From owner-freebsd-bugs@FreeBSD.ORG Tue Dec 22 05:30:02 2009 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8FFE8106566B for ; Tue, 22 Dec 2009 05:30:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 6C4818FC19 for ; Tue, 22 Dec 2009 05:30:02 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id nBM5U2mX020260 for ; Tue, 22 Dec 2009 05:30:02 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id nBM5U27X020257; Tue, 22 Dec 2009 05:30:02 GMT (envelope-from gnats) Resent-Date: Tue, 22 Dec 2009 05:30:02 GMT Resent-Message-Id: <200912220530.nBM5U27X020257@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Bruce Lilly Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9965C106568F for ; Tue, 22 Dec 2009 05:23:59 +0000 (UTC) (envelope-from root@marty.blilly.net) Received: from marty.blilly.net (66-189-14-247.dhcp.oxfr.ma.charter.com [66.189.14.247]) by mx1.freebsd.org (Postfix) with ESMTP id 0F9088FC1B for ; Tue, 22 Dec 2009 05:23:58 +0000 (UTC) Received: from marty.blilly.net (localhost [127.0.0.1]) by marty.blilly.net (8.14.3/8.14.3) with ESMTP id nBM4i30u002358; Mon, 21 Dec 2009 23:44:03 -0500 (EST) (envelope-from root@marty.blilly.net) Received: (from root@localhost) by marty.blilly.net (8.14.3/8.14.3/Submit) id nBM4i26h002357; Mon, 21 Dec 2009 23:44:02 -0500 (EST) (envelope-from root) Message-Id: <200912220444.nBM4i26h002357@marty.blilly.net> Date: Mon, 21 Dec 2009 23:44:02 -0500 (EST) From: Bruce Lilly To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Bruce Lilly Subject: kern/141861: data garbled with WEP and wi(4) with Prism 2.5 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Dec 2009 05:30:02 -0000 >Number: 141861 >Category: kern >Synopsis: data garbled with WEP and wi(4) with Prism 2.5 >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Dec 22 05:30:02 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Bruce Lilly >Release: FreeBSD 8.0-RELEASE i386 >Organization: Bruce Lilly >Environment: System: FreeBSD marty.blilly.net 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:48:17 UTC 2009 root@almeida.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386 Laptop Hewlett-Packard ZE5385US, latest BIOS KH.F.25, connected to LAN with wired Ethernet and WiFi via built-in Prism 2.5 mini-PCI and D-Link DWL-1000AP+ access point (firewire/parallel networking unused). System has worked with Linux (various kernels) and the same AP and others for years, with 104 (a.k.a. 128) bit WEP. relevant dmesg lines: wi0: mem 0xd000a000-0xd000afff at device 9.0 on pci0 wi0: [ITHREAD] sis0: port 0x2400-0x24ff mem 0xd0008000-0xd0008fff irq 10 at device 18.0 on pci0 sis0: Silicon Revision: DP83816A miibus0: on sis0 nsphyter0: PHY 0 on miibus0 nsphyter0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto sis0: Ethernet address: 00:0d:9d:47:de:f5 sis0: [ITHREAD] wlan0: Ethernet address: 00:02:8a:a9:d8:8b # pciconf -l hostb0@pci0:0:0:0: class=0x060000 card=0x00000000 chip=0xcbb21002 rev=0x02 hdr=0x00 pcib1@pci0:0:1:0: class=0x060400 card=0x00000000 chip=0x70101002 rev=0x00 hdr=0x01 pcm0@pci0:0:6:0: class=0x040100 card=0x0850103c chip=0x545110b9 rev=0x02 hdr=0x00 isab0@pci0:0:7:0: class=0x060100 card=0x153310b9 chip=0x153310b9 rev=0x00 hdr=0x00 none0@pci0:0:8:0: