Cache hashed passphrase in RADIUS-based PSK delivery

Instead of copying the full struct hostapd_sta_wpa_psk_short, share the existing entry and use reference counting to check when it needs to be freed. This allows caching of PSKs derived from passphrases to avoid having to perform the heavy hashing operation multiple times. Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
8 years ago · d8912fd80e
parent f8e09bc57e
commit d8912fd80e
2 changed files with 14 additions and 17 deletions
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@ -134,6 +134,7 @@ struct hostapd_sta_wpa_psk_short {
 	unsigned int is_passphrase:1;
 	u8 psk[PMK_LEN];
 	char passphrase[MAX_PASSPHRASE_LEN + 1];
+	int ref; /* (number of references held) - 1 */
 };

 struct hostapd_wpa_psk {
--- a/src/ap/ieee802_11_auth.c
+++ b/src/ap/ieee802_11_auth.c
@ -76,23 +76,13 @@ static void hostapd_acl_cache_free(struct hostapd_cached_radius_acl *acl_cache)
 static void copy_psk_list(struct hostapd_sta_wpa_psk_short **psk,
 			  struct hostapd_sta_wpa_psk_short *src)
 {
-	struct hostapd_sta_wpa_psk_short **copy_to;
-	struct hostapd_sta_wpa_psk_short *copy_from;
-
-	/* Copy PSK linked list */
-	copy_to = psk;
-	copy_from = src;
-	while (copy_from && copy_to) {
-		*copy_to = os_zalloc(sizeof(struct hostapd_sta_wpa_psk_short));
-		if (*copy_to == NULL)
-			break;
-		os_memcpy(*copy_to, copy_from,
-			  sizeof(struct hostapd_sta_wpa_psk_short));
-		copy_from = copy_from->next;
-		copy_to = &((*copy_to)->next);
-	}
-	if (copy_to)
-		*copy_to = NULL;
+	if (!psk)
+		return;
+
+	if (src)
+		src->ref++;
+
+	*psk = src;
 }


@ -667,6 +657,12 @@ void hostapd_acl_deinit(struct hostapd_data *hapd)

 void hostapd_free_psk_list(struct hostapd_sta_wpa_psk_short *psk)
 {
+	if (psk && psk->ref) {
+		/* This will be freed when the last reference is dropped. */
+		psk->ref--;
+		return;
+	}
+
 	while (psk) {
 		struct hostapd_sta_wpa_psk_short *prev = psk;
 		psk = psk->next;