wpa_supplicant/NM fallback to WPA?
Johannes Berg
johannes
Tue May 6 12:24:41 PDT 2008
> No, I don't think that would be a good idea. Security policy should be
> to pick the best available (i.e., enabled at both ends) option and stick
> to it.. If you have to live with such a broken AP, I would assume you
> can configure wpa_supplicant to only allow WPA with it..
Right, of course I can, or I wouldn't be writing email right now. I'm
more worried about regular users ;)
> By the way, do
> you know which AP this is and could you please get me a debug log
> showing the failure if it actually goes further than association? I
> would like to know why it fails in RSN.
It's an "Arcor-Easy Box A 300 WLAN", no idea what's in that. I'll send
you a log in private, it essentially goes:
DISCONNECTED -> ASSOCIATING
ASSOCIATING -> ASSOCIATED
ASSOCIATED -> 4WAY_HANDSHAKE
WPA: RX message 1 of 4-Way Handshake
WPA: Sending EAPOL-Key 2/4
WPA: RX message 3 of 4-Way Handshake
WPA: IE in 3/4 msg does not match with IE in Beacon/ProbeResp
4WAY_HANDSHAKE -> DISCONNECTED
and simply continues like that.
johannes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 828 bytes
Desc: This is a digitally signed message part
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20080506/c90eb651/attachment.pgp
More information about the Hostap
mailing list