WPA2(hostapd latest CVS) and madwifi driver

Gunter Burchardt gbur at informatik.uni-rostock.de
Sat Dec 4 03:32:45 EST 2004


On 2004-12-03 - 23:14:52, Jouni Malinen wrote:
> Date: Fri, 3 Dec 2004 23:14:52 -0800
> From: Jouni Malinen <jkmaline at cc.hut.fi>
> To: hostap at shmoo.com
> Mail-Followup-To: hostap at shmoo.com
> Subject: Re: WPA2(hostapd latest CVS) and madwifi driver
> 
> On Sat, Dec 04, 2004 at 02:55:16PM +0800, Chuanhua Lei wrote:
> 
> >      When I try WPA2 (hostapd latest CVS) with madwifi driver (Master Mode).
> > After 4-way is finished, no 2-way group, Why?
> 
> Because IEEE 802.11i/WPA2 integrated initial Group Key handshake into
> PTK (4-Way) handshake.
> 
> > IEEE 802.1X: 99 bytes from 00:10:c6:1c:ce:b2
> >    IEEE 802.1X: version=2 type=3 length=95
> > ath0: STA 00:10:c6:1c:ce:b2 WPA: received EAPOL-Key frame (4/4 Pairwise)
> > WPA: 00:10:c6:1c:ce:b2 WPA_PTK entering state PTKINITDONE
> > madwifi_set_key: alg=CCMP addr=00:10:c6:1c:ce:b2 key_idx=0
> > ath0: STA 00:10:c6:1c:ce:b2 IEEE 802.1X: authorizing port
> > madwifi_set_sta_authorized: addr=00:10:c6:1c:ce:b2 authorized=1
> > ath0: STA 00:10:c6:1c:ce:b2 WPA: pairwise key handshake completed (RSN)
> 
> As far as AP/Authenticator is concerned, the authentication has been
> completed and connection is up here.

Its easy to explain why no Group-key exchange happens. Your station
uses WPA2 (or hostapd thinks your station uses it). With WPA2 there
is no GroupKey exchange! Look at following code in wpa.c:

SM_STEP(WPA_PTK_GROUP)
{
        if (sm->Init)
                SM_ENTER(WPA_PTK_GROUP, IDLE);
        else switch (sm->wpa_ptk_group_state) {
        case WPA_PTK_GROUP_IDLE:
                if (sm->GUpdateStationKeys ||
                    (sm->sta->wpa == WPA_VERSION_WPA &&
                        sm->PInitAKeys))
                        SM_ENTER(WPA_PTK_GROUP, REKEYNEGOTIATING);
                break;
        case WPA_PTK_GROUP_REKEYNEGOTIATING:
                if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
                    !sm->EAPOLKeyPairwise && sm->MICVerified)
                        SM_ENTER(WPA_PTK_GROUP, REKEYESTABLISHED);
                else if (sm->GTimeoutCtr >
                        dot11RSNAConfigGroupUpdateCount)
                        SM_ENTER(WPA_PTK_GROUP, KEYERROR);
                else if (sm->TimeoutEvt)
                        SM_ENTER(WPA_PTK_GROUP, REKEYNEGOTIATING);
                break;
        case WPA_PTK_GROUP_KEYERROR:
                SM_ENTER(WPA_PTK_GROUP, IDLE);
                break;
        case WPA_PTK_GROUP_REKEYESTABLISHED:
                SM_ENTER(WPA_PTK_GROUP, IDLE);
                break;
        }
}

State REKEYNEGOTIATING of WPA_PTK_GROUP state machine (this is the
first state of groupkey exchange) is only entered if the wpa version of
this station is WPA (not WPA2).

I think that your client expect to do WPA. And with WPA it needs
groupkey exchange after 4 way handshake. If the station didn't get a
groupkey, it disconnects after about 45 seconds!

Lets come back to hostapd. My tests shows that hostapd sets wpa version
of station to WPA2 in some cases even though station is only WPA.
Especialy on reauthenticate this problem accours very often. My first
trivial workaround was to set version hard to WPA for each station (my
application only allows WPA). I didn't found yet why hostap switch to
WPA2 for some stations!

regards
gunter 



More information about the HostAP mailing list