[Cbe-oss-dev] [PATCH] PS3: gelic: ignore scan info from zero SSID beacons

[Dan Williams]

On Wed, 2008-03-12 at 19:26 +0900, Masakazu Mokuno wrote:
> On Wed, 12 Mar 2008 09:25:10 +0100
> Johannes Berg <johannes at sipsolutions.net> wrote:
> 
> > 
> > > > Does this problem apply to probe responses as well?  (Do probe
> > > > responses from hidden SSID APs still exclude the SSID?  I would
> > > > guess not.)
> > > 
> > > There has been a problem in parsing IEs, so if the received probe
> > > responses include zero length IEs, they also suffer this bug.
> > > 
> > > > As long as you can still associate w/ hidden SSID APs, I don't see
> > > > a big problem.  Even if you can't, no information for those APs is
> > > > probably better than bad information, no?
> > > 
> > > I was anxious that the userland apps or the users may get confused.  Any
> > > other thing harmful is not found.
> > > OK, I withdraw this patch.
> > 
> > I think John actually meant that it would be better to have the patch
> > in. How does a "bad" scan result look like?
> 
> Usually the zero length IE, the SSID element, is the first one of IE
> list, all information in the successor elements is lost. What we can see
> is bssid.
> 
> The current firmware gives the following result.  The Corega (00:0A:79)
> AP was the one which sent zero length SSID if it was in hidden SSID mode.
> 
> > iwlist wlan0 scanning
> > wlan0     Scan completed :
> >           Cell 01 - Address: 00:06:25:C6:B9:A7
> >                     ESSID:"planexuser"
> >                     Channel=1
> >                     Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s
> >                               11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s
> >                               48 Mb/s; 54 Mb/s
> >                     Encryption key:on
> >                     Mode:Master
> >                     Signal level=100/100  
> >                     IE: IEEE 802.11i/WPA2 Version 1
> >                         Group Cipher : CCMP
> >                         Pairwise Ciphers (1) : CCMP
> >                         Authentication Suites (1) : PSK
> >           Cell 02 - Address: 00:0A:79:A5:D2:E2
> >                     ESSID:""
> >                     Channel:0
> >                     Encryption key:on
> >                     Mode:Master
> >                     Signal level=100/100  

Ewww.  You're 100% correct; we certainly shouldn't be sending a scan
result like this to userspace.  Therefore:

Acked-by: Dan Williams <dcbw at redhat.com>

> 
> With fixed firmware:
> 
> > wlan0     Scan completed :
> >           Cell 01 - Address: 00:06:25:C6:B9:A7
> >                     ESSID:"planexuser"
> >                     Channel=1
> >                     Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s
> >                               11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s
> >                               48 Mb/s; 54 Mb/s
> >                     Encryption key:on
> >                     Mode:Master
> >                     Signal level=100/100  
> >                     IE: IEEE 802.11i/WPA2 Version 1
> >                         Group Cipher : CCMP
> >                         Pairwise Ciphers (1) : CCMP
> >                         Authentication Suites (1) : PSK
> >           Cell 02 - Address: 00:0A:79:A5:D2:E2
> >                     ESSID:""
> >                     Channel:1
> >                     Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 6 Mb/s
> >                               9 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s
> >                               48 Mb/s; 54 Mb/s
> >                     Encryption key:on
> >                     Mode:Master
> >                     Signal level=100/100  
> >                     IE: IEEE 802.11i/WPA2 Version 1
> >                         Group Cipher : CCMP
> >                         Pairwise Ciphers (1) : CCMP
> >                         Authentication Suites (1) : PSK
> > 
> 
>