void mesh_rsn_get_pmkid(struct mesh_rsn *rsn, struct sta_info *sta, u8 *pmkid)
{
/* don't expect wpa auth to cache the pmkid for now */
rsn_pmkid(sta->sae->pmk, PMK_LEN, rsn->wpa_s->own_addr,
sta->addr, pmkid,
wpa_key_mgmt_sha256(wpa_auth_sta_key_mgmt(sta->wpa_sm)));
}
/**
* pmksa_cache_auth_add - Add a PMKSA cache entry
* @pmksa: Pointer to PMKSA cache data from pmksa_cache_auth_init()
* @pmk: The new pairwise master key
* @pmk_len: PMK length in bytes, usually PMK_LEN (32)
* @pmkid: Calculated PMKID
* @kck: Key confirmation key or %NULL if not yet derived
* @kck_len: KCK length in bytes
* @aa: Authenticator address
* @spa: Supplicant address
* @session_timeout: Session timeout
* @eapol: Pointer to EAPOL state machine data
* @akmp: WPA_KEY_MGMT_* used in key derivation
* Returns: Pointer to the added PMKSA cache entry or %NULL on error
*
* This function create a PMKSA entry for a new PMK and adds it to the PMKSA
* cache. If an old entry is already in the cache for the same Supplicant,
* this entry will be replaced with the new entry. PMKID will be calculated
* based on the PMK.
*/
struct rsn_pmksa_cache_entry *
pmksa_cache_auth_add(struct rsn_pmksa_cache *pmksa,
const u8 *pmk, size_t pmk_len, const u8 *pmkid,
const u8 *kck, size_t kck_len,
const u8 *aa, const u8 *spa, int session_timeout,
struct eapol_state_machine *eapol, int akmp)
{
struct rsn_pmksa_cache_entry *entry, *pos;
struct os_reltime now;
if (pmk_len > PMK_LEN_MAX)
return NULL;
if (wpa_key_mgmt_suite_b(akmp) && !kck)
return NULL;
entry = os_zalloc(sizeof(*entry));
if (entry == NULL)
return NULL;
os_memcpy(entry->pmk, pmk, pmk_len);
entry->pmk_len = pmk_len;
if (pmkid)
os_memcpy(entry->pmkid, pmkid, PMKID_LEN);
else if (akmp == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
rsn_pmkid_suite_b_192(kck, kck_len, aa, spa, entry->pmkid);
else if (wpa_key_mgmt_suite_b(akmp))
rsn_pmkid_suite_b(kck, kck_len, aa, spa, entry->pmkid);
else
rsn_pmkid(pmk, pmk_len, aa, spa, entry->pmkid,
wpa_key_mgmt_sha256(akmp));
os_get_reltime(&now);
entry->expiration = now.sec;
if (session_timeout > 0)
entry->expiration += session_timeout;
else
entry->expiration += dot11RSNAConfigPMKLifetime;
entry->akmp = akmp;
os_memcpy(entry->spa, spa, ETH_ALEN);
pmksa_cache_from_eapol_data(entry, eapol);
/* Replace an old entry for the same STA (if found) with the new entry
*/
pos = pmksa_cache_auth_get(pmksa, spa, NULL);
if (pos)
pmksa_cache_free_entry(pmksa, pos);
if (pmksa->pmksa_count >= pmksa_cache_max_entries && pmksa->pmksa) {
/* Remove the oldest entry to make room for the new entry */
wpa_printf(MSG_DEBUG, "RSN: removed the oldest PMKSA cache "
"entry (for " MACSTR ") to make room for new one",
MAC2STR(pmksa->pmksa->spa));
pmksa_cache_free_entry(pmksa, pmksa->pmksa);
}
pmksa_cache_link_entry(pmksa, entry);
return entry;
}
struct rsn_pmksa_cache_entry * wlan_pmksa_cache_get(unsigned char WLANID, unsigned int BSSIndex,
const u8 *spa, const u8 *aa, const u8 *pmkid)
{
struct PMK_STAINFO *pmk_sta;
struct PMK_BSSInfo *bss;
struct wasd_interfaces *interfaces = (struct wasd_interfaces*) circle.user_data;
struct asd_data *wasd;
struct rsn_pmksa_cache_entry *entry;
unsigned int RadioID;
unsigned int BSS_L_ID;
unsigned char new_pmkid[PMKID_LEN];
if((ASD_WLAN[WLANID] == NULL)||(ASD_WLAN[WLANID]->sta_list == NULL))
return NULL;
pmk_sta = pmk_ap_get_sta(ASD_WLAN[WLANID],spa);
if(pmk_sta == NULL)
return NULL;
bss = pmk_sta->bss;
while(bss != NULL){
if(bss->BSSIndex != BSSIndex){
RadioID = bss->BSSIndex/L_BSS_NUM;
BSS_L_ID = bss->BSSIndex%L_BSS_NUM;
if((interfaces->iface[RadioID]!=NULL)&&(interfaces->iface[RadioID]->bss[BSS_L_ID]!=NULL))
{
wasd = interfaces->iface[RadioID]->bss[BSS_L_ID];
if ((wasd == NULL) ||
(wasd->wpa_auth == NULL) ||
(wasd->wpa_auth->pmksa == NULL))
continue;
entry = pmksa_cache_get(wasd->wpa_auth->pmksa, spa, NULL);
if(entry == NULL){
asd_printf(ASD_DEFAULT,MSG_WARNING, "entry is NULL in func: %s\n",__func__);
bss = bss->next;
continue;
}
rsn_pmkid(entry->pmk,entry->pmk_len,aa,spa,new_pmkid);
if(memcmp(new_pmkid, pmkid, PMKID_LEN) == 0)
{
if (memcmp(entry->pmkid, pmkid, PMKID_LEN)) {
wpa_hexdump(MSG_INFO, "STA PMKID: ", entry->pmkid, PMKID_LEN);
wpa_hexdump(MSG_INFO, "PMKID: ", pmkid, PMKID_LEN);
}
/* delete from hash, then update pmkid, insert again */
pmksa_cache_delete_from_hash(wasd->wpa_auth->pmksa, entry);
memcpy(entry->pmkid, pmkid, PMKID_LEN);
pmksa_cache_insert_to_hash(wasd->wpa_auth->pmksa, entry);
if (pmk_sta->PreBssIndex != BSSIndex)
pmk_ap_free_sta_in_prebss(pmk_sta->PreBssIndex,pmk_sta->addr);
pmk_sta->PreBssIndex = BSSIndex;
return entry;
}
}
}
bss = bss->next;
}
return NULL;
}
/**
* pmksa_cache_get_okc - Fetch a PMKSA cache entry using OKC
* @pmksa: Pointer to PMKSA cache data from pmksa_cache_auth_init()
* @aa: Authenticator address
* @spa: Supplicant address
* @pmkid: PMKID
* Returns: Pointer to PMKSA cache entry or %NULL if no match was found
*
* Use opportunistic key caching (OKC) to find a PMK for a supplicant.
*/
struct rsn_pmksa_cache_entry * pmksa_cache_get_okc(
struct rsn_pmksa_cache *pmksa, const u8 *aa, const u8 *spa,
const u8 *pmkid)
{
struct rsn_pmksa_cache_entry *entry;
u8 new_pmkid[PMKID_LEN];
for (entry = pmksa->pmksa; entry; entry = entry->next) {
if (os_memcmp(entry->spa, spa, ETH_ALEN) != 0)
continue;
rsn_pmkid(entry->pmk, entry->pmk_len, aa, spa, new_pmkid,
wpa_key_mgmt_sha256(entry->akmp));
if (os_memcmp(new_pmkid, pmkid, PMKID_LEN) == 0)
return entry;
}
return NULL;
}
/**
* pmksa_cache_auth_create_entry - Create a PMKSA cache entry
* @pmk: The new pairwise master key
* @pmk_len: PMK length in bytes, usually PMK_LEN (32)
* @pmkid: Calculated PMKID
* @kck: Key confirmation key or %NULL if not yet derived
* @kck_len: KCK length in bytes
* @aa: Authenticator address
* @spa: Supplicant address
* @session_timeout: Session timeout
* @eapol: Pointer to EAPOL state machine data
* @akmp: WPA_KEY_MGMT_* used in key derivation
* Returns: Pointer to the added PMKSA cache entry or %NULL on error
*
* This function creates a PMKSA entry.
