From patchwork Thu May 16 23:23:02 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: michael-dev X-Patchwork-Id: 249366 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from maxx.maxx.shmoo.com (maxx.shmoo.com [205.134.188.171]) by ozlabs.org (Postfix) with ESMTP id A38E02C0095 for ; Thu, 6 Jun 2013 20:12:20 +1000 (EST) Received: from localhost (localhost [127.0.0.1]) by maxx.maxx.shmoo.com (Postfix) with ESMTP id 4C5D79D21C; Thu, 6 Jun 2013 06:11:39 -0400 (EDT) X-Virus-Scanned: amavisd-new at maxx.shmoo.com Received: from maxx.maxx.shmoo.com ([127.0.0.1]) by localhost (maxx.shmoo.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zFDA1Ou2zyOr; Thu, 6 Jun 2013 06:11:38 -0400 (EDT) Received: from maxx.shmoo.com (localhost [127.0.0.1]) by maxx.maxx.shmoo.com (Postfix) with ESMTP id 9CB6C9C123; Thu, 6 Jun 2013 06:09:35 -0400 (EDT) X-Original-To: mailman-post+hostap@maxx.shmoo.com Delivered-To: mailman-post+hostap@maxx.shmoo.com Received: from localhost (localhost [127.0.0.1]) by maxx.maxx.shmoo.com (Postfix) with ESMTP id BB9F19C1AB for ; Thu, 6 Jun 2013 06:09:33 -0400 (EDT) X-Virus-Scanned: amavisd-new at maxx.shmoo.com Received: from maxx.maxx.shmoo.com ([127.0.0.1]) by localhost (maxx.shmoo.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yeg3JZVZjPyo for ; Thu, 6 Jun 2013 06:09:27 -0400 (EDT) Received: from mail.fem.tu-ilmenau.de (mail.fem.tu-ilmenau.de [141.24.101.79]) by maxx.maxx.shmoo.com (Postfix) with ESMTP id CE1199C120 for ; Thu, 6 Jun 2013 06:09:08 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.fem.tu-ilmenau.de (Postfix) with ESMTP id 9C9F1653F for ; Thu, 6 Jun 2013 12:09:08 +0200 (CEST) X-Virus-Scanned: amavisd-new at fem.tu-ilmenau.de Received: from mail.fem.tu-ilmenau.de ([127.0.0.1]) by localhost (mail.fem.tu-ilmenau.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4kwC8hLfxiRP; Thu, 6 Jun 2013 12:09:07 +0200 (CEST) Received: from a234.fem.tu-ilmenau.de (unknown [10.42.51.234]) by mail.fem.tu-ilmenau.de (Postfix) with ESMTP; Thu, 6 Jun 2013 12:09:06 +0200 (CEST) Received: by a234.fem.tu-ilmenau.de (Postfix, from userid 0) id 590B120A66A; Thu, 6 Jun 2013 12:09:06 +0200 (CEST) Message-Id: <0f82cfad3073d0214df89198c1493508f577af37.1370512966.git.michael-dev@fami-braun.de> In-Reply-To: References: From: Michael Braun Date: Fri, 17 May 2013 01:23:02 +0200 Subject: [PATCHv2 05/21] Remove WPA per-VLAN groups when all stations left on rekeying To: hostap@lists.shmoo.com MIME-Version: 1.0 Cc: projekt-wlan@fem.tu-ilmenau.de X-BeenThere: hostap@lists.shmoo.com X-Mailman-Version: 2.1.11 Precedence: list Reply-To: projekt-wlan@fem.tu-ilmenau.de List-Id: HostAP Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: hostap-bounces@lists.shmoo.com Errors-To: hostap-bounces@lists.shmoo.com This adds a references counter to struct wpa_group and frees a group if it is unused during rekeying. This is useful when extending the number of VLANs supported. Signed-hostap: Michael Braun diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 83cc857..f08ded8 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -211,6 +211,14 @@ static int wpa_use_aes_cmac(struct wpa_state_machine *sm) } +static void wpa_group_free(struct wpa_group *group) +{ + wpa_printf(MSG_DEBUG, "WPA: Remove group state machine for VLAN-ID %d", + group->vlan_id); + os_free(group); +} + + static void wpa_rekey_gmk(void *eloop_ctx, void *timeout_ctx) { struct wpa_authenticator *wpa_auth = eloop_ctx; @@ -234,15 +242,26 @@ static void wpa_rekey_gmk(void *eloop_ctx, void *timeout_ctx) static void wpa_rekey_gtk(void *eloop_ctx, void *timeout_ctx) { struct wpa_authenticator *wpa_auth = eloop_ctx; - struct wpa_group *group; + struct wpa_group *group, *prev; wpa_auth_logger(wpa_auth, NULL, LOGGER_DEBUG, "rekeying GTK"); - for (group = wpa_auth->group; group; group = group->next) { + group = wpa_auth->group; + prev = NULL; + while (group) { group->GTKReKey = TRUE; do { group->changed = FALSE; wpa_group_sm_step(wpa_auth, group); } while (group->changed); + if (group->references == 0 && prev) { + /* this does never delete the special first group */ + prev->next = group->next; + wpa_group_free(group); + group = prev->next; + } else { + prev = group; + group = group->next; + } } if (wpa_auth->conf.wpa_group_rekey) { @@ -519,6 +538,7 @@ wpa_auth_sta_init(struct wpa_authenticator *wpa_auth, const u8 *addr) sm->wpa_auth = wpa_auth; sm->group = wpa_auth->group; + sm->group->references++; return sm; } @@ -581,6 +601,7 @@ static void wpa_free_sta_sm(struct wpa_state_machine *sm) #endif /* CONFIG_IEEE80211R */ os_free(sm->last_rx_eapol_key); os_free(sm->wpa_ie); + sm->group->references--; os_free(sm); } @@ -3007,7 +3028,10 @@ int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, int vlan_id) wpa_printf(MSG_DEBUG, "WPA: Moving STA " MACSTR " to use group state " "machine for VLAN ID %d", MAC2STR(sm->addr), vlan_id); + sm->group->references--; sm->group = group; + sm->group->references++; + return 0; } diff --git a/src/ap/wpa_auth_i.h b/src/ap/wpa_auth_i.h index 97489d3..8fbd4ff 100644 --- a/src/ap/wpa_auth_i.h +++ b/src/ap/wpa_auth_i.h @@ -151,6 +151,8 @@ struct wpa_group { u8 IGTK[2][WPA_IGTK_LEN]; int GN_igtk, GM_igtk; #endif /* CONFIG_IEEE80211W */ + /* number of references except those in struct wpa_group->next */ + unsigned int references; };