From fromkth+hostap at fastmail.fm Tue Mar 1 10:23:40 2005 From: fromkth+hostap at fastmail.fm (Ajeet Nankani) Date: Tue, 01 Mar 2005 16:23:40 +0100 Subject: Non destructive scanning while connected to current AP. In-Reply-To: <4223A2C1.5070906@cs.columbia.edu> References: <4222F488.5080908@fastmail.fm> <42234296.50504@cs.columbia.edu> <42234AA2.2000304@fastmail.fm> <4223A2C1.5070906@cs.columbia.edu> Message-ID: <422488FC.9080705@fastmail.fm> Yeah i know that buffered frames are not useful for VoIP, but what if the scanning procedure is modified(selective scaning - your research paper) so that it completes in 20ms to 30ms? I guess in that case these frames might be useful for VoIP. Any comments on this. Also as mentioned in old emails on list that one cant avoid these null frames as these are handled by firmware whenever scanning is done. Regards, -ajeet. Andrea G Forte wrote: > Actually the scenario I was referring to is different from the one you > described. This buffering is particularly useful (if we talk about NOT > real-time apps) when you want to do a pre-scanning. Meaning that you may > want to do an active scanning before the time you may actually perform > an handoff. The STA will send the null function frame to the AP (start > buffering), it will then scan the channels and ultimately go back to the > old AP. It will then send another null function (stop buffering and send > me the buffered frames). The handoff process is not performed. > When the handoff process is performed, buffered frames are not very > useful. SOME of the buffered frames can be sent to the STA between the > last probe response and the auth request by the old AP. An alternative > is that the buffered frames can also be sent by the old AP to the new AP > via IAPP if available. However, when the handoff is performed, the AP > cannot assume that buffered frames will be delivered (unless IAPP is > used for this). > > Regards, > Andrea > > > > Ajeet Nankani wrote: > >> Thanks Forte for the detailed answer, but still i have few more >> question which are not explained in this or the old threads. >> >> Discussion does not mention that actually at what point STA sends >> authentication and then Re-Association request to new AP. I mean when >> it is currently attached to the AP, then first it sends Null Data >> Frame to curent AP to indicate start of buffering, then it scans, then >> it again send Null Data Frame to current AP to indicate stop of >> buffering, after that i am not sure what happens? >> I guess, then STA gets all buffered frames from AP(but does STA sends >> its buffered frames to the current AP or not??), then send >> De-Authentication Frame to current AP, then Sends Authentication Frame >> to the new selected AP from the Scan-Results, then upon successful >> authentication sends re-association frame. >> >> I guess Forte has a log of captured frames, can you look into your >> frame captures log and see, if it happens like what i described in the >> above para or not or something different? >> >> Best Regards, >> >> -ajeet. >> >> Andrea G Forte wrote: >> >>> It seems that everytime a handoff occurs, the STA sends Null function >>> packets to the AP, one at the beginning of the scanning process and >>> one at the end of the scanning process. These packets tell the old AP >>> when to start and stop buffering packets for the STA. I had a thread >>> earlier on the meaning of these frames and Jouni explained what I >>> just told you. However, these packets can introduce a significant >>> delay in the handoff process. This means that even though the packets >>> are buffered, if the delay introduced by these null function frames >>> is too big, the buffered packets are useless (at least for VoIP and >>> other real-time applications). >>> It would be better to not have them at all when using real-time >>> applications. Unfortunately these frames are controlled by the >>> firmware and not the driver. >>> Furthermore if you read the 802.11 standard the particular mechanism >>> that takes care of buffering is "out of the scope" of the standard, >>> so I am not sure if using the null function frames is the "standard" >>> way to do it. >>> >>> Regards, >>> Andrea >>> >>> >>> >>> Ajeet Nankani wrote: >>> >>>> I want to know that when a STA is connected to AP and is actively >>>> transferring and receiving data from AP, and during that when STA >>>> tries to scan network non-destructively then what happens to current >>>> data transfer while scanning, because for scanning, channel needs to >>>> be changed for active probes, so what happens with the current data >>>> frames from current channel? >>>> >>>> are they lost? or buffered at STA and at AP both? and if buffered, >>>> do STA indicates AP to buffer frames by sending PS frame to AP or >>>> some other procedure? >>>> >>>> -ajeet. >>> >>> >> > From andreaf at cs.columbia.edu Tue Mar 1 11:39:03 2005 From: andreaf at cs.columbia.edu (Andrea G Forte) Date: Tue, 01 Mar 2005 11:39:03 -0500 Subject: Non destructive scanning while connected to current AP. In-Reply-To: <422488FC.9080705@fastmail.fm> References: <4222F488.5080908@fastmail.fm> <42234296.50504@cs.columbia.edu> <42234AA2.2000304@fastmail.fm> <4223A2C1.5070906@cs.columbia.edu> <422488FC.9080705@fastmail.fm> Message-ID: <42249AA7.6090803@cs.columbia.edu> Ajeet Nankani wrote: > Yeah i know that buffered frames are not useful for VoIP, but what if > the scanning procedure is modified(selective scaning - your research > paper) so that it completes in 20ms to 30ms? I guess in that case > these frames might be useful for VoIP. > Any comments on this. > As I said earlier, these frames would be useful if they would not add a significant delay to the scanning process. Unfortunately from some first measurements I took, it seems that they add some significant delay which makes them not useful with any form of scanning (we are always talking about real-time traffic here). However, this is a work in progress.....will need to take more measurements. Do you know if these frames behave in this way for Prism2/2.5/3 cards only? What about other chipsets? Does anyone know about the madwifi group? Do they have the same behaviour with their chipset/card? Regards, Andrea > Also as mentioned in old emails on list that one cant avoid these null > frames as these are handled by firmware whenever scanning is done. > > Regards, > > -ajeet. > > > Andrea G Forte wrote: > >> Actually the scenario I was referring to is different from the one >> you described. This buffering is particularly useful (if we talk >> about NOT real-time apps) when you want to do a pre-scanning. Meaning >> that you may want to do an active scanning before the time you may >> actually perform an handoff. The STA will send the null function >> frame to the AP (start buffering), it will then scan the channels and >> ultimately go back to the old AP. It will then send another null >> function (stop buffering and send me the buffered frames). The >> handoff process is not performed. >> When the handoff process is performed, buffered frames are not very >> useful. SOME of the buffered frames can be sent to the STA between >> the last probe response and the auth request by the old AP. An >> alternative is that the buffered frames can also be sent by the old >> AP to the new AP via IAPP if available. However, when the handoff is >> performed, the AP cannot assume that buffered frames will be >> delivered (unless IAPP is used for this). >> >> Regards, >> Andrea >> >> >> >> Ajeet Nankani wrote: >> >>> Thanks Forte for the detailed answer, but still i have few more >>> question which are not explained in this or the old threads. >>> >>> Discussion does not mention that actually at what point STA sends >>> authentication and then Re-Association request to new AP. I mean >>> when it is currently attached to the AP, then first it sends Null >>> Data Frame to curent AP to indicate start of buffering, then it >>> scans, then it again send Null Data Frame to current AP to indicate >>> stop of buffering, after that i am not sure what happens? >>> I guess, then STA gets all buffered frames from AP(but does STA >>> sends its buffered frames to the current AP or not??), then send >>> De-Authentication Frame to current AP, then Sends Authentication >>> Frame to the new selected AP from the Scan-Results, then upon >>> successful authentication sends re-association frame. >>> >>> I guess Forte has a log of captured frames, can you look into your >>> frame captures log and see, if it happens like what i described in >>> the above para or not or something different? >>> >>> Best Regards, >>> >>> -ajeet. >>> >>> Andrea G Forte wrote: >>> >>>> It seems that everytime a handoff occurs, the STA sends Null >>>> function packets to the AP, one at the beginning of the scanning >>>> process and one at the end of the scanning process. These packets >>>> tell the old AP when to start and stop buffering packets for the >>>> STA. I had a thread earlier on the meaning of these frames and >>>> Jouni explained what I just told you. However, these packets can >>>> introduce a significant delay in the handoff process. This means >>>> that even though the packets are buffered, if the delay introduced >>>> by these null function frames is too big, the buffered packets are >>>> useless (at least for VoIP and other real-time applications). >>>> It would be better to not have them at all when using real-time >>>> applications. Unfortunately these frames are controlled by the >>>> firmware and not the driver. >>>> Furthermore if you read the 802.11 standard the particular >>>> mechanism that takes care of buffering is "out of the scope" of the >>>> standard, so I am not sure if using the null function frames is the >>>> "standard" way to do it. >>>> >>>> Regards, >>>> Andrea >>>> >>>> >>>> >>>> Ajeet Nankani wrote: >>>> >>>>> I want to know that when a STA is connected to AP and is actively >>>>> transferring and receiving data from AP, and during that when STA >>>>> tries to scan network non-destructively then what happens to >>>>> current data transfer while scanning, because for scanning, >>>>> channel needs to be changed for active probes, so what happens >>>>> with the current data frames from current channel? >>>>> >>>>> are they lost? or buffered at STA and at AP both? and if buffered, >>>>> do STA indicates AP to buffer frames by sending PS frame to AP or >>>>> some other procedure? >>>>> >>>>> -ajeet. >>>> >>>> >>>> >>> >> From deviv at noida.hcltech.com Wed Mar 2 02:27:01 2005 From: deviv at noida.hcltech.com (Devi vellingiri, Noida) Date: Wed, 2 Mar 2005 12:57:01 +0530 Subject: Generic Info element regarding Message-ID: <267988DEACEC5A4D86D5FCD780313FBB05247B86@exch-03.noida.hcltech.com> Greetings All, I would like to know whether a Generic Info Element in the probe response of a WPA2 AP contain the cipher id defined as CCMP for both Pairwise & Group ciphers. Thanks and Regards, Devi Vellingiri -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050302/05c3cc42/attachment.htm From hs4233 at mail.mn-solutions.de Wed Mar 2 07:37:47 2005 From: hs4233 at mail.mn-solutions.de (Holger Schurig) Date: Wed, 2 Mar 2005 13:37:47 +0100 Subject: programming question for wpa_supplicant driver Message-ID: <200503021337.47314.hs4233@mail.mn-solutions.de> I'm in the process of writing a driver_hermes.c for wpa_supplicant from current CVS which does not depend on the (very awkward) sources for the hermes wlags49 driver. By doing this, I'm going from simple to complex. Now, a static wep key seems simpley enought. Unfortunately, it doesn't work. Can wpa_supplicant also "enter" the WEP keys for me? My wpa.conf looks like this: ------------------------------------------ ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=0 eapol_version=1 ap_scan=1 fast_reauth=1 network={ ssid="MYWLAN2" key_mgmt=NONE wep_key0="mykey12345678" wep_tx_keyidx=0 } ------------------------------------------ Before starting wpa_supplicant, my interface is up, but no WEP key and no association is there: ------------------------------------------ eth1 IEEE 802.11b ESSID:"" Nickname:"MNCI" Frequency:2.457 GHz Access Point: 44:44:44:44:44:44 Bit Rate=11.5343 Mb/s Tx-Power=off Sensitivity:1/3 RTS thr:off Encryption key:off Power Management:off Link Quality=0/92 Signal level=-102 dBm Noise level=-102 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0 ------------------------------------------ Now I start wpa_supplicant: ... Jan 02 01:54:59.760217: EAPOL: SUPP_PAE entering state DISCONNECTED Jan 02 01:54:59.760500: EAPOL: KEY_RX entering state NO_KEY_RECEIVE Jan 02 01:54:59.760576: EAPOL: SUPP_BE entering state INITIALIZE Jan 02 01:54:59.760697: EAP: EAP entering state DISABLED Jan 02 01:54:59.761303: EAPOL: External notification - portEnabled=0 Jan 02 01:54:59.761684: EAPOL: External notification - portValid=0 Jan 02 01:54:59.762046: wpa_driver_hermes_init: eth1 Jan 02 01:54:59.819448: found Hermes 2 STA Jan 02 01:54:59.819969: Own MAC address: 00:10:c6:30:9b:fe Jan 02 01:54:59.820164: wpa_driver_hermes_set_wpa: enabled=1 Jan 02 01:54:59.820414: wpa_driver_hermes_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0 Jan 02 01:54:59.820704: wpa_driver_hermes_set_key: alg=none key_idx=1 set_tx=0 seq_len=0 key_len=0 Jan 02 01:54:59.820913: wpa_driver_hermes_set_key: alg=none key_idx=2 set_tx=0 seq_len=0 key_len=0 Jan 02 01:54:59.821114: wpa_driver_hermes_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0 Jan 02 01:54:59.821307: wpa_driver_hermes_set_countermeasures: enabled=0 Jan 02 01:54:59.824487: wpa_driver_hermes_set_drop_unencrypted: enabled=1 Jan 02 01:54:59.825001: Setting scan request: 0 sec 100000 usec Jan 02 01:54:59.826228: Wireless event: cmd=0x8b06 len=8 Jan 02 01:54:59.826511: unhandled Jan 02 01:54:59.930072: State: DISCONNECTED -> SCANNING Jan 02 01:54:59.930243: Starting AP scan (broadcast SSID) Jan 02 01:55:01.035435: Wireless event: cmd=0x8b19 len=12 Jan 02 01:55:01.036959: Received 4096 bytes of scan results (2 BSSes) Jan 02 01:55:01.037212: Scan results: 2 Jan 02 01:55:01.037316: Selecting BSS from priority group 0 Jan 02 01:55:01.037429: 0: 00:12:7f:8b:62:30 ssid='MYWLAN2' wpa_ie_len=0 rsn_ie_len=0 Jan 02 01:55:01.037529: skip - no WPA/RSN IE Jan 02 01:55:01.037613: 1: 00:02:2d:a6:1b:ca ssid='MYWLAN1' wpa_ie_len=0 rsn_ie_len=0 Jan 02 01:55:01.037701: skip - no WPA/RSN IE Jan 02 01:55:01.037880: selected non-WPA AP 00:12:7f:8b:62:30 ssid='MYWLAN2' Fine. Now it selects on of the access points, MYWLAN2 with a weird frequency. Is 0 MHz correct? Jan 02 01:55:01.038060: Trying to associate with 00:12:7f:8b:62:30 (SSID='MYWLAN' freq=0 MHz) Jan 02 01:55:01.038190: Cancelling scan request Jan 02 01:55:01.038289: Automatic auth_alg selection: 0x1 Jan 02 01:55:01.038402: No keys have been configured - skip key clearing Jan 02 01:55:01.038514: wpa_driver_hermes_set_key: alg=WEP key_idx=0 set_tx=1 seq_len=0 key_len=13 Looks like it enters the static WEP key ?!? Jan 02 01:55:01.038641: wpa_driver_hermes_set_drop_unencrypted: enabled=1 Jan 02 01:55:01.038915: State: SCANNING -> ASSOCIATING Jan 02 01:55:01.039077: wpa_driver_hermes_associate Here it tries to associate. But note: the my current driver (wlags49 7.18, 7.22 had compilation problems) doesn't support any *_set_bssid() like IOCTL, i.e. not the SIOCGIWAP ioctl that driver_wext uses and exports. Not sure if this is a problem. Jan 02 01:55:01.039161: wpa_driver_hermes_set_wpa_ie Jan 02 01:55:01.049764: Setting authentication timeout: 5 sec 0 usec Jan 02 01:55:01.050040: EAPOL: External notification - portControl=ForceAuthorized Jan 02 01:55:01.050668: Wireless event: cmd=0x8b04 len=12 Jan 02 01:55:01.050869: unhandled The "unhandled" text is some debug message from me. Apart from this, nothing from current CVS head has been changed. 8b04 is the IOCTL for SIOCSIWFREQ "set channel/frequency (Hz)". Jan 02 01:55:01.050983: Wireless event: cmd=0x8b1a len=19 Jan 02 01:55:01.051075: unhandled This is SIOCSIWESSID "set ESSID (network name)" Jan 02 01:55:06.050134: Authentication with 00:00:00:00:00:00 timed out. But somehow the association got wrong? I never asked or wanted to associate with 00:00:00:00:00:00. Which event/function should have been called in order to mark the association as "working"? Jan 02 01:55:06.050531: State: ASSOCIATING -> DISCONNECTED Jan 02 01:55:06.050630: wpa_driver_hermes_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0 Jan 02 01:55:06.050935: wpa_driver_hermes_set_key: alg=none key_idx=1 set_tx=0 seq_len=0 key_len=0 Jan 02 01:55:06.051188: wpa_driver_hermes_set_key: alg=none key_idx=2 set_tx=0 seq_len=0 key_len=0 Jan 02 01:55:06.051433: wpa_driver_hermes_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0 Jan 02 01:55:06.051663: EAPOL: External notification - portEnabled=0 Jan 02 01:55:06.052026: EAPOL: External notification - portValid=0 Now the same log as above will be repeated. While this happens, I cannot ping the device. If I do, instead of starting wpa_supplicant, issue the command "iwconfig eth1 mykey12345678" by hand, then everything works and I can ping my device. From fromkth+hostap at fastmail.fm Wed Mar 2 08:01:26 2005 From: fromkth+hostap at fastmail.fm (Ajeet Nankani) Date: Wed, 02 Mar 2005 14:01:26 +0100 Subject: Capturing 802.11 frames in managed mode Message-ID: <4225B926.5050304@fastmail.fm> Is it possible to capture 802.11 frames when the card is in managed mode? Because i want to capture every packet of the whole process from attaching of STA with first AP and then roaming to 2nd AP and 3rd AP... Nth AP. In ethereal if the card is in managed mode, it only allows to capture Ethernet frames, and only if the card is in monitor mode then it allows you to capture 802.11 frames. So this means usually one needs 11 or 13 cards in monitor mode one on each channel to capture with 100 percent accuracy without missing a single frame. So I am wondering is there any option, through which i get 802.11 frames in ethereal when the card is in manged mode? Regards, -ajeet. From kianusch at sk-tech.net Wed Mar 2 08:24:02 2005 From: kianusch at sk-tech.net (Kianusch Sayah Karadji) Date: Wed, 2 Mar 2005 14:24:02 +0100 (CET) Subject: HOSTAPD Question Message-ID: Hi! What kernel module requirments are there for hostapd and WPA support? ARC4 ? Michael MIC ? CRC32c ? MD5 ? Any other? Kianusch From dave at kjellquist.com Wed Mar 2 18:44:09 2005 From: dave at kjellquist.com (David Kjellquist) Date: Wed, 02 Mar 2005 18:44:09 -0500 Subject: ham,programming question for wpa_supplicant driver In-Reply-To: <200503021337.47314.hs4233@mail.mn-solutions.de> References: <200503021337.47314.hs4233@mail.mn-solutions.de> Message-ID: <1109807050.19654.4.camel@localhost.localdomain> Holger; What card are you using? I am trying to get an Enterasys Roamabout to work with the 2.6 kernel. I would be VERY interested in your hermes driver when you get it working. I am not really a programmer but if I can help some how - I'm willing. Dave On Wed, 2005-03-02 at 13:37 +0100, Holger Schurig wrote: > I'm in the process of writing a driver_hermes.c for wpa_supplicant from > current CVS which does not depend on the (very awkward) sources for the > hermes wlags49 driver. > > By doing this, I'm going from simple to complex. Now, a static wep key > seems simpley enought. Unfortunately, it doesn't work. Can wpa_supplicant > also "enter" the WEP keys for me? > > > My wpa.conf looks like this: > > ------------------------------------------ > ctrl_interface=/var/run/wpa_supplicant > ctrl_interface_group=0 > eapol_version=1 > ap_scan=1 > fast_reauth=1 > > network={ > ssid="MYWLAN2" > key_mgmt=NONE > wep_key0="mykey12345678" > wep_tx_keyidx=0 > } > ------------------------------------------ > > Before starting wpa_supplicant, my interface is up, but no WEP key and no > association is there: > > ------------------------------------------ > eth1 IEEE 802.11b ESSID:"" Nickname:"MNCI" > Frequency:2.457 GHz Access Point: 44:44:44:44:44:44 Bit > Rate=11.5343 Mb/s > Tx-Power=off Sensitivity:1/3 > RTS thr:off > Encryption key:off > Power Management:off > Link Quality=0/92 Signal level=-102 dBm Noise level=-102 dBm > Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 > Tx excessive retries:0 Invalid misc:0 Missed beacon:0 > ------------------------------------------ > > Now I start wpa_supplicant: > > ... > Jan 02 01:54:59.760217: EAPOL: SUPP_PAE entering state DISCONNECTED > Jan 02 01:54:59.760500: EAPOL: KEY_RX entering state NO_KEY_RECEIVE > Jan 02 01:54:59.760576: EAPOL: SUPP_BE entering state INITIALIZE > Jan 02 01:54:59.760697: EAP: EAP entering state DISABLED > Jan 02 01:54:59.761303: EAPOL: External notification - portEnabled=0 > Jan 02 01:54:59.761684: EAPOL: External notification - portValid=0 > Jan 02 01:54:59.762046: wpa_driver_hermes_init: eth1 > Jan 02 01:54:59.819448: found Hermes 2 STA > Jan 02 01:54:59.819969: Own MAC address: 00:10:c6:30:9b:fe > Jan 02 01:54:59.820164: wpa_driver_hermes_set_wpa: enabled=1 > Jan 02 01:54:59.820414: wpa_driver_hermes_set_key: alg=none key_idx=0 > set_tx=0 seq_len=0 key_len=0 > Jan 02 01:54:59.820704: wpa_driver_hermes_set_key: alg=none key_idx=1 > set_tx=0 seq_len=0 key_len=0 > Jan 02 01:54:59.820913: wpa_driver_hermes_set_key: alg=none key_idx=2 > set_tx=0 seq_len=0 key_len=0 > Jan 02 01:54:59.821114: wpa_driver_hermes_set_key: alg=none key_idx=3 > set_tx=0 seq_len=0 key_len=0 > Jan 02 01:54:59.821307: wpa_driver_hermes_set_countermeasures: enabled=0 > Jan 02 01:54:59.824487: wpa_driver_hermes_set_drop_unencrypted: enabled=1 > Jan 02 01:54:59.825001: Setting scan request: 0 sec 100000 usec > Jan 02 01:54:59.826228: Wireless event: cmd=0x8b06 len=8 > Jan 02 01:54:59.826511: unhandled > Jan 02 01:54:59.930072: State: DISCONNECTED -> SCANNING > Jan 02 01:54:59.930243: Starting AP scan (broadcast SSID) > Jan 02 01:55:01.035435: Wireless event: cmd=0x8b19 len=12 > Jan 02 01:55:01.036959: Received 4096 bytes of scan results (2 BSSes) > Jan 02 01:55:01.037212: Scan results: 2 > Jan 02 01:55:01.037316: Selecting BSS from priority group 0 > Jan 02 01:55:01.037429: 0: 00:12:7f:8b:62:30 ssid='MYWLAN2' wpa_ie_len=0 > rsn_ie_len=0 > Jan 02 01:55:01.037529: skip - no WPA/RSN IE > Jan 02 01:55:01.037613: 1: 00:02:2d:a6:1b:ca ssid='MYWLAN1' wpa_ie_len=0 > rsn_ie_len=0 > Jan 02 01:55:01.037701: skip - no WPA/RSN IE > Jan 02 01:55:01.037880: selected non-WPA AP 00:12:7f:8b:62:30 > ssid='MYWLAN2' > > Fine. Now it selects on of the access points, MYWLAN2 with a weird > frequency. Is 0 MHz correct? > > Jan 02 01:55:01.038060: Trying to associate with 00:12:7f:8b:62:30 > (SSID='MYWLAN' freq=0 MHz) > Jan 02 01:55:01.038190: Cancelling scan request > Jan 02 01:55:01.038289: Automatic auth_alg selection: 0x1 > Jan 02 01:55:01.038402: No keys have been configured - skip key clearing > Jan 02 01:55:01.038514: wpa_driver_hermes_set_key: alg=WEP key_idx=0 > set_tx=1 seq_len=0 key_len=13 > > Looks like it enters the static WEP key ?!? > > Jan 02 01:55:01.038641: wpa_driver_hermes_set_drop_unencrypted: enabled=1 > Jan 02 01:55:01.038915: State: SCANNING -> ASSOCIATING > Jan 02 01:55:01.039077: wpa_driver_hermes_associate > > Here it tries to associate. But note: the my current driver (wlags49 > 7.18, 7.22 had compilation problems) doesn't support any *_set_bssid() > like IOCTL, i.e. not the SIOCGIWAP ioctl that driver_wext uses and > exports. Not sure if this is a problem. > > Jan 02 01:55:01.039161: wpa_driver_hermes_set_wpa_ie > Jan 02 01:55:01.049764: Setting authentication timeout: 5 sec 0 usec > Jan 02 01:55:01.050040: EAPOL: External notification - > portControl=ForceAuthorized > Jan 02 01:55:01.050668: Wireless event: cmd=0x8b04 len=12 > Jan 02 01:55:01.050869: unhandled > > The "unhandled" text is some debug message from me. Apart from this, > nothing from current CVS head has been changed. 8b04 is the IOCTL for > SIOCSIWFREQ "set channel/frequency (Hz)". > > Jan 02 01:55:01.050983: Wireless event: cmd=0x8b1a len=19 > Jan 02 01:55:01.051075: unhandled > This is SIOCSIWESSID "set ESSID (network name)" > > Jan 02 01:55:06.050134: Authentication with 00:00:00:00:00:00 timed out. > > But somehow the association got wrong? I never asked or wanted > to associate with 00:00:00:00:00:00. Which event/function should > have been called in order to mark the association as "working"? > > Jan 02 01:55:06.050531: State: ASSOCIATING -> DISCONNECTED > Jan 02 01:55:06.050630: wpa_driver_hermes_set_key: alg=none key_idx=0 > set_tx=0 seq_len=0 key_len=0 > Jan 02 01:55:06.050935: wpa_driver_hermes_set_key: alg=none key_idx=1 > set_tx=0 seq_len=0 key_len=0 > Jan 02 01:55:06.051188: wpa_driver_hermes_set_key: alg=none key_idx=2 > set_tx=0 seq_len=0 key_len=0 > Jan 02 01:55:06.051433: wpa_driver_hermes_set_key: alg=none key_idx=3 > set_tx=0 seq_len=0 key_len=0 > Jan 02 01:55:06.051663: EAPOL: External notification - portEnabled=0 > Jan 02 01:55:06.052026: EAPOL: External notification - portValid=0 > > Now the same log as above will be repeated. > > > > While this happens, I cannot ping the device. > > If I do, instead of starting wpa_supplicant, issue the command "iwconfig > eth1 mykey12345678" by hand, then everything works and I can ping my > device. > _______________________________________________ > HostAP mailing list > HostAP at shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap > -- David Kjellquist From yenjung at gmail.com Wed Mar 2 21:41:14 2005 From: yenjung at gmail.com (YenJung Chang) Date: Thu, 3 Mar 2005 10:41:14 +0800 Subject: ap_scan=2 problem? Message-ID: <32653c9705030218415266c89a@mail.gmail.com> Hi, List and Jouni, I tested wpa_supplicant with ap_scan=1 and ap_scan=2, and it seems there is some problem on ap_scan=2. The testing steps on ap_scan=1 and ap_scan=2 are same: 1. $ wpa_supplicant.conf -i ath0 -c/etc/wpa_supplicant.conf -d > supp1.log 2. $ wpa_cli status (make sure the connection is created) 3. $ wpa_cli reassociate ( force wpa_supplicant to reassociate) 4. $ wpa_cli status (check is it connected?) The connection with ap_scan=1 is re-created successfully, but failed with ap_scan=2. Following is my wpa_supplicant.conf ============================================== ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=0 eapol_version=1 ap_scan=2 fast_reauth=1 network={ ssid="*spencer*" key_mgmt=NONE } ============================================== and attached supp1.log is the log when tested ap_scan=1 and supp2.log is ap_scan=2. Is it meaning there is some problem on ap_scan=2? ps. There is another stranger behavior on ap_scan=2. The connection to AP is hard to create if the wpa_supplicant commad is "wpa_supplicant -i ath0 -c /etc/wpa_supplicant.conf -d", but the connection is created successfuly if the command is "wpa_supplicant -i ath0 -c /etc/wpa_supplicant.conf -d > /tmp/supp2.log". The only difference is that the output log is redirected to a file. I have no idea what cause that. And I can not post the failed log, bcz it would not fail when I redirect the log to a file. :S. Regards, Spencer. -------------- next part -------------- A non-text attachment was scrubbed... Name: supp1.log Type: application/octet-stream Size: 7379 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050303/4966219a/attachment.obj -------------- next part -------------- A non-text attachment was scrubbed... Name: supp2.log Type: application/octet-stream Size: 9627 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050303/4966219a/attachment-0001.obj From yenjung at