*/
struct rsn_pmksa_cache_entry *
pmksa_cache_auth_create_entry(const u8 *pmk, size_t pmk_len, const u8 *pmkid,
const u8 *kck, size_t kck_len, const u8 *aa,
const u8 *spa, int session_timeout,
struct eapol_state_machine *eapol, int akmp)
{
struct rsn_pmksa_cache_entry *entry;
struct os_reltime now;
if (pmk_len > PMK_LEN_MAX)
return NULL;
if (wpa_key_mgmt_suite_b(akmp) && !kck)
return NULL;
entry = os_zalloc(sizeof(*entry));
if (entry == NULL)
return NULL;
os_memcpy(entry->pmk, pmk, pmk_len);
entry->pmk_len = pmk_len;
if (pmkid)
os_memcpy(entry->pmkid, pmkid, PMKID_LEN);
else if (akmp == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
rsn_pmkid_suite_b_192(kck, kck_len, aa, spa, entry->pmkid);
else if (wpa_key_mgmt_suite_b(akmp))
rsn_pmkid_suite_b(kck, kck_len, aa, spa, entry->pmkid);
else
rsn_pmkid(pmk, pmk_len, aa, spa, entry->pmkid, akmp);
os_get_reltime(&now);
entry->expiration = now.sec;
if (session_timeout > 0)
entry->expiration += session_timeout;
else
entry->expiration += dot11RSNAConfigPMKLifetime;
entry->akmp = akmp;
os_memcpy(entry->spa, spa, ETH_ALEN);
pmksa_cache_from_eapol_data(entry, eapol);
return entry;
}
/**
* pmksa_cache_add - Add a PMKSA cache entry
* @pmksa: Pointer to PMKSA cache data from pmksa_cache_init()
* @pmk: The new pairwise master key
* @pmk_len: PMK length in bytes, usually PMK_LEN (32)
* @aa: Authenticator address
* @spa: Supplicant address
* @network_ctx: Network configuration context for this PMK
* @akmp: WPA_KEY_MGMT_* used in key derivation
* Returns: Pointer to the added PMKSA cache entry or %NULL on error
*
* This function create a PMKSA entry for a new PMK and adds it to the PMKSA
* cache. If an old entry is already in the cache for the same Authenticator,
* this entry will be replaced with the new entry. PMKID will be calculated
* based on the PMK and the driver interface is notified of the new PMKID.
*/
struct rsn_pmksa_cache_entry *
pmksa_cache_add(struct rsn_pmksa_cache *pmksa, const u8 *pmk, size_t pmk_len,
const u8 *aa, const u8 *spa, void *network_ctx, int akmp)
{
struct rsn_pmksa_cache_entry *entry, *pos, *prev;
struct os_time now;
if (pmk_len > PMK_LEN)
return NULL;
entry = os_zalloc(sizeof(*entry));
if (entry == NULL)
return NULL;
os_memcpy(entry->pmk, pmk, pmk_len);
entry->pmk_len = pmk_len;
rsn_pmkid(pmk, pmk_len, aa, spa, entry->pmkid,
wpa_key_mgmt_sha256(akmp));
os_get_time(&now);
entry->expiration = now.sec + pmksa->sm->dot11RSNAConfigPMKLifetime;
entry->reauth_time = now.sec + pmksa->sm->dot11RSNAConfigPMKLifetime *
pmksa->sm->dot11RSNAConfigPMKReauthThreshold / 100;
entry->akmp = akmp;
os_memcpy(entry->aa, aa, ETH_ALEN);
entry->network_ctx = network_ctx;
/* Replace an old entry for the same Authenticator (if found) with the
* new entry */
pos = pmksa->pmksa;
prev = NULL;
while (pos) {
if (os_memcmp(aa, pos->aa, ETH_ALEN) == 0) {
if (pos->pmk_len == pmk_len &&
os_memcmp(pos->pmk, pmk, pmk_len) == 0 &&
os_memcmp(pos->pmkid, entry->pmkid, PMKID_LEN) ==
0) {
wpa_printf(MSG_DEBUG, "WPA: reusing previous "
"PMKSA entry");
os_free(entry);
return pos;
}
if (prev == NULL)
pmksa->pmksa = pos->next;
else
prev->next = pos->next;
/*
* If OKC is used, there may be other PMKSA cache
* entries based on the same PMK. These needs to be
* flushed so that a new entry can be created based on
* the new PMK. Only clear other entries if they have a
* matching PMK and this PMK has been used successfully
* with the current AP, i.e., if opportunistic flag has
* been cleared in wpa_supplicant_key_neg_complete().
*/
wpa_printf(MSG_DEBUG, "RSN: Replace PMKSA entry for "
"the current AP and any PMKSA cache entry "
"that was based on the old PMK");
if (!pos->opportunistic)
pmksa_cache_flush(pmksa, network_ctx, pos->pmk,
pos->pmk_len);
pmksa_cache_free_entry(pmksa, pos, PMKSA_REPLACE);
break;
}
prev = pos;
pos = pos->next;
}
if (pmksa->pmksa_count >= pmksa_cache_max_entries && pmksa->pmksa) {
/* Remove the oldest entry to make room for the new entry */
pos = pmksa->pmksa;
if (pos == pmksa->sm->cur_pmksa) {
/*
* Never remove the current PMKSA cache entry, since
* it's in use, and removing it triggers a needless
* deauthentication.
*/
pos = pos->next;
pmksa->pmksa->next = pos ? pos->next : NULL;
} else
pmksa->pmksa = pos->next;
if (pos) {
wpa_printf(MSG_DEBUG, "RSN: removed the oldest idle "
"PMKSA cache entry (for " MACSTR ") to "
"make room for new one",
MAC2STR(pos->aa));
pmksa_cache_free_entry(pmksa, pos, PMKSA_FREE);
}
}
/* Add the new entry; order by expiration time */
pos = pmksa->pmksa;
prev = NULL;
while (pos) {
if (pos->expiration > entry->expiration)
break;
prev = pos;
pos = pos->next;
}
if (prev == NULL) {
entry->next = pmksa->pmksa;
pmksa->pmksa = entry;
pmksa_cache_set_expiration(pmksa);
} else {
entry->next = prev->next;
prev->next = entry;
}
pmksa->pmksa_count++;
wpa_printf(MSG_DEBUG, "RSN: Added PMKSA cache entry for " MACSTR
" network_ctx=%p", MAC2STR(entry->aa), network_ctx);
wpa_sm_add_pmkid(pmksa->sm, entry->aa, entry->pmkid);
return entry;
}
/**
* pmksa_cache_add - Add a PMKSA cache entry
* @pmksa: Pointer to PMKSA cache data from pmksa_cache_init()
* @pmk: The new pairwise master key
* @pmk_len: PMK length in bytes, usually PMK_LEN (32)
* @aa: Authenticator address
* @spa: Supplicant address
* @network_ctx: Network configuration context for this PMK
* @akmp: WPA_KEY_MGMT_* used in key derivation
* Returns: Pointer to the added PMKSA cache entry or %NULL on error
*
* This function create a PMKSA entry for a new PMK and adds it to the PMKSA
* cache. If an old entry is already in the cache for the same Authenticator,
* this entry will be replaced with the new entry. PMKID will be calculated
* based on the PMK and the driver interface is notified of the new PMKID.
*/
struct rsn_pmksa_cache_entry *
pmksa_cache_add(struct rsn_pmksa_cache *pmksa, const u8 *pmk, size_t pmk_len,
const u8 *aa, const u8 *spa, void *network_ctx, int akmp)
{
struct rsn_pmksa_cache_entry *entry, *pos, *prev;
struct os_time now;
if (pmk_len > PMK_LEN)
return NULL;
entry = os_zalloc(sizeof(*entry));
if (entry == NULL)
return NULL;
os_memcpy(entry->pmk, pmk, pmk_len);
entry->pmk_len = pmk_len;
rsn_pmkid(pmk, pmk_len, aa, spa, entry->pmkid,
wpa_key_mgmt_sha256(akmp));
os_get_time(&now);
entry->expiration = now.sec + pmksa->sm->dot11RSNAConfigPMKLifetime;
entry->reauth_time = now.sec + pmksa->sm->dot11RSNAConfigPMKLifetime *
pmksa->sm->dot11RSNAConfigPMKReauthThreshold / 100;
entry->akmp = akmp;
os_memcpy(entry->aa, aa, ETH_ALEN);
entry->network_ctx = network_ctx;
/* Replace an old entry for the same Authenticator (if found) with the
* new entry */
pos = pmksa->pmksa;
prev = NULL;
while (pos) {
if (os_memcmp(aa, pos->aa, ETH_ALEN) == 0) {
if (pos->pmk_len == pmk_len &&
os_memcmp(pos->pmk, pmk, pmk_len) == 0 &&
os_memcmp(pos->pmkid, entry->pmkid, PMKID_LEN) ==
0) {
wpa_printf(MSG_DEBUG, "WPA: reusing previous "
"PMKSA entry");
os_free(entry);
return pos;
}
if (prev == NULL)
pmksa->pmksa = pos->next;
else
prev->next = pos->next;
if (pos == pmksa->sm->cur_pmksa) {
/* We are about to replace the current PMKSA
* cache entry. This happens when the PMKSA
* caching attempt fails, so we don't want to
* force pmksa_cache_free_entry() to disconnect
* at this point. Let's just make sure the old
* PMKSA cache entry will not be used in the
* future.
