On Mon, 2010-02-15 at 00:37 +0100, Benoit Papillault wrote:
> Fix for the following issue : a STA connected to a WPA2 AP was showing
> frames from others STA in tcpdump on wlan0 (promiscuous mode). In
> fact,
> those frames are not decrypted and appears as 802.3 junk. This patch
> just drops any protected data frames that have not been decrypted.
>
> Signed-off-by: Benoit Papillault <benoit.papillault@xxxxxxx>
> ---
> net/mac80211/rx.c | 8 ++++++++
> 1 files changed, 8 insertions(+), 0 deletions(-)
>
> diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
> index c9755f3..22ae6ee 100644
> --- a/net/mac80211/rx.c
> +++ b/net/mac80211/rx.c
> @@ -1397,6 +1397,14 @@ ieee80211_drop_unencrypted(struct
> ieee80211_rx_data *rx, __le16 fc)
> ieee80211_is_data(fc) &&
> (rx->key || rx->sdata->drop_unencrypted)))
> return -EACCES;
> + /*
> + * Drop encrypted frames that have not been decrypted. This
> + * happens for frames that are sent by an AP to another STA
> + */
> + if (ieee80211_has_protected(fc) &&
> + !(status->flag & RX_FLAG_DECRYPTED)) {
> + return -EACCES;
> + }
Comment #1. The && part of the if is useless. Please find out why.
johannes
Attachment:
signature.asc
Description: This is a digitally signed message part