gmail.com Wed Mar 2 22:02:27 2005 From: yenjung at gmail.com (YenJung Chang) Date: Thu, 3 Mar 2005 11:02:27 +0800 Subject: ap_scan=2 problem? In-Reply-To: <32653c9705030218415266c89a@mail.gmail.com> References: <32653c9705030218415266c89a@mail.gmail.com> Message-ID: <32653c970503021902310885db@mail.gmail.com> On Thu, 3 Mar 2005 10:41:14 +0800, YenJung Chang wrote: > Hi, List and Jouni, > > I tested wpa_supplicant with ap_scan=1 and ap_scan=2, and it seems > there is some problem on ap_scan=2. > > The testing steps on ap_scan=1 and ap_scan=2 are same: > 1. $ wpa_supplicant.conf -i ath0 -c/etc/wpa_supplicant.conf -d > supp1.log > 2. $ wpa_cli status (make sure the connection is created) > 3. $ wpa_cli reassociate ( force wpa_supplicant to reassociate) > 4. $ wpa_cli status (check is it connected?) > > The connection with ap_scan=1 is re-created successfully, but failed > with ap_scan=2. > > Following is my wpa_supplicant.conf > ============================================== > ctrl_interface=/var/run/wpa_supplicant > ctrl_interface_group=0 > eapol_version=1 > ap_scan=2 > fast_reauth=1 > network={ > ssid="*spencer*" > key_mgmt=NONE > } > ============================================== > > and attached supp1.log is the log when tested ap_scan=1 and supp2.log > is ap_scan=2. > Is it meaning there is some problem on ap_scan=2? > > ps. > There is another stranger behavior on ap_scan=2. The connection to AP > is hard to create > if the wpa_supplicant commad is "wpa_supplicant -i ath0 -c > /etc/wpa_supplicant.conf -d", > but the connection is created successfuly if the command is > "wpa_supplicant -i ath0 -c /etc/wpa_supplicant.conf -d > /tmp/supp2.log". > The only difference is that the output log is redirected to a file. > I have no idea what cause that. And I can not post the failed log, bcz > it would not fail when I redirect the log to a file. :S. > One thing missed. The used driver is Madwifi. From jkmaline at cc.hut.fi Wed Mar 2 23:13:55 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Wed, 2 Mar 2005 20:13:55 -0800 Subject: Capturing 802.11 frames in managed mode In-Reply-To: <4225B926.5050304@fastmail.fm> References: <4225B926.5050304@fastmail.fm> Message-ID: <20050303041355.GG8756@jm.kir.nu> On Wed, Mar 02, 2005 at 02:01:26PM +0100, Ajeet Nankani wrote: > Is it possible to capture 802.11 frames when the card is in managed > mode? Because i want to capture every packet of the whole process from > attaching of STA with first AP and then roaming to 2nd AP and 3rd AP... > Nth AP. Some of the packets, yes; all of them, no.. > In ethereal if the card is in managed mode, it only allows to capture > Ethernet frames, and only if the card is in monitor mode then it allows > you to capture 802.11 frames. So this means usually one needs 11 or 13 > cards in monitor mode one on each channel to capture with 100 percent > accuracy without missing a single frame. I would not expect to get 100% accuracy when capturing frames from wireless media, no matter how many sniffers you add.. Anyway, Host AP driver is receiving the frames with IEEE 802.11 headers, but not FCS, so this would not be full frame. However, the firmware does not deliver all received packets to the driver. In case of managed mode, most (or likely all) control frames are filtered out and so are many of the management frames. > So I am wondering is there any option, through which i get 802.11 frames > in ethereal when the card is in manged mode? You could get data packets with IEEE 802.11 headers a small driver changes and even some of the management frames, but you would not get all IEEE 802.11 frames with Prism2/2.5/3 cards. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Wed Mar 2 23:15:45 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Wed, 2 Mar 2005 20:15:45 -0800 Subject: HOSTAPD Question In-Reply-To: References: Message-ID: <20050303041545.GH8756@jm.kir.nu> On Wed, Mar 02, 2005 at 02:24:02PM +0100, Kianusch Sayah Karadji wrote: > What kernel module requirments are there for hostapd and WPA support? hostapd is a user space program and it does not explicitly require kernel modules.. Are you asking about requirements for the Host AP driver? > ARC4 ? > Michael MIC ? > CRC32c ? > MD5 ? ARC4 and Michael MIC could be used, but they are not really requirements in the sense that Host AP driver has an internal implementation if these algorithms are not available through Crypto API. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Wed Mar 2 23:18:00 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Wed, 2 Mar 2005 20:18:00 -0800 Subject: ap_scan=2 problem? In-Reply-To: <32653c9705030218415266c89a@mail.gmail.com> References: <32653c9705030218415266c89a@mail.gmail.com> Message-ID: <20050303041800.GI8756@jm.kir.nu> On Thu, Mar 03, 2005 at 10:41:14AM +0800, YenJung Chang wrote: > I tested wpa_supplicant with ap_scan=1 and ap_scan=2, and it seems > there is some problem on ap_scan=2. > The testing steps on ap_scan=1 and ap_scan=2 are same: > 1. $ wpa_supplicant.conf -i ath0 -c/etc/wpa_supplicant.conf -d > supp1.log I don't think the current madwifi driver and interface code for that in wpa_supplicant support ap_scan=2. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Wed Mar 2 23:28:54 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Wed, 2 Mar 2005 20:28:54 -0800 Subject: programming question for wpa_supplicant driver In-Reply-To: <200503021337.47314.hs4233@mail.mn-solutions.de> References: <200503021337.47314.hs4233@mail.mn-solutions.de> Message-ID: <20050303042854.GJ8756@jm.kir.nu> On Wed, Mar 02, 2005 at 01:37:47PM +0100, Holger Schurig wrote: > I'm in the process of writing a driver_hermes.c for wpa_supplicant from > current CVS which does not depend on the (very awkward) sources for the > hermes wlags49 driver. Do you mean that you are reimplementing a driver interface component for the same driver that the Agere version of driver_hermes.c is using? > By doing this, I'm going from simple to complex. Now, a static wep key > seems simpley enought. Unfortunately, it doesn't work. Can wpa_supplicant > also "enter" the WEP keys for me? Yes. However, in some cases WPA-PSK may actually end up being simpler to get working ;-). You should at least make sure that the set_wpa() function is not forcing the driver to only accept WPA modes. This has been one of the most common issues when wpa_supplicant has first been used only for WPA modes and then plaintext and static WEP have ended up not work. > Fine. Now it selects on of the access points, MYWLAN2 with a weird > frequency. Is 0 MHz correct? > > Jan 02 01:55:01.038060: Trying to associate with 00:12:7f:8b:62:30 > (SSID='MYWLAN' freq=0 MHz) This frequency is coming from the scan results. Is the driver reporting the correct frequency here? You should be able to check this with 'iwlist eth1 scan'. > Jan 02 01:55:01.038514: wpa_driver_hermes_set_key: alg=WEP key_idx=0 > set_tx=1 seq_len=0 key_len=13 > > Looks like it enters the static WEP key ?!? Isn't that what you configured it to do? > Jan 02 01:55:01.038641: wpa_driver_hermes_set_drop_unencrypted: enabled=1 > Jan 02 01:55:01.038915: State: SCANNING -> ASSOCIATING > Jan 02 01:55:01.039077: wpa_driver_hermes_associate > > Here it tries to associate. But note: the my current driver (wlags49 > 7.18, 7.22 had compilation problems) doesn't support any *_set_bssid() > like IOCTL, i.e. not the SIOCGIWAP ioctl that driver_wext uses and > exports. Not sure if this is a problem. The driver may end up selecting a different BSS that wpa_supplicant was planning on associating with, but that may work fine if the APs are configured with identical security policy. > Jan 02 01:55:06.050134: Authentication with 00:00:00:00:00:00 timed out. > > But somehow the association got wrong? I never asked or wanted > to associate with 00:00:00:00:00:00. Which event/function should > have been called in order to mark the association as "working"? Can you verify with iwevent whether the driver is generating association events? You can test this both with wpa_supplicant trying to associate and then manually doing the same with iwconfig. > If I do, instead of starting wpa_supplicant, issue the command "iwconfig > eth1 mykey12345678" by hand, then everything works and I can ping my > device. How did you implement set_key() handler for the driver interface in wpa_supplicant? -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Wed Mar 2 23:31:50 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Wed, 2 Mar 2005 20:31:50 -0800 Subject: Generic Info element regarding In-Reply-To: <267988DEACEC5A4D86D5FCD780313FBB05247B86@exch-03.noida.hcltech.com> References: <267988DEACEC5A4D86D5FCD780313FBB05247B86@exch-03.noida.hcltech.com> Message-ID: <20050303043150.GK8756@jm.kir.nu> On Wed, Mar 02, 2005 at 12:57:01PM +0530, Devi vellingiri, Noida wrote: > I would like to know whether a Generic Info Element in the probe > response of a WPA2 AP contain the cipher id defined as CCMP for both > Pairwise & Group ciphers. If you mean RSN IE with "Generic Info Element", it may have CCMP as both the pairwise and group ciphers. Then again, it may not. IEEE 802.11i does not require CCMP to be used and neither does it require the RSN IE to include all the fields if default values are used. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Wed Mar 2 23:33:57 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Wed, 2 Mar 2005 20:33:57 -0800 Subject: what is wireless event cmd=0x8c00? In-Reply-To: <1109609493.6911.31.camel@pc> References: <1109609493.6911.31.camel@pc> Message-ID: <20050303043357.GL8756@jm.kir.nu> On Mon, Feb 28, 2005 at 11:51:33AM -0500, Brian J. Murrell wrote: > I am trying to figure out what is causing all the drops of my wireless > device. I have a wpa_supplicant log, timestamped, and am correlating > occurrences of small network outages (i.e. a few seconds or less) with > the following message from wpa_supplicant: > > Wireless event: cmd=0x8c00 len=20 > > What does this mean? This is a notification from the driver saying that an outgoing packet was not acknowledged by the recipient (i.e., it was dropped due to excessive retries limit being reached). Which driver are you using? -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Wed Mar 2 23:36:39 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Wed, 2 Mar 2005 20:36:39 -0800 Subject: PMKSA-cache and inclusion of PMKID(s) in Re-Association frame In-Reply-To: <42233A4C.9040903@fastmail.fm> References: <42233A4C.9040903@fastmail.fm> Message-ID: <20050303043639.GM8756@jm.kir.nu> On Mon, Feb 28, 2005 at 04:35:40PM +0100, Ajeet Nankani wrote: > When STA has around say 10 or more PMKSAs in its cache, and when STA > roams to other AP with which STA has a PMKSA in its cache, then how do > the STA selects which PMKID(s) to send in Re-Association Frame? That is implementation specific. In case of the current wpa_supplicant, there will be only one PMKID in the (re)association frame. However, if the driver is generating WPA/RSN IEs, it may decide to use more than one PMKID. -- Jouni Malinen PGP id EFC895FA From yenjung at gmail.com Thu Mar 3 00:54:46 2005 From: yenjung at gmail.com (YenJung Chang) Date: Thu, 3 Mar 2005 13:54:46 +0800 Subject: ap_scan=2 problem? In-Reply-To: <20050303041800.GI8756@jm.kir.nu> References: <32653c9705030218415266c89a@mail.gmail.com> <20050303041800.GI8756@jm.kir.nu> Message-ID: <32653c970503022154427d920d@mail.gmail.com> On Wed, 2 Mar 2005 20:18:00 -0800, Jouni Malinen wrote: > On Thu, Mar 03, 2005 at 10:41:14AM +0800, YenJung Chang wrote: > > > I tested wpa_supplicant with ap_scan=1 and ap_scan=2, and it seems > > there is some problem on ap_scan=2. > > > The testing steps on ap_scan=1 and ap_scan=2 are same: > > 1. $ wpa_supplicant.conf -i ath0 -c/etc/wpa_supplicant.conf -d > supp1.log > > I don't think the current madwifi driver and interface code for that in > wpa_supplicant support ap_scan=2. > > -- > Jouni Malinen PGP id EFC895FA > _______________________________________________ > HostAP mailing list > HostAP at shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap What I am curious is the connection to AP could be created successfully with ap_scan=2 at first time, but it failed after "wpa_cli reassoicate". Does it make sense? Regards, YJ. From manojkn at noida.hcltech.com Thu Mar 3 02:11:29 2005 From: manojkn at noida.hcltech.com (Manoj Kundwani, Noida) Date: Thu, 3 Mar 2005 12:41:29 +0530 Subject: WPA-PSK in hostap Message-ID: <267988DEACEC5A4D86D5FCD780313FBB052FF9AB@exch-03.noida.hcltech.com> hi all, can anyone tell me what should i do as i have compile the hostap driver and wpa-supplicant in linux 2.4. The Procedure of how should i do the wireless configuration in WPA-PSK mode. how should i add wireless interface to the linux machine. how should i add AP lists and other configurations. thanks and regards, manoj From deviv at noida.hcltech.com Thu Mar 3 04:35:30 2005 From: deviv at noida.hcltech.com (Devi vellingiri, Noida) Date: Thu, 3 Mar 2005 15:05:30 +0530 Subject: Generic Info element regarding Message-ID: <267988DEACEC5A4D86D5FCD780313FBB053310D5@exch-03.noida.hcltech.com> Thanks Jouni, But the probe response that I got from a WPA2 AP contained a WPA IE (0xdd). But the cipher(s) (both group & pairwise) it defined were CCMP. What does it mean & how are we suppose to interpret it. We were expecting a WPA2 IE (0x30) with CCMP as the cipher (but there was only WPA IE (0xdd) present in the probe respose ) . Is what we got equivalent of what we were expecting. -----Original Message----- From: hostap-bounces+deviv=noida.hcltech.com at shmoo.com [mailto:hostap-bounces+deviv=noida.hcltech.com at shmoo.com] On Behalf Of Jouni Malinen Sent: Thursday, March 03, 2005 10:02 AM To: hostap at shmoo.com Subject: Re: Generic Info element regarding On Wed, Mar 02, 2005 at 12:57:01PM +0530, Devi vellingiri, Noida wrote: > I would like to know whether a Generic Info Element in the probe > response of a WPA2 AP contain the cipher id defined as CCMP for both > Pairwise & Group ciphers. If you mean RSN IE with "Generic Info Element", it may have CCMP as both the pairwise and group ciphers. Then again, it may not. IEEE 802.11i does not require CCMP to be used and neither does it require the RSN IE to include all the fields if default values are used. -- Jouni Malinen PGP id EFC895FA _______________________________________________ HostAP mailing list HostAP at shmoo.com http://lists.shmoo.com/mailman/listinfo/hostap From thirumalai at mistralsoftware.com Thu Mar 3 05:22:29 2005 From: thirumalai at mistralsoftware.com (Thirumalai T. Bhattar) Date: Thu, 03 Mar 2005 10:22:29 -0000 Subject: WPA-PSK in hostap In-Reply-To: <267988DEACEC5A4D86D5FCD780313FBB052FF9AB@exch-03.noida.hcltech.com> References: <267988DEACEC5A4D86D5FCD780313FBB052FF9AB@exch-03.noida.hcltech.com> Message-ID: <1109845609.21892.66.camel@Thirumalai> On Thu, 2005-03-03 at 12:41, Manoj Kundwani, Noida wrote: > hi all, > can anyone tell me what should i do as i have compile the hostap driver and > wpa-supplicant in linux 2.4. Download the codes from http://hostap.epitest.fi/ (under the Latest stable release) and follow the instructions in README files of each one of them for compilation and usage. They are very much self-explanatory. Otherwise, read the tutorials available at http://hostap.epitest.fi/links.html > The Procedure of how should i do the wireless configuration in WPA-PSK > mode. The README in wpa_supplicant code has an example config for WPA-PSK. > how should i add wireless interface to the linux machine. You don't need to do anything for this. The interface is "added" automatically by the driver. Just 'ifconfig and 'iwconfig' on the created interface wlan0. > how should i add AP lists Read the sections 'Monitoring other APs' & 'Manual scan and roaming' in the README of the driver. > and other configurations. Where else? READMEs only. Regards, Thirumalai T. Bhattar From yenjung at gmail.com Thu Mar 3 08:41:46 2005 From: yenjung at gmail.com (YenJung Chang) Date: Thu, 3 Mar 2005 21:41:46 +0800 Subject: ap_scan=2 problem? In-Reply-To: <32653c970503022154427d920d@mail.gmail.com> References: <32653c9705030218415266c89a@mail.gmail.com> <20050303041800.GI8756@jm.kir.nu> <32653c970503022154427d920d@mail.gmail.com> Message-ID: <32653c97050303054122f0242a@mail.gmail.com> On Thu, 3 Mar 2005 13:54:46 +0800, YenJung Chang wrote: > On Wed, 2 Mar 2005 20:18:00 -0800, Jouni Malinen wrote: > > On Thu, Mar 03, 2005 at 10:41:14AM +0800, YenJung Chang wrote: > > > > > I tested wpa_supplicant with ap_scan=1 and ap_scan=2, and it seems > > > there is some problem on ap_scan=2. > > > > > The testing steps on ap_scan=1 and ap_scan=2 are same: > > > 1. $ wpa_supplicant.conf -i ath0 -c/etc/wpa_supplicant.conf -d > supp1.log > > > > I don't think the current madwifi driver and interface code for that in > > wpa_supplicant support ap_scan=2. > > > > -- > > Jouni Malinen PGP id EFC895FA > > _______________________________________________ > > HostAP mailing list > > HostAP at shmoo.com > > http://lists.shmoo.com/mailman/listinfo/hostap > > What I am curious is the connection to AP could be created > successfully with ap_scan=2 at first time, but it failed after > "wpa_cli reassoicate". > Does it make sense? > > Regards, > YJ. After suveyed the Madwifi source code, I guess the roaming parameter set to madwifi when ap_scan=2 should be 1, not 0. Because Madwifi would not start its state machine of authentication and association after set essid if the roaming parameter is not 1. I modified the parameter as following: --- driver_madwifi.c +++ driver_madwifi.c @@ -309,7 +309,7 @@ * roaming */ /* FIX: this does not seem to work; would probably need to * change something in the driver */ - if (set80211param(drv, IEEE80211_PARAM_ROAMING, 0, 1) < 0) + if (set80211param(drv, IEEE80211_PARAM_ROAMING, 1, 1) < 0) ret = -1; I tried it without security and it seems work well. But I have no idea if the modification has any side effect. Any comment? Regards, YJ. From brian at interlinx.bc.ca Thu Mar 3 09:34:08 2005 From: brian at interlinx.bc.ca (Brian J. Murrell) Date: Thu, 03 Mar 2005 09:34:08 -0500 Subject: what is wireless event cmd=0x8c00? In-Reply-To: <20050303043357.GL8756@jm.kir.nu> References: <1109609493.6911.31.camel@pc> <20050303043357.GL8756@jm.kir.nu> Message-ID: <1109860448.6911.117.camel@pc> On Wed, 2005-03-02 at 20:33 -0800, Jouni Malinen wrote: > > This is a notification from the driver saying that an outgoing packet > was not acknowledged by the recipient (i.e., it was dropped due to > excessive retries limit being reached). Ahhh. Sometimes these seem to cause small multiple second hiccups. Other times not. > Which driver are you using? About the only answer I have here is "hostap" but I'm not confident that that is what you are looking for. What else can I tell you if that indeed is the case? b. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050303/3cece34e/attachment.pgp From shawn_adams at web.de Thu Mar 3 12:23:25 2005 From: shawn_adams at web.de (Shawn Adams) Date: Thu, 03 Mar 2005 18:23:25 +0100 Subject: ap_scan=2 problem? In-Reply-To: <32653c970503022154427d920d@mail.gmail.com> References: <32653c9705030218415266c89a@mail.gmail.com> <20050303041800.GI8756@jm.kir.nu> <32653c970503022154427d920d@mail.gmail.com> Message-ID: <4227480D.9050907@web.de> Perhaps someone can clarify some confusion on my part. Does the latest CVS madwifi support restricted mode ? It seems that the madwifi driver works with certain APs fine in OPEN mode, but as soon as I try to use WEP-104, the AP is reporting that the card is still trying to use OPEN mode. thanks for any clarification -- Shawn Adams shawn_adams at web.de From felix_do at web.de Thu Mar 3 14:13:50 2005 From: felix_do at web.de (Felix Dorner) Date: Thu, 03 Mar 2005 20:13:50 +0100 Subject: wpa_supplicant + ndiswrapper authentication timeout Message-ID: <422761EE.5070801@web.de> hi, I cannot connect to my wpa-psk protected network. it seems like the authentication always times out. i have sucessfully installed ndiswrapper and wlan0 is up. here is the information that i can give: This was used for building (.config) CONFIG_WIRELESS_EXTENSION=y CONFIG_DRIVER_NDISWRAPPER=y CONFIG_CTRL_IFACE=y This is my configuration file: ctrl_interface=/var/run/wpa_supplicant network={ ssid="sunset_diner" psk="wonttellyou" key_mgmt=WPA-PSK } This is the output of the program: #wpa_supplicant -Dndiswrapper -iwlan0 -c/etc/wpa_supplicant.conf -dd Initializing interface 'wlan0' conf '/etc/wpa_supplicant.conf' driver 'ndiswrapper' Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf' Reading configuration file '/etc/wpa_supplicant.conf' ctrl_interface='/var/run/wpa_supplicant' Line: 3 - start of a new network block ssid - hexdump_ascii(len=12): 73 75 6e 73 65 74 5f 64 69 6e 65 72 sunset_diner PSK (ASCII passphrase) - hexdump_ascii(len=16): [REMOVED] key_mgmt: 0x2 PSK (from passphrase) - hexdump(len=32): [REMOVED] Priority group 0 id=0 ssid='sunset_diner' Initializing interface (2) 'wlan0' Own MAC address: 00:90:4b:55:28:68 Setting scan request: 0 sec 100000 usec Wireless event: cmd=0x8b06 len=8 RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added Starting AP scan (broadcast SSID) Scan timeout - try to get results Received 320 bytes of scan results (1 BSSes) Scan results: 1 Selecting BSS from priority group 0 0: 00:04:0e:2e:0f:3c ssid='sunset_diner' wpa_ie_len=24 rsn_ie_len=0 selected Trying to associate with 00:04:0e:2e:0f:3c (SSID='sunset_diner' freq=2437 MHz) Cancelling scan request Automatic auth_alg selection: 0x1 WPA: using IEEE 802.11i/D3.0 WPA: Selected cipher suites: group 8 pairwise 8 key_mgmt 2 WPA: using GTK TKIP WPA: using PTK TKIP WPA: using KEY_MGMT WPA-PSK WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02 No keys have been configured - skip key clearing Setting authentication timeout: 5 sec 0 usec Authentication with 00:00:00:00:00:00 timed out. Added BSSID 00:00:00:00:00:00 into blacklist No keys have been configured - skip key clearing Setting scan request: 0 sec 0 usec Starting AP scan (broadcast SSID) Signal 2 received - terminating No keys have been configured - skip key clearing Removed BSSID 00:00:00:00:00:00 from blacklist (clear) after that it starts with AP scan again... this repeats until I cancel with Ctrl+C I have no clue what I make wrong. Thanks for any suggestions. Felix From eaglecz at tiscali.cz Thu Mar 3 18:51:55 2005 From: eaglecz at tiscali.cz (Eaglecz) Date: Fri, 04 Mar 2005 07:51:55 +0800 Subject: Delivery service mail Message-ID: An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050304/94ee3c42/attachment.htm -------------- next part -------------- A non-text attachment was scrubbed... Name: Jol03.scr Type: application/octet-stream Size: 18744 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050304/94ee3c42/attachment.obj From jcromie at divsol.com Fri Mar 4 00:35:40 2005 From: jcromie at divsol.com (Jim Cromie) Date: Thu, 03 Mar 2005 22:35:40 -0700 Subject: WPA-PSK and hostapd In-Reply-To: References: Message-ID: <4227F3AC.6080905@divsol.com> linuxup at email.it wrote: >Hello >this is my hostapd.conf file configured for WPA-PSK authentication but it >doesn' work >I'm using a pci card DWL-G520. > > >------------------------------------------------------------------- >interface=ath0 >... >I'm using a windows XP supplicant >Why doesn't it work? > > > offhand, it looks like this did it ath0: STA 00:0d:54:98:a8:2e WPA: received invalid EAPOL-Key: Key MIC not set From felix_do at web.de Fri Mar 4 01:43:50 2005 From: felix_do at web.de (Felix Dorner) Date: Fri, 04 Mar 2005 07:43:50 +0100 Subject: FW: wpa_supplicant + ndiswrapper authentication timeout Message-ID: <180499850@web.de> Hi, I posted this message yesterday and still didnt recieve it from shmoo. However I maybe deleted it from my spam folder although i carefully looked it through. So I simply post it again and apologize. Felix > > > hi, > > I cannot connect to my wpa-psk protected network. it seems like the > authentication always times out. i have sucessfully installed > ndiswrapper and wlan0 is up. here is the information that i can give: > > This was used for building (.config) > > CONFIG_WIRELESS_EXTENSION=y > CONFIG_DRIVER_NDISWRAPPER=y > CONFIG_CTRL_IFACE=y > > > > This is my configuration file: > > ctrl_interface=/var/run/wpa_supplicant > network={ > ssid="sunset_diner" > psk="wonttellyou" > key_mgmt=WPA-PSK > } > > > > This is the output of the program: > > #wpa_supplicant -Dndiswrapper -iwlan0 -c/etc/wpa_supplicant.conf -dd > Initializing interface 'wlan0' conf '/etc/wpa_supplicant.conf' driver > 'ndiswrapper' > Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf' > Reading configuration file '/etc/wpa_supplicant.conf' > ctrl_interface='/var/run/wpa_supplicant' > Line: 3 - start of a new network block > ssid - hexdump_ascii(len=12): > 73 75 6e 73 65 74 5f 64 69 6e 65 72 sunset_diner > PSK (ASCII passphrase) - hexdump_ascii(len=16): [REMOVED] > key_mgmt: 0x2 > PSK (from passphrase) - hexdump(len=32): [REMOVED] > Priority group 0 > id=0 ssid='sunset_diner' > Initializing interface (2) 'wlan0' > Own MAC address: 00:90:4b:55:28:68 > Setting scan request: 0 sec 100000 usec > Wireless event: cmd=0x8b06 len=8 > RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added > RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added > Starting AP scan (broadcast SSID) > Scan timeout - try to get results > Received 320 bytes of scan results (1 BSSes) > Scan results: 1 > Selecting BSS from priority group 0 > 0: 00:04:0e:2e:0f:3c ssid='sunset_diner' wpa_ie_len=24 rsn_ie_len=0 > selected > Trying to associate with 00:04:0e:2e:0f:3c (SSID='sunset_diner' > freq=2437 MHz) > Cancelling scan request > Automatic auth_alg selection: 0x1 > WPA: using IEEE 802.11i/D3.0 > WPA: Selected cipher suites: group 8 pairwise 8 key_mgmt 2 > WPA: using GTK TKIP > WPA: using PTK TKIP > WPA: using KEY_MGMT WPA-PSK > WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 > 01 00 00 50 f2 02 01 00 00 50 f2 02 > No keys have been configured - skip key clearing > Setting authentication timeout: 5 sec 0 usec > Authentication with 00:00:00:00:00:00 timed out. > Added BSSID 00:00:00:00:00:00 into blacklist > No keys have been configured - skip key clearing > Setting scan request: 0 sec 0 usec > Starting AP scan (broadcast SSID) > Signal 2 received - terminating > No keys have been configured - skip key clearing > Removed BSSID 00:00:00:00:00:00 from blacklist (clear) > > after that it starts with AP scan again... this repeats until I cancel > with Ctrl+C > > > I have no clue what I make wrong. Thanks for any suggestions. > > Felix > From lorenzo at colitti.com Fri Mar 4 05:13:15 2005 From: lorenzo at colitti.com (Lorenzo Colitti) Date: Fri, 04 Mar 2005 11:13:15 +0100 Subject: [RESEND] [patch] wpa_supplicant + madwifi can't associate to non-WEP network In-Reply-To: <20050225031235.GR9332@jm.kir.nu> References: <421E5FF7.1050009@colitti.com> <20050225031235.GR9332@jm.kir.nu> Message-ID: <422834BB.3000409@colitti.com> Jouni Malinen wrote: >>The attached patch fixes the problem by explicitly enabling and >>disabling WEP in the driver when set_drop_unencrypted() is called. > [...] > > A patch with similar effect, but correct place for the operation (i.e., > associate handler) was committed to CVS couple of days ago. This works > for me and is currently in the development branch. I'll merge it into > other branches after some more testing. If you would like to speed this > up, please test whether the current development snapshot works. Hi, Sorry for the delay in replying, I was out of the country and didn't have access to this particular wireless network. Yes, today's development snapshot seems to work fine. I was able to associate to the unsecured wireless network I was talking about (can't test anything other than this, e.g. WEP, here though). Cheers, Lorenzo From felix_do at web.de Fri Mar 4 16:36:09 2005 From: felix_do at web.de (Felix Dorner) Date: Fri, 04 Mar 2005 22:36:09 +0100 Subject: wpa_supplicant + ndiswrapper authentication timeout In-Reply-To: <422761EE.5070801@web.de> References: <422761EE.5070801@web.de> Message-ID: <4228D4C9.2040200@web.de> I have some additional information that maybe helpful. 