bug 456 [REGRESSION 0.7.3-6 => 1.0-2] WPA-PSK + openmoko: unable to get DHCPACK

Jouni Malinen j
Sat Jun 30 03:01:10 PDT 2012 

On Fri, Jun 29, 2012 at 12:51:34AM +0300, Timo Juhani Lindfors wrote:
> Do the log files that I linked from the bug report help here at all? It
> does show "Scan timeout" in both cases:

Well, they just confirmed that the driver does not seem to indicate when
scan results are available. As such, the timeout within wpa_supplicant
is in full control of the interval between the scan request and
connection request going to the driver.

> 1340920082.987014: RX ctrl_iface - hexdump_ascii(len=9):
>      41 50 5f 53 43 41 4e 20 32                        AP_SCAN 2       
> 1340920083.120842: RX ctrl_iface - hexdump_ascii(len=11):
>      41 44 44 5f 4e 45 54 57 4f 52 4b                  ADD_NETWORK     
> 1340920083.121178: CTRL_IFACE: ADD_NETWORK
> 1340920087.276792: RX ctrl_iface - hexdump_ascii(len=51): [REMOVED]
> 1340920087.277012: CTRL_IFACE: SET_NETWORK id=0 name='ssid'
> 1340920087.277138: CTRL_IFACE: value - hexdump_ascii(len=32): [REMOVED]
> 1340920087.277390: ssid - hexdump_ascii(len=30):
>      53 6f 6e 65 72 61 47 61 74 65 77 61 79 30 30 2d   SoneraGateway00-
>      32 36 2d 34 34 2d 41 31 2d 34 35 2d 41 39         26-44-A1-45-A9  
> 1340920091.436249: RX ctrl_iface - hexdump_ascii(len=30): [REMOVED]
> 1340920091.436472: CTRL_IFACE: SET_NETWORK id=0 name='psk'
> 1340920091.436596: CTRL_IFACE: value - hexdump_ascii(len=12): [REMOVED]
> 1340920091.436635: PSK (ASCII passphrase) - hexdump_ascii(len=10): [REMOVED]
> 1340920091.777050: PSK (from passphrase) - hexdump(len=32): [REMOVED]
> 1340920095.935542: RX ctrl_iface - hexdump_ascii(len=16):
>      45 4e 41 42 4c 45 5f 4e 45 54 57 4f 52 4b 20 30   ENABLE_NETWORK 0

That's not enough for ap_scan 2 mode. You will need to specify the
security policy in full, i.e., set key_mgmt, pairwise, group, and proto
parameters to match with the network you are using. These seemed to be
key_mgmt=WPA-PSK, pairwise=CCMP, group=TKIP, proto=RSN based on the
debug logs with ap_scan 1. This does not match with the wpa_supplicant
defaults:

> 1340920095.937899: wlan: WPA: Selected cipher suites: group 30 pairwise 24 key_mgmt 3 proto 2
> 1340920095.938061: wlan: WPA: clearing AP WPA IE
> 1340920095.938224: wlan: WPA: clearing AP RSN IE
> 1340920095.938381: wlan: WPA: using GTK CCMP
> 1340920095.938525: wlan: WPA: using PTK CCMP
> 1340920095.938669: wlan: WPA: using KEY_MGMT 802.1X

At least the GTK (group) parameter is different, so the driver may
refuse to connect because of this. Setting the group parameter to TKIP
should address that.

-- 
Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list