aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant/sme.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2014-12-29 16:40:10 (GMT)
committerJouni Malinen <j@w1.fi>2014-12-29 18:00:02 (GMT)
commit4e70bbf1c68579b3223f1cac0ffcdbf1c52b4a55 (patch)
treed54c7efcc842a956cbadc58cbd1f9a19d5d90af0 /wpa_supplicant/sme.c
parentfbfc974c6c4307a61b3b4eaf31923d3533dd52de (diff)
downloadhostap-4e70bbf1c68579b3223f1cac0ffcdbf1c52b4a55.zip
hostap-4e70bbf1c68579b3223f1cac0ffcdbf1c52b4a55.tar.gz
hostap-4e70bbf1c68579b3223f1cac0ffcdbf1c52b4a55.tar.bz2
SAE: Clear keys from memory on disassociation
There is no need to keep temporary keys in memory beyond the end of the association, so explicitly clear any SAE buffers that can contain keys as soon as such keys are not needed. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'wpa_supplicant/sme.c')
-rw-r--r--wpa_supplicant/sme.c21
1 files changed, 16 insertions, 5 deletions
diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
index 53caade..80c280a 100644
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -1099,6 +1099,21 @@ void sme_disassoc_while_authenticating(struct wpa_supplicant *wpa_s,
}
+void sme_clear_on_disassoc(struct wpa_supplicant *wpa_s)
+{
+ wpa_s->sme.prev_bssid_set = 0;
+#ifdef CONFIG_SAE
+ wpabuf_free(wpa_s->sme.sae_token);
+ wpa_s->sme.sae_token = NULL;
+ sae_clear_data(&wpa_s->sme.sae);
+#endif /* CONFIG_SAE */
+#ifdef CONFIG_IEEE80211R
+ if (wpa_s->sme.ft_ies)
+ sme_update_ft_ies(wpa_s, NULL, NULL, 0);
+#endif /* CONFIG_IEEE80211R */
+}
+
+
void sme_deinit(struct wpa_supplicant *wpa_s)
{
os_free(wpa_s->sme.ft_ies);
@@ -1107,11 +1122,7 @@ void sme_deinit(struct wpa_supplicant *wpa_s)
#ifdef CONFIG_IEEE80211W
sme_stop_sa_query(wpa_s);
#endif /* CONFIG_IEEE80211W */
-#ifdef CONFIG_SAE
- wpabuf_free(wpa_s->sme.sae_token);
- wpa_s->sme.sae_token = NULL;
- sae_clear_data(&wpa_s->sme.sae);
-#endif /* CONFIG_SAE */
+ sme_clear_on_disassoc(wpa_s);
eloop_cancel_timeout(sme_assoc_timer, wpa_s, NULL);
eloop_cancel_timeout(sme_auth_timer, wpa_s, NULL);