Possible bug, saved WEP security network will try to associatewith SAME SSID but wpa security network

Zheng BaoZhong-E13358 bao-zhong
Sun Oct 18 19:19:42 PDT 2009

For my test, we are using LINKSYS, CISCO and DLINK Aps, and when wpa
security is enabled, capability info in beacons is privacy enabled.

I mean my Aps privacy is enabled when it is set to wpapsk or wpa2psk,
but WEP is disabled.

I do not find one AP which supports wpapsk/wpa2psk mixed with WEP
open/share security.

Even blacklist mechanism in wpa_supplicant will filter those Aps last
fail connected, and finally correct AP will be picked up and connected,
for some unusual cases, if there are several Aps configured with wpapsk
security, and just one AP with WEP security, of course with same SSID,
it will cost several scan times to connect with expected WEP security

I agree this depends on how define matching for WEP operations, but
actually there are little Aps which support WEP mixed with WPA security,
and mostly AP will broadcast beacons with privacy enabled for wpa

If there is anything not right about above statements, appreciate your

Thanks again

-----Original Message-----
From: hostap-bounces at lists.shmoo.com
[mailto:hostap-bounces at lists.shmoo.com] On Behalf Of Jouni Malinen
Sent: Friday, October 16, 2009 6:40 PM
To: hostap at lists.shmoo.com
Subject: Re: Possible bug, saved WEP security network will try to
associatewith SAME SSID but wpa security network

On Fri, Oct 16, 2009 at 04:43:20PM +0800, Zheng BaoZhong-E13358 wrote:

> I have one AP with "test" SSID, and wpapsk security.
> I add one network with "test" SSID and WEP security.
> >From log, AP is found by scan and wpa_supplicant tries to associate 
> >with
> AP, even the security is not matching.

Well.. That depends on how you define matching for WEP operations. If
you were to consider a legacy device that only supports WEP, it would
see the Privacy flag set in the Beacon frames and would not know
anything about WPA/RSN IE. For such a device, the security seems to be
matching its own expectations and it would likely try to associate.

An AP that advertises WPA/RSN IE could also enable WEP. I do not expect
this to be a common use case, but still, it is possible. Because of
that, just blindly refusing any network with WPA/RSN IE when configured
to use WEP may not be that good of an idea.

It is trivial to great this type of scenario in a test environment, but
does this really show up as any real world issues? The blacklist
mechanism in wpa_supplicant should allow the correct WEP network to be
found even if there are WPA/WPA2 networks using the same SSID present in
the scan results.

Jouni Malinen                                            PGP id EFC895FA
HostAP mailing list
HostAP at lists.shmoo.com

More information about the Hostap mailing list