diff options
Diffstat (limited to 'net/mac80211/wpa.c')
| -rw-r--r-- | net/mac80211/wpa.c | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c index 345e10e9b313..f809761fbfb5 100644 --- a/net/mac80211/wpa.c +++ b/net/mac80211/wpa.c | |||
| @@ -49,7 +49,7 @@ static int ieee80211_get_hdr_info(const struct sk_buff *skb, u8 **sa, u8 **da, | |||
| 49 | ieee80211_tx_result | 49 | ieee80211_tx_result |
| 50 | ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx) | 50 | ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx) |
| 51 | { | 51 | { |
| 52 | u8 *data, *sa, *da, *key, *mic, qos_tid; | 52 | u8 *data, *sa, *da, *key, *mic, qos_tid, key_offset; |
| 53 | size_t data_len; | 53 | size_t data_len; |
| 54 | u16 fc; | 54 | u16 fc; |
| 55 | struct sk_buff *skb = tx->skb; | 55 | struct sk_buff *skb = tx->skb; |
| @@ -88,8 +88,12 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx) | |||
| 88 | #else | 88 | #else |
| 89 | authenticator = 1; | 89 | authenticator = 1; |
| 90 | #endif | 90 | #endif |
| 91 | key = &tx->key->conf.key[authenticator ? ALG_TKIP_TEMP_AUTH_TX_MIC_KEY : | 91 | /* At this point we know we're using ALG_TKIP. To get the MIC key |
| 92 | ALG_TKIP_TEMP_AUTH_RX_MIC_KEY]; | 92 | * we now will rely on the offset from the ieee80211_key_conf::key */ |
| 93 | key_offset = authenticator ? | ||
| 94 | NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY : | ||
| 95 | NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY; | ||
| 96 | key = &tx->key->conf.key[key_offset]; | ||
| 93 | mic = skb_put(skb, MICHAEL_MIC_LEN); | 97 | mic = skb_put(skb, MICHAEL_MIC_LEN); |
| 94 | michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic); | 98 | michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic); |
| 95 | 99 | ||
| @@ -100,7 +104,7 @@ ieee80211_tx_h_michael_mic_add(struct ieee80211_tx_data *tx) | |||
| 100 | ieee80211_rx_result | 104 | ieee80211_rx_result |
| 101 | ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx) | 105 | ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx) |
| 102 | { | 106 | { |
| 103 | u8 *data, *sa, *da, *key = NULL, qos_tid; | 107 | u8 *data, *sa, *da, *key = NULL, qos_tid, key_offset; |
| 104 | size_t data_len; | 108 | size_t data_len; |
| 105 | u16 fc; | 109 | u16 fc; |
| 106 | u8 mic[MICHAEL_MIC_LEN]; | 110 | u8 mic[MICHAEL_MIC_LEN]; |
| @@ -131,8 +135,12 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx) | |||
| 131 | #else | 135 | #else |
| 132 | authenticator = 1; | 136 | authenticator = 1; |
| 133 | #endif | 137 | #endif |
| 134 | key = &rx->key->conf.key[authenticator ? ALG_TKIP_TEMP_AUTH_RX_MIC_KEY : | 138 | /* At this point we know we're using ALG_TKIP. To get the MIC key |
| 135 | ALG_TKIP_TEMP_AUTH_TX_MIC_KEY]; | 139 | * we now will rely on the offset from the ieee80211_key_conf::key */ |
| 140 | key_offset = authenticator ? | ||
| 141 | NL80211_TKIP_DATA_OFFSET_RX_MIC_KEY : | ||
| 142 | NL80211_TKIP_DATA_OFFSET_TX_MIC_KEY; | ||
| 143 | key = &rx->key->conf.key[key_offset]; | ||
| 136 | michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic); | 144 | michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic); |
| 137 | if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0 || wpa_test) { | 145 | if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0 || wpa_test) { |
| 138 | if (!(rx->flags & IEEE80211_RX_RA_MATCH)) | 146 | if (!(rx->flags & IEEE80211_RX_RA_MATCH)) |