jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

WPA: Clear authenticator keys for a STA on deinit/disconnection

Browse source 
Do not leave keys in heap memory after they are no longer needed.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2019-04-18 18:17:07 +03:00 committed by Jouni Malinen
parent f006c13c14
commit 09ab81b9e8
1 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
src/ap/wpa_auth.c
View file

@ -712,7 +712,7 @@ static void wpa_free_sta_sm(struct wpa_state_machine *sm)
#ifdef CONFIG_DPP2 #ifdef CONFIG_DPP2
wpabuf_clear_free(sm->dpp_z); wpabuf_clear_free(sm->dpp_z);
#endif /* CONFIG_DPP2 */ #endif /* CONFIG_DPP2 */
os_free(sm); bin_clear_free(sm, sizeof(*sm));
} }
@ -1743,6 +1743,12 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event)
case WPA_DEAUTH: case WPA_DEAUTH:
case WPA_DISASSOC: case WPA_DISASSOC:
sm->DeauthenticationRequest = TRUE; sm->DeauthenticationRequest = TRUE;
#ifdef CONFIG_IEEE80211R_AP
os_memset(sm->PMK, 0, sizeof(sm->PMK));
sm->pmk_len = 0;
os_memset(sm->xxkey, 0, sizeof(sm->xxkey));
sm->xxkey_len = 0;
#endif /* CONFIG_IEEE80211R_AP */
break; break;
case WPA_REAUTH: case WPA_REAUTH:
case WPA_REAUTH_EAPOL: case WPA_REAUTH_EAPOL: