WPA-PSK/TTLS problem on Marvell 8686...[SOLVED]
Dan Williams
dcbw
Wed Dec 5 07:23:01 PST 2007
On Wed, 2007-12-05 at 10:15 +0000, RAGHAVENDRA SADARAMACHANDRA wrote:
>
> Hi Scott,
>
> Issue solved. Actually in our company primises AP operating in Wi-Fi
> zone should be registered with security. The access point that I was
> using was not registered with the security. Because of my wpa
> supplicant was getting Wireless event: new AP 00:00:00:00:00:00
> message and used to get disconnected immediately.
>
> So final conclusion is Wi-Fi security system was sending that event.
> OK now my WPA-EAP/WPA-PSK all are working. But still I have few
> doubts?
>
> 1. All these security algorithms related to WPA. Whether they are
> implemented in supplicant code or driver or chip?
They are implemented in hardware/firmware on the card, or in the driver
if the card is a softmac-type card.
> I believe few of the encryption techniques must be provided by
> chip/driver..
>
> Can any one tell me which all encryption methods are supported by
> marvell 8686 card?
The 8686 is a fullmac type part, meaning that the WEP, TKIP, and CCMP
encryption algorithms are implemented in firmware (with hardware assist)
on the 8686 itself. The driver does not handle _any_ encryption for the
8686.
> Also I have got OpenSSL: tls_connection_handshake - Failed to read
> possible Application Data error:00000000:lib(0):func(0):reason(0),
If you see a message about "want more data" below that error, that is
probably something you can ignore. SSL operates on _blocks_ of data,
and therefore requires a full block to decrypt. However, because
networks don't guarantee to always send the entire block of data at the
same time, SSL needs to wait sometimes for the rest of the data to show
up. You don't want to block on waiting for that data, because it might
be 10 minutes until it shows up. So that specific OpenSSL call fails,
but returns the error code EAGAIN (or something like that), which tells
the caller (in this case wpa_supplicant) to retry when it wants to. It
may be that wpa_supplicant is unconditionally reporting the error, but
still retries. If that is correct, the error is harmless. I just means
that wpa_supplicant is waiting for more data from the AP before it can
proceed.
Dan
> Is this going to harm anyway? See below log. Any body has idea about
> when this occurs?
>
>
>
> # ./wpa_supplicant -ieth0 -Dmarvell -c./wpa_supplicant.ttls.conf -w
>
> ioctl[SIOCSIWPMKSA]: Invalid argument
>
> Trying to associate with 00:13:46:b6:77:c4 (SSID='dlink' freq=2437
> MHz)
>
> Associated with 00:13:46:b6:77:c4
>
> CTRL-EVENT-EAP-STARTED EAP authentication started
>
> CTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selected
>
> X509_verify_cert: create new chain and
> insert /C=US/ST=Tennessee/L=Brentwood/O=Helava/OU=Engineering/CN=HAI/emailAddress=ohb at cmcast.net.
>
> X509_verify_cert: try to find issuer of x in untrusted stack.
>
> X509_verify_cert: loop (0th) find issuer in untrusted stack =====>
>
> X509_verify_cert: current x
> = /C=US/ST=Tennessee/L=Brentwood/O=Helava/OU=Engineering/CN=HAI/emailAddress=ohb at cmcast.net
>
> X509_verify_cert: depth = 9, chain num = 1
>
> X509_verify_cert: issuer information to find...
>
> X509_verify_cert: * US
>
> X509_verify_cert: * Tennessee
>
> X509_verify_cert: * Brentwood
>
> X509_verify_cert: * Helava
>
> X509_verify_cert: * Engineering
>
> X509_verify_cert: * HAI
>
> X509_verify_cert: * ohb at cmcast.net
>
> X509_verify_cert: x is root cert. break loop.
>
> X509_verify_cert: current chain num = 1.
>
> X509_verify_cert: last cert x in chain
> = /C=US/ST=Tennessee/L=Brentwood/O=Helava/OU=Engineering/CN=HAI/emailAddress=ohb at cmcast.net.
>
> X509_verify_cert: last cert x in untrusted stack is self-signed cert.
