diff options
| author | Stefan Sperling <stsp@cvs.openbsd.org> | 2020-05-26 11:45:33 +0000 |
|---|---|---|
| committer | Stefan Sperling <stsp@cvs.openbsd.org> | 2020-05-26 11:45:33 +0000 |
| commit | 309f8c473e7b76119a0d2f45904c6a492bf96f36 (patch) | |
| tree | 1503b442e5f82d70597419a0decae76d64768eb4 /sys/net80211 | |
| parent | faf9a7e09d99fe13ab97ab4249f65d50f31029b5 (diff) | |
Let unencrypted 802.11 frames pass during hardware decryption post-processing.
Some drivers, such as ral(4), cannot provide the IV required for a replay
check because hardware strips the IV before passing the frame to the driver.
Which means frames with the RXI_HWDEC flag but without the 'protected' bit
set in the frame header must be passed without any further verification and
without updating the last-seen packet number.
All we can do is hope that these devices perform replay checking correctly.
Fixes a regression where some ral(4) devices would fail to receive packets
on encrypted networks. Reported and fix confirmed by Hendrik Meyburgh.
ok mpi@
Diffstat (limited to 'sys/net80211')
| -rw-r--r-- | sys/net80211/ieee80211_input.c | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/sys/net80211/ieee80211_input.c b/sys/net80211/ieee80211_input.c index de44d5a0a95..52a3fd03eaf 100644 --- a/sys/net80211/ieee80211_input.c +++ b/sys/net80211/ieee80211_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ieee80211_input.c,v 1.216 2020/05/15 14:21:09 stsp Exp $ */ +/* $OpenBSD: ieee80211_input.c,v 1.217 2020/05/26 11:45:32 stsp Exp $ */ /*- * Copyright (c) 2001 Atsushi Onoe @@ -178,9 +178,12 @@ ieee80211_input_hwdecrypt(struct ieee80211com *ic, struct ieee80211_node *ni, switch (k->k_cipher) { case IEEE80211_CIPHER_CCMP: if (!(wh->i_fc[1] & IEEE80211_FC1_PROTECTED)) { - /* drop unencrypted */ - ic->ic_stats.is_rx_unencrypted++; - return NULL; + /* + * If the protected bit is clear then hardware has + * stripped the IV and we must trust that it handles + * replay detection correctly. + */ + break; } if (ieee80211_ccmp_get_pn(&pn, &prsc, m, k) != 0) return NULL; @@ -200,9 +203,12 @@ ieee80211_input_hwdecrypt(struct ieee80211com *ic, struct ieee80211_node *ni, break; case IEEE80211_CIPHER_TKIP: if (!(wh->i_fc[1] & IEEE80211_FC1_PROTECTED)) { - /* drop unencrypted */ - ic->ic_stats.is_rx_unencrypted++; - return NULL; + /* + * If the protected bit is clear then hardware has + * stripped the IV and we must trust that it handles + * replay detection correctly. + */ + break; } if (ieee80211_tkip_get_tsc(&pn, &prsc, m, k) != 0) return NULL; |