*/
wpa_printf(MSG_DEBUG, "RSN: replacing current "
"PMKSA entry");
pmksa->sm->cur_pmksa = NULL;
}
wpa_printf(MSG_DEBUG, "RSN: Replace PMKSA entry for "
"the current AP");
pmksa_cache_free_entry(pmksa, pos, 1);
/*
* If OKC is used, there may be other PMKSA cache
* entries based on the same PMK. These needs to be
* flushed so that a new entry can be created based on
* the new PMK.
*/
pmksa_cache_flush(pmksa, network_ctx);
break;
}
prev = pos;
pos = pos->next;
}
if (pmksa->pmksa_count >= pmksa_cache_max_entries && pmksa->pmksa) {
/* Remove the oldest entry to make room for the new entry */
pos = pmksa->pmksa;
pmksa->pmksa = pos->next;
wpa_printf(MSG_DEBUG, "RSN: removed the oldest PMKSA cache "
"entry (for " MACSTR ") to make room for new one",
MAC2STR(pos->aa));
wpa_sm_remove_pmkid(pmksa->sm, pos->aa, pos->pmkid);
pmksa_cache_free_entry(pmksa, pos, 0);
}
/* Add the new entry; order by expiration time */
pos = pmksa->pmksa;
prev = NULL;
while (pos) {
if (pos->expiration > entry->expiration)
break;
prev = pos;
pos = pos->next;
}
if (prev == NULL) {
entry->next = pmksa->pmksa;
pmksa->pmksa = entry;
pmksa_cache_set_expiration(pmksa);
} else {
entry->next = prev->next;
prev->next = entry;
}
pmksa->pmksa_count++;
wpa_printf(MSG_DEBUG, "RSN: added PMKSA cache entry for " MACSTR,
MAC2STR(entry->aa));
wpa_sm_add_pmkid(pmksa->sm, entry->aa, entry->pmkid);
return entry;
}
/**
* pmksa_cache_add - Add a PMKSA cache entry
* @pmksa: Pointer to PMKSA cache data from pmksa_cache_init()
* @pmk: The new pairwise master key
* @pmk_len: PMK length in bytes, usually PMK_LEN (32)
* @aa: Authenticator address
* @spa: Supplicant address
* @ssid: The network configuration for which this PMK is being added
* Returns: Pointer to the added PMKSA cache entry or %NULL on error
*
* This function create a PMKSA entry for a new PMK and adds it to the PMKSA
* cache. If an old entry is already in the cache for the same Authenticator,
* this entry will be replaced with the new entry. PMKID will be calculated
* based on the PMK and the driver interface is notified of the new PMKID.
