On Thu, 2017-04-06 at 16:27 +0200, Thomas Thielemann wrote: > Thanks! > > If the sequence is the following: > > 1. Prepare and execute NL80211_CMD_TRIGGER_SCAN > 2. Prepare and execute NL80211_CMD_GET_SCAN > Together with NL80211_CMD_GET_SCAN a callback is registered. > In the callback the raw data are parsed as BSS. The IE's are parsed > to. > > When do I have to fetch the beacon to get the right beacon but > without lost of the scan result? > After I fetched all scan results or immediately after the receive of > every scan result? The scan results are essentially the beacons, so you just need to read the GET_SCAN. Then when parsing the "bss info" you get from the scan results handler that you registered, you look for: NL80211_BSS_CAPABILITY: the Privacy bit is in here NL80211_BSS_INFORMATION_ELEMENTS: the IEs are obviously in here Dan > Regards, > Thomas > > > > Am 05.04.2017 um 19:24 schrieb Dan Williams <dcbw@xxxxxxxxxx>: > > > > On Wed, 2017-04-05 at 09:27 +0200, Thomas Thielemann wrote: > > > Hello! > > > > > > I need a solution to determine whether a WiFi is using WEP. I > > > know > > > there is a protection flag within MAC frame but do not know how > > > to > > > access. > > > > > > To detect whether a WiFi i protected by WPA2 I found the > > > following > > > solution: > > > > > > Scan with > > > > > > nl_sock* socket = nl_socket_alloc(); > > > genl_connect(socket); > > > struct nl_msg* msg = nlmsg_alloc(); > > > int driverId = genl_ctrl_resolve(socket, "nl80211"); > > > genlmsg_put(msg, 0, 0, driverId, 0, 0, NL80211_CMD_TRIGGER_SCAN, > > > 0); > > > > > > and fetch with > > > > > > genlmsg_put(msg, 0, 0, driverId, 0, NLM_F_DUMP, > > > NL80211_CMD_GET_SCAN, > > > 0); > > > > > > Read the received structure using nl80211_bss:: > > > NL80211_BSS_INFORMATION_ELEMENTS from nl80211.h and > > > > > > examine the field RSN(id=48) (see IEEE802.11-2012.pdf, chapter > > > 8.4.2 > > > Information elements) > > > > > > Which netlink command gives me the related data? Is it > > > NL80211_CMD_GET_BEACON? > > > > You want both the beacon (for the Privacy bit) and the information > > elements. > > > > If the privacy bit is set in beacon and there are no WPA/WPA2/RSN- > > related information elements, then the AP is using > > WEP. Unfortunately > > you don't know whether it's WEP-40 or WEP-104, but that's another > > topic. > > > > If the privacy bit is set, and there are WPA/WPA2/RSN information > > elements, then the AP *might* be using WEP in compatibility > > mode. This > > isn't very common though, so you can probably just ignore this > > case. > > > > Dan > > > >
