diff options
| author |   stsp <stsp@openbsd.org> | 2020-07-06 11:28:51 +0000 |
|---|---|---|
| committer | stsp <stsp@openbsd.org> | 2020-07-06 11:28:51 +0000 |
| commit | 797d2c3eb07d7aac3919e97698d075424c233e5e (patch) | |
| tree | 531e439ae1c8fdf6a47e3da0c5288fdeea2ac635 /sys/dev/pv/pvclock.c | |
| parent | match on D-Link DWA-121 rev B1 (diff) | |
| download | wireguard-openbsd-797d2c3eb07d7aac3919e97698d075424c233e5e.tar.xz wireguard-openbsd-797d2c3eb07d7aac3919e97698d075424c233e5e.zip | |
Repair athn(4) in client mode against WPA2 access points.
Client mode was subtly broken after support for CCMP offload was added.
In client mode we should be using the first key table slot for our CCMP
pairwise key, not an arbitrary slot based on our association ID (as is
done in hostap mode).
When the interface came up again after being reset the CCMP hardware engine
was left in a non-working state. Apparently the key table was messed up or
contained stale entries. Fix a potential timing issue in the code path which
attempts to clear the key table on device power-up. For good measure, also
clear the key table before the device is powered down.
While here, fix off-by-ones in key table slot range checks.
Problems reported by Tim Chase, Kevin Chadwick, Austin Hook, Stefan Kapfhammer.
Fix tested by me on AR9280 (PCI) and AR9271 (USB) and Kevin Chadwick on AR9280
Diffstat (limited to 'sys/dev/pv/pvclock.c')
0 files changed, 0 insertions, 0 deletions