Re: WPA + cloned mac doesn't work

[Jirka Klimes <jklimes redhat com>]

On Friday 21 of October 2011 17:01:41 Maxim Levitsky wrote:
> Hi NM folks!
> 
> I haven't updated/looked at NM and rest of wifi stack for so long.
> I stopped using Gnome too in meanwhile.
> 
> I noticed that recent NM versions allow to setup custom MAC per
> interface, and it does work even in KDE, however setting custom MAC on
> WPA2 enabled network connection fails.
> 
> Reason is same as what I have seen many years ago, when I played a lot
> with wifi.
> 
> Reason is that supplicant is not informed of new MAC and thus rejects
> WPA handshake, or even worse its told old MAC by NM (I suspect later as
> I tried restarting the supplicant and that didn't help).
> 
> When I set MAC prior to starting NM, the custom MAC works.
> 
> I am using wifi stack from kubuntu 11.10, but have no problem compiling
> all programs (maybe except plasma applet yet) from git.
> 
> So what you know about that?
> Is there a bugzilla for this you can share a link with me?
> 
> Mostly I don't really need that feature, but on basis of 'why not?' I
> won't mind sharing with the world less private information this way.

Exactly, MAC spoofing fails for WPA because wpa_supplicant doesn't update the 
MAC address.
The spoofing feature in NM was implemented according to 
https://bugzilla.redhat.com/show_bug.cgi?id=447827.
For that I also prepared a patch for wpa_supplicant that updates its MAC 
address and thus makes the spoofing work with WPA.
We sent the wpa_supplicant patch to hostap list (and Jouni). Sadly, it didn't 
get applied.
I guess we should bring the patch and the issue to Jouni again.

http://lists.shmoo.com/pipermail/hostap/2010-November/022039.html

Jirka