2008-12-04 15:08:17

by Senthil Balasubramanian

[permalink] [raw]
Subject: [PATCH] wireless: Incorrect LEAP authentication algorithm identifier.

This patch fixes a regression introduced by
"wireless: avoid some net/ieee80211.h vs. linux/ieee80211.h conflicts"
LEAP authentication algorithm identifier should be 128.

Signed-off-by: Senthil Balasubramanian <[email protected]>
---
include/linux/ieee80211.h | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/include/linux/ieee80211.h b/include/linux/ieee80211.h
index a6ec928..c4e6ca1 100644
--- a/include/linux/ieee80211.h
+++ b/include/linux/ieee80211.h
@@ -836,7 +836,7 @@ struct ieee80211_ht_info {
/* Authentication algorithms */
#define WLAN_AUTH_OPEN 0
#define WLAN_AUTH_SHARED_KEY 1
-#define WLAN_AUTH_LEAP 2
+#define WLAN_AUTH_LEAP 128

#define WLAN_AUTH_CHALLENGE_LEN 128

--
1.6.0.4



2008-12-04 18:45:15

by John W. Linville

[permalink] [raw]
Subject: Re: [PATCH] wireless: Incorrect LEAP authentication algorithm identifier.

On Thu, Dec 04, 2008 at 06:20:03PM +0200, Jouni Malinen wrote:
> On Thu, Dec 04, 2008 at 10:22:25AM -0500, John W. Linville wrote:

> > AFAICT this value is only used internally, so it shouldn't matter
> > what the actual value is.
>
> Nope. WLAN_AUTH_* are the values used in Authentication frames
> (Authentication Algorithm field). See ieee80211_send_auth() in
> net/mac80211/mlme.c. The ifsta->auth_alg must have a value that matches
> with the algorithm identifier in the frame and in the case of LEAP
> ("Network EAP"), this value is 128, not 2.

OK, thanks for the specific reference.

John
--
John W. Linville Linux should be at the core
[email protected] of your literate lifestyle.

2008-12-04 15:30:13

by John W. Linville

[permalink] [raw]
Subject: Re: [PATCH] wireless: Incorrect LEAP authentication algorithm identifier.

On Thu, Dec 04, 2008 at 08:38:13PM +0530, Senthil Balasubramanian wrote:
> This patch fixes a regression introduced by
> "wireless: avoid some net/ieee80211.h vs. linux/ieee80211.h conflicts"
> LEAP authentication algorithm identifier should be 128.
>
> Signed-off-by: Senthil Balasubramanian <[email protected]>
> ---
> include/linux/ieee80211.h | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/include/linux/ieee80211.h b/include/linux/ieee80211.h
> index a6ec928..c4e6ca1 100644
> --- a/include/linux/ieee80211.h
> +++ b/include/linux/ieee80211.h
> @@ -836,7 +836,7 @@ struct ieee80211_ht_info {
> /* Authentication algorithms */
> #define WLAN_AUTH_OPEN 0
> #define WLAN_AUTH_SHARED_KEY 1
> -#define WLAN_AUTH_LEAP 2
> +#define WLAN_AUTH_LEAP 128
>
> #define WLAN_AUTH_CHALLENGE_LEN 128

What is the regression? What problem does this cause?

AFAICT this value is only used internally, so it shouldn't matter
what the actual value is.

John
--
John W. Linville Linux should be at the core
[email protected] of your literate lifestyle.

2008-12-04 16:54:09

by Jouni Malinen

[permalink] [raw]
Subject: Re: [PATCH] wireless: Incorrect LEAP authentication algorithm identifier.

On Thu, Dec 04, 2008 at 10:22:25AM -0500, John W. Linville wrote:
> On Thu, Dec 04, 2008 at 08:38:13PM +0530, Senthil Balasubramanian wrote:
> > -#define WLAN_AUTH_LEAP 2
> > +#define WLAN_AUTH_LEAP 128

> What is the regression? What problem does this cause?

The current code fails to authenticate when the AP (most likely Cisco
AP) is configured for "Network EAP" mode. The old code (before the
cleanup) allowed the authentication to be completed successfully.

> AFAICT this value is only used internally, so it shouldn't matter
> what the actual value is.

Nope. WLAN_AUTH_* are the values used in Authentication frames
(Authentication Algorithm field). See ieee80211_send_auth() in
net/mac80211/mlme.c. The ifsta->auth_alg must have a value that matches
with the algorithm identifier in the frame and in the case of LEAP
("Network EAP"), this value is 128, not 2.

--
Jouni Malinen PGP id EFC895FA