Interworking and its creds

Dr. Ajay N. Khosla drkhosla
Fri Aug 17 19:18:00 PDT 2012 

I have created two interworking and HS2.0 ssid TEST-Open (with out any key) and TEST-80211u (with WPA2-Enterprise). The hostapd.conf contain following parameter 

++++++++++++++++++++++++++++++++++++ 

interworking=1 
hs20=1 
access_network_type=2 
internet=1 
asra=1 
esr=0 
uesa=0 
venue_group=2 
venue_type=0 
roaming_consortium=2233445566 
venue_name=eng:Vile Parle East 
domain_name=example.com 
++++++++++++++++++++++++++++++++++++ 

I created configuration file wpa_supplicant.conf 

++++++++++++++++++++++++++++++++++++ 

ctrl_interface=/var/run/wpa_supplicant 
ctrl_interface_group=wheel 
update_config=1 
hs20=1 
interworking=1 

cred={ 
realm="example.com" 
username="admin" 
password="secret" 
ca_cert="/etc/wpa_supplicant/ca.pem" 
domain="example.com" 
eap=TTLS 
roaming_consortium="2233445566" 
phase2="auth=MSCHAPV2" 
} 

network={ 
ssid="TEST-Open" 
key_mgmt=NONE 
auth_alg=OPEN 
} 
++++++++++++++++++++++++++++++++++++ 

I run wpa_supplicant with following command 

/usr/local/sbin/wpa_supplicant -Dnl80211 -iwlan0 -ddt -c /etc/wpa_supplicant/wpa_supplicant.conf -O /var/run/wpa_supplicant -P /var/run/wpa_spplicant.pid 

( Whenever I use -u it never read wpa_supplicant.conf file it just connect to dbus for networks) 

As soon as I give above command it connect to TEST-Open with out any problem. 

Its status is 

> status 
bssid=02:27:22:e5:a0:2a 
ssid=TEST-Open 
id=0 
mode=station 
pairwise_cipher=NONE 
group_cipher=NONE 
key_mgmt=NONE 
wpa_state=COMPLETED 
address=00:1b:77:7f:44:f4 
hs20=1 
> 

fetch_anqp show 

> fetch_anqp 
OK 
<3>Starting ANQP fetch for 02:27:22:e5:a0:2a 
<3>RX-ANQP 02:27:22:e5:a0:2a ANQP Capability list 
<3>RX-ANQP 02:27:22:e5:a0:2a Venue Name 
<3>RX-ANQP 02:27:22:e5:a0:2a Roaming Consortium list 
<3>RX-ANQP 02:27:22:e5:a0:2a Domain Name list 
<3>RX-HS20-ANQP 02:27:22:e5:a0:2a HS Capability List 
<3>ANQP fetch completed 

interworking_select show 

> interworking_select 
OK 
<3>Starting ANQP fetch for 02:27:22:e5:a0:2b 
<3>Starting ANQP fetch for 02:27:22:e5:a0:2a 
<3>RX-ANQP 02:27:22:e5:a0:2a ANQP Capability list 
<3>RX-ANQP 02:27:22:e5:a0:2a Venue Name 
<3>RX-ANQP 02:27:22:e5:a0:2a Roaming Consortium list 
<3>RX-ANQP 02:27:22:e5:a0:2a Domain Name list 
<3>RX-HS20-ANQP 02:27:22:e5:a0:2a HS Capability List 
<3>ANQP fetch completed 
<3>CTRL-EVENT-DISCONNECTED bssid=02:27:22:e5:a0:2a reason=3 locally_generated=1 
<3>CTRL-EVENT-SCAN-RESULTS 
<3>SME: Trying to authenticate with 02:27:22:e5:a0:2a (SSID='TEST-Open' freq=2437 MHz) 
<3>Trying to associate with 02:27:22:e5:a0:2a (SSID='TEST-Open' freq=2437 MHz) 
<3>Associated with 02:27:22:e5:a0:2a 
<3>CTRL-EVENT-CONNECTED - Connection to 02:27:22:e5:a0:2a completed (reauth) [id=0 id_str=] 
> 

The first one 02:27:22:e5:a0:2b is TEST-80211u and other 02:27:22:e5:a0:2a is TEST-Open to which I are connected. After interworking_select command it always disconnect and reconnected to connected SSID. 

