[Ndiswrapper-general] wpa_supplicant, ndiswrapper, bcm4309 and cisco ap issue
Status: Beta
Brought to you by:
pgiri
Menu
▾
▴
[Ndiswrapper-general] wpa_supplicant, ndiswrapper, bcm4309 and cisco ap issue
|
From: Sandro P. <sp...@gm...> - 2005-06-05 18:20:05
|
Hi,
First of all: Sorry for the lengthy post but I think it's necessary ;)
I'm having troubles connecting to a Cisco Aironet 1200 series ap using my
Dell Wireless 1450 mini-PCI card with ndiswrapper 1.2rc1.
linux kernel is self compiled 2.6.11.10 with CONFIG_4KSTACKS disabled.
The 1450 is found and the drivers install properly:
lspci:
02:03.0 Network controller: Broadcom Corporation BCM4309 802.11a/b/g
(rev03)
02:03.0 Class 0280: 14e4:4324 (rev 03)
modprobe ndiswrapper:
kernel: ndiswrapper version 1.2rc1 loaded (preempt=no,smp=no)
kernel: ndiswrapper: driver bcmwl5a (Broadcom,02/10/2005, 3.100.35.1) loaded
kernel: ACPI: PCI interrupt 0000:02:03.0[A] -> GSI 5 (level, low) -> IRQ 5
kernel: ndiswrapper: using irq 5
kernel: wlan0: ndiswrapper ethernet device 00:11:f5:33:08:eb using driver
bcmwl5a, configuration file 14E4:4324.5.conf
kernel: wlan0: encryption modes supported: WEP, WPA with TKIP, WPA with
AES/CCMP
Tested with Dell drivers R90501.EXE and R94827.EXE, both with same results.
Authentication is setup locally via radius on the ap.
wpa_supplicant.conf.LEAP-TKIP looks like this:
ctrl_interface=/var/run/wpa_supplicant # for wpa_cli support
network={
ssid="ssid"
key_mgmt=WPA-EAP
group=TKIP
pairwise=TKIP
auth_alg=OPEN LEAP
eap=LEAP
priority=2
proto=WPA
identity="userid"
password="password"
}
I did
# modprobe ndiswrapper
# ifconfig wlan0 up
I also tried to set the essid via
# iwconfig wlan0 essid ssid
but it doesn't seem to work:
wlan0 IEEE 802.11g ESSID:off/any
Mode:Managed Frequency:5.18 GHz Access Point: 00:00:00:00:00:00
Bit Rate:54 Mb/s Tx-Power:25 dBm
RTS thr:2347 B Fragment thr:2346 B
Encryption key:off
Power Management:off
Link Quality:100/100 Signal level:-56 dBm Noise level:-256 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0
# iwconfig --version
iwconfig Wireless-Tools version 28
Compatible with Wireless Extension v11 to v18.
Kernel Currently compiled with Wireless Extension v17.
wlan0 Recommend Wireless Extension v18 or later,
Currently compiled with Wireless Extension v17.
It seems that there are issues within the EAPOL 4way handshake, step 2/4
since
debug on the ap shows the following message:
dot11_dot1x_verify_ptk_handshake: Invalid EAPOL-Key Data Len: exp=26, act=24
Here's the output of
# wpa_supplicant -iwlan0 -Dndiswrapper
-c/etc/wpa_supplicant-home.conf.LEAP-TKIP -dd
Initializing interface 'wlan0' conf
'/etc/wpa_supplicant-home.conf.LEAP-TKIP' driver 'ndiswrapper'
Configuration file '/etc/wpa_supplicant-home.conf.LEAP-TKIP' ->
'/etc/wpa_supplicant-home.conf.LEAP-TKIP'
Reading configuration file '/etc/wpa_supplicant-home.conf.LEAP-TKIP'
ctrl_interface='/var/run/wpa_supplicant'
Line: 3 - start of a new network block
ssid - hexdump_ascii(len=5):
[removed]
key_mgmt: 0x1
group: 0x8
pairwise: 0x8
auth_alg: 0x5
eap methods - hexdump(len=2): 11 00
priority=2 (0x2)
proto: 0x1
identity - hexdump_ascii(len=8):
[removed]
password - hexdump_ascii(len=8): [REMOVED]
ap_scan=2
Priority group 2
id=0 ssid='ssid'
Initializing interface (2) 'wlan0'
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
ioctl[SIOCSIWPMKSA]: No such device
Own MAC address: 00:11:f5:33:08:eb
Setting scan request: 0 sec 100000 usec
Wireless event: cmd=0x8b06 len=8
RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
Trying to associate with SSID 'ssid'
Cancelling scan request
