mka: Fix an incorrect update of participant->to_use_sak
API ieee802_1x_mka_decode_dist_sak_body() wrongly puts participant->to_use_sak to TRUE, if Distributed SAK Parameter Set of length 0 is received. In MACsec PSK mode, this stale incorrect value can create problems while re-establishing CA. In MACsec PSK mode, CA goes down if interface goes down and ideally we should be able to re-establish the CA once interface comes up. Signed-off-by: Badrish Adiga H R <badrish.adigahr@gmail.com>
This commit is contained in:
parent
00e0f0b010
commit
7faf403f9f
1 changed files with 1 additions and 1 deletions
|
@ -1559,7 +1559,7 @@ ieee802_1x_mka_decode_dist_sak_body(
|
||||||
ieee802_1x_cp_connect_authenticated(kay->cp);
|
ieee802_1x_cp_connect_authenticated(kay->cp);
|
||||||
ieee802_1x_cp_sm_step(kay->cp);
|
ieee802_1x_cp_sm_step(kay->cp);
|
||||||
wpa_printf(MSG_WARNING, "KaY:The Key server advise no MACsec");
|
wpa_printf(MSG_WARNING, "KaY:The Key server advise no MACsec");
|
||||||
participant->to_use_sak = TRUE;
|
participant->to_use_sak = FALSE;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue