From: Johannes Berg <johannes@sipsolutions.net>
To: Jouni Malinen <j@w1.fi>
Cc: linux-wireless <linux-wireless@vger.kernel.org>,
Michael Wu <flamingice@sourmilk.net>,
"John W. Linville" <linville@tuxdriver.com>
Subject: Re: mac80211: unencrypted packet vulnerability
Date: Tue, 27 Nov 2007 14:12:17 +0100 [thread overview]
Message-ID: <1196169138.6058.7.camel@johannes.berg> (raw)
In-Reply-To: <20071127040536.GF5698@jm.kir.nu>
[-- Attachment #1: Type: text/plain, Size: 1398 bytes --]
> > The reason is that ieee80211_rx_h_drop_unencrypted() drops unencrypted
> > frames, but only if "sdata->drop_unencrypted" is set which never
> > happens!
>
> Hmm.. What happened to the original code that had (rx->key ||
> rx->sdata->drop_unencrypted)?
Hmm. Yes, that'd help. Seems that got lost at some point. I'll take a
look and fix it up.
> I thought it did.. By the use of rx->key here, not by use of
> drop_unencrypted. Anyway, like I said, drop_unencrypted is an extra
> layer of security, so having possibility of using it may be nice safety
> net should something else go wrong in the RX logic.
>
> > Considering the AP case, on the other hand, hostapd will need to be able
> > to set the setting since we don't actually look into the beacon it tells
> > us to transmit. But hostapd on the other hand doesn't even invoke the
> > iwauth ioctl! I have to admit to being rather confused.
>
> The Devicescape version of hostapd did.. I do not remember why this was
> not merged, but I would assume it was just something that I never got to
> and since it was using a private ioctl for setting the parameter that
> option already disappeared. Sure, it would be reasonable to add support
> for it now that the parameter is available with WE-18.
I think I did a patch already. I need to review all my patches and post
those that are appropriate.
johannes
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 828 bytes --]
prev parent reply other threads:[~2007-11-27 13:12 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-11-21 23:01 mac80211: unencrypted packet vulnerability Johannes Berg
2007-11-26 15:37 ` Dan Williams
2007-11-27 3:55 ` Jouni Malinen
2007-11-27 4:05 ` Jouni Malinen
2007-11-27 13:12 ` Johannes Berg [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1196169138.6058.7.camel@johannes.berg \
--to=johannes@sipsolutions.net \
--cc=flamingice@sourmilk.net \
--cc=j@w1.fi \
--cc=linux-wireless@vger.kernel.org \
--cc=linville@tuxdriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox