wpa supplicant porting

alfred hitch alfred.hitch
Thu Jun 9 22:40:13 PDT 2005


ok that explains it .. 

I have ap_scan = 2 only, as I am having some issues with a driver call
to get  WPA IE (read not working with stability (some issue in binary
of MAC layer I have from vendor, following up .. ))

In my case, association IE's are generated by driver only and I had
configured it for WPA, so it got associated and TLS started ..

and what are u saying makes sense also (why was I not thinking of this
earlier -;)) IE info only will have the protocol to be followed.

But, I would have expected this field to be somewhere as part of (TLS
/ EAPOL key exchanges time also ? )

may be, dont know  .. 
but interesting bug, which many developers might end up into (ex: if
they port like I did) and u might like to keep in mind,
that key exchanges could go really really ahead, failing at either GTK
stage or sometimes at 2/4 handshake with MIC failures,

and at which stage there is no way of logically concluding that its
wrong protocol being worked upon ..

just keep a note for urself may be ..

I shall release code soon perhaps, but noone seems to be needing it
anyways here ..  so I have my own sweet time I believe -;l)

Cheers,
Alfred

On 6/10/05, Jouni Malinen <jkmaline at cc.hut.fi> wrote:
> On Thu, Jun 09, 2005 at 10:03:59PM -0700, Jouni Malinen wrote:
> 
> > The proto option is used to list the allowed protocol versions and if
> > scan results can be used, wpa_supplicant will select one of the allowed
> > protocols. RSN/WPA2 is selected if it is allowed (the default
> > configuration) and the AP is advertising support for WPA2 (i.e.,
> > includes an RSN IE in the Beacon).
> >
> > This works with Host AP driver when using ap_scan=1 (default). Please
> > send a debug log from wpa_supplicant if you cannot get this working.
> 
> Actually, you had already sent a debug log in a previous message. The
> problem was indeed in configuring multiple protocols for ap_scan=2.
> Since wpa_supplicant does not get scan results in this case, it will
> just pick one proto (RSN) and try to use it. In other words, with
> ap_scan=2, the security policy has to be explicitly configured (this
> includes proto and ciphers).
> 
> --
> Jouni Malinen                                            PGP id EFC895FA
> _______________________________________________
> HostAP mailing list
> HostAP at shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
>




More information about the Hostap mailing list