From: Thomas Pedersen <thomas@cozybit.com>
To: linux-wireless@vger.kernel.org
Cc: johannes@sipsolutions.net, javier@cozybit.com, linville@tuxdriver.com
Subject: [PATCH v7 07/10] mac80211: ignore peer link requests from unauthenticated stations.
Date: Mon, 4 Apr 2011 18:15:37 -0700 [thread overview]
Message-ID: <1301966140-26080-8-git-send-email-thomas@cozybit.com> (raw)
In-Reply-To: <1301966140-26080-1-git-send-email-thomas@cozybit.com>
From: Javier Cardona <javier@cozybit.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
---
net/mac80211/mesh_plink.c | 9 +++++++++
1 files changed, 9 insertions(+), 0 deletions(-)
diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c
index bafe255..5d0dd92 100644
--- a/net/mac80211/mesh_plink.c
+++ b/net/mac80211/mesh_plink.c
@@ -372,6 +372,9 @@ int mesh_plink_open(struct sta_info *sta)
__le16 llid;
struct ieee80211_sub_if_data *sdata = sta->sdata;
+ if (!test_sta_flags(sta, WLAN_STA_AUTH))
+ return -EPERM;
+
spin_lock_bh(&sta->lock);
get_random_bytes(&llid, 2);
sta->llid = llid;
@@ -484,6 +487,12 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_m
return;
}
+ if (sta && !test_sta_flags(sta, WLAN_STA_AUTH)) {
+ mpl_dbg("Mesh plink: Action frame from non-authed peer\n");
+ rcu_read_unlock();
+ return;
+ }
+
if (sta && sta->plink_state == PLINK_BLOCKED) {
rcu_read_unlock();
return;
--
1.7.4.1
next prev parent reply other threads:[~2011-04-05 2:16 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-04-05 1:15 [PATCH v7 00/10] mesh security enhancements Thomas Pedersen
2011-04-05 1:15 ` [PATCH v7 01/10] nl80211: rename NL80211_MESH_SETUP_VENDOR_PATH_SEL_IE Thomas Pedersen
2011-04-06 13:31 ` Stanislaw Gruszka
2011-04-07 19:17 ` Thomas Pedersen
2011-04-05 1:15 ` [PATCH v7 02/10] nl80211: Add userspace authentication flag to mesh setup Thomas Pedersen
2011-04-05 1:15 ` [PATCH v7 03/10] mac80211: Support userspace mesh authentication Thomas Pedersen
2011-04-05 7:28 ` Johannes Berg
2011-04-05 1:15 ` [PATCH v7 04/10] mac80211: ignore peers if security is enabled for this mesh Thomas Pedersen
2011-04-05 1:15 ` [PATCH v7 05/10] nl80211: let userspace authenticate stations Thomas Pedersen
2011-04-05 1:15 ` [PATCH v7 06/10] mac80211: Let user space receive and send mesh auth/deauth frames Thomas Pedersen
2011-04-05 1:15 ` Thomas Pedersen [this message]
2011-04-05 1:15 ` [PATCH v7 08/10] mac80211: Perform PLINK_ACTION on new station Thomas Pedersen
2011-04-05 1:15 ` [PATCH v7 09/10] nl80211: New notification to discover mesh peer candidates Thomas Pedersen
2011-04-05 1:15 ` [PATCH v7 10/10] mac80211: send notification on new peer candidate for our secure mesh Thomas Pedersen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1301966140-26080-8-git-send-email-thomas@cozybit.com \
--to=thomas@cozybit.com \
--cc=javier@cozybit.com \
--cc=johannes@sipsolutions.net \
--cc=linux-wireless@vger.kernel.org \
--cc=linville@tuxdriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).