Problem with EAP-TLS connection to Atheros AR5002AP-2X AP
Chr
chunkeey
Sun Jul 27 07:33:40 PDT 2008
On Sunday 27 July 2008 00:15:49 Chr wrote:
>
> Well... after sniffing some EAP-Frames it looks like
> that madwifi's stack or their driver has problems with fragmentation,
> because the "Server Certificate" in the EAP gets truncated.
>
> So, I my theory is this:
> wpa_supplicant does the right thing by dropping the connection,
> since it can't verify if the server certificate is valid or not.
>
> Unfortunately, I don't have any backups of my old working setup,
> so I don't really know which was the last madwifi-revision
> where everything worked well...
>
Alright, I found a _simple_ workaround.
just compile your client's wpa_supplicant with gnutls (and don't forget to
enable gnutls extras) instead of openssl!
This will let you associate..
But WPA doesn't work for me as madwifi/hostapd seems to have a different
opinion about the RSN flags when WPA is enabled... So, try to force
"proto=RSN" in your wpa_supplicant.conf if you see messages about
"IE in 3/4 msg does not match with IE in Beacon/ProbeResp".
Regards,
Chr
More information about the Hostap
mailing list