Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / connectivity / shill / 66c8600f8410ed205701921d58d9e2c00000047c^! / . / wifi_service.cc
commit66c8600f8410ed205701921d58d9e2c00000047c[log] [tgz]
authorPaul Stewart <pstew@chromium.org>Mon Jan 30 18:00:52 2012 -0800
committerGerrit <chrome-bot@google.com>Fri Feb 03 13:00:21 2012 -0800
tree08f0c1a43aed8e6b2d52e24f8698dd2283b0329a
parenta20cbc2864edf5491cfa1fa240ba83c30b8a483c [diff] [blame]
shill: Clear PMKSA cached credentials on unload

When an 802.1x WiFi service Unload()s, ask wpa_supplicant to clear
all cached credentials.  This is a workaround for dropping PMKSA
cache entries in wpa_supplicant when the user logs ouut.  Newer
versions of wpa_supplicant will support dropping cache entries
automatically when netblocks are changed.  This will allow more
granular key clearing.

BUG=chromium-os:23367
TEST=New unit test

Change-Id: I94d69b6943d69c7f5f31ed7846d908b38ce8e6c8
Reviewed-on: https://gerrit.chromium.org/gerrit/15163
Commit-Ready: Paul Stewart <pstew@chromium.org>
Reviewed-by: Paul Stewart <pstew@chromium.org>
Tested-by: Paul Stewart <pstew@chromium.org>

diff --git a/wifi_service.cc b/wifi_service.cc
index e2fd9c6..b4ef8bb 100644
--- a/wifi_service.cc
+++ b/wifi_service.cc

@@ -281,6 +281,17 @@
   hidden_ssid_ = false;
   passphrase_ = "";
   UpdateConnectable();
+  if (security_ == flimflam::kSecurity8021x) {
+    // TODO(pstew): 802.1x/RSN networks (as opposed to 802.1x/WPA or
+    // 802.1x/WEP) have the ability to cache WPA PMK credentials.
+    // Make sure that these are cleared when credentials for networks
+    // of this type goes away.
+    //
+    // When wpa_supplicant gains the ability, do this credential
+    // clearing on a per-service basis.  Also do this whenever the credentials
+    // for a service changes.  crosbug.com/25670
+    wifi_->ClearCachedCredentials();
+  }
 }
 
 bool WiFiService::IsSecurityMatch(const string &security) const {