WPA+EAP-PEAP+MSCHAPv2 Problem
Greg Baker
gbaker
Wed Feb 9 11:25:14 PST 2005
Sorry to reply to my own post, but I wanted to add something..
I ran a packet dump on another wireless computer and realized that when doing
the TLS handshake, the PEAP version is actually switched to version 0. I
changed the phase1 line in my config file to use peapver=0, but it still dies
after it sends the TLS handshake.
Actually, it's almost as if it doesn't even wait for the AP to reply, it
almost instantly begins the entire process over again.
Thanks,
Greg
On February 9, 2005 03:23 pm, Greg Baker wrote:
> Hi guys, this is my first post to this list. Apologies if this is a known
> issue..
>
> I'm trying to connect to the wireless network at my school and am having
> problems. It connects fine in Windows, but not Linux.
>
> I'm not sure what is relevant for help, so I'll post the output from
> wpa_supplicant:
>
> -------
> [root at nimba greg]# wpa_supplicant -dw -c /etc/wpa_supplicant.conf -i ath0
> -D madwifi
> Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
> Reading configuration file '/etc/wpa_supplicant.conf'
> ctrl_interface='/var/run/wpa_supplicant'
> ctrl_interface_group=0
> eapol_version=1
> ap_scan=1
> Priority group 0
> id=0 ssid='stu'
> EAPOL: SUPP_PAE entering state DISCONNECTED
> EAPOL: KEY_RX entering state NO_KEY_RECEIVE
> EAPOL: SUPP_BE entering state INITIALIZE
> EAP: EAP entering state DISABLED
> EAPOL: External notification - portEnabled=0
> EAPOL: External notification - portValid=0
> wpa_driver_madwifi_set_wpa: enabled=1
> wpa_driver_madwifi_del_key: keyidx=0
> wpa_driver_madwifi_del_key: keyidx=1
> wpa_driver_madwifi_del_key: keyidx=2
> wpa_driver_madwifi_del_key: keyidx=3
> wpa_driver_madwifi_set_countermeasures: enabled=0
> wpa_driver_madwifi_set_drop_unencrypted: enabled=1
> Setting scan request: 0 sec 100000 usec
> l2_packet_receive - recv: Network is down
> Starting AP scan (specific SSID)
> Scan SSID - hexdump_ascii(len=3):
> 73 74 75 stu
> RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
> RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
> Wireless event: cmd=0x8b1a len=15
> Wireless event: cmd=0x8b19 len=12
> Received 538 bytes of scan results (2 BSSes)
> Scan results: 2
> Selecting BSS from priority group 0
> 0: 00:11:92:49:54:20 ssid='stu' wpa_ie_len=26 rsn_ie_len=0
> selected
> Trying to associate with 00:11:92:49:54:20 (SSID='stu' freq=2412 MHz)
> Cancelling scan request
> WPA: using IEEE 802.11i/D3.0
> WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01
> 00 00 50 f2 02 01 00 00 50 f2 01
> wpa_driver_madwifi_del_key: keyidx=0
> wpa_driver_madwifi_del_key: keyidx=1
> wpa_driver_madwifi_del_key: keyidx=2
> wpa_driver_madwifi_del_key: keyidx=3
> wpa_driver_madwifi_del_key: keyidx=0
> wpa_driver_madwifi_set_drop_unencrypted: enabled=1
> wpa_driver_madwifi_associate
> Setting authentication timeout: 5 sec 0 usec
> EAPOL: External notification - portControl=Auto
> Wireless event: cmd=0x8b1a len=15
> Wireless event: cmd=0x8b15 len=20
> Wireless event: new AP: 00:11:92:49:54:20
> Association event - clear replay counter
> Associated to a new BSS: BSSID=00:11:92:49:54:20
> wpa_driver_madwifi_del_key: keyidx=0
> wpa_driver_madwifi_del_key: keyidx=1
> wpa_driver_madwifi_del_key: keyidx=2
> wpa_driver_madwifi_del_key: keyidx=3
> wpa_driver_madwifi_del_key: keyidx=0
> EAPOL: External notification - portValid=0
> EAPOL: External notification - portEnabled=1
> EAPOL: SUPP_PAE entering state CONNECTING
> EAPOL: txStart
> EAPOL: SUPP_BE entering state IDLE
> EAP: EAP entering state INITIALIZE
> EAP: EAP entering state IDLE
> Setting authentication timeout: 10 sec 0 usec
> RX EAPOL from 00:11:92:49:54:20
> Setting authentication timeout: 70 sec 0 usec
> EAPOL: Received EAP-Packet frame
> EAPOL: SUPP_PAE entering state RESTART
> EAP: EAP entering state INITIALIZE
> EAP: EAP entering state IDLE
