CVSROOT: /cvs Module name: src Changes by: dam...@cvs.openbsd.org 2009/04/14 11:43:26
Modified files: sys/net80211 : ieee80211_crypto_tkip.c Log message: do not cache the computed TTAK unless MIC has been verified. this prevents an attacker from changing the TTAK (DoS attack) by sending a frame with a large TSC but with a bad ICV and/or MIC. now an attacker can only invalidate the cached TTAK.