| Message ID | 20220624143602.86BFF112@slippy.cwsent.com |
|---|---|
| State | Not Applicable |
| Headers | show
Return-Path:
<hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: bilbo.ozlabs.org;
dkim=pass (2048-bit key;
secure) header.d=lists.infradead.org header.i=@lists.infradead.org
header.a=rsa-sha256 header.s=bombadil.20210309 header.b=OKpUAx8P;
dkim-atps=neutral
Authentication-Results: ozlabs.org;
spf=none (no SPF record) smtp.mailfrom=lists.infradead.org
(client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org;
envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;
receiver=<UNKNOWN>)
Received: from bombadil.infradead.org (bombadil.infradead.org
[IPv6:2607:7c80:54:3::133])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
SHA256)
(No client certificate requested)
by bilbo.ozlabs.org (Postfix) with ESMTPS id 4LV0872YpWz9s0w
for <incoming@patchwork.ozlabs.org>; Sat, 25 Jun 2022 00:37:27 +1000 (AEST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=lists.infradead.org; s=bombadil.20210309; h=Sender:
Content-Transfer-Encoding:Content-Type:Reply-To:List-Subscribe:List-Help:
List-Post:List-Archive:List-Unsubscribe:List-Id:Message-Id:Date:Mime-Version:
Subject:cc:To:From:Content-ID:Content-Description:Resent-Date:Resent-From:
Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:
List-Owner; bh=EGAsIjsX5NjBLH+vKTw+tt4eawc232IjebGQ0p/o9CY=; b=OKpUAx8PgwuTaI
fib7Diz9hhsp/l6WmflVBPrEJGuoFDB4FFR/R5KjFLaz/0AIXR50SFupht6K405g1zXushkyHKWa/
lmahoeZVh5UfnXdqhUugLR9PBYNnNWY9PO54ZUAXcdz8HiPZ5C7M3tYiXFXegwrE6Labbdm7YJfmZ
zkbiIIzCyjvD11INLeEibBGZyjs6xL0tzEyV1+ajSuCD56rZ33aKaePdQg/ZUeC6lggV12GjmPwvG
rYNbva99oyutnVBge8jB7Jq2HVurqCGcTGCFMsoJ0fO/cXgUraEWXP7DFBYj3H9yXsDUZk7+zNJP1
Fxt8BsYi+Xvuq9T/DFPg==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux))
id 1o4kPy-002dzh-Bm; Fri, 24 Jun 2022 14:36:18 +0000
Received: from omta001.cacentral1.a.cloudfilter.net ([3.97.99.32])
by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux))
id 1o4kPu-002duP-28
for hostap@lists.infradead.org; Fri, 24 Jun 2022 14:36:15 +0000
Received: from shw-obgw-4003a.ext.cloudfilter.net ([10.228.9.183])
by cmsmtp with ESMTP
id 4fH6oJU3XwtwG4kPWoGUv4; Fri, 24 Jun 2022 14:35:50 +0000
Received: from spqr.komquats.com ([70.66.148.124])
by cmsmtp with ESMTPA
id 4kPiozR0lCg6j4kPjoT7BB; Fri, 24 Jun 2022 14:36:04 +0000
Authentication-Results: ; auth=pass (LOGIN) smtp.auth=cschuber@shaw.ca
X-Authority-Analysis: v=2.4 cv=SMhR6cjH c=1 sm=1 tr=0 ts=62b5cbd4
a=Cwc3rblV8FOMdVN/wOAqyQ==:117 a=Cwc3rblV8FOMdVN/wOAqyQ==:17
a=kj9zAlcOel0A:10 a=JPEYwPQDsx4A:10 a=YxBL1-UpAAAA:8 a=6I5d2MoRAAAA:8
a=EkcXrb_YAAAA:8 a=9uO4jIDd6w_9PauaQusA:9 a=CjuIK1q_8ugA:10
a=Ia-lj3WSrqcvXOmTRaiG:22 a=IjZwj45LgO3ly-622nXo:22 a=LK5xJRSDVpKd5WXXoEvA:22
Received: from slippy.cwsent.com (slippy [10.1.1.91])
by spqr.komquats.com (Postfix) with ESMTP id 9B8D3FF;
Fri, 24 Jun 2022 07:36:02 -0700 (PDT)
Received: by slippy.cwsent.com (Postfix, from userid 1000)
id 86BFF112; Fri, 24 Jun 2022 07:36:02 -0700 (PDT)
X-Mailer: exmh version 2.9.0 11/07/2018 with nmh-1.7+dev
From: Cy Schubert <Cy.Schubert@cschubert.com>
X-os: FreeBSD
X-Sender: cy@cwsent.com
