Problems using WPA with bridged interface
Jouni Malinen
j
Sat Jan 31 08:31:21 PST 2015
On Thu, Jan 29, 2015 at 04:42:36PM +0000, Luke Dashjr wrote:
> With both Debian stable's packaged, as well as the latest from git,
> wpa_supplicant fails if my interface is part of a bridge (even using the -b
> option), but works fine if I remove it from the bridge until authentication
> completes (and then add it back to the bridge). For some reason it isn't
> seeing the EAPOL packets, even though I've confirmed it does l2_packet_init
> for the bridge interface. I've also confirmed tcpdump always sees the EAPOL
> packets on wlan0, even when bridged. Any tips on how to get beyond this?
There is a quite unfortunate regression in the Linux kernel on how
bridging code works with packet sockets. This was broken late 2012 and
even though the issue was identified, it has not been fixed so far.
OpenWrt has a kernel patch that addresses this (*). Since this does not
seem to be going anywhere in upstream kernel, I added a workaround in
wpa_supplicant to make this work again:
http://w1.fi/cgit/hostap/commit/?id=e6dd8196e5daf39e4204ef8ecd26dd50fdca6040
In addition to that, I added a regression test into the hwsim test
framework to try to make sure such a regression won't happen again (or
well, at least gets noticed automatically).
(*)
http://git.openwrt.org/?p=openwrt.git;a=blob_plain;f=target/linux/generic/patches-3.18/120-bridge_allow_receiption_on_disabled_port.patch;h=d80ef18dd3869c5778a84d981e150291d2c64d14;hb=HEAD
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list