arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-04-27 21:16:50 +03:00
Code

backport #7486

Browse Source
This commit is contained in:
David Gauchard 2020-07-27 00:09:26 +02:00
parent 59bbfc7061
commit 59499c7361
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
libraries/ESP8266WiFi/src/ESP8266WiFiGeneric.cpp
View File

@ -233,6 +233,16 @@ void ESP8266WiFiGenericClass::_eventCallback(void* arg)
WiFiClient::stopAll();
}
if (event->event == EVENT_STAMODE_AUTHMODE_CHANGE) {
auto& src = event->event_info.auth_change;
if ((src.old_mode != AUTH_OPEN) && (src.new_mode == AUTH_OPEN)) {
// CVE-2020-12638 workaround. When we get a change to AUTH_OPEN from any other mode, drop the WiFi link because it's a downgrade attack
// TODO - When upgrading to 3.x.x with fix, remove this code
DEBUG_WIFI("WIFI_EVENT_STAMODE_AUTHMODE_CHANGE from encrypted(%d) to AUTH_OPEN, potential downgrade attack. Reconnecting WiFi. See CVE-2020-12638 for more details\n", src.old_mode);
WiFi.reconnect(); // Disconnects from STA and then reconnects
}
}
for(auto it = std::begin(sCbEventList); it != std::end(sCbEventList); ) {
WiFiEventHandler &handler = *it;
if (handler->canExpire() && handler.unique()) {