The RECEIVE and RETIRE states are incorrect which can result in incorrect information being advertised in SAKuse MKPDUs. These have been changed to match IEEE 802.1X-2010 Figure 12-2 CP state machine. Hostap implemented an interpretation of the standard as described in a proposed amendment titled "MKA pending PN exhastion" which was deemed to be wrong. This amendment was included in IEEE 802.1Xck-2018. Signed-off-by: Thomas Winter <Thomas.Winter@xxxxxxxxxxxxxxxxxxx> --- src/pae/ieee802_1x_cp.c | 26 ++++++++++---------------- 1 file changed, 10 insertions(+), 16 deletions(-) diff --git a/src/pae/ieee802_1x_cp.c b/src/pae/ieee802_1x_cp.c index 1c4dc3e63..ab6abda24 100644 --- a/src/pae/ieee802_1x_cp.c +++ b/src/pae/ieee802_1x_cp.c @@ -212,18 +212,6 @@ SM_STATE(CP, SECURED) SM_STATE(CP, RECEIVE) { SM_ENTRY(CP, RECEIVE); - /* RECEIVE state machine not keep with Figure 12-2 in - * IEEE Std 802.1X-2010 */ - if (sm->oki) { - ieee802_1x_kay_delete_sas(sm->kay, sm->oki); - os_free(sm->oki); - } - sm->oki = sm->lki; - sm->oan = sm->lan; - sm->otx = sm->ltx; - sm->orx = sm->lrx; - ieee802_1x_kay_set_old_sa_attr(sm->kay, sm->oki, sm->oan, - sm->otx, sm->orx); sm->lki = os_malloc(sizeof(*sm->lki)); if (!sm->lki) { @@ -320,17 +308,23 @@ SM_STATE(CP, ABANDON) SM_STATE(CP, RETIRE) { SM_ENTRY(CP, RETIRE); - /* RETIRE state machine not keep with Figure 12-2 in - * IEEE Std 802.1X-2010 */ if (sm->oki) { ieee802_1x_kay_delete_sas(sm->kay, sm->oki); os_free(sm->oki); sm->oki = NULL; } - sm->orx = FALSE; - sm->otx = FALSE; + sm->oki = sm->lki; + sm->otx = sm->ltx; + sm->orx = sm->lrx; + sm->oan = sm->lan; ieee802_1x_kay_set_old_sa_attr(sm->kay, sm->oki, sm->oan, sm->otx, sm->orx); + sm->lrx = FALSE; + sm->ltx = FALSE; + sm->lan = 0; + sm->lki = NULL; + ieee802_1x_kay_set_latest_sa_attr(sm->kay, sm->lki, sm->lan, + sm->ltx, sm->lrx); } -- 2.23.0 _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap