On Thu, Jul 16, 2020 at 06:19:40AM +0000, Mogens Jensen wrote: > I'm not trying to start a discussion on whether hiding the ESSID is > ridiculous or not, I'm just testing different things, so I know which > features work and which don't.
Thanks for digging into this. Since there are no automated tests for the wifi stack it is difficult to determine whether the code is fully correct. And regressions do sometimes occur. So getting test reports such as this is very valuable. There is this chunk of code which is supposed to catch a wrong SSID and it does take "hidenwid" mode into account: /* SSID element is mandatory */ if (ssid == NULL || ssid[1] > IEEE80211_NWID_LEN) { DPRINTF(("invalid SSID element\n")); return; } /* check that the specified SSID (if not wildcard) matches ours */ if (ssid[1] != 0 && (ssid[1] != ic->ic_bss->ni_esslen || memcmp(&ssid[2], ic->ic_bss->ni_essid, ic->ic_bss->ni_esslen))) { DPRINTF(("SSID mismatch\n")); ic->ic_stats.is_rx_ssidmismatch++; return; } /* refuse wildcard SSID if we're hiding our SSID in beacons */ if (ssid[1] == 0 && (ic->ic_flags & IEEE80211_F_HIDENWID)) { DPRINTF(("wildcard SSID rejected")); ic->ic_stats.is_rx_ssidmismatch++; return; } Line 1927 of https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/net80211/ieee80211_input.c?annotate=1.218 This code runs before a response is generated for a probe request and it should ensure that a probe request is only generated if the SSID matches. The next step would be to find out how this check is being bypassed in your case. Are you really sure that probe responses are sent to the MAC address of clients which do not already know the correct SSID? The patch below will make the kernel print the MAC addresses of rejected clients to 'dmesg': diff b38ea36846c22ecbc2e7394f8dcf015e2b6a523f /usr/src blob - 098aa9bce19481ce09676ce3c4fc0040f14c9b93 file + sys/net80211/ieee80211_input.c --- sys/net80211/ieee80211_input.c +++ sys/net80211/ieee80211_input.c @@ -1932,13 +1932,15 @@ ieee80211_recv_probe_req(struct ieee80211com *ic, stru /* check that the specified SSID (if not wildcard) matches ours */ if (ssid[1] != 0 && (ssid[1] != ic->ic_bss->ni_esslen || memcmp(&ssid[2], ic->ic_bss->ni_essid, ic->ic_bss->ni_esslen))) { - DPRINTF(("SSID mismatch\n")); + printf("SSID mismatch from %s\n", + ether_sprintf((u_int8_t *)wh->i_addr2)); ic->ic_stats.is_rx_ssidmismatch++; return; } /* refuse wildcard SSID if we're hiding our SSID in beacons */ if (ssid[1] == 0 && (ic->ic_flags & IEEE80211_F_HIDENWID)) { - DPRINTF(("wildcard SSID rejected")); + printf("wildcard SSID rejected from %s\n", + ether_sprintf((u_int8_t *)wh->i_addr2)); ic->ic_stats.is_rx_ssidmismatch++; return; }