>>> wlp5s0: WPA: IGTK keyid 1024 pn d0caa82e44b2 >>> WPA: IGTK - hexdump(len=16): [REMOVED] >>> wpa_driver_nl80211_set_key: ifindex=3 (wlp5s0) alg=4 addr=0x55e7e55d2909 >>> key_idx=1024 set_tx=0 seq_len=6 key_len=16 >> >> A key_idx=1024 looks wrong, it should be 4 or 5 for IGTK. I tend to >> think it's a fault of the AP which sends an invalid key index.
>Just wondering, any updates on this? Is there any workaround I can >apply to make that work for most users? We've seen a couple of misbehaving routers when using PMF. A workaround that has proven successful is to byte swap the IGTK key index. 1024 happens to be index 4 in big endian. Not sure what Jouni thinks about working around faulty APs. Would of course be better if this was caught in certification tests but these APs are already out on the market. Anyway, I've just sent an RFC patch with the workaround to the mailing list: "[RFC] PMF: Allow Key ID in big endian format to workaround faulty APs" ? /Mikael
