summaryrefslogtreecommitdiff
path: root/net/mac80211
diff options
context:
space:
mode:
authorJouni Malinen <jouni.malinen@atheros.com>2009-01-19 16:52:00 +0200
committerJohn W. Linville <linville@tuxdriver.com>2009-01-29 16:00:51 -0500
commite0463f501fb945c1fde536d98eefc5ba156ff497 (patch)
treea4b7fb8a0ce07ab01e1efd408d21eea280827e96 /net/mac80211
parent6cd0b1cb872b3bf9fc5de4536404206ab74bafdd (diff)
mac80211: Fix drop-unencrypted for management frames
ADDBA request Action frame was sent out before 4-way handshake was completed and the initial 802.11w code ended up dropping the frame even if MFP was not enabled. While the sending of Action frames this early is not really a good idea (will break with MFP enabled), we should not break this for the MFP disabled case. This patch fixes ieee80211_tx_h_select_key() not to drop management frames if MFP is disabled. If MFP is enabled, Action frames will be dropped before keys are set per IEEE 802.11w/D7.0. Other robust management frames (i.e., Deauthentication and Disassociation frames) are allowed unprotected prior to key configuration. Signed-off-by: Jouni Malinen <jouni.malinen@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to 'net/mac80211')
-rw-r--r--net/mac80211/tx.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index ad53ea9e9c77..7b013fb0d27f 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -432,7 +432,10 @@ ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
tx->key = key;
else if (tx->sdata->drop_unencrypted &&
(tx->skb->protocol != cpu_to_be16(ETH_P_PAE)) &&
- !(info->flags & IEEE80211_TX_CTL_INJECTED)) {
+ !(info->flags & IEEE80211_TX_CTL_INJECTED) &&
+ (!ieee80211_is_robust_mgmt_frame(hdr) ||
+ (ieee80211_is_action(hdr->frame_control) &&
+ tx->sta && test_sta_flags(tx->sta, WLAN_STA_MFP)))) {
I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted);
return TX_DROP;
} else