If we are in Key Refresh Phase 1, and receive a Secure Network beacon
using the new NetKey and with KR flag set to 0, Phase 2 should be
skipped. See MshPRFv1.0.1 section 3.10.4.1.
---
mesh/net.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/mesh/net.c b/mesh/net.c
index c225fdb9a..379a6e250 100644
--- a/mesh/net.c
+++ b/mesh/net.c
@@ -2613,7 +2613,8 @@ static bool update_kr_state(struct mesh_subnet *subnet, bool kr, uint32_t id)
{
/* Figure out the key refresh phase */
if (kr) {
- if (id == subnet->net_key_upd) {
+ if (subnet->kr_phase == KEY_REFRESH_PHASE_ONE &&
+ id == subnet->net_key_upd) {
l_debug("Beacon based KR phase 2 change");
return (key_refresh_phase_two(subnet->net, subnet->idx)
== MESH_STATUS_SUCCESS);
@@ -2754,7 +2755,7 @@ static void process_beacon(void *net_ptr, void *user_data)
ivu != net->iv_update)
updated |= update_iv_ivu_state(net, ivi, ivu);
- if (kr != local_kr)
+ if (kr != local_kr || beacon_data->net_key_id != subnet->net_key_cur)
updated |= update_kr_state(subnet, kr, beacon_data->net_key_id);
if (updated)
--
2.20.1
