HostAP Digest, Vol 112, Issue 12

Dr. Ajay N. Khosla drkhosla
Wed Aug 15 09:21:01 PDT 2012


I just upgraded my laptop from Fedora 14 to Fedora 17. After installing Fedora 17, I upgraded to latest available repository. Thing are working after upgrading. Driver iwl3945 is updated. I also set AP for WPA2-Enterprise with interworking. My hostapd.conf file is 


(xxx to hide ip and domain) 



interworking=1 
access_network_type=2 
internet=1 
asra=1 
esr=0 
uesa=0 
venue_group=2 
venue_type=0 
roaming_consortium=2233445566 
venue_name=eng:Vile Parle East 
domain_name=xxxx.com 

interface=wlan1 
ctrl_interface=/var/run/hostapd-phy0 
auth_server_addr=xxx.xxx.xxx.1 
auth_server_port=1645 
auth_server_shared_secret=secret 
nas_identifier=mesh 
eapol_key_index_workaround=1 
ieee8021x=1 
wpa_key_mgmt=WPA-EAP 
wpa_group_rekey=3600 
auth_algs=1 
wpa=3 
wpa_pairwise=CCMP 
wpa_group_rekey=3600 
ssid=CRPF-WiFi 
wmm_enabled=1 
bssid=02:27:22:e5:a0:2a 
ignore_broadcast_ssid=0 


I am able to connect AP with WPA-Enterprise using credential. 


Now anqp query started working. 



> fetch_anqp 
OK 
<3>Starting ANQP fetch for 02:27:22:e5:a0:2a 
<3>RX-ANQP 02:27:22:e5:a0:2a ANQP Capability list 
<3>RX-ANQP 02:27:22:e5:a0:2a Venue Name 
<3>RX-ANQP 02:27:22:e5:a0:2a Roaming Consortium list 
<3>RX-ANQP 02:27:22:e5:a0:2a Domain Name list 
<3>ANQP fetch completed 
> interworking_select 
OK 
<3>Starting ANQP fetch for 02:27:22:e5:a0:2a 
<3>RX-ANQP 02:27:22:e5:a0:2a ANQP Capability list 
<3>RX-ANQP 02:27:22:e5:a0:2a Venue Name 
<3>RX-ANQP 02:27:22:e5:a0:2a Roaming Consortium list 
<3>RX-ANQP 02:27:22:e5:a0:2a Domain Name list 
<3>ANQP fetch completed 


But list_creds is not working 



> list_creds 
cred id / realm / username / domain / imsi 
> 


my wpa_supplicant.conf file is (xxx is to hide domain name) 
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 

update_config=1 
ctrl_interface=/var/run/wpa_supplicant 
ctrl_interface_group=wheel 
ap_scan=1 
interworking=1 


cred={ 
realm="xxxxx.com" 
username="admin" 
password="adminsecret" 
ca_cert="/etc/wpa_supplicant/ca.pem" 
domain="xxxxxxxx.com" 
roaming_consortium=2233445566 
eap=TTLS 
phase2="auth=MSCHAPV2" 
} 


cred={ 
realm="example.com" 
username="user at example.com" 
password="password" 
ca_cert="/etc/wpa_supplicant/ca.pem" 
domain="example.com" 
} 


cred={ 
imsi="310026-000000000" 
milenage="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82" 
} 


hs20=1 
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 


ANQP able to retrieve Roaming Consortium List 



> anqp_get 02:27:22:e5:a0:2a 261 
OK 
<3>RX-ANQP 02:27:22:e5:a0:2a Roaming Consortium list 
> 


But interworking_connect fails as there is no creds are available. 



> interworking_connect 02:27:22:e5:a0:2a 
FAIL 
> 
Debug log says nothing more then interworking_connect command. 




1345060835.906976: RX ctrl_iface - hexdump_ascii(len=38): 
49 4e 54 45 52 57 4f 52 4b 49 4e 47 5f 43 4f 4e INTERWORKING_CON 
4e 45 43 54 20 30 32 3a 32 37 3a 32 32 3a 65 35 NECT 02:27:22:e5 
3a 61 30 3a 32 61 :a0:2a 


I am running wpa_supplicant with following command line 



/usr/local/sbin/wpa_supplicant -u -ddt -f /var/log/wpa_supplicant.log -O /var/run/wpa_supplicant -P /var/run/wpa_spplicant.pid 


Dr. Khosla 


I wanted to set my laptop (Fedora 14) using wpa_supplicant in such a way that it should connect to AP with roaming consortium ID 2233445566 with domain homenet.com 

> On Wed, Aug 08, 2012 at 05:39:52AM +0530, Dr. Ajay N. Khosla wrote: 
> > While using wpa_cli command, I get FAIL reply and some time 
> > interworking_select or anqp_get command crash wpa_supplicant. Many 
> > other command also fail like level, sta, signal_poll, anqp_get 
> > etc. Here is log 

I don't know why it crash or reinitialized. It does not show any log for failure but it just restart. 

