1e5ea68d1f
Previously, check for local MI,MN in a peer's Peers List accepted only the cases that include the last used MN from an MKPDU sent by the local device. This was problematic since it was possible to synchronize MKPDU transmission between two devices in a way that made them always miss the last MKPDU from the other device before filling in the Peers List. Relax this matching requirement of "acceptably recent MN" to mean both the last used MN and the one used just before it (i.e., copied from either of the last two MKPDUs sent by the local device) are accepted. While this might help in some real world scenarios in making the protocol converge more quickly, the main help from this is to fix consistent hwsim test cases failures in macsec_psk_ns when using UML with time travel option which happened to practically guarantee the inconvenient timing of MKPDU transmission/reception that ended up with the MKPDU processing to see MI,MN with MN being the last used MN minus 1. Signed-off-by: Jouni Malinen <jouni@codeaurora.org> |
||
|---|---|---|
| .. | ||
| ieee802_1x_cp.c | ||
| ieee802_1x_cp.h | ||
| ieee802_1x_kay.c | ||
| ieee802_1x_kay.h | ||
| ieee802_1x_kay_i.h | ||
| ieee802_1x_key.c | ||
| ieee802_1x_key.h | ||
| ieee802_1x_secy_ops.c | ||
| ieee802_1x_secy_ops.h | ||
| Makefile | ||