CVSROOT: /cvs Module name: src Changes by: dam...@cvs.openbsd.org 2009/04/14 11:43:26
Modified files:
sys/net80211 : ieee80211_crypto_tkip.c
Log message:
do not cache the computed TTAK unless MIC has been verified.
this prevents an attacker from changing the TTAK (DoS attack) by
sending a frame with a large TSC but with a bad ICV and/or MIC.
now an attacker can only invalidate the cached TTAK.