> Could you please send me a verbose wpa_supplicant debug log from a 
> test 
> run where it crashes or behaves incorrectly (i.e., run it in 
> foreground 
> with -ddt on command line and save the output)? 

> > > status 
> > bssid=00:16:01:ad:31:21 
> > wpa_state=COMPLETED 
> > > interworking_select 
> > OK 

> You may want to start tests with the station being disconnected. Some 
> drivers may not like the off-channel operations while associated. 

Yes, you may be right. The log say 

1344448967.028584: RX ctrl_iface - hexdump_ascii(len=19): 
49 4e 54 45 52 57 4f 52 4b 49 4e 47 5f 53 45 4c INTERWORKING_SEL 
45 43 54 ECT 
1344448967.028745: Interworking: Start scan for network selection 
1344448967.028816: wlan0: Setting scan request: 0 sec 0 usec 
1344448967.028880: Scan SSID - hexdump_ascii(len=7): 
48 6f 6d 65 4e 65 74 HomeNet 
1344448967.028940: wlan0: Starting AP scan for wildcard SSID (Interleave with specific) 
1344448967.029226: Scan requested (ret=0) - scan timeout 30 seconds 
1344448969.602064: RTM_NEWLINK: operstate=1 ifi_flags=0x11043 ([UP][RUNNING][LOWER_UP]) 
1344448969.602184: RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added 
1344448969.602257: WEXT: if_removed already cleared - ignore event 
1344448969.602282: Wireless event: cmd=0x8b19 len=8 
1344448969.602313: wlan0: Event SCAN_RESULTS (3) received 
1344448969.602478: Received 1561 bytes of scan results (4 BSSes) 
1344448969.602529: wlan0: BSS: Start scan result update 5 
1344448969.602589: Interworking: Scan results available - start ANQP fetch 
1344448969.602627: wlan0: Starting ANQP fetch for 02:27:22:4e:6e:5c 
1344448969.602650: CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 31 36 36 30 33 2d 34 00 
1344448969.602705: Interworking: ANQP Query Request to 02:27:22:4e:6e:5c 
1344448969.602740: GAS: Starting request for 02:27:22:4e:6e:5c dialog_token 0 
1344448969.602763: GAS: Send action frame to 02:27:22:4e:6e:5c len=29 freq=2462 
1344448969.602786: Off-channel: Send action frame: freq=2462 dst=02:27:22:4e:6e:5c src=00:1b:77:7f:44:f4 bssid=02:27:22:4e:6e:5c len=29 
1344448969.602813: Off-channel: Schedule Action frame to be transmitted once the driver gets to the requested channel 
1344448969.602832: Off-channel: Failed to request driver to remain on channel (2462 MHz) for Action Frame TX 
1344448969.602854: GAS: Failed to send Action frame to 02:27:22:4e:6e:5c 
1344448969.602876: ANQP: Failed to send Query Request 

I used same command when I am not associated with any AP. The error is same Off-channel. This time status show DISCONNECTED. 

> status 
wpa_state=DISCONNECTED 
address=00:1b:77:7f:44:f4 

> > <3>Starting ANQP fetch for 02:27:22:4e:6e:5c 
> > 
> > 
> > > > 
> > > interworking_connect 02:27:22:4e:6e:5c 
> > FAIL 

> interworking_connect will fail unless matching set of credentials has 
> been found, so this was expected in this sequence (there would have 
> been 
> an event message in wpa_cli showing a match). 

My credential are given below. Do we require more 

cred={ 
domain="homenet.com" 
roaming_consortium=2233445566 
} 



> > > anqp_get 02:27:22:4e:6e:5c 261 
> > 'ANQP_GET 02:27:22:4e:6e:5c 261' command timed out. 
> > > 'PING' command failed. 

> I would like to see wpa_supplicant debug log showing this. 

> > > anqp_get 02:27:22:4e:6e:5c 0x105 
> > FAIL 
> > > anqp_get 02:27:22:4e:6e:5c 261 
> > FAIL 

> These commands will fail if there is no BSS entry for the specified 
> BSSID and that will be the case after restarting wpa_supplicant if it 
> has not run a scan yet. 

Actually I can not find any log for this failure. It restart or reinitialized without any reason. 

1344449252.719621: RX ctrl_iface - hexdump_ascii(len=30): 
41 4e 51 50 5f 47 45 54 20 30 32 3a 32 37 3a 32 ANQP_GET 02:27:2 
32 3a 34 65 3a 36 65 3a 35 63 20 32 36 31 2:4e:6e:5c 261 
1344449252.719779: ANQP: Query Request to 02:27:22:4e:6e:5c for 1 id(s) 
1344449252.923752: wpa_supplicant v2.0-devel 
1344449252.923949: random: Trying to read entropy from /dev/random 
1344449252.934449: Providing DBus service 'fi.epitest.hostap.WPASupplicant'. 
1344449252.934579: Successfully initialized wpa_supplicant 
1344449252.934619: Daemonize.. 

> > > interworking_select 
> > OK 
> > <3>Starting ANQP fetch for 02:27:22:4e:6e:5c 
> > > 'PING' command failed. 

Same, after ANQP: Query Request it restart. 

1344450938.882639: RX ctrl_iface - hexdump_ascii(len=19): 
49 4e 54 45 52 57 4f 52 4b 49 4e 47 5f 53 45 4c INTERWORKING_SEL 
45 43 54 ECT 
1344450938.882789: Interworking: Start scan for network selection 
1344450938.882813: wlan0: Setting scan request: 0 sec 0 usec 
1344450938.882879: wlan0: State: DISCONNECTED -> SCANNING 
1344450938.883013: wlan0: Starting AP scan for wildcard SSID 
1344450938.883268: Scan requested (ret=0) - scan timeout 30 seconds 
1344450940.533022: RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP]) 
1344450940.533089: RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added 
1344450940.533153: WEXT: if_removed already cleared - ignore event 
1344450940.533172: Wireless event: cmd=0x8b19 len=8 
1344450940.533199: wlan0: Event SCAN_RESULTS (3) received 
1344450940.533365: Received 1893 bytes of scan results (5 BSSes) 
1344450940.533404: wlan0: BSS: Start scan result update 6 
1344450940.533458: Interworking: Scan results available - start ANQP fetch 
1344450940.533481: wlan0: Starting ANQP fetch for 02:27:22:4e:6e:5c 
1344450940.533498: CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 31 39 30 31 38 2d 32 00 
1344450940.533550: Interworking: ANQP Query Request to 02:27:22:4e:6e:5c 
1344450940.715507: wpa_supplicant v2.0-devel 
1344450940.715628: random: Trying to read entropy from /dev/random 
1344450940.726251: Providing DBus service 'fi.epitest.hostap.WPASupplicant'. 
1344450940.726455: Successfully initialized wpa_supplicant 
1344450940.726468: Daemonize.. 

> It would be nice to see wpa_supplicant debug log for this one, too. 
> In 
> addition, it could be helpful if you can send me the hostapd 
> configuration file you used on the AP. 

My hostapd configuration is 

ctrl_interface=/var/run/hostapd-phy0 
driver=nl80211 
wmm_ac_bk_cwmin=4 
wmm_ac_bk_cwmax=10 
wmm_ac_bk_aifs=7 
wmm_ac_bk_txop_limit=0 
wmm_ac_bk_acm=0 
wmm_ac_be_aifs=3 
wmm_ac_be_cwmin=4 
wmm_ac_be_cwmax=10 
wmm_ac_be_txop_limit=0 
wmm_ac_be_acm=0 
wmm_ac_vi_aifs=2 
wmm_ac_vi_cwmin=3 
wmm_ac_vi_cwmax=4 
wmm_ac_vi_txop_limit=94 
wmm_ac_vi_acm=0 
wmm_ac_vo_aifs=2 
wmm_ac_vo_cwmin=2 
wmm_ac_vo_cwmax=3 
wmm_ac_vo_txop_limit=47 
wmm_ac_vo_acm=0 
tx_queue_data3_aifs=7 
tx_queue_data3_cwmin=15 
tx_queue_data3_cwmax=1023 
tx_queue_data3_burst=0 
tx_queue_data2_aifs=3 
tx_queue_data2_cwmin=15 
tx_queue_data2_cwmax=63 
tx_queue_data2_burst=0 
tx_queue_data1_aifs=1 
tx_queue_data1_cwmin=7 
tx_queue_data1_cwmax=15 
tx_queue_data1_burst=3.0 
tx_queue_data0_aifs=1 
tx_queue_data0_cwmin=3 
tx_queue_data0_cwmax=7 
tx_queue_data0_burst=1.5 
hw_mode=g 
channel=11 

