HardenedBSD/sys/net80211
Adrian Chadd 3ab5e29778 net80211: fix RSN capability parsing
The RSN capability field may be the last two bytes in the IE.
802.11-2016 9.4.2.25.1 (General) doesn't require anything
afterwards - the PMKID/List and Group Management Cipher Suite
are optional.

Thus having a check of len > 2 will miss the situation where it
IS the last field.

This showed up when developing MFP, as I'm using optional MFP
at home and optional MFP doesn't encrypt group management frames.
(It should only add the BIP message integrity check IE in each
action frame.)

Differential Revision: https://reviews.freebsd.org/D45936
2024-07-15 11:45:40 -07:00
..
_ieee80211.h
ieee80211_acl.c
ieee80211_action.c
ieee80211_action.h
ieee80211_adhoc.c
ieee80211_adhoc.h
ieee80211_ageq.c
ieee80211_ageq.h
ieee80211_alq.c
ieee80211_alq.h
ieee80211_amrr.c
ieee80211_amrr.h
ieee80211_crypto_ccmp.c
ieee80211_crypto_none.c
ieee80211_crypto_tkip.c
ieee80211_crypto_wep.c
ieee80211_crypto.c
ieee80211_crypto.h
ieee80211_ddb.c
ieee80211_dfs.c
ieee80211_dfs.h
ieee80211_freebsd.c
ieee80211_freebsd.h
ieee80211_hostap.c
ieee80211_hostap.h
ieee80211_ht.c
ieee80211_ht.h
ieee80211_hwmp.c
ieee80211_input.c
ieee80211_input.h
ieee80211_ioctl.c
ieee80211_ioctl.h
ieee80211_mesh.c
ieee80211_mesh.h
ieee80211_monitor.c
ieee80211_monitor.h
ieee80211_node.c
ieee80211_node.h
ieee80211_output.c
ieee80211_phy.c
ieee80211_phy.h
ieee80211_power.c
ieee80211_power.h
ieee80211_proto.c
ieee80211_proto.h
ieee80211_radiotap.c
ieee80211_radiotap.h
ieee80211_ratectl_none.c
ieee80211_ratectl.c
ieee80211_ratectl.h
ieee80211_regdomain.c
ieee80211_regdomain.h
ieee80211_rssadapt.c
ieee80211_rssadapt.h
ieee80211_scan_sta.c
ieee80211_scan_sw.c
ieee80211_scan_sw.h
ieee80211_scan.c
ieee80211_scan.h
ieee80211_sta.c
ieee80211_sta.h
ieee80211_superg.c
ieee80211_superg.h
ieee80211_tdma.c
ieee80211_tdma.h
ieee80211_var.h
ieee80211_vht.c
ieee80211_vht.h
ieee80211_wds.c
ieee80211_wds.h
ieee80211_wps.h
ieee80211_xauth.c
ieee80211.c
ieee80211.h