From: Jouni Malinen <jouni@codeaurora.org>
Date: Thu, 18 Apr 2019 15:17:07 +0000 (+0300)
Subject: WPA: Clear authenticator keys for a STA on deinit/disconnection
X-Git-Tag: hostap_2_8~17
X-Git-Url: http://git.ipfire.org/?p=thirdparty%2Fhostap.git;a=commitdiff_plain;h=09ab81b9e899730bcd257eb1c216e7bacd44a352;ds=sidebyside

WPA: Clear authenticator keys for a STA on deinit/disconnection

Do not leave keys in heap memory after they are no longer needed.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
---

diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index a956e527b..158207125 100644
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -712,7 +712,7 @@ static void wpa_free_sta_sm(struct wpa_state_machine *sm)
 #ifdef CONFIG_DPP2
 	wpabuf_clear_free(sm->dpp_z);
 #endif /* CONFIG_DPP2 */
-	os_free(sm);
+	bin_clear_free(sm, sizeof(*sm));
 }
 
 
@@ -1743,6 +1743,12 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event)
 	case WPA_DEAUTH:
 	case WPA_DISASSOC:
 		sm->DeauthenticationRequest = TRUE;
+#ifdef CONFIG_IEEE80211R_AP
+		os_memset(sm->PMK, 0, sizeof(sm->PMK));
+		sm->pmk_len = 0;
+		os_memset(sm->xxkey, 0, sizeof(sm->xxkey));
+		sm->xxkey_len = 0;
+#endif /* CONFIG_IEEE80211R_AP */
 		break;
 	case WPA_REAUTH:
 	case WPA_REAUTH_EAPOL: