This patch fixes a regression I (most likely) introduced, namely that
unencrypted frames are right now accepted even if we have a key for that
specific sender. That has very bad security implications.
Signed-off-by: Johannes Berg <johannes@xxxxxxxxxxxxxxxx>
---
This applies after Ron's RX restructuring patch.
net/mac80211/rx.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- everything.orig/net/mac80211/rx.c 2007-11-28 10:59:13.068927951 +0100
+++ everything/net/mac80211/rx.c 2007-11-28 10:59:53.708922037 +0100
@@ -993,7 +993,7 @@ ieee80211_drop_unencrypted(struct ieee80
if (unlikely(!(rx->fc & IEEE80211_FCTL_PROTECTED) &&
(rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
(rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_NULLFUNC &&
- rx->sdata->drop_unencrypted &&
+ (rx->key || rx->sdata->drop_unencrypted) &&
(!rx->sdata->eapol ||
!ieee80211_is_eapol(rx->skb, hdrlen)))) {
if (net_ratelimit())
-
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
