mka: Clear out old/latest key values on CHANGE in CP state machine

The associated SAs have been deleted and the key server has changed so
there's no point in keeping the key values.

Note that this isn't specified in IEEE Std 802.1X-2010.

Signed-off-by: Thomas Winter <Thomas.Winter@alliedtelesis.co.nz>
This commit is contained in:
Thomas Winter 2019-08-27 15:55:36 +12:00 committed by Jouni Malinen
parent 536a7cfcf7
commit 547ba732d3

View File

@ -141,6 +141,24 @@ SM_STATE(CP, CHANGE)
ieee802_1x_kay_delete_sas(sm->kay, sm->lki);
if (sm->oki)
ieee802_1x_kay_delete_sas(sm->kay, sm->oki);
/* The standard doesn't say it but we should clear out the latest
* and old key values. Why would we keep advertising them if
* they've been deleted and the key server has been changed?
*/
os_free(sm->oki);
sm->oki = NULL;
sm->otx = FALSE;
sm->orx = FALSE;
sm->oan = 0;
ieee802_1x_kay_set_old_sa_attr(sm->kay, sm->oki, sm->oan,
sm->otx, sm->orx);
os_free(sm->lki);
sm->lki = NULL;
sm->lrx = FALSE;
sm->ltx = FALSE;
sm->lan = 0;
ieee802_1x_kay_set_latest_sa_attr(sm->kay, sm->lki, sm->lan,
sm->ltx, sm->lrx);
}