Commit 7ef2743d authored by Jes Sorensen's avatar Jes Sorensen Committed by Greg Kroah-Hartman

staging: rtl8723au: Validate keys in cfg80211_rtw_add_key()

We validate the parameters in cfg80211_rtw_add_key() so no need to do
it all again in rtw_cfg80211_{ap_}set_encryption()
Signed-off-by: default avatarJes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent 3e71669a
......@@ -512,23 +512,7 @@ static int rtw_cfg80211_ap_set_encryption(struct net_device *dev, u8 key_index,
DBG_8723A("%s\n", __func__);
if (is_broadcast_ether_addr(sta_addr)) {
if (key_index >= WEP_KEYS) {
ret = -EINVAL;
goto exit;
}
switch (keyparms->cipher) {
case WLAN_CIPHER_SUITE_WEP40:
case WLAN_CIPHER_SUITE_WEP104:
case WLAN_CIPHER_SUITE_TKIP:
case WLAN_CIPHER_SUITE_CCMP:
break;
default:
ret = -EINVAL;
goto exit;
}
} else {
if (!is_broadcast_ether_addr(sta_addr)) {
psta = rtw_get_stainfo23a(pstapriv, sta_addr);
if (!psta) {
/* ret = -EINVAL; */
......@@ -547,15 +531,6 @@ static int rtw_cfg80211_ap_set_encryption(struct net_device *dev, u8 key_index,
DBG_8723A("r871x_set_encryption, wep_key_idx =%d, len =%d\n",
key_index, key_len);
if (key_index >= WEP_KEYS || key_len <= 0) {
ret = -EINVAL;
goto exit;
}
if (key_len > 0) {
key_len = key_len <= 5 ? 5 : 13;
}
if (psecuritypriv->bWepDefaultKeyIdxSet == 0) {
/* wep default key has not been set, so use
this key index as default key. */
......@@ -586,8 +561,7 @@ static int rtw_cfg80211_ap_set_encryption(struct net_device *dev, u8 key_index,
memcpy(psecuritypriv->
dot118021XGrpKey[key_index].skey,
keyparms->key,
(key_len > 16 ? 16 : key_len));
keyparms->key, key_len);
psecuritypriv->dot118021XGrpPrivacy =
keyparms->cipher;
......@@ -628,8 +602,7 @@ static int rtw_cfg80211_ap_set_encryption(struct net_device *dev, u8 key_index,
DBG_8723A("%s, set group_key, none\n",
__func__);
psecuritypriv->dot118021XGrpPrivacy =
0;
psecuritypriv->dot118021XGrpPrivacy = 0;
}
psecuritypriv->dot118021XGrpKeyid = key_index;
......@@ -709,8 +682,7 @@ static int rtw_cfg80211_ap_set_encryption(struct net_device *dev, u8 key_index,
keyparms->cipher == WLAN_CIPHER_SUITE_WEP104) {
memcpy(psecuritypriv->
dot118021XGrpKey[key_index].skey,
keyparms->key,
(key_len > 16 ? 16 : key_len));
keyparms->key, key_len);
psecuritypriv->dot118021XGrpPrivacy =
keyparms->cipher;
......@@ -732,7 +704,6 @@ static int rtw_cfg80211_ap_set_encryption(struct net_device *dev, u8 key_index,
&keyparms->key[24], 8);
psecuritypriv->busetkipkey = 1;
} else if (keyparms->cipher == WLAN_CIPHER_SUITE_CCMP) {
psecuritypriv->dot118021XGrpPrivacy =
WLAN_CIPHER_SUITE_CCMP;
......@@ -787,42 +758,20 @@ static int rtw_cfg80211_set_encryption(struct net_device *dev, u8 key_index,
key_len = keyparms->key_len;
if (is_broadcast_ether_addr(sta_addr)) {
if (key_index >= WEP_KEYS) {
ret = -EINVAL;
goto exit;
}
} else {
ret = -EINVAL;
goto exit;
}
if (keyparms->cipher == WLAN_CIPHER_SUITE_WEP40 ||
keyparms->cipher == WLAN_CIPHER_SUITE_WEP104) {
RT_TRACE(_module_rtl871x_ioctl_os_c, _drv_err_,
("wpa_set_encryption, crypt.alg = WEP\n"));
DBG_8723A("wpa_set_encryption, crypt.alg = WEP\n");
if (key_index > WEP_KEYS || key_len <= 0) {
ret = -EINVAL;
goto exit;
}
if (psecuritypriv->bWepDefaultKeyIdxSet == 0) {
/* wep default key has not been set, so use this
key index as default key. */
key_len = key_len <= 5 ? 5 : 13;
psecuritypriv->ndisencryptstatus =
Ndis802_11Encryption1Enabled;
psecuritypriv->dot11PrivacyAlgrthm = WLAN_CIPHER_SUITE_WEP40;
psecuritypriv->dot118021XGrpPrivacy = WLAN_CIPHER_SUITE_WEP40;
if (key_len == 13) {
psecuritypriv->dot11PrivacyAlgrthm = WLAN_CIPHER_SUITE_WEP104;
psecuritypriv->dot118021XGrpPrivacy = WLAN_CIPHER_SUITE_WEP104;
}
psecuritypriv->dot11PrivacyAlgrthm = keyparms->cipher;
psecuritypriv->dot118021XGrpPrivacy = keyparms->cipher;
psecuritypriv->dot11PrivacyKeyIndex = key_index;
}
......@@ -967,7 +916,15 @@ static int cfg80211_rtw_add_key(struct wiphy *wiphy, struct net_device *ndev,
switch (params->cipher) {
case IW_AUTH_CIPHER_NONE:
case WLAN_CIPHER_SUITE_WEP40:
if (params->key_len != WLAN_KEY_LEN_WEP40) {
ret = -EINVAL;
goto exit;
}
case WLAN_CIPHER_SUITE_WEP104:
if (params->key_len != WLAN_KEY_LEN_WEP104) {
ret = -EINVAL;
goto exit;
}
case WLAN_CIPHER_SUITE_TKIP:
case WLAN_CIPHER_SUITE_CCMP:
break;
......@@ -976,6 +933,11 @@ static int cfg80211_rtw_add_key(struct wiphy *wiphy, struct net_device *ndev,
goto exit;
}
if (key_index >= WEP_KEYS || params->key_len < 0) {
ret = -EINVAL;
goto exit;
}
eth_broadcast_addr(sta_addr);
if (!mac_addr || is_broadcast_ether_addr(mac_addr))
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment