WPA2-PEAP problems
Harshal Chhaya
harshal
Thu May 19 20:09:18 PDT 2011
Jouni,
Here is the output of a failed WPA2-PEAP handshake with '-ddK'. I
noticed 'EAP-PEAP: Length mismatch in Phase 2 EAP frame (len=75
hdr->length=76)' towards the end which seems to be where the failure
starts. The 'EAP: EAP entering state INTEGRITY_CHECK' message a little
later also looks odd. I am a little curious about this since this same
client is working with a freeRADIUS-based AP.
Is this a config mismatch or something else? Do you see any other
possible problems with the client's responses?
Also, I have removed a few lines at the top to make it fit within the
limits of the mailing list.
Thanks again,
- Harshal
authentication: STA=00:09:37:09:03:87 auth_alg=0 auth_transaction=1
status_code=0 wep=0
New STA
wlan0: STA 00:09:37:09:03:87 IEEE 802.11: authentication OK (open system)
:
wlan0: STA 00:09:37:09:03:87 IEEE 802.11: association OK (aid 8)
:
wlan0: STA 00:09:37:09:03:87 WPA: event 1 notification
wpa_driver_nl80211_set_key: ifindex=4 alg=0 addr=0x84a58 key_idx=0
set_tx=1 seq_len=0 key_len=0
addr=00:09:37:09:03:87
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: start authentication
EAP: Server state machine created
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state IDLE
IEEE 802.1X: 00:09:37:09:03:87 CTRL_DIR entering state FORCE_BOTH
wlan0: STA 00:09:37:09:03:87 WPA: start authentication
WPA: 00:09:37:09:03:87 WPA_PTK entering state INITIALIZE
wpa_driver_nl80211_set_key: ifindex=4 alg=0 addr=0x84a58 key_idx=0
set_tx=1 seq_len=0 key_len=0
addr=00:09:37:09:03:87
WPA: 00:09:37:09:03:87 WPA_PTK_GROUP entering state IDLE
WPA: 00:09:37:09:03:87 WPA_PTK entering state AUTHENTICATION
WPA: 00:09:37:09:03:87 WPA_PTK entering state AUTHENTICATION2
IEEE 802.1X: 00:09:37:09:03:87 AUTH_PAE entering state DISCONNECTED
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: unauthorizing port
IEEE 802.1X: 00:09:37:09:03:87 AUTH_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
CTRL-EVENT-EAP-STARTED 00:09:37:09:03:87
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: no identity known yet -> CONTINUE
EAP: EAP entering state PROPOSE_METHOD
EAP: getNextMethod: vendor 0 type 1
CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 93
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: 00:09:37:09:03:87 AUTH_PAE entering state CONNECTING
IEEE 802.1X: 00:09:37:09:03:87 AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state REQUEST
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: Sending EAP Packet (identifier 93)
nl80211: Event message available
nl80211: Ignored unknown event (cmd=19)
IEEE 802.1X: 00:09:37:09:03:87 TX status - version=2 type=0 length=5 - ack=1
IEEE 802.1X: 4 bytes from 00:09:37:09:03:87
IEEE 802.1X: version=1 type=1 length=0
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: received EAPOL-Start from STA
wlan0: STA 00:09:37:09:03:87 WPA: event 5 notification
WPA: 00:09:37:09:03:87 WPA_PTK entering state AUTHENTICATION2
IEEE 802.1X: 00:09:37:09:03:87 AUTH_PAE entering state ABORTING
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state INITIALIZE
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: aborting authentication
IEEE 802.1X: 00:09:37:09:03:87 AUTH_PAE entering state RESTART
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state IDLE
EAP: EAP entering state INITIALIZE
CTRL-EVENT-EAP-STARTED 00:09:37:09:03:87
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: no identity known yet -> CONTINUE
EAP: EAP entering state PROPOSE_METHOD
EAP: getNextMethod: vendor 0 type 1
CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 5
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: 00:09:37:09:03:87 AUTH_PAE entering state CONNECTING
IEEE 802.1X: 00:09:37:09:03:87 AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state REQUEST
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: Sending EAP Packet (identifier 5)
IEEE 802.1X: 4 bytes from 00:09:37:09:03:87
IEEE 802.1X: version=1 type=1 length=0
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: received EAPOL-Start from STA
wlan0: STA 00:09:37:09:03:87 WPA: event 5 notification
WPA: 00:09:37:09:03:87 WPA_PTK entering state AUTHENTICATION2
IEEE 802.1X: 25 bytes from 00:09:37:09:03:87
IEEE 802.1X: version=1 type=0 length=21
EAP: code=2 identifier=93 length=21
(response)
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: received EAP packet (code=2
id=93 len=21) from STA: EAP Response-Identity (1)
IEEE 802.1X: 00:09:37:09:03:87 AUTH_PAE entering state ABORTING
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state INITIALIZE
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: aborting authentication
IEEE 802.1X: 00:09:37:09:03:87 AUTH_PAE entering state RESTART
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state IDLE
EAP: EAP entering state INITIALIZE
CTRL-EVENT-EAP-STARTED 00:09:37:09:03:87
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: no identity known yet -> CONTINUE
EAP: EAP entering state PROPOSE_METHOD
EAP: getNextMethod: vendor 0 type 1
CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 23
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: 00:09:37:09:03:87 AUTH_PAE entering state CONNECTING
IEEE 802.1X: 00:09:37:09:03:87 AUTH_PAE entering state DISCONNECTED
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: unauthorizing port
IEEE 802.1X: 00:09:37:09:03:87 AUTH_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
CTRL-EVENT-EAP-STARTED 00:09:37:09:03:87
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: no identity known yet -> CONTINUE
EAP: EAP entering state PROPOSE_METHOD
EAP: getNextMethod: vendor 0 type 1
CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 88
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: 00:09:37:09:03:87 AUTH_PAE entering state CONNECTING
IEEE 802.1X: 00:09:37:09:03:87 AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state REQUEST
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: Sending EAP Packet (identifier 88)
IEEE 802.1X: 00:09:37:09:03:87 TX status - version=2 type=0 length=5 - ack=1
IEEE 802.1X: 25 bytes from 00:09:37:09:03:87
IEEE 802.1X: version=1 type=0 length=21
EAP: code=2 identifier=5 length=21
(response)
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: received EAP packet (code=2
id=5 len=21) from STA: EAP Response-Identity (1)
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 respId=5 respMethod=1 respVendor=0
respVendorMethod=0
EAP: RECEIVED->DISCARD: rxResp=1 respId=5 currentId=88 respMethod=1
currentMethod=1
EAP: EAP entering state DISCARD
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state IGNORE
IEEE 802.1X: 00:09:37:09:03:87 TX status - version=2 type=0 length=5 - ack=1
IEEE 802.1X: 25 bytes from 00:09:37:09:03:87
IEEE 802.1X: version=1 type=0 length=21
EAP: code=2 identifier=88 length=21
(response)
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: received EAP packet (code=2
id=88 len=21) from STA: EAP Response-Identity (1)
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 respId=88 respMethod=1 respVendor=0
respVendorMethod=0
EAP: EAP entering state INTEGRITY_CHECK
EAP: EAP entering state METHOD_RESPONSE
EAP-Identity: Peer identity - hexdump_ascii(len=16):
30 30 30 30 30 30 30 39 33 37 30 39 30 33 38 37 0000000937090387
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: another method available -> CONTINUE
EAP: EAP entering state PROPOSE_METHOD
EAP: getNextMethod: vendor 0 type 25
CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 89
EAP-PEAP: START -> PHASE1
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state REQUEST
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: Sending EAP Packet (identifier 89)
IEEE 802.1X: 00:09:37:09:03:87 TX status - version=2 type=0 length=6 - ack=1
IEEE 802.1X: 90 bytes from 00:09:37:09:03:87
IEEE 802.1X: version=1 type=0 length=86
EAP: code=2 identifier=89 length=86
(response)
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: received EAP packet (code=2
id=89 len=86) from STA: EAP Response-PEAP (25)
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 respId=89 respMethod=25 respVendor=0
respVendorMethod=0
EAP: EAP entering state INTEGRITY_CHECK
EAP: EAP entering state METHOD_RESPONSE
SSL: Received packet(len=86) - Flags 0x81
SSL: TLS Message Length: 76
SSL: Received packet: Flags 0x81 Message Length 76
TLSv1: Record Layer - Received - hexdump(len=76): 16 03 01 00 47 01 00
00 43 03 01 00 00 01 0b 77 e2 bd 3a 9f 31 52 64 c7 4e 6c 2e c8 43 64
5f 54 46 fa 36 e0 2e 05 59 d8 4b 0f 44 00 00 1c 0
TLSv1: Received content type 22 version 3.1 length 71
TLSv1: Received ClientHello
TLSv1: ClientHello - hexdump(len=67): 03 01 00 00 01 0b 77 e2 bd 3a 9f
31 52 64 c7 4e 6c 2e c8 43 64 5f 54 46 fa 36 e0 2e 05 59 d8 4b 0f 44
00 00 1c 00 16 00 0a 00 05 00 04 00 64 00 62 00 6
TLSv1: Client version 3.1
TLSv1: client_random - hexdump(len=32): 00 00 01 0b 77 e2 bd 3a 9f 31
52 64 c7 4e 6c 2e c8 43 64 5f 54 46 fa 36 e0 2e 05 59 d8 4b 0f 44
TLSv1: client session_id - hexdump(len=0):
TLSv1: client cipher suites - hexdump(len=28): 00 16 00 0a 00 05 00 04
00 64 00 62 00 61 00 60 00 15 00 09 00 14 00 08 00 06 00 03
TLSv1: Selected cipher suite: 0x000a
TLSv1: client compression_methods - hexdump(len=1): 00
TLSv1: ClientHello OK - proceed to ServerHello
TLSv1: Send ServerHello
TLSv1: server_random - hexdump(len=32): 00 00 00 78 e2 7f c5 ab 58 55
ae 3f f1 99 f3 04 33 f8 fe 0d b4 24 e9 74 e9 39 02 3d 05 a1 12 7a
TLSv1: session_id - hexdump(len=32): 7a 36 4c 5f 62 3f 8e 1c 5d 7c 02
90 6b 81 19 65 fd 39 51 29 49 34 f8 87 e0 bd 63 ef 42 4d d5 05
TLSv1: Send Certificate
TLSv1: Full server certificate chain not configured - validation may fail
TLSv1: No ServerKeyExchange needed
TLSv1: No CertificateRequest needed
TLSv1: Send ServerHelloDone
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 90
SSL: Generating Request
SSL: Sending out 1010 bytes (message sent completely)
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state REQUEST
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: Sending EAP Packet (identifier 90)
IEEE 802.1X: 00:09:37:09:03:87 TX status - version=2 type=0 length=1016 - ack=1
IEEE 802.1X: 204 bytes from 00:09:37:09:03:87
IEEE 802.1X: version=1 type=0 length=200
EAP: code=2 identifier=90 length=200
(response)
: STA 00:09:37:09:03:87 IEEE 802.1X: received EAP packet (code=2 id=90
len=200) from STA: EAP Response-PEAP (25)
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 respId=90 respMethod=25 respVendor=0
respVendorMethod=0
EAP: EAP entering state INTEGRITY_CHECK
EAP: EAP entering state METHOD_RESPONSE
SSL: Received packet(len=200) - Flags 0x81
SSL: TLS Message Length: 190
SSL: Received packet: Flags 0x81 Message Length 190
TLSv1: Record Layer - Received - hexdump(len=190): 16 03 01 00 86 10
00 00 82 00 80 72 91 9b f9 a1 df aa 02 49 35 91 a4 bb 73 b4 f8 63 57
01 52 4d 96 1b 0d b2 96 3c 5f 4f f4 2d 0b 18 59 b1
TLSv1: Received content type 22 version 3.1 length 134
TLSv1: Received ClientKeyExchange
TLSv1: ClientKeyExchange - hexdump(len=130): 00 80 72 91 9b f9 a1 df
aa 02 49 35 91 a4 bb 73 b4 f8 63 57 01 52 4d 96 1b 0d b2 96 3c 5f 4f
f4 2d 0b 18 59 b1 12 99 3f 0a 38 de 96 49 f2 26 d6
TLSv1: pre_master_secret - hexdump(len=48): 03 01 f8 1b aa 0d 2e 22 27
c9 69 55 88 ff 3f 26 51 10 ef 02 09 eb 9d 3f 4d 33 00 cd 58 a7 b8 59
8b 00 b7 86 d9 2c 81 25 03 a1 5f aa ca bf 29 24
TLSv1: master_secret - hexdump(len=48): d2 50 9e 7e 66 f3 83 cd 98 25
64 b0 2b 62 de 6d a6 dd c8 eb ab 41 9b 38 52 b8 3a a6 1c fc b8 c7 58
79 c0 d8 76 23 a5 01 74 22 f8 93 ab 95 49 89
TLSv1: key_block - hexdump(len=104): e6 12 97 39 62 af 41 7e 16 9c 05
fa 6e 41 37 ae c9 b5 f3 73 72 b8 a4 e5 ae 0d ae df 71 00 23 ce af cb
c0 6d d4 8b a3 a1 2d 28 ce e9 83 e2 86 ed b2 ef ab
TLSv1: Record Layer - Received - hexdump(len=51): 14 03 01 00 01 01 16
03 01 00 28 0c f8 66 1f ae 5c 00 f0 44 2e d7 6e 51 24 9e eb 10 d7 d9
d4 8b a6 2e 29 7d 5f 26 37 e1 d5 68 cd 4c a9 05 0
TLSv1: Received content type 20 version 3.1 length 1
TLSv1: Received ChangeCipherSpec
TLSv1: Record Layer - New read cipher suite 0x000a
TLSv1: Record Layer - Received - hexdump(len=45): 16 03 01 00 28 0c f8
66 1f ae 5c 00 f0 44 2e d7 6e 51 24 9e eb 10 d7 d9 d4 8b a6 2e 29 7d
5f 26 37 e1 d5 68 cd 4c a9 05 0a bb 74 ac 98
TLSv1: Received content type 22 version 3.1 length 40
TLSv1: Record Layer - Decrypted data - hexdump(len=40): 14 00 00 0c c8
5f 4f 41 80 7e e4 a5 18 a3 df 86 58 97 73 ee 1e 54 ce dc cb 9f 5c 59
4d a6 a5 95 de d9 d9 8e 03 03 03 03
TLSv1: verify_data in Finished - hexdump(len=12): c8 5f 4f 41 80 7e e4
a5 18 a3 df 86
TLSv1: verify_data (client) - hexdump(len=12): c8 5f 4f 41 80 7e e4 a5
