From: Thomas Winter <Thomas.Winter@alliedtelesis.co.nz>
Date: Tue, 27 Aug 2019 03:55:34 +0000 (+1200)
Subject: mka: Change RECEIVE and RETIRE states to match the standard
X-Git-Tag: hostap_2_10~2352
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=0fedfba2e209188930a6d7b1b59f6ecb41913550;p=thirdparty%2Fhostap.git

mka: Change RECEIVE and RETIRE states to match the standard

The RECEIVE and RETIRE states were incorrect which can result in
incorrect information being advertised in SAKuse MKPDUs. Change these to
match IEEE Std 802.1X-2010, Figure 12-2 (CP state machine).

hostapd/wpa_supplicant implemented an interpretation of the standard as
described in a proposed amendment titled "MKA pending PN exhastion"
which was deemed to be wrong. This amendment was included in IEEE Std
802.1Xck-2018.

Signed-off-by: Thomas Winter <Thomas.Winter@alliedtelesis.co.nz>
---

diff --git a/src/pae/ieee802_1x_cp.c b/src/pae/ieee802_1x_cp.c
index 1c4dc3e63..574b53f41 100644
--- a/src/pae/ieee802_1x_cp.c
+++ b/src/pae/ieee802_1x_cp.c
@@ -212,18 +212,6 @@ SM_STATE(CP, SECURED)
 SM_STATE(CP, RECEIVE)
 {
 	SM_ENTRY(CP, RECEIVE);
-	/* RECEIVE state machine not keep with Figure 12-2 in
-	 * IEEE Std 802.1X-2010 */
-	if (sm->oki) {
-		ieee802_1x_kay_delete_sas(sm->kay, sm->oki);
-		os_free(sm->oki);
-	}
-	sm->oki = sm->lki;
-	sm->oan = sm->lan;
-	sm->otx = sm->ltx;
-	sm->orx = sm->lrx;
-	ieee802_1x_kay_set_old_sa_attr(sm->kay, sm->oki, sm->oan,
-				       sm->otx, sm->orx);
 
 	sm->lki = os_malloc(sizeof(*sm->lki));
 	if (!sm->lki) {
@@ -320,17 +308,23 @@ SM_STATE(CP, ABANDON)
 SM_STATE(CP, RETIRE)
 {
 	SM_ENTRY(CP, RETIRE);
-	/* RETIRE state machine not keep with Figure 12-2 in
-	 * IEEE Std 802.1X-2010 */
 	if (sm->oki) {
 		ieee802_1x_kay_delete_sas(sm->kay, sm->oki);
 		os_free(sm->oki);
 		sm->oki = NULL;
 	}
-	sm->orx = FALSE;
-	sm->otx = FALSE;
+	sm->oki = sm->lki;
+	sm->otx = sm->ltx;
+	sm->orx = sm->lrx;
+	sm->oan = sm->lan;
 	ieee802_1x_kay_set_old_sa_attr(sm->kay, sm->oki, sm->oan,
 				       sm->otx, sm->orx);
+	sm->lki = NULL;
+	sm->ltx = FALSE;
+	sm->lrx = FALSE;
+	sm->lan = 0;
+	ieee802_1x_kay_set_latest_sa_attr(sm->kay, sm->lki, sm->lan,
+					  sm->ltx, sm->lrx);
 }