FW: PMKSA/PMKID issue(s)

Zimmermann, Christopher Brian Chris cbzimmermann
Fri Jan 21 21:47:12 PST 2005 

Logfile zipped to accommodate posting size limit...

-----Original Message-----
From: Zimmermann, Christopher Brian (Chris) 
Sent: Saturday, January 22, 2005 12:41 AM
To: 'Jouni Malinen'; 'hostap at shmoo.com'
Subject: RE: PMKSA/PMKID issue(s)

Jouni,

I have two APs on the SSID cbz-wpa2-preauth.  I associate to a Gateway
AP / Instant802 Networks, which appears to use hostapd
(00:E0:B8:76:27:16), then I enable the radio on a Broadcom AP
(00:10:18:90:20:78).  

You can see the EAP-SUCCESS, but the PMKID does not get processed via
rsn_preauth_eapol_cb().  Both of these APs come from the Terrawave
WPA2/WMM testbed package.

As per your TODO, I made some modifications to request a scan every 60
seconds, and skip the association related portion of the scan results
function.

The log file is attached.  

Line 940 shows the EAP-Success from the pre-auth AP.

Line 953 says "RSN: added PMKSA cache candidate 00:10:18:90:20:78 prio
1000"  
But I don't get a add_pmkid() call into the driver interface.  And the
timeout gets called, too.

Thanks,
Chris


-----Original Message-----
From: hostap-bounces+cbzimmermann=agere.com at shmoo.com
[mailto:hostap-bounces+cbzimmermann=agere.com at shmoo.com] On Behalf Of
Jouni Malinen
Sent: Friday, January 21, 2005 11:48 PM
To: hostap at shmoo.com
Subject: Re: PMKSA/PMKID issue(s)

On Fri, Jan 21, 2005 at 08:11:01PM -0500, Zimmermann, Christopher Brian
(Chris) wrote:

> My issue is with wpa_supplicant v0.3.4 ported to VxWorks 5.5 on ARM
> 
> I'm having an issue with PMKSA/PMKID due to EAP-Success not being
> properly detected.  The function rsn_preauth_eapol_cb() is never
called.
> It was set as 
> 
> ctx->cb = rsn_preauth_eapol_cb
> 
> in the function rsn_preauth_init() in wpa.c
>   
> According to eapol_sm_step() in eapol_sm.c, the context's "cb"
function
> pointer is to be called when EAP-Success  is received. I see this
> message with Airopeek; I see it processed in wpa_supplicant.  But I
> don't see rsn_preauth_eapol_cb () called.

Have you verified that ctx->cb is set when preauth frames are being
processed? Can you send debug log from a preauth case which processed
EAP-Success but does not add PMKSA to the cache?

> Has anyone had any luck with pre-authentication to a WPA2 capable
Access
> Point?

Yes, works find with both Linux and Windows versions in my tests.

-- 
Jouni Malinen                                            PGP id EFC895FA
_______________________________________________
HostAP mailing list
HostAP at shmoo.com
http://lists.shmoo.com/mailman/listinfo/hostap
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001.zip
Type: application/x-zip-compressed
Size: 15068 bytes
Desc: 0001.zip
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050122/0dfde0f7/attachment.bin

More information about the Hostap mailing list