*/
struct rsn_pmksa_cache_entry *
pmksa_cache_add(struct rsn_pmksa_cache *pmksa, const u8 *pmk, size_t pmk_len,
const u8 *aa, const u8 *spa, struct wpa_ssid *ssid)
{
struct rsn_pmksa_cache_entry *entry, *pos, *prev;
struct os_time now;
if (pmksa->sm->proto != WPA_PROTO_RSN || pmk_len > PMK_LEN)
return NULL;
entry = wpa_zalloc(sizeof(*entry));
if (entry == NULL)
return NULL;
memcpy(entry->pmk, pmk, pmk_len);
entry->pmk_len = pmk_len;
rsn_pmkid(pmk, pmk_len, aa, spa, entry->pmkid);
os_get_time(&now);
entry->expiration = now.sec + pmksa->sm->dot11RSNAConfigPMKLifetime;
entry->reauth_time = now.sec + pmksa->sm->dot11RSNAConfigPMKLifetime *
pmksa->sm->dot11RSNAConfigPMKReauthThreshold / 100;
entry->akmp = WPA_KEY_MGMT_IEEE8021X;
memcpy(entry->aa, aa, ETH_ALEN);
entry->ssid = ssid;
/* Replace an old entry for the same Authenticator (if found) with the
* new entry */
pos = pmksa->pmksa;
prev = NULL;
while (pos) {
if (memcmp(aa, pos->aa, ETH_ALEN) == 0) {
if (pos->pmk_len == pmk_len &&
memcmp(pos->pmk, pmk, pmk_len) == 0 &&
memcmp(pos->pmkid, entry->pmkid, PMKID_LEN) == 0) {
wpa_printf(MSG_DEBUG, "WPA: reusing previous "
"PMKSA entry");
free(entry);
return pos;
}
if (prev == NULL)
pmksa->pmksa = pos->next;
else
prev->next = pos->next;
wpa_printf(MSG_DEBUG, "RSN: Replace PMKSA entry for "
"the current AP");
pmksa_cache_free_entry(pmksa, pos, 1);
break;
}
prev = pos;
pos = pos->next;
}
if (pmksa->pmksa_count >= pmksa_cache_max_entries && pmksa->pmksa) {
/* Remove the oldest entry to make room for the new entry */
pos = pmksa->pmksa;
pmksa->pmksa = pos->next;
wpa_printf(MSG_DEBUG, "RSN: removed the oldest PMKSA cache "
"entry (for " MACSTR ") to make room for new one",
MAC2STR(pos->aa));
wpa_sm_remove_pmkid(pmksa->sm, pos->aa, pos->pmkid);
pmksa_cache_free_entry(pmksa, pos, 0);
}
/* Add the new entry; order by expiration time */
pos = pmksa->pmksa;
prev = NULL;
while (pos) {
if (pos->expiration > entry->expiration)
break;
prev = pos;
pos = pos->next;
}
if (prev == NULL) {
entry->next = pmksa->pmksa;
pmksa->pmksa = entry;
pmksa_cache_set_expiration(pmksa);
} else {
entry->next = prev->next;
prev->next = entry;
}
pmksa->pmksa_count++;
wpa_printf(MSG_DEBUG, "RSN: added PMKSA cache entry for " MACSTR,
MAC2STR(entry->aa));
wpa_sm_add_pmkid(pmksa->sm, entry->aa, entry->pmkid);
return entry;
}
/**
* pmksa_cache_add - Add a PMKSA cache entry
* @pmksa: Pointer to PMKSA cache data from pmksa_cache_init()
* @pmk: The new pairwise master key
* @pmk_len: PMK length in bytes, usually PMK_LEN (32)
* @aa: Authenticator address
* @spa: Supplicant address
* @session_timeout: Session timeout
* @eapol: Pointer to EAPOL state machine data
* Returns: Pointer to the added PMKSA cache entry or %NULL on error
*
* This function create a PMKSA entry for a new PMK and adds it to the PMKSA
* cache. If an old entry is already in the cache for the same Supplicant,
* this entry will be replaced with the new entry. PMKID will be calculated
* based on the PMK.
