802.1x auth with wpa_supp?

Thu Sep 9 03:55:16 PDT 2004

Below are the outputs from wpa_supp with the wext drivers instead of 
hostap.  It doesn't look much different from the hostap debug?  Any 
guidance form here would be very much appreciated?
Regards,
Morgan.

***************************
[root at morgansmachine root]# iwconfig
lo        no wireless extensions.

sit0      no wireless extensions.

eth0      no wireless extensions.

wifi0     IEEE 802.11b  ESSID:"uoa"
           Mode:Managed  Frequency:2.437GHz  Access Point: 00:0D:ED:99:37:C0
           Bit Rate:11Mb/s   Sensitivity=1/3
           Retry min limit:8   RTS thr:off   Fragment thr:off
           Encryption key:ABCD-EF01-2345-6789-ABCD-EF01-23   Security 
mode:open
           Power Management:off
           Link Quality:11/70  Signal level:-81 dBm  Noise level:-93 dBm
           Rx invalid nwid:0  Rx invalid crypt:82  Rx invalid frag:0
           Tx excessive retries:0  Invalid misc:3347   Missed beacon:0

wlan0     IEEE 802.11b  ESSID:"uoa"
           Mode:Managed  Frequency:2.437GHz  Access Point: 00:0D:ED:99:37:C0
           Bit Rate:11Mb/s   Sensitivity=1/3
           Retry min limit:8   RTS thr:off   Fragment thr:off
           Encryption key:ABCD-EF01-2345-6789-ABCD-EF01-23   Security 
mode:open
           Power Management:off
           Link Quality:11/70  Signal level:-81 dBm  Noise level:-93 dBm
           Rx invalid nwid:0  Rx invalid crypt:82  Rx invalid frag:0
           Tx excessive retries:0  Invalid misc:3347   Missed beacon:0

[root at morgansmachine root]#
***************************
[root at morgansmachine root]# wpa_supplicant -iwlan0 -Dwext 
-c/etc/wpa_supplicant.conf -d
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ctrl_interface='/var/run/wpa_supplicant'
ctrl_interface_group=0
eapol_version=1
ap_scan=0
Priority group 0
    id=0 ssid='uoa'
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
wpa_driver_wext_set_wpa: enabled=1 - not yet implemented
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_countermeasures: enabled=0 - not yet implemented
wpa_driver_wext_set_drop_unencrypted: enabled=1 - not yet implemented
Setting scan request: 0 sec 100000 usec
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
Already associated with a configured network - generating associated event
Association event - clear replay counter
Associated to a new BSS: BSSID=00:0d:ed:99:37:c0
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
Network configuration found for the current AP
EAPOL: External notification - portControl=Auto
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
Setting authentication timeout: 10 sec 0 usec
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
RX EAPOL from 00:0d:ed:99:37:c0
Setting authentication timeout: 10 sec 0 usec
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=1 id=2
EAP: EAP entering state IDENTITY
EAP: EAP-Request Identity data - hexdump_ascii(len=0):
EAP: using real identity - hexdump_ascii(len=10):
      45 43 2f 6d 72 65 61 30 30 35                     EC/mrea005
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
EAPOL: SUPP_BE entering state RECEIVE
WPA: EAPOL frame too short, len 46, expecting at least 99
Wireless event: cmd=0x8b15 len=20
Wireless event: new AP: 00:00:00:00:00:00
Setting scan request: 0 sec 100000 usec
EAPOL: External notification - portEnabled=0
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portValid=0
Disconnect event - remove keys
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
RTM_NEWLINK, IFLA_IFNAME: Interface 'wifi0' added
RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
Already associated with a configured network - generating associated event
Association event - clear replay counter
Associated to a new BSS: BSSID=00:0d:ed:99:37:c0
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
Network configuration found for the current AP
EAPOL: External notification - portControl=Auto
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
Setting authentication timeout: 10 sec 0 usec
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b15 len=20
Wireless event: new AP: 00:0d:ed:99:37:c0
Association event - clear replay counter
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
Setting authentication timeout: 10 sec 0 usec
RTM_NEWLINK, IFLA_IFNAME: Interface 'wifi0' added
RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
RX EAPOL from 00:0d:ed:99:37:c0
Setting authentication timeout: 10 sec 0 usec

<SNIP>

Setting authentication timeout: 10 sec 0 usec
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
Wireless event: cmd=0x8b2a len=12
RTM_NEWLINK, IFLA_IFNAME: Interface 'wifi0' added
RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
Signal 2 received - terminating
wpa_driver_wext_deauthenticate - not yet implemented
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
EAPOL: External notification - portEnabled=0
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portValid=0
wpa_driver_wext_set_wpa: enabled=0 - not yet implemented
wpa_driver_wext_set_drop_unencrypted: enabled=0 - not yet implemented
wpa_driver_wext_set_countermeasures: enabled=0 - not yet implemented
[root at morgansmachine root]#
***************************
[root at morgansmachine root]# iwconfig
lo        no wireless extensions.

sit0      no wireless extensions.

eth0      no wireless extensions.

wifi0     IEEE 802.11b  ESSID:"uoa"
           Mode:Managed  Frequency:2.437GHz  Access Point: 00:0D:ED:99:37:C0
           Bit Rate:5.5Mb/s   Sensitivity=1/3
           Retry min limit:8   RTS thr:off   Fragment thr:off
           Encryption key:off
           Power Management:off
           Link Quality:11/70  Signal level:-82 dBm  Noise level:-94 dBm
           Rx invalid nwid:0  Rx invalid crypt:523  Rx invalid frag:0
           Tx excessive retries:0  Invalid misc:6104   Missed beacon:0

wlan0     IEEE 802.11b  ESSID:"uoa"
           Mode:Managed  Frequency:2.437GHz  Access Point: 00:0D:ED:99:37:C0
           Bit Rate:5.5Mb/s   Sensitivity=1/3
           Retry min limit:8   RTS thr:off   Fragment thr:off
           Encryption key:off
           Power Management:off
           Link Quality:11/70  Signal level:-82 dBm  Noise level:-94 dBm
           Rx invalid nwid:0  Rx invalid crypt:523  Rx invalid frag:0
           Tx excessive retries:0  Invalid misc:6104   Missed beacon:0

[root at morgansmachine root]#
***************************

Jouni Malinen wrote:
> On Tue, Sep 07, 2004 at 01:41:36PM +1200, Morgan Read wrote:
> 
> 
>>>Failed to enable WPA in the driver.
>>>
>>
>>I updated the station firmware to 1.7.4 in ram and got the second output
>>(second) below.  Also, in the second instance the AP seemed to
>>"disappear" and the MAC changed to all 4s while wpa_supplicant was
>>running (it didn't exit itself) and when I exited wpa_supplicant (with
>>ctrl-C) the AP came back with a real MAC.
>>
>>But, this is all a bit strange because I shouldn't be doing anything
>>with wpa if I'm using 802.1x??  So, I think something must be
>>fundamentaly amiss?
> 
> 
> The current version of the Host AP driver interface in wpa_supplicant
> always enables WPA support and consequently, requires new station
> firmware. You might be able to use IEEE 802.1X with driver_wext.c (add
> CONFIG_DRIVER_WEXT=y to .config, use ap_scan=0 in wpa_supplicant.conf,
> and -Dwext on command line).
> 
> 
>>Already associated with a configured network - generating associated event
>>Association event - clear replay counter
>>Associated to a new BSS: BSSID=44:44:44:44:44:44
> 
> 
>>ap_scan=0
> 
> 
> I would recommend starting with ap_scan=1 when using Host AP driver.
> Your debug log showed that wpa_supplicant was not receiving any EAPOL
> packets from the AP and then timing out. ap_scan=1 has received much
> more testing..
> 
> 
>>	eap=PEAP MSCHAPV2
> 
> 
> If you are using EAP-PEAP with EAP-MSCHAPv2 as the inner (tunneled,
> phase 2) authentication, you only need to have PEAP on this line. Phase
> 2 method is configured below with:
> 
> 
>>	phase2="auth=MSCHAPV2"
> 
> 

-- 
Morgan Read
<mailto:mstuffATplDOTnet>