wpasupplicant and WEP (resend)
Erich Titl
erich.titl
Wed Dec 31 04:01:07 PST 2014
Hi Jouni
Am 30.12.2014 um 15:40 schrieb Jouni Malinen:
> On Tue, Dec 30, 2014 at 02:16:55PM +0100, Erich Titl wrote:
>> When connecting to a WEP based AP I am getting status COMPLETED, so it
>> appears as if the connection was established at the network level, but
>> then dhcpcd sends a broadcast to obtain a lease, this broadcat is then
>> received and replied to by the dhcp server, but looking with tcpdump at
>> the wlan0 interface the reply never reaches the adapter. Using WPA
>> everything works fine.
>
> Are you sure you have the correct WEP key set on the devices? WEP allows
> the connection to be completed with Open System authentication algorithm
> even if the keys do not match. This results in a state where state is
> COMPLETED, but no Data frames get through.
I am pretty confident. I am not specifying the auth_alg thoug.
Retrying with the following network definition
network={
ssid="scoobly"
key_mgmt=NONE
auth_alg=OPEN
wep_key0="12345"
wep_tx_keyidx=0
}
<3>CTRL-EVENT-SCAN-RESULTS
reconfigure
> OK
<3>CTRL-EVENT-SCAN-RESULTS
<3>Trying to associate with f8:1a:67:56:42:96 (SSID='scoobly' freq=2427 MHz)
<3>Association request to the driver failed
<3>Associated with f8:1a:67:56:42:96
<3>CTRL-EVENT-CONNECTED - Connection to f8:1a:67:56:42:96 completed
[id=0 id_str=]
list_networks
> network id / ssid / bssid / flags
0 scoobly any [CURRENT]
> status
bssid=f8:1a:67:56:42:96
ssid=scoobly
id=0
mode=station
pairwise_cipher=WEP-40
group_cipher=WEP-40
key_mgmt=NONE
wpa_state=COMPLETED
address=00:1a:2b:5f:61:11
AP# dhcpcd wlan0
dhcpcd[29375]: version 5.2.11 starting
dhcpcd[29375]: wlan0: rebinding lease of 194.124.158.79
dhcpcd[29375]: wlan0: broadcasting for a lease
dhcpcd[29375]: timed out
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
This is from the WPA client
AP# tcpdump -i wlan0
tcpdump: WARNING: wlan0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on wlan0, link-type EN10MB (Ethernet), capture size 65535 bytes
14:54:42.351855 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP,
Request from 00:1a:2b:5f:61:11 (oui Unknown), length 320
14:54:46.576887 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP,
Request from 00:1a:2b:5f:61:11 (oui Unknown), length 320
14:54:52.359379 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP,
Request from 00:1a:2b:5f:61:11 (oui Unknown), length 314
14:54:56.277075 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP,
Request from 00:1a:2b:5f:61:11 (oui Unknown), length 314
14:55:04.783487 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP,
Request from 00:1a:2b:5f:61:11 (oui Unknown), length 314
>>>>>>>>>>>>>>>>>>>>>>>>>>
This is from the dhcp server
bash-4.2# tcpdump -i eth0 port 68
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
15:54:42.389180 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP,
Request from 00:1a:2b:5f:61:11 (oui Unknown), length 320
15:54:42.474265 IP luna.think.ch.bootps > 194.124.158.79.bootpc:
BOOTP/DHCP, Reply, length 300
15:54:46.612359 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP,
Request from 00:1a:2b:5f:61:11 (oui Unknown), length 320
15:54:46.711028 IP luna.think.ch.bootps > 194.124.158.79.bootpc:
BOOTP/DHCP, Reply, length 300
15:54:52.397833 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP,
Request from 00:1a:2b:5f:61:11 (oui Unknown), length 314
15:54:52.398610 IP luna.think.ch.bootps > 194.124.158.79.bootpc:
BOOTP/DHCP, Reply, length 300
15:54:56.312470 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP,
Request from 00:1a:2b:5f:61:11 (oui Unknown), length 314
15:54:56.313635 IP luna.think.ch.bootps > 194.124.158.79.bootpc:
BOOTP/DHCP, Reply, length 300
15:55:04.818982 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP,
Request from 00:1a:2b:5f:61:11 (oui Unknown), length 314
15:55:04.819765 IP luna.think.ch.bootps > 194.124.158.79.bootpc:
BOOTP/DHCP, Reply, length 300
So it appears that the reply packets are not reaching the wlan interface.
The wpa status is
AP# wpa_cli status
Selected interface 'wlan0'
bssid=f8:1a:67:56:42:96
ssid=scoobly
id=0
mode=station
pairwise_cipher=WEP-40
group_cipher=WEP-40
key_mgmt=NONE
wpa_state=COMPLETED
address=00:1a:2b:5f:61:11
Switching auth_alg to SHARED on both ends will not connect at all
network={
ssid="scoobly"
key_mgmt=NONE
auth_alg=SHARED
wep_key0="12345"
wep_tx_keyidx=0
}
> reconfigure
OK
<3>CTRL-EVENT-SCAN-RESULTS
<3>Trying to associate with f8:1a:67:56:42:96 (SSID='scoobly' freq=2427 MHz)
<3>Association request to the driver failed
<3>Authentication with f8:1a:67:56:42:96 timed out.
<3>CTRL-EVENT-DISCONNECTED bssid=f8:1a:67:56:42:96 reason=3
locally_generated=1
<3>CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="scoobly" auth_failures=1
duration=10 reason=CONN_FAILED
<3>CTRL-EVENT-SCAN-RESULTS
<3>CTRL-EVENT-SCAN-RESULTS
<3>CTRL-EVENT-SCAN-RESULTS
<3>CTRL-EVENT-SSID-REENABLED id=0 ssid="scoobly"
<3>Trying to associate with f8:1a:67:56:42:96 (SSID='scoobly' freq=2427 MHz)
<3>Association request to the driver failed
<3>Authentication with f8:1a:67:56:42:96 timed out.
<3>CTRL-EVENT-DISCONNECTED bssid=f8:1a:67:56:42:96 reason=3
locally_generated=1
<3>CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="scoobly" auth_failures=2
duration=20 reason=CONN_FAILED
<3>CTRL-EVENT-SCAN-RESULTS
AP# wpa_cli scan_results
Selected interface 'wlan0'
bssid / frequency / signal level / flags / ssid
f8:1a:67:56:42:96 2427 -71 [WEP][ESS] scoobly
00:0b:6b:36:bc:c9 2412 -74 [WPA2-EAP+PSK-CCMP][ESS] SALT
00:24:c9:6e:ea:d0 2437 -78
[WPA-PSK-CCMP+TKIP][WPA2-PSK-CCMP+TKIP][ESS] mpr-90887
dc:71:44:ae:fd:89 2437 -72 [WPA2-EAP-CCMP][ESS] UPC Wi-Free
dc:71:44:ae:fd:88 2437 -70 [WPA2-PSK-CCMP+TKIP][ESS]
UPC248834387
8e:04:ff:02:0e:80 2462 -82 [WPA2-EAP-CCMP+TKIP][ESS]
UPC Wi-Free
>>>>>>>>>>>>>>>>
So Shared Key Authentication fails completely, while Open System gets to
somewhere but apparently it never gets a lease.
Using my Android Phone will get me through without problems on either
WEP or WPA-PSK
Thanks
Erich
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1908 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.shmoo.com/pipermail/hostap/attachments/20141231/ab0a42a3/attachment.bin>
More information about the Hostap
mailing list