RE: [PATCH 09/12] common: Allow WPA_CIPHER_GTK_NOT_USED in RSNE parsing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> -----Original Message-----
> From: Jouni Malinen <j@xxxxx>
> Sent: Monday, March 02, 2020 00:07
> To: Peer, Ilan <ilan.peer@xxxxxxxxx>
> Cc: hostap@xxxxxxxxxxxxxxxxxxx
> Subject: Re: [PATCH 09/12] common: Allow WPA_CIPHER_GTK_NOT_USED in
> RSNE parsing
> 
> On Sun, Mar 01, 2020 at 08:33:30PM +0000, Peer, Ilan wrote:
> > I think I understand your concern now. At least from what I can tell
> > about
> > mac80211 it does not have any handling for such a case, i.e., not
> > allow any group addressed frames. I do not know how other drivers would
> handle this.
> 
> I think the only safe way to do this is to configure a random IGTK so that the
> drivers would not need to have any special handling for this.
> 

Agree. Should be simple enough. 

> > I can change the implementation so this would be allowed only in the
> > case of PASN. This should be simple enough. If you want me to do it
> > differently let me know.
> 
> It's a bit ugly in the generic parser function, but I guess that's fine as an initial
> step. That said, it probably makes sense to extend non-PASN PMF case to
> support no-BIP-used option as well even if that has not really been used so
> far. Though, I'm not sure there is any easy way of deploying this on the AP
> side if most already deployed STAs reject such configuration in practice and
> won't connect.
> 

As previously agreed, lets wait for the 802.11az standard to be more stable and clear about this,
and the specification allows to set 07 as group management cipher I'll align the code to match the expectation. 

Regards,

Ilan.

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux