wpa supplicant porting
alfred.hitch at gmail.com
Fri Jun 10 01:40:13 EDT 2005
ok that explains it ..
I have ap_scan = 2 only, as I am having some issues with a driver call
to get WPA IE (read not working with stability (some issue in binary
of MAC layer I have from vendor, following up .. ))
In my case, association IE's are generated by driver only and I had
configured it for WPA, so it got associated and TLS started ..
and what are u saying makes sense also (why was I not thinking of this
earlier -;)) IE info only will have the protocol to be followed.
But, I would have expected this field to be somewhere as part of (TLS
/ EAPOL key exchanges time also ? )
may be, dont know ..
but interesting bug, which many developers might end up into (ex: if
they port like I did) and u might like to keep in mind,
that key exchanges could go really really ahead, failing at either GTK
stage or sometimes at 2/4 handshake with MIC failures,
and at which stage there is no way of logically concluding that its
wrong protocol being worked upon ..
just keep a note for urself may be ..
I shall release code soon perhaps, but noone seems to be needing it
anyways here .. so I have my own sweet time I believe -;l)
On 6/10/05, Jouni Malinen <jkmaline at cc.hut.fi> wrote:
> On Thu, Jun 09, 2005 at 10:03:59PM -0700, Jouni Malinen wrote:
> > The proto option is used to list the allowed protocol versions and if
> > scan results can be used, wpa_supplicant will select one of the allowed
> > protocols. RSN/WPA2 is selected if it is allowed (the default
> > configuration) and the AP is advertising support for WPA2 (i.e.,
> > includes an RSN IE in the Beacon).
> > This works with Host AP driver when using ap_scan=1 (default). Please
> > send a debug log from wpa_supplicant if you cannot get this working.
> Actually, you had already sent a debug log in a previous message. The
> problem was indeed in configuring multiple protocols for ap_scan=2.
> Since wpa_supplicant does not get scan results in this case, it will
> just pick one proto (RSN) and try to use it. In other words, with
> ap_scan=2, the security policy has to be explicitly configured (this
> includes proto and ciphers).
> Jouni Malinen PGP id EFC895FA
> HostAP mailing list
> HostAP at shmoo.com
More information about the HostAP