Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

MACsec: Update protect frames and replay on reauthentication

Some cases like ifconfig down/up may require MACsec restart. To make
sure the appropriate protect frames and replay parameters get configured
in cases where the interface was down, set these parameters from KaY
configuration to the driver before creating a new transmit SC. This
allows MACsec functionality to recover automatically on such restart.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Xiaofei Shen 10 years ago
parent
1ede3d2268
commit
f68e86a4d6
1 changed files with 3 additions and 0 deletions
Split View Show Diff Stats
  1. 3 0
      src/pae/ieee802_1x_kay.c

+ 3 - 0
src/pae/ieee802_1x_kay.c
View File 

@@ -3351,6 +3351,9 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn,
 
 	dl_list_init(&participant->rxsc_list);
 
 	participant->txsc = ieee802_1x_kay_init_transmit_sc(&kay->actor_sci,
 
 							    kay->sc_ch);
 
+	secy_cp_control_protect_frames(kay, kay->macsec_protect);
 
+	secy_cp_control_replay(kay, kay->macsec_replay_protect,
 
+			       kay->macsec_replay_window);
 
 	secy_create_transmit_sc(kay, participant->txsc);
 
 
 	/* to derive KEK from CAK and CKN */