Re: [PATCH 41/44] FT: convert r0_key_lifetime to seconds

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Feb 24, 2016 at 12:53:47PM +0100, michael-dev@xxxxxxxxxxxxx wrote:
> Simplifies testing. All other items are seconds as well.

> diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf
> @@ -1273,7 +1273,7 @@ own_ip_addr=127.0.0.1
> -# Default lifetime of the PMK-RO in minutes; range 1..65535
> +# Default lifetime of the PMK-RO in seconds; range 1..65535
>  # (default: 60 minutes; 0 = disable timeout)
>  # (dot11FTR0KeyLifetime)
>  #r0_key_lifetime=10000

This is problematic since this would change the interpretation of an
existing configuration parameter. In addition, the range here is not
valid. Interestingly dot11FTR0KeyLifetime is actually defined to use
seconds as the unit and 60..4294967295 as the allowed range and 1209600
as the default value. Maybe that changed at some point during P802.11r
development and the hostapd design did not get updated to match..

Normally, I'd prefer a new configuration file parameter to be added if
the design changes in this manner and then leaving the old parameter in
place for backwards compatibility. For example, ft_r0_key_lifetime could
be defined as the new value and if r0_key_lifetime is set in the
configuration file, that could be parsed to ft_r0_key_lifetime with 60
times the value. This would avoid unexpected changes in behavior if
someone updates hostapd and continues to use an old configuration file.

The documentation in hostapd.conf should specify 60 as the minimum
value, but it is convenient to allow smaller values for testing
purposes.

-- 
Jouni Malinen                                            PGP id EFC895FA

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux