Commit 059675c3 authored by nbd's avatar nbd

hostapd: merge an upstream patch for pmksa cache

Signed-off-by: default avatarFelix Fietkau <nbd@openwrt.org>

Backport of r42762

git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42763 3c298f89-4303-0410-b956-a3cf2f4a3e73
parent d26726db
From 9c829900bb01d6fb22e78ba78195c78de39f64b9 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sat, 04 Oct 2014 19:11:00 +0000
Subject: Fix authenticator OKC fetch from PMKSA cache to avoid infinite loop
If the first entry in the PMKSA cache did not match the station's MAC
address, an infinite loop could be reached in pmksa_cache_get_okc() when
trying to find a PMKSA cache entry for opportunistic key caching cases.
This would only happen if OKC is enabled (okc=1 included in the
configuration file).
Signed-off-by: Jouni Malinen <j@w1.fi>
---
--- a/src/ap/pmksa_cache_auth.c
+++ b/src/ap/pmksa_cache_auth.c
@@ -394,15 +394,13 @@ struct rsn_pmksa_cache_entry * pmksa_cac
struct rsn_pmksa_cache_entry *entry;
u8 new_pmkid[PMKID_LEN];
- entry = pmksa->pmksa;
- while (entry) {
+ for (entry = pmksa->pmksa; entry; entry = entry->next) {
if (os_memcmp(entry->spa, spa, ETH_ALEN) != 0)
continue;
rsn_pmkid(entry->pmk, entry->pmk_len, aa, spa, new_pmkid,
wpa_key_mgmt_sha256(entry->akmp));
if (os_memcmp(new_pmkid, pmkid, PMKID_LEN) == 0)
return entry;
- entry = entry->next;
}
return NULL;
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment