[PATCH] fix infinite loop in wpa_auth state machine
Sat Mar 30 10:55:33 PDT 2013
On Mon, Mar 25, 2013 at 06:41:09PM +0100, michael-dev wrote:
> when the os is out of random bytes in SM_STATE(WPA_PTK,
> AUTHENTICATION2) in ap/wpa_auth.c, hostapd sends the sm to state
> DISCONNECT without clearing ReAuthenticationRequest, resulting in an
> infinite loop. Clearing sm->ReAuthenticationRequest using gdb fixes
> the running hostapd instance for me. Also sm->Disconnect=true should
> be used instead of wpa_sta_disconnect to make sure that the
> incomplete ANonce does not get used.
> Please find a patch attached that fixes this issue by resetting
> sm->ReAuthenticationRequest even if the sta gets disconnected and
> uses sm->Disconnect instead of wpa_sta_disconnect.
Jouni Malinen PGP id EFC895FA
More information about the Hostap