Patchwork fix wpa group rekeying

login
register
mail settings
Submitter michael-dev@fami-braun.de
Date July 24, 2012, 6:10 p.m.
Message ID <a57dc93e3519a44d1f78297a5eb0f6a9@fami-braun.de>
Download mbox | patch
Permalink /patch/172993/
State Superseded
Headers show

Comments

michael-dev@fami-braun.de - July 24, 2012, 6:10 p.m.
Hi,

I'm currently facing

  wpa_group_setkeys: Unexpected GKeyDoneStations=2 when starting new GTK 
rekey

warnings with two STAs connected in different VLANs, but only 
wpa_group_setkeys: GKeyDoneStations=1 messages.
I can only explain this with wpa_group_update_sta being called multiple 
times per sta, as GKeyDoneStations is only incremented there and after 
each wpa_group_setkeys, the GKeyDoneStations of the driven group is 
correct (= the number of stas in the processed vlan).

Looking at wpa_auth_for_each_sta and its for_each implementation on 
wpa_auth_glue.c, I find that this code iterates over all sta and not 
just those of the given group. This can be verified by printing debug 
messages in wpa_group_update_sta giving the group vlan_id, which shows 
both vlans (of both stas) in each wpa_group_setkeys call.

Please find attached a patch that fixes this by giving the group 
pointer as callback context in wpa_group_setkeys and let 
wpa_group_update_sta skip those stas that are not in the correct group.
It works for me and fixes the wpa group keying issues seen before.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>

Regards,
   M. Braun

Patch

--- hostapd-20120707/src/ap/wpa_auth.c  2012-07-24 18:39:46.478606571 +0200
+++ hostapd-20120707/src/ap/wpa_auth.c  2012-07-24 18:40:42.686680840 +0200
@@ -2416,6 +2416,9 @@  static void wpa_group_gtk_init(struct wp

 static int wpa_group_update_sta(struct wpa_state_machine *sm, void *ctx)
 {
+       
+       if (ctx != sm->group) return 0;
+       
        if (sm->wpa_ptk_state != WPA_PTK_PTKINITDONE) {
                wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
                                "Not in PTKINITDONE; skip Group Key update");
@@ -2470,7 +2473,7 @@  static void wpa_group_setkeys(struct wpa
                           group->GKeyDoneStations);
                group->GKeyDoneStations = 0;
        }
-       wpa_auth_for_each_sta(wpa_auth, wpa_group_update_sta, NULL);
+       wpa_auth_for_each_sta(wpa_auth, wpa_group_update_sta, group);
        wpa_printf(MSG_DEBUG, "wpa_group_setkeys: GKeyDoneStations=%d",
                   group->GKeyDoneStations);
 }