Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 42762master
parent
b5529ed26b
commit
cd80931e03
@ -0,0 +1,32 @@ |
||||
From 9c829900bb01d6fb22e78ba78195c78de39f64b9 Mon Sep 17 00:00:00 2001
|
||||
From: Jouni Malinen <j@w1.fi>
|
||||
Date: Sat, 04 Oct 2014 19:11:00 +0000
|
||||
Subject: Fix authenticator OKC fetch from PMKSA cache to avoid infinite loop
|
||||
|
||||
If the first entry in the PMKSA cache did not match the station's MAC
|
||||
address, an infinite loop could be reached in pmksa_cache_get_okc() when
|
||||
trying to find a PMKSA cache entry for opportunistic key caching cases.
|
||||
This would only happen if OKC is enabled (okc=1 included in the
|
||||
configuration file).
|
||||
|
||||
Signed-off-by: Jouni Malinen <j@w1.fi>
|
||||
---
|
||||
--- a/src/ap/pmksa_cache_auth.c
|
||||
+++ b/src/ap/pmksa_cache_auth.c
|
||||
@@ -394,15 +394,13 @@ struct rsn_pmksa_cache_entry * pmksa_cac
|
||||
struct rsn_pmksa_cache_entry *entry;
|
||||
u8 new_pmkid[PMKID_LEN];
|
||||
|
||||
- entry = pmksa->pmksa;
|
||||
- while (entry) {
|
||||
+ for (entry = pmksa->pmksa; entry; entry = entry->next) {
|
||||
if (os_memcmp(entry->spa, spa, ETH_ALEN) != 0)
|
||||
continue;
|
||||
rsn_pmkid(entry->pmk, entry->pmk_len, aa, spa, new_pmkid,
|
||||
wpa_key_mgmt_sha256(entry->akmp));
|
||||
if (os_memcmp(new_pmkid, pmkid, PMKID_LEN) == 0)
|
||||
return entry;
|
||||
- entry = entry->next;
|
||||
}
|
||||
return NULL;
|
||||
}
|
Loading…
Reference in new issue