summaryrefslogtreecommitdiffstats
path: root/net/mac80211/wpa.c
diff options
context:
space:
mode:
authorJohannes Berg <johannes@sipsolutions.net>2007-08-28 23:01:53 +0200
committerDavid S. Miller <davem@sunset.davemloft.net>2007-10-11 01:48:44 +0200
commit3017b80bf0c4d6a44ccf0d35db9dadf01092b54e (patch)
treec08a6688469f857276d59bf69ef19d1d37440245 /net/mac80211/wpa.c
parent[MAC80211]: remove radar stuff (diff)
downloadlinux-3017b80bf0c4d6a44ccf0d35db9dadf01092b54e.tar.xz
linux-3017b80bf0c4d6a44ccf0d35db9dadf01092b54e.zip
[MAC80211]: fix software decryption
When doing key selection for software decryption, mac80211 gets a few things wrong: it always uses pairwise keys if configured, even if the frame is addressed to a multicast address. Also, it doesn't allow using a key index of zero if a pairwise key has also been found. This patch changes the key selection code to be (more) in line with the 802.11 specification. I have confirmed that with this, multicast frames are correctly decrypted and I've tested with WEP as well. While at it, I've cleaned up the semantics of the hardware flags IEEE80211_HW_WEP_INCLUDE_IV and IEEE80211_HW_DEVICE_HIDES_WEP and clarified them in the mac80211.h header; it is also now allowed to set the IEEE80211_HW_DEVICE_HIDES_WEP option even if it only applies to frames that have been decrypted by the hw, unencrypted frames must be dropped but encrypted frames that the hardware couldn't handle can be passed up unmodified. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Acked-by: Michael Wu <flamingice@sourmilk.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to '')
-rw-r--r--net/mac80211/wpa.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
index 783af32c6911..f5723ea15aae 100644
--- a/net/mac80211/wpa.c
+++ b/net/mac80211/wpa.c
@@ -137,9 +137,10 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_txrx_data *rx)
fc = rx->fc;
- /* If device handles decryption totally, skip this check */
- if ((rx->local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP) ||
- (rx->local->hw.flags & IEEE80211_HW_DEVICE_STRIPS_MIC))
+ /*
+ * No way to verify the MIC if the hardware stripped it
+ */
+ if (rx->local->hw.flags & IEEE80211_HW_DEVICE_STRIPS_MIC)
return TXRX_CONTINUE;
if (!rx->key || rx->key->alg != ALG_TKIP ||