aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrey Kartashev <andrey.kartashev@afconsult.com>2018-11-02 18:02:20 (GMT)
committerJouni Malinen <j@w1.fi>2018-12-26 14:42:26 (GMT)
commita8aeaf41df95ac6f979eb9014d0e2d17c46c671e (patch)
tree59d33d5a4baad2a7f4eb4d488c41c5375fcb5be1
parentc20cc5833eb615a2f840f8da3512cd586ed7e441 (diff)
downloadhostap-a8aeaf41df95ac6f979eb9014d0e2d17c46c671e.zip
hostap-a8aeaf41df95ac6f979eb9014d0e2d17c46c671e.tar.gz
hostap-a8aeaf41df95ac6f979eb9014d0e2d17c46c671e.tar.bz2
mka: Change MI if key invalid
It is possible to get a situation where a peer removes the Key Server from its live peers list but the server still thinks that the peer is alive (e.g., high packet loss in one direction). In such a case, the Key Server will continue to advertise Last Key but this peer will not be able to set up SA as it has already deleted its key. Change the peer MI which will force the Key Server to distribute a new SAK. Signed-off-by: Andrey Kartashev <andrey.kartashev@afconsult.com>
-rw-r--r--src/pae/ieee802_1x_kay.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c
index 8862a0a..3b4c79b 100644
--- a/src/pae/ieee802_1x_kay.c
+++ b/src/pae/ieee802_1x_kay.c
@@ -1385,6 +1385,7 @@ ieee802_1x_mka_decode_sak_use_body(
}
if (!found) {
wpa_printf(MSG_INFO, "KaY: Latest key is invalid");
+ reset_participant_mi(participant);
return -1;
}
if (os_memcmp(participant->lki.mi, body->lsrv_mi,