RSN-IE mismatch and WPA2 preauth
jkmaline at cc.hut.fi
Mon Jan 31 23:00:20 EST 2005
On Wed, Jan 26, 2005 at 10:32:30AM -0500, Zimmermann, Christopher Brian (Chris) wrote:
> I am doing something very similar to that. I keep a local copy of the
> scan results I report via .get_scan_results function. When I report
> EVENT_ASSOCINFO, and before I report EVENT_ASSOC...I actually change the
> wpa_s->ap_rsn_ie field.
I looked into some more details of this and wpa_supplicant did not seem
to check WPA/RSN IE in message 3/4 at all when ap_scan=2 (i.e., no
scanning) was used. Actually, this made the Windows version able to roam
to another AP with different RSN IE after pre-auth.. Of course, this was
not exactly correct, since the IE verification was just bypassed
The current CVS version has a fix for this. A copy of the last scan
results are kept locally and if the cached results do not include the
new AP, scan results are required again when message 3/4 is processed.
This seemed to work with driver_ndis.c. Alternatively, drivers can also
report the Beacon/ProbeResp IEs as part of EVENT_ASSOCINFO if the needed
data is available at that point.
Jouni Malinen PGP id EFC895FA
More information about the HostAP