[PATCH v2 30/33] FT: convert r0_key_lifetime to seconds

M. Braun michael-dev at fami-braun.de
Sat Sep 24 14:08:14 PDT 2016 

From: Michael Braun <michael-dev at fami-braun.de>

Simplifies testing. All other items are seconds as well.

Signed-off-by: Michael Braun <michael-dev at fami-braun.de>
---
 hostapd/config_file.c | 2 ++
 hostapd/hostapd.conf  | 6 +++---
 src/ap/ap_config.c    | 2 +-
 src/ap/wpa_auth.c     | 2 +-
 src/ap/wpa_auth_ft.c  | 4 ++--
 5 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index 0d6388e..9e706ac 100644
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -2549,6 +2549,8 @@ static int hostapd_config_fill(struct hostapd_config *conf,
 			return 1;
 		}
 	} else if (os_strcmp(buf, "r0_key_lifetime") == 0) {
+		bss->r0_key_lifetime = atoi(pos) * 60;
+	} else if (os_strcmp(buf, "ft_r0_key_lifetime") == 0) {
 		bss->r0_key_lifetime = atoi(pos);
 	} else if (os_strcmp(buf, "r1_max_key_lifetime") == 0) {
 		bss->r1_max_key_lifetime = atoi(pos);
diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf
index e0147be..1617200 100644
--- a/hostapd/hostapd.conf
+++ b/hostapd/hostapd.conf
@@ -1298,10 +1298,10 @@ own_ip_addr=127.0.0.1
 # 1 to 48 octet identifier.
 # This is configured with nas_identifier (see RADIUS client section above).
 
-# Default lifetime of the PMK-RO in minutes; range 1..65535
-# (default: 60 minutes; 0 = disable timeout)
+# Default lifetime of the PMK-RO in seconds; range 60..4294967295
+# (default: 14 days / 1209600 seconds; 0 = disable timeout)
 # (dot11FTR0KeyLifetime)
-#r0_key_lifetime=10000
+#ft_r0_key_lifetime=10000
 
 # maximum lifetime for PMK-R1; applied only if != 0
 # PMK-R1 is removed at least after this limit.
diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c
index 6363da6..63d56f5 100644
--- a/src/ap/ap_config.c
+++ b/src/ap/ap_config.c
@@ -94,7 +94,7 @@ void hostapd_config_defaults_bss(struct hostapd_bss_config *bss)
 	bss->rkh_neg_timeout = 60;
 	bss->rkh_pull_timeout = 1000;
 	bss->rkh_pull_retries = 4;
-	bss->r0_key_lifetime = 60; /* same as eap_reauth_period */
+	bss->r0_key_lifetime = 1209600;
 #endif /* CONFIG_IEEE80211R */
 
 	bss->radius_das_time_window = 300;
diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 9101665..e757aa3 100644
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -2363,7 +2363,7 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING)
 		*pos++ = WLAN_EID_TIMEOUT_INTERVAL;
 		*pos++ = 5;
 		*pos++ = WLAN_TIMEOUT_KEY_LIFETIME;
-		WPA_PUT_LE32(pos, conf->r0_key_lifetime * 60);
+		WPA_PUT_LE32(pos, conf->r0_key_lifetime);
 		pos += 4;
 	}
 #endif /* CONFIG_IEEE80211R */
diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c
index 860de1e..409cbc6 100644
--- a/src/ap/wpa_auth_ft.c
+++ b/src/ap/wpa_auth_ft.c
@@ -1233,7 +1233,7 @@ int wpa_auth_derive_ptk_ft(struct wpa_state_machine *sm, const u8 *pmk,
 	const u8 *ssid = sm->wpa_auth->conf.ssid;
 	size_t ssid_len = sm->wpa_auth->conf.ssid_len;
 	int psk_local = sm->wpa_auth->conf.ft_psk_generate_local;
-	int expires_in = sm->wpa_auth->conf.r0_key_lifetime * 60;
+	int expires_in = sm->wpa_auth->conf.r0_key_lifetime;
 	struct vlan_description vlan;
 	const u8 *identity, *radius_cui;
 	int identity_len, radius_cui_len;
@@ -2643,7 +2643,7 @@ static int wpa_ft_rrb_rx_r1(struct wpa_authenticator *wpa_auth,
 	int pairwise;
 	int ret = -1;
 	int expires_in;
-	int max_expires_in = wpa_auth->conf.r0_key_lifetime * 60;
+	int max_expires_in = wpa_auth->conf.r0_key_lifetime;
 	int session_timeout;
 	struct vlan_description vlan;
 	char buf[256];
-- 
2.1.4

More information about the Hostap mailing list