On 04/07/2012 12:12, Johannes Berg wrote:
> Can you review it? :)
>
> + else if (ieee80211_is_robust_mgmt_frame(hdr) &&
> + (!ieee80211_is_action(hdr->frame_control) ||
> + !tx->sta || !test_sta_flag(tx->sta, WLAN_STA_MFP)))
> + tx->key = NULL;
I would have written that more like
is_robust_mgmt && !(is_action && tx->sta && test_sta_flag(mfp))
So it's more clear that we drop action frames to mfp stas, as per the spec.
> + else {
> +
> I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted);
> return TX_DROP;
is that blank line needed ?
>> Do you want to apply it yourself ? or should i include it in a series ?
>
> Then ... probably easiest for you to include it so you can work on top.
> Here's a version with commit log:
> http://p.sipsolutions.net/17ea0ebece544a59.txt
>
Ok. will send a series with this patch modified once i test it and my
new patch version.
>>> The whole drop_unencrypted seems strange to start with though...
>>
>> what to you find strange ? that it is not used in a ESS, or how it works
>> ? or both ?
>
> The way it's used/works/isn't used.
>From what i understand, data frames to unauthorized stations are dropped
well before selecting the encryption key. as stations are authorized
after or at the same time their encryption key are set, it somewhat
works. But for MFP, i'm not sure. I think that drop_unencrypted is
mistaken for "drop_unencrypted_management" there.
But i'm not an MFP expert.
I'm not sure if we should just add a separate
drop_unencrypted_management, or just replace drop_unencrypted with
drop_unencrypted_management. But in a IBSS with RSN, if wpa_supplicant
isn't recent enough, stations are always authorized by default. so
drop_encrypted is required in this case.
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