Automatic auth_alg selection: 0x1
Overriding auth_alg selection: 0x5
WPA: Set cipher suites based on configuration
WPA: Selected cipher suites: group 8 pairwise 8 key_mgmt 1
WPA: using GTK TKIP
WPA: using PTK TKIP
WPA: using KEY_MGMT 802.1X
WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00
00 50 f2 02 01 00 00 50 f2 01
No keys have been configured - skip key clearing
State: DISCONNECTED -> ASSOCIATING
Setting authentication timeout: 5 sec 0 usec
EAPOL: External notification - portControl=Auto
Wireless event: cmd=0x8b15 len=20
Wireless event: new AP: 00:13:19:92:9f:00
State: ASSOCIATING -> ASSOCIATED
Association event - clear replay counter
Associated to a new BSS: BSSID=00:13:19:92:9f:00
No keys have been configured - skip key clearing
Network configuration found for the current AP
WPA: Using WPA IE from AssocReq to set cipher suites
WPA: Selected cipher suites: group 8 pairwise 8 key_mgmt 1
WPA: using GTK TKIP
WPA: using PTK TKIP
WPA: using KEY_MGMT 802.1X
WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00
00 50 f2 02 01 00 00 50 f2 01
EAPOL: External notification - portControl=Auto
Associated with 00:13:19:92:9f:00
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: txStart
TX EAPOL - hexdump(len=18): 00 13 19 92 9f 00 00 11 f5 33 08 eb 88 8e 01 01
00 00
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
Setting authentication timeout: 10 sec 0 usec
RX EAPOL from 00:13:19:92:9f:00
RX EAPOL - hexdump(len=46): 01 00 00 05 01 01 00 05 01 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00
Setting authentication timeout: 70 sec 0 usec
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=1 id=1
EAP: EAP entering state IDENTITY
CTRL-EVENT-EAP-STARTED EAP authentication started
EAP: EAP-Request Identity data - hexdump_ascii(len=0):
EAP: using real identity - hexdump_ascii(len=8):
[removed]
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=31): 00 13 19 92 9f 00 00 11 f5 33 08 eb 88 8e 01 00
00 0d 02 01 00 0d 01 70 6f 70 70 69 2d 73 61
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:13:19:92:9f:00
RX EAPOL - hexdump(len=46): 01 00 00 05 01 02 00 05 01 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=1 id=2
EAP: EAP entering state IDENTITY
CTRL-EVENT-EAP-STARTED EAP authentication started
EAP: EAP-Request Identity data - hexdump_ascii(len=0):
EAP: using real identity - hexdump_ascii(len=8):
[removed]
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=31): 00 13 19 92 9f 00 00 11 f5 33 08 eb 88 8e 01 00
00 0d 02 02 00 0d 01 70 6f 70 70 69 2d 73 61
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:13:19:92:9f:00
RX EAPOL - hexdump(len=46): 01 00 00 18 01 02 00 18 11 01 00 08 39 6e 4e b5
e7 f6 e1 76 70 6f 70 70 69 2d 73 61 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=17 id=2
EAP: AS used the same Id again, but EAP packets were not identical
EAP: workaround - assume this is not a duplicate packet
EAP: EAP entering state GET_METHOD
EAP: initialize selected EAP method (17, LEAP)
CTRL-EVENT-EAP-METHOD EAP method 17 (LEAP) selected
EAP: EAP entering state METHOD
EAP-LEAP: Processing EAP-Request
EAP-LEAP: Challenge from AP - hexdump(len=8): 39 6e 4e b5 e7 f6 e1 76
EAP-LEAP: Generating Challenge Response
EAP-LEAP: Response - hexdump(len=24): 37 7c ef ec 58 1c df 3f 3a 20 13 6b 6f
69 96 30 ab 4c b4 a6 e2 6a 0e c6
EAP: method process -> ignore=FALSE methodState=CONT decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=58): 00 13 19 92 9f 00 00 11 f5 33 08 eb 88 8e 01 00
00 28 02 02 00 28 11 01 00 18 37 7c ef ec 58 1c df 3f 3a 20 13 6b 6f 69 96
30 ab 4c b4 a6 e2 6a 0e c6 70 6f 70 70 69 2d 73 61
