hostapd problem: mobile devices unable to renew PTK during re-negotiation

Scott Smyth scotttravel2005
Fri Jun 25 12:59:31 PDT 2010 

Without attachment to reduce size of message.  Problem
listed below.

On Fri, Jun 25, 2010 at 12:46 PM, Scott Smyth <scotttravel2005 at gmail.com> wrote:
> Hi;
>
> We are using hostapd v0.6.10 with linux v2.6.32.12 through the
> mac80211 driver with a USB WiFi device utilizing driver, rt73usb.
> The system is debian ("Lenny") based.
>
> All works well at start and when any clients, mobile or otherwise,
> connect to the access point using hostapd. ?However, when the
> hostapd request re-negotiation, mobile clients (especially
> Apple devices) get disconnected. ?The client never seems to
> send a response to the 4-way negotiation that worked well
> the first time and will again upon re-initialization:
>
> ===
> wlan0: STA 00:26:4a:e8:a5:91 WPA: rekeying PTK
> WPA: 00:26:4a:e8:a5:91 WPA_PTK entering state PTKSTART
> wlan0: STA 00:26:4a:e8:a5:91 WPA: sending 1/4 msg of 4-Way Handshake
> WPA: Send EAPOL(version=1 secure=0 mic=0 ack=1 install=0 pairwise=8
> kde_len=0 keyidx=0 encr=0)
> wlan0: STA 00:26:4a:e8:a5:91 WPA: EAPOL-Key timeout
> WPA: 00:26:4a:e8:a5:91 WPA_PTK entering state PTKSTART
> wlan0: STA 00:26:4a:e8:a5:91 WPA: sending 1/4 msg of 4-Way Handshake
> WPA: Send EAPOL(version=1 secure=0 mic=0 ack=1 install=0 pairwise=8
> kde_len=0 keyidx=0 encr=0)
> wlan0: STA 00:26:4a:e8:a5:91 WPA: EAPOL-Key timeout
> WPA: 00:26:4a:e8:a5:91 WPA_PTK entering state PTKSTART
> wlan0: STA 00:26:4a:e8:a5:91 WPA: sending 1/4 msg of 4-Way Handshake
> WPA: Send EAPOL(version=1 secure=0 mic=0 ack=1 install=0 pairwise=8
> kde_len=0 keyidx=0 encr=0)
> wlan0: STA 00:26:4a:e8:a5:91 WPA: EAPOL-Key timeout
> WPA: 00:26:4a:e8:a5:91 WPA_PTK entering state PTKSTART
> WPA: 00:26:4a:e8:a5:91 WPA_PTK entering state DISCONNECT
> hostapd_wpa_auth_disconnect: WPA authenticator requests disconnect:
> STA 00:26:4a:e8:a5:91 reason 2
> WPA: 00:26:4a:e8:a5:91 WPA_PTK entering state DISCONNECTED
> WPA: 00:26:4a:e8:a5:91 WPA_PTK entering state INITIALIZE
> wlan0: STA 00:26:4a:e8:a5:91 IEEE 802.1X: unauthorizing port
> wlan0: STA 00:26:4a:e8:a5:91 IEEE 802.11: deauthenticated due to local
> deauth request
> wlan0: STA 00:26:4a:e8:a5:91 WPA: strict rekeying - force GTK rekey
> since STA is leaving
> wlan0: WPA rekeying GTK
> WPA: group state machine entering state SETKEYS (VLAN-ID 0)
> GMK - hexdump(len=32): [REMOVED]
> GTK - hexdump(len=32): [REMOVED]
> wpa_group_setkeys: GKeyDoneStations=0
> WPA: group state machine entering state SETKEYSDONE (VLAN-ID 0)
> Data/PS-poll frame from not associated STA 00:26:4a:e8:a5:91
> MGMT (TX callback) ACK
> unknown vendor specific information element ignored (vendor OUI 00:10:18 len=9)
> STA 00:26:4a:e8:a5:91 sent probe request for our SSID
> MGMT (TX callback) ACK
> mgmt::proberesp cb
> MGMT
> mgmt::deauth
> deauthentication: STA=00:26:4a:e8:a5:91 reason_code=3
> Station 00:26:4a:e8:a5:91 trying to deauthenticate, but it is not authenticated
> ...
> ..(re-initialization then completes later without a problem)
> ===
>
> I have tried numerous different settings, and I would like to avoid
> hacking anything to work that will eventually break something else.
> I have set EAPOL to version 1 and made all timeouts rather long
> with no effect. ?After 15-30 minutes, the experience repeats with
> a lost connection in between the successful negotiations. ?The
> current hostapd.conf file is attached.
>
> Any advice on the correct way to change the above experience
> so that the renegotiation can work would be appreciated.
>
> thx in advance,
> Scott
>

More information about the Hostap mailing list