Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 21 Dec 2009 23:44:02 -0500 (EST)
From:      Bruce Lilly <bruce.lilly@gmail.com>
To:        FreeBSD-gnats-submit@FreeBSD.org
Cc:        Bruce Lilly <bruce.lilly@gmail.com>
Subject:   kern/141861: data garbled with WEP and wi(4) with Prism 2.5
Message-ID:  <200912220444.nBM4i26h002357@marty.blilly.net>
Resent-Message-ID: <200912220530.nBM5U27X020257@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         141861
>Category:       kern
>Synopsis:       data garbled with WEP and wi(4) with Prism 2.5
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Dec 22 05:30:02 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Bruce Lilly <bruce.lilly@gmail.com>
>Release:        FreeBSD 8.0-RELEASE i386
>Organization:
Bruce Lilly
>Environment:
System: FreeBSD marty.blilly.net 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:48:17 UTC 2009 root@almeida.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386

Laptop Hewlett-Packard ZE5385US, latest BIOS KH.F.25, connected to LAN
with wired Ethernet and WiFi via built-in Prism 2.5 mini-PCI and
D-Link DWL-1000AP+ access point (firewire/parallel networking unused).

System has worked with Linux (various kernels) and the same AP and
others for years, with 104 (a.k.a. 128) bit WEP.

relevant dmesg lines:

wi0: <Intersil Prism2.5> mem 0xd000a000-0xd000afff at device 9.0 on pci0
wi0: [ITHREAD]

sis0: <NatSemi DP8381[56] 10/100BaseTX> port 0x2400-0x24ff mem 0xd0008000-0xd0008fff irq 10 at device 18.0 on pci0
sis0: Silicon Revision: DP83816A
miibus0: <MII bus> on sis0
nsphyter0: <DP83815 10/100 media interface> PHY 0 on miibus0
nsphyter0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
sis0: Ethernet address: 00:0d:9d:47:de:f5
sis0: [ITHREAD]

wlan0: Ethernet address: 00:02:8a:a9:d8:8b

# pciconf -l
hostb0@pci0:0:0:0:	class=0x060000 card=0x00000000 chip=0xcbb21002 rev=0x02 hdr=0x00
pcib1@pci0:0:1:0:	class=0x060400 card=0x00000000 chip=0x70101002 rev=0x00 hdr=0x01
pcm0@pci0:0:6:0:	class=0x040100 card=0x0850103c chip=0x545110b9 rev=0x02 hdr=0x00
isab0@pci0:0:7:0:	class=0x060100 card=0x153310b9 chip=0x153310b9 rev=0x00 hdr=0x00
none0@pci0:0:8:0:	class=0x070300 card=0x0850103c chip=0x545710b9 rev=0x00 hdr=0x00
wi0@pci0:0:9:0:	class=0x028000 card=0x02001468 chip=0x38731260 rev=0x01 hdr=0x00
cbb0@pci0:0:10:0:	class=0x060700 card=0x0850103c chip=0x69721217 rev=0x00 hdr=0x02
uhci0@pci0:0:11:0:	class=0x0c0300 card=0x0850103c chip=0x30381106 rev=0x50 hdr=0x00
uhci1@pci0:0:11:1:	class=0x0c0300 card=0x0850103c chip=0x30381106 rev=0x50 hdr=0x00
ehci0@pci0:0:11:2:	class=0x0c0320 card=0x0850103c chip=0x31041106 rev=0x51 hdr=0x00
fwohci0@pci0:0:12:0:	class=0x0c0010 card=0x0850103c chip=0x8026104c rev=0x00 hdr=0x00
atapci0@pci0:0:16:0:	class=0x0101fa card=0x0850103c chip=0x522910b9 rev=0xc4 hdr=0x00
none1@pci0:0:17:0:	class=0x068000 card=0x0850103c chip=0x710110b9 rev=0x00 hdr=0x00
sis0@pci0:0:18:0:	class=0x020000 card=0x0850103c chip=0x0020100b rev=0x00 hdr=0x00
vgapci0@pci0:1:5:0:	class=0x030000 card=0x0850103c chip=0x43371002 rev=0x00 hdr=0x00


>Description:
With WEP enabled (40-bit or 104-bit) and appropriate ssid and keys
(wepkey, deftxkey) configured, ifconfig reports "associated" and AP
shows laptop connected, but data is garbled and no useful
communications occurs (Wireshark shows most packets as LLC).

With WEP disabled on AP and via 'ifconfig wlan0 wepmode off', data
flows normally, Wireshark shows expected packet data, etc.

>How-To-Repeat:

/boot/loader.conf
   if_wi_load="YES"
and optionally (wlan_wep(4) says it's loaded if ifconfig specifies a wep key)
   wlan_wep_load="YES"

ifconfig wlan0 create wlandev wi0 inet 192.168.99.98 netmask 255.255.255.0 ssid blilly channel 1:b authmode open

then

1. (40/64 bit WEP, enabled on AP; doesn't work [either ASCII or hex
   key, wepmode on or mixed])
ifconfig wlan0 wepkey 1:fubar deftxkey 1 wepmode on

or

2. (104/128 bit WEP, enabled on AP; doesn't work [either ASCII or hex
   key, wepmode on or mixed])
ifconfig wlan0 wepkey 1:blahblahblahx deftxkey 1 wepmode on

or

3. (no WEP, disabled on AP; works but with obvious privacy/security
   concerns (weak as WEP is...))
ifconfig wlan0 wepmode off

and

ifconfig wlan0 up

[or equivalents via rc.conf]

With 'wlandebug -i wlan0 +crypto' and WEP enabled:

wlan0: ieee80211_crypto_newkey: cipher 0 flags 0x3 keyix 0
wlan0: ieee80211_crypto_setkey: WEP keyix 0 flags 0x103 mac 00:02:8a:a9:d8:8b rsc 0 tsc 0 len 13

ifconfig wlan0 with WEP on, associated but not working:

wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 1 mtu 1500
	ether 00:02:8a:a9:d8:8b
	inet 192.168.99.98 netmask 0xffffff00 broadcast 192.168.99.255
	media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11b
	status: associated
	ssid blilly channel 1 (2412 Mhz 11b) bssid 00:80:c8:19:ad:fa
	country US authmode OPEN privacy ON deftxkey 1 wepkey 1:104-bit
	txpower 0 bmiss 7 scanvalid 60

ifconfig wlan0 with WEP off, working:

wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 1 mtu 1500
	ether 00:02:8a:a9:d8:8b
	inet 192.168.99.98 netmask 0xffffff00 broadcast 192.168.99.255
	media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11b
	status: associated
	ssid blilly channel 1 (2412 Mhz 11b) bssid 00:80:c8:19:ad:fa
	country US authmode OPEN privacy OFF deftxkey 1 wepkey 1:104-bit
	txpower 0 bmiss 7 scanvalid 60

>Fix:

The obvious workaround is to disable WEP, but that might not always be
practical or advisable.
>Release-Note:
>Audit-Trail:
>Unformatted:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200912220444.nBM4i26h002357>