git.ipfire.org Git - thirdparty/hostap.git/commit

author	Jouni Malinen <quic_jouni@quicinc.com>
	Fri, 10 Feb 2023 10:31:01 +0000 (12:31 +0200)
committer	Jouni Malinen <j@w1.fi>
	Fri, 10 Feb 2023 10:31:01 +0000 (12:31 +0200)
commit	72b8193f41592944b8a90d7773c3b5719bb440e2
tree	887247affa39c53f44e09fb9babbf9794d1fd667	tree
parent	3915e8834eed17d78b70b4a5ab1caee0d1ae09ff	commit \| diff

MACsec: Remove EAP Session-Id length constraint

The initial MACsec implementation required the EAP Session-Id to be at
least 65 octets long and by truncating the value to that length, the
practical limit of functional cases was limited to that exact length of
65 octets. While that happens to work with EAP method that use TLS, it
does not work with most other EAP methods.

Remove the EAP Session-Id length constraint and allow any length of the
Session-Id as long as the EAP method provides one. In addition, simplify
this be removing the unnecessary copying of the Session Id into a new
allocated buffer.

Fixes: dd10abccc86d ("MACsec: wpa_supplicant integration")
Fixes: a93b369c17b3 ("macsec: Support IEEE 802.1X(EAP)/PSK MACsec Key Agreement in hostapd")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>

src/ap/wpa_auth_kay.c		diff \| blob \| blame \| history
wpa_supplicant/wpas_kay.c		diff \| blob \| blame \| history