.git synced 2024-11-22 15:08:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

Mitigate CVE-2020-12638 WiFi WPA Downgrade (#1207)

Browse source 
Co-authored-by: Lukas Bachschwell <lukas@lbsfilm.at>
This commit is contained in:
Otto Winter 2020-07-27 18:22:38 +02:00 committed by GitHub
parent 8aa73bba10
commit 389889ad70
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 22 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
esphome/components/wifi/wifi_component_esp32.cpp
View file

@ -391,6 +391,18 @@ void WiFiComponent::wifi_event_callback_(system_event_id_t event, system_event_i
auto it = info.auth_change;
ESP_LOGV(TAG, "Event: Authmode Change old=%s new=%s", get_auth_mode_str(it.old_mode),
get_auth_mode_str(it.new_mode));
// Mitigate CVE-2020-12638
// https://lbsfilm.at/blog/wpa2-authenticationmode-downgrade-in-espressif-microprocessors
if (it.old_mode != WIFI_AUTH_OPEN && it.new_mode == WIFI_AUTH_OPEN) {
ESP_LOGW(TAG, "Potential Authmode downgrade detected, disconnecting...");
// we can't call retry_connect() from this context, so disconnect immediately
// and notify main thread with error_from_callback_
err_t err = esp_wifi_disconnect();
if (err != ESP_OK) {
ESP_LOGW(TAG, "Disconnect failed: %s", esp_err_to_name(err));
}
this->error_from_callback_ = true;
}
break;
}
case SYSTEM_EVENT_STA_GOT_IP: {

10
esphome/components/wifi/wifi_component_esp8266.cpp
View file

@ -220,6 +220,7 @@ bool WiFiComponent::wifi_sta_connect_(WiFiAP ap) {
if (ap.get_password().empty()) {
conf.threshold.authmode = AUTH_OPEN;
} else {
// Only allow auth modes with at least WPA
conf.threshold.authmode = AUTH_WPA_PSK;
}
conf.threshold.rssi = -127;
@ -399,6 +400,15 @@ void WiFiComponent::wifi_event_callback(System_Event_t *event) {
auto it = event->event_info.auth_change;
ESP_LOGV(TAG, "Event: Changed AuthMode old=%s new=%s", get_auth_mode_str(it.old_mode),
get_auth_mode_str(it.new_mode));
// Mitigate CVE-2020-12638
// https://lbsfilm.at/blog/wpa2-authenticationmode-downgrade-in-espressif-microprocessors
if (it.old_mode != AUTH_OPEN && it.new_mode == AUTH_OPEN) {
ESP_LOGW(TAG, "Potential Authmode downgrade detected, disconnecting...");
// we can't call retry_connect() from this context, so disconnect immediately
// and notify main thread with error_from_callback_
wifi_station_disconnect();
global_wifi_component->error_from_callback_ = true;
}
break;
}
case EVENT_STAMODE_GOT_IP: {