benesv / rpms / wpa_supplicant

Forked from rpms/wpa_supplicant 4 years ago
Clone
Source Code
GIT

Blame macsec-0014-mka-Disable-peer-detection-timeout-for-PSK-mode.patch

f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f7 f8 f9 master olpc2 testsyml
  1.   7c4f7fa0c720f9db95ad6743bcbabe6a17fb293c
  2.   macsec-0014-mka-Disable-peer-detection-timeout-for-PSK-mode.patch
Blob History Raw
fb7f665 
From 008e224dbb518f44aac46b0c8e55448bd907e43d Mon Sep 17 00:00:00 2001
fb7f665 
Message-Id: <008e224dbb518f44aac46b0c8e55448bd907e43d.1488376601.git.dcaratti@redhat.com>
fb7f665 
From: Sabrina Dubroca <sd@queasysnail.net>
fb7f665 
Date: Wed, 2 Nov 2016 16:38:36 +0100
fb7f665 
Subject: [PATCH] mka: Disable peer detection timeout for PSK mode
fb7f665
fb7f665 
The first peer may take a long time to come up. In PSK mode we are
fb7f665 
basically in a p2p system, and we cannot know when a peer will join the
fb7f665 
key exchange. Wait indefinitely, and let the administrator decide if
fb7f665 
they want to abort.
fb7f665
fb7f665 
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
fb7f665 
---
fb7f665 
 src/pae/ieee802_1x_kay.c | 12 ++++++++++--
fb7f665 
 1 file changed, 10 insertions(+), 2 deletions(-)
fb7f665
fb7f665 
diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c
fb7f665 
index 2841b10..19b2c2f 100644
fb7f665 
--- a/src/pae/ieee802_1x_kay.c
fb7f665 
+++ b/src/pae/ieee802_1x_kay.c
fb7f665 
@@ -3339,8 +3339,16 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn,
fb7f665 
 	usecs = os_random() % (MKA_HELLO_TIME * 1000);
fb7f665 
 	eloop_register_timeout(0, usecs, ieee802_1x_participant_timer,
fb7f665 
 			       participant, NULL);
fb7f665 
-	participant->mka_life = MKA_LIFE_TIME / 1000 + time(NULL) +
fb7f665 
-		usecs / 1000000;
fb7f665 
+
fb7f665 
+	/* Disable MKA lifetime for PSK mode.
fb7f665 
+	 * The peer(s) can take a long time to come up, because we
fb7f665 
+	 * create a "standby" MKA, and we need it to remain live until
fb7f665 
+	 * some peer appears.
fb7f665 
+	 */
fb7f665 
+	if (mode != PSK) {
fb7f665 
+		participant->mka_life = MKA_LIFE_TIME / 1000 + time(NULL) +
fb7f665 
+			usecs / 1000000;
fb7f665 
+	}
fb7f665
fb7f665 
 	return participant;
fb7f665
fb7f665 
--
fb7f665 
2.7.4
fb7f665
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.