Problem setting keys with ndiswrapper after authentication?

Romano Giannetti romanol at upco.es
Tue Nov 30 10:00:59 EST 2004


First of all: 1000 of thanks for your time. 

On Mon, Nov 29, 2004 at 09:55:05PM -0800, Jouni Malinen wrote:

> > [root at rukbat ndiswrapper]# wpa_supplicant -Dndiswrapper -iwlan0 -c/etc/wpa_supplicant.conf -dd
> 
> > ...etc, like before. I remove all the output until the new problem...
> 
> Please do not.. or at least make the full output available somewhere.

Ok. I tried to send all of it but it was too long; I have put the complete
log available on the web...

Whep. More data for my wireless quest... this time I will not cut it, so
it's quite large. 

Commands starts with '#'. I am using cvs-ndiswrapper and cvs-wpa_supplicant,
downloaded this morning. I enabled ap_scan and it seems to work well. 

Script started on Tue 30 Nov 2004 03:26:09 PM CET

# iwconfig  wlan0 && ifconfig wlan0

wlan0     IEEE 802.11b  ESSID:off/any  
          Mode:Auto  Frequency:2.442GHz  Access Point: 00:00:00:00:00:00  
          Bit Rate:11Mb/s   Tx-Power:20 dBm   Sensitivity=0/3  
          RTS thr:2432 B   Fragment thr:2432 B   
          Encryption key:off
          Power Management:off
          Link Quality:100/100  Signal level:-56 dBm  Noise level:-256 dBm
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:0  Invalid misc:0   Missed beacon:0

wlan0     Link encap:Ethernet  HWaddr 00:0B:9D:00:B2:6E  
          UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
          RX packets:1245 errors:0 dropped:0 overruns:0 frame:0
          TX packets:30 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:137535 (134.3 Kb)  TX bytes:2247 (2.1 Kb)
          Interrupt:9 Memory:10800000-108000ff 

# wpa_supplicant -Dndiswrapper -iwlan0 -c/etc/wpa_supplicant.conf -dd

Initializing interface 'wlan0' conf '/etc/wpa_supplicant.conf' driver 'ndiswrapper'
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ctrl_interface='/var/run/wpa_supplicant'
ctrl_interface_group=0
eapol_version=1
ap_scan=1
Line: 191 - start of a new network block
ssid - hexdump_ascii(len=9):
     75 70 63 6f 5f 77 6c 61 6e                        upco_wlan       
key_mgmt: 0x8
eap methods - hexdump(len=2): 19 00
identity - hexdump_ascii(len=16):
     72 6f 6d 61 6e 6f 40 75 70 63 6f 6e 74 2e 65 73   romano at upcont.es
password - hexdump_ascii(len=9): [REMOVED]
phase2 - hexdump_ascii(len=13):
     61 75 74 68 3d 4d 53 43 48 41 50 56 32            auth=MSCHAPV2   
Priority group 0
   id=0 ssid='upco_wlan'

[...]
removed data; message was too long for the maillist managed. A complete 
log is at http://www.dea.icai.upco.es/romano/report3_complete.txt 
[...]

EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request method=25 id=129
EAP: EAP entering state METHOD
EAP-PEAP: Received packet(len=43) - Flags 0x01
EAP-PEAP: received 37 bytes encrypted data for Phase 2
EAP-PEAP: Decrypted Phase 2 EAP - hexdump(len=11): 01 81 00 0b 21 80 03 00 02 00 01
EAP-PEAP: received Phase 2: code=1 identifier=129 length=11
EAP-PEAP: Phase 2 Request: type=33
EAP-TLV: Received TLVs - hexdump(len=6): 80 03 00 02 00 01
EAP-TLV: Result TLV - hexdump(len=2): 00 01
EAP-TLV: TLV Result - Success - EAP-TLV/Phase2 Completed

