wpa_supplicant question

[Jouni Malinen]

On Wed, Jan 14, 2004 at 01:43:24PM +0000, Roy Badami wrote:

> 1. freq, mode and essid will be set, with the interface still down
> 2. wpa_supplicant will be started
> 3. dhclient will be started, which will bring the interface up
> 
> My concern is what will happen if someone sets up an unencrypted
> access point using the same channel and ESSID -- is there any danger
> of my NIC associating with it, or does wpa_supplicant somehow prevent
> that from happenning?

wpa_supplicant configures the driver to drop all unencrypted frames
(both TX and RX), so this scenario should not happen if wpa_supplicant
is running.

> I notice 'add WPA support to Linux Wireless Extensions' in the todo
> list.  What would be nice is an iwconfig command (I guess iwpriv for
> the moment) to put the card into WPA-only mode (assuming such a mode
> exists) so that there is no danger of accidentally associating with a
> non-WPA AP, even if wpa_supplicant fails to start...

Closest think to this in the current version would be to disable
unencrypted frames with 'iwpriv wlan0 drop_unencrypte 1' just after
loading the driver. This does not prevent association, but should
prevent data traffic (unless of course encryption keys are set).

-- 
Jouni Malinen                                            PGP id EFC895FA