From 3dc27d25f288c923735e8f10fa8e578be896e96a Mon Sep 17 00:00:00 2001 From: Johannes Berg Date: Thu, 2 Jul 2009 21:36:37 +0200 Subject: [PATCH] nl80211: limit to one pairwise cipher for associate() In this case, only one cipher makes sense, unlike for connect() where it may be possible to have the card or driver select. No changes to mac80211 due to the way the structs are laid out -- but the loop in net/mac80211/cfg.c will degrade to just zero or one passes. Signed-off-by: Johannes Berg Signed-off-by: John W. Linville --- net/wireless/nl80211.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c index aa2b3f35cc48..723512b48f2e 100644 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c @@ -3119,7 +3119,8 @@ unlock_rtnl: } static int nl80211_crypto_settings(struct genl_info *info, - struct cfg80211_crypto_settings *settings) + struct cfg80211_crypto_settings *settings, + int cipher_limit) { settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT]; @@ -3134,7 +3135,7 @@ static int nl80211_crypto_settings(struct genl_info *info, if (len % sizeof(u32)) return -EINVAL; - if (settings->n_ciphers_pairwise > NL80211_MAX_NR_CIPHER_SUITES) + if (settings->n_ciphers_pairwise > cipher_limit) return -EINVAL; memcpy(settings->ciphers_pairwise, data, len); @@ -3247,7 +3248,7 @@ static int nl80211_associate(struct sk_buff *skb, struct genl_info *info) } } - err = nl80211_crypto_settings(info, &crypto); + err = nl80211_crypto_settings(info, &crypto, 1); if (!err) err = cfg80211_mlme_assoc(rdev, dev, chan, bssid, ssid, ssid_len, ie, ie_len, use_mfp, @@ -3652,7 +3653,8 @@ static int nl80211_connect(struct sk_buff *skb, struct genl_info *info) connect.privacy = info->attrs[NL80211_ATTR_PRIVACY]; - err = nl80211_crypto_settings(info, &connect.crypto); + err = nl80211_crypto_settings(info, &connect.crypto, + NL80211_MAX_NR_CIPHER_SUITES); if (err) return err; rtnl_lock(); -- 2.30.2