group key handshake failure in WPA-EAP mode

John H. mistamaila
Sun Apr 23 14:04:10 PDT 2006 

hmm, if i try some of the config he used, it says
no keys have been configured - skip key clearing

????

ap_scan=2 will time out on the ssid in question.

On 4/23/06, John H. <mistamaila at gmail.com> wrote:
> i am curious if it's similar to the problem i am having with truemobile 2300.
> when it does NOT Work, does it say that perhaps the pre shared key is incorrect?
>
> On 4/23/06, Piotr Zawadzki <pzawadzki at polsl.pl> wrote:
> > Dnia niedziela, 23 kwietnia 2006 16:52, Jouni Malinen napisa?:
> > > On Sun, Apr 23, 2006 at 02:21:13PM +0200, Piotr Zawadzki wrote:
> > > > I have working setup with hostapd 0.5.2 (RSN and TKIP encryption),
> > > > freeradius as a AAA server and wpa_supplicant 0.5.2.
> > > > But if i change protocol from RSN to WPA the group key handshake fails
> > > >  with the following log on hostapd
> > >
> > > What wlan cards and drivers (including version) are you using in the AP
> > > and client? Can you please send debug log from wpa_supplicant for the
> > > failed case?
> > >
> > > Group key handshake is the first user of the just configured pairwise
> > > keys and failure here could indicate that either the client or the AP
> > > has not configured TKIP keys properly at this point. Are you saying that
> > > the data connection works fine with RSN?
> > Yes it is. WPA2 works fine but WPA does not.
> > The following logs comes from the configuration with prism2 based cards in
> > both AP and station. I have upgraded firmware to versions supporting RSN.
> > I'm using hostap driver that comes with 2.6.14 linux kernel (both endpoints).
> > However, I have also observed the effect of not working in WPA mode  for the
> > Atheros (madwifi-ng) card in supplicant node. Fortunately this card also
> > supported WPA2 and in this mode worked with no problems.
> >
> > Cards identification:
> > AP: lspci -v
> > 02:0a.0 Network controller: Intersil Corporation Prism 2.5 Wavelan chipset
> > (rev 01)
> >         Subsystem: Intersil Corporation Prism 2.5 Wavelan chipset
> >         Flags: medium devsel, IRQ 169
> >         Memory at ef000000 (32-bit, prefetchable) [size=4K]
> >         Capabilities: [dc] Power Management version 2
> > STA: cardctl ident
> > Socket 1:
> >   product info: "PCMCIA", "11M WLAN Card v3.0", "", ""
> >   manfid: 0x0274, 0x1613
> >   function: 6 (network)
> >
> > Firmware versions are the same:
> > AP:
> > Apr 23 17:24:32 dom kernel: wifi0: NIC: id=0x8013 v1.0.0
> > Apr 23 17:24:32 dom kernel: wifi0: PRI: id=0x15 v1.1.4
> > Apr 23 17:24:32 dom kernel: wifi0: STA: id=0x1f v1.8.4
> > STA:
> > Apr 23 17:30:24 laptop kernel: wifi0: NIC: id=0x801b v1.0.0
> > Apr 23 17:30:24 laptop kernel: wifi0: PRI: id=0x15 v1.1.1
> > Apr 23 17:30:24 laptop kernel: wifi0: STA: id=0x1f v1.8.4
> >
> > The output from
> > wpa_supplicant -dd -i wlan0 -D hostap -c /etc/wpa_supplicant.conf
> > ***
> > Initializing interface 'wlan0' conf '/etc/wpa_supplicant.conf' driver 'hostap'
> > ctrl_interface 'N/A' bridge 'N/A'
> > Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
> > Reading configuration file '/etc/wpa_supplicant.conf'
> > ctrl_interface='/var/run/wpa_supplicant'
> > ctrl_interface_group=1000
> > update_config=1
> > Line: 27 - start of a new network block
> > ssid - hexdump_ascii(len=6):
> >      6d 69 73 69 65 6b                                 misiek
> > proto: 0x1
> > key_mgmt: 0x1
> > pairwise: 0x8
> > eap methods - hexdump(len=16): 00 00 00 00 19 00 00 00 00 00 00 00 00 00 00 00
> > ... cut - authentication messages ...
> > EAP: Received EAP-Success
> > EAP: EAP entering state SUCCESS
> > CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
> > CTRL_IFACE monitor send - hexdump(len=26): 2f 74 6d 70 2f 77 70 61 5f 63 74 72
> > 6c 5f 31 39 32 38 33 2d 31 36 35 33 31 00
> > EAPOL: SUPP_BE entering state RECEIVE
> > EAPOL: SUPP_BE entering state SUCCESS
> > EAPOL: SUPP_BE entering state IDLE
> > RX EAPOL from 00:0f:cb:b0:0d:9b
> > RX EAPOL - hexdump(len=99): 02 03 00 5f fe 00 89 00 20 00 00 00 00 00 00 00 01
> > 87 67 37 82 eb a1 3d 11 af a1 6c 4d 38 31 52 87 36 85 de 2f 14 95 0f 69 ed 20
> > 16 44 fa 90 dc db 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> > 00 00 00 00
> > EAPOL: Ignoring WPA EAPOL-Key frame in EAPOL state machines
> > IEEE 802.1X RX: version=2 type=3 length=95
> >   EAPOL-Key type=254
