On Mon, Jan 02, 2017 at 07:32:07PM +0900, Masashi Honma wrote:
> These commnds are mesh version of PMKSA_GET/ADD commands. So the usage
> and security risk is similar to them. Refer
> Commit 3459381dd260e15e7bf768a75cb0b799cc1db33a ('External persistent
> storage for PMKSA cache entries') also.
>
> The MESH_PMKSA_GET command requires peer MAC address or "ANY" as an
> argument and outputs appropriate stored PMKSA cache. And the
> MESH_PMKSA_ADD command receives an output of MESH_PMKSA_GET and re-store
> the PMKSA cache into wpa_supplicant. By using re-stored PMKSA cache,
> wpa_supplicant can skip commit massage creation which spends many CPU
> resource.
>
> The output of the MESH_PMKSA_GET command uses the following format:
> <BSSID> <PMKID> <PMK> <expiration in seconds>
>
> The example of MESH_PMKSA_ADD command is this.
> MESH_PMKSA_ADD 02:00:00:00:03:00 231dc1c9fa2eed0354ea49e8ff2cc2dc cb0f6c9cab358a8146488566ca155421ab4f3ea4a6de2120050c149b797018fe 42930
> MESH_PMKSA_ADD 02:00:00:00:04:00 d7e595916611640d3e4e8eac02909c3c eb414a33c74831275f25c2357b3c12e3d8bd2f2aab6cf781d6ade706be71321a 43180
>
> This functionality is disabled by default and can be enabled with
> CONFIG_PMKSA_CACHE_EXTERNAL=y build configuration option.
Thanks, applied with some cleanup.
--
Jouni Malinen PGP id EFC895FA
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
