[PATCH] mka: Some bug fixes
Badrish Adiga H R
badrish.adigahr at gmail.com
Mon Dec 5 07:26:23 PST 2016
From: Badrish Adiga H R <badrish.adigahr at gmail.com>
1. API ieee802_1x_mka_decode_dist_sak_body wrongly puts
participant->to_use_sak to TRUE, if invalid DIstributed SAK Parameter
Set is received
2. when number of live peers become 0, the flags such lrx, ltx, orx,
otx etc. needs to be cleared. In MACsec PSK mode, these stale values
create problems, while re-establishing CA...
Signed-off-by: Badrish Adiga H R <badrish.adigahr at gmail.com>
---
src/pae/ieee802_1x_kay.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c
index 1d6d9a9..e81ae0c 100644
--- a/src/pae/ieee802_1x_kay.c
+++ b/src/pae/ieee802_1x_kay.c
@@ -1559,7 +1559,7 @@ ieee802_1x_mka_decode_dist_sak_body(
ieee802_1x_cp_connect_authenticated(kay->cp);
ieee802_1x_cp_sm_step(kay->cp);
wpa_printf(MSG_WARNING, "KaY:The Key server advise no MACsec");
- participant->to_use_sak = TRUE;
+ participant->to_use_sak = FALSE;
return 0;
}
@@ -2377,6 +2377,12 @@ static void ieee802_1x_participant_timer(void
*eloop_ctx, void *timeout_ctx)
participant->advised_capability =
MACSEC_CAP_NOT_IMPLEMENTED;
participant->to_use_sak = FALSE;
+ participant->ltx = FALSE;
+ participant->lrx = FALSE;
+ participant->otx = FALSE;
+ participant->orx = FALSE;
+ participant->is_key_server = FALSE;
+ participant->is_elected = FALSE;
kay->authenticated = TRUE;
kay->secured = FALSE;
kay->failed = FALSE;
--
2.6.1.133.gf5b6079
More information about the Hostap
mailing list