How to specify wildcard ssid in wpa_supplicant.conf ?

M. Ranganathan mranga at gmail.com
Sun Sep 15 16:10:58 PDT 2019


Hello,

I am trying to set up a scenario whereby a client tries automatically
authenticate with an access point without apriori knowledge of the
SSID. The idea is that the client will detect the access point
(without knowing its SSID apriori) and use certificate based EAP
(EAP-TLS) to authenticate.

I have the following configuration (notice that there is no ssid --
this all works fine if I specify the ssid ).

wpa_supplicant.conf

ctrl_interface=/var/run/wpa_supplicant
eapol_version=2
network={
   key_mgmt=WPA-EAP
   identity="mranga at nist.gov"
   eap=TLS
   scan_ssid=1
   ca_cert="/home/mranga/mininet-wifi/examples/eap-tls/CA/ca.crt"
   client_cert="/home/mranga/mininet-wifi/examples/eap-tls/CA/client.crt"
   private_key="/home/mranga/mininet-wifi/examples/eap-tls/CA/client.key"
}

hostapd.conf is as follows:

interface=ap1-wlan1
driver=nl80211
ssid=simplewifi
wds_sta=1
hw_mode=g
channel=1
ap_isolate=1
eap_server=1
ieee8021x=1
wpa=2
eap_message=howdy
eapol_version=2
wpa_key_mgmt=WPA-EAP
logger_syslog=-1
logger_syslog_level=0
ca_cert=/home/mranga/mininet-wifi/examples/eap-tls/CA/ca.crt
server_cert=/home/mranga/mininet-wifi/examples/eap-tls/CA/server.crt
private_key=/home/mranga/mininet-wifi/examples/eap-tls/CA/server.key
eap_user_file=/home/mranga/mininet-wifi/examples/eap-tls/eap_users
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0

I can see from the debug log of wpa_supplicant that the broadcast of
the station is seen. But it is skipped :

ta1-wlan0: BSS: Add new id 0 BSSID 02:00:00:00:02:00 SSID 'simplewifi' freq 2412
BSS: last_scan_res_used=1/32
sta1-wlan0: New scan results available (own=1 ext=0)
sta1-wlan0: Radio work 'scan'@0x20a6ca0 done in 3.529241 seconds
sta1-wlan0: radio_work_free('scan'@0x20a6ca0): num_active_works --> 0
sta1-wlan0: Selecting BSS from priority group 0
sta1-wlan0: 0: 02:00:00:00:02:00 ssid='simplewifi' wpa_ie_len=0
rsn_ie_len=20 caps=0x411 level=-36 freq=2412
sta1-wlan0:    skip - SSID mismatch

Is there a way of specifying "wildcard SSID" in wpasupplicant.conf?


/var/log/syslog | grep hostapd shows the following:

Sep 15 18:58:32 mininet-wifi hostapd: ap1-wlan1: STA 02:00:00:00:01:00
IEEE 802.1X: Sending EAP Packet (identifier 122)
Sep 15 18:58:32 mininet-wifi hostapd: ap1-wlan1: STA 02:00:00:00:01:00
WPA: sending 1/4 msg of 4-Way Handshake
Sep 15 18:58:32 mininet-wifi hostapd: ap1-wlan1: STA 02:00:00:00:01:00
WPA: received EAPOL-Key frame (2/4 Pairwise)
Sep 15 18:58:32 mininet-wifi hostapd: ap1-wlan1: STA 02:00:00:00:01:00
WPA: sending 3/4 msg of 4-Way Handshake
Sep 15 18:58:32 mininet-wifi hostapd: ap1-wlan1: STA 02:00:00:00:01:00
WPA: received EAPOL-Key frame (4/4 Pairwise)
Sep 15 18:58:32 mininet-wifi hostapd: ap1-wlan1: STA 02:00:00:00:01:00
WPA: pairwise key handshake completed (RSN)
Sep 15 18:58:32 mininet-wifi hostapd: ap1-wlan1: STA 02:00:00:00:01:00
IEEE 802.1X: authorizing port
Sep 15 18:58:32 mininet-wifi hostapd: ap1-wlan1: STA 02:00:00:00:01:00
RADIUS: starting accounting session 5AB7B18789CD42DF
Sep 15 18:58:32 mininet-wifi hostapd: ap1-wlan1: STA 02:00:00:00:01:00
IEEE 802.1X: authenticated - EAP type: 0 (unknown)
Sep 15 18:58:32 mininet-wifi hostapd: ap1-wlan1: STA 02:00:00:00:01:00
WPA: Added PMKSA cache entry (IEEE 802.1X)
Sep 15 18:58:39 mininet-wifi hostapd: ap1-wlan1: STA 02:00:00:00:00:00
WPA: event 3 notification
Sep 15 18:58:39 mininet-wifi hostapd: ap1-wlan1: STA 02:00:00:00:00:00
IEEE 802.11: deauthenticated
Sep 15 18:58:39 mininet-wifi hostapd: ap1-wlan1: STA 02:00:00:00:00:00
MLME: MLME-DEAUTHENTICATE.indication(02:00:00:00:00:00, 3)
Sep 15 18:58:39 mininet-wifi hostapd: ap1-wlan1: STA 02:00:00:00:00:00
MLME: MLME-DELETEKEYS.request(02:00:00:00:00:00)
Sep 15 18:58:39 mininet-wifi hostapd: ap1-wlan1: STA 02:00:00:00:01:00
WPA: event 3 notification
Sep 15 18:58:39 mininet-wifi hostapd: ap1-wlan1: STA 02:00:00:00:01:00
IEEE 802.11: deauthenticated
Sep 15 18:58:39 mininet-wifi hostapd: ap1-wlan1: STA 02:00:00:00:01:00
MLME: MLME-DEAUTHENTICATE.indication(02:00:00:00:01:00, 3)
Sep 15 18:58:39 mininet-wifi hostapd: ap1-wlan1: STA 02:00:00:00:01:00
MLME: MLME-DELETEKEYS.request(02:00:00:00:01:00)

-- 
M. Ranganathan



More information about the Hostap mailing list