CVSROOT: /cvs Module name: src Changes by: s...@cvs.openbsd.org 2020/05/26 05:45:32
Modified files: sys/net80211 : ieee80211_input.c Log message: Let unencrypted 802.11 frames pass during hardware decryption post-processing. Some drivers, such as ral(4), cannot provide the IV required for a replay check because hardware strips the IV before passing the frame to the driver. Which means frames with the RXI_HWDEC flag but without the 'protected' bit set in the frame header must be passed without any further verification and without updating the last-seen packet number. All we can do is hope that these devices perform replay checking correctly. Fixes a regression where some ral(4) devices would fail to receive packets on encrypted networks. Reported and fix confirmed by Hendrik Meyburgh. ok mpi@