nl80211: only allow WEP keys during connect command

This was already documented that way in nl80211.h, but the
parsing code still accepted other key types. Change it to
really only accept WEP keys as documented.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>

diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 524f5d238c1452f1a154589cdd53ac8fc52cd08b..6cb33ae38ae354f14f17e7a15e3e6decf85d0b0f 100644 (file)
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -881,16 +881,19 @@ nl80211_parse_connkeys(struct cfg80211_registered_device *rdev,
                                                     parse.idx, false, NULL);
                if (err)
                        goto error;
+               if (parse.p.cipher != WLAN_CIPHER_SUITE_WEP40 &&
+                   parse.p.cipher != WLAN_CIPHER_SUITE_WEP104) {
+                       err = -EINVAL;
+                       goto error;
+               }
                result->params[parse.idx].cipher = parse.p.cipher;
                result->params[parse.idx].key_len = parse.p.key_len;
                result->params[parse.idx].key = result->data[parse.idx];
                memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len);
 
-               if (parse.p.cipher == WLAN_CIPHER_SUITE_WEP40 ||
-                   parse.p.cipher == WLAN_CIPHER_SUITE_WEP104) {
-                       if (no_ht)
-                               *no_ht = true;
-               }
+               /* must be WEP key if we got here */
+               if (no_ht)
+                       *no_ht = true;
        }
 
        return result;