18 a3 df 86
TLSv1: Received Finished
TLSv1: Send ChangeCipherSpec
TLSv1: Record Layer - New write cipher suite 0x000a
TLSv1: Send Finished
TLSv1: verify_data (server) - hexdump(len=12): 54 62 6f bb 9d f1 b6 97
b8 c9 35 fa
TLSv1: Record Layer - Write HMAC - hexdump(len=20): 00 97 1f 82 94 1f
f8 b2 16 08 81 25 12 ba 0e 1d 7f 8f 07 dd
TLSv1: Handshake completed successfully
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 91
EAP-PEAP: Phase1 done, starting Phase2
EAP-PEAP: PHASE1 -> PHASE2_START
SSL: Generating Request
SSL: Sending out 51 bytes (message sent completely)
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state REQUEST
: STA 00:09:37:09:03:87 IEEE 802.1X: Sending EAP Packet (identifier 91)
IEEE 802.1X: 00:09:37:09:03:87 TX status - version=2 type=0 length=57 - ack=1
IEEE 802.1X: 10 bytes from 00:09:37:09:03:87
IEEE 802.1X: version=1 type=0 length=6
EAP: code=2 identifier=91 length=6
(response)
: STA 00:09:37:09:03:87 IEEE 802.1X: received EAP packet (code=2 id=91
len=6) from STA: EAP Response-PEAP (25)
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 respId=91 respMethod=25 respVendor=0
respVendorMethod=0
EAP: EAP entering state INTEGRITY_CHECK
EAP: EAP entering state METHOD_RESPONSE
SSL: Received packet(len=6) - Flags 0x01
SSL: Received packet: Flags 0x1 Message Length 0
EAP-PEAP: PHASE2_START -> PHASE2_ID
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 92
EAP-PEAP: Encrypting Phase 2 data - hexdump(len=5): 01 5c 00 05 01
TLSv1: Plaintext AppData - hexdump(len=5): 01 5c 00 05 01
TLSv1: Record Layer - Write HMAC - hexdump(len=20): 03 fb 1b 61 7c 64
e9 98 8d 1e e1 86 ea b3 f4 9e 38 89 df 7a
SSL: Generating Request
SSL: Sending out 37 bytes (message sent completely)
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state REQUEST
: STA 00:09:37:09:03:87 IEEE 802.1X: Sending EAP Packet (identifier 92)
IEEE 802.1X: 00:09:37:09:03:87 TX status - version=2 type=0 length=43 - ack=1
IEEE 802.1X: 63 bytes from 00:09:37:09:03:87
IEEE 802.1X: version=1 type=0 length=59
EAP: code=2 identifier=92 length=59
(response)
: STA 00:09:37:09:03:87 IEEE 802.1X: received EAP packet (code=2 id=92
len=59) from STA: EAP Response-PEAP (25)
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 respId=92 respMethod=25 respVendor=0
respVendorMethod=0
EAP: EAP entering state INTEGRITY_CHECK
EAP: EAP entering state METHOD_RESPONSE
SSL: Received packet(len=59) - Flags 0x01
SSL: Received packet: Flags 0x1 Message Length 0
EAP-PEAP: received 53 bytes encrypted data for Phase 2
TLSv1: Record Layer - Received - hexdump(len=53): 17 03 01 00 30 e4 2e
5d 20 7c b6 b7 fe 38 75 1d f4 5c 0c 1e a4 22 34 7e 38 f6 ce 13 a4 f2
c9 f3 02 cf 7b 3a 58 f9 80 0d 15 ed e9 ab 4a be e
TLSv1: Received content type 23 version 3.1 length 48
TLSv1: Record Layer - Decrypted data - hexdump(len=48): 02 5c 00 15 01
30 30 30 30 30 30 30 39 33 37 30 39 30 33 38 37 72 de 56 d4 1a a9 35
66 bf 2f d5 67 00 1c a2 ed 19 94 3e f5 06 06 06 0
EAP-PEAP: Decrypted Phase 2 EAP - hexdump(len=21): 02 5c 00 15 01 30
30 30 30 30 30 30 39 33 37 30 39 30 33 38 37
EAP-PEAP: received Phase 2: code=2 identifier=92 length=21
EAP-Identity: Peer identity - hexdump_ascii(len=16):
30 30 30 30 30 30 30 39 33 37 30 39 30 33 38 37 0000000937090387
EAP-PEAP: PHASE2_ID -> PHASE2_METHOD
EAP-PEAP: try EAP type 26
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 93
EAP-MSCHAPV2: Challenge - hexdump(len=16): 43 7d bb 38 88 4e 45 75 f1
70 78 1a be 2b 80 41
EAP-PEAP: Encrypting Phase 2 data - hexdump(len=33): 01 5d 00 21 1a 01
5d 00 1c 10 43 7d bb 38 88 4e 45 75 f1 70 78 1a be 2b 80 41 68 6f 73
74 61 70 64
TLSv1: Plaintext AppData - hexdump(len=33): 01 5d 00 21 1a 01 5d 00 1c
10 43 7d bb 38 88 4e 45 75 f1 70 78 1a be 2b 80 41 68 6f 73 74 61 70
64
TLSv1: Record Layer - Write HMAC - hexdump(len=20): fb 0e 20 69 81 c1
77 60 33 79 70 2e 77 32 4d e9 ff 33 a4 94
SSL: Generating Request
SSL: Sending out 61 bytes (message sent completely)
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state REQUEST
: STA 00:09:37:09:03:87 IEEE 802.1X: Sending EAP Packet (identifier 93)
IEEE 802.1X: 00:09:37:09:03:87 TX status - version=2 type=0 length=67 - ack=1
IEEE 802.1X: 111 bytes from 00:09:37:09:03:87
IEEE 802.1X: version=1 type=0 length=107
EAP: code=2 identifier=93 length=107
(response)
: STA 00:09:37:09:03:87 IEEE 802.1X: received EAP packet (code=2 id=93
len=107) from STA: EAP Response-PEAP (25)
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 respId=93 respMethod=25 respVendor=0
respVendorMethod=0
EAP: EAP entering state INTEGRITY_CHECK
EAP: EAP entering state METHOD_RESPONSE
SSL: Received packet(len=107) - Flags 0x01
SSL: Received packet: Flags 0x1 Message Length 0
EAP-PEAP: received 101 bytes encrypted data for Phase 2
TLSv1: Record Layer - Received - hexdump(len=101): 17 03 01 00 60 7e
7b ac 2a 52 e8 90 30 0b 5a 61 93 04 c0 9d 09 fd 2e 1e de 53 53 50 1f
e3 29 01 ce 39 a7 8e 5e d5 02 3b 64 e4 90 08 b4 4a
TLSv1: Received content type 23 version 3.1 length 96
TLSv1: Record Layer - Decrypted data - hexdump(len=96): 02 5d 00 4c 1a
02 5d 00 46 31 9d 6b c6 3f 1d 25 a4 08 2f 71 a4 fe bc f4 1b 59 00 00
00 00 00 00 00 00 09 cd 50 ab da d3 c4 6f 02 97 2
EAP-PEAP: Decrypted Phase 2 EAP - hexdump(len=75): 02 5d 00 4c 1a 02
5d 00 46 31 9d 6b c6 3f 1d 25 a4 08 2f 71 a4 fe bc f4 1b 59 00 00 00
00 00 00 00 00 09 cd 50 ab da d3 c4 6f 02 97 22 dd
EAP-PEAP: Length mismatch in Phase 2 EAP frame (len=75 hdr->length=76)
EAP-PEAP: PHASE2_METHOD -> FAILURE_REQ
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 94
EAP-PEAP: Encrypting Phase 2 data - hexdump(len=4): 04 5e 00 04
TLSv1: Plaintext AppData - hexdump(len=4): 04 5e 00 04
TLSv1: Record Layer - Write HMAC - hexdump(len=20): ce 3e d4 3b 2e 07
01 95 4b 05 5e f0 62 5d c5 56 b8 25 57 e4
SSL: Generating Request
SSL: Sending out 37 bytes (message sent completely)
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state REQUEST
: STA 00:09:37:09:03:87 IEEE 802.1X: Sending EAP Packet (identifier 94)
STA 2c:a8:35:30:f6:e4 sent probe request without SSID or supported rates element
IEEE 802.1X: 00:09:37:09:03:87 TX status - version=2 type=0 length=43 - ack=1
IEEE 802.1X: 47 bytes from 00:09:37:09:03:87
IEEE 802.1X: version=1 type=0 length=43
EAP: code=2 identifier=94 length=43
(response)
