aboutsummaryrefslogtreecommitdiffstats
path: root/src/ap/wpa_auth_i.h
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2010-11-23 22:52:46 (GMT)
committerJouni Malinen <j@w1.fi>2010-11-23 22:52:46 (GMT)
commit1bdb7ab3af9b78414592808e8467bcb3e3d82e04 (patch)
treea32f498f91bbfe2836a65dc0b0d01fcb4194529a /src/ap/wpa_auth_i.h
parent38484f69f92b6c0083eae8ea9ec48777ee04a081 (diff)
downloadhostap-1bdb7ab3af9b78414592808e8467bcb3e3d82e04.zip
hostap-1bdb7ab3af9b78414592808e8467bcb3e3d82e04.tar.gz
hostap-1bdb7ab3af9b78414592808e8467bcb3e3d82e04.tar.bz2
Re-initialize GMK and Key Counter on first station connection
This adds more time for the system entropy pool to be filled before requesting random data for generating the WPA/WPA2 encryption keys. This can be helpful especially on embedded devices that do not have hardware random number generator and may lack good sources of randomness especially early in the bootup sequence when hostapd is likely to be started. GMK and Key Counter are still initialized once in the beginning to match the RSN Authenticator state machine behavior and to make sure that the driver does not transmit broadcast frames unencrypted. However, both GMK (and GTK derived from it) and Key Counter will be re-initialized when the first station connects and is about to enter 4-way handshake.
Diffstat (limited to 'src/ap/wpa_auth_i.h')
-rw-r--r--src/ap/wpa_auth_i.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/src/ap/wpa_auth_i.h b/src/ap/wpa_auth_i.h
index b69129f..bc6962f 100644
--- a/src/ap/wpa_auth_i.h
+++ b/src/ap/wpa_auth_i.h
@@ -145,6 +145,7 @@ struct wpa_group {
u8 GTK[2][WPA_GTK_MAX_LEN];
u8 GNonce[WPA_NONCE_LEN];
Boolean changed;
+ Boolean first_sta_seen;
#ifdef CONFIG_IEEE80211W
u8 IGTK[2][WPA_IGTK_LEN];
int GN_igtk, GM_igtk;