aboutsummaryrefslogtreecommitdiffstats
path: root/src/rsn_supp
diff options
context:
space:
mode:
authorJouni Malinen <jouni@qca.qualcomm.com>2015-03-06 16:40:28 (GMT)
committerJouni Malinen <j@w1.fi>2015-03-06 16:43:03 (GMT)
commitac8e074ec14583a7265fe711cb369b8dad1f099d (patch)
tree8c162f3538503da007f09a752b9b752f6a87d048 /src/rsn_supp
parent9cc223c2f57adaa4d1dbb6dee6f5caa228b54d98 (diff)
downloadhostap-ac8e074ec14583a7265fe711cb369b8dad1f099d.zip
hostap-ac8e074ec14583a7265fe711cb369b8dad1f099d.tar.gz
hostap-ac8e074ec14583a7265fe711cb369b8dad1f099d.tar.bz2
Clear RSN timers for preauth and PTK rekeying on disassociation
Previously, it was possible for the wpa_sm_start_preauth() and wpa_sm_rekey_ptk() eloop callbacks to remain active after disconnection and potentially continue to be used for the next association. This is not correct behavior, so explicitly cancel these timeouts to avoid unexpected attempts to complete RSN preauthentication or to request PTK to be rekeyed. It was possible to trigger this issue, e.g., by running the following hwsim test case sequence: ap_wpa2_ptk_rekey ap_ft_sae_over_ds Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'src/rsn_supp')
-rw-r--r--src/rsn_supp/wpa.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index b892a66..37e4b35 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -2282,6 +2282,8 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
*/
void wpa_sm_notify_disassoc(struct wpa_sm *sm)
{
+ eloop_cancel_timeout(wpa_sm_start_preauth, sm, NULL);
+ eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL);
peerkey_deinit(sm);
rsn_preauth_deinit(sm);
pmksa_cache_clear_current(sm);