feisty atheros and wpa

ico at vt.edu ico
Fri Aug 31 19:26:11 PDT 2007


Quoting Ramesh R <rramesh_1 at yahoo.com>:

> Ivica,
>
> The easiest way to dig & find out as to what goes on
> is to use a laptop with airopeek or kismet installed.
> I suspect the key exchanges, check the EAPOL-Key
> exchanges between the AP & the station. As a first
> step, see if the authentication sequence is complete.
>
> For WPA-PSK you should see an auth req & auth response
> followed by an association req. & association resp.
> The key exchanges start & totally you should see 6
> EAPOL-Key Frames between the AP & the station for a
> WPA-PSK based auth. setting.
>
> Cheers
> /R

Ramesh,

Many thanks for your feedback. In the meantime I've done some more digging and
found out the following:

If I make my AP's ESSID visible (and leave everything else the same--WPA+WPA2,
TKIP+AES, etc.), connection works perfectly. However, as soon as I make ESSID
invisible, connection becomes near impossible

That being said, even if ESSID is invisible, if I start wpa_supplicant manually
with a config file which includes ap_scan=2 and scan_ssid=1 in about 50% of
connections wpa_supplicant shows successful handshake via -dd output (although
this way for some reason I still cannot connect to the internet--likely due to
concurrent nm-applet, wicd or roaming mode). If this method starts to fail
consistently, rmmod and modprobe of the ath_pci usually restores the 50/50
chances of successful handshake.

I haven't been able to use wicd since it apparently has ap_scan=1 and
scan_ssid=0 hardwired in its code (at least judging from my brief study of the
code). OTOH nm-applet has a very funky behavior where if I start wpasupplicant
before starting nm-applet, nm-applet's wpasupplicant fails to start (since my
instance already creates /var/run/wpasupplicant hook) or at least becomes less
relevant for some reason. At this point I have 2 instances of wpa_supplicant
running and if my "manual" version manages to connect and I keep trying to
reconnect via nm-applet, eventually I'll get connected, but only for a few
seconds. Then I get disconnected again. When I was observing PID's of the
manual and nm-applet's wpasupplicant, it appears that I get disconnected as
soon as the PID of nm-applet's wpasupplicant becomes higher than that of the
manual instance (apparently because according to nm-applet successful connect
was never made so it is likely restarting its own instance of wpasupplicant
which is therefore getting newer and consequently higher PID). This may be
because how nm-applet appears to be looking for wpasupplicant's PID in order to
interface with it in a way that it always picks the last found PID in the
process table which would explain this rather odd behavior.

Finally, if I let the nm-applet take over the /var/run/wpasupplicant hook so
that I cannot spawn my own manual concurrent version of wpasupplicant, and I
still keep trying to spawn it nonetheless (it will tell me that there is a hook
in place and will therefore exit), sometimes it seems that I get lucky enough to
provide (in this brief moment in which the instance was attempting to spawn)
nm-applet with correct settings and therefore making it successfully connect to
the router.

Very bizarre...

Any thoughts?

Many thanks!

Ico



>
> --- Ivica Ico Bukvic <ico at vt.edu> wrote:
>
> > Hi all,
> >
> > I am using Ubuntu feisty (more precisely Ubuntu
> > Studio) and here's my
> > dilemma:
> >
> > *macbook pro santa rosa, 2.6.20-16 low latency
> > kernel from Ubuntu Studio,
> > atheros driver ath_pci with madwifi 0.5.5
> > wpasupplicant, using nm-applet
> > *Wireless networks are detected (including
> > WPA-enabled which interests me
> > the most)
> > *Connecting to WPA-enabled network has so far worked
> > only once (I am unable
> > to recreate the scenario as it appears near random)
> > *tried using latest madwifi driver from svn trunk
> > and 0.6.0 wpasupplicant
> > without success
> > *tried using wicd instead nm-applet without success
> > *manually running wpa_supplicant -Dwext (or
> > -Dmadwifi which appears to a bit
> > farther) -iath0 -c/etc/wpa_supplicant.conf -dd gives
> > me successful
> > authentication (AUTHENTICATED message) with
> > appropriate settings in
> > wpa_supplicant.conf and /etc/network/interfaces
> > which include WPA-PSK/TKIP
> > settings (WPA network I am trying to join is not
> > advertising ESSID so I am
> > using scan_ap=2 and scan_ssid=1) but I still cannot
> > connect
> > *I have no idea what settings nm-applet is running
> > wpa_supplicant with--may
> > have to dig into the nm-applet's code
> >
> > I'll try to send a detailed outputs from relevant
> > files later, but was
> > wondering in the meantime if anyone had any ideas
> > why and how is this
> > happening? Since I manually installed wpa_supplicant
> > and latest madwifi
> > drivers, do I need to also install hostap as well (I
> > suspect not but then
> > again what do I know :-)?
> >
> > P.S. FWIWI it would be helpful to have some kind of
> > a diagram which shows
> > hierarchy of what affects what as it appears that
> > starting wpa_supplicant
> > manually collides with ifup commands (and
> > vice-versa) while nm-applet is a
> > story in and of itself...
> >
> > Many thanks!
> >
> > Best wishes,
> >
> > Ivica Ico Bukvic, D.M.A.
> > Composition, Music Technology, CCTAD, CHCI
> > Virginia Tech
> > Dept. of Music - 0240
> > Blacksburg, VA 24061
> > (540) 231-6139
> > (540) 231-5034 (fax)
> > ico at vt.edu
> > http://www.music.vt.edu/people/faculty/bukvic/
> >
> >
> > _______________________________________________
> > HostAP mailing list
> > HostAP at shmoo.com
> > http://lists.shmoo.com/mailman/listinfo/hostap
> >
>
>
>
>
>
____________________________________________________________________________________
> Boardwalk for $500? In 2007? Ha! Play Monopoly Here and Now (it's updated for
> today's economy) at Yahoo! Games.
> http://get.games.yahoo.com/proddesc?gamekey=monopolyherenow
>






More information about the Hostap mailing list