aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2018-12-28 23:27:22 (GMT)
committerJouni Malinen <j@w1.fi>2018-12-29 09:05:39 (GMT)
commit626bc1fac2a671c98baaadda1c7147d3dc0fc95a (patch)
treebc4b0b3cf6d522ea0251c0abccadf4ff95694c93 /src
parent4060cb272bb3f00eec77af5d6afadde807985f77 (diff)
downloadhostap-626bc1fac2a671c98baaadda1c7147d3dc0fc95a.zip
hostap-626bc1fac2a671c98baaadda1c7147d3dc0fc95a.tar.gz
hostap-626bc1fac2a671c98baaadda1c7147d3dc0fc95a.tar.bz2
mka: Stop trying to generate and distribute new SAK when not key server
It was possible for a participant to first be elected as a key server and schedule a new SAK to be generated and distributed just to be followed by another participant being elected as the key server. That did not stop the participant that disabled key server functionality to stop generating the new SAK and then trying to distribute it. That is not correct behavior, so make these steps conditional on the participant still being a key server when going through the timer. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src')
-rw-r--r--src/pae/ieee802_1x_kay.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c
index 1d09e0b..4c2e70a 100644
--- a/src/pae/ieee802_1x_kay.c
+++ b/src/pae/ieee802_1x_kay.c
@@ -1528,7 +1528,8 @@ static Boolean
ieee802_1x_mka_dist_sak_body_present(
struct ieee802_1x_mka_participant *participant)
{
- return participant->to_dist_sak && participant->new_key;
+ return participant->is_key_server && participant->to_dist_sak &&
+ participant->new_key;
}
@@ -2584,7 +2585,7 @@ static void ieee802_1x_participant_timer(void *eloop_ctx, void *timeout_ctx)
}
}
- if (participant->new_sak) {
+ if (participant->new_sak && participant->is_key_server) {
if (!ieee802_1x_kay_generate_new_sak(participant))
participant->to_dist_sak = TRUE;