ODP: AMPAK AP6356S + WPA3, fails to connect when using NM

Piotr Lobacz piotr.lobacz at softgent.com
Sun Oct 3 15:07:01 PDT 2021 

Ok the problem was solved. The issue is concerning the NM package which has been already solved in branch 1.33.x. Auth type was being set wrongly by NM.

BR
Piotr Łobacz


Od: Piotr Lobacz <piotr.lobacz at softgent.com>
Wysłane: sobota, 2 października 2021 23:04
Do: hostap at lists.infradead.org <hostap at lists.infradead.org>
Temat: ODP: AMPAK AP6356S + WPA3, fails to connect when using NM

Ok, i have found out that if i'm not *Activating a connection​* from the list in nmtui (establishing a connection for the first time with AP) but adding a new connection by * Edit a connection* field with setting WPA3 than auth_type is set correctly and connection is being established.

So the question is, is it possible that auth_type detection is broken? Where auth_type detection is? In wifi driver, NM or wpa_supplicant? Because i don't know who should i write to for fixing this issue

BR
Piotr Łobacz


Od: Piotr Lobacz
Wysłane: sobota, 2 października 2021 21:19
Do: hostap at lists.infradead.org <hostap at lists.infradead.org>
Temat: AMPAK AP6356S + WPA3, fails to connect when using NM

Hi all,
i'm using AMPAK AP6356S wifi card od broadcom BCM4356/2 chip. For this i have patched kernel 5.4.18 with cypress patch files (unfortunatelly this is the highest supported kernel right now). When i'm using only wpa_supplicant which is in version 2.9 i've got no problems to establish a WPA3 connection (AP may have WPA2/WPA3 or just WPA3 encryption). When i'm switching to NM + wpa_supplicant the problems occur when connection is having encryption set to WPA3 only.

Turning on -ddd option for wpa_supplicant revealed some difference in authentication parameters. Namely in all cases when the connection was established correctly:
- using only wpa_supplicant without nm and encryption was set on AP to WPA2/WPA3, client was able to establish connection with WPA2 or WPA3
- using only wpa_supplicant without nm and encryption was set on AP to WPA3 only, client was able to establish connection with WPA3
- using nm with wpa_supplicant and encryption was set on AP to WPA2/WPA3, client was a able to establish connection with WPA2 or WPA3
i have observed that the Auth Type parameter is set to 4. This is the list of auth params:

Oct 02 19:03:21 firefly-rk3399 wpa_supplicant[494]:   * bssid_hint=c0:c9:e3:3b:64:e2
Oct 02 19:03:21 firefly-rk3399 wpa_supplicant[494]:   * freq_hint=5180
Oct 02 19:03:21 firefly-rk3399 wpa_supplicant[494]:   * SSID=OpenWrt
Oct 02 19:03:21 firefly-rk3399 wpa_supplicant[494]:   * IEs - hexdump(len=51): 30 1a 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 08 c0 00 00 00 00 0f ac 06 3b 15 73 51 52 53 54 73 74 75 76 77 78 79 7a 7b 7c 7d 7e 7f 80 81 82
Oct 02 19:03:21 firefly-rk3399 wpa_supplicant[494]:   * WPA Versions 0x4
Oct 02 19:03:21 firefly-rk3399 wpa_supplicant[494]:   * pairwise=0xfac04
Oct 02 19:03:21 firefly-rk3399 wpa_supplicant[494]:   * group=0xfac04
Oct 02 19:03:21 firefly-rk3399 wpa_supplicant[494]:   * akm=0xfac08
Oct 02 19:03:21 firefly-rk3399 wpa_supplicant[494]:   * Auth Type 4

With these parameters connection is established with no problems. But when i'm trying to make a connection with NM + wpa_supplicant and AP is set only to WPA3 encryption than for some reason Auth Type is se to 0.

This is the fragment of log with deauthentication:

Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]:   * bssid_hint=c0:c9:e3:3b:64:e2
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]:   * freq_hint=5180
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]:   * SSID=OpenWrt
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]:   * IEs - hexdump(len=51): 30 1a 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 08 c0 00 00 00 00 0f ac 06 3b 15 73 51 52 53 54 73 74 75 76 77 78 79 7a 7b 7c 7d 7e 7f 80 81 82
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]:   * WPA Versions 0x2
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]:   * pairwise=0xfac04
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]:   * group=0xfac04
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]:   * akm=0xfac08
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]:   * Auth Type 0
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]: nl80211: Connect request send successfully
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]: wlan0: Setting authentication timeout: 10 sec 0 usec
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]: EAPOL: External notification - EAP success=0
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]: EAPOL: External notification - EAP fail=0
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]: EAPOL: External notification - portControl=Auto
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0/BSSs/0
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0/BSSs/1
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0/BSSs/3
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0/BSSs/4
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0/BSSs/5
Oct 02 01:26:34 firefly-rk3399 wpa_supplicant[280]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0/BSSs/6
Oct 02 01:26:44 firefly-rk3399 wpa_supplicant[280]: wlan0: Authentication with c0:c9:e3:3b:64:e2 timed out.
Oct 02 01:26:44 firefly-rk3399 wpa_supplicant[280]: Added BSSID c0:c9:e3:3b:64:e2 into blacklist
Oct 02 01:26:44 firefly-rk3399 wpa_supplicant[280]: wlan0: WPA: Clear old PMK and PTK
Oct 02 01:26:44 firefly-rk3399 wpa_supplicant[280]: wlan0: Request to deauthenticate - bssid=00:00:00:00:00:00 pending_bssid=c0:c9:e3:3b:64:e2 reason=3 (DEAUTH_LEAVING) state=ASSOCIATING
Oct 02 01:26:44 firefly-rk3399 wpa_supplicant[280]: wpa_driver_nl80211_disconnect(reason_code=3)

So actually my question is if this Auth Type 0 on WPA3 encrypted connection can cause this DEAUTH_LEAVING error? If yes than another question is if NM is causing it?

BR
Piotr Łobacz
[https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png]<https://www.softgent.com>

Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND

KRS: 0000674406, NIP: 9581679801, REGON: 367090912

www.softgent.com<https://www.softgent.com>

Sąd Rejonowy Gdańsk-Północ w Gdańsku, VII Wydział Gospodarczy Krajowego Rejestru Sądowego

KRS 0000674406, Kapitał zakładowy: 25 000,00 zł wpłacony w całości.

Jesteśmy uczestnikiem Programu
RZETELNA Firma
Sprawdź naszą rzetelność na
https://www.rzetelnafirma.pl/F5IA32UW

More information about the Hostap mailing list