[PATCH] MKA: Reliable election of the key_server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue Jul 21 08:38:17 EDT 2020, Mickael Chazaux wrote:

> A reliable election of the key_server can be obtained by :
>	- not changing the MI (the "0 && " in the patch) randomly,
>	- and ignoring (eg commenting out) the if(peer->is_key_server) check 
>	  in the election function.

> This is because the election function is called only when there is a new
> peer added or deleted to the live list, but it should be called also when 
> the MKPDU KeyServer flag changes for a peer. Simple test : use three devices, 
> let them elect one as the key server, and then kill the key server. The remaining
> have KeyServer == 0 in their MKPDUs at the deletion of the key server from the 
> live list, and each declares "I am the key server, because the other has KS=0". 
>This is of course random. Sometimes one gets elected, sometimes they lock up.

I concur.

@@ -2290,9 +2319,6 @@ ieee802_1x_kay_elect_key_server(struct ieee802_1x_mka_participant *participant)
        /* elect the key server among the peers */
        dl_list_for_each(peer, &participant->live_peers,
                         struct ieee802_1x_kay_peer, list) {
-               if (!peer->is_key_server)
-                       continue;
-
                if (!key_server) {
                        key_server = peer;
                        continue;

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux