--- hostapd-0.4.7/driver_madwifi.c	2006-01-30 10:00:44.199096000 -0800
+++ hostapd-0.4.7-new/driver_madwifi.c	2006-01-30 10:05:55.925511000 -0800
@@ -692,6 +692,7 @@
 	struct hostapd_data *hapd = drv->hapd;
 	struct ieee80211req_wpaie ie;
 	int ielen, res;
+        int rsn = 0;
 
 	/*
 	 * Fetch negotiated WPA/RSN parameters from the system.
@@ -702,26 +703,37 @@
 		printf("Failed to get WPA/RSN information element.\n");
 		return -1;		/* XXX not right */
 	}
-	ielen = ie.wpa_ie[1];
-	if (ielen == 0) {
+        if ((ie.wpa_ie[1] == 0) && (ie.rsn_ie[1] == 0)){
 		printf("No WPA/RSN information element for station!?\n");
 		return -1;		/* XXX not right */
 	}
+        ielen = ie.rsn_ie[1]; 
 	ielen += 2;
-	res = wpa_validate_wpa_ie(hapd, sta, ie.wpa_ie, ielen,
-			ie.wpa_ie[0] == WLAN_EID_RSN ?
-			    HOSTAPD_WPA_VERSION_WPA2 : HOSTAPD_WPA_VERSION_WPA);
-	if (res != WPA_IE_OK) {
-		printf("WPA/RSN information element rejected? (res %u)\n", res);
-		return -1;
-	}
+	res = wpa_validate_wpa_ie(hapd, sta, ie.rsn_ie, ielen, 
+                                  HOSTAPD_WPA_VERSION_WPA2);
+        if (res != WPA_IE_OK){
+          // now look for WPA IE
+          ielen = ie.wpa_ie[1];
+          ielen += 2;
+          res = wpa_validate_wpa_ie(hapd, sta, ie.wpa_ie, ielen, 
+                                    HOSTAPD_WPA_VERSION_WPA);
+          if (res != WPA_IE_OK) {
+            printf("WPA/RSN information element rejected? (res %u)\n", res);
+            return -1;
+          }
+        } else {
+          rsn = 1;
+        }
 	free(sta->wpa_ie);
 	sta->wpa_ie = malloc(ielen);
 	if (sta->wpa_ie == NULL) {
 		printf("No memory to save WPA/RSN information element!\n");
 		return -1;
 	}
-	memcpy(sta->wpa_ie, ie.wpa_ie, ielen);
+        if (rsn)
+          memcpy(sta->wpa_ie, ie.rsn_ie, ielen);
+        else
+          memcpy(sta->wpa_ie, ie.wpa_ie, ielen);
 	sta->wpa_ie_len = ielen;
 	return 0;
 }