wpasupplicant and WEP

Jouni Malinen j at w1.fi
Mon Jan 5 04:35:32 EST 2015


On Sun, Jan 04, 2015 at 11:54:27PM +0100, Erich Titl wrote:
> How can a WEP key allow association without being correct?

When WEP is used with Open System authentication, there is no change
whatsoever to the IEEE 802.11 authentication and association when
compared to unencrypted network. In other words, the keys are not used
at all to authenticate devices. With Share Key authentication, one of
the keys is actually used, so that will fail if that specific key does
not match (or if either of the devices has issues in implementing WEP
correctly).

> > And you are sure that the DHCP request do actually show up behind the
> > AP?
> 
> It does show up for sure on the dhcp server, which is a virtual machine
> on a wire.

That's a strange part here.. I guess it would be possible for couple of
mac80211 drivers to have the same bug (well, assuming you did see this
with both the drivers you mentioned) where WEP RX does not work while
WEP TX does. At least for ath5k, the mechanism for selecting the key is
quite different for TX and RX path, so it is possible there are issues
in that area. I'm not sure whether anyone still uses WEP actively enough
to notice regressions in this area. No one sure should be using it
anymore..

> As I am writing this, a test is running, I changed the key to something
> which could not be represented as HEX.
> 
> On the dhcpserver I can observe incoming packets from my wlan0 adapter

OK. That seems to be enough to assume that the keys are same and the
issue is somehow affecting only the AP->STA direction.

> AP# iw wlan0 connect scoobly keys 0:abcdefghijklm
> AP# [ 4237.636645] b43 ssb0:0 wlan0: failed to set key 0

Huh? The driver fails to configure the key? Well, that would be clear
enough indication of a driver issue to me.. In other words, this should
really be directed at whoever might be working with b43.

> I have a wireshark trace of the connection attempt. If you think it is
> worth having a look I can send it off-list. Is there a way to see all
> frames with wireshark?

I can take a look, but it is clear that the issue is with the driver,
not wpa_supplicant, so I think this is starting to go way beyond the
topic of this specific mailing list and something like linux-wireless
could be more appropriate venue.

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list