When a deauthentication frame is received, clear the
corresponding PTKSA cache entry for the given station,
to invalidate previous PTK information.
Signed-off-by: Ilan Peer <ilan.peer@xxxxxxxxx>
---
src/ap/ieee802_11.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 4f9a0c2d6e..1ffdd262b3 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -5910,6 +5910,11 @@ static void handle_deauth(struct hostapd_data *hapd,
" reason_code=%d",
MAC2STR(mgmt->sa), le_to_host16(mgmt->u.deauth.reason_code));
+ wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Flushing PTKSA cache for: " MACSTR,
+ MAC2STR(mgmt->sa));
+
+ ptksa_cache_flush(hapd->ptksa, mgmt->sa, WPA_CIPHER_NONE);
+
sta = ap_get_sta(hapd, mgmt->sa);
if (sta == NULL) {
wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR " trying "
--
2.17.1
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
