From: Andrey Kartashev <andrey.kartashev@xxxxxxxxxxxxx>
It is possible to get situation when peer remove Key Server from its
live peers list but server still think that peer is alive (e.g. hight
packets loose in one direction). In such case Key Server will continue
to advertise Last Key but this peer will not be able to setup SA as it
is already delete its key.
This patch change the peer MI which will force Key Server to distribute
new SAK.
Signed-off-by: Andrey Kartashev <andrey.kartashev@xxxxxxxxxxxxx>
---
src/pae/ieee802_1x_kay.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c
index eac908415..daac099ed 100644
--- a/src/pae/ieee802_1x_kay.c
+++ b/src/pae/ieee802_1x_kay.c
@@ -1356,6 +1356,7 @@ ieee802_1x_mka_decode_sak_use_body(
}
if (!found) {
wpa_printf(MSG_WARNING, "KaY: Latest key is invalid");
+ reset_participant_mi(participant);
return -1;
}
if (os_memcmp(participant->lki.mi, body->lsrv_mi,
--
2.17.1
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