class=0x070300 card=0x0850103c chip=0x545710b9 rev=0x00 hdr=0x00 wi0@pci0:0:9:0: class=0x028000 card=0x02001468 chip=0x38731260 rev=0x01 hdr=0x00 cbb0@pci0:0:10:0: class=0x060700 card=0x0850103c chip=0x69721217 rev=0x00 hdr=0x02 uhci0@pci0:0:11:0: class=0x0c0300 card=0x0850103c chip=0x30381106 rev=0x50 hdr=0x00 uhci1@pci0:0:11:1: class=0x0c0300 card=0x0850103c chip=0x30381106 rev=0x50 hdr=0x00 ehci0@pci0:0:11:2: class=0x0c0320 card=0x0850103c chip=0x31041106 rev=0x51 hdr=0x00 fwohci0@pci0:0:12:0: class=0x0c0010 card=0x0850103c chip=0x8026104c rev=0x00 hdr=0x00 atapci0@pci0:0:16:0: class=0x0101fa card=0x0850103c chip=0x522910b9 rev=0xc4 hdr=0x00 none1@pci0:0:17:0: class=0x068000 card=0x0850103c chip=0x710110b9 rev=0x00 hdr=0x00 sis0@pci0:0:18:0: class=0x020000 card=0x0850103c chip=0x0020100b rev=0x00 hdr=0x00 vgapci0@pci0:1:5:0: class=0x030000 card=0x0850103c chip=0x43371002 rev=0x00 hdr=0x00 >Description: With WEP enabled (40-bit or 104-bit) and appropriate ssid and keys (wepkey, deftxkey) configured, ifconfig reports "associated" and AP shows laptop connected, but data is garbled and no useful communications occurs (Wireshark shows most packets as LLC). With WEP disabled on AP and via 'ifconfig wlan0 wepmode off', data flows normally, Wireshark shows expected packet data, etc. >How-To-Repeat: /boot/loader.conf if_wi_load="YES" and optionally (wlan_wep(4) says it's loaded if ifconfig specifies a wep key) wlan_wep_load="YES" ifconfig wlan0 create wlandev wi0 inet 192.168.99.98 netmask 255.255.255.0 ssid blilly channel 1:b authmode open then 1. (40/64 bit WEP, enabled on AP; doesn't work [either ASCII or hex key, wepmode on or mixed]) ifconfig wlan0 wepkey 1:fubar deftxkey 1 wepmode on or 2. (104/128 bit WEP, enabled on AP; doesn't work [either ASCII or hex key, wepmode on or mixed]) ifconfig wlan0 wepkey 1:blahblahblahx deftxkey 1 wepmode on or 3. (no WEP, disabled on AP; works but with obvious privacy/security concerns (weak as WEP is...)) ifconfig wlan0 wepmode off and ifconfig wlan0 up [or equivalents via rc.conf] With 'wlandebug -i wlan0 +crypto' and WEP enabled: wlan0: ieee80211_crypto_newkey: cipher 0 flags 0x3 keyix 0 wlan0: ieee80211_crypto_setkey: WEP keyix 0 flags 0x103 mac 00:02:8a:a9:d8:8b rsc 0 tsc 0 len 13 ifconfig wlan0 with WEP on, associated but not working: wlan0: flags=8843 metric 1 mtu 1500 ether 00:02:8a:a9:d8:8b inet 192.168.99.98 netmask 0xffffff00 broadcast 192.168.99.255 media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11b status: associated ssid blilly channel 1 (2412 Mhz 11b) bssid 00:80:c8:19:ad:fa country US authmode OPEN privacy ON deftxkey 1 wepkey 1:104-bit txpower 0 bmiss 7 scanvalid 60 ifconfig wlan0 with WEP off, working: wlan0: flags=8843 metric 1 mtu 1500 ether 00:02:8a:a9:d8:8b inet 192.168.99.98 netmask 0xffffff00 broadcast 192.168.99.255 media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11b status: associated ssid blilly channel 1 (2412 Mhz 11b) bssid 00:80:c8:19:ad:fa country US authmode OPEN privacy OFF deftxkey 1 wepkey 1:104-bit txpower 0 bmiss 7 scanvalid 60 >Fix: The obvious workaround is to disable WEP, but that might not always be practical or advisable. >Release-Note: >Audit-Trail: >Unformatted: