On 04/07/2012 12:12, Johannes Berg wrote: > Can you review it? :) > > + else if (ieee80211_is_robust_mgmt_frame(hdr) && > + (!ieee80211_is_action(hdr->frame_control) || > + !tx->sta || !test_sta_flag(tx->sta, WLAN_STA_MFP))) > + tx->key = NULL; I would have written that more like is_robust_mgmt && !(is_action && tx->sta && test_sta_flag(mfp)) So it's more clear that we drop action frames to mfp stas, as per the spec. > + else { > + > I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted); > return TX_DROP; is that blank line needed ? >> Do you want to apply it yourself ? or should i include it in a series ? > > Then ... probably easiest for you to include it so you can work on top. > Here's a version with commit log: > http://p.sipsolutions.net/17ea0ebece544a59.txt > Ok. will send a series with this patch modified once i test it and my new patch version. >>> The whole drop_unencrypted seems strange to start with though... >> >> what to you find strange ? that it is not used in a ESS, or how it works >> ? or both ? > > The way it's used/works/isn't used. >From what i understand, data frames to unauthorized stations are dropped well before selecting the encryption key. as stations are authorized after or at the same time their encryption key are set, it somewhat works. But for MFP, i'm not sure. I think that drop_unencrypted is mistaken for "drop_unencrypted_management" there. But i'm not an MFP expert. I'm not sure if we should just add a separate drop_unencrypted_management, or just replace drop_unencrypted with drop_unencrypted_management. But in a IBSS with RSN, if wpa_supplicant isn't recent enough, stations are always authorized by default. so drop_encrypted is required in this case. -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html