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: received EAP packet (code=2
id=94 len=43) from STA: EAP Response-PEAP (25)
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 respId=94 respMethod=25 respVendor=0
respVendorMethod=0
EAP: EAP entering state INTEGRITY_CHECK
EAP: EAP entering state METHOD_RESPONSE
SSL: Received packet(len=43) - Flags 0x01
SSL: Received packet: Flags 0x1 Message Length 0
EAP-PEAP: FAILURE_REQ -> FAILURE
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: method failed -> FAILURE
EAP: EAP entering state FAILURE
EAP: Building EAP-Failure (id=94)
CTRL-EVENT-EAP-FAILURE 00:09:37:09:03:87
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state FAIL
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: Sending EAP Packet (identifier 94)
IEEE 802.1X: 00:09:37:09:03:87 AUTH_PAE entering state HELD
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: unauthorizing port
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: authentication failed - EAP
type: 0 ((null))
wlan0: STA 00:09:37:09:03:87 IEEE 802.1X: Supplicant used different
EAP type: 25 (PEAP)
IEEE 802.1X: 00:09:37:09:03:87 BE_AUTH entering state IDLE
IEEE 802.1X: 00:09:37:09:03:87 TX status - version=2 type=0 length=4 - ack=1
mgmt::disassoc
disassocation: STA=00:09:37:09:03:87 reason_code=8
AP-STA-DISCONNECTED 00:09:37:09:03:87
wlan0: STA 00:09:37:09:03:87 WPA: event 2 notification
wpa_driver_nl80211_set_key: ifindex=4 alg=0 addr=0x84a58 key_idx=0
set_tx=1 seq_len=0 key_len=0
addr=00:09:37:09:03:87
WPA: 00:09:37:09:03:87 WPA_PTK entering state DISCONNECTED
WPA: 00:09:37:09:03:87 WPA_PTK entering state INITIALIZE
wpa_driver_nl80211_set_key: ifindex=4 alg=0 addr=0x84a58 key_idx=0
set_tx=1 seq_len=0 key_len=0
addr=00:09:37:09:03:87
wlan0: STA 00:09:37:09:03:87 IEEE 802.11: disassociated
EAP: Server state machine removed
TLSv1: Selected cipher suite: 0x0000
TLSv1: Record Layer - New write cipher suite 0x0000
TLSv1: Record Layer - New read cipher suite 0x0000
wlan0: STA 00:09:37:09:03:87 MLME:
MLME-DISASSOCIATE.indication(00:09:37:09:03:87, 8)
wlan0: STA 00:09:37:09:03:87 MLME: MLME-DELETEKEYS.request(00:09:37:09:03:87)
wpa_driver_nl80211_set_key: ifindex=4 alg=0 addr=0x84a58 key_idx=0
set_tx=1 seq_len=0 key_len=0
addr=00:09:37:09:03:87
mgmt::deauth
deauthentication: STA=00:09:37:09:03:87 reason_code=3
AP-STA-DISCONNECTED 00:09:37:09:03:87
wlan0: STA 00:09:37:09:03:87 WPA: event 3 notification
wpa_driver_nl80211_set_key: ifindex=4 alg=0 addr=0x84a58 key_idx=0
set_tx=1 seq_len=0 key_len=0
addr=00:09:37:09:03:87
WPA: 00:09:37:09:03:87 WPA_PTK entering state DISCONNECTED
WPA: 00:09:37:09:03:87 WPA_PTK entering state INITIALIZE
wpa_driver_nl80211_set_key: ifindex=4 alg=0 addr=0x84a58 key_idx=0
set_tx=1 seq_len=0 key_len=0
addr=00:09:37:09:03:87
wlan0: STA 00:09:37:09:03:87 IEEE 802.11: deauthenticated
wlan0: STA 00:09:37:09:03:87 MLME:
MLME-DEAUTHENTICATE.indication(00:09:37:09:03:87, 3)
wlan0: STA 00:09:37:09:03:87 MLME: MLME-DELETEKEYS.request(00:09:37:09:03:87)
wpa_driver_nl80211_set_key: ifindex=4 alg=0 addr=0x84a58 key_idx=0
set_tx=1 seq_len=0 key_len=0
addr=00:09:37:09:03:87
More information about the Hostap
mailing list