If a sniffer capture does not include FCS for each frame, but may
included frames with invalid FCS, it would be possible for wlantest to
try to decrypt the first received frame and fail (e.g., due to CCMP MIC
mismatch) because that particular frame was corrupted and then ignore
the following retry of that frame as a duplicate even if that retry has
different payload (e.g., if its reception did not show corruption).
Work around this by skipping duplicate frame detection immediately
following a decryption failure.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
else
seq_ctrl = &sta->seq_ctrl_to_sta[tid];
else
seq_ctrl = &sta->seq_ctrl_to_sta[tid];
- if ((fc & WLAN_FC_RETRY) && hdr->seq_ctrl == *seq_ctrl) {
+ if ((fc & WLAN_FC_RETRY) && hdr->seq_ctrl == *seq_ctrl &&
+ !sta->allow_duplicate) {
u16 s = le_to_host16(hdr->seq_ctrl);
add_note(wt, MSG_MSGDUMP, "Ignore duplicated frame (seq=%u "
"frag=%u A1=" MACSTR " A2=" MACSTR ")",
u16 s = le_to_host16(hdr->seq_ctrl);
add_note(wt, MSG_MSGDUMP, "Ignore duplicated frame (seq=%u "
"frag=%u A1=" MACSTR " A2=" MACSTR ")",
}
*seq_ctrl = hdr->seq_ctrl;
}
*seq_ctrl = hdr->seq_ctrl;
+ sta->allow_duplicate = 0;
dlen, 1, peer_addr);
write_pcap_decrypted(wt, (const u8 *) hdr, hdrlen,
decrypted, dlen);
dlen, 1, peer_addr);
write_pcap_decrypted(wt, (const u8 *) hdr, hdrlen,
decrypted, dlen);
- } else if (!try_ptk_iter)
- add_note(wt, MSG_DEBUG, "Failed to decrypt frame");
+ } else {
+ if (!try_ptk_iter)
+ add_note(wt, MSG_DEBUG, "Failed to decrypt frame");
+
+ /* Assume the frame was corrupted and there was no FCS to check.
+ * Allow retry of this particular frame to be processed so that
+ * it could end up getting decrypted if it was received without
+ * corruption. */
+ sta->allow_duplicate = 1;
+ }
os_memcpy(frame + 24, decrypted, *dlen);
*dlen += 24;
}
os_memcpy(frame + 24, decrypted, *dlen);
*dlen += 24;
}
+ } else {
+ /* Assume the frame was corrupted and there was no FCS to check.
+ * Allow retry of this particular frame to be processed so that
+ * it could end up getting decrypted if it was received without
+ * corruption. */
+ sta->allow_duplicate = 1;
le16 seq_ctrl_to_sta[17];
le16 seq_ctrl_to_ap[17];
le16 seq_ctrl_to_sta[17];
le16 seq_ctrl_to_ap[17];