On 5/22/2018 10:21 AM, Johannes Berg wrote:
On Tue, 2018-05-22 at 09:53 +0200, Arend van Spriel wrote:
On 5/22/2018 2:46 AM, Andrew Zaborowski wrote:
Reject NL80211_CMD_DISCONNECT, NL80211_CMD_DISASSOCIATE,
NL80211_CMD_DEAUTHENTICATE and NL80211_CMD_ASSOCIATE commands
from clients other than the connection owner set in the connect,
authenticate or associate commands, if it was set.
The main point of this check is to prevent chaos when two processes
try to use nl80211 at the same time, it's not a security measure.
The same thing should possibly be done for JOIN_IBSS/LEAVE_IBSS and
START_AP/STOP_AP.
Isn't this V2? What has changed since last time?
It was RFC before I guess.
Ah, yes. That's it.
Thanks,
Arend