[PATCH] fix infinite loop in wpa_auth state machine
michael-dev at fami-braun.de
Mon Mar 25 13:41:09 EDT 2013
when the os is out of random bytes in SM_STATE(WPA_PTK,
AUTHENTICATION2) in ap/wpa_auth.c, hostapd sends the sm to state
DISCONNECT without clearing ReAuthenticationRequest, resulting in an
infinite loop. Clearing sm->ReAuthenticationRequest using gdb fixes the
running hostapd instance for me. Also sm->Disconnect=true should be used
instead of wpa_sta_disconnect to make sure that the incomplete ANonce
does not get used.
Please find a patch attached that fixes this issue by resetting
sm->ReAuthenticationRequest even if the sta gets disconnected and uses
sm->Disconnect instead of wpa_sta_disconnect.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1278 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20130325/eba84359/attachment.bin
More information about the HostAP