Make it clearer that ap_scan=2 mode should not be used with nl80211

Add more details into configuration comments and a runtime info message
if ap_scan=2 is used with the nl80211 driver interface.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/wpa_supplicant/config.h b/wpa_supplicant/config.h
index d427883..627f38b 100644 (file)
--- a/wpa_supplicant/config.h
+++ b/wpa_supplicant/config.h
@@ -406,6 +406,11 @@ struct wpa_config {
         * one by one until the driver reports successful association; each
         * network block should have explicit security policy (i.e., only one
         * option in the lists) for key_mgmt, pairwise, group, proto variables.
+        *
+        * Note: ap_scan=2 should not be used with the nl80211 driver interface
+        * (the current Linux interface). ap_scan=1 is optimized work working
+        * with nl80211. For finding networks using hidden SSID, scan_ssid=1 in
+        * the network block can be used with nl80211.
         */
        int ap_scan;
 

diff --git a/wpa_supplicant/config_ssid.h b/wpa_supplicant/config_ssid.h
index 1c63e51..7ef326c 100644 (file)
--- a/wpa_supplicant/config_ssid.h
+++ b/wpa_supplicant/config_ssid.h
@@ -225,7 +225,9 @@ struct wpa_ssid {
         *
         * scan_ssid can be used to scan for APs using hidden SSIDs.
         * Note: Many drivers do not support this. ap_mode=2 can be used with
-        * such drivers to use hidden SSIDs.
+        * such drivers to use hidden SSIDs. Note2: Most nl80211-based drivers
+        * do support scan_ssid=1 and that should be used with them instead of
+        * ap_scan=2.
         */
        int scan_ssid;
 

diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index 9951b0f..fa94cc7 100644 (file)
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -2790,6 +2790,11 @@ int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
        if (ap_scan < 0 || ap_scan > 2)
                return -1;
 
+       if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
+               wpa_printf(MSG_INFO,
+                          "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
+       }
+
 #ifdef ANDROID
        if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
            wpa_s->wpa_state >= WPA_ASSOCIATING &&
@@ -3295,6 +3300,12 @@ int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
                }
        }
 
+       if (wpa_s->conf->ap_scan == 2 &&
+           os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
+               wpa_printf(MSG_INFO,
+                          "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
+       }
+
        wpa_clear_keys(wpa_s, NULL);
 
        /* Make sure that TKIP countermeasures are not left enabled (could

diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf
index ba88a73..6fe67e4 100644 (file)
--- a/wpa_supplicant/wpa_supplicant.conf
+++ b/wpa_supplicant/wpa_supplicant.conf
@@ -108,6 +108,10 @@ eapol_version=1
 #    the driver reports successful association; each network block should have
 #    explicit security policy (i.e., only one option in the lists) for
 #    key_mgmt, pairwise, group, proto variables
+# Note: ap_scan=2 should not be used with the nl80211 driver interface (the
+# current Linux interface). ap_scan=1 is optimized work working with nl80211.
+# For finding networks using hidden SSID, scan_ssid=1 in the network block can
+# be used with nl80211.
 # When using IBSS or AP mode, ap_scan=2 mode can force the new network to be
 # created immediately regardless of scan results. ap_scan=1 mode will first try
 # to scan for existing networks and only if no matches with the enabled