From: Johannes Berg <johannes@sipsolutions.net>
To: Nicolas Cavallari <Nicolas.Cavallari@lri.fr>
Cc: "John W. Linville" <linville@tuxdriver.com>,
linux-wireless@vger.kernel.org
Subject: Re: [PATCH] mac80211: Do not encrypt EAPOL frames in IBSS Mode.
Date: Fri, 27 Jan 2012 20:38:27 -0800 [thread overview]
Message-ID: <4F237BC3.3060208@sipsolutions.net> (raw)
In-Reply-To: <1327581742-15460-1-git-send-email-cavallar@lri.fr> (sfid-20120126_134252_162490_7A6AB3DA)
On 1/26/2012 4:42 AM, Nicolas Cavallari wrote:
> Currently, EAPOL Frames in IBSS mode are encrypted if a PTK
> is available. This patch turn off encryption for all EAPOL
> frames when on IBSS mode, as there is no suitable userspace
> calls to configure the control port protocol and settings.
>
> IBSS RSN sort-of worked without this patch because PTKs
> are only installed after the completion of a successful
> EAPOL exchange, so unicast operations would work, but
> multicast and rekeying would often fail.
>
> Signed-off-by: Nicolas Cavallari<cavallar@lri.fr>
> ---
> net/mac80211/ibss.c | 2 ++
> 1 files changed, 2 insertions(+), 0 deletions(-)
>
> diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c
> index bed30ba..9d8e699 100644
> --- a/net/mac80211/ibss.c
> +++ b/net/mac80211/ibss.c
> @@ -1022,6 +1022,8 @@ void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata)
> {
> struct ieee80211_if_ibss *ifibss =&sdata->u.ibss;
>
> + sdata->control_port_no_encrypt = true;
In addition to my earlier comment about this being totally wrong -- if
you REALLY wanted it, you should probably just add the few API tweaks to
be able to set it from userspace and tweak your userspace.
johannes
prev parent reply other threads:[~2012-01-28 4:39 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-01-26 12:42 [PATCH] mac80211: Do not encrypt EAPOL frames in IBSS Mode Nicolas Cavallari
2012-01-26 18:12 ` Johannes Berg
2012-01-28 4:38 ` Johannes Berg [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4F237BC3.3060208@sipsolutions.net \
--to=johannes@sipsolutions.net \
--cc=Nicolas.Cavallari@lri.fr \
--cc=linux-wireless@vger.kernel.org \
--cc=linville@tuxdriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).