> EAPOL: SUPP_PAE entering state AUTHENTICATING
> EAPOL: SUPP_BE entering state REQUEST
> EAPOL: getSuppRsp
> EAP: EAP entering state RECEIVED
> EAP: Received EAP-Request method=1 id=1
> EAP: EAP entering state IDENTITY
> EAP: EAP-Request Identity data - hexdump_ascii(len=0):
> EAP: using real identity - hexdump_ascii(len=6):
> 67 62 61 6b 65 72 gbaker
> EAP: EAP entering state SEND_RESPONSE
> EAP: EAP entering state IDLE
> EAPOL: SUPP_BE entering state RESPONSE
> EAPOL: txSuppRsp
> EAPOL: SUPP_BE entering state RECEIVE
> WPA: EAPOL frame too short, len 50, expecting at least 99
> RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
> RX EAPOL from 00:11:92:49:54:20
> EAPOL: Received EAP-Packet frame
> EAPOL: SUPP_BE entering state REQUEST
> EAPOL: getSuppRsp
> EAP: EAP entering state RECEIVED
> EAP: Received EAP-Request method=1 id=2
> EAP: EAP entering state IDENTITY
> EAP: EAP-Request Identity data - hexdump_ascii(len=0):
> EAP: using real identity - hexdump_ascii(len=6):
> 67 62 61 6b 65 72 gbaker
> EAP: EAP entering state SEND_RESPONSE
> EAP: EAP entering state IDLE
> EAPOL: SUPP_BE entering state RESPONSE
> EAPOL: txSuppRsp
> EAPOL: SUPP_BE entering state RECEIVE
> WPA: EAPOL frame too short, len 50, expecting at least 99
> RX EAPOL from 00:11:92:49:54:20
> EAPOL: Received EAP-Packet frame
> EAPOL: SUPP_BE entering state REQUEST
> EAPOL: getSuppRsp
> EAP: EAP entering state RECEIVED
> EAP: Received EAP-Request method=17 id=118
> EAP: EAP entering state GET_METHOD
> EAP: Building EAP-Nak (requested type 17 not allowed)
> EAP: allowed methods - hexdump(len=1): 19
> EAP: EAP entering state SEND_RESPONSE
> EAP: EAP entering state IDLE
> EAPOL: SUPP_BE entering state RESPONSE
> EAPOL: txSuppRsp
> EAPOL: SUPP_BE entering state RECEIVE
> WPA: EAPOL frame too short, len 50, expecting at least 99
> RX EAPOL from 00:11:92:49:54:20
> EAPOL: Received EAP-Packet frame
> EAPOL: SUPP_BE entering state REQUEST
> EAPOL: getSuppRsp
> EAP: EAP entering state RECEIVED
> EAP: Received EAP-Request method=25 id=119
> EAP: EAP entering state GET_METHOD
> EAP-PEAP: Forced PEAP version 1
> EAP-PEAP: Phase2 type: MSCHAPV2
> EAP: EAP entering state METHOD
> EAP-PEAP: Received packet(len=6) - Flags 0x21
> EAP-PEAP: Start (server ver=1, own ver=1)
> EAP-PEAP: Using PEAP version 1
> SSL: (where=0x10 ret=0x1)
> SSL: (where=0x1001 ret=0x1)
> SSL: SSL_connect:before/connect initialization
> SSL: (where=0x1001 ret=0x1)
> SSL: SSL_connect:SSLv3 write client hello A
> SSL: (where=0x1002 ret=0xffffffff)
> SSL: SSL_connect:error in SSLv3 read server hello A
> SSL: SSL_connect - want more data
> SSL: 102 bytes left to be sent out (of total 102 bytes)
> EAP: EAP entering state SEND_RESPONSE
> EAP: EAP entering state IDLE
> EAPOL: SUPP_BE entering state RESPONSE
> EAPOL: txSuppRsp
> EAPOL: SUPP_BE entering state RECEIVE
> WPA: EAPOL frame too short, len 50, expecting at least 99
> Wireless event: cmd=0x8b15 len=20
> Wireless event: new AP: 00:00:00:00:00:00
> Setting scan request: 0 sec 100000 usec
> EAPOL: External notification - portEnabled=0
> EAPOL: SUPP_PAE entering state DISCONNECTED
> EAPOL: SUPP_BE entering state INITIALIZE
> EAP: EAP entering state DISABLED
> EAPOL: External notification - portValid=0
> Disconnect event - remove keys
> wpa_driver_madwifi_del_key: keyidx=0
> wpa_driver_madwifi_del_key: keyidx=1
> wpa_driver_madwifi_del_key: keyidx=2
> wpa_driver_madwifi_del_key: keyidx=3
> wpa_driver_madwifi_del_key: keyidx=0
> RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
> Starting AP scan (broadcast SSID)
> Wireless event: cmd=0x8b1a len=12
> Wireless event: cmd=0x8b19 len=12
> Received 392 bytes of scan results (2 BSSes)
> Scan results: 2
> Selecting BSS from priority group 0
> 0: 00:11:92:49:54:20 ssid='' wpa_ie_len=0 rsn_ie_len=0
> skip - no WPA/RSN IE
> 1: 00:11:92:49:5d:00 ssid='' wpa_ie_len=0 rsn_ie_len=0
> skip - no WPA/RSN IE
> No suitable AP found.
> Setting scan request: 5 sec 0 usec
> Starting AP scan (specific SSID)
> Scan SSID - hexdump_ascii(len=3):
> 73 74 75 stu
> Wireless event: cmd=0x8b1a len=15
> Wireless event: cmd=0x8b19 len=12
> Received 465 bytes of scan results (2 BSSes)
> Scan results: 2
> Selecting BSS from priority group 0
> 0: 00:11:92:49:54:20 ssid='stu' wpa_ie_len=26 rsn_ie_len=0
> selected
> Trying to associate with 00:11:92:49:54:20 (SSID='stu' freq=2412 MHz)
> Cancelling scan request
> WPA: using IEEE 802.11i/D3.0
> WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01
> 00 00 50 f2 02 01 00 00 50 f2 01
> wpa_driver_madwifi_del_key: keyidx=0
> wpa_driver_madwifi_del_key: keyidx=1
> wpa_driver_madwifi_del_key: keyidx=2
> wpa_driver_madwifi_del_key: keyidx=3
> wpa_driver_madwifi_del_key: keyidx=0
> wpa_driver_madwifi_set_drop_unencrypted: enabled=1
> wpa_driver_madwifi_associate
> Setting authentication timeout: 5 sec 0 usec
> EAPOL: External notification - portControl=Auto
> Wireless event: cmd=0x8b1a len=15
> Wireless event: cmd=0x8b15 len=20
> Wireless event: new AP: 00:11:92:49:54:20
> Association event - clear replay counter
> Associated to a new BSS: BSSID=00:11:92:49:54:20
> wpa_driver_madwifi_del_key: keyidx=0
> wpa_driver_madwifi_del_key: keyidx=1
> wpa_driver_madwifi_del_key: keyidx=2
> wpa_driver_madwifi_del_key: keyidx=3
> wpa_driver_madwifi_del_key: keyidx=0
> EAPOL: External notification - portValid=0
> EAPOL: External notification - portEnabled=1
> EAPOL: SUPP_PAE entering state CONNECTING
> EAPOL: txStart
> EAPOL: SUPP_BE entering state IDLE
> EAP: EAP entering state INITIALIZE
> EAP: EAP entering state IDLE
> Setting authentication timeout: 10 sec 0 usec
> RX EAPOL from 00:11:92:49:54:20
> Setting authentication timeout: 70 sec 0 usec
> EAPOL: Received EAP-Packet frame
> EAPOL: SUPP_PAE entering state RESTART
> EAP: EAP entering state INITIALIZE
> EAP: EAP entering state IDLE
> EAPOL: SUPP_PAE entering state AUTHENTICATING
> EAPOL: SUPP_BE entering state REQUEST
> EAPOL: getSuppRsp
> EAP: EAP entering state RECEIVED
> EAP: Received EAP-Request method=1 id=1
> EAP: EAP entering state IDENTITY
> EAP: EAP-Request Identity data - hexdump_ascii(len=0):
> EAP: using real identity - hexdump_ascii(len=6):
> 67 62 61 6b 65 72 gbaker
> EAP: EAP entering state SEND_RESPONSE
> EAP: EAP entering state IDLE
> EAPOL: SUPP_BE entering state RESPONSE
> EAPOL: txSuppRsp
> EAPOL: SUPP_BE entering state RECEIVE
> WPA: EAPOL frame too short, len 50, expecting at least 99
> RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
> RX EAPOL from 00:11:92:49:54:20
> EAPOL: Received EAP-Packet frame
> EAPOL: SUPP_BE entering state REQUEST
> EAPOL: getSuppRsp
> EAP: EAP entering state RECEIVED
> EAP: Received EAP-Request method=1 id=2
> EAP: EAP entering state IDENTITY
> EAP: EAP-Request Identity data - hexdump_ascii(len=0):
> EAP: using real identity - hexdump_ascii(len=6):
> 67 62 61 6b 65 72 gbaker
> EAP: EAP entering state SEND_RESPONSE
> EAP: EAP entering state IDLE
> EAPOL: SUPP_BE entering state RESPONSE
> EAPOL: txSuppRsp
> EAPOL: SUPP_BE entering state RECEIVE
> WPA: EAPOL frame too short, len 50, expecting at least 99
> RX EAPOL from 00:11:92:49:54:20
> EAPOL: Received EAP-Packet frame
> EAPOL: SUPP_BE entering state REQUEST
> EAPOL: getSuppRsp
> EAP: EAP entering state RECEIVED
> EAP: Received EAP-Request method=17 id=131
> EAP: EAP entering state GET_METHOD
> EAP: Building EAP-Nak (requested type 17 not allowed)
> EAP: allowed methods - hexdump(len=1): 19
> EAP: EAP entering state SEND_RESPONSE