Interworking credentials are from wpa_supplicant.conf 

> list_creds 
cred id / realm / username / domain / imsi 
0 example.com admin example.com 
> 

Now I wanted to connect ie. interworking_connect to TEST-80211u (WPA2-Enterprise) using above mention cred. When I give command 

> interworking_connect 02:27:22:e5:a0:2b 
FAIL 
>

It fails and give debug output as give below
 
1345275655.290046: RX ctrl_iface - hexdump_ascii(len=38):
     49 4e 54 45 52 57 4f 52 4b 49 4e 47 5f 43 4f 4e   INTERWORKING_CON
     4e 45 43 54 20 30 32 3a 32 37 3a 32 32 3a 65 35   NECT 02:27:22:e5
     3a 61 30 3a 32 62                                 :a0:2b          
1345275655.290149: Interworking: Could not parse NAI Realm list from 02:27:22:e5:a0:2b
1345275655.290163: Interworking: No matching credentials and EAP method found for 02:27:22:e5:a0:2b

When I connect to TEST-80211u and issue a same command then it is also fail 

> list_creds 
cred id / realm / username / domain / imsi 
0 example.com admin example.com 
> interworking_select 
OK 
<3>Starting ANQP fetch for 02:27:22:e5:a0:2b 
<3>RX-ANQP 02:27:22:e5:a0:2b ANQP Capability list 
<3>RX-ANQP 02:27:22:e5:a0:2b Venue Name 
<3>RX-ANQP 02:27:22:e5:a0:2b Roaming Consortium list 
<3>RX-ANQP 02:27:22:e5:a0:2b Domain Name list 
<3>RX-HS20-ANQP 02:27:22:e5:a0:2b HS Capability List 
<3>Starting ANQP fetch for 02:27:22:e5:a0:2a 
<3>ANQP fetch completed 
<3>CTRL-EVENT-DISCONNECTED bssid=02:27:22:e5:a0:2b reason=3 locally_generated=1 
<3>CTRL-EVENT-SCAN-RESULTS 
<3>SME: Trying to authenticate with 02:27:22:e5:a0:2b (SSID='TEST-80211u' freq=2437 MHz) 
<3>Trying to associate with 02:27:22:e5:a0:2b (SSID='TEST-80211u' freq=2437 MHz) 
<3>Associated with 02:27:22:e5:a0:2b 
<3>WPA: Key negotiation completed with 02:27:22:e5:a0:2b [PTK=CCMP GTK=CCMP] 
<3>CTRL-EVENT-CONNECTED - Connection to 02:27:22:e5:a0:2b completed (reauth) [id=2 id_str=] 
> interworking_connect 02:27:22:e5:a0:2b 
FAIL 
> 
It again fail and the Debug message show 

1345275010.946665: RX ctrl_iface - hexdump_ascii(len=38): 
49 4e 54 45 52 57 4f 52 4b 49 4e 47 5f 43 4f 4e INTERWORKING_CON 
4e 45 43 54 20 30 32 3a 32 37 3a 32 32 3a 65 35 NECT 02:27:22:e5 
3a 61 30 3a 32 62 :a0:2b 
1345275010.946745: Interworking: Could not parse NAI Realm list from 02:27:22:e5:a0:2b 
1345275010.946758: Interworking: No matching credentials and EAP method found for 02:27:22:e5:a0:2b 

Either I lack something in setting up creds or things are not working. 

Dr. Ajay N. Khosla

More information about the Hostap mailing list