From: Jouni Malinen <j@w1.fi>
Date: Mon, 29 Dec 2014 11:03:01 +0000 (+0200)
Subject: Clear TK part of PTK after driver key configuration
X-Git-Tag: hostap_2_4~623
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7d711541dced759b34313477d5d163e65c5b0131;p=thirdparty%2Fhostap.git

Clear TK part of PTK after driver key configuration

There is no need for wpa_supplicant to maintain a copy of the TK part of
PTK after this has been configured to the driver, so clear that from
heap memory and only maintain KEK and KCK during association to allow
additional EAPOL-Key handshakes.

Signed-off-by: Jouni Malinen <j@w1.fi>
---

diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 9a6153adc..c88f1e407 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -609,6 +609,10 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm,
 		return -1;
 	}
 
+	/* TK is not needed anymore in supplicant */
+	os_memset(sm->ptk.tk1, 0, sizeof(sm->ptk.tk1));
+	os_memset(sm->ptk.u.tk2, 0, sizeof(sm->ptk.u.tk2));
+
 	if (sm->wpa_ptk_rekey) {
 		eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL);
 		eloop_register_timeout(sm->wpa_ptk_rekey, 0, wpa_sm_rekey_ptk,