**** 
ok: that seems to authenticate me. System managers told me that they could
see my successfull authentication. 

EAP-PEAP: Encrypting Phase 2 data - hexdump(len=11): [REMOVED]
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=98): 00 11 5c 77 82 40 00 0b 9d 00 b2 6e 88 8e 01 00 00 50 02 81 00 50 19 01 17 03 01 00 20 28 df 37 23 a2 6f 23 dc 94 86 93 ac 69 a2 09 80 0e dc 7f 78 35 80 cb dd 30 52 e5 34 79 1e 31 81 17 03 01 00 20 e5 1f 13 de e1 e0 49 df c9 f9 eb ba 87 ae b3 60 c8 65 9d 5f f2 a2 4a 61 01 3d 22 60 cb d0 81 c7
EAPOL: SUPP_BE entering state RECEIVE
WPA: EAPOL frame too short, len 47, expecting at least 99
RX EAPOL from 00:11:5c:77:82:40
RX EAPOL - hexdump(len=46): 01 00 00 04 03 81 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Success
EAP: EAP entering state SUCCESS
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: SUPP_BE entering state SUCCESS
EAPOL: SUPP_BE entering state IDLE
WPA: EAPOL frame too short, len 46, expecting at least 99
RX EAPOL from 00:11:5c:77:82:40
RX EAPOL - hexdump(len=61): 01 03 00 39 01 00 0d 00 00 41 ac 83 0b 00 b1 3d 1f dc 96 7b ca c7 a6 18 71 7e c8 5a 02 85 99 01 85 c2 4b 23 0a 04 7a 03 06 fb 65 5e ae a0 cc 00 b2 8a 34 48 fd 38 99 0a a6 84 7a e9 32
EAPOL: Received EAPOL-Key frame
EAPOL: KEY_RX entering state KEY_RECEIVE
EAPOL: processKey
EAPOL: RX IEEE 802.1X ver=1 type=3 len=57 EAPOL-Key: type=1 key_length=13 key_index=0x1
EAPOL: EAPOL-Key key signature verified
EAPOL: Decrypted(RC4) key - hexdump(len=13): [REMOVED]
EAPOL: Setting dynamic WEP key: broadcast keyidx 1 len 13

**** That seems to set the WEP key.... 

WPA: EAPOL frame too short, len 61, expecting at least 99
RX EAPOL from 00:11:5c:77:82:40
RX EAPOL - hexdump(len=48): 01 03 00 2c 01 00 0d 00 00 41 ac 83 0b 00 b2 be e0 c6 9f 3d 67 f2 e0 c3 2a ca 68 fa 23 eb 20 83 3f 28 3a 58 a0 65 50 b4 74 5b f5 e6 39 13 12 97
EAPOL: Received EAPOL-Key frame
EAPOL: KEY_RX entering state KEY_RECEIVE
EAPOL: processKey
EAPOL: RX IEEE 802.1X ver=1 type=3 len=44 EAPOL-Key: type=1 key_length=13 key_index=0x83
EAPOL: EAPOL-Key key signature verified
EAPOL: using part of EAP keying material data encryption key - hexdump(len=13): [REMOVED]
EAPOL: Setting dynamic WEP key: unicast keyidx 3 len 13

*** and that the other... 

EAPOL: all required EAPOL-Key frames received
WPA: EAPOL processing complete
Cancelling authentication timeout
EAPOL: SUPP_PAE entering state AUTHENTICATED

**** Now I start (on another terminal) dhclient, which says: 

[root at rukbat romano]# dhclient wlan0
Internet Systems Consortium DHCP Client V3.0.1rc14
Copyright 2004 Internet Systems Consortium.
All rights reserved.
For info, please visit http://www.isc.org/products/DHCP
 
Listening on LPF/wlan0/00:0b:9d:00:b2:6e
Sending on   LPF/wlan0/00:0b:9d:00:b2:6e
Sending on   Socket/fallback
DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 4
[...]

*** without answer. Meanwhile, wpa_supplicant continues saying: 

WPA: EAPOL frame too short, len 48, expecting at least 99
EAPOL: Port Timers tick - authWhile=29 heldWhile=0 startWhen=29 idleWhile=59
[...]
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=15
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=14
EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=13

*** It seems no traffic go trough. If at this stage (in a third terminal) I
ask for wlan0 state: 

# iwconfig wlan0 && ifconfig wlan0

wlan0     IEEE 802.11b  ESSID:"upco_wlan"  
          Mode:Managed  Frequency:2.427GHz  Access Point: 00:11:5C:77:82:40  
          Bit Rate:11Mb/s   Tx-Power:20 dBm   Sensitivity=0/3  
          RTS thr:2432 B   Fragment thr:2432 B   
          Encryption key:off
          Power Management:off
          Link Quality:100/100  Signal level:-53 dBm  Noise level:-256 dBm
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:0  Invalid misc:0   Missed beacon:0

wlan0     Link encap:Ethernet  HWaddr 00:0B:9D:00:B2:6E  
          UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
          RX packets:1263 errors:0 dropped:0 overruns:0 frame:0
          TX packets:44 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:142553 (139.2 Kb)  TX bytes:3342 (3.2 Kb)
          Interrupt:9 Memory:10800000-108000ff 

*** It seems to me that I received the keys, but no keys are used by the
driver. I feel I am really near to the connection... 

Finally, I hit ctl-c on wpa_supplicant...

Signal 2 received - terminating
EAPOL: External notification - portEnabled=0
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portValid=0
EAP: deinitialize previously used EAP method (25, PEAP) at EAP deinit

Again, any hint? 

       Romano
       

-- 
Romano Giannetti             -  Univ. Pontificia Comillas (Madrid, Spain)
Electronic Engineer - phone +34 915 422 800 ext 2416  fax +34 915 596 569



More information about the HostAP mailing list