From 785b219abd82b7e516449e94c0fb492f856fd4c4 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Thu, 27 Dec 2018 11:26:27 +0200
Subject: [PATCH] mka: Remove unused authorization data from CP

While IEEE Std 802.1X-2010 talks about arbitrary authorization data that
could be passed to the CP from sources like RADIUS server, there is not
much point in trying to implement this as an arbitrary memory buffer in
wpa_supplicant. Should such data be supported in the future, it would
much more likely use more detailed data structures that encode the
received data in easier to use form.

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 src/pae/ieee802_1x_cp.c | 17 -----------------
 src/pae/ieee802_1x_cp.h |  1 -
 2 files changed, 18 deletions(-)

diff --git a/src/pae/ieee802_1x_cp.c b/src/pae/ieee802_1x_cp.c
index 096f3ef42..5ff3fff9f 100644
--- a/src/pae/ieee802_1x_cp.c
+++ b/src/pae/ieee802_1x_cp.c
@@ -38,12 +38,10 @@ struct ieee802_1x_cp_sm {
 
 	/* Logon -> CP */
 	enum connect_type connect;
-	u8 *authorization_data;
 
 	/* KaY -> CP */
 	Boolean chgd_server; /* clear by CP */
 	Boolean elected_self;
-	u8 *authorization_data1;
 	enum confidentiality_offset cipher_offset;
 	u64 cipher_suite;
 	Boolean new_sak; /* clear by CP */
@@ -468,7 +466,6 @@ struct ieee802_1x_cp_sm * ieee802_1x_cp_sm_init(struct ieee802_1x_kay *kay)
 	sm->retire_delay = MKA_SAK_RETIRE_TIME;
 	sm->CP_state = CP_BEGIN;
 	sm->changed = FALSE;
-	sm->authorization_data = NULL;
 
 	wpa_printf(MSG_DEBUG, "CP: state machine created");
 
@@ -522,7 +519,6 @@ void ieee802_1x_cp_sm_deinit(struct ieee802_1x_cp_sm *sm)
 	eloop_cancel_timeout(ieee802_1x_cp_step_cb, sm, NULL);
 	os_free(sm->lki);
 	os_free(sm->oki);
-	os_free(sm->authorization_data);
 	os_free(sm);
 }
 
@@ -592,19 +588,6 @@ void ieee802_1x_cp_set_electedself(void *cp_ctx, Boolean status)
 }
 
 
-/**
- * ieee802_1x_cp_set_authorizationdata -
- */
-void ieee802_1x_cp_set_authorizationdata(void *cp_ctx, u8 *pdata, int len)
-{
-	struct ieee802_1x_cp_sm *sm = cp_ctx;
-	os_free(sm->authorization_data);
-	sm->authorization_data = os_zalloc(len);
-	if (sm->authorization_data)
-		os_memcpy(sm->authorization_data, pdata, len);
-}
-
-
 /**
  * ieee802_1x_cp_set_ciphersuite -
  */
diff --git a/src/pae/ieee802_1x_cp.h b/src/pae/ieee802_1x_cp.h
index 695629e5c..a357b278f 100644
--- a/src/pae/ieee802_1x_cp.h
+++ b/src/pae/ieee802_1x_cp.h
@@ -25,7 +25,6 @@ void ieee802_1x_cp_connect_authenticated(void *cp_ctx);
 void ieee802_1x_cp_connect_secure(void *cp_ctx);
 void ieee802_1x_cp_signal_chgdserver(void *cp_ctx);
 void ieee802_1x_cp_set_electedself(void *cp_ctx, Boolean status);
-void ieee802_1x_cp_set_authorizationdata(void *cp_ctx, u8 *pdata, int len);
 void ieee802_1x_cp_set_ciphersuite(void *cp_ctx, u64 cs);
 void ieee802_1x_cp_set_offset(void *cp_ctx, enum confidentiality_offset offset);
 void ieee802_1x_cp_signal_newsak(void *cp_ctx);