hostapd: rsn replay counters issue
Jouni Malinen
j
Wed Feb 29 15:02:16 PST 2012
On Wed, Feb 29, 2012 at 10:23:02AM -0800, Dmitry Shmidt wrote:
> According to the src/ap/wpa_auth_ie.c code:
> Setting 16 rsn replay counters depends on if WMM mode was set.
>
> int wpa_write_rsn_ie()
> {
> ...
> if (conf->wmm_enabled) {
> /* 4 PTKSA replay counters when using WMM */
> capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2);
> }
> ...
> }
>
> However, if I don't want for my hostap to support WMM, it breaks ability to use
> WPA/WPA2 security.
Why would that break WPA/WPA2 security? If you do not enable WMM/QoS,
you don't need 16 replay counters..
Or are you running to an issue where the driver/firmware ends up
generating different WPA/RSN IE for Beacon/Probe Response and supplicant
rejects that due to mismatch in IEs? That has been somewhat of a common
bug with multiple drivers where the IEs do not get synchronized properly
between the driver and hostapd.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list