On Thu, May 28, 2020 at 02:12:44PM +0200, Stefan Sperling wrote:
> On Thu, May 28, 2020 at 04:40:43AM -0700, Brandon Sahlin wrote:
> > After some trial and error, I found the problem. My rather crufty
> > /etc/hostname.iwm0 file set the mode to 11n. This worked with
> > OpenBSD 6.6 with the problematic access point, but not with OpenBSD 6.7.
> > Commenting out the mode line let the interface card conect in 11g mode.
> >
> > The odd thing is that having the mode set to 11n worked with one access
> > point (iphone 8), giving a reported 11n connection in ifconfig, but
> > fails to complete the handshake with the problematic access point.
>
> Interesting. For further analysis would be useful to have copies of the
> frames exchanged during association. You can capture these frames by
> letting the following command run while iwm0 moves from down state to UP
> and associates:
>
> tcpdump -n -i iwm0 -y IEEE802_11_RADIO -s 4096 -w /tmp/iwm.pcap
>
> You can send the resulting /tmp/iwm.pcap file directly to me. Thanks!
Packet captures you have shared off-list suggest that this particular AP is
unable to complete the WPA handshake with and OpenBSD 6.7 client because
this AP requires that the peer negotiates 11n Rx aggregation before the
handshake can be performed.
I assume this interop problem was introduced with the following commit:
[[[
CVSROOT: /cvs
Module name: src
Changes by: s...@cvs.openbsd.org 2019/12/20 02:28:06
Modified files:
sys/net80211 : ieee80211_input.c
Log message:
Ignore new Rx block ack agreements until the WPA handshake is done.
Some peers will eagerly try to negotiate block ack (asking us to reserve
buffer space) before they are done authenticating themselves. No thanks.
Just let them try again later.
ok mpi@
]]]
I don't think this AP's behaviour is reasonable but there is nothing
we can do to restore interop apart from the reverting my change.
So this patch reverts the above change. Does it help?
diff fb4b0a9b3955c9a65ddbc22c472ac0e5fb216ac6 /usr/src
blob - de44d5a0a957f497259735efd5cee2cc081d33bc
file + sys/net80211/ieee80211_input.c
--- sys/net80211/ieee80211_input.c
+++ sys/net80211/ieee80211_input.c
@@ -2651,11 +2651,6 @@ ieee80211_recv_addba_req(struct ieee80211com *ic, stru
DPRINTF(("frame too short\n"));
return;
}
-
- /* No point in starting block-ack before the WPA handshake is done. */
- if ((ic->ic_flags & IEEE80211_F_RSNON) && !ni->ni_port_valid)
- return;
-
/* MLME-ADDBA.indication */
wh = mtod(m, struct ieee80211_frame *);
frm = (const u_int8_t *)&wh[1];
