[PATCH 09/15] rsn: Add debug code for pmksa cache.

[Jouni Malinen]

On Wed, Mar 05, 2014 at 04:19:54PM -0800, greearb at candelatech.com wrote:
> Dodgy radius server was causing failures.  This code was added
> to debug the problem, but was never used as user figured out RADIUS
> problem first.

>  src/rsn_supp/pmksa_cache.c |   22 ++++++++++++++++++++++
> @@ -321,6 +321,28 @@ struct rsn_pmksa_cache_entry * pmksa_cache_get(struct rsn_pmksa_cache *pmksa,
> +#if 0
> +	/* Verbose debugging, we failed to find the cache entry, so print out
> +	 * everything to figure out why.
> +	 */

I don't think I'll add this type of #if 0'ed code.

> +	wpa_printf(MSG_DEBUG, "RSN: pmksa-cache-get failed lookup, network-ctx: %p",
> +		   network_ctx);

I'm not sure pmksa_cache_get() is really the best place for printing
something like this (i.e., the caller could not that no PMKSA cache
entry was available).

> +	if (aa)
> +		wpa_printf(MSG_DEBUG, "RSN: aa: " MACSTR "", MAC2STR(aa));
> +	if (pmkid)
> +		wpa_hexdump(MSG_DEBUG, "RSN: pmkid",
> +			    pmkid, PMKID_LEN);
> +	entry = pmksa->pmksa;
> +	while (entry) {
> +		wpa_printf(MSG_DEBUG, "RSN: entry: %p  aa: " MACSTR
> +			   " network-ctx: %p",
> +			   MAC2STR(entry->aa), entry->network_ctx);
> +		wpa_hexdump(MSG_DEBUG, "RSN: pmkid",
> +			    entry->pmkid, PMKID_LEN);
> +		entry = entry->next;
> +	}

And this sounds quite excessive.. If PMKSA entries are needed for
something, they can be extracted through the control interface. Filling
the debug log with this type of information every time something tries
find a PMKSA cache entry sounds excessive.

-- 
Jouni Malinen                                            PGP id EFC895FA