Master Session Key (MSK) reg

[Jouni Malinen]

On Fri, Mar 02, 2007 at 10:01:02AM +0000, Aravind babu wrote:

>   We are running wpa_supplicant 0.5.5 on winxp professional 2002 service pack 2  laptop with opensource FreeRadius version 1.0.5

I would highly recommend updating to 0.5.7 which is the first "stable
release" from 0.5.x branch. 0.5.5 has number of known bugs.

>   I am understanding the code to do some modifications.Can any one 
>   clarify the following queries ?

Could you please describe what kind of modifications you are planning on
doing?

>   1. where exactly in the code the master session key is filled ?I hope in 
>       STATE(EAP,METHOD) in eap.c  Please correct me if i am wrong.

Filled where? MSK is derived in the EAP method and EAP state machine is
indeed copying it from the method in STATE(EAP, METHOD) using the
getKey() handler.

>   2. In which conditions this key will be freed ?

Do you mean when sm->eapKeyData is freed by the EAP state machine? It's
freed whenever it is not needed anymore. There are number of locations
in eap.c that do this. If you need it for something else, I would
recommend making a copy of it unless you are sure the reference is going
to be available whenever you need it.


>   Please check the following debug messages.
>    
>   EAP: EAP entering state SUCCESS
>   CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully

...

>   WPA: RX message 1 of 4-Way Handshake from 00:0b:0e:2d:00:02 (ver=1)
>   WPA: Failed to get master session key from EAPOL state machines
>    
>   I checked in the code for the above message and i find out that MSK is NULL.

This debug log does not include enough information to determine why the
key was not available at this point. I would need to see the full EAP
authentication to better understand what exactly happened here.

-- 
Jouni Malinen                                            PGP id EFC895FA