On 2016年06月22日 02:01, Jouni Malinen wrote:
Please keep in mind that "working" here means two things:
(1) being able decrypt the frame,
(2) being able to reject the frame if it was not properly protected. It
is that (2) that is unlikely to be covered here..
We actually cover (2) for some cases b
> We actually cover (2) for some cases by "accident" since
> ieee80211_rx_h_decrypt() assigns rx->key to rx->sta->gtk[i] if one is
> available. I'm not completely sure this is correct since it applies
> to management frame as well, but that's the way commit
> 897bed8b4320774e56f282cdc1cceb4d774427
On Tue, Jun 21, 2016 at 03:16:22PM +0900, Masashi Honma wrote:
> On 2016年06月21日 06:25, Jouni Malinen wrote:
> > What about RX side?
>
> Previously, MGTK and IGTK was identical key.
> Now new wpa_supplicant can provide correct IGTK.
> I have tested with new IGTK, RX side can work without
> modific
On 2016年06月21日 06:25, Jouni Malinen wrote:
Do we really want that?
Sorry, I mis-understood your previous massage.
I have thought you required backward compatibility.
Ok, I will remove backward compatibility code.
> What about RX side?
Previously, MGTK and IGTK was identical key.
Now new wpa_
On Mon, Jun 20, 2016 at 09:51:28AM +0900, Masashi Honma wrote:
> On 2016年06月18日 18:11, Jouni Malinen wrote:
> Yes. This patch breaks backward compatibility.
> I do not have smart idea to avoid also.
> I will create new define like this.
> CONFIG_MAC80211_MESH_GROUP_ADDRESSED_PRIVACY
Do we really w
On 2016年06月18日 18:11, Jouni Malinen wrote:
What about RX side? Shouldn't there be a matching change there to
enforce use of group addressed privacy for the specific Action
categories?
Thank you. Yes, RX side modification is needed.
I was not aware of it because ping test was OK.
Now I recognize
On Wed, Jun 15, 2016 at 02:38:32PM +0900, Masashi Honma wrote:
> Previously, the action frames to group address was not encrypted. But
> [1] "Table 8-38 Category values" indicates "Mesh" and "Multihop" category
> action frames should be encrypted (Group addressed privacy == yes). And the
> encyptio
Previously, the action frames to group address was not encrypted. But
[1] "Table 8-38 Category values" indicates "Mesh" and "Multihop" category
action frames should be encrypted (Group addressed privacy == yes). And the
encyption key should be MGTK ([1] 10.13 Group addressed robust management frame
