[PATCH 30/97] NAN: Remove peer's IGTK/BIGTK when a peer is removed
Andrei Otcheretianski
andrei.otcheretianski at intel.com
Tue Apr 28 13:05:31 PDT 2026
From: Avraham Stern <avraham.stern at intel.com>
Remove the peer's IGTK/BIGTK when the peer is removed.
Signed-off-by: Avraham Stern <avraham.stern at intel.com>
---
src/nan/nan.c | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
diff --git a/src/nan/nan.c b/src/nan/nan.c
index 0ea2c28b34..fce341af5a 100644
--- a/src/nan/nan.c
+++ b/src/nan/nan.c
@@ -122,6 +122,30 @@ static void nan_peer_flush_sec(struct nan_peer_info *info)
}
+static void nan_remove_group_keys(struct nan_data *nan, struct nan_peer *peer)
+{
+ if (peer->igtk_id) {
+ if (nan->cfg->set_group_key(nan->cfg->cb_ctx, WPA_ALG_NONE,
+ peer->nmi_addr, peer->igtk_id, NULL,
+ NULL, 0, KEY_FLAG_GROUP))
+ wpa_printf(MSG_DEBUG,
+ "NAN: Failed to clear Rx IGTK for peer "
+ MACSTR, MAC2STR(peer->nmi_addr));
+ peer->igtk_id = 0;
+ }
+
+ if (peer->bigtk_id) {
+ if (nan->cfg->set_group_key(nan->cfg->cb_ctx, WPA_ALG_NONE,
+ peer->nmi_addr, peer->bigtk_id,
+ NULL, NULL, 0, KEY_FLAG_GROUP))
+ wpa_printf(MSG_DEBUG,
+ "NAN: Failed to clear Rx BIGTK for peer "
+ MACSTR, MAC2STR(peer->nmi_addr));
+ peer->bigtk_id = 0;
+ }
+}
+
+
static void nan_del_peer(struct nan_data *nan, struct nan_peer *peer)
{
if (!peer)
@@ -157,6 +181,7 @@ static void nan_del_peer(struct nan_data *nan, struct nan_peer *peer)
nan_peer_flush_avail(&peer->info);
nan_peer_flush_dev_capa(&peer->info);
nan_peer_flush_elem_container(&peer->info);
+ nan_remove_group_keys(nan, peer);
nan_ndl_reset(nan, peer);
nan_peer_flush_sec(&peer->info);
--
2.53.0
More information about the Hostap
mailing list