From: Thomas Pedersen <thomas@cozybit.com>
To: linux-wireless@vger.kernel.org
Cc: javier@cozybit.com, johannes@sipsolutions.net, linville@tuxdriver.com
Subject: [PATCH v6 03/10] mac80211: ignore peers if security is enabled for this mesh
Date: Fri, 1 Apr 2011 13:35:44 -0700 [thread overview]
Message-ID: <1301690151-14979-4-git-send-email-thomas@cozybit.com> (raw)
In-Reply-To: <1301690151-14979-1-git-send-email-thomas@cozybit.com>
From: Javier Cardona <javier@cozybit.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
---
net/mac80211/mesh.c | 4 ++++
net/mac80211/mesh_plink.c | 4 ++++
net/wireless/mesh.c | 1 +
3 files changed, 9 insertions(+), 0 deletions(-)
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c
index 1c244c0..47a26c0 100644
--- a/net/mac80211/mesh.c
+++ b/net/mac80211/mesh.c
@@ -573,6 +573,10 @@ static void ieee80211_mesh_rx_bcn_presp(struct ieee80211_sub_if_data *sdata,
ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen,
&elems);
+ /* ignore beacons from secure mesh peers if our security is off */
+ if (elems.rsn_len && !sdata->u.mesh.is_secure)
+ return;
+
if (elems.ds_params && elems.ds_params_len == 1)
freq = ieee80211_channel_to_frequency(elems.ds_params[0], band);
else
diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c
index c705b20..bafe255 100644
--- a/net/mac80211/mesh_plink.c
+++ b/net/mac80211/mesh_plink.c
@@ -449,6 +449,10 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_m
mpl_dbg("Mesh plink: missing necessary peer link ie\n");
return;
}
+ if (elems.rsn_len && !sdata->u.mesh.is_secure) {
+ mpl_dbg("Mesh plink: can't establish link with secure peer\n");
+ return;
+ }
ftype = mgmt->u.action.u.plink_action.action_code;
ie_len = elems.peer_link_len;
diff --git a/net/wireless/mesh.c b/net/wireless/mesh.c
index 0d4b226..c51e3c5 100644
--- a/net/wireless/mesh.c
+++ b/net/wireless/mesh.c
@@ -55,6 +55,7 @@ const struct mesh_setup default_mesh_setup = {
.path_metric = IEEE80211_PATH_METRIC_AIRTIME,
.ie = NULL,
.ie_len = 0,
+ .is_secure = false,
};
int __cfg80211_join_mesh(struct cfg80211_registered_device *rdev,
--
1.7.4.1
next prev parent reply other threads:[~2011-04-01 21:36 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-04-01 20:35 [PATCH v6 00/10] {mac|nl}80211: mesh security enhancements Thomas Pedersen
2011-04-01 20:35 ` [PATCH v6 01/10] nl80211: rename NL80211_MESH_SETUP_VENDOR_PATH_SEL_IE Thomas Pedersen
2011-04-01 20:35 ` [PATCH v6 02/10] nl80211: Add userspace authentication flag to mesh setup Thomas Pedersen
2011-04-01 20:35 ` Thomas Pedersen [this message]
2011-04-01 20:35 ` [PATCH v6 04/10] nl80211: let userspace authenticate stations Thomas Pedersen
2011-04-01 20:35 ` [PATCH v6 05/10] mac80211: Let user space receive and send mesh auth/deauth frames Thomas Pedersen
2011-04-01 20:35 ` [PATCH v6 06/10] mac80211: ignore peer link requests from unauthenticated stations Thomas Pedersen
2011-04-01 20:35 ` [PATCH v6 07/10] mac80211: Perform PLINK_ACTION on new station Thomas Pedersen
2011-04-01 20:35 ` [PATCH v6 08/10] nl80211: New notification to discover mesh peer candidates Thomas Pedersen
2011-04-01 20:35 ` [PATCH v6 09/10] mac80211: send notification on new peer candidate for our secure mesh Thomas Pedersen
2011-04-01 20:35 ` [PATCH v6 10/10] nl80211: report mesh capabilities Thomas Pedersen
2011-04-04 12:20 ` Johannes Berg
2011-04-04 12:21 ` [PATCH v6 00/10] {mac|nl}80211: mesh security enhancements Johannes Berg
2011-04-04 20:38 ` Thomas Pedersen
2011-04-04 20:44 ` Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1301690151-14979-4-git-send-email-thomas@cozybit.com \
--to=thomas@cozybit.com \
--cc=javier@cozybit.com \
--cc=johannes@sipsolutions.net \
--cc=linux-wireless@vger.kernel.org \
--cc=linville@tuxdriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).