John Nielsen wrote: > On Sunday 09 August 2009 01:27:07 am Sam Leffler wrote: >>> Sam Leffler <sam_at_errno.com> wrote: >> I can confirm WEP is broken on wi in sta mode (and probably ap mode). >> I found at least two bugs but couldn't get it to work so am going to >> leave it as an errata for 8.0. But what's truly odd is that WPA works >> fine despite a bug that should've caused it to not work. I knew WPA >> worked which is probably why I ignored WEP (noone in their right mind >> uses WEP when WPA is available :-)). > > So for us wrong-minded people with wi(4) hardware that lacks WPA support > is it better to stick with 7.x for now? Any patches available or a rough > ETA? Is there a specific set of 8-CURRENT commits before which WEP is > known (or strongly suspected) to work? Anything others can do to help > besides ask annoying questions? (Sadly I'm not quite enough of a kernel > hacker to adopt maintainership of wi.) Attached is what I came up with when the problem was identified. As you can see it's incomplete. I have no time to work on it more so someone else will need to follow through. Given the cost of a replacement wireless card is <US$20 I cannot imagine why anyone would not just replace it. Sam
attached mail follows:
The attached patch tries to fix WEP support in wi. Presently WEP does not work for two reasons: 1. wi_start_locked does not mask the PRIVACY bit from the header flags when finding the direction to extract mac addresses to reconstruct the 802.3 frame. Why this does not break WPA also is beyond me. 2. wi marks all tx encrypted frames WI_TXCNTL_NOCRYPT but tries to use h/w WEP support for cards that support it. I've deleted the h/w crypto support and just do the work in s/w. But the above does not fix WEP and I don't see why. If you've got any ideas it'd be nice to fix this. Otherwise if you can review what I've done it'd be appreciated. I can submit just #1 to re as that's definitely correct. Sam Index: if_wivar.h =================================================================== --- if_wivar.h (revision 196086) +++ if_wivar.h (working copy) _at__at_ -113,7 +113,6 _at__at_ int sc_porttype; u_int16_t sc_portnum; - u_int16_t sc_encryption; u_int16_t sc_monitor_port; /* RSSI interpretation */ Index: if_wi.c =================================================================== --- if_wi.c (revision 196086) +++ if_wi.c (working copy) _at__at_ -137,7 +137,6 _at__at_ static void wi_info_intr(struct wi_softc *); static int wi_write_txrate(struct wi_softc *, struct ieee80211vap *); -static int wi_write_wep(struct wi_softc *, struct ieee80211vap *); static int wi_write_multi(struct wi_softc *); static void wi_update_mcast(struct ifnet *); static void wi_update_promisc(struct ifnet *); _at__at_ -417,15 +416,6 _at__at_ sc->sc_dbm_offset = WI_PRISM_DBM_OFFSET; break; } - - /* - * Find out if we support WEP on this card. - */ - buflen = sizeof(val); - if (wi_read_rid(sc, WI_RID_WEP_AVAIL, &val, &buflen) == 0 && - val != htole16(0)) - ic->ic_cryptocaps |= IEEE80211_CRYPTO_WEP; - /* Find supported rates. */ buflen = sizeof(ratebuf); rs = &ic->ic_sup_rates[IEEE80211_MODE_11B]; _at__at_ -842,12 +832,6 _at__at_ wi_write_val(sc, WI_RID_OWN_CHNL, ieee80211_chan2ieee(ic, bss->ni_chan)); - /* Configure WEP. */ - if (ic->ic_cryptocaps & IEEE80211_CRYPTO_WEP) - wi_write_wep(sc, vap); - else - sc->sc_encryption = 0; - if ((sc->sc_flags & WI_FLAGS_HAS_WPASUPPORT) && (vap->iv_flags & IEEE80211_F_WPA)) { wi_write_val(sc, WI_RID_WPA_HANDLING, 1); _at__at_ -932,12 +916,6 _at__at_ wi_write_val(sc, WI_RID_PROMISC, 0); - /* Configure WEP. */ - if (ic->ic_cryptocaps & IEEE80211_CRYPTO_WEP) - wi_write_wep(sc, vap); - else - sc->sc_encryption = 0; - wi_enable(sc); /* enable port */ WI_UNLOCK(sc); } _at__at_ -976,7 +954,7 _at__at_ /* reconstruct 802.3 header */ wh = mtod(m0, struct ieee80211_frame *); - switch (wh->i_fc[1]) { + switch (wh->i_fc[1] & IEEE80211_FC1_DIR_MASK) { case IEEE80211_FC1_DIR_TODS: IEEE80211_ADDR_COPY(frmhdr.wi_ehdr.ether_shost, wh->i_addr2); _at__at_ -1739,71 +1717,6 _at__at_ } static int -wi_write_wep(struct wi_softc *sc, struct ieee80211vap *vap) -{ - int error = 0; - int i, keylen; - u_int16_t val; - struct wi_key wkey[IEEE80211_WEP_NKID]; - - switch (sc->sc_firmware_type) { - case WI_LUCENT: - val = (vap->iv_flags & IEEE80211_F_PRIVACY) ? 1 : 0; - error = wi_write_val(sc, WI_RID_ENCRYPTION, val); - if (error) - break; - if ((vap->iv_flags & IEEE80211_F_PRIVACY) == 0) - break; - error = wi_write_val(sc, WI_RID_TX_CRYPT_KEY, vap->iv_def_txkey); - if (error) - break; - memset(wkey, 0, sizeof(wkey)); - for (i = 0; i < IEEE80211_WEP_NKID; i++) { - keylen = vap->iv_nw_keys[i].wk_keylen; - wkey[i].wi_keylen = htole16(keylen); - memcpy(wkey[i].wi_keydat, vap->iv_nw_keys[i].wk_key, - keylen); - } - error = wi_write_rid(sc, WI_RID_DEFLT_CRYPT_KEYS, - wkey, sizeof(wkey)); - sc->sc_encryption = 0; - break; - - case WI_INTERSIL: - val = HOST_ENCRYPT | HOST_DECRYPT; - if (vap->iv_flags & IEEE80211_F_PRIVACY) { - /* - * ONLY HWB3163 EVAL-CARD Firmware version - * less than 0.8 variant2 - * - * If promiscuous mode disable, Prism2 chip - * does not work with WEP . - * It is under investigation for details. - * (ichiro_at_netbsd.org) - */ - if (sc->sc_sta_firmware_ver < 802 ) { - /* firm ver < 0.8 variant 2 */ - wi_write_val(sc, WI_RID_PROMISC, 1); - } - wi_write_val(sc, WI_RID_CNFAUTHMODE, - vap->iv_bss->ni_authmode); - val |= PRIVACY_INVOKED; - } else { - wi_write_val(sc, WI_RID_CNFAUTHMODE, IEEE80211_AUTH_OPEN); - } - error = wi_write_val(sc, WI_RID_P2_ENCRYPTION, val); - if (error) - break; - sc->sc_encryption = val; - if ((val & PRIVACY_INVOKED) == 0) - break; - error = wi_write_val(sc, WI_RID_P2_TX_CRYPT_KEY, vap->iv_def_txkey); - break; - } - return error; -} - -static int wi_cmd(struct wi_softc *sc, int cmd, int val0, int val1, int val2) { int i, s = 0;Received on Tue Sep 01 2009 - 13:29:55 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:54 UTC