Problem setting keys with ndiswrapper after authentication?
Romano Giannetti
romanol
Tue Nov 30 07:00:59 PST 2004
First of all: 1000 of thanks for your time.
On Mon, Nov 29, 2004 at 09:55:05PM -0800, Jouni Malinen wrote:
> > [root at rukbat ndiswrapper]# wpa_supplicant -Dndiswrapper -iwlan0 -c/etc/wpa_supplicant.conf -dd
>
> > ...etc, like before. I remove all the output until the new problem...
>
> Please do not.. or at least make the full output available somewhere.
Ok. I tried to send all of it but it was too long; I have put the complete
log available on the web...
Whep. More data for my wireless quest... this time I will not cut it, so
it's quite large.
Commands starts with '#'. I am using cvs-ndiswrapper and cvs-wpa_supplicant,
downloaded this morning. I enabled ap_scan and it seems to work well.
Script started on Tue 30 Nov 2004 03:26:09 PM CET
# iwconfig wlan0 && ifconfig wlan0
wlan0 IEEE 802.11b ESSID:off/any
Mode:Auto Frequency:2.442GHz Access Point: 00:00:00:00:00:00
Bit Rate:11Mb/s Tx-Power:20 dBm Sensitivity=0/3
RTS thr:2432 B Fragment thr:2432 B
Encryption key:off
Power Management:off
Link Quality:100/100 Signal level:-56 dBm Noise level:-256 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0
wlan0 Link encap:Ethernet HWaddr 00:0B:9D:00:B2:6E
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:1245 errors:0 dropped:0 overruns:0 frame:0
TX packets:30 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:137535 (134.3 Kb) TX bytes:2247 (2.1 Kb)
Interrupt:9 Memory:10800000-108000ff
# wpa_supplicant -Dndiswrapper -iwlan0 -c/etc/wpa_supplicant.conf -dd
Initializing interface 'wlan0' conf '/etc/wpa_supplicant.conf' driver 'ndiswrapper'
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ctrl_interface='/var/run/wpa_supplicant'
ctrl_interface_group=0
eapol_version=1
ap_scan=1
Line: 191 - start of a new network block
ssid - hexdump_ascii(len=9):
75 70 63 6f 5f 77 6c 61 6e upco_wlan
key_mgmt: 0x8
eap methods - hexdump(len=2): 19 00
identity - hexdump_ascii(len=16):
72 6f 6d 61 6e 6f 40 75 70 63 6f 6e 74 2e 65 73 romano at upcont.es
password - hexdump_ascii(len=9): [REMOVED]
phase2 - hexdump_ascii(len=13):
61 75 74 68 3d 4d 53 43 48 41 50 56 32 auth=MSCHAPV2
Priority group 0
id=0 ssid='upco_wlan'
[...]
removed data; message was too long for the maillist managed. A complete
log is at http://www.dea.icai.upco.es/romano/report3_complete.txt
[...]
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=25 id=129
EAP: EAP entering state METHOD
EAP-PEAP: Received packet(len=43) - Flags 0x01
EAP-PEAP: received 37 bytes encrypted data for Phase 2
EAP-PEAP: Decrypted Phase 2 EAP - hexdump(len=11): 01 81 00 0b 21 80 03 00 02 00 01
EAP-PEAP: received Phase 2: code=1 identifier=129 length=11
EAP-PEAP: Phase 2 Request: type=33
EAP-TLV: Received TLVs - hexdump(len=6): 80 03 00 02 00 01
EAP-TLV: Result TLV - hexdump(len=2): 00 01
EAP-TLV: TLV Result - Success - EAP-TLV/Phase2 Completed
****
ok: that seems to authenticate me. System managers told me that they could
see my successfull authentication.
EAP-PEAP: Encrypting Phase 2 data - hexdump(len=11): [REMOVED]
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=98): 00 11 5c 77 82 40 00 0b 9d 00 b2 6e 88 8e 01 00 00 50 02 81 00 50 19 01 17 03 01 00 20 28 df 37 23 a2 6f 23 dc 94 86 93 ac 69 a2 09 80 0e dc 7f 78 35 80 cb dd 30 52 e5 34 79 1e 31 81 17 03 01 00 20 e5 1f 13 de e1 e0 49 df c9 f9 eb ba 87 ae b3 60 c8 65 9d 5f f2 a2 4a 61 01 3d 22 60 cb d0 81 c7
EAPOL: SUPP_BE entering state RECEIVE
WPA: EAPOL frame too short, len 47, expecting at least 99
RX EAPOL from 00:11:5c:77:82:40
RX EAPOL - hexdump(len=46): 01 00 00 04 03 81 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Success
EAP: EAP entering state SUCCESS
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: SUPP_BE entering state SUCCESS
EAPOL: SUPP_BE entering state IDLE
WPA: EAPOL frame too short, len 46, expecting at least 99
RX EAPOL from 00:11:5c:77:82:40
RX EAPOL - hexdump(len=61): 01 03 00 39 01 00 0d 00 00 41 ac 83 0b 00 b1 3d 1f dc 96 7b ca c7 a6 18 71 7e c8 5a 02 85 99 01 85 c2 4b 23 0a 04 7a 03 06 fb 65 5e ae a0 cc 00 b2 8a 34 48 fd 38 99 0a a6 84 7a e9 32
EAPOL: Received EAPOL-Key frame
EAPOL: KEY_RX entering state KEY_RECEIVE
EAPOL: processKey
EAPOL: RX IEEE 802.1X ver=1 type=3 len=57 EAPOL-Key: type=1 key_length=13 key_index=0x1
EAPOL: EAPOL-Key key signature verified
EAPOL: Decrypted(RC4) key - hexdump(len=13): [REMOVED]
EAPOL: Setting dynamic WEP key: broadcast keyidx 1 len 13
**** That seems to set the WEP key....
WPA: EAPOL frame too short, len 61, expecting at least 99
RX EAPOL from 00:11:5c:77:82:40
RX EAPOL - hexdump(len=48): 01 03 00 2c 01 00 0d 00 00 41 ac 83 0b 00 b2 be e0 c6 9f 3d 67 f2 e0 c3 2a ca 68 fa 23 eb 20 83 3f 28 3a 58 a0 65 50 b4 74 5b f5 e6 39 13 12 97
EAPOL: Received EAPOL-Key frame
EAPOL: KEY_RX entering state KEY_RECEIVE
EAPOL: processKey
EAPOL: RX IEEE 802.1X ver=1 type=3 len=44 EAPOL-Key: type=1 key_length=13 key_index=0x83
EAPOL: EAPOL-Key key signature verified
EAPOL: using part of EAP keying material data encryption key - hexdump(len=13): [REMOVED]
EAPOL: Setting dynamic WEP key: unicast keyidx 3 len 13
*** and that the other...
EAPOL: all required EAPOL-Key frames received
WPA: EAPOL processing complete
Cancelling authentication timeout
EAPOL: SUPP_PAE entering state AUTHENTICATED
**** Now I start (on another terminal) dhclient, which says:
[root at rukbat romano]# dhclient wlan0
Internet Systems Consortium DHCP Client V3.0.1rc14
Copyright 2004 Internet Systems Consortium.
All rights reserved.
For info, please visit http://www.isc.org/products/DHCP
Listening on LPF/wlan0/00:0b:9d:00:b2:6e
Sending on LPF/wlan0/00:0b:9d:00:b2:6e
Sending on Socket/fallback
DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 4
[...]
*** without answer. Meanwhile, wpa_supplicant continues saying:
WPA: EAPOL frame too short, len 48, expecting at least 99
EAPOL: Port Timers tick - authWhile=29 heldWhile=0 startWhen=29 idleWhile=59
[...]
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=15
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=14
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=13
*** It seems no traffic go trough. If at this stage (in a third terminal) I
ask for wlan0 state:
# iwconfig wlan0 && ifconfig wlan0
wlan0 IEEE 802.11b ESSID:"upco_wlan"
Mode:Managed Frequency:2.427GHz Access Point: 00:11:5C:77:82:40
Bit Rate:11Mb/s Tx-Power:20 dBm Sensitivity=0/3
RTS thr:2432 B Fragment thr:2432 B
Encryption key:off
Power Management:off
Link Quality:100/100 Signal level:-53 dBm Noise level:-256 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0
wlan0 Link encap:Ethernet HWaddr 00:0B:9D:00:B2:6E
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:1263 errors:0 dropped:0 overruns:0 frame:0
TX packets:44 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:142553 (139.2 Kb) TX bytes:3342 (3.2 Kb)
Interrupt:9 Memory:10800000-108000ff
*** It seems to me that I received the keys, but no keys are used by the
driver. I feel I am really near to the connection...
Finally, I hit ctl-c on wpa_supplicant...
Signal 2 received - terminating
EAPOL: External notification - portEnabled=0
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portValid=0
EAP: deinitialize previously used EAP method (25, PEAP) at EAP deinit
Again, any hint?
Romano
--
Romano Giannetti - Univ. Pontificia Comillas (Madrid, Spain)
Electronic Engineer - phone +34 915 422 800 ext 2416 fax +34 915 596 569
More information about the Hostap
mailing list