From a46269d5b00736bca1a68c3f3db7b146eb1b505e Mon Sep 17 00:00:00 2001 From: Denis Kenzior Date: Fri, 9 Jul 2021 23:32:19 -0500 Subject: [PATCH] sae: Don't destroy token on group change There's no reason why a change in groups would result in the anti-clogging token becoming invalid. This might result in us needing an extra round-trip if the peer is using countermeasures and our requested group was deemed unsuitable. --- src/sae.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/sae.c b/src/sae.c index deafff10..b61dfe31 100644 --- a/src/sae.c +++ b/src/sae.c @@ -120,9 +120,6 @@ static void sae_rejected_groups_append(struct sae_sm *sm, uint16_t group) static void sae_reset_state(struct sae_sm *sm) { - l_free(sm->token); - sm->token = NULL; - l_ecc_scalar_free(sm->scalar); sm->scalar = NULL; l_ecc_scalar_free(sm->p_scalar); @@ -1314,6 +1311,9 @@ static void sae_free(struct auth_proto *ap) sae_reset_state(sm); + l_free(sm->token); + sm->token = NULL; + if (sm->rejected_groups) free(sm->rejected_groups);