From: Larry Finger <larry.finger@lwfinger.net>
To: Jouni Malinen <jkmaline@cc.hut.fi>
Cc: Dan Williams <dcbw@redhat.com>,
Johannes Berg <johannes@sipsolutions.net>,
netdev <netdev@vger.kernel.org>,
LKML <linux-kernel@vger.kernel.org>
Subject: Re: Hidden SSID's
Date: Tue, 30 Jan 2007 01:08:29 -0600 [thread overview]
Message-ID: <45BEEEED.9010702@lwfinger.net> (raw)
In-Reply-To: <20070130050841.GC6637@jm.kir.nu>
Jouni Malinen wrote:
> On Mon, Jan 29, 2007 at 10:52:20PM -0600, Larry Finger wrote:
>
>> When an AP has a hidden SSID, ieee80211 fails, at least with wpa_supplicant,
>> which searches through the scan data looking for a particular ssid. Because
>> ieee80211 has substituted a false ssid, namely "<hidden>", wpa_supplicant
>> cannot authenticate. This behavior is fixed by adding a new argument to
>> ieee80211_translate_scan that contains the expected ssid.
>
> Would this be replacing the SSID of all BSSes in scan results with the
> SSID for which the latest per-SSID scan was issued? If yes, this does
> not sound any better than the current behavior. The driver/802.11 code
> should not replace the SSID value with anything else than the value
> received from the AP.
Any AP with a hidden SSID will only respond to probe requests that specify its SSID, and will ignore
any other probes. In addition, the response will have an empty SSID field. These responses are the
only ones in which a substitution would occur. These are the same responses where the current code
sends back the "<hidden>" pseudo-SSID. My change would put the correct one there.
> In case of hidden SSIDs, the 802.11 implementation should maintain a
> list of BSSes found during the scan(s) and update the SSID (in most
> cases, by creating a new BSS entry) with the SSID from Probe Response
> frames. In other words, if the scan is done for a specific SSID (Probe
> Request includes that SSID), the AP that is using hidden SSIDs will
> likely include the SSID in Probe Response and data from that Probe
> Response can be used to fill in the missing pieces for the <BSSID,SSID>
> pair.
>
> Generating false scan results by locally guessing what the SSID
> could be is just plain wrong. The scan results need to be based on real
> frames from the APs.
We aren't guessing. The response frame with the empty SSID field must have come from the AP with the
SSID we want. Filling in the expected value is just making it easier for the user-space tools.
Larry
next prev parent reply other threads:[~2007-01-30 7:08 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-01-27 3:48 Hidden SSID's Larry Finger
2007-01-27 12:08 ` Dan Williams
2007-01-27 15:29 ` Larry Finger
2007-01-28 21:28 ` Johannes Berg
2007-01-29 13:00 ` Dan Williams
2007-01-30 3:09 ` Jouni Malinen
2007-01-30 3:36 ` Dan Williams
2007-01-30 4:52 ` Larry Finger
2007-01-30 5:08 ` Jouni Malinen
2007-01-30 7:08 ` Larry Finger [this message]
2007-01-30 22:56 ` Jouni Malinen
2007-01-31 2:35 ` Larry Finger
2007-02-01 18:46 ` Jouni Malinen
2007-01-28 22:18 ` Larry Finger
2007-01-30 22:53 ` Jouni Malinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=45BEEEED.9010702@lwfinger.net \
--to=larry.finger@lwfinger.net \
--cc=dcbw@redhat.com \
--cc=jkmaline@cc.hut.fi \
--cc=johannes@sipsolutions.net \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).