wpa_supplicant TKIP countermeasures
dcbw at redhat.com
Fri Nov 16 12:35:39 EST 2012
On Fri, 2012-11-16 at 12:11 -0500, Jonathan Bagg wrote:
> Question about TKIP countermeasures in wpa_supplicant....After three
> "Event MICHAEL_MIC_FAILURE (2) received" I see wpa_supplicant say "TKIP
> countermeasures started", and then disconnects, but never reconnects
> after 60 seconds (5.2.17 step #8 in Wi-Fi CERTIFIED n System
> Interoperability Test Plan) Running wpa_supplicant v1.0
> Is wpa_supplicant supposed to handle the reconnect or is it up to the
> user / higher level software?
Looks like the supplicant blacklists that AP, disconnects, and then we
/* TODO: mark the AP rejected for 60 second. STA is
* allowed to associate with another AP.. */
Countermeasures get turned off after 60 seconds, but then we depend on a
scan to call wpa_supplicant_pick_network(), which will clear the
blacklist if no APs are found and countermeasures is off.
Is anything requesting a scan after that 60 seconds is over? If you
trigger a scan from the control interface after countermeasures are
turned off, does it find the AP and reconnect?
More information about the HostAP