TDLS: Fix checks on prohibit bits
ext_capab/ext_capab_len do not include ID and Length so no extra +2
offset should be used. This fixes a regression from commit
faf427645a
('TDLS: Use proper IE parsing
routine for non-EAPOL-Key cases') that replaced the IE parser without
noticing the difference in the pointer offset.
Signed-off-by: Flavia Vanetti <flavia.vanetti@ceva-dsp.com>
This commit is contained in:
parent
c2ad5b9218
commit
8c889222bc
1 changed files with 4 additions and 4 deletions
|
@ -2878,14 +2878,14 @@ void wpa_tdls_disassoc(struct wpa_sm *sm)
|
|||
static int wpa_tdls_prohibited(struct ieee802_11_elems *elems)
|
||||
{
|
||||
/* bit 38 - TDLS Prohibited */
|
||||
return !!(elems->ext_capab[2 + 4] & 0x40);
|
||||
return !!(elems->ext_capab[4] & 0x40);
|
||||
}
|
||||
|
||||
|
||||
static int wpa_tdls_chan_switch_prohibited(struct ieee802_11_elems *elems)
|
||||
{
|
||||
/* bit 39 - TDLS Channel Switch Prohibited */
|
||||
return !!(elems->ext_capab[2 + 4] & 0x80);
|
||||
return !!(elems->ext_capab[4] & 0x80);
|
||||
}
|
||||
|
||||
|
||||
|
@ -2898,7 +2898,7 @@ void wpa_tdls_ap_ies(struct wpa_sm *sm, const u8 *ies, size_t len)
|
|||
|
||||
if (ies == NULL ||
|
||||
ieee802_11_parse_elems(ies, len, &elems, 0) == ParseFailed ||
|
||||
elems.ext_capab == NULL || elems.ext_capab_len < 2 + 5)
|
||||
elems.ext_capab == NULL || elems.ext_capab_len < 5)
|
||||
return;
|
||||
|
||||
sm->tdls_prohibited = wpa_tdls_prohibited(&elems);
|
||||
|
@ -2917,7 +2917,7 @@ void wpa_tdls_assoc_resp_ies(struct wpa_sm *sm, const u8 *ies, size_t len)
|
|||
|
||||
if (ies == NULL ||
|
||||
ieee802_11_parse_elems(ies, len, &elems, 0) == ParseFailed ||
|
||||
elems.ext_capab == NULL || elems.ext_capab_len < 2 + 5)
|
||||
elems.ext_capab == NULL || elems.ext_capab_len < 5)
|
||||
return;
|
||||
|
||||
if (!sm->tdls_prohibited && wpa_tdls_prohibited(&elems)) {
|
||||
|
|
Loading…
Reference in a new issue