[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <45BEEEED.9010702@lwfinger.net>
Date: Tue, 30 Jan 2007 01:08:29 -0600
From: Larry Finger <larry.finger@...inger.net>
To: Jouni Malinen <jkmaline@...hut.fi>
CC: Dan Williams <dcbw@...hat.com>,
Johannes Berg <johannes@...solutions.net>,
netdev <netdev@...r.kernel.org>,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: Hidden SSID's
Jouni Malinen wrote:
> On Mon, Jan 29, 2007 at 10:52:20PM -0600, Larry Finger wrote:
>
>> When an AP has a hidden SSID, ieee80211 fails, at least with wpa_supplicant,
>> which searches through the scan data looking for a particular ssid. Because
>> ieee80211 has substituted a false ssid, namely "<hidden>", wpa_supplicant
>> cannot authenticate. This behavior is fixed by adding a new argument to
>> ieee80211_translate_scan that contains the expected ssid.
>
> Would this be replacing the SSID of all BSSes in scan results with the
> SSID for which the latest per-SSID scan was issued? If yes, this does
> not sound any better than the current behavior. The driver/802.11 code
> should not replace the SSID value with anything else than the value
> received from the AP.
Any AP with a hidden SSID will only respond to probe requests that specify its SSID, and will ignore
any other probes. In addition, the response will have an empty SSID field. These responses are the
only ones in which a substitution would occur. These are the same responses where the current code
sends back the "<hidden>" pseudo-SSID. My change would put the correct one there.
> In case of hidden SSIDs, the 802.11 implementation should maintain a
> list of BSSes found during the scan(s) and update the SSID (in most
> cases, by creating a new BSS entry) with the SSID from Probe Response
> frames. In other words, if the scan is done for a specific SSID (Probe
> Request includes that SSID), the AP that is using hidden SSIDs will
> likely include the SSID in Probe Response and data from that Probe
> Response can be used to fill in the missing pieces for the <BSSID,SSID>
> pair.
>
> Generating false scan results by locally guessing what the SSID
> could be is just plain wrong. The scan results need to be based on real
> frames from the APs.
We aren't guessing. The response frame with the empty SSID field must have come from the AP with the
SSID we want. Filling in the expected value is just making it easier for the user-space tools.
Larry
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists