correct group cipher setting
Dan Williams
dcbw
Mon Jan 12 09:18:20 PST 2009
On Mon, 2009-01-12 at 18:23 +0200, Chuck Tuffli wrote:
> What is the correct value for group cipher (i.e. ssid->group_cipher)
> in the case of an open network (no encryption)? I naively assumed it
> should be WPA_CIPHER_NONE, but if it is, the saved configuration file
> causes an error:
Open networks do not need the pairwise or group keys at all. Don't even
bother putting them in the network block.
Dan
> ctrl_interface=/var/run/wpa_supplicant
> update_config=1
>
> network={
> ssid="NTGR_cNmZJtNunetOUlfXqMumTotwLxZ"
> scan_ssid=1
> key_mgmt=NONE
> pairwise=NONE
> group=NONE
> auth_alg=OPEN
> eap=WPS
> identity="WFA-SimpleConfig-Enrollee-1-0"
> }
>
> ...
> 1064.259272: scan_ssid=1 (0x1)
> 1064.261436: key_mgmt: 0x4
> 1064.262843: pairwise: 0x1
> 1064.264451: Line 9: not allowed group cipher (0x1).
> 1064.266121: Line 9: failed to parse group 'NONE'.
>
> Should wpa_config_parse_group() allow WPA_CIPHER_NONE as a valid group
> cipher or does this open an exploit? Note this is running 0.5.10 with
> my WPS patch, but the logic looks the same as 0.6.x.
>
> ---chuck
>
>
> ______________________________________________________________________
> DSP Group, Inc. automatically scans all emails and attachments using
> MessageLabs Email Security System.
> _____________________________________________________________________
> _______________________________________________
> HostAP mailing list
> HostAP at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
More information about the Hostap
mailing list