On Mon, 2009-05-11 at 21:57 +0300, Jouni Malinen wrote: > When using nl80211, we cannot currently set drop_unencrypted flag that > was used with WEXT to avoid need for IEEE 802.1X port control in station > mode. Because of this, we cannot currently set the keys in a secure way. > In addition, we do not support setting the expected RSC for keys either > with WEXT or nl80211 which is needed to avoid leaving a window for > replaying broadcast frames. > > This set of patches addresses these issues and allows nl80211 to > securely set up keys in station mode. This is on top of the pending > MFP patches, RX-drop-unencrypted-based-on-key-setup, and WEXT key > handling to cfg80211 patches (from Johannes). Looks good to me, thanks. One thing I'm not sure about though, is there no need to push the RSC to hardware for some hw crypto designs? But even if needed that can always be a separate patch. johannes
Attachment:
signature.asc
Description: This is a digitally signed message part