>
> X509_verify_cert: chain number is only one
>
> OpenSSL: tls_connection_handshake - Failed to read possible
> Application Data error:00000000:lib(0):func(0):reason(0)
>
> CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
>
> WPA: Key negotiation completed with 00:13:46:b6:77:c4 [PTK=TKIP
> GTK=TKIP]
>
> CTRL-EVENT-CONNECTED - Connection to 00:13:46:b6:77:c4 completed
> (auth) [id=0 id_str=]
>
>
>
> -Raghu.
>
>
>
>
>
>
>
>
>
> ------- Original Message -------
> Sender : ???<scott_liu at amit.com.tw>
> Date : Dec 01, 2007 15:04 (GMT+09:00)
> Title : Re: WPA-PSK problem on Marvell 8686...Help Plz
>
>
>
> I've also encountered the same problem with you, I think you are using
> Marvell 8686 with SDIO interface on linux kernel 2.4 or 2.6 ?? If 2.6,
> then you could use -Dwext is suitable (wireless extension is grater
> than v18), or(this way is sutible for 2.4 and 2.6) one patch file
> might attach in the tar file with wpa-supplicant-0.5.7 marvell gave
> you, so that you can patch it and will see driver_marvell.c, after
> compiler successful, you could execute -Dmarvell to associate with
> your encryption AP.
>
>
> Scott Liu
>
> Best regards.
>
>
> -----Original Message-----
> From: RAGHAVENDRA SADARAMACHANDRA <s.raghu at samsung.com>
> To: hostap at shmoo.com
> Date: Fri, 30 Nov 2007 11:48:34 +0000 (GMT)
> Subject: WPA-PSK problem on Marvell 8686...Help Plz
>
> Hi All,
> I have to configure WPA-PSK on Marvell 8686. They have
> given ported version of wpa supplicant 0.5.7 with the driver.
> Compiled it and enabled....But no success. I am using Linksys
> WAP54G Access Point. I tried for over 3 days...but cudn't find
> out the problem.
>
>
>
> I have following doubts
>
>
>
> 1. ioctl[SIOCSIWFREQ]: Operation not supported, does this
> indicate marvell driver's problem?
>
>
>
> 2. WPA: 4-Way Handshake failed - pre-shared key may be
> incorrect, here i entered psk="data1234" which is same as that
> entered in linksys AP. But still getting this junk error?
>
>
>
> MY AP configuration is
>
>
>
> # iwlist eth0 scanning
>
> eth0 Scan completed :
>
> Cell 01 - Address: 00:0F:CB:FE:2F:5F
>
> ESSID:"3Com"
>
> Mode:Managed
>
> Frequency:2.412 GHz (Channel 1)
>
> Quality:0/100 Signal level=-45 dBm
> Noise level=-96 dBm
>
> Encryption key:on
>
> Bit Rates:54 Mb/s
>
> IE: WPA Version 1
>
> Group Cipher : TKIP
>
> Pairwise Ciphers (1) : TKIP
>
> Authentication <?xml:namespace prefix
> = st1 />Suites (1) : 802.1x
>
> Cell 02 - Address: 00:90:4C:91:00:01
>
> ESSID:"linksys" [2]
>
> Mode:Managed
>
> Frequency:2.462 GHz (Channel 11)
>
> Quality:0/100 Signal level=-29 dBm
> Noise level=-96 dBm
>
> Encryption key:on
>
> Bit Rates:48 Mb/s
>
> IE: WPA Version 1
>
> Group Cipher : TKIP
>
> Pairwise Ciphers (1) : TKIP
>
> Authentication Suites (1) : PSK
>
>
> MY wpa_supplicant.conf configuration is
>
>
>
> network={
>
> ssid="linksys"
>
> scan_ssid=1
>
> proto=WPA
>
> key_mgmt=WPA-PSK
>
> pairwise=TKIP
>
> group=TKIP
>
> psk="data1234"
>
> }
>
> I enable wpa_supplicant using below command
>
>
>
> # ./wpa_supplicant -c./wpa_supplicant.conf -ieth0
>
> ioctl[SIOCSIWPMKSA]: Invalid argument
>
> Trying to associate with 00:90:4c:91:00:01 (SSID='linksys'
> freq=2462 MHz)
>
> ioctl[SIOCSIWFREQ]: Operation not supported
>
> Association request to the driver failed
>
> Associated with 00:90:4c:91:00:01
>
> WPA: Key negotiation completed with 00:90:4c:91:00:01
> [PTK=TKIP GTK=TKIP]
>
> CTRL-EVENT-CONNECTED - Connection to 00:90:4c:91:00:01
> completed (auth) [id=0 id_str=]
>
> CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
>
> Trying to associate with 00:90:4c:91:00:01 (SSID='linksys'
> freq=2462 MHz)
>
> ioctl[SIOCSIWFREQ]: Operation not supported
>
> Association request to the driver failed
>
> Associated with 00:90:4c:91:00:01
>
> CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
>
> Trying to associate with 00:90:4c:91:00:01 (SSID='linksys'
> freq=2462 MHz)
>
> ioctl[SIOCSIWFREQ]: Operation not supported
>
> ioctl[SIOCSIWESSID]: Network is down
>
> ioctl[SIOCSIWAP]: Network is unreachable
>
> Association request to the driver failed
>
> CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
>
> Associated with 00:00:00:00:00:00
>
> Authentication with 00:00:00:00:00:00 timed out.
