[PATCH] mka: Send MKPDUs forever if mode is PSK
Jouni Malinen
j at w1.fi
Fri Feb 10 10:09:22 PST 2017
On Tue, Feb 07, 2017 at 02:28:31PM +0530, Badrish Adiga H R wrote:
> Issue: When 2 peers are running MACsec in PSK mode with CA
> established, if the interface goes down and comes up after
> time > 10 seconds, CA does not get re-established.
>
> Root cause: This is because retry_count of both the peers
> would have reached MAX_RETRY_CNT and stays idle for other to
> respond. This is clear deadlock situation where peer A waits
> for MKA packets from peer B to wake up and vice-versa.
>
> Fix: If MACsec is running in PSK mode, we should send MKPDUs
> forever for every 2 seconds.
Thanks, applied.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list