From: stsp Date: Thu, 23 May 2024 11:19:13 +0000 (+0000) Subject: increment CCMP decryption error counter if hw decrypt fails to get PN X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=7aeb1bc93336df4e88eee5075c0498cf679fac9c;p=openbsd increment CCMP decryption error counter if hw decrypt fails to get PN This case will only occur if the IV has been stripped by hardware and the driver has not cleared the protected bit in the frame header as it should. Incrementing this counter will make the problem more obvious when looking at netstat -W output. No functional change for people who do not work on wifi drivers. --- diff --git a/sys/net80211/ieee80211_input.c b/sys/net80211/ieee80211_input.c index 430b24ea31f..c426c898c56 100644 --- a/sys/net80211/ieee80211_input.c +++ b/sys/net80211/ieee80211_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ieee80211_input.c,v 1.253 2024/05/13 01:15:53 jsg Exp $ */ +/* $OpenBSD: ieee80211_input.c,v 1.254 2024/05/23 11:19:13 stsp Exp $ */ /* $NetBSD: ieee80211_input.c,v 1.24 2004/05/31 11:12:24 dyoung Exp $ */ /*- @@ -189,8 +189,10 @@ ieee80211_input_hwdecrypt(struct ieee80211com *ic, struct ieee80211_node *ni, */ break; } - if (ieee80211_ccmp_get_pn(&pn, &prsc, m, k) != 0) + if (ieee80211_ccmp_get_pn(&pn, &prsc, m, k) != 0) { + ic->ic_stats.is_ccmp_dec_errs++; return NULL; + } if (rxi->rxi_flags & IEEE80211_RXI_HWDEC_SAME_PN) { if (pn < *prsc) { ic->ic_stats.is_ccmp_replays++;