Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b6b5555b authored by Johannes Berg's avatar Johannes Berg
Browse files

cfg80211: disallow shared key authentication with key index 4 



Key index 4 can only be used for an IGTK, so the range checks
for shared key authentication should treat 4 as an error, fix
that in the code.

Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
parent 4854f175

net/wireless/mlme.c

+1 −1
Original line number Diff line number Diff line
@@ -222,7 +222,7 @@ int cfg80211_mlme_auth(struct cfg80211_registered_device *rdev, 
	ASSERT_WDEV_LOCK(wdev);



	if (auth_type == NL80211_AUTHTYPE_SHARED_KEY)

		if (!key || !key_len || key_idx < 0 || key_idx > 4)

		if (!key || !key_len || key_idx < 0 || key_idx > 3)

			return -EINVAL;



	if (wdev->current_bss &&

net/wireless/nl80211.c

+1 −1
Original line number Diff line number Diff line
@@ -7388,7 +7388,7 @@ static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info) 
		    (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 ||

		     key.p.key_len != WLAN_KEY_LEN_WEP104))

			return -EINVAL;

		if (key.idx > 4)

		if (key.idx > 3)

			return -EINVAL;

	} else {

		key.p.key_len = 0;