[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CVS: cvs.openbsd.org: src



CVSROOT:	/cvs
Module name:	src
Changes by:	damien_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org	2009/02/13 10:24:54

Modified files:
	sys/net80211   : ieee80211_ioctl.c ieee80211_ioctl.h 
	                 ieee80211_crypto.c 
	sbin/ifconfig  : ifconfig.8 ifconfig.c 

Log message:
Change ifconfig wpaakms default setting to `psk' instead of `psk,802.1x'.
Some supplicants will autoselect 802.1X without giving users the
possibility to choose between PSK or 802.1X.

Similarly, no longer announce `PSK with SHA-256 based KDF' AKMP (defined
in Draft 802.11w) by default in the RSN IE of beacons and probe responses
as it confuses some broken supplicants.  This kind of sacrifies security
for interoperability with shitty (but unfortunately widespread) clients
that do not follow the 802.11 standard properly.
This fixes associations from Intel PROSet on XP and also reportedly fixes
some Mac OS clients.  I will likely make `psk-sha256' configurable through
ifconfig wpaakms after the 4.5 release.



Visit your host, monkey.org