OpenWrt/LEDE Project

  • Status Assigned   Reopened
  • Percent Complete
    0%
  • Task Type Bug Report
  • Category Base system
  • Assigned To
    Alexander Couzens
  • Operating System All
  • Severity Low
  • Priority Very Low
  • Reported Version Trunk
  • Due in Version Undecided
  • Due Date Undecided
  • Private
Attached to Project: OpenWrt/LEDE Project
Opened by Zero_Chaos - 10.09.2018
Last edited by Alexander Couzens - 05.11.2018

FS#1840 - encryption wep+mixed broken

In file lib/netifd/netifd-wireless.sh the following code is found:

  # Examples:
  # psk-mixed/tkip    => WPA1+2 PSK, TKIP
  # wpa-psk2/tkip+aes => WPA2 PSK, CCMP+TKIP
  # wpa2/tkip+aes     => WPA2 RADIUS, CCMP+TKIP

  case "$encryption" in
    wpa2*|*psk2*)
      wpa=2
    ;;  
    *mixed*)
      wpa=3
    ;;  
    wpa*|*psk*)
      wpa=1
    ;;  
    *)  
      wpa=0
      wpa_cipher=
    ;;
  esac

There are a few problems here, all relating to the comment and case of “*mixed*”

First and most importantly, setting wpa=3 causes hostapd to *exit* with an error and not bring up any configured ssid on the given radio.

Second, this was found when trying to set wep+mixed, which matches on *mixed* and completely breaks not only the wep setting, but the entire radio config. this should likely be changed to {wpa,psk}-mixed* or something similar to avoid colliding with wep+mixed. This will still leave those settings broken (as wpa=3 appears to be invalid) but at least it won’t improperly break wep+mixed as well.

Lastly, wpa3 is going to be a thing soon, so whatever is expecting wpa=3 is likely wrong and should be updated.

Admin
Jo-Philipp Wich commented on 18.09.2018 16:20

`wep+mixed` was never a defined, supported choice.

Admin
Jo-Philipp Wich commented on 18.09.2018 16:22

Quoting the official hostapd documentation:

# This field is a bit field that can be used to enable WPA (IEEE 802.11i/D3.0)
> # and/or WPA2 (full IEEE 802.11i/RSN):
> # bit0 = WPA
> # bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled)
> # Note that WPA3 is also configured with bit1 since it uses RSN just like WPA2.
> # In other words, for WPA3, wpa=2 is used the configuration (and
> # wpa_key_mgmt=SAE for WPA3-Personal instead of wpa_key_mgmt=WPA-PSK).

Means wpa=3 is perfectly valid, it is merely the union of BIT(0) | BIT(1) = 3.
Whatever prevented hostapd startup was not related to wpa=3.

Zero_Chaos commented on 18.09.2018 20:50

respectfully, you are half correct. your second comment is correct, wpa=3 is valid and wasn't what caused my failure. in appropriately adding wpa=3 to a wep network caused the error.

as for your first comment, it is not only supported, but documented https://openwrt.org/docs/guide-user/network/wifi/basic?s[]=wep&s[]=mixed

Zero_Chaos commented on 01.11.2018 21:01

case is broken as per comment #3

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing