Signed-off-by: Masashi Honma <masashi.honma@xxxxxxxxx> --- src/ap/ctrl_iface_ap.c | 5 +++++ src/ap/ctrl_iface_ap.h | 1 + src/ap/pmksa_cache_auth.c | 14 ++++++++++++++ src/ap/pmksa_cache_auth.h | 1 + src/ap/wpa_auth.c | 6 ++++++ src/ap/wpa_auth.h | 1 + wpa_supplicant/ap.c | 16 ++++++++++++++++ wpa_supplicant/ap.h | 1 + wpa_supplicant/ctrl_iface.c | 9 ++++++++- 9 files changed, 53 insertions(+), 1 deletion(-) diff --git a/src/ap/ctrl_iface_ap.c b/src/ap/ctrl_iface_ap.c index 8ac8d52..c2db8bf 100644 --- a/src/ap/ctrl_iface_ap.c +++ b/src/ap/ctrl_iface_ap.c @@ -560,3 +560,8 @@ int hostapd_ctrl_iface_pmksa_list(struct hostapd_data *hapd, char *buf, { return wpa_auth_pmksa_list(hapd->wpa_auth, buf, len); } + +void hostapd_ctrl_iface_pmksa_flush(struct hostapd_data *hapd) +{ + wpa_auth_pmksa_flush(hapd->wpa_auth); +} diff --git a/src/ap/ctrl_iface_ap.h b/src/ap/ctrl_iface_ap.h index 43c9f7c..3ad622f 100644 --- a/src/ap/ctrl_iface_ap.h +++ b/src/ap/ctrl_iface_ap.h @@ -26,5 +26,6 @@ int hostapd_parse_csa_settings(const char *pos, int hostapd_ctrl_iface_stop_ap(struct hostapd_data *hapd); int hostapd_ctrl_iface_pmksa_list(struct hostapd_data *hapd, char *buf, size_t len); +void hostapd_ctrl_iface_pmksa_flush(struct hostapd_data *hapd); #endif /* CTRL_IFACE_AP_H */ diff --git a/src/ap/pmksa_cache_auth.c b/src/ap/pmksa_cache_auth.c index 9fdaead..1728eca 100644 --- a/src/ap/pmksa_cache_auth.c +++ b/src/ap/pmksa_cache_auth.c @@ -92,6 +92,20 @@ void pmksa_cache_free_entry(struct rsn_pmksa_cache *pmksa, } +/** + * pmksa_cache_auth_flush - Flush all PMKSA cache entries + * @pmksa: Pointer to PMKSA cache data from pmksa_cache_auth_init() + */ +void pmksa_cache_auth_flush(struct rsn_pmksa_cache *pmksa) +{ + while (pmksa->pmksa) { + wpa_printf(MSG_DEBUG, "RSN: Flush PMKSA cache entry for " + MACSTR, MAC2STR(pmksa->pmksa->spa)); + pmksa_cache_free_entry(pmksa, pmksa->pmksa); + } +} + + static void pmksa_cache_expire(void *eloop_ctx, void *timeout_ctx) { struct rsn_pmksa_cache *pmksa = eloop_ctx; diff --git a/src/ap/pmksa_cache_auth.h b/src/ap/pmksa_cache_auth.h index aa6f4cd..d8d9c5a 100644 --- a/src/ap/pmksa_cache_auth.h +++ b/src/ap/pmksa_cache_auth.h @@ -64,5 +64,6 @@ void pmksa_cache_free_entry(struct rsn_pmksa_cache *pmksa, int pmksa_cache_auth_radius_das_disconnect(struct rsn_pmksa_cache *pmksa, struct radius_das_attrs *attr); int pmksa_cache_auth_list(struct rsn_pmksa_cache *pmksa, char *buf, size_t len); +void pmksa_cache_auth_flush(struct rsn_pmksa_cache *pmksa); #endif /* PMKSA_CACHE_H */ diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 885c44f..b6a1568 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -3366,6 +3366,12 @@ int wpa_auth_pmksa_list(struct wpa_authenticator *wpa_auth, char *buf, } +void wpa_auth_pmksa_flush(struct wpa_authenticator *wpa_auth) +{ + pmksa_cache_auth_flush(wpa_auth->pmksa); +} + + /* * Remove and free the group from wpa_authenticator. This is triggered by a * callback to make sure nobody is currently iterating the group list while it diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h index 9b9a61c..35bf604 100644 --- a/src/ap/wpa_auth.h +++ b/src/ap/wpa_auth.h @@ -291,6 +291,7 @@ void wpa_auth_pmksa_remove(struct wpa_authenticator *wpa_auth, const u8 *sta_addr); int wpa_auth_pmksa_list(struct wpa_authenticator *wpa_auth, char *buf, size_t len); +void wpa_auth_pmksa_flush(struct wpa_authenticator *wpa_auth); int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, int vlan_id); void wpa_auth_eapol_key_tx_status(struct wpa_authenticator *wpa_auth, struct wpa_state_machine *sm, int ack); diff --git a/wpa_supplicant/ap.c b/wpa_supplicant/ap.c index 50a7a26..5efc7de 100644 --- a/wpa_supplicant/ap.c +++ b/wpa_supplicant/ap.c @@ -1395,6 +1395,22 @@ int wpas_ap_pmksa_cache_list(struct wpa_supplicant *wpa_s, char *buf, } +void wpas_ap_pmksa_cache_flush(struct wpa_supplicant *wpa_s) +{ + size_t i; + + if (wpa_s->ap_iface) { + for (i = 0; i < wpa_s->ap_iface->num_bss; i++) { + hostapd_ctrl_iface_pmksa_flush(wpa_s->ap_iface->bss[i]); + } + } + + if (wpa_s->ifmsh) { + hostapd_ctrl_iface_pmksa_flush(wpa_s->ifmsh->bss[0]); + } +} + + #ifdef NEED_AP_MLME void wpas_event_dfs_radar_detected(struct wpa_supplicant *wpa_s, struct dfs_event *radar) diff --git a/wpa_supplicant/ap.h b/wpa_supplicant/ap.h index c3c1d9f..5a59ddc 100644 --- a/wpa_supplicant/ap.h +++ b/wpa_supplicant/ap.h @@ -84,6 +84,7 @@ int wpas_ap_stop_ap(struct wpa_supplicant *wpa_s); int wpas_ap_pmksa_cache_list(struct wpa_supplicant *wpa_s, char *buf, size_t len); +void wpas_ap_pmksa_cache_flush(struct wpa_supplicant *wpa_s); void wpas_event_dfs_radar_detected(struct wpa_supplicant *wpa_s, struct dfs_event *radar); diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index 3cee2ea..07ae965 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -8336,6 +8336,13 @@ static int wpa_supplicant_ctrl_iface_pmksa(struct wpa_supplicant *wpa_s, } +static void wpa_supplicant_ctrl_iface_pmksa_flush(struct wpa_supplicant *wpa_s) +{ + wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL); + wpas_ap_pmksa_cache_flush(wpa_s); +} + + static int wpas_ctrl_cmd_debug_level(const char *cmd) { if (os_strcmp(cmd, "PING") == 0 || @@ -8410,7 +8417,7 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, reply_len = wpa_supplicant_ctrl_iface_pmksa( wpa_s, reply, reply_size); } else if (os_strcmp(buf, "PMKSA_FLUSH") == 0) { - wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL); + wpa_supplicant_ctrl_iface_pmksa_flush(wpa_s); } else if (os_strncmp(buf, "SET ", 4) == 0) { if (wpa_supplicant_ctrl_iface_set(wpa_s, buf + 4)) reply_len = -1; -- 2.5.0 _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap