Using WPA-NONE, the same key is used on multiple stations. As such, with
at least 3 nodes, a node will receive frames from the other 2 nodes and
frames from one of those nodes will be ignored since they are being
detected as replayed.
Note: WPA-NONE is not specified in 802.11i. Instead WPA2 should be used,
but it is not currently implemented.
Signed-off-by: Benoit Papillault <benoit.papillault@xxxxxxx>
---
net/mac80211/tkip.c | 6 +++++-
net/mac80211/wpa.c | 10 +++++++---
2 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c
index 7ef491e..f7e0062 100644
--- a/net/mac80211/tkip.c
+++ b/net/mac80211/tkip.c
@@ -234,6 +234,7 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
u8 rc4key[16], keyid, *pos = payload;
int res;
const u8 *tk = &key->conf.key[NL80211_TKIP_DATA_OFFSET_ENCR_KEY];
+ bool tkip_decrypt_replay = 0;
if (payload_len < 12)
return -1;
@@ -271,7 +272,7 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
iv32, iv16, key->u.tkip.rx[queue].iv32,
key->u.tkip.rx[queue].iv16);
#endif
- return TKIP_DECRYPT_REPLAY;
+ tkip_decrypt_replay = 1;
}
if (only_iv) {
@@ -338,5 +339,8 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
*out_iv16 = iv16;
}
+ if (tkip_decrypt_replay)
+ return TKIP_DECRYPT_REPLAY;
+
return res;
}
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index f4971cd..da1186d 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -242,7 +242,9 @@ ieee80211_crypto_tkip_decrypt(struct ieee80211_rx_data *rx)
hdr->addr1, hwaccel, rx->queue,
&rx->tkip_iv32,
&rx->tkip_iv16);
- if (res != TKIP_DECRYPT_OK || wpa_test)
+ if ((res != TKIP_DECRYPT_OK || wpa_test) &&
+ !(res == TKIP_DECRYPT_REPLAY &&
+ rx->sdata->vif.type != NL80211_IFTYPE_ADHOC))
return RX_DROP_UNUSABLE;
/* Trim ICV */
@@ -453,7 +455,8 @@ ieee80211_crypto_ccmp_decrypt(struct ieee80211_rx_data *rx)
ccmp_hdr2pn(pn, skb->data + hdrlen);
- if (memcmp(pn, key->u.ccmp.rx_pn[rx->queue], CCMP_PN_LEN) <= 0) {
+ if ((memcmp(pn, key->u.ccmp.rx_pn[rx->queue], CCMP_PN_LEN) <= 0) &&
+ (rx->sdata->vif.type != NL80211_IFTYPE_ADHOC)) {
key->u.ccmp.replays++;
return RX_DROP_UNUSABLE;
}
@@ -576,7 +579,8 @@ ieee80211_crypto_aes_cmac_decrypt(struct ieee80211_rx_data *rx)
bip_ipn_swap(ipn, mmie->sequence_number);
- if (memcmp(ipn, key->u.aes_cmac.rx_pn, 6) <= 0) {
+ if ((memcmp(ipn, key->u.aes_cmac.rx_pn, 6) <= 0) &&
+ (rx->sdata->vif.type != NL80211_IFTYPE_ADHOC)) {
key->u.aes_cmac.replays++;
return RX_DROP_UNUSABLE;
}
--
1.5.6.5
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