> > WPA: RX EAPOL-Key - hexdump(len=99): 02 03 00 5f fe 00 89 00 20 00 00 00 00 00
> > 00 00 01 87 67 37 82 eb a1 3d 11 af a1 6c 4d 38 31 52 87 36 85 de 2f 14 95 0f
> > 69 ed 20 16 44 fa 90 dc db 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> > 00 00 00 00 00 00 00
> > State: ASSOCIATED -> 4WAY_HANDSHAKE
> > WPA: RX message 1 of 4-Way Handshake from 00:0f:cb:b0:0d:9b (ver=1)
> > WPA: PMK from EAPOL state machines - hexdump(len=32): [REMOVED]
> > WPA: WPA IE for msg 2/4 - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02
> > 01 00 00 50 f2 02 01 00 00 50 f2 01
> > WPA: Renewed SNonce - hexdump(len=32): e6 7b b4 20 d4 37 35 15 5d 56 6c 4d 29
> > 98 70 de 08 78 33 db 84 04 b5 42 e6 a6 d2 71 da 72 8d 59
> > WPA: PMK - hexdump(len=32): [REMOVED]
> > WPA: PTK - hexdump(len=64): [REMOVED]
> > WPA: Sending EAPOL-Key 2/4
> > WPA: TX EAPOL-Key - hexdump(len=123): 01 03 00 77 fe 01 09 00 20 00 00 00 00
> > 00 00 00 01 e6 7b b4 20 d4 37 35 15 5d 56 6c 4d 29 98 70 de 08 78 33 db 84 04
> > b5 42 e6 a6 d2 71 da 72 8d 59 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 79 3c c8 89 ab 4d d4 c9 1f d6
> > 65 91 12 06 e5 51 00 18 dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02
> > 01 00 00 50 f2 01
> > RX EAPOL from 00:0f:cb:b0:0d:9b
> > RX EAPOL - hexdump(len=123): 02 03 00 77 fe 01 c9 00 20 00 00 00 00 00 00 00
> > 02 87 67 37 82 eb a1 3d 11 af a1 6c 4d 38 31 52 87 36 85 de 2f 14 95 0f 69 ed
> > 20 16 44 fa 90 dc db 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> > 00 00 00 00 00 00 00 00 00 00 00 00 00 41 ed 8f be 64 69 b7 b4 c0 02 af e4 0f
> > f9 1c 0e 00 18 dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00
> > 50 f2 01
> > EAPOL: Ignoring WPA EAPOL-Key frame in EAPOL state machines
> > IEEE 802.1X RX: version=2 type=3 length=119
> >   EAPOL-Key type=254
> > WPA: RX EAPOL-Key - hexdump(len=123): 02 03 00 77 fe 01 c9 00 20 00 00 00 00
> > 00 00 00 02 87 67 37 82 eb a1 3d 11 af a1 6c 4d 38 31 52 87 36 85 de 2f 14 95
> > 0f 69 ed 20 16 44 fa 90 dc db 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 41 ed 8f be 64 69 b7 b4 c0 02
> > af e4 0f f9 1c 0e 00 18 dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02
> > 01 00 00 50 f2 01
> > State: 4WAY_HANDSHAKE -> 4WAY_HANDSHAKE
> > WPA: RX message 3 of 4-Way Handshake from 00:0f:cb:b0:0d:9b (ver=1)
> > WPA: IE KeyData - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00
> > 00 50 f2 02 01 00 00 50 f2 01
> > WPA: Sending EAPOL-Key 4/4
> > WPA: TX EAPOL-Key - hexdump(len=99): 01 03 00 5f fe 01 09 00 20 00 00 00 00 00
> > 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 dd ff 39 1f e8 4d 20 32 da 3d 60
> > 96 51 c4 eb 6d 00 00
> > WPA: Installing PTK to the driver.
> > WPA: RSC - hexdump(len=6): 00 00 00 00 00 00
> > wpa_driver_hostap_set_key: alg=TKIP key_idx=0 set_tx=1 seq_len=6 key_len=32
> > State: 4WAY_HANDSHAKE -> GROUP_HANDSHAKE
> > RX ctrl_iface - hexdump_ascii(len=4):
> >      50 49 4e 47                                       PING
> > RX ctrl_iface - hexdump_ascii(len=6):
> >      53 54 41 54 55 53                                 STATUS
> > RX ctrl_iface - hexdump_ascii(len=13):
> >      4c 49 53 54 5f 4e 45 54 57 4f 52 4b 53            LIST_NETWORKS
> > RX ctrl_iface - hexdump_ascii(len=4):
> >      50 49 4e 47                                       PING
> > EAPOL: startWhen --> 0
> > RX ctrl_iface - hexdump_ascii(len=4):
> >      50 49 4e 47                                       PING
> > Wireless event: cmd=0x8b15 len=20
> > Wireless event: new AP: 00:00:00:00:00:00
> > Setting scan request: 0 sec 100000 usec
> > Added BSSID 00:0f:cb:b0:0d:9b into blacklist
> > State: GROUP_HANDSHAKE -> DISCONNECTED
> > EAPOL: External notification - portEnabled=0
> > EAPOL: SUPP_PAE entering state DISCONNECTED
> > EAPOL: SUPP_BE entering state INITIALIZE
> > EAP: EAP entering state DISABLED
> > EAPOL: External notification - portValid=0
> > CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
> > CTRL_IFACE monitor send - hexdump(len=26): 2f 74 6d 70 2f 77 70 61 5f 63 74 72
> > 6c 5f 31 39 32 38 33 2d 31 36 35 33 31 00
> > *** end of debug
> >
> > Thanks for your interest.
> > --
> > Piotr Zawadzki, Silesian Technical University
> > PGP: http://www.keyserver.net/
> > _______________________________________________
> > HostAP mailing list
> > HostAP at shmoo.com
> > http://lists.shmoo.com/mailman/listinfo/hostap
> >
>

More information about the Hostap mailing list