Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FS#1840 - encryption wep+mixed broken #6836

Open
openwrt-bot opened this issue Sep 10, 2018 · 4 comments
Open

FS#1840 - encryption wep+mixed broken #6836

openwrt-bot opened this issue Sep 10, 2018 · 4 comments
Labels
flyspray

Comments

@openwrt-bot
Copy link

@openwrt-bot openwrt-bot commented Sep 10, 2018

ZeroChaos-:

In file lib/netifd/netifd-wireless.sh the following code is found:

# Examples:
# psk-mixed/tkip    => WPA1+2 PSK, TKIP
# wpa-psk2/tkip+aes => WPA2 PSK, CCMP+TKIP
# wpa2/tkip+aes     => WPA2 RADIUS, CCMP+TKIP

case "$encryption" in
  wpa2*|*psk2*)
    wpa=2
  ;;  
  *mixed*)
    wpa=3
  ;;  
  wpa*|*psk*)
    wpa=1
  ;;  
  *)  
    wpa=0
    wpa_cipher=
  ;;
esac

There are a few problems here, all relating to the comment and case of "mixed"

First and most importantly, setting wpa=3 causes hostapd to exit with an error and not bring up any configured ssid on the given radio.

Second, this was found when trying to set wep+mixed, which matches on mixed and completely breaks not only the wep setting, but the entire radio config. this should likely be changed to {wpa,psk}-mixed* or something similar to avoid colliding with wep+mixed. This will still leave those settings broken (as wpa=3 appears to be invalid) but at least it won't improperly break wep+mixed as well.

Lastly, wpa3 is going to be a thing soon, so whatever is expecting wpa=3 is likely wrong and should be updated.
@openwrt-bot
Copy link
Author

@openwrt-bot openwrt-bot commented Sep 18, 2018

jow-:

wep+mixed was never a defined, supported choice.

@openwrt-bot
Copy link
Author

@openwrt-bot openwrt-bot commented Sep 18, 2018

jow-:

Quoting the official hostapd documentation:

This field is a bit field that can be used to enable WPA (IEEE 802.11i/D3.0)

and/or WPA2 (full IEEE 802.11i/RSN):

bit0 = WPA

bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled)

Note that WPA3 is also configured with bit1 since it uses RSN just like WPA2.

In other words, for WPA3, wpa=2 is used the configuration (and

wpa_key_mgmt=SAE for WPA3-Personal instead of wpa_key_mgmt=WPA-PSK).

Means wpa=3 is perfectly valid, it is merely the union of BIT(0) | BIT(1) = 3.
Whatever prevented hostapd startup was not related to wpa=3.

@openwrt-bot
Copy link
Author

@openwrt-bot openwrt-bot commented Sep 18, 2018

ZeroChaos-:

respectfully, you are half correct. your second comment is correct, wpa=3 is valid and wasn't what caused my failure. in appropriately adding wpa=3 to a wep network caused the error.

as for your first comment, it is not only supported, but documented https://openwrt.org/docs/guide-user/network/wifi/basic?s[]=wep&s[]=mixed

@openwrt-bot
Copy link
Author

@openwrt-bot openwrt-bot commented Nov 1, 2018

ZeroChaos-:

case is broken as per comment #3

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
flyspray
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@openwrt-bot