WEP fails with Unsupported authentication algorithm (7820)

Yegor Yefremov yegorslists at googlemail.com
Mon Aug 24 11:12:29 EDT 2020


Hi Jouni,

On Sat, Aug 22, 2020 at 4:27 PM Jouni Malinen <j at w1.fi> wrote:
>
> On Mon, Aug 17, 2020 at 07:30:10PM +0200, Yegor Yefremov wrote:
> > > > > > > > During the transition from wpa_supplicant v2.4 to v2.9 on a legacy
> > > > > > > > project I get the following message:
> > > > > > > >
> > > > > > > > mgmt::auth
> > > > > > > > authentication: STA=7c:dd:90:44:a5:83 auth_alg=7820
> > > > > > > > auth_transaction=112 status_code=31962 wep=1 seq_ctrl=0x60a0
> > > > > > > > Unsupported authentication algorithm (7820)
> > > > > > > > authentication reply: STA=7c:dd:90:44:a5:83 auth_alg=7820
> > > > > > > > auth_transaction=113 resp=13 (IE len=0) (dbg=handle-auth)
>
> That was supposed to be the Authentication frame with transaction number
> 3 which is the only Authentication frame is transmitted encrypted using
> WEP. It looks like the driver used here does not support this case in a
> way that hostapd (or wpa_supplicant AP mode which shares the same
> implementation) expect.. Those values here look like the payload of that
> frame did not end up getting decrypted.
>
> > > > > > The old working rootfs had wpa_supplicant 2.4 but I have also tested
> > > > > > it with the same kernel version 5.4.8. wpa_supplicant 2.10 has no
> > > > > > problem with WPA/WPA2 and no encryption. The only problem so far is
> > > > > > WEP.
>
> I'm not sure what triggers this issue to show up just now with a newer
> snapshot of wpa_supplicant, but my first guess would be that this was
> using open system authentication before and now just happens to be ended
> up using shared key authentication (i.e., I'd expect that shared key
> authentication would not have worked even with the older version).
>
> > > > Both sides auth_alg=SHARED - KO but both sides OPEN - OK.
>
> I cannot reproduce this with another driver nor do I know of any issues
> (or any recent changes) in this part of the functionality in
> hostapd/wpa_supplicant. Taken into account the current state of WEP, I'm
> not sure there would be much point in trying to debug this any further
> with the particular driver used here to try to get that combination
> working for shared key authentication. If you really have to continue to
> support WEP, I'd go with open system authentication instead, but really,
> WEP should not be used anymore..

Yes, I think we will just remove the support for WEP. Look what we
have found concerning this problem [1]. So we can close this issue.

Thanks.

[1] https://e2e.ti.com/support/wireless-connectivity/wifi/f/968/t/420007

Regards,
Yegor



More information about the Hostap mailing list