Station sent an invalid association request?

[Jouni Malinen]

On Fri, Jan 13, 2012 at 10:25:40PM +0200, Otto Kek?l?inen wrote:
> Thanks for the pointer tough that the error could be in the WPA config.
> In hostapd.conf I tried changing wpa=3 to wpa=1 which didn't work, but
> then I tried wpa=2 that enables radius. Even though I don't use any
> radius, just simple passphrase, it started to work!

I don't know what you mean by enabling "radius". wpa=2 vs. wpa=3 or 1
does not have any effect on RADIUS configuration. It sounds like not
allowing the station to see WPA (v1) information was enough to make the
station avoid hitting the something that triggered the bug.

> PS. For the future, the debug output of hostapd -dd could be a little
> bit more verbose with "human readable" strings. I had one laptop that
> tried to connect with the wrong passphrase. Instead of outputting
> "Passphrase did not match" hostapd -dd gave some (to me) cryptic
> messages. Only when I ran it with --show-keys I realized that the
> passphrase didn't match and after that everything worked. Now with the

hostapd does not know what caused the failure - use of incorrect
passphrase is just one possible reason for it..

> second laptop I got the "Station sent an invalid association request"
> which wasn't terribly helpful. It would have been easier if hostapd
> -dd would have said "Station sent an invalid association request for
> this WPA mode. Try different WPA mode" etc.

This is even clearer case of hostapd not knowing the reason for
station's incorrect behavior. There was nothing obvious in the invalid
association request frame that would have justified an error message
with that type of text. That change in wpa parameter value was not the
fix for the issue, it just happened to avoid the station triggering a
bug.

-- 
Jouni Malinen                                            PGP id EFC895FA