From: Dan Williams <dcbw@redhat.com>
To: Michael Wu <flamingice@sourmilk.net>
Cc: Hong Liu <hong.liu@intel.com>, Jiri Benc <jbenc@suse.cz>,
"John W. Linville" <linville@tuxdriver.com>,
linux-wireless@vger.kernel.org
Subject: Re: [PATCH 3/5] mac80211: fix key restricted/open display
Date: Sat, 17 Mar 2007 00:38:36 -0400 [thread overview]
Message-ID: <1174106316.3026.19.camel@localhost.localdomain> (raw)
In-Reply-To: <200703162357.22669.flamingice@sourmilk.net>
On Fri, 2007-03-16 at 23:57 -0400, Michael Wu wrote:
> On Friday 16 March 2007 23:46, Dan Williams wrote:
> > I think you're misreading the patch? It looks correct to me. The
> > second check for (erq->flags & IW_ENCODE_RESTRICTED) should ensure that
> > Shared Key is only selected when the userspace program requested it.
> >
> This breaks authentication algorithm fallback for sure.
Well, then it's broken in most of the non mac80211 drivers then.
> > Not quite. Somewhere along the line WEXT turned ENCODE_RESTRICTED into
> > the selector for Shared Key, while ENCODE_OPEN is Open System. Arguably
> > there's a larger need to specifying auth mode than rejecting unencrypted
> > associations. Most drivers do it this way, with the exception of
> > madwifi because they like to be irritatingly different. Nobody ever
> > really used the 'don't accept unencrypted' thing anyway in the old days,
> > plus ENCODEEXT has a separate flag for this.
> >
> Even if it got redefined along the way, mac80211 has no need for that
> particular definition since it can automatically cycle between authentication
> algorithms. Besides, "its meaning depends on the card used" according to the
> iwconfig man page.
Well, if mac80211 can cycle (is this like airo's auto_wep?) then I guess
we don't care about the auth mode. As long as we don't break userspace
programs that try to set the auth mode, I'm fine with that.
> > So I think the patch is correct. Ideally all this gets fixed and all
> > the overloaded meanings go away with cfg80211 :)
> >
> > Acked-by: Dan Williams <dcbw@redhat.com>
> >
> NACK. It is not useful and if implemented, gives the user an unnecessary
> choice that can only cause more problems.
As long as existing stuff isn't broken, and as long as mac80211 silently
ignores it, and as long as the auth cycle stuff works, then fine.
Dan
next prev parent reply other threads:[~2007-03-17 4:35 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-03-16 3:28 [PATCH 3/5] mac80211: fix key restricted/open display Hong Liu
2007-03-16 17:28 ` Michael Wu
2007-03-17 3:46 ` Dan Williams
2007-03-17 3:57 ` Michael Wu
2007-03-17 4:38 ` Dan Williams [this message]
2007-03-17 4:57 ` Michael Wu
2007-03-17 17:23 ` Dan Williams
2007-03-18 16:45 ` Jouni Malinen
2007-03-18 23:35 ` Dan Williams
2007-03-22 3:43 ` Hong Liu
2007-03-23 18:27 ` Jiri Benc
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1174106316.3026.19.camel@localhost.localdomain \
--to=dcbw@redhat.com \
--cc=flamingice@sourmilk.net \
--cc=hong.liu@intel.com \
--cc=jbenc@suse.cz \
--cc=linux-wireless@vger.kernel.org \
--cc=linville@tuxdriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).