Am 23.09.19 um 22:06 schrieb Alexander Wetzel:
Am 20.09.19 um 16:37 schrieb Alexander Wetzel:
Am 20.09.19 um 15:13 schrieb Jouni Malinen:
On Sun, Sep 15, 2019 at 10:08:26PM +0200, Alexander Wetzel wrote:
diff --git a/wpa_supplicant/wpa_supplicant.c
b/wpa_supplicant/wpa_supplicant.c
@@ -200,7 +202,8 @@ int wpa_supplicant_set_wpa_none_key(struct
wpa_supplicant *wpa_s,
/* TODO: should actually remember the previously used seq#,
both for TX
* and RX from each STA.. */
- ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key,
keylen, 0);
+ ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen,
+ KEY_TYPE_BROADCAST);
Is this really KEY_TYPE_BROADCAST instead of KEY_TYPE_DEFAULT? As noted
in the beginning of this function, only one key is used for both
receiving and sending unicast and multicast frames.
< deleted some incorrect feedback and the correction of it >
Looking at the function again I have to agree hat KEY_TYPE_DEFAULT
indeed looks better here. But so far I've only studied the "modern"
parts of 802.11 and I
With the existing logic of the patches it drills down again to the
question: Do we have to install the key also as a default key?
The answer is no.
I'll try to look into that, probably at the weekend. (First have to find
that mode of operation in the standard...)
WPA-None was something never standardized. But based on the logic we
must use KEY_TYPE_DEFAULT here.
But mac80211 is actively limiting the default key to WEP: The ibss
checks for that therefore just skip over the errors.
So while the code here should now be correct when using KEY_TYPE_DEFAULT
and still work with non-mac80211 drivers I assume the complete WPA-None
method is deprecated.
Changing mac80211 to support an insecure non-standard outdated and
probably unused ibss mode is for sure nothing anyone has a interest in.
Alexander
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
