att: wpa2 protocol question

Pongsak Tawankanjanachot egapongsak
Thu Apr 2 01:23:12 PDT 2009

   I'm testing wpa_supplicant with security = WPA2, CCMP.
   I'm wondered this situation.
1) STA01 connects AP01 successfully by WPA2 (with FreeRadius as external
radius server).
2) I turn off AP01, then turn it on again.
3) STA01 sends Assoc_Request to AP01 with RSNIE+PMKID. (length is 38)
4) AP01 replies Assoc_Response to STA01

then who would continue the protocol flow?

'Coz STA01 has AP01 PMKID in its cache, so it doesn't initiate EAPOL-Start.
STA01 is waiting for 4 way handshake from AP01.
While AP01 (just turnoff/on, clear cache) doesn't know this STA01, it
obviously doesn't initiate 4 way handshake.

I guess that AP01 should send something to tell STA01 that " are
new to me, we must do full EAP authen together" (what packet should be
then STA01 knows that this is new-start AP01, STA01 will clear it's own
PMKID cache (or not??) and continue the EAPOL-Start.

-------------- next part --------------
An HTML attachment was scrubbed...

More information about the Hostap mailing list