On Mon, 2008-03-17 at 21:12 +0200, Tomas Winkler wrote: > > > > > > Isn't if on integer faster then comparing 6 bytes? > > > > Probably. Does it matter though? Setting keys isn't going to be > > performance critical in any way. > > Yes but at least you do IF on something that is real not hacking with address. True. Does it matter much though? I'm open to changing it but don't think it matters too much. > > > > Is that really done though? I mean, does wpa_supplicant not also use > > > > encodeext for WEP keys? > > > > > > > Unfortunately yes. > > > > So that doesn't really help us either way, no? > > What is happening in case of static WEP is that IW_AUTH_CIPHER_NONE > IW_ENCODE_ALG_WEP are set. > Which is enough. Indeed, that should be enough. > You need only one unicast key for pairwise key. 4 keys are used only > for static WEP key. > For pairwise/dynamic WEP and TKIP you use key index in the packet but > it changes only when supplicant change the key it self. You don't have > the key alive in driver. No, that's not true, due to rekeying concerns you actually can have more than one group key at the same time in the driver/hardware. > BSS defines security setting which defined by key management for > pairwise and group key + cipher method for both . > You can run multiple SSIDs over single single BSSID. This is done > using VLANs Actually, we don't support that in mac80211. And the way I understand VLANs they are simply done by negotiating different group keys with different groups of stations each forming a VLAN. > So you can maintain multiple security settings in for one > AP. However this is not possible when using static WEP since the key > is global and the key is not attached to any address. > > There are more details into it I'm sorry if I'm not 100 clear here. > The bottom line is that you don't need more 4 WEP keys both in AP and > station mod. Same you need to maintain only one pairwise key for > station both in AP and STA mode. In AP mode you need to maintain also > one group key for each station because of the case of multiple SSIDs. Except the group keys don't really matter for an AP since they're TX only, which is why we add them with a zeroed MAC address and can only select them for TX. > Nop. Still you can have <WEP, WEP> for <pairwise,group key> valid > setting - This is not static key. The two keys may differ. Under your > assumption the group key will override pairwise key Hm, ok. So I suppose the only way to determine "static" right now would be to check that no pairwise keys are configured at all. johannes
Attachment:
signature.asc
Description: This is a digitally signed message part
