diff --git a/wpa_supplicant/config.h b/wpa_supplicant/config.h index d42788348..627f38b6e 100644 --- a/wpa_supplicant/config.h +++ b/wpa_supplicant/config.h @@ -406,6 +406,11 @@ struct wpa_config { * one by one until the driver reports successful association; each * network block should have explicit security policy (i.e., only one * option in the lists) for key_mgmt, pairwise, group, proto variables. + * + * Note: ap_scan=2 should not be used with the nl80211 driver interface + * (the current Linux interface). ap_scan=1 is optimized work working + * with nl80211. For finding networks using hidden SSID, scan_ssid=1 in + * the network block can be used with nl80211. */ int ap_scan; diff --git a/wpa_supplicant/config_ssid.h b/wpa_supplicant/config_ssid.h index 1c63e5196..7ef326cfb 100644 --- a/wpa_supplicant/config_ssid.h +++ b/wpa_supplicant/config_ssid.h @@ -225,7 +225,9 @@ struct wpa_ssid { * * scan_ssid can be used to scan for APs using hidden SSIDs. * Note: Many drivers do not support this. ap_mode=2 can be used with - * such drivers to use hidden SSIDs. + * such drivers to use hidden SSIDs. Note2: Most nl80211-based drivers + * do support scan_ssid=1 and that should be used with them instead of + * ap_scan=2. */ int scan_ssid; diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index 9951b0f4f..fa94cc712 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -2790,6 +2790,11 @@ int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan) if (ap_scan < 0 || ap_scan > 2) return -1; + if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) { + wpa_printf(MSG_INFO, + "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures"); + } + #ifdef ANDROID if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan && wpa_s->wpa_state >= WPA_ASSOCIATING && @@ -3295,6 +3300,12 @@ int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s) } } + if (wpa_s->conf->ap_scan == 2 && + os_strcmp(wpa_s->driver->name, "nl80211") == 0) { + wpa_printf(MSG_INFO, + "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures"); + } + wpa_clear_keys(wpa_s, NULL); /* Make sure that TKIP countermeasures are not left enabled (could diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf index ba88a738a..6fe67e473 100644 --- a/wpa_supplicant/wpa_supplicant.conf +++ b/wpa_supplicant/wpa_supplicant.conf @@ -108,6 +108,10 @@ eapol_version=1 # the driver reports successful association; each network block should have # explicit security policy (i.e., only one option in the lists) for # key_mgmt, pairwise, group, proto variables +# Note: ap_scan=2 should not be used with the nl80211 driver interface (the +# current Linux interface). ap_scan=1 is optimized work working with nl80211. +# For finding networks using hidden SSID, scan_ssid=1 in the network block can +# be used with nl80211. # When using IBSS or AP mode, ap_scan=2 mode can force the new network to be # created immediately regardless of scan results. ap_scan=1 mode will first try # to scan for existing networks and only if no matches with the enabled