X-URL: http://www.cschubert.com/
To: hostap@lists.infradead.org
cc: adrien@freebsd.org, bz@freebsd.org
Subject: Unable to Connect to Open Network (Part 2)
Mime-Version: 1.0
Date: Fri, 24 Jun 2022 07:36:02 -0700
Message-Id: <20220624143602.86BFF112@slippy.cwsent.com>
X-CMAE-Envelope:
MS4xfJHOHcrBZ6pIK/CdsAeLJ9sjgUm/71ddWxZdqTpnMMpAd/29HNmsmeouOaJ3oNGiPXWw+CZyZBuqOcqkDZUciW149kD6hPKW4MaLinoPlsLHHBxxO/8V
LyAk9CuEE3JRiQKrkVa82jFD1O/8ERMhDPZAQK4ZbvJbBdaSm0Z2jtePuFes4wTI//dzEMAs9+FflUjbopNMwmOvm3yQV0556EXbOaVWHZuHnchRMvAtImXU
Wx1MsDr1glLkuyutjv2Ik1G+N8ulzO3iHn53C7JXraA=
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3
X-CRM114-CacheID: sfid-20220624_073614_226945_B0FB8485
X-CRM114-Status: GOOD ( 21.22 )
X-Spam-Score: -0.7 (/)
X-Spam-Report: Spam detection software,
running on the system "bombadil.infradead.org",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Hi,
Last week I posted an email discussing a regression from
2.9 a FreeBSD user discovered. I was able to reproduce the problem locally
using a Netgear WNDR3700v3 (I have two of these, results the same on [...]
Content analysis details: (-0.7 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
-0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/,
low trust
[3.97.99.32 listed in list.dnswl.org]
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
0.0 SPF_NONE SPF: sender does not publish an SPF Record
X-BeenThere: hostap@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <hostap.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/hostap>,
<mailto:hostap-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/hostap/>
List-Post: <mailto:hostap@lists.infradead.org>
List-Help: <mailto:hostap-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/hostap>,
<mailto:hostap-request@lists.infradead.org?subject=subscribe>
Reply-To: Cy Schubert <Cy.Schubert@cschubert.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org
|
| Series |
Unable to Connect to Open Network (Part 2)
|
expand
|
diff --git a/contrib/wpa/src/drivers/driver_bsd.c b/contrib/wpa/src/drivers/ driver_bsd.c index c455bc931036..b39198b7249b 100644 --- a/contrib/wpa/src/drivers/driver_bsd.c +++ b/contrib/wpa/src/drivers/driver_bsd.c @@ -1209,6 +1209,10 @@ wpa_driver_bsd_associate(void *priv, struct wpa_driver_associate_params *params) int privacy; int ret = 0; + /* XXX woraround for PR/264238 until a better solution can be found */ + const u8 *wpa_ie_save; + size_t wpa_ie_len_save; + wpa_printf(MSG_DEBUG, "%s: ssid '%.*s' wpa ie len %u pairwise %u group %u key mgmt %u"
Hi, Last week I posted an email discussing a regression from 2.9 a FreeBSD user discovered. I was able to reproduce the problem locally using a Netgear WNDR3700v3 (I have two of these, results the same on both). The problem occurs when the primary VAP is configured with WPA and the secondary VAP (guest network on Netgear) is open and unprotected. What I'm seeing is an IE that causes wpa_supplicant to assume WPA even though key_mgmt=NONE. The hackish patch below works around the problem: , __func__ @@ -1256,9 +1260,26 @@ wpa_driver_bsd_associate(void *priv, struct wpa_driver_associate_params *params) ret = -1; if (wpa_driver_bsd_set_auth_alg(drv, params->auth_alg) < 0) ret = -1; + + /* XXX woraround for PR/264238 until a better solution can be found */ + if (params->pairwise_suite == WPA_CIPHER_NONE && + params->group_suite == WPA_CIPHER_NONE && + params->key_mgmt_suite == WPA_KEY_MGMT_NONE && + params->wpa_ie_len != 0) { + wpa_ie_save = params->wpa_ie; + wpa_ie_len_save = params->wpa_ie_len; + params->wpa_ie = NULL; + params->wpa_ie_len = 0; + } else { + wpa_ie_save = NULL; + wpa_ie_len_save = 0; + } + /* XXX error handling is wrong but unclear what to do... */ - if (wpa_driver_bsd_set_wpa_ie(drv, params->wpa_ie, params->wpa_ie_len) < 0) - return -1; + if (wpa_driver_bsd_set_wpa_ie(drv, params->wpa_ie, params->wpa_ie_len) < 0) { + ret = -1; + goto bsd_assoc_exit; + } privacy = !(params->pairwise_suite == WPA_CIPHER_NONE && params->group_suite == WPA_CIPHER_NONE && @@ -1266,20 +1287,26 @@ wpa_driver_bsd_associate(void *priv, struct wpa_driver_associate_params *params) params->wpa_ie_len == 0); wpa_printf(MSG_DEBUG, "%s: set PRIVACY %u", __func__, privacy); - if (set80211param(drv, IEEE80211_IOC_PRIVACY, privacy) < 0) - return -1; + if (set80211param(drv, IEEE80211_IOC_PRIVACY, privacy) < 0) { + ret = -1; + goto bsd_assoc_exit; + } if (params->wpa_ie_len && set80211param(drv, IEEE80211_IOC_WPA, - params->wpa_ie[0] == WLAN_EID_RSN ? 2 : 1) < 0) - return -1; + params->wpa_ie[0] == WLAN_EID_RSN ? 2 : 1) < 0) { + ret = -1; + goto bsd_assoc_exit; + } /* * NB: interface must be marked UP for association * or scanning (ap_scan=2) */ - if (bsd_get_iface_flags(drv) < 0) - return -1; + if (bsd_get_iface_flags(drv) < 0) { + ret = -1; + goto bsd_assoc_exit; + } os_memset(&mlme, 0, sizeof(mlme)); mlme.im_op = IEEE80211_MLME_ASSOC; @@ -1289,7 +1316,10 @@ wpa_driver_bsd_associate(void *priv, struct wpa_driver_associate_params *params) if (params->bssid != NULL) os_memcpy(mlme.im_macaddr, params->bssid, IEEE80211_ADDR_LEN); if (set80211var(drv, IEEE80211_IOC_MLME, &mlme, sizeof(mlme)) < 0) - return -1; + ret = -1; +bsd_assoc_exit: + params->wpa_ie = wpa_ie_save; + params->wpa_ie_len = wpa_ie_len_save; return ret; } However, the code this patch touches has been in driver_bsd.c since 2008 so, obviously the code this patch addresses is not the cause of the regression from 2.9 to 2.10. The problem lies elsewhere and the above patch treats the symptom and not the cause. The problem is I don't have nearly enough experience with hostap internals to identify the hostap commit that likely caused the regression. Where might I look to discover in hostap where the IE is received from the AP, and if this jogs someone's recollection of the patch I'd be grateful. In summary, based on my testing this only occurs on a secondary open unencrypted VAP when the primary VAP is configured for WPA. P.S. The setting of params->wpa_ie back to its original value at the end of the patch is in the one case I can find where this memory is obtained through os_malloc(), avoiding a memory leak. This is a hackish workaround but I'd prefer finding a better solution. Any help would be muchly appreciated.