correct group cipher setting

Chuck Tuffli Chuck.Tuffli at dspg.com
Mon Jan 12 11:23:00 EST 2009


What is the correct value for group cipher (i.e. ssid->group_cipher) in the case of an open network (no encryption)? I naively assumed it should be WPA_CIPHER_NONE, but if it is, the saved configuration file causes an error:

ctrl_interface=/var/run/wpa_supplicant
update_config=1

network={
	ssid="NTGR_cNmZJtNunetOUlfXqMumTotwLxZ"
	scan_ssid=1
	key_mgmt=NONE
	pairwise=NONE
	group=NONE
	auth_alg=OPEN
	eap=WPS
	identity="WFA-SimpleConfig-Enrollee-1-0"
}

...
1064.259272: scan_ssid=1 (0x1)
1064.261436: key_mgmt: 0x4
1064.262843: pairwise: 0x1
1064.264451: Line 9: not allowed group cipher (0x1).
1064.266121: Line 9: failed to parse group 'NONE'.

Should wpa_config_parse_group() allow WPA_CIPHER_NONE as a valid group cipher or does this open an exploit? Note this is running 0.5.10 with my WPS patch, but the logic looks the same as 0.6.x.

---chuck

______________________________________________________________________
DSP Group, Inc. automatically scans all emails and attachments using MessageLabs Email Security System.
_____________________________________________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20090112/89b27f18/attachment.htm 


More information about the HostAP mailing list