*/
struct rsn_pmksa_cache_entry *
pmksa_cache_add(struct rsn_pmksa_cache *pmksa, const u8 *pmk, size_t pmk_len,
const u8 *aa, const u8 *spa, int session_timeout,
struct eapol_state_machine *eapol)
{
struct rsn_pmksa_cache_entry *entry, *pos, *prev;
struct os_time now;
if (pmk_len > PMK_LEN)
return NULL;
entry = wpa_zalloc(sizeof(*entry));
if (entry == NULL)
return NULL;
memcpy(entry->pmk, pmk, pmk_len);
entry->pmk_len = pmk_len;
rsn_pmkid(pmk, pmk_len, aa, spa, entry->pmkid);
os_get_time(&now);
entry->expiration = now.sec;
if (session_timeout > 0)
entry->expiration += session_timeout;
else
entry->expiration += dot11RSNAConfigPMKLifetime;
entry->akmp = WPA_KEY_MGMT_IEEE8021X;
memcpy(entry->spa, spa, ETH_ALEN);
pmksa_cache_from_eapol_data(entry, eapol);
/* Replace an old entry for the same STA (if found) with the new entry
*/
pos = pmksa_cache_get(pmksa, spa, NULL);
if (pos)
pmksa_cache_free_entry(pmksa, pos);
if (pmksa->pmksa_count >= pmksa_cache_max_entries && pmksa->pmksa) {
/* Remove the oldest entry to make room for the new entry */
wpa_printf(MSG_DEBUG, "RSN: removed the oldest PMKSA cache "
"entry (for " MACSTR ") to make room for new one",
MAC2STR(pmksa->pmksa->spa));
pmksa_cache_free_entry(pmksa, pmksa->pmksa);
}
/* Add the new entry; order by expiration time */
pos = pmksa->pmksa;
prev = NULL;
while (pos) {
if (pos->expiration > entry->expiration)
break;
prev = pos;
pos = pos->next;
}
if (prev == NULL) {
entry->next = pmksa->pmksa;
pmksa->pmksa = entry;
} else {
entry->next = prev->next;
prev->next = entry;
}
entry->hnext = pmksa->pmkid[PMKID_HASH(entry->pmkid)];
pmksa->pmkid[PMKID_HASH(entry->pmkid)] = entry;
pmksa->pmksa_count++;
wpa_printf(MSG_DEBUG, "RSN: added PMKSA cache entry for " MACSTR,
MAC2STR(entry->spa));
wpa_hexdump(MSG_DEBUG, "RSN: added PMKID", entry->pmkid, PMKID_LEN);
pmksa_cache_set_expiration(pmksa) ;
return entry;
}
struct rsn_pmksa_cache *
pmksa_cache_add(struct wpa_supplicant *wpa_s, const u8 *pmk,
size_t pmk_len, const u8 *aa, const u8 *spa,
struct wpa_ssid *ssid)
{
struct rsn_pmksa_cache *entry, *pos, *prev;
if (wpa_s->proto != WPA_PROTO_RSN || pmk_len > PMK_LEN)
return NULL;
entry = malloc(sizeof(*entry));
if (entry == NULL)
return NULL;
memset(entry, 0, sizeof(*entry));
memcpy(entry->pmk, pmk, pmk_len);
entry->pmk_len = pmk_len;
rsn_pmkid(pmk, aa, spa, entry->pmkid);
entry->expiration = time(NULL) + dot11RSNAConfigPMKLifetime;
entry->akmp = WPA_KEY_MGMT_IEEE8021X;
memcpy(entry->aa, aa, ETH_ALEN);
entry->ssid = ssid;
/* Replace an old entry for the same Authenticator (if found) with the
* new entry */
pos = wpa_s->pmksa;
prev = NULL;
while (pos) {
if (memcmp(aa, pos->aa, ETH_ALEN) == 0) {
if (prev == NULL)
wpa_s->pmksa = pos->next;
else
prev->next = pos->next;
pmksa_cache_free_entry(wpa_s, pos);
break;
}
prev = pos;
pos = pos->next;
}
if (wpa_s->pmksa_count >= pmksa_cache_max_entries && wpa_s->pmksa) {
/* Remove the oldest entry to make room for the new entry */
pos = wpa_s->pmksa;
wpa_s->pmksa = pos->next;
wpa_printf(MSG_DEBUG, "RSN: removed the oldest PMKSA cache "
"entry (for " MACSTR ") to make room for new one",
MAC2STR(pos->aa));
wpa_drv_remove_pmkid(wpa_s, pos->aa, pos->pmkid);
pmksa_cache_free_entry(wpa_s, pos);
}
/* Add the new entry; order by expiration time */
pos = wpa_s->pmksa;
prev = NULL;
while (pos) {
if (pos->expiration > entry->expiration)
break;
prev = pos;
pos = pos->next;
}
if (prev == NULL) {
entry->next = wpa_s->pmksa;
wpa_s->pmksa = entry;
} else {
entry->next = prev->next;
prev->next = entry;
}
wpa_s->pmksa_count++;
wpa_printf(MSG_DEBUG, "RSN: added PMKSA cache entry for " MACSTR,
MAC2STR(entry->aa));
wpa_drv_add_pmkid(wpa_s, entry->aa, entry->pmkid);
return entry;
}
