DHCPDISCOVER at times not encrypted
Garcia, Paul D
paul-d-garcia at uiowa.edu
Mon May 6 14:10:22 EDT 2013
The use of the kernel interface works as advertised (DHCPDISCOVER packet IS encrypted)
By the way:
I discovered this issue while troubleshooting a DHCP issue we seem to be having with our enterprise wireless system.
Initially, I saw the DHCPDISCOVER in the wireless packet capture but not on the wire upstream from the Access Point.
However, while using WEXT as the driver interface, I noticed the DHCPDISCOVER was in the clear. This is when I first sent to this list. However, upon using the kernel interface, the DHCPDISCOVER is encrypted. NOTE: As the packet is encrypted, I 'assume' the broadcasted packet sent just after 802.1X authentication success is the DHCPDISCOVER. The time event corresponds to the station's DHCP send event
I have not gone back to the WEXT interface yet to see if the original condition remains. I can do this once I have solved the DHCPDISCOVER upstream issue.
> -----Original Message-----
> From: hostap-bounces at lists.shmoo.com [mailto:hostap-
> bounces at lists.shmoo.com] On Behalf Of Jouni Malinen
> Sent: Friday, May 03, 2013 3:05 PM
> To: hostap at lists.shmoo.com
> Subject: Re: DHCPDISCOVER at times not encrypted
> On Fri, May 03, 2013 at 07:08:31PM +0000, Garcia, Paul D wrote:
> > sudo /usr/local/sbin/wpa_supplicant -Dwext -iwlan0
> > -c/etc/wpa_supplicant/wireless_test.conf -d
> Is there some particular reason for using WEXT as the driver interface?
> While this should obviously not happen with WEXT either, I'd rather first
> make sure the current kernel interface (nl80211) works fine. It has quite a bit
> better design for number of operations, including port authorization.
> Jouni Malinen PGP id EFC895FA
> HostAP mailing list
> HostAP at lists.shmoo.com
More information about the HostAP