> EAP: EAP entering state IDLE
> EAPOL: SUPP_BE entering state RESPONSE
> EAPOL: txSuppRsp
> EAPOL: SUPP_BE entering state RECEIVE
> WPA: EAPOL frame too short, len 50, expecting at least 99
> RX EAPOL from 00:11:92:49:54:20
> EAPOL: Received EAP-Packet frame
> EAPOL: SUPP_BE entering state REQUEST
> EAPOL: getSuppRsp
> EAP: EAP entering state RECEIVED
> EAP: Received EAP-Request method=25 id=132
> EAP: EAP entering state GET_METHOD
> EAP-PEAP: Forced PEAP version 1
> EAP-PEAP: Phase2 type: MSCHAPV2
> EAP: EAP entering state METHOD
> EAP-PEAP: Received packet(len=6) - Flags 0x21
> EAP-PEAP: Start (server ver=1, own ver=1)
> EAP-PEAP: Using PEAP version 1
> SSL: (where=0x10 ret=0x1)
> SSL: (where=0x1001 ret=0x1)
> SSL: SSL_connect:before/connect initialization
> SSL: (where=0x1001 ret=0x1)
> SSL: SSL_connect:SSLv3 write client hello A
> SSL: (where=0x1002 ret=0xffffffff)
> SSL: SSL_connect:error in SSLv3 read server hello A
> SSL: SSL_connect - want more data
> SSL: 102 bytes left to be sent out (of total 102 bytes)
> EAP: EAP entering state SEND_RESPONSE
> EAP: EAP entering state IDLE
> EAPOL: SUPP_BE entering state RESPONSE
> EAPOL: txSuppRsp
> EAPOL: SUPP_BE entering state RECEIVE
> WPA: EAPOL frame too short, len 50, expecting at least 99
> Signal 2 received - terminating
> wpa_driver_madwifi_deauthenticate
> wpa_driver_madwifi_del_key: keyidx=0
> wpa_driver_madwifi_del_key: keyidx=1
> wpa_driver_madwifi_del_key: keyidx=2
> wpa_driver_madwifi_del_key: keyidx=3
> wpa_driver_madwifi_del_key: keyidx=0
> EAPOL: External notification - portEnabled=0
> EAPOL: SUPP_PAE entering state DISCONNECTED
> EAPOL: SUPP_BE entering state INITIALIZE
> EAP: EAP entering state DISABLED
> EAPOL: External notification - portValid=0
> wpa_driver_madwifi_set_wpa: enabled=0
> wpa_driver_madwifi_set_drop_unencrypted: enabled=0
> wpa_driver_madwifi_set_countermeasures: enabled=0
>
>
> ...and so on ad infinitum..
>
> Most of this is gibberish to me..... So hopefully someone can figure out
> exactly where this is dying..
>
> Here's my wpa_supplicant.conf file:
>
> ctrl_interface=/var/run/wpa_supplicant
> ctrl_interface_group=0
> eapol_version=1 # <-- not sure what this does
> ap_scan=1 # <-- needed to associate with ap
> network={
> ssid="stu"
> scan_ssid=1
> key_mgmt=WPA-EAP
> eap=PEAP
> pairwise=TKIP
> group=TKIP
> identity="gbaker"
> password="........."
> phase1="peapver=1 peaplabel=1"
> phase2="auth=MSCHAPV2"
> }
>
> Now, I've tried changing some of the settings above (like peapver and
> peaplabel) but don't ever get any farther.
>
> One thing I'm not sure about, do I need to have a certificate defined? The
> APs here provide the certificate, and they are not validated.
>
> One last thing, after doing an analysis of packets from both windows and
> linux, here is a summary of what happens
>
> me: EAPOL-Start
> AP: EAP Request ID
> me: EAP Response ID
> AP: EAP Request, EAP-Cisco Wireless (LEAP) [Norman]
> me: EAP Response NAK
> AP: EAP Request PEAP [Palekar]
>
> Here's where it begins to get funky.. Windows and the AP discuss a couple
> of more PEAP things while in linux it goes straight to "TLS Client
> Hello"...
>
> There are two more packets from both windows and the AP here before the TLS
> hello..
>
> Can anyone give me some insight as to what I'm missing??
>
> Thanks, and really sorry about the long post.
> Greg
> _______________________________________________
> HostAP mailing list
> HostAP at shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
More information about the Hostap
mailing list