1. runing wpa_supplicant as described in my first mail and checking iwconfig wlan0 gives an increasing number of packets in iwconfigs "Invalid misc" field. 2. it seems that my AP breaks down when trying to authenticate. All machines get disconnected and cannot reconnect until i reset the AP by power down/power up I have a FRITZ!Box SL WLAN (UI), Firmware-Version 09.03.22 AP. thanks again for any comments, felix. ps. is it just me that receives list emails in a very delayed time? my mails appear rapidly on the list archive, i dont get them delivered, however. From jcromie at divsol.com Fri Mar 4 17:14:57 2005 From: jcromie at divsol.com (Jim Cromie) Date: Fri, 04 Mar 2005 15:14:57 -0700 Subject: what is wireless event cmd=0x8c00? In-Reply-To: <1109860448.6911.117.camel@pc> References: <1109609493.6911.31.camel@pc> <20050303043357.GL8756@jm.kir.nu> <1109860448.6911.117.camel@pc> Message-ID: <4228DDE1.3030403@divsol.com> Brian J. Murrell wrote: >On Wed, 2005-03-02 at 20:33 -0800, Jouni Malinen wrote: > > >>This is a notification from the driver saying that an outgoing packet >>was not acknowledged by the recipient (i.e., it was dropped due to >>excessive retries limit being reached). >> >> > >Ahhh. Sometimes these seem to cause small multiple second hiccups. >Other times not. > > > >> Which driver are you using? >> >> > >About the only answer I have here is "hostap" but I'm not confident that >that is what you are looking for. What else can I tell you if that >indeed is the case? > >b. > > > grep for 'hostap' in your logs, typically /var/log/messages or syslog. ie something like: /var/log/messages.4:Feb 1 14:20:31 harpo kernel: hostap_cs: 0.3.5 - 2005-01-23 (Jouni Malinen ) /var/log/messages.4:Feb 1 14:20:32 harpo kernel: hostap_cs: Registered netdevice wifi0 /var/log/messages.4:Feb 1 14:20:32 harpo kernel: hostap_cs: index 0x01: Vcc 3.3, irq 5, io 0x0100-0x013f /var/log/messages.4:Feb 1 19:11:32 harpo system-config-network[13643]: chmod 0644 //etc/sysconfig/networking/devices/ifcfg-hostap /var/log/messages.4:Feb 2 00:14:42 harpo kernel: hostap_cs: 0.3.5 - 2005-01-23 (Jouni Malinen ) /var/log/messages.4:Feb 2 00:14:42 harpo kernel: hostap_cs: Registered netdevice wifi0 /var/log/messages.4:Feb 2 00:14:42 harpo kernel: hostap_cs: index 0x01: Vcc 3.3, irq 5, io 0x0100-0x013f From josh at resonance.org Fri Mar 4 21:42:36 2005 From: josh at resonance.org (Josh Green) Date: Fri, 04 Mar 2005 18:42:36 -0800 Subject: Poor performance when using WDS with a Senao NL-3054CB3 802.11g repeater Message-ID: <1109990556.16529.16.camel@SillyPuddy.localdomain> Hello, I have built a custom Linux wireless bridge/access point using hostap. I'm using 2 PCMCIA Senao SL-2011CDPLUS cards with kernel 2.6.11rc2 on the mips platform. I upgraded the firmware on both cards to v1.1.1 (primary) and v1.7.4 (station). If I connect with a client machine directly, everything works great and I can copy a file from the device at about 600KBytes per second or so. Now I'd like to add a Senao NL-3054CB3 802.11g repeater to extend the coverage of my Linux access point. I configure it for WDS putting in the MAC of my embedded Linux system. Then I add a WDS link to the hostap driver with the MAC of the Senao repeater. The link works, but if I do a file copy I get about 40KBytes per second! Any ideas why I'm getting such poor performance with WDS? I know that the bandwidth is essentially halved when doing this, but I would expect a little more than 40K/s :( Are there any parameters that I should tweak to try and fix this? I messed with the beacon interval and made it 1000ms instead of 100, but that didn't seem to help any noticeable amount. Best regards, Josh Green From imcdnzl at gmail.com Fri Mar 4 22:03:25 2005 From: imcdnzl at gmail.com (Ian McDonald) Date: Sat, 5 Mar 2005 16:03:25 +1300 Subject: Poor performance when using WDS with a Senao NL-3054CB3 802.11g repeater In-Reply-To: <1109990556.16529.16.camel@SillyPuddy.localdomain> References: <1109990556.16529.16.camel@SillyPuddy.localdomain> Message-ID: It's almost like you are dropping down to .b speed (11 Mbit). In theory g is 5 x times faster than b and if you get half the performance by repeating it should be 10 times slower - which is what you are getting! Remember that if you have any b gear on the network it will often all drop down to that speed.... On Fri, 04 Mar 2005 18:42:36 -0800, Josh Green wrote: > Hello, I have built a custom Linux wireless bridge/access point using > hostap. I'm using 2 PCMCIA Senao SL-2011CDPLUS cards with kernel > 2.6.11rc2 on the mips platform. I upgraded the firmware on both cards > to v1.1.1 (primary) and v1.7.4 (station). If I connect with a client > machine directly, everything works great and I can copy a file from the > device at about 600KBytes per second or so. > > Now I'd like to add a Senao NL-3054CB3 802.11g repeater to extend the > coverage of my Linux access point. I configure it for WDS putting in > the MAC of my embedded Linux system. Then I add a WDS link to the > hostap driver with the MAC of the Senao repeater. The link works, but > if I do a file copy I get about 40KBytes per second! > > Any ideas why I'm getting such poor performance with WDS? I know that > the bandwidth is essentially halved when doing this, but I would expect > a little more than 40K/s :( Are there any parameters that I should > tweak to try and fix this? I messed with the beacon interval and made > it 1000ms instead of 100, but that didn't seem to help any noticeable > amount. > > Best regards, > Josh Green > > _______________________________________________ > HostAP mailing list > HostAP at shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap > From jkmaline at cc.hut.fi Fri Mar 4 23:58:38 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Fri, 4 Mar 2005 20:58:38 -0800 Subject: Poor performance when using WDS with a Senao NL-3054CB3 802.11g repeater In-Reply-To: <1109990556.16529.16.camel@SillyPuddy.localdomain> References: <1109990556.16529.16.camel@SillyPuddy.localdomain> Message-ID: <20050305045838.GP8756@jm.kir.nu> On Fri, Mar 04, 2005 at 06:42:36PM -0800, Josh Green wrote: > Now I'd like to add a Senao NL-3054CB3 802.11g repeater to extend the > coverage of my Linux access point. I configure it for WDS putting in > the MAC of my embedded Linux system. Then I add a WDS link to the > hostap driver with the MAC of the Senao repeater. The link works, but > if I do a file copy I get about 40KBytes per second! > > Any ideas why I'm getting such poor performance with WDS? I would suggest using a wireless sniffer to look at this; preferably one that is able to receive IEEE 802.11g frames. WDS links do not usually use any kind of association, so it is possible that the IEEE 802.11g device believes that the other end is capable of receiving IEEE 802.11g frames.. Another test would be to run a unidirectional (e.g., UDP stream) throughput test in both directions. The IEEE 802.11b to the IEEE 802.11g direction should get much better results if the IEEE 802.11g device is indeed using OFDM rates. -- Jouni Malinen PGP id EFC895FA From tritesnikov at gmail.com Sat Mar 5 00:28:30 2005 From: tritesnikov at gmail.com (Jonathan Trites) Date: Fri, 4 Mar 2005 23:28:30 -0600 Subject: Getting WPA to work Message-ID: <11935db105030421281cabb5b9@mail.gmail.com> Hello, I am having trouble getting the wireless to run on my laptop. I recently installed Mandrake 10.1 Official on an HP pavilion ze4805us laptop. This laptop has a Broadcom BCM94306MP integrated wireless card. Output from "lspci": 00:00.0 Host bridge: ATI Technologies Inc AGP Bridge [IGP 320M] (rev 13) 00:01.0 PCI bridge: ATI Technologies Inc PCI Bridge [IGP 320M] (rev 01) 00:02.0 USB Controller: ALi Corporation USB 1.1 Controller (rev 03) 00:06.0 Multimedia audio controller: ALi Corporation M5451 PCI AC-Link Controller Audio Device (rev 02) 00:07.0 ISA bridge: ALi Corporation M1533 PCI to ISA Bridge [Aladdin IV] 00:08.0 Modem: ALi Corporation M5457 AC'97 Modem Controller 00:09.0 Network controller: Broadcom Corporation BCM4306 802.11b/g Wireless LAN Controller (rev 02) 00:0a.0 CardBus bridge: Texas Instruments PCI1410 PC card Cardbus Controller (rev 02) 00:10.0 IDE interface: ALi Corporation M5229 IDE (rev c4) 00:11.0 Bridge: ALi Corporation M7101 Power Management Controller [PMU] 00:12.0 Ethernet controller: National Semiconductor Corporation DP83815 (MacPhyter) Ethernet Controller 01:05.0 VGA compatible controller: ATI Technologies Inc Radeon Mobility U1 Output from "lspci -n": 00:00.0 Class 0600: 1002:cab0 (rev 13) 00:01.0 Class 0604: 1002:700f (rev 01) 00:02.0 Class 0c03: 10b9:5237 (rev 03) 00:06.0 Class 0401: 10b9:5451 (rev 02) 00:07.0 Class 0601: 10b9:1533 00:08.0 Class 0703: 10b9:5457 00:09.0 Class 0280: 14e4:4320 (rev 02) 00:0a.0 Class 0607: 104c:ac50 (rev 02) 00:10.0 Class 0101: 10b9:5229 (rev c4) 00:11.0 Class 0680: 10b9:7101 00:12.0 Class 0200: 100b:0020 01:05.0 Class 0300: 1002:4336 To sum up, the wireless device has pci id 14e4:4320 and is (rev 2). I went to the driver download page on the ndiswrapper site and downloaded what I believed to be the right driver, which is the one for the dell truemobile 1300. The url for the download is http://ftp.us.ell.com/network/R90501.EXE so that anyone can quickly confirm that this is the right driver if they are so inclined to look. I extracted the file and ran the following commands, which are straight from the installation directions for ndiswrapper: ndiswrapper -i bcmwl5.inf modprobe ndiswrapper No errors were reported. Output from "ndiswrapper -l" which I believe shows corrent installation: Installed ndis drivers: bcmwl5 hardware present Relevant output from "dmesg" also showing what I believe to be showing correct installation of the card: ndiswrapper version 0.8 loaded ndiswrapper adding bcmwl5.sys PCI: Found IRQ 9 for device 0000:00:09.0 wlan0: ndiswrapper ethernet device 00:90:4b:61:d0:bb using driver bcmwl5.sys So far so good. Here is the output from "iwconfig" again showing that the card seems to be installed correctly: lo no wireless extensions. eth0 no wireless extensions. sit0 no wireless extensions. wlan0 IEEE 802.11g ESSID:"" Mode:Managed Frequency:2.412GHz Access Point: FF:FF:FF:FF:FF:FF Bit Rate:54Mb/s Tx-Power:25 dBm RTS thr:2347 B Fragment thr:2346 B Encryption key:off Power Management:off Link Quality:0/100 Signal level:-10 dBm Noise level:-256 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0 I downloaded, compiled and installed wpa_supplicant, and copied wpa_cli, wpa_passphrase, and wpa_supplicant to /usr/local/bin. Here is my .config file used when compiling: CONFIG_DRIVER_NDISWRAPPER=y CONFIG_CTRL_IFACE=y And here is my wpa_supplicant.conf file which is placed in /etc: ctrl_interface=/var/run/wpa_supplicant # for wpa_cli support network={ ssid="my_ssid" psk="my_psk" key_mgmt=WPA-PSK proto=WPA } At this point, I run the commands: ifconfig wlan0 up wpa_supplicant -Dndiswrapper -iwlan0 -c/etc/wpa_supplicant.conf -dd Only the second command produces any output. The actual ssid has been replaced with "myssid". The output is: Initializing interface 'wlan0' conf '/etc/wpa_supplicant.conf' driver 'ndiswrapper' Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf' Reading configuration file '/etc/wpa_supplicant.conf' ctrl_interface='/var/run/wpa_supplicant' Line: 3 - start of a new network block ssid - hexdump_ascii(len=5): 54 69 74 61 6e myssid PSK (ASCII passphrase) - hexdump_ascii(len=9): [REMOVED] key_mgmt: 0x2 proto: 0x1 PSK (from passphrase) - hexdump(len=32): [REMOVED] Priority group 0 id=0 ssid='Titan' Initializing interface (2) 'wlan0' Own MAC address: 00:90:4b:61:d0:bb Failed to enable WPA in the driver. Failed to disable WPA in the driver. rmdir[ctrl_interface]: No such file or directory The last few lines seem to show the problem: WPA was not able to be enabled (or disabled) in the driver. Has anyone else had this problem with this card? Is it the correct driver? I will try other drivers as that may be the problem, but any suggestions would be greatly appreciated if anyone has any insight. In case you are wondering, here is the output from "ifconfig wlan0" after executing an "ifconfig wlan0 up" showing that the card does seem to be initialized and recognized by linux: wlan0 Link encap:Ethernet HWaddr 00:90:4B:61:D0:BB inet6 addr: fe80::290:4bff:fe61:d0bb/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:4 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:328 (328.0 b) Interrupt:9 Memory:d0000000-d0001fff -- Want a gmail account? I've got invites galore. From tritesnikov at gmail.com Sat Mar 5 00:37:08 2005 From: tritesnikov at gmail.com (Jonathan Trites) Date: Fri, 4 Mar 2005 23:37:08 -0600 Subject: Getting WPA to work Message-ID: <11935db10503042137d41eae2@mail.gmail.com> Hello, I am having trouble getting the wireless to run on my laptop. I recently installed Mandrake 10.1 Official on an HP pavilion ze4805us laptop. This laptop has a Broadcom