hostapd and tkip countermeasures

divy at speakeasy.net divy
Tue Nov 1 21:05:42 PST 2005


Hi, 

> -----Original Message-----
> From: Jouni Malinen [mailto:jkmaline at cc.hut.fi]
> Sent: Thursday, October 13, 2005 02:33 AM
> To: hostap at shmoo.com
> Subject: Re: hostapd and tkip countermeasures
> 
> On Sat, Oct 08, 2005 at 09:32:51PM +0000, divy at speakeasy.net wrote:
> 
> > There does not seem to be an hostapd equivalent to the wpa_supplicant function wpa_drv_set_countermeasures(). 
> > Hostapd enforces tkip countermeasures only if it handles the management frames. 
> > If a driver only reports association events, hostapd proceeds to the authentication phase even if coutermeasures are still active.
> > 
> > Here is a proposed patch to hostapd.c that fixes the issue:
> 
> Thanks, applied. This does not fix the exact behavior since the client
> is allowed to complete association, but this is clearly improving the
> previous implementation. wpa_drv_set_countermeasures() like
> functionality and changes in the drivers would be needed to make the
> IEEE 802.11 authentication and association fail when countermeasures are
> in effect.

Please find a proposed patch in attachement which adds the hostapd_set_countermeasures() functionality and uses it for the madwifi driver.
The patch was created against hostapd-0.4.6.

Thanks,
Divy


-------------- next part --------------
A non-text attachment was scrubbed...
Name: countermeasures.diff
Type: application/octet-stream
Size: 2466 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20051102/f5eca4a7/attachment.obj 



More information about the Hostap mailing list