From: Jouni Malinen <jouni@qca.qualcomm.com>
Date: Thu, 29 Jan 2015 20:24:27 +0000 (+0200)
Subject: WPA auth: Clear temporary MSK storage from stack explicitly
X-Git-Tag: hostap_2_4~282
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=40aaa64f9fa9880d0e31b2996bdc5e29dfe45412;p=thirdparty%2Fhostap.git

WPA auth: Clear temporary MSK storage from stack explicitly

This reduces the duration of time a key may remain unnecessarily in
memory.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
---

diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 1905dc94e..f13f141f8 100644
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -1882,6 +1882,7 @@ SM_STATE(WPA_PTK, INITPMK)
 		wpa_printf(MSG_DEBUG, "WPA: Could not get PMK, get_msk: %p",
 			   sm->wpa_auth->cb.get_msk);
 	}
+	os_memset(msk, 0, sizeof(msk));
 
 	sm->req_replay_counter_used = 0;
 	/* IEEE 802.11i does not set keyRun to FALSE, but not doing this