Bug 108193 - aironet card not set up correctly if encryption is enforced
aironet card not set up correctly if encryption is enforced
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
2
All Linux
medium Severity medium
: ---
: ---
Assigned To: Dave Jones
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-10-28 09:56 EST by Gerald Teschl
Modified: 2015-01-04 17:03 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-04-16 00:52:08 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Gerald Teschl 2003-10-28 09:56:23 EST
I tried to use my cisco aironet card to conect to a netgear router which
is setup to enforce encryption.

If I set up the card with neat it does not work.

If I set it up using the acu utility from cisco it does work.

Further investigation showed that the difference is the value
of WEP in /proc/driver/aironet/eth1/Config

In fact, if I configer the card with neat, start the interface and
then say

echo "WEP: shared" > /proc/driver/aironet/eth1/Config

everything works fine. Not sure where this should be fixed;
neat/initscripts/iwconfig?

Here is my ifcfg-eth1 file:
------------------
DEVICE=eth1
USERCTL=no
ONBOOT=no
TYPE=Wireless
DHCP_HOSTNAME=soliton
BOOTPROTO=dhcp
DOMAIN=
ESSID=XXXXXX
KEY=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
MODE=Managed
#RATE=11Mb/s
HWADDR=
PEERDNS=no
RATE=
CHANNEL=
Comment 1 Harald Hoyer 2003-10-28 10:06:58 EST
either iwconfig or the driver for this card...
Comment 2 Bill Nottingham 2003-10-28 11:00:02 EST
The cisco provided driver does not support the wireless-tools ioctls, and
therefore will not work out-of-the-box with wireless-tools/neat.
Comment 3 Gerald Teschl 2003-10-28 11:25:14 EST
I am not using the cisco driver, I use the driver that comes with
the redhat kernel!

All I am saying is that the card will not work with

ifup eth1

until I use

echo "WEP: shared" > /proc/driver/aironet/eth1/Config

(And I found this out using the client utility provided by
cisco.)
Comment 4 Gerald Teschl 2003-10-28 14:18:08 EST
I just found a better solution: Adding

options airo auto_wep=1

seems to do the trick as well. Should this be
done by neat?
Comment 5 Bill Nottingham 2003-10-28 17:15:37 EST
Woops, sorry, I was confusing aironet drivers. There's airo/airo_cs in the
kernel, mpi350 from Cisco, and airo_mpi from sourceforge, and some others...

I guess it depends on whether that's exposed through the wireless-tools interface;
perhaps it should be?
Comment 6 Gerald Teschl 2003-10-29 09:40:46 EST
I am a bit confused by this whole thing. There seem to be three possibilities
for WEP in airo.c:

1) AUTH_OPEN;	// disable encryption
2) AUTH_SHAREDKEY;	// Only Both
3) AUTH_ENCRYPT;	// Only Wep

and airo.c turns on AUTH_ENCRYPT, once an encryption key is set.

The comments seem to indicate that using AUTH_ENCRYPT the connection should
fail if the base station does not offer encryption, whereas AUTH_SHAREDKEY
should work.

However, my base station only accepts encrypted connections and my
laptop can connect if and only if AUTH_SHAREDKEY is used.

Moreover in line 4795 we have:

	switch(local->config.authType)	{
		case AUTH_ENCRYPT:
			dwrq->flags = IW_ENCODE_OPEN;
			break;
		case AUTH_SHAREDKEY:
			dwrq->flags = IW_ENCODE_RESTRICTED;
			break;
		default:
		case AUTH_OPEN:
			dwrq->flags = IW_ENCODE_DISABLED;
			break;
	}

and IMHO the two cases are just switched?

--- airo.c.save 2003-08-25 13:44:42.000000000 +0200
+++ airo.c      2003-10-29 15:40:55.000000000 +0100
@@ -4781,10 +4781,10 @@
        /* Check encryption mode */
        switch(local->config.authType)  {
                case AUTH_ENCRYPT:
-                       dwrq->flags = IW_ENCODE_OPEN;
+                       dwrq->flags = IW_ENCODE_RESTRICTED;
                        break;
                case AUTH_SHAREDKEY:
-                       dwrq->flags = IW_ENCODE_RESTRICTED;
+                       dwrq->flags = IW_ENCODE_OPEN;
                        break;
                default:
                case AUTH_OPEN:
Comment 7 Dave Jones 2004-12-08 00:28:52 EST
still a problem with latest errata kernel ?
Comment 8 Dave Jones 2005-04-16 00:52:08 EDT
Fedora Core 2 has now reached end of life, and no further updates will be
provided by Red Hat.  The Fedora legacy project will be producing further kernel
updates for security problems only.

If this bug has not been fixed in the latest Fedora Core 2 update kernel, please
try to reproduce it under Fedora Core 3, and reopen if necessary, changing the
product version accordingly.

Thank you.

Note You need to log in before you can comment on or make changes to this bug.