>
> Trying to associate with 00:90:4c:91:00:01 (SSID='linksys'
> freq=2462 MHz)
>
> ioctl[SIOCSIWFREQ]: Operation not supported
>
> Association request to the driver failed
>
> Associated with 00:90:4c:91:00:01
>
> WPA: Key negotiation completed with 00:90:4c:91:00:01
> [PTK=TKIP GTK=TKIP]
>
> CTRL-EVENT-CONNECTED - Connection to 00:90:4c:91:00:01
> completed (reauth) [id=0 id_str=]
>
> CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
>
> Trying to associate with 00:90:4c:91:00:01 (SSID='linksys'
> freq=2462 MHz)
>
> ioctl[SIOCSIWFREQ]: Operation not supported
>
> ioctl[SIOCSIWAP]: Network is unreachable
>
> Association request to the driver failed
>
> Associated with 00:00:00:00:00:00
>
> CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
>
> WPA: No SSID info found (msg 1 of 4).
>
> Trying to associate with 00:90:4c:91:00:01 (SSID='linksys'
> freq=2462 MHz)
>
> ioctl[SIOCSIWFREQ]: Operation not supported
>
> Association request to the driver failed
>
> Associated with 00:90:4c:91:00:01
>
> WPA: Key negotiation completed with 00:90:4c:91:00:01
> [PTK=TKIP GTK=TKIP]
>
> CTRL-EVENT-CONNECTED - Connection to 00:90:4c:91:00:01
> completed (reauth) [id=0 id_str=]
>
> CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
>
> Trying to associate with 00:90:4c:91:00:01 (SSID='linksys'
> freq=2462 MHz)
>
> ioctl[SIOCSIWFREQ]: Operation not supported
>
> Association request to the driver failed
>
> Associated with 00:90:4c:91:00:01
>
> WPA: Key negotiation completed with 00:90:4c:91:00:01
> [PTK=TKIP GTK=TKIP]
>
> CTRL-EVENT-CONNECTED - Connection to 00:90:4c:91:00:01
> completed (reauth) [id=0 id_str=]
>
> CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
>
> Trying to associate with 00:90:4c:91:00:01 (SSID='linksys'
> freq=2462 MHz)
>
> ioctl[SIOCSIWFREQ]: Operation not supported
>
> Association request to the driver failed
>
> Associated with 00:90:4c:91:00:01
>
> WPA: 4-Way Handshake failed - pre-shared key may be incorrect
>
> CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
>
> Trying to associate with 00:90:4c:91:00:01 (SSID='linksys'
> freq=2462 MHz)
>
> ioctl[SIOCSIWFREQ]: Operation not supported
>
> Association request to the driver failed
>
> Associated with 00:90:4c:91:00:01
>
> WPA: Key negotiation completed with 00:90:4c:91:00:01
> [PTK=TKIP GTK=TKIP]
>
> CTRL-EVENT-CONNECTED - Connection to 00:90:4c:91:00:01
> completed (reauth) [id=0 id_str=]
>
> CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
>
> Trying to associate with 00:90:4c:91:00:01 (SSID='linksys'
> freq=2462 MHz)
>
> ioctl[SIOCSIWFREQ]: Operation not supported
>
> Association request to the driver failed
>
> Associated with 00:90:4c:91:00:01
>
>
>
>
>
> Thanx in Advance.
>
>
> Raghu.
>
>
>
>
>
>
>
>
>
> _______________________________________________
> HostAP mailing list
> HostAP at shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
More information about the Hostap
mailing list