Message ID | 1423224684-12016-1-git-send-email-janusz.dziedzic@tieto.com |
---|---|
State | Accepted |
Headers | show |
On Fri, Feb 06, 2015 at 01:11:24PM +0100, Janusz Dziedzic wrote: > We should not enable HT while WEP configured. > > Without the patch and WEP configure we will get message: > Association request to the driver failed Thanks, applied. I added TKIP to this list since it has the same constraint for HT even though the IBSS join command itself does not fail for it.
On 7 February 2015 at 16:15, Jouni Malinen <j@w1.fi> wrote: > On Fri, Feb 06, 2015 at 01:11:24PM +0100, Janusz Dziedzic wrote: >> We should not enable HT while WEP configured. >> >> Without the patch and WEP configure we will get message: >> Association request to the driver failed > > Thanks, applied. I added TKIP to this list since it has the same > constraint for HT even though the IBSS join command itself does not fail > for it. > Thanks. I have a question about valid encryption for IBSS, this is what I tested: 1) rsn network={ ssid="ibss-rsn" mode=1 frequency=2462 proto=RSN key_mgmt=WPA-PSK psk= "somepsk" pairwise=CCMP group=CCMP } 2) wep network={ ssid="ibss-wep" mode=1 frequency=5180 key_mgmt=NONE wep_key0="lalal" } 3) wep/tkip - mainly adopted from wpa_supplicant.conf description network={ ssid="ibss-tkip" mode=1 frequency=5180 proto=WPA key_mgmt=WPA-NONE pairwise=NONE group=TKIP psk="somepsk" } Seems 1 and 2 works fine with ath9k cards. But third don't :) I am adding that configurations to my test scripts. Is there any other option should I add for IBSS? Is 3rd correct? BR Janusz > -- > Jouni Malinen PGP id EFC895FA > _______________________________________________ > HostAP mailing list > HostAP@lists.shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap
On Sat, Feb 07, 2015 at 05:37:26PM +0100, Janusz Dziedzic wrote: > I have a question about valid encryption for IBSS, this is what I tested: You can find pretty complete set of valid IBSS configurations from tests/hwsim/test_ibss.py. > 1) rsn > network={ > ssid="ibss-rsn" > mode=1 > frequency=2462 > proto=RSN > key_mgmt=WPA-PSK > psk= "somepsk" > pairwise=CCMP > group=CCMP > } Assuming that "somepsk" is between 8 and 63 characters and does not have a space between '=' and '"', this looks fine and is really the only IBSS security configuration I would recommend to be used. > 2) wep > > network={ > ssid="ibss-wep" > mode=1 > frequency=5180 > key_mgmt=NONE > wep_key0="lalal" > } This is fine from the view point of being a valid configuration, but in general, WEP should not be used for anything. > 3) wep/tkip - mainly adopted from wpa_supplicant.conf description > > network={ > ssid="ibss-tkip" > mode=1 > frequency=5180 > proto=WPA > key_mgmt=WPA-NONE > pairwise=NONE > group=TKIP > psk="somepsk" > } I'm not sure what the "wep" part in the title has to do with this, but as long as this is referring just to TKIP and "somepsk" is between 8 and 63 characters, this would be a valid WPA-None configuration. That said, I would not recommend anyone use this taken into account the issues with missing replay protection. The mac80211_hwsim ibss_wpa_none test case has this comment: # This is supposed to work, but looks like WPA-None does not work with # mac80211 currently.. try: hwsim_utils.test_connectivity(dev[0], dev[1]) except Exception, e: logger.info("Ignoring known connectivity failure: " + str(e)) In other words, this is known to be broken in mac80211 and that comment was added more than a year ago, so I'm not sure anyone really cares enough about this to fix it.. > Seems 1 and 2 works fine with ath9k cards. But third don't :) Taken into account this doesn't work with mac80211_hwsim either, I would not bother testing (3) with ath9k. > I am adding that configurations to my test scripts. > Is there any other option should I add for IBSS? > Is 3rd correct? test_ibss has couple more options, but I'm not sure how much point there is in testing them since really the only reasonable configurations are open and RSN/CCMP.
diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index 6ad09a8..50e6524 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -1674,6 +1674,12 @@ void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s, !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS)) return; + if (wpa_s->group_cipher == WPA_CIPHER_WEP40 || + wpa_s->group_cipher == WPA_CIPHER_WEP104) { + wpa_printf(MSG_DEBUG, "IBSS: WEP detected, disable HT\n"); + return; + } + hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel); for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) { if (wpa_s->hw.modes[i].mode == hw_mode) {
We should not enable HT while WEP configured. Without the patch and WEP configure we will get message: Association request to the driver failed Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com> Conflicts: wpa_supplicant/wpa_supplicant.c --- wpa_supplicant/wpa_supplicant.c | 6 ++++++ 1 file changed, 6 insertions(+)