mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-18 10:54:03 -05:00
eap_proxy: On SIM error flush PMKSAs only for SIM/AKA/AKA' networks
Previously, SIM state change with SIM_STATE_ERROR cleared all PMKSA entries (including non-SIM networks). Limit this to networks which use SIM-based authentication methods to avoid unnecessarily removal of PMKSA entries. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
6c7a7c7996
commit
c167662d73
@ -10,6 +10,7 @@
|
||||
|
||||
#include "common.h"
|
||||
#include "eapol_supp/eapol_supp_sm.h"
|
||||
#include "eap_peer/eap.h"
|
||||
#include "rsn_supp/wpa.h"
|
||||
#include "eloop.h"
|
||||
#include "config.h"
|
||||
@ -911,6 +912,33 @@ static void wpa_supplicant_eap_proxy_cb(void *ctx)
|
||||
}
|
||||
|
||||
|
||||
static void wpa_sm_sim_state_error_handler(struct wpa_supplicant *wpa_s)
|
||||
{
|
||||
int i;
|
||||
struct wpa_ssid *ssid;
|
||||
const struct eap_method_type *eap_methods;
|
||||
|
||||
if (!wpa_s->conf)
|
||||
return;
|
||||
|
||||
for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
|
||||
eap_methods = ssid->eap.eap_methods;
|
||||
if (!eap_methods)
|
||||
continue;
|
||||
|
||||
for (i = 0; eap_methods[i].method != EAP_TYPE_NONE; i++) {
|
||||
if (eap_methods[i].vendor == EAP_VENDOR_IETF &&
|
||||
(eap_methods[i].method == EAP_TYPE_SIM ||
|
||||
eap_methods[i].method == EAP_TYPE_AKA ||
|
||||
eap_methods[i].method == EAP_TYPE_AKA_PRIME)) {
|
||||
wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
static void
|
||||
wpa_supplicant_eap_proxy_notify_sim_status(void *ctx,
|
||||
enum eap_proxy_sim_state sim_state)
|
||||
@ -920,7 +948,7 @@ wpa_supplicant_eap_proxy_notify_sim_status(void *ctx,
|
||||
wpa_printf(MSG_DEBUG, "eap_proxy: SIM card status %u", sim_state);
|
||||
switch (sim_state) {
|
||||
case SIM_STATE_ERROR:
|
||||
wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
|
||||
wpa_sm_sim_state_error_handler(wpa_s);
|
||||
break;
|
||||
default:
|
||||
wpa_printf(MSG_DEBUG, "eap_proxy: SIM card status unknown");
|
||||
|
Loading…
Reference in New Issue
Block a user