CVSROOT: /cvs
Module name: src
Changes by: s...@cvs.openbsd.org 2020/05/26 05:45:32
Modified files:
sys/net80211 : ieee80211_input.c
Log message:
Let unencrypted 802.11 frames pass during hardware decryption post-processing.
Some drivers, such as ral(4), cannot provide the IV required for a replay
check because hardware strips the IV before passing the frame to the driver.
Which means frames with the RXI_HWDEC flag but without the 'protected' bit
set in the frame header must be passed without any further verification and
without updating the last-seen packet number.
All we can do is hope that these devices perform replay checking correctly.
Fixes a regression where some ral(4) devices would fail to receive packets
on encrypted networks. Reported and fix confirmed by Hendrik Meyburgh.
ok mpi@
