Unable to connect to WPA2-Enterprise since 2.4-r1: WPA_ALG_PMK bug?
David Woodhouse
dwmw2
Fri Jul 10 13:02:11 PDT 2015
On Fri, 2015-07-10 at 21:07 +0300, Jouni Malinen wrote:
> However, I'd rather do that only in case this can really be shown to
> be because of the incorrect MSK derivation.
Yeah, that makes sense. In which case you'd still need the whole
infrastructure to calculate the 'alternative' MSK. So we might as well
stick with your existing patch which just *uses* the alternative MSK.
> it might be as simple to just have an out-of-tree patch available for
> anyone who wants to build a binary with such a capability
I don't think there's much benefit in that. If they're going to have to
fight the lack of coherent error reporting to work out what the problem
is, and then take remedial action, then they might as well just
*configure* it not to use TLSv1.2. A patch is probably harder than the
config change (although Dan we *will* need NetworkManager to be able to
set it on demand according to the config).
The benefit in a code-based 'fix' is only really if it can be merged by
default and enabled whenever eap_workaround is set.
--
dwmw2
More information about the Hostap
mailing list