From: Jouni Malinen <j@w1.fi>
To: Dan Williams <dcbw@redhat.com>
Cc: Johannes Berg <johannes@sipsolutions.net>,
linux-wireless <linux-wireless@vger.kernel.org>,
Michael Wu <flamingice@sourmilk.net>,
"John W. Linville" <linville@tuxdriver.com>
Subject: Re: mac80211: unencrypted packet vulnerability
Date: Mon, 26 Nov 2007 19:55:04 -0800 [thread overview]
Message-ID: <20071127035504.GE5698@jm.kir.nu> (raw)
In-Reply-To: <1196091438.4202.22.camel@localhost.localdomain>
On Mon, Nov 26, 2007 at 10:37:18AM -0500, Dan Williams wrote:
> On Thu, 2007-11-22 at 00:01 +0100, Johannes Berg wrote:
> > I'd offer the patch below but that's hardly complete. And then what
> > about wext's encode and IW_ENCODE_RESTRICTED? Isn't that exactly the
> > same thing? ieee80211 treats it that way and I can't find docs other
> > than this paragraph from iwconfig's man page
I'd guess it depends on who you ask.. For me, it was exactly this, but
I've certainly seen another functionality being claimed for it, i.e.,
this:
> IW_ENCODE_RESTRICTED is used in a few places to mean Shared Key auth
> mode, since there's no other way in WEXT to handle the difference
> between Shared Key and Open System, and because drivers usually don't
> (and really shouldn't) by trying to cycle between auth modes themselves.
There wasn't, but there is now. I added an explicit 802.11
authentication algorithm parameter (IW_AUTH_80211_AUTH_ALG) in WE-18 in
order to make it somewhat easier to push people away from misusing
IW_ENCOE_RESTRICTED.
--
Jouni Malinen PGP id EFC895FA
next prev parent reply other threads:[~2007-11-27 3:55 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-11-21 23:01 mac80211: unencrypted packet vulnerability Johannes Berg
2007-11-26 15:37 ` Dan Williams
2007-11-27 3:55 ` Jouni Malinen [this message]
2007-11-27 4:05 ` Jouni Malinen
2007-11-27 13:12 ` Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20071127035504.GE5698@jm.kir.nu \
--to=j@w1.fi \
--cc=dcbw@redhat.com \
--cc=flamingice@sourmilk.net \
--cc=johannes@sipsolutions.net \
--cc=linux-wireless@vger.kernel.org \
--cc=linville@tuxdriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox