On Wed, Jan 07, 2009 at 04:09:04PM +0100, Johannes Berg wrote: > Or just adding it to nl80211, are we ever expecting to have pure wext > drivers with MFP capabilities?? Not that likely, I would assume. However, I would rather not start extending driver_wext.c in wpa_supplicant with nl80211 functionality and I don't see Network Manager moving away from hardcoding driver_wext anytime soon.. > Generally, the thing is that we don't really want to require people to > manually enable MFP, but rather have NM set it to "enable whenever > possible". That seems not workable unless we know which driver/hw > supports it. Sure. Enabling optional MFP automatically whenever driver/hw supports it would be nice (there is a separate policy selection of requiring MFP and that's something that users will need to configure if they want it). For this feature, I would be fine having the optional-MFP configuration in wpa_supplicant mean that it will be disabled if driver does not support it, i.e., NM would not actually need to care and it could just always set ieee80211w=1 in wpa_supplicant configuration (or well, at this point, it would need to care a bit since wpa_supplicant would reject the configuration if it was not built with 802.11w support, but that is probably fine when done over dbus and not config file). As far as wpa_supplicant is concerned, I can make it determine this by trying to enable MFP mode at startup to figure out whether the driver is capable, so there is no need to add an explicit capability flag for this if we do not want to modify WEXT. For nl80211, we can add capability flag for MFP and then driver_nl80211.c can skip this validation step. However, we would still need to add a driver-mac80211 flag for indicating whether the driver supports MFP. -- Jouni Malinen PGP id EFC895FA -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