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:13:19:92:9f:00
RX EAPOL - hexdump(len=46): 01 00 00 04 03 02 00 04 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Success
EAP: AS used the same Id again, but EAP packets were not identical
EAP: workaround - assume this is not a duplicate packet
EAP: EAP entering state METHOD
EAP-LEAP: Processing EAP-Success
EAP-LEAP: Challenge to AP/AS - hexdump(len=8): 2c 54 5d 10 d4 ed d8 43
EAP: method process -> ignore=FALSE methodState=CONT decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=42): 00 13 19 92 9f 00 00 11 f5 33 08 eb 88 8e 01 00
00 18 01 02 00 18 11 01 00 08 2c 54 5d 10 d4 ed d8 43 70 6f 70 70 69 2d 73
61
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:13:19:92:9f:00
RX EAPOL - hexdump(len=46): 01 00 00 28 02 02 00 28 11 01 00 18 80 be f8 7b
4c 9c 0b 1a 73 d7 d3 2a 69 9b d8 f9 7c cd 90 d6 4d d9 13 ee 70 6f 70 70 69
2d 73 61 00 00
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Response for LEAP method=17 id=2
EAP: AS used the same Id again, but EAP packets were not identical
EAP: workaround - assume this is not a duplicate packet
EAP: EAP entering state METHOD
EAP-LEAP: Processing EAP-Response
EAP-LEAP: Response from AP - hexdump(len=24): 80 be f8 7b 4c 9c 0b 1a 73 d7
d3 2a 69 9b d8 f9 7c cd 90 d6 4d d9 13 ee
EAP: method process -> ignore=FALSE methodState=DONE decision=UNCOND_SUCC
EAP-LEAP: pw_hash_hash - hexdump(len=16): [REMOVED]
EAP-LEAP: peer_challenge - hexdump(len=8): 39 6e 4e b5 e7 f6 e1 76
EAP-LEAP: peer_response - hexdump(len=24): 37 7c ef ec 58 1c df 3f 3a 20 13
6b 6f 69 96 30 ab 4c b4 a6 e2 6a 0e c6
EAP-LEAP: ap_challenge - hexdump(len=8): 2c 54 5d 10 d4 ed d8 43
EAP-LEAP: ap_response - hexdump(len=24): 80 be f8 7b 4c 9c 0b 1a 73 d7 d3 2a
69 9b d8 f9 7c cd 90 d6 4d d9 13 ee
EAP-LEAP: master key - hexdump(len=16): [REMOVED]
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAP: EAP entering state SUCCESS
CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: SUPP_BE entering state SUCCESS
EAPOL: SUPP_BE entering state IDLE
RX EAPOL from 00:13:19:92:9f:00
RX EAPOL - hexdump(len=99): 01 03 00 5f fe 00 89 00 20 00 00 00 00 00 00 00
01 4a e7 f8 99 7f 7b a3 ee d7 3c 82 5f 11 22 7e ee 3e 78 13 20 22 f1 55 4f
44 dd 81 af 47 bb 18 e9 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
EAPOL: Ignoring WPA EAPOL-Key frame in EAPOL state machines
IEEE 802.1X RX: version=1 type=3 length=95
EAPOL-Key type=254
WPA: RX EAPOL-Key - hexdump(len=99): 01 03 00 5f fe 00 89 00 20 00 00 00 00
00 00 00 01 4a e7 f8 99 7f 7b a3 ee d7 3c 82 5f 11 22 7e ee 3e 78 13 20 22
f1 55 4f 44 dd 81 af 47 bb 18 e9 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
State: ASSOCIATED -> 4WAY_HANDSHAKE
WPA: RX message 1 of 4-Way Handshake from 00:13:19:92:9f:00 (ver=1)
WPA: PMK from EAPOL state machines - hexdump(len=16): [REMOVED]
WPA: Renewed SNonce - hexdump(len=32): e7 64 a1 b1 d6 b2 c6 0e 64 af 7d 2a
11 6c 36 93 78 41 26 87 8e 89 be 82 64 86 ff bf d4 33 1d 1d
WPA: PMK - hexdump(len=16): [REMOVED]
WPA: PTK - hexdump(len=64): [REMOVED]
WPA: Sending EAPOL-Key 2/4
WPA: TX EAPOL-Key - hexdump(len=137): 00 13 19 92 9f 00 00 11 f5 33 08 eb 88
8e 01 03 00 77 fe 01 09 00 20 00 00 00 00 00 00 00 01 e7 64 a1 b1 d6 b2 c6
0e 64 af 7d 2a 11 6c 36 93 78 41 26 87 8e 89 be 82 64 86 ff bf d4 33 1d 1d
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 62 f2 8c 3e 99 45 f9 c9 64 b7 33 bb 5e 71 08 44 00 18
dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 01
RX EAPOL from 00:13:19:92:9f:00
RX EAPOL - hexdump(len=99): 01 03 00 5f fe 00 89 00 20 00 00 00 00 00 00 00
02 4a e7 f8 99 7f 7b a3 ee d7 3c 82 5f 11 22 7e ee 3e 78 13 20 22 f1 55 4f
44 dd 81 af 47 bb 18 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
EAPOL: Ignoring WPA EAPOL-Key frame in EAPOL state machines
IEEE 802.1X RX: version=1 type=3 length=95
EAPOL-Key type=254
WPA: RX EAPOL-Key - hexdump(len=99): 01 03 00 5f fe 00 89 00 20 00 00 00 00
00 00 00 02 4a e7 f8 99 7f 7b a3 ee d7 3c 82 5f 11 22 7e ee 3e 78 13 20 22
f1 55 4f 44 dd 81 af 47 bb 18 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
State: 4WAY_HANDSHAKE -> 4WAY_HANDSHAKE
WPA: RX message 1 of 4-Way Handshake from 00:13:19:92:9f:00 (ver=1)
WPA: PMK from EAPOL state machines - hexdump(len=16): [REMOVED]
WPA: PMK - hexdump(len=16): [REMOVED]
WPA: PTK - hexdump(len=64): [REMOVED]
WPA: Sending EAPOL-Key 2/4
WPA: TX EAPOL-Key - hexdump(len=137): 00 13 19 92 9f 00 00 11 f5 33 08 eb 88
8e 01 03 00 77 fe 01 09 00 20 00 00 00 00 00 00 00 02 e7 64 a1 b1 d6 b2 c6
0e 64 af 7d 2a 11 6c 36 93 78 41 26 87 8e 89 be 82 64 86 ff bf d4 33 1d 1d
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 d6 e7 27 28 cd cc 5d c8 8d 87 5c 86 50 65 ba 66 00 18
dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 01
RX EAPOL from 00:13:19:92:9f:00
RX EAPOL - hexdump(len=99): 01 03 00 5f fe 00 89 00 20 00 00 00 00 00 00 00
03 4a e7 f8 99 7f 7b a3 ee d7 3c 82 5f 11 22 7e ee 3e 78 13 20 22 f1 55 4f
44 dd 81 af 47 bb 18 eb 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
EAPOL: Ignoring WPA EAPOL-Key frame in EAPOL state machines
IEEE 802.1X RX: version=1 type=3 length=95
EAPOL-Key type=254
WPA: RX EAPOL-Key - hexdump(len=99): 01 03 00 5f fe 00 89 00 20 00 00 00 00
00 00 00 03 4a e7 f8 99 7f 7b a3 ee d7 3c 82 5f 11 22 7e ee 3e 78 13 20 22
f1 55 4f 44 dd 81 af 47 bb 18 eb 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
State: 4WAY_HANDSHAKE -> 4WAY_HANDSHAKE
WPA: RX message 1 of 4-Way Handshake from 00:13:19:92:9f:00 (ver=1)
WPA: PMK from EAPOL state machines - hexdump(len=16): [REMOVED]
WPA: PMK - hexdump(len=16): [REMOVED]
WPA: PTK - hexdump(len=64): [REMOVED]
WPA: Sending EAPOL-Key 2/4
WPA: TX EAPOL-Key - hexdump(len=137): 00 13 19 92 9f 00 00 11 f5 33 08 eb 88
8e 01 03 00 77 fe 01 09 00 20 00 00 00 00 00 00 00 03 e7 64 a1 b1 d6 b2 c6
0e 64 af 7d 2a 11 6c 36 93 78 41 26 87 8e 89 be 82 64 86 ff bf d4 33 1d 1d
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 f2 5e dc a3 85 7b 7c ae f5 f2 fe 0f 0e f0 f7 87 00 18
dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 01
CTRL-EVENT-TERMINATING - signal 2 received
State: 4WAY_HANDSHAKE -> DISCONNECTED
No keys have been configured - skip key clearing
EAPOL: External notification - portEnabled=0
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portValid=0
No keys have been configured - skip key clearing
EAP: deinitialize previously used EAP method (17, LEAP) at EAP deinit
I already posted this to the hostap list and they told me it most
probably is an ndiswrapper issue:
"This is the default WPA IE generated by wpa_supplicant. However, NDIS
drivers generate their own IE for association and it may differ from
this (in this case, it is likely to include extra 00 00 in the end). The
driver will need to notify wpa_supplicant about the used WPA IE when
they are generating WPA IEs, but the debug log does not include such
notification."
iwevent also doen's show any ASSOCINFO(ReqIEs=...) event, the only ones
I get is "Set Mode: Managed" and 2 x "New Access Point/Cell...", one
with the MAC of the AP and one with only 0's.
Any hint is greatly appreciated!
Thank you,
Sandro
--
Weitersagen: GMX DSL-Flatrates mit Tempo-Garantie!
Ab 4,99 Euro/Monat: http://www.gmx.net/de/go/dsl
|