diff options
Diffstat (limited to 'net/mac80211/tkip.c')
-rw-r--r-- | net/mac80211/tkip.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c index 5b11f14abfba..3abe194e4d55 100644 --- a/net/mac80211/tkip.c +++ b/net/mac80211/tkip.c | |||
@@ -238,7 +238,8 @@ void ieee80211_tkip_encrypt_data(struct crypto_blkcipher *tfm, | |||
238 | int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm, | 238 | int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm, |
239 | struct ieee80211_key *key, | 239 | struct ieee80211_key *key, |
240 | u8 *payload, size_t payload_len, u8 *ta, | 240 | u8 *payload, size_t payload_len, u8 *ta, |
241 | int only_iv, int queue) | 241 | int only_iv, int queue, |
242 | u32 *out_iv32, u16 *out_iv16) | ||
242 | { | 243 | { |
243 | u32 iv32; | 244 | u32 iv32; |
244 | u32 iv16; | 245 | u32 iv16; |
@@ -332,11 +333,14 @@ int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm, | |||
332 | res = ieee80211_wep_decrypt_data(tfm, rc4key, 16, pos, payload_len - 12); | 333 | res = ieee80211_wep_decrypt_data(tfm, rc4key, 16, pos, payload_len - 12); |
333 | done: | 334 | done: |
334 | if (res == TKIP_DECRYPT_OK) { | 335 | if (res == TKIP_DECRYPT_OK) { |
335 | /* FIX: these should be updated only after Michael MIC has been | 336 | /* |
336 | * verified */ | 337 | * Record previously received IV, will be copied into the |
337 | /* Record previously received IV */ | 338 | * key information after MIC verification. It is possible |
338 | key->u.tkip.iv32_rx[queue] = iv32; | 339 | * that we don't catch replays of fragments but that's ok |
339 | key->u.tkip.iv16_rx[queue] = iv16; | 340 | * because the Michael MIC verication will then fail. |
341 | */ | ||
342 | *out_iv32 = iv32; | ||
343 | *out_iv16 = iv16; | ||
340 | } | 344 | } |
341 | 345 | ||
342 | return res; | 346 | return res; |