country_code=US 


logger_syslog=127 
logger_syslog_level=2 
logger_stdout=127 
logger_stdout_level=2 
ieee80211n=1 
ht_capab=[HT40-][SHORT-GI-20][SHORT-GI-40][TX-STBC][RX-STBC1][DSSS_CCK-40] 
ieee80211d=1 

interworking=1 
access_network_type=2 
internet=1 
asra=1 
esr=0 
uesa=0 
venue_group=2 
venue_type=0 
#hessid=02:03:04:05:06:07 
roaming_consortium=2233445566 
venue_name=eng:Vile Parle East 
domain_name=homenet.com 

interface=wlan1 
ctrl_interface=/var/run/hostapd-phy0 
auth_algs=1 
wpa=0 
ssid=HomeNet 
wmm_enabled=1 
bssid=02:27:22:4e:6e:5c 
ignore_broadcast_ssid=0 



> > <3>CTRL-EVENT-SCAN-RESULTS 
> > <3>Trying to associate with 02:27:22:4e:6e:5c (SSID='HomeNet' 
> > freq=2462 MHz) 
> > <3>Associated with 02:27:22:4e:6e:5c 
> > <3>CTRL-EVENT-CONNECTED - Connection to 02:27:22:4e:6e:5c completed 
> > (auth) [id=0 id_str=] 
> > > interworking_connect 02:27:22:4e:6e:5c 
> > FAIL 

> What are you trying to do here? It looks like wpa_supplicant was 
> already 
> configured with a network block for the same AP that you try to 
> connect 
> with Interworking.. 

When it is connected to some different SSID and I give interworking_select command. Again wpa_supplicant crash and restart 

1344454404.485398: RX ctrl_iface - hexdump_ascii(len=19): 
49 4e 54 45 52 57 4f 52 4b 49 4e 47 5f 53 45 4c INTERWORKING_SEL 
45 43 54 ECT 
1344454404.485522: Interworking: Start scan for network selection 
1344454404.485547: wlan0: Setting scan request: 0 sec 0 usec 
1344454404.485612: Scan SSID - hexdump_ascii(len=17): 
77 77 77 2e 43 68 69 6c 6c 69 53 70 6f 74 2e 69 www.chilli 
6e n 
1344454404.485675: wlan0: Starting AP scan for wildcard SSID (Interleave with specific) 
1344454404.486011: Scan requested (ret=0) - scan timeout 30 seconds 
1344454406.718998: RTM_NEWLINK: operstate=1 ifi_flags=0x11043 ([UP][RUNNING][LOWER_UP]) 
1344454406.719066: RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added 
1344454406.719126: WEXT: if_removed already cleared - ignore event 
1344454406.719147: Wireless event: cmd=0x8b19 len=8 
1344454406.719175: wlan0: Event SCAN_RESULTS (3) received 
1344454406.719338: Received 1892 bytes of scan results (5 BSSes) 
1344454406.719379: wlan0: BSS: Start scan result update 24 
1344454406.719435: Interworking: Scan results available - start ANQP fetch 
1344454406.719459: wlan0: Starting ANQP fetch for 02:27:22:4e:6e:5c 
1344454406.719478: CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 32 32 37 32 35 2d 32 00 
1344454406.719530: Interworking: ANQP Query Request to 02:27:22:4e:6e:5c 
1344454407.312150: wpa_supplicant v2.0-devel 
1344454407.312272: random: Trying to read entropy from /dev/random 
1344454407.321418: Providing DBus service 'fi.epitest.hostap.WPASupplicant'. 
1344454407.321493: Successfully initialized wpa_supplicant 


> > > list_cred 
> > cred id / realm / username / domain / imsi 
> > <3>CTRL-EVENT-SCAN-RESULTS 

I set cred 

cred={ 
domain="homenet.com" 
roaming_consortium=2233445566 
} 

Is it not enough to show in list_cred or not? 

> So you don't actually have any credentials configured? In that case, 
> interworking_select/connect cannot really do much. 

I set only network without any specific SSID block as 

network={ 
key_mgmt=NONE 
} 

I have not set any SSID as I want to connect to AP with consortium ID 2233445566 irrespective of SSID. 

> -- 
> Jouni Malinen PGP id EFC895FA 




with best regards, Dr. Ajay N. Khosla Director Ankhnet Informations Pvt. Ltd. 27, 3rd Floor, 70, Yusuf Meherali Road, Mumbai-400003. India. Mobile: +91-9820217705 

with best regards, 
Dr. Ajay N. Khosla 
Director 
Ankhnet Informations Pvt. Ltd. 
27, 3rd Floor, 
70, Yusuf Meherali Road, 
Mumbai-400003. India. 
Mobile: +91-9820217705 




More information about the Hostap mailing list