blob: 4db5370e880bf4b9ecec1b3fe85bfeef72cfd6f8 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
--- sys/net80211/ieee80211_crypto.c.orig
+++ sys/net80211/ieee80211_crypto.c
@@ -560,13 +560,17 @@
/*
* Multicast traffic always uses the multicast key.
- * Otherwise if a unicast key is set we use that and
- * it is always key index 0. When no unicast key is
- * set we fall back to the default transmit key.
+ *
+ * Historically we would fall back to the default
+ * transmit key if there was no unicast key. This
+ * behaviour was documented up to IEEE Std 802.11-2016,
+ * 12.9.2.2 Per-MSDU/Per-A-MSDU Tx pseudocode, in the
+ * 'else' case but is no longer in later versions of
+ * the standard. Additionally falling back to the
+ * group key for unicast was a security risk.
*/
wh = mtod(m, struct ieee80211_frame *);
- if (IEEE80211_IS_MULTICAST(wh->i_addr1) ||
- IEEE80211_KEY_UNDEFINED(&ni->ni_ucastkey)) {
+ if (IEEE80211_IS_MULTICAST(wh->i_addr1)) {
if (vap->iv_def_txkey == IEEE80211_KEYIX_NONE) {
IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_CRYPTO,
wh->i_addr1,
@@ -578,6 +582,8 @@
return &vap->iv_nw_keys[vap->iv_def_txkey];
}
+ if (IEEE80211_KEY_UNDEFINED(&ni->ni_ucastkey))
+ return NULL;
return &ni->ni_ucastkey;
}
|
