mirror of
https://github.com/torvalds/linux.git
synced 2024-11-24 13:11:40 +00:00
mac80211: drop unencrypted frames if encryption is expected
This patch fixes a regression I (most likely) introduced, namely that unencrypted frames are right now accepted even if we have a key for that specific sender. That has very bad security implications. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
This commit is contained in:
parent
8b393f1dc7
commit
8312512e81
@ -997,7 +997,7 @@ ieee80211_rx_h_drop_unencrypted(struct ieee80211_txrx_data *rx)
|
||||
if (unlikely(!(rx->fc & IEEE80211_FCTL_PROTECTED) &&
|
||||
(rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
|
||||
(rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_NULLFUNC &&
|
||||
rx->sdata->drop_unencrypted &&
|
||||
(rx->key || rx->sdata->drop_unencrypted) &&
|
||||
(rx->sdata->eapol == 0 || !ieee80211_is_eapol(rx->skb)))) {
|
||||
if (net_ratelimit())
|
||||
printk(KERN_DEBUG "%s: RX non-WEP frame, but expected "
|
||||
|
Loading…
Reference in New Issue
Block a user