Re: [Madwifi-devel] Bug in ieee80211_crypto_getkey?

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Bruno Randolf wrote:
> hello alexander!
> 
> i think you are also referring to the MAIN branch. could you please check if 
> it is done correctly in the BSD branch? this is where the work is done 
> currently.

In the BSD branch this bug seems to be fixed. The present code doesn't 
use multicast key for transmission, if we are in the infrastructure 
station mode:

 From the ieee80211_encap function (file ieee80211_output.c):

                 if (ic->ic_opmode == IEEE80211_M_STA ||
                     !IEEE80211_IS_MULTICAST(eh.ether_dhost))
                         key = ieee80211_crypto_getucastkey(ic, ni);
                 else
                         key = ieee80211_crypto_getmcastkey(ic, ni);

> bruno
> 
> On Friday 24 June 2005 18:01, Alexander Pevzner wrote:
>>Hi,
>>
>>looking to the ieee80211_crypto_getkey(), I've found that if destination
>>address is multicast, it will always return the group key.
>>
>>I believe that this is not correct behavior for the infrastructure
>>client mode. In this case, two different keys may be configured:
>>  1) group key
>>  2) unicast key
>>
>>In the infrastructure client mode, unicast key (if present) must
>>always be used for transmissions, even for transmitting multicasts.
>>This is because multicasts from clients are always transmitted as
>>unicasts to the access point, and then access point retransmits
>>them (as multicasts) to all stations.
>>
>>The correct implementation, which will work in all cases, should
>>do the following:
>>  1) Compute RA (Receiver Address), which is not the same as the
>>     destination address:
>>       - For the client->AP transmission, RA == BSSID
>>       - For the AP->client transmission, RA == DA (Destination address)
>>       - For IBSS client->client,         RA == DA
>>       - For WDS, RA is the address of the WDS peer
>>
>>     Note, regardless of the mode, RA is always ADDR1 in the 802.11
>>     header
>>
>>   2) If RA is multicast, use the current default group key
>>   3) If RA is unicast, lookup the unicast keys table. If key is
>>      found, use it. Otherwise, fallback to the default group key.
>>
>>Comments
> ?

-- 

	Wishes, Alexander Pevzner (pz...@pz...)