AW: wpa_supplicant ndiswrapper

Jouni Malinen j at w1.fi
Sun Aug 10 10:43:04 EDT 2008


On Thu, Aug 07, 2008 at 08:34:45PM +0200, Gerhard Schaden wrote:

> Can you think of the parts in wpa_supplicant, which may have race conditions? Is this new packet which looks like the 3/4 handshake, queued somewhere in wpa_supplicant or rather in the driver, ndiswrapper, kernel?

The most likely race condition is in the driver when wpa_supplicant
sends msg 4/4 and immediately after that sets the key. If the driver
ends up encrypting the frame that was sent before the key configuration,
4-way handshake will fail. A wireless sniffer that could record all the
frames between the AP and the client would be a helpful tool for
figuring out whether this is indeed the case here.

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list