drv->has_capability and GET_CAPABILITY
Mon Aug 21 09:21:33 PDT 2006
On Mon, Aug 21, 2006 at 06:33:13AM -0400, Dan Williams wrote:
> wpa_supplicant_ctrl_iface_get_capability() seems to assume that an
> interface that fails the capability check has _all_ capabilities. If
> the return value from wpa_drv_get_capa() is -1, then for a request for
> 'pairwise' the control interface will return "CCMP TKIP NONE".
Yes, that is the generic assumption in wpa_supplicant. If the driver
does not support capability query, it is assumed to support everything
in order to avoid reducing functionality.
> If drv->has_capability is 0, that usually means that wpa_supplicant
> couldn't determine what the capabilities of the interface are, or the
> driver is old. The wext driver only sets has_capability if the driver
> is WE-18 or later. If my reading is right, any driver compiled for WE <
> 18 will report through the control interface that it supports WPA. Is
> that correct?
Yes, that's correct.
> It seems that if wpa_supplicant cannot determine what capabilities the
> interface supports, it reports support for all capabilities. That seems
> broken to me, but probably was added as a kludge to allow older,
> non-standard drivers to use WPA even though they did not report
> capabilities correctly, or for pre-WE WPA support. The problem I have
> is that I cannot rely on wpa_supplicant to reliably report what the
> capabilities for an interface are then.
That is be design. If all your drivers support capability query, the
result should be reliable.
> What I'd like to do in the dbus control interface is diverge from the
> socket/UDP control interface and be more conservative in reporting
> capabilities. But then the interfaces differ. Does that sound fine?
I would recommend not to do this and rather concentrate on adding
support for drivers to report their capabilities. I would like to see
all control interfaces showing the same results. However, if you think
that there is need for reporting only the capabilities that the driver
explicitly advertised, I would be willing to live with an extra argument
to GET_CAPABILITY (on all ctrl_ifaces) for not defaulting to all
enabled. In other words, there could be "GET_CAPABILITY pairwise" with
current behavior and "GET_CAPABILITY pairwise strict" for requesting the
list in the way you would like to see it here.
Jouni Malinen PGP id EFC895FA
More information about the Hostap