WPA: Clear authenticator keys for a STA on deinit/disconnection

[thirdparty/hostap.git] / src / ap / wpa_auth.c

diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 4c7fe05b0ce96eb147b8034abbf161071dd68d3b..158207125eaa7565797cb3c94c1994f65ef1e0f7 100644 (file)
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -712,7 +712,7 @@ static void wpa_free_sta_sm(struct wpa_state_machine *sm)
 #ifdef CONFIG_DPP2
        wpabuf_clear_free(sm->dpp_z);
 #endif /* CONFIG_DPP2 */
-       os_free(sm);
+       bin_clear_free(sm, sizeof(*sm));
 }
 
 
@@ -1743,6 +1743,12 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event)
        case WPA_DEAUTH:
        case WPA_DISASSOC:
                sm->DeauthenticationRequest = TRUE;
+#ifdef CONFIG_IEEE80211R_AP
+               os_memset(sm->PMK, 0, sizeof(sm->PMK));
+               sm->pmk_len = 0;
+               os_memset(sm->xxkey, 0, sizeof(sm->xxkey));
+               sm->xxkey_len = 0;
+#endif /* CONFIG_IEEE80211R_AP */
                break;
        case WPA_REAUTH:
        case WPA_REAUTH_EAPOL:
@@ -1783,6 +1789,7 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event)
 
                /* Using FT protocol, not WPA auth state machine */
                sm->ft_completed = 1;
+               wpa_auth_set_ptk_rekey_timer(sm);
                return 0;
 #else /* CONFIG_IEEE80211R_AP */
                break;
@@ -2195,7 +2202,7 @@ static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *snonce,
 
 #ifdef CONFIG_IEEE80211R_AP
        if (wpa_key_mgmt_ft(sm->wpa_key_mgmt))
-               return wpa_auth_derive_ptk_ft(sm, pmk, ptk);
+               return wpa_auth_derive_ptk_ft(sm, ptk);
 #endif /* CONFIG_IEEE80211R_AP */
 
 #ifdef CONFIG_DPP2