hostapd 0.4.3..CVS: madwifi-bsd CVS: wpasupplicant CVS: winxpsp2: broken. client inet breaks if another client enters AP

thomas schorpp t.schorpp
Mon Jul 4 23:42:46 PDT 2005 

hello,

the better news: linux to linux RSN works now UNTIL the second group key
handshake breaks inet. reconnection to hostap AP neccesary...
xpsp2 supplicant with KB893357 suggests wep instead of open, not tested
yet...

the bad news with wpa1,eap-tls,ccmp: since cvs madwifi+hotsapd update
from around 6-29-05: linux client: xpsp2 client: hostapd:

- client inet breaks if another client enters AP, after dis/reconnecting
the broken client, the other working client's inet breaks.

- strange behaviour with xpsp2 as only client: every 20min local deauth
request, group rekeying intervall is 10min. inet seems to break at every
second group keying.. like RSN above:

Jul  4 19:16:37 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.11:
associated
Jul  4 19:16:38 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: pairwise
key handshake completed (WPA)
Jul  4 19:16:38 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.1X:
authenticated
Jul  4 19:16:39 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: group key
handshake completed (WPA)
Jul  4 19:26:36 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: group key
handshake completed (WPA)
Jul  4 19:36:36 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: group key
handshake completed (WPA)
Jul  4 19:46:39 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.11:
deauthenticated due to local deauth request
Jul  4 19:46:39 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.11:
deassociated
Jul  4 19:46:42 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.11:
associated
Jul  4 19:46:42 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: pairwise
key handshake completed (WPA)
Jul  4 19:46:42 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.1X:
authenticated
Jul  4 19:46:43 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: group key
handshake completed (WPA)
Jul  4 19:56:36 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: group key
handshake completed (WPA)
Jul  4 20:06:39 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.11:
deauthenticated due to local deauth request
Jul  4 20:06:39 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.11:
deassociated
Jul  4 20:06:42 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.11:
associated
Jul  4 20:06:43 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: pairwise
key handshake completed (WPA)
Jul  4 20:06:43 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.1X:
authenticated
Jul  4 20:06:44 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: group key
handshake completed (WPA)
Jul  4 20:16:36 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: group key
handshake completed (WPA)
Jul  4 20:26:39 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.11:
deauthenticated due to local deauth request
Jul  4 20:26:39 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.11:
deassociated
Jul  4 20:26:42 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.11:
associated
Jul  4 20:26:42 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: pairwise
key handshake completed (WPA)
Jul  4 20:26:42 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.1X:
authenticated
Jul  4 20:26:43 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: group key
handshake completed (WPA)
Jul  4 20:36:36 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: group key
handshake completed (WPA)
Jul  4 20:46:39 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.11:
deauthenticated due to local deauth request
Jul  4 20:46:39 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.11:
deassociated
Jul  4 20:46:42 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.11:
associated
Jul  4 20:46:44 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: pairwise
key handshake completed (WPA)
Jul  4 20:46:44 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.1X:
authenticated
Jul  4 20:46:45 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: group key
handshake completed (WPA)
Jul  4 20:56:37 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: group key
handshake completed (WPA)
Jul  4 21:06:39 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.11:
deauthenticated due to local deauth request
Jul  4 21:06:39 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.11:
deassociated
Jul  4 21:06:42 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.11:
associated
Jul  4 21:06:44 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: pairwise
key handshake completed (WPA)
Jul  4 21:06:44 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.1X:
authenticated
Jul  4 21:06:45 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: group key
handshake completed (WPA)
Jul  4 21:16:36 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e WPA: group key
handshake completed (WPA)
Jul  4 21:21:06 tom3 hostapd: ath0: STA 00:11:50:1f:46:7e IEEE 802.11:
deassociated
tom3:~#

i suspect this changes:

revision 1.92  [Select for revision A] [Select for revision B]
date: 27.06.2005 04:30; author: jm

Fixed PMKSA caching for the case where STA (re)associates without
first disassociating.

Based on comments and patch from Divy Le Ray <dleray at atheros.com>:

It seems the last changes regarding PMKSA caching fixed
pre-authentication, but broke PMKSA caching on re-authentication.
I collected the attached traces against hostapd-0.4.2.
On re-authentication, the WPA state machine will not move to INITPMK, as
keyRun is FALSE.  The WPA exchange won't start and a full 802.1x session
will run.
I applied the fix in attachement to the madwifi driver: on a re-auth
event, let the 802.1x state machine decide if it can bypass a full
authentication, and set its flags accordingly. Then kick the WPA state
machine. It gives good results for both PMK caching usage on re-auth and
pre-auth.

jkm: cleaned up the changes in the patch and applied the same fix for
other driver interfaces

revision 1.91  [Select for revision A] [Select for revision B]
date: 26.06.2005 20:55; author: jm

Start RADIUS accounting only after successful completion of WPA
4-Way Handshake if WPA-PSK is used.

revision 1.90  [Select for revision A] [Select for revision B]
date: 26.06.2005 20:27; author: jm

Fixed PMKSA caching to copy User-Name and Class attributes so that
RADIUS accounting gets correct information. This is also needed for RSN
pre-authentication.

Bug 51

...or the many recent chances in madwifi-bsd-cvs.

i cant easyily track the changes in madwifi-bsd-cvs, since theres no
central changelog file...sry.

say, if yo need me to test before i rollback to hostapd 0.4.2...

y
tom

More information about the Hostap mailing list