mka: Change RECEIVE and RETIRE states to match the standard

The RECEIVE and RETIRE states were incorrect which can result in
incorrect information being advertised in SAKuse MKPDUs. Change these to
match IEEE Std 802.1X-2010, Figure 12-2 (CP state machine).

hostapd/wpa_supplicant implemented an interpretation of the standard as
described in a proposed amendment titled "MKA pending PN exhastion"
which was deemed to be wrong. This amendment was included in IEEE Std
802.1Xck-2018.

Signed-off-by: Thomas Winter <Thomas.Winter@alliedtelesis.co.nz>
This commit is contained in:
Thomas Winter 2019-08-27 15:55:34 +12:00 committed by Jouni Malinen
parent 1f8fc6bebb
commit 0fedfba2e2

View file

@ -212,18 +212,6 @@ SM_STATE(CP, SECURED)
SM_STATE(CP, RECEIVE) SM_STATE(CP, RECEIVE)
{ {
SM_ENTRY(CP, RECEIVE); SM_ENTRY(CP, RECEIVE);
/* RECEIVE state machine not keep with Figure 12-2 in
* IEEE Std 802.1X-2010 */
if (sm->oki) {
ieee802_1x_kay_delete_sas(sm->kay, sm->oki);
os_free(sm->oki);
}
sm->oki = sm->lki;
sm->oan = sm->lan;
sm->otx = sm->ltx;
sm->orx = sm->lrx;
ieee802_1x_kay_set_old_sa_attr(sm->kay, sm->oki, sm->oan,
sm->otx, sm->orx);
sm->lki = os_malloc(sizeof(*sm->lki)); sm->lki = os_malloc(sizeof(*sm->lki));
if (!sm->lki) { if (!sm->lki) {
@ -320,17 +308,23 @@ SM_STATE(CP, ABANDON)
SM_STATE(CP, RETIRE) SM_STATE(CP, RETIRE)
{ {
SM_ENTRY(CP, RETIRE); SM_ENTRY(CP, RETIRE);
/* RETIRE state machine not keep with Figure 12-2 in
* IEEE Std 802.1X-2010 */
if (sm->oki) { if (sm->oki) {
ieee802_1x_kay_delete_sas(sm->kay, sm->oki); ieee802_1x_kay_delete_sas(sm->kay, sm->oki);
os_free(sm->oki); os_free(sm->oki);
sm->oki = NULL; sm->oki = NULL;
} }
sm->orx = FALSE; sm->oki = sm->lki;
sm->otx = FALSE; sm->otx = sm->ltx;
sm->orx = sm->lrx;
sm->oan = sm->lan;
ieee802_1x_kay_set_old_sa_attr(sm->kay, sm->oki, sm->oan, ieee802_1x_kay_set_old_sa_attr(sm->kay, sm->oki, sm->oan,
sm->otx, sm->orx); sm->otx, sm->orx);
sm->lki = NULL;
sm->ltx = FALSE;
sm->lrx = FALSE;
sm->lan = 0;
ieee802_1x_kay_set_latest_sa_attr(sm->kay, sm->lki, sm->lan,
sm->ltx, sm->lrx);
} }