WPA auth: Clear temporary MSK storage from stack explicitly

This reduces the duration of time a key may remain unnecessarily in memory. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
10 years ago · 40aaa64f9f
parent 01b481aff3
commit 40aaa64f9f
1 changed files with 1 additions and 0 deletions
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@ -1882,6 +1882,7 @@ SM_STATE(WPA_PTK, INITPMK)
 		wpa_printf(MSG_DEBUG, "WPA: Could not get PMK, get_msk: %p",
 			   sm->wpa_auth->cb.get_msk);
 	}
+	os_memset(msk, 0, sizeof(msk));

 	sm->req_replay_counter_used = 0;
 	/* IEEE 802.11i does not set keyRun to FALSE, but not doing this