Re: WEP does not work?

From: Sam Leffler <sam_at_errno.com>
Date: Sat, 11 Dec 2004 20:51:02 -0800
Pawel Worach wrote:

> I enabled 802.11 crypto debug and did the procedure again.
> 
> # ifconfig ath0 wepmode on wepkey 1:0xXXXX78e6XXXXdbe2XXXX0127XX
> # ifconfig ath0
> ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>         inet 192.168.1.200 netmask 0xffffff00 broadcast 192.168.1.255
>         inet6 fe80::205:4eff:fe4b:7613%ath0 prefixlen 64 scopeid 0x2
>         ether 00:05:4e:4b:76:13
>         media: IEEE 802.11 Wireless Ethernet autoselect <adhoc> 
> (autoselect <adhoc>)
>         status: associated
>         ssid cookie channel 7 bssid fa:02:57:01:13:00
>         authmode OPEN privacy ON
>         wepkey 1:104-bit <XXXX78e6XXXXdbe2XXXX0127XX>
>         txpowmax 34 protmode CTS wme bintval 100
> 
> (just to demonstrate my last paragraph, the disappearing wepkey)
> # ifconfig ath0 wepmode on
> # ifconfig ath0
> ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>         inet 192.168.1.200 netmask 0xffffff00 broadcast 192.168.1.255
>         inet6 fe80::205:4eff:fe4b:7613%ath0 prefixlen 64 scopeid 0x2
>         ether 00:05:4e:4b:76:13
>         media: IEEE 802.11 Wireless Ethernet autoselect <adhoc> 
> (autoselect <adhoc>)
>         status: no carrier
>         ssid cookie
>         authmode OPEN privacy ON txpowmax 0 wme
> 
> Now it's gone. So wepmode and wepkeys need to be configured in one shot?
> After this kernel says: "[00:40:96:42:0d:9c] key (id 0) is invalid"

The 802.11 state machine is being clocked when you do this and clearing 
the global key state when it goes through the INIT state (80211debug 
+state will show you).  I added this just recently to insure key state 
was cleared when a device was marked down but on reflection it was a bad 
idea.  The following change will revert this:

Index: ieee80211_proto.c
===================================================================
RCS file: /home/ncvs/src/sys/net80211/ieee80211_proto.c,v
retrieving revision 1.10
diff -u -r1.10 ieee80211_proto.c
--- ieee80211_proto.c   8 Dec 2004 17:26:47 -0000       1.10
+++ ieee80211_proto.c   12 Dec 2004 04:47:30 -0000
_at__at_ -895,7 +895,6 _at__at_
                         ic->ic_mgt_timer = 0;
                         IF_DRAIN(&ic->ic_mgtq);
                         ieee80211_reset_bss(ic);
-                       ieee80211_crypto_delglobalkeys(ic);
                         break;
                 }
                 if (ic->ic_auth->ia_detach != NULL)

I'll think some more about the problem but probably just do the above.

	Sam
Received on Sun Dec 12 2004 - 03:51:00 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:24 UTC