wpa_supplicant Windows port, again (WPA2)

[Bryan Kadzban]

Jouni Malinen wrote:
> Can you get debug log from the AP? It looks like it is rejecting the
> authentication for some reason.

The AP sends an EAP-Success packet (and the RADIUS server doesn't log a
failed authentication), it's just that the 4-way handshake is failing.

But I can try to get a debug log.  Any idea how to do that on a Cisco
AP?  (I'm not using HostAP.)  I have every severity being logged to the
internal event log on the AP, but all it shows is "authentication
failed" after the failed 4-way handshake.  (I *think* this is because
the supplicant hasn't proved that it knows the PMK, but I don't know for
sure.)

> That should be ok, this field is expected to match with the RSN IE 
> from association request.

Dang, there went my theory.  I was hoping it was the drivers dropping
the PMKID or something.  ;-)

> Supplicant is expected to reply with the same replay counter that it
> received from the authenticator.

OK, that's good to know.  Thanks!

> The capture log seems to indicate that there may be timing issues 
> with the authentication. It might be worthwhile trying to test with a
> shorter polling interval by changing l2_packet_receive_timeout() in 
> l2_packet_pcap.c to use 20000 instead of 100000 as the timeout value 
> (i.e., move from 100 ms to 20 ms).

Err, uh oh.  Last time I tried modifying stuff inside the supplicant, I
couldn't get it to build a Windows version properly -- but that was
under Cygwin, too, so I'm sure that was part of it.  It complained for a
long time about the socket stuff (because e.g. <sys/select.h> was being
included before Cygwin's <winsock2.h>; normally that file (and others)
have to be included after winsock2.h).  But even after fixing that, it
still didn't work quite right (unfortunately I don't remember the error
anymore; I think it was a segfault, with an empty stackdump file?
something like that).

What kind of setup do you use to cross-compile the Windows binaries from
Linux?  I know it has something to do with the MinGW cross compiler, but
I don't know how to set that up or whether I need to do anything else
with w32api headers (I probably do), other headers, libc, etc.

(I wonder if I can increase the timeout in the AP, instead of decreasing
the polling interval in wpa_supplicant.  Will have to look into that,
but I'm not very hopeful.  I'd still like to know how you set up your
MinGW environment.)

Thanks!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050925/0363eeab/attachment.pgp