hostap/src/pae
Jouni Malinen 1e5ea68d1f mka: Accept last two used MNs in Peers List of a received MKPDU
Previously, check for local MI,MN in a peer's Peers List accepted only
the cases that include the last used MN from an MKPDU sent by the local
device. This was problematic since it was possible to synchronize MKPDU
transmission between two devices in a way that made them always miss the
last MKPDU from the other device before filling in the Peers List.

Relax this matching requirement of "acceptably recent MN" to mean both
the last used MN and the one used just before it (i.e., copied from
either of the last two MKPDUs sent by the local device) are accepted.

While this might help in some real world scenarios in making the
protocol converge more quickly, the main help from this is to fix
consistent hwsim test cases failures in macsec_psk_ns when using UML
with time travel option which happened to practically guarantee the
inconvenient timing of MKPDU transmission/reception that ended up with
the MKPDU processing to see MI,MN with MN being the last used MN minus
1.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-07-29 17:05:40 +03:00
..
ieee802_1x_cp.c mka: Avoid memory leak in unexpected case in RECEIVE 2019-04-15 22:50:06 +03:00
ieee802_1x_cp.h mka: Remove unused authorization data from CP 2018-12-27 11:26:27 +02:00
ieee802_1x_kay.c mka: Accept last two used MNs in Peers List of a received MKPDU 2019-07-29 17:05:40 +03:00
ieee802_1x_kay.h mka: MIB information 2018-12-29 16:52:31 +02:00
ieee802_1x_kay_i.h UBSan: Pack MACsec peer id structure 2019-02-25 19:48:49 +02:00
ieee802_1x_key.c mka: Extend CAK/CKN-from-EAP-MSK API to pass in MSK length 2018-12-26 16:44:58 +02:00
ieee802_1x_key.h mka: Extend CAK/CKN-from-EAP-MSK API to pass in MSK length 2018-12-26 16:44:58 +02:00
ieee802_1x_secy_ops.c mka: Debug output cleanup/fix 2018-12-26 16:42:25 +02:00
ieee802_1x_secy_ops.h mka: Fix lowest acceptable Packet Number (LPN) calculation and use 2018-12-26 16:42:25 +02:00
Makefile