wpa_supplicant 4 way handshake timeout with some access points

Galen Seitz galens at seitzassoc.com
Mon Dec 21 11:52:32 PST 2015


We are working on an RT5350 (Ralink MIPS) OpenWRT design and we are
experiencing a problem when we try to connect our device in client mode
to certain APs.  We get 4 way handshake timeouts from wpa_supplicant
when attempting to connect to an ASUS RT-AC66U, ASUS RT-N66U, or Linksys
EA2700 access point running stock vendor firmware.  We are in the
process of collecting more data, but it appears that we receive message
3, but don't send message 4 until a second message 3 arrives.  The ASUS
acks, but ignores our message 4, and it continues to send six more
message 3's, which wpa_supplicant ignores.  Based on logging data from
wireshark and wpa_supplicant, our *speculation* is that associating with
the AP causes a receive event(s) to be missed, causing a late response
to message 3 from the AP.

Note that our device has no problems connecting to a Netgear WNDR3800,
Netgear WNDR4000, and TP-Link WDR3600 running their stock firmware.  It
also connects without problems to a TP-Link WDR3600 running OpenWRT
Barrier Breaker 14.07.

The wpa_supplicant code we are running is commit
8278138e679174b1ec8af7f169c2810a8888e202 from March 2015, plus OpenWRT
patches.  We plan to try the latest version of wpa_supplicant, but this
requires determining which OpenWRT patches are still applicable, so this
is still a work in progress.

We are also continuing to to work on collecting relevant time-correlated
packet and wpa_supplicant logs.  In the meantime, I thought I would ask
whether anyone has any seen this type of problem and whether there is a
fix or workaround.

Galen Seitz
galens at seitzassoc.com

More information about the Hostap mailing list