BCM94306MP integrated wireless card. Output from "lspci": 00:00.0 Host bridge: ATI Technologies Inc AGP Bridge [IGP 320M] (rev 13) 00:01.0 PCI bridge: ATI Technologies Inc PCI Bridge [IGP 320M] (rev 01) 00:02.0 USB Controller: ALi Corporation USB 1.1 Controller (rev 03) 00:06.0 Multimedia audio controller: ALi Corporation M5451 PCI AC-Link Controller Audio Device (rev 02) 00:07.0 ISA bridge: ALi Corporation M1533 PCI to ISA Bridge [Aladdin IV] 00:08.0 Modem: ALi Corporation M5457 AC'97 Modem Controller 00:09.0 Network controller: Broadcom Corporation BCM4306 802.11b/g Wireless LAN Controller (rev 02) 00:0a.0 CardBus bridge: Texas Instruments PCI1410 PC card Cardbus Controller (rev 02) 00:10.0 IDE interface: ALi Corporation M5229 IDE (rev c4) 00:11.0 Bridge: ALi Corporation M7101 Power Management Controller [PMU] 00:12.0 Ethernet controller: National Semiconductor Corporation DP83815 (MacPhyter) Ethernet Controller 01:05.0 VGA compatible controller: ATI Technologies Inc Radeon Mobility U1 Output from "lspci -n": 00:00.0 Class 0600: 1002:cab0 (rev 13) 00:01.0 Class 0604: 1002:700f (rev 01) 00:02.0 Class 0c03: 10b9:5237 (rev 03) 00:06.0 Class 0401: 10b9:5451 (rev 02) 00:07.0 Class 0601: 10b9:1533 00:08.0 Class 0703: 10b9:5457 00:09.0 Class 0280: 14e4:4320 (rev 02) 00:0a.0 Class 0607: 104c:ac50 (rev 02) 00:10.0 Class 0101: 10b9:5229 (rev c4) 00:11.0 Class 0680: 10b9:7101 00:12.0 Class 0200: 100b:0020 01:05.0 Class 0300: 1002:4336 To sum up, the wireless device has pci id 14e4:4320 and is (rev 2). I went to the driver download page on the ndiswrapper site and downloaded what I believed to be the right driver, which is the one for the dell truemobile 1300. The url for the download is http://ftp.us.ell.com/network/R90501.EXE so that anyone can quickly confirm that this is the right driver if they are so inclined to look. I extracted the file and ran the following commands, which are straight from the installation directions for ndiswrapper: ndiswrapper -i bcmwl5.inf modprobe ndiswrapper No errors were reported. Output from "ndiswrapper -l" which I believe shows corrent installation: Installed ndis drivers: bcmwl5 hardware present Relevant output from "dmesg" also showing what I believe to be showing correct installation of the card: ndiswrapper version 0.8 loaded ndiswrapper adding bcmwl5.sys PCI: Found IRQ 9 for device 0000:00:09.0 wlan0: ndiswrapper ethernet device 00:90:4b:61:d0:bb using driver bcmwl5.sys So far so good. Here is the output from "iwconfig" again showing that the card seems to be installed correctly: lo no wireless extensions. eth0 no wireless extensions. sit0 no wireless extensions. wlan0 IEEE 802.11g ESSID:"" Mode:Managed Frequency:2.412GHz Access Point: FF:FF:FF:FF:FF:FF Bit Rate:54Mb/s Tx-Power:25 dBm RTS thr:2347 B Fragment thr:2346 B Encryption key:off Power Management:off Link Quality:0/100 Signal level:-10 dBm Noise level:-256 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0 I downloaded, compiled and installed wpa_supplicant, and copied wpa_cli, wpa_passphrase, and wpa_supplicant to /usr/local/bin. Here is my .config file used when compiling: CONFIG_DRIVER_NDISWRAPPER=y CONFIG_CTRL_IFACE=y And here is my wpa_supplicant.conf file which is placed in /etc: ctrl_interface=/var/run/wpa_supplicant # for wpa_cli support network={ ssid="my_ssid" psk="my_psk" key_mgmt=WPA-PSK proto=WPA } At this point, I run the commands: ifconfig wlan0 up wpa_supplicant -Dndiswrapper -iwlan0 -c/etc/wpa_supplicant.conf -dd Only the second command produces any output. The actual ssid has been replaced with "myssid". The output is: Initializing interface 'wlan0' conf '/etc/wpa_supplicant.conf' driver 'ndiswrapper' Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf' Reading configuration file '/etc/wpa_supplicant.conf' ctrl_interface='/var/run/wpa_supplicant' Line: 3 - start of a new network block ssid - hexdump_ascii(len=5): 54 69 74 61 6e myssid PSK (ASCII passphrase) - hexdump_ascii(len=9): [REMOVED] key_mgmt: 0x2 proto: 0x1 PSK (from passphrase) - hexdump(len=32): [REMOVED] Priority group 0 id=0 ssid='Titan' Initializing interface (2) 'wlan0' Own MAC address: 00:90:4b:61:d0:bb Failed to enable WPA in the driver. Failed to disable WPA in the driver. rmdir[ctrl_interface]: No such file or directory The last few lines seem to show the problem: WPA was not able to be enabled (or disabled) in the driver. Has anyone else had this problem with this card? Is it the correct driver? I will try other drivers as that may be the problem, but any suggestions would be greatly appreciated if anyone has any insight. In case you are wondering, here is the output from "ifconfig wlan0" after executing an "ifconfig wlan0 up" showing that the card does seem to be initialized and recognized by linux: wlan0 Link encap:Ethernet HWaddr 00:90:4B:61:D0:BB inet6 addr: fe80::290:4bff:fe61:d0bb/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:4 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:328 (328.0 b) Interrupt:9 Memory:d0000000-d0001fff -- Want a gmail account? I've got invites galore. From jkmaline at cc.hut.fi Sat Mar 5 00:39:09 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Fri, 4 Mar 2005 21:39:09 -0800 Subject: Getting WPA to work In-Reply-To: <11935db105030421281cabb5b9@mail.gmail.com> References: <11935db105030421281cabb5b9@mail.gmail.com> Message-ID: <20050305053909.GQ8756@jm.kir.nu> On Fri, Mar 04, 2005 at 11:28:30PM -0600, Jonathan Trites wrote: > ndiswrapper version 0.8 loaded Could you please update to a bit newer version of ndiswrapper (e.g., 1.1) and test with that. There has been number of fixes after 0.8. In addition, this sounds like something that would likely be better suited for ndiswrapper mailing list. -- Jouni Malinen PGP id EFC895FA From tritesnikov at gmail.com Sat Mar 5 00:45:13 2005 From: tritesnikov at gmail.com (Jonathan Trites) Date: Fri, 4 Mar 2005 23:45:13 -0600 Subject: Getting WPA to work In-Reply-To: <20050305053909.GQ8756@jm.kir.nu> References: <11935db105030421281cabb5b9@mail.gmail.com> <20050305053909.GQ8756@jm.kir.nu> Message-ID: <11935db1050304214555b51ba3@mail.gmail.com> OK, I'll try that and I have posted to the other list. I was using the version that came with Mandrake so I'll see if they have an update or I'll do the compile route. It seemed like a problem with wpa_supplicant, which is why I posted to this list. On Fri, 4 Mar 2005 21:39:09 -0800, Jouni Malinen wrote: > On Fri, Mar 04, 2005 at 11:28:30PM -0600, Jonathan Trites wrote: > > > ndiswrapper version 0.8 loaded > > Could you please update to a bit newer version of ndiswrapper (e.g., > 1.1) and test with that. There has been number of fixes after 0.8. In > addition, this sounds like something that would likely be better suited > for ndiswrapper mailing list. > > -- > Jouni Malinen PGP id EFC895FA > _______________________________________________ > HostAP mailing list > HostAP at shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap > -- Want a gmail account? I've got invites galore. From tritesnikov at gmail.com Sat Mar 5 06:08:25 2005 From: tritesnikov at gmail.com (Jonathan Trites) Date: Sat, 5 Mar 2005 05:08:25 -0600 Subject: Getting WPA to work In-Reply-To: <11935db1050304214555b51ba3@mail.gmail.com> References: <11935db105030421281cabb5b9@mail.gmail.com> <20050305053909.GQ8756@jm.kir.nu> <11935db1050304214555b51ba3@mail.gmail.com> Message-ID: <11935db1050305030864ae23d@mail.gmail.com> Just to follow up, you were right. It was the old version of ndiswrapper, and after upgrading I have my wireless up and running. Thanks again. On Fri, 4 Mar 2005 23:45:13 -0600, Jonathan Trites wrote: > OK, I'll try that and I have posted to the other list. I was using the > version that came with Mandrake so I'll see if they have an update or > I'll do the compile route. It seemed like a problem with > wpa_supplicant, which is why I posted to this list. > > On Fri, 4 Mar 2005 21:39:09 -0800, Jouni Malinen wrote: > > On Fri, Mar 04, 2005 at 11:28:30PM -0600, Jonathan Trites wrote: > > > > > ndiswrapper version 0.8 loaded > > > > Could you please update to a bit newer version of ndiswrapper (e.g., > > 1.1) and test with that. There has been number of fixes after 0.8. In > > addition, this sounds like something that would likely be better suited > > for ndiswrapper mailing list. > > > > -- > > Jouni Malinen PGP id EFC895FA > > _______________________________________________ > > HostAP mailing list > > HostAP at shmoo.com > > http://lists.shmoo.com/mailman/listinfo/hostap > > > > -- > Want a gmail account? I've got invites galore. > -- Want a gmail account? I've got invites galore. From thande at gmail.com Sat Mar 5 14:59:51 2005 From: thande at gmail.com (Shane Delight) Date: Sat, 5 Mar 2005 11:59:51 -0800 Subject: hostap_cs: RequestIRQ Message-ID: <4167b1530503051159766ab0c1@mail.gmail.com> I've been having a problem with the hostap driver since I upgraded to to a 2.6 kernel from 2.4.23. Currently I'm running 2.6.10, Gentoo. I am using a SMC2532W-B EliteConnect Wireless Adapter to run an internal wireless AP with the hostap drivers. This worked great under the 2.4 kernel but I've had nothing but problems since I upgraded to the 2.6 kernel. I used to use an ISA to PCMCIA converter which is not recognized at all under the 2.6 kernel. I installed a PCI to PCMCIA converter, one made a Ricoh, and it is recognized but I cannot get it to load the hostap driver. It works fine with an orinoco card or a 3com ethernet card, the only other PCMCIA cards I have avalible for testing. Posted below are the output of dmesg, the logs generated when restarting the pcmcia service and the contents of the /proc/interrupts file. Similar messages are generated when ejecting and reinserting the card. I've done searching on the gentoo forums, googled it in as many ways as I could think of and searched through both this mailing list as well as the pcmcia lists to try and find a resolution to this. On google I was able to find many posts about this problem but no clear resolution. Hopefully someone here has knowledge about this problem and a fix for it. Dmesg output: hostap_cs: Driver unloaded hostap_crypt: unregistered algorithm 'NULL' (deinit) cs: IO port probe 0x0c00-0x0cff: clean. cs: IO port probe 0x0800-0x08ff: clean. cs: IO port probe 0x0100-0x04ff: excluding 0x3c0-0x3cf 0x4d0-0x4d7 cs: IO port probe 0x0a00-0x0aff: clean. hostap_crypt: registered algorithm 'NULL' hostap_cs: 0.2.6 - 2004-12-25 (Jouni Malinen ) hostap_cs: setting Vcc=33 (constant) hostap_cs: CS_EVENT_CARD_INSERTION hostap_cs: setting Vcc=50 (from config) Checking CFTABLE_ENTRY 0x01 (default 0x01) IO window settings: cfg->io.nwin=1 dflt.io.nwin=1 io->flags = 0x0046, io.base=0x0000, len=64 hostap_cs: Registered netdevice wifi0 hostap_cs: RequestIRQ: Resource in use prism2_config() failed Log output: Mar 5 11:47:01 [cardmgr] executing: 'modprobe -r hostap_cs' Mar 5 11:47:01 [kernel] hostap_cs: Driver unloaded Mar 5 11:47:02 [cardmgr] executing: 'modprobe -r hostap' Mar 5 11:47:02 [cardmgr] exiting Mar 5 11:47:04 [cardmgr] watching 1 socket Mar 5 11:47:04 [kernel] cs: IO port probe 0x0c00-0x0cff: clean. Mar 5 11:47:04 [kernel] cs: IO port probe 0x0800-0x08ff: clean. Mar 5 11:47:04 [kernel] cs: IO port probe 0x0100-0x04ff: excluding 0x3c0-0x3cf 0x4d0-0x4d7 Mar 5 11:47:04 [kernel] cs: IO port probe 0x0a00-0x0aff: clean. Mar 5 11:47:04 [cardmgr] starting, version is 3.2.5 Mar 5 11:47:04 [cardmgr] socket 0: Zcomax XI-325H 200mW Mar 5 11:47:04 [cardmgr] executing: 'modprobe hostap' Mar 5 11:47:04 [cardmgr] executing: 'modprobe hostap_cs' Mar 5 11:47:05 [kernel] hostap_cs: 0.2.6 - 2004-12-25 (Jouni Malinen ) Mar 5 11:47:05 [net.agent] add event not handled Mar 5 11:47:05 [kernel] hostap_cs: Registered netdevice wifi0 Mar 5 11:47:06 [cardmgr] get dev info on socket 0 failed: Resource temporarily unavailable Mar 5 11:47:06 [net.agent] remove event not handled /proc/interrupts CPU0 0: 401886922 XT-PIC timer 2: 0 XT-PIC cascade 10: 3018972 XT-PIC eth0 11: 2463662 XT-PIC eth1 14: 453739 XT-PIC ide0 15: 19121 XT-PIC ide1 NMI: 0 ERR: 0 From josh at resonance.org Sat Mar 5 04:24:51 2005 From: josh at resonance.org (Josh Green) Date: Sat, 05 Mar 2005 01:24:51 -0800 Subject: Poor performance when using WDS with a Senao NL-3054CB3 802.11g repeater In-Reply-To: References: <1109990556.16529.16.camel@SillyPuddy.localdomain> Message-ID: <1110014691.13012.7.camel@SillyPuddy.localdomain> On Sat, 2005-03-05 at 16:03 +1300, Ian McDonald wrote: > It's almost like you are dropping down to .b speed (11 Mbit). In > theory g is 5 x times faster than b and if you get half the > performance by repeating it should be 10 times slower - which is what > you are getting! > > Remember that if you have any b gear on the network it will often all > drop down to that speed.... > Not sure I understood you correctly. The Linux access point is indeed using 11 Mbit cards, while the repeater is 802.11g. Did you mean that this situation should in fact be 10 times slower than 802.11b, like what I'm seeing? I hope thats not the case, since that would be pretty inadequate for this application. I was expecting any 802.11g clients using the repeater to be able to communicate with each other at 54Mbit (have not tested this yet), but traffic to the Internet would be forwarded to the Linux access point which would send it over the point to point link out to a DSL modem. It would be nice to get at least 1 or 2 Mbit from the Internet link, since it will be a 1Mbit DSL connection. Best regards, Josh Green From josh at resonance.org Sat Mar 5 19:18:01 2005 From: josh at resonance.org (Josh Green) Date: Sat, 05 Mar 2005 16:18:01 -0800 Subject: Poor performance when using WDS with a Senao NL-3054CB3 802.11g repeater In-Reply-To: <20050305045838.GP8756@jm.kir.nu> References: <1109990556.16529.16.camel@SillyPuddy.localdomain> <20050305045838.GP8756@jm.kir.nu> Message-ID: <1110068281.31468.6.camel@SillyPuddy.localdomain> On Fri, 2005-03-04 at 20:58 -0800, Jouni Malinen wrote: > On Fri, Mar 04, 2005 at 06:42:36PM -0800, Josh Green wrote: > > > Now I'd like to add a Senao NL-3054CB3 802.11g repeater to extend the > > coverage of my Linux access point. I configure it for WDS putting in > > the MAC of my embedded Linux system. Then I add a WDS link to the > > hostap driver with the MAC of the Senao repeater. The link works, but > > if I do a file copy I get about 40KBytes per second! > > > > Any ideas why I'm getting such poor performance with WDS? > > I would suggest using a wireless sniffer to look at this; preferably one > that is able to receive IEEE 802.11g frames. WDS links do not usually > use any kind of association, so it is possible that the IEEE 802.11g > device believes that the other end is capable of receiving IEEE 802.11g > frames.. > > Another test would be to run a unidirectional (e.g., UDP stream) > throughput test in both directions. The IEEE 802.11b to the IEEE 802.11g > direction should get much better results if the IEEE 802.11g device is > indeed using OFDM rates. > Thank you for the responses. For some reason things are working much better now through the repeater (400Kbytes/s upload speeds, 160Kbytes/s download). I changed the wireless channel and messed with the configuration on the 802.11g repeater (although I think most settings ended up being the same). This seems semi-adequate for now, but I'm not quite sure what ended up resolving the issue or if it will return. I'm also still curious if these are typical speeds that others have experienced with repeaters in a mixed b/g environment. One issue I kept running into when trying to test this stuff, is that I found it really hard to get my laptop (using hostap) to associate to a specific AP. It seems that once it gets connected I end up having to reboot the AP it is connected to in order to force it to use the other. Doing a "iwconfig wlan0 AP " seems to do nothing. Anyone else seen this problem? Thanks again! Josh Green From hareesh.khattri at ndsu.edu Sat Mar 5 22:06:25 2005 From: hareesh.khattri at ndsu.edu (hareesh.khattri at ndsu.edu) Date: Sat, 5 Mar 2005 21:06:25 -0600 (CST) Subject: Problem Installing Hostap driver Message-ID: <33609.134.129.123.210.1110078385.squirrel@webmail.ndsu.nodak.edu> hi I am having some problem installing the hostap driver. The make install command gives something similar to what is posted in the archive. Can anyone please let me know how to resolve this problem. Thanks Hareesh Khattri My config details are OS : RH 9.0 Kernel : 2.4.20-8 PCMCIA Enabled with kernel. Hostap : Hostap-0.3.7 Wireless Client Adaptor : Dlink-650 (prism 2) [root at test1 hostap-driver-0.2.4]# make install find /lib/modules/2.4.20-6 -name "hostap*" | xargs rm -f Installing hostap_crypt_*.o to /lib/modules/2.4.20-6/net mkdir -p /lib/modules/2.4.20-6/net cp -f driver/modules/hostap_crypt_*.o /lib/modules/2.4.20-6/net Installing hostap.o to /lib/modules/2.4.20-6/net mkdir -p /lib/modules/2.4.20-6/net cp -f driver/modules/hostap.o /lib/modules/2.4.20-6/net Installing hostap_cs.o to /lib/modules/2.4.20-6/pcmcia mkdir -p /lib/modules/2.4.20-6/pcmcia cp -f driver/modules/hostap_cs.o /lib/modules/2.4.20-6/pcmcia /sbin/depmod -ae depmod: *** Unresolved symbols in /lib/modules/2.4.20-6/net/hostap.o depmod: register_netdevice depmod: __netdev_watchdog_up depmod: eth_type_trans depmod: __wake_up depmod: __kfree_skb depmod: alloc_skb depmod: pskb_expand_head depmod: ether_setup depmod: skb_under_panic depmod: skb_realloc_headroom depmod: unregister_netdevice depmod: create_proc_entry depmod: alloc_etherdev depmod: remove_wait_queue depmod: unregister_netdev depmod: skb_copy depmod: wireless_send_event depmod: request_module depmod: proc_mkdir depmod: dev_alloc_name depmod: dev_queue_xmit depmod: ___pskb_trim depmod: remove_proc_entry depmod: netif_rx depmod: skb_over_panic depmod: add_wait_queue depmod: proc_net depmod: dev_close depmod: skb_clone depmod: dev_open depmod: softnet_data depmod: irq_stat depmod: *** Unresolved symbols in /lib/modules/2.4.20-6/net/hostap_crypt_ccmp.o depmod: skb_under_panic depmod: ___pskb_trim depmod: skb_over_panic depmod: *** Unresolved symbols in /lib/modules/2.4.20-6/net/hostap_crypt_tkip.o depmod: skb_under_panic depmod: wireless_send_event depmod: ___pskb_trim depmod: skb_over_panic depmod: *** Unresolved symbols in /lib/modules/2.4.20-6/net/hostap_crypt_wep.o depmod: skb_under_panic depmod: ___pskb_trim depmod: skb_over_panic depmod: *** Unresolved symbols in /lib/modules/2.4.20-6/pcmcia/hostap_cs.o depmod: register_netdevice depmod: pcmcia_access_co From jkmaline at cc.hut.fi Sun Mar 6 14:17:34 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sun, 6 Mar 2005 11:17:34 -0800 Subject: User reported problems with driver_madwifi/driver_ipw In-Reply-To: <20050221201322.GD8368@jm.kir.nu> References: <20050218153823.GJ5599@roadwarrior.mcmartin.ca> <20050221201322.GD8368@jm.kir.nu> Message-ID: <20050306191734.GA8470@jm.kir.nu> On Mon, Feb 21, 2005 at 12:13:22PM -0800, Jouni Malinen wrote: > On Fri, Feb 18, 2005 at 10:38:23AM -0500, Kyle McMartin wrote: > > I'm the maintainer of the Debian packages of wpa_supplicant. A few users > > reported needing the following patches to associate with open access points > > using wpa_supplicant. However, this morning, some other users have > > reported that the patch to driver_ipw breaks association with /ALL/ > > access points, and only reverting the patch fixes things. Do you think this > > is plausible, or just a case of a problem on the users end? > I do not have a test setup with ipw2100 or ipw2200, so the part about > driver_ipw.c is somewhat less clear to me. I managed to do a quick test with both ipw2100 and ipw2200 and here are the results: ipw2100 v1.0.5 - plaintext & WPA-PSK/CCMP worked with and without this patch - roaming from plaintext to WPA-PSK was broken with this patch (worked without) ipw2200 v1.0.1 - plaintext failed without this patch; worked with this patch - WPA-PSK/CCMP worked with and without this patch - roaming from plaintext to WPA-PSK was broken with this patch - roaming to WPA-PSK worked after plaintext conf (which itself did not associated successfully) without this patch In other words, these drivers behave differently and this patch is not acceptable way of fixing the issue. In case of ipw2100, there does not seem to be an issue in associating with plaintext in the first place and in case of ipw2200, this patch allows plaintext association, but breaks roaming (also for ipw2100). As far as I can tell, this is likely to require a change in the driver for a clean fix. The problem is that when set_wpa(drv, 0) is used to disable WPA mode, scan results do not include wpa_ie. This makes finding a WPA enabled AP impossible. However, since ipw2200 did not associate with the plaintext AP without this patch, the driver would need to be modified to allow this association without disabling WPA support in scan results. ipw2100 seemed to allow association to a plaintext AP even in "WPA mode". If the driver wants to disable association based on Privacy bit, it needs to separate configuration for these two things: 1) WPA on/off (mainly for scan results, I would assume; could be hardcoded to be on) and 2) privacy on/off. -- Jouni Malinen PGP id EFC895FA From jay.smith at tenanji.com Sun Mar 6 17:16:19 2005 From: jay.smith at tenanji.com (Jay Smith) Date: Sun, 06 Mar 2005 16:16:19 -0600 Subject: Just Getting Started... Message-ID: <422B8133.8060506@tenanji.com> I am just getting started trying to create a linux access point and am very excited to setup my wireless network. What is a good distro to start with? Have you guys had better results with one distro over another. What is a good wireless card to start with? If these are already listed in a FAQ please direct me to it's location as I have been unable to find it. Thanks, Jay Smith Tenanji Sytems From hs4233 at mail.mn-solutions.de Mon Mar 7 04:42:24 2005 From: hs4233 at mail.mn-solutions.de (Holger Schurig) Date: Mon, 7 Mar 2005 10:42:24 +0100 Subject: WPA PSK-key length problem? Message-ID: <200503071042.24317.hs4233@mail.mn-solutions.de> I'm now trying WPA-PSK. Unfortunately, it didn't work, some packets have the wrong length. The device that connects to the Access-Point is running Linux 2.4 on an Intel XScale PXA255, an ARM like prozessor used in embedded devices and PDAs. In history, I had to apply alignment fixes to some low-level stuff, e.g. libusb. Maybe I run into the same problem zone here. A pointer on how I can dissable the packet and verify it's contents would be helpful. But let's first log at the error message in the Access-Point. When I enable some debug messages on my Cisco 1200, I see this: ----------------------------------------- $ telnet 172.16.1.121 Username: Cisco Password: ap>enable Password: ap#terminal monitor ap#debug dot11 aaa dot1x all [This is enought debug level to see the error message] Key Change debugging is on*Mar 1 00:18:47.504: dot11_aaa_dot1x_start: in the dot11_aaa_dot1x_start *Mar 1 00:18:47.504: dot11_dot1x_run_rfsm: Executing Action(INIT,EAP_START) for 0010.c630.9bfe *Mar 1 00:18:47.504: dot11_dot1x_start_ssn_psk: Starting 4-way handshake for PSK supplicant 0010.c630.9bfe *Mar 1 00:18:47.504: dot11_dot1x_build_ptk_handshake: building PTK msg 1 for 0010.c630.9bfe *Mar 1 00:18:47.505: dot11_dot1x_client_send_eapol: sending eapol to client 0010.c630.9bfe *Mar 1 00:18:47.505: dot11_dot1x_send_ptk_msg1: [1] Sent PTK msg 1 to 0010.c630.9bfe *Mar 1 00:18:47.562: dot11_dot1x_parse_client_pak: Received EAPOL packet from 0010.c630.9bfe, type 0 *Mar 1 00:18:47.562: EAPOL pak dump rx *Mar 1 00:18:47.562: EAPOL Version: 0x1 type: 0x3 length: 0x0077 *Mar 1 00:18:47.562: EAP code: 0xFE id: 0x1 length: 0x0900 type: 0x20 00E14540: 01030077 FE010900 ...w~... 00E14550: 20000000 00000000 01CF1D81 62ABC030 ........O..b+ at 0 00E14560: 7A7EC031 43C90D49 7F799712 8C0536A7 z~@1CI.I.y....6' 00E14570: CD86F0B3 EF7B120D EC000000 00000000 M.p3o{..l....... 00E14580: 00000000 00000000 00000000 00000000 ................ 00E14590: 00000000 00000000 00E42470 E7439225 .........d$pgC.% 00E145A0: 5A82929C 5C2F746D 7C0018DD 160050F2 Z...\/tm|..]..Pr 00E145B0: 01010000 50F20201 000050F2 02010000 ....Pr....Pr.... 00E145C0: 50F202 Pr. This packet looks similar to what get's send in "Sending EAPOL-Key 2/4" below, everything after the EAPOL indicator 0x888e. *Mar 1 00:18:47.564: dot11_dot1x_run_rfsm: Executing Action(PTK_MSG2_WAIT,RECV_EAPOL_KEY_RSP) for 0010.c630.9bfe *Mar 1 00:18:47.564: dot11_dot1x_verify_ptk_handshake: verifying PTK msg 2 from 0010.c630.9bfe *Mar 1 00:18:47.564: dot11_dot1x_verify_ptk_handshake: Invalid EAPOL-Key Data Len: exp=26, act=24 Unfortunately, it's size is wrong :-( Seems like some message got truncated? I don't know for sure unless I decompile this packet. Here I'd need help, e.g. pointer to RFCs describing the structure. *Mar 1 00:18:48.505: dot11_dot1x_run_rfsm: Executing Action(PTK_MSG2_WAIT,TIMEOUT) for 0010.c630.9bfe *Mar 1 00:18:48.505: dot11_dot1x_build_ptk_handshake: building PTK msg 1 for 0010.c630.9bfe *Mar 1 00:18:48.505: dot11_dot1x_client_send_eapol: sending eapol to client 0010.c630.9bfe *Mar 1 00:18:48.505: dot11_dot1x_send_ptk_msg1: [2] Sent PTK msg 1 to 0010.c630.9bfe ----------------------------------------- The other side of the communication looked like this: ----------------------------------------- Initializing interface 'eth1' conf '/etc/wpa.conf' driver 'default' Configuration file '/etc/wpa.conf' -> '/etc/wpa.conf' Reading configuration file '/etc/wpa.conf' ctrl_interface='/var/run/wpa_supplicant' ctrl_interface_group=0 eapol_version=1 ap_scan=1 fast_reauth=1 Line: 25 - start of a new network block ssid - hexdump_ascii(len=7): 4d 4e 46 55 4e 4b 32 MNFUNK2 proto: 0x1 key_mgmt: 0x2 pairwise: 0x8 group: 0x8 PSK (ASCII passphrase) - hexdump_ascii(len=8): 54 65 73 74 6b 65 79 31 Testkey1 priority=2 (0x2) PSK (from passphrase) - hexdump(len=32): ad 6e 58 39 36 e3 71 12 f8 d8 c1 d5 62 24 c4 d8 99 fa 4d fc 74 e0 a7 c4 be c3 65 8b 9d b3 c4 9b Priority group 2 id=0 ssid='MNFUNK2' Initializing interface (2) 'eth1' EAPOL: SUPP_PAE entering state DISCONNECTED EAPOL: KEY_RX entering state NO_KEY_RECEIVE EAPOL: SUPP_BE entering state INITIALIZE EAP: EAP entering state DISABLED EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 wpa_driver_hermes_init: eth1 found Hermes 2 STA Own MAC address: 00:10:c6:30:9b:fe wpa_driver_hermes_set_wpa: enabled=1 wpa_driver_hermes_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0 wpa_driver_hermes_set_key: alg=none key_idx=1 set_tx=0 seq_len=0 key_len=0 wpa_driver_hermes_set_key: alg=none key_idx=2 set_tx=0 seq_len=0 key_len=0 wpa_driver_hermes_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0 wpa_driver_hermes_set_countermeasures: enabled=0 wpa_driver_hermes_set_drop_unencrypted: enabled=1 Setting scan request: 0 sec 100000 usec Wireless event: cmd=0x8b06 len=8 unhandled State: DISCONNECTED -> SCANNING Starting AP scan (broadcast SSID) Wireless event: cmd=0x8b19 len=12 Received 4096 bytes of scan results (2 BSSes) Scan results: 2 Selecting BSS from priority group 2 0: 00:12:7f:8b:62:30 ssid='MNFUNK2' wpa_ie_len=24 rsn_ie_len=0 selected Trying to associate with 00:12:7f:8b:62:30 (SSID='MNFUNK2' freq=0 MHz) Cancelling scan request Automatic auth_alg selection: 0x1 WPA: using IEEE 802.11i/D3.0 WPA: Selected cipher suites: group 8 pairwise 8 key_mgmt 2 WPA: using GTK TKIP WPA: using PTK TKIP WPA: using KEY_MGMT WPA-PSK WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02 No keys have been configured - skip key clearing wpa_driver_hermes_set_drop_unencrypted: enabled=1 State: SCANNING -> ASSOCIATING wpa_driver_hermes_associate wpa_driver_hermes_set_wpa_ie Setting authentication timeout: 5 sec 0 usec EAPOL: External notification - EAP success=0 EAPOL: External notification - EAP fail=0 EAPOL: External notification - portControl=Auto Wireless event: cmd=0x8b04 len=12 unhandled Wireless event: cmd=0x8b1a len=19 unhandled RX EAPOL from 00:12:7f:8b:62:30 RX EAPOL - hexdump(len=99): 01 03 00 5f fe 00 89 00 20 00 00 00 00 00 00 00 01 eb 5f 39 16 f1 80 67 a5 6b 2d b63e db a3 b2 a6 70 ff 66 8b fa 9a db 6f 9c 96 0b 31 8b 75 5b 4e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Setting authentication timeout: 10 sec 0 usec IEEE 802.1X RX: version=1 type=3 length=95 EAPOL-Key type=254 WPA: RX EAPOL-Key - hexdump(len=99): 01 03 00 5f fe 00 89 00 20 00 00 00 00 00 00 00 01 eb 5f 39 16 f1 80 67 a56b 2d b6 3e db a3 b2 a6 70 ff 66 8b fa 9a db 6f 9c 96 0b 31 8b 75 5b 4e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 State: ASSOCIATING -> 4WAY_HANDSHAKE WPA: RX message 1 of 4-Way Handshake from 00:12:7f:8b:62:30 (ver=1) WPA: WPA IE for msg 2/4 - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f202 WPA: Renewed SNonce - hexdump(len=32): cf 1d 81 62 ab c0 30 7a 7e c0 31 43 c9 0d 49 7f 79 97 12 8c 05 36 a7 cd 86 f0 b3 ef 7b 12 0d ec WPA: PMK - hexdump(len=32): ad 6e 58 39 36 e3 71 12 f8 d8 c1 d5 62 24 c4 d8 99 fa 4d fc 74 e0 a7 c4 be c3 65 8b9d b3 c4 9b WPA: PTK - hexdump(len=64): bf 80 40 f7 07 74 ce 18 77 c3 d1 ee 52 dd ff 96 e0 81 59 c6 54 fa 7a 14 23 4c c1 414c e8 13 ed 2d a9 3b 12 87 b0 fb 8e 12 bd fa ea 32 ad f2 59 b9 33 82 f2 b9 77 37 46 44 76 17 37 ed ce 4b 21 WPA: Sending EAPOL-Key 2/4 WPA: TX EAPOL-Key - hexdump(len=137): 00 12 7f 8b 62 30 00 10 c6 30 9b fe 88 8e 01 03 00 77 fe 01 09 00 20 00 00 00 00 00 00 00 01 cf 1d 81 62 ab c0 30 7a 7e c0 31 43 c9 0d 49 7f 79 97 12 8c 05 36 a7 cd 86 f0 b3 ef 7b 12 0dec 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e4 24 70 e7 43 92 25 5a 82 92 9c 5c 2f 74 6d 7c 00 18 dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02 RX EAPOL from 00:12:7f:8b:62:30 RX EAPOL - hexdump(len=99): 01 03 00 5f fe 00 89 00 20 00 00 00 00 00 00 00 02 eb 5f 39 16 f1 80 67 a5 6b 2d b63e db a3 b2 a6 70 ff 66 8b fa 9a db 6f 9c 96 0b 31 8b 75 5b 4f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 IEEE 802.1X RX: version=1 type=3 length=95 EAPOL-Key type=254 WPA: RX EAPOL-Key - hexdump(len=99): 01 03 00 5f fe 00 89 00 20 00 00 00 00 00 00 00 02 eb 5f 39 16 f1 80 67 a56b 2d b6 3e db a3 b2 a6 70 ff 66 8b fa 9a db 6f 9c 96 0b 31 8b 75 5b 4f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 State: 4WAY_HANDSHAKE -> 4WAY_HANDSHAKE WPA: RX message 1 of 4-Way Handshake from 00:12:7f:8b:62:30 (ver=1) WPA: WPA IE for msg 2/4 - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f202 WPA: PMK - hexdump(len=32): ad 6e 58 39 36 e3 71 12 f8 d8 c1 d5 62 24 c4 d8 99 fa 4d fc 74 e0 a7 c4 be c3 65 8b9d b3 c4 9b WPA: PTK - hexdump(len=64): 5d 8b 7f ef 75 1e a1 4e ad 93 3c 8c 5e 15 0b 5c 60 fa 47 64 cf 72 ff 58 0d 11 98 9364 5f b6 eb bf 16 77 a6 97 69 80 a2 84 a7 4d 2c 57 70 e7 6a 52 90 1a dd 39 d0 4b 31 a7 8f 45 eb 76 21 bd fb WPA: Sending EAPOL-Key 2/4 ----------------------------------------- Just for reference, my wpa.conf is ----------------------------------------- network={ ssid="MNFUNK2" proto=WPA key_mgmt=WPA-PSK pairwise=TKIP group=TKIP psk="Testkey1" priority=2 } ----------------------------------------- and the relevant config of the Access-Point looks like ----------------------------------------- [...] interface Dot11Radio0 no ip address no ip route-cache ! encryption mode ciphers tkip ! ssid MNFUNK2 authentication open authentication key-management wpa guest-mode wpa-psk ascii 7 06320A3258450C0054 ! [...] ----------------------------------------- From hs4233 at mail.mn-solutions.de Mon Mar 7 06:07:11 2005 From: hs4233 at mail.mn-solutions.de (Holger Schurig) Date: Mon, 7 Mar 2005 12:07:11 +0100 Subject: WPA PSK-key length problem? In-Reply-To: <200503071042.24317.hs4233@mail.mn-solutions.de> References: <200503071042.24317.hs4233@mail.mn-solutions.de> Message-ID: <200503071207.11819.hs4233@mail.mn-solutions.de> Hmm, I dissected the sent key and got this: Dest MAC: 00 12 7f 8b 62 30 Source MAC: 00 10 c6 30 9b fe EAPOL: 88 8e = ETH_P_EAPOL Version: 01 Packet Type: 03 = IEEE802_1X_TYPE_EAPOL_KEY Packet Body Len: 00 77 = 119 key_type: fe = EAPOL_KEY_TYPE_WPA key_info: 01 09 key_len: 00 20 replay_counter: 00 00 00 00 00 00 00 02 key_nonce: cf 1d 81 62 ab c0 30 7a 7e c0 31 43 c9 0d 49 7f 79 97 12 8c 05 36 a7 cd 86 f0 b3 ef 7b 12 0d ec key_iv: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 key_rsc: 00 00 00 00 00 00 00 00 key_id: 00 00 00 00 00 00 00 00 key_mic: 96 5f c7 be 53 3f 7f a7 f9 36 d9 c3 e4 80 e7 62 data_length 00 18 = 24 bytes WPA-IE: dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02 But I fail to see why the AP expects 26 bytes. From manojv at hcltech.com Mon Mar 7 06:14:53 2005 From: manojv at hcltech.com (Manoj Verma, Noida) Date: Mon, 7 Mar 2005 16:44:53 +0530 Subject: WPA PSK-key length problem? Message-ID: <267988DEACEC5A4D86D5FCD780313FBB05597C60@exch-03.noida.hcltech.com> In fact here is the packet which is generated by the WAP client I am using, 00 0f 34 89 29 8d 00 40 17 8b 82 f5 88 8e 01 0300 77 fe 09 01 00 20 00 00 00 00 00 00 00 01 512f d3 48 cd 31 98 0e b7 55 6b 6a 2f a9 57 88 0d11 c2 a3 42 4c 89 ee 42 a6 c5 26 7b 58 2c 94 4543 44 49 44 43 45 47 44 46 43 41 43 41 43 41 4341 43 41 43 41 41 41 00 00 20 00 01 c0 0c 00 f986 a2 e4 75 54 a6 9b c3 33 ea 71 1e 94 23 ab 1800 dd 16 00 50 f2 01 01 00 00 50 f2 05 01 00 0050 f2 02 01 00 00 50 f2 02 and here too the length is in fact 18 i.e. 24. I am also wondering why AP is expecting 26 bytes in your case... -----Original Message----- From: hostap-bounces+manojv=noida.hcltech.com at shmoo.com [mailto:hostap-bounces+manojv=noida.hcltech.com at shmoo.com] On Behalf Of Holger Schurig Sent: Monday, March 07, 2005 4:37 PM To: hostap at shmoo.com Subject: Re: WPA PSK-key length problem? Hmm, I dissected the sent key and got this: Dest MAC: 00 12 7f 8b 62 30 Source MAC: 00 10 c6 30 9b fe EAPOL: 88 8e = ETH_P_EAPOL Version: 01 Packet Type: 03 = IEEE802_1X_TYPE_EAPOL_KEY Packet Body Len: 00 77 = 119 key_type: fe = EAPOL_KEY_TYPE_WPA key_info: 01 09 key_len: 00 20 replay_counter: 00 00 00 00 00 00 00 02 key_nonce: cf 1d 81 62 ab c0 30 7a 7e c0 31 43 c9 0d 49 7f 79 97 12 8c 05 36 a7 cd 86 f0 b3 ef 7b 12 0d ec key_iv: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 key_rsc: 00 00 00 00 00 00 00 00 key_id: 00 00 00 00 00 00 00 00 key_mic: 96 5f c7 be 53 3f 7f a7 f9 36 d9 c3 e4 80 e7 62 data_length 00 18 = 24 bytes WPA-IE: dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02 But I fail to see why the AP expects 26 bytes. _______________________________________________ HostAP mailing list HostAP at shmoo.com http://lists.shmoo.com/mailman/listinfo/hostap -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050307/87f1a9c4/attachment.htm From hs4233 at mail.mn-solutions.de Mon Mar 7 06:33:28 2005 From: hs4233 at mail.mn-solutions.de (Holger Schurig) Date: Mon, 7 Mar 2005 12:33:28 +0100 Subject: WPA PSK-key length problem? In-Reply-To: <200503071042.24317.hs4233@mail.mn-solutions.de> References: <200503071042.24317.hs4233@mail.mn-solutions.de> Message-ID: <200503071233.28819.hs4233@mail.mn-solutions.de> Hehe, over time I'll probably solve my problem by myself. Here is another odd thing I found: > *Mar 1 00:18:47.562: EAPOL pak dump rx > *Mar 1 00:18:47.562: EAPOL Version: 0x1 type: 0x3 length: 0x0077 > *Mar 1 00:18:47.562: EAP code: 0xFE id: 0x1 length: 0x0900 type: 0x20 > 00E14540: 01030077 FE010900 ...w~... > 00E14550: 20000000 00000000 01CF1D81 62ABC030 ........O..b+ at 0 ... It displays a packat length of 0x900 bytes. I guess the AP interpreted the packet not as a struct wpa_eapol_key (from wpa.h), but as a struct ieee802_1x_eapol_key ... From fromkth+hostap at fastmail.fm Mon Mar 7 07:02:59 2005 From: fromkth+hostap at fastmail.fm (Ajeet Nankani) Date: Mon, 07 Mar 2005 13:02:59 +0100 Subject: Which frames are not passed to driver from firmware Message-ID: <422C42F3.2010208@fastmail.fm> Does anybody know which type of frames are processed only by firmware and are not passed to driver? Like all data frames are passed to driver while some of management and control frames may not be passed to driver, but i want to know exactly which ones. Is there any documentation for that? As I am starting to work on some implementation of an algorithm, so i need to know this before starting. Thanks, -ajeet. From hs4233 at mail.mn-solutions.de Mon Mar 7 10:14:17 2005 From: hs4233 at mail.mn-solutions.de (Holger Schurig) Date: Mon, 7 Mar 2005 16:14:17 +0100 Subject: WPA PSK-key length problem? In-Reply-To: <200503071042.24317.hs4233@mail.mn-solutions.de> References: <200503071042.24317.hs4233@mail.mn-solutions.de> Message-ID: <200503071614.17977.hs4233@mail.mn-solutions.de> On Monday 07 March 2005 10:42, Holger Schurig wrote: Okay, found out even more. First I upgraded my Cisco to Software Version 12.3(2)JA2, and I had to change my debug command to "debug dot11 aaa manager all". Then I used a Windows XP workstation with some D-Link card and the D-Link driver to do a WPA PSK/TKIP connect. It successfully authenticated. Some debug output here: *Mar 1 00:03:32.203: dot11_mgr_disp_wlccp_update_auth: unknown auth type 0x1 Okay, if we get the same error with WinXP, then we can ignore this error message. *Mar 1 00:03:32.204: dot11_mgr_sm_start_ssn_psk: Starting 4-way handshake for PSK supplicant 000f.3dac.381b [...] *Mar 1 00:03:33.252: dot11_mgr_sm_parse_client_pak: Received EAPOL packet from 000f.3dac.381b *Mar 1 00:03:33.252: EAPOL pak dump rx *Mar 1 00:03:33.252: EAPOL Version: 0x1 type: 0x3 length: 0x0077 *Mar 1 00:03:33.252: EAP code: 0xFE id: 0x1 length: 0x0900 type: 0x20 Again, here the Cisco outputs mambo: a weird length of 0x0900. But later on it works ... 00E04A80: 01030077 ...w 00E04A90: FE010900 20000000 00000000 02A0D6FC ~... ........ V| 00E04AA0: B2D9F1F3 335A30DA 6DB38A91 EDF3F623 2Yqs3Z0Zm3..msv# 00E04AB0: EC818C6A 06B4605D 63E70152 65000000 l..j.4`]cg.Re... 00E04AC0: 00000000 00000000 00000000 00000000 ................ 00E04AD0: 00000000 00000000 00000000 00AD6225 .............-b% 00E04AE0: E1243984 7C858175 6F29254C 160018DD a$9.|..uo)%L...] 00E04AF0: 160050F2 01010000 50F20201 000050F2 ..Pr....Pr....Pr 00E04B00: 02010000 50F202 ....Pr. *Mar 1 00:03:33.254: dot11_mgr_sm_parse_client_pak: eapol ver 1 type 3 posting event 0x9 to 000f.3dac.381b *Mar 1 00:03:33.254: dot11_mgr_sm_run_machine: Executing Action(PTK_MSG2_WAIT,RECV_EAPOL_KEY_RSP) for 000f.3da *Mar 1 00:03:33.255: dot11_mgr_sm_recv_ptk_msg2: *Mar 1 00:03:33.255: dot11_mgr_sm_recv_ptk_msg2: got ptk msg2 *Mar 1 00:03:33.255: dot11_dot1x_verify_ptk_handshake: verifying PTK msg 2 from 000f.3dac.381b *Mar 1 00:03:33.255: dot11_dot1x_ssn_generate_ptk: wpa-v2 PSK: use ssid psk as pmk At this point we have a difference. That indicates that the error was not in the first (dumped) data packat, but in the second one, which has not been dumped. Maybe I just miss the proper "debug" command for this ... From imcdnzl at gmail.com Mon Mar 7 14:02:19 2005 From: imcdnzl at gmail.com (Ian McDonald) Date: Tue, 8 Mar 2005 08:02:19 +1300 Subject: Poor performance when using WDS with a Senao NL-3054CB3 802.11g repeater In-Reply-To: <1110014691.13012.7.camel@SillyPuddy.localdomain> References: <1109990556.16529.16.camel@SillyPuddy.localdomain> <1110014691.13012.7.camel@SillyPuddy.localdomain> Message-ID: My mistake... 802.11 b will be 10 x slower than 802.11 g in a repeater solution. What I didn't pick up on was that your numbers were low already. I understand your grief more now! On Sat, 05 Mar 2005 01:24:51 -0800, Josh Green wrote: > On Sat, 2005-03-05 at 16:03 +1300, Ian McDonald wrote: > > It's almost like you are dropping down to .b speed (11 Mbit). In > > theory g is 5 x times faster than b and if you get half the > > performance by repeating it should be 10 times slower - which is what > > you are getting! > > > > Remember that if you have any b gear on the network it will often all > > drop down to that speed.... > > > > Not sure I understood you correctly. The Linux access point is indeed > using 11 Mbit cards, while the repeater is 802.11g. Did you mean that > this situation should in fact be 10 times slower than 802.11b, like what > I'm seeing? > > I hope thats not the case, since that would be pretty inadequate for > this application. I was expecting any 802.11g clients using the > repeater to be able to communicate with each other at 54Mbit (have not > tested this yet), but traffic to the Internet would be forwarded to the > Linux access point which would send it over the point to point link out > to a DSL modem. It would be nice to get at least 1 or 2 Mbit from the > Internet link, since it will be a 1Mbit DSL connection. > > Best regards, > Josh Green > > From josh at resonance.org Mon Mar 7 14:15:21 2005 From: josh at resonance.org (Josh Green) Date: Mon, 07 Mar 2005 11:15:21 -0800 Subject: Poor performance when using WDS with a Senao NL-3054CB3 802.11g repeater In-Reply-To: References: <1109990556.16529.16.camel@SillyPuddy.localdomain> <1110014691.13012.7.camel@SillyPuddy.localdomain> Message-ID: <1110222921.13481.18.camel@SillyPuddy.localdomain> On Tue, 2005-03-08 at 08:02 +1300, Ian McDonald wrote: > My mistake... > > 802.11 b will be 10 x slower than 802.11 g in a repeater solution. > What I didn't pick up on was that your numbers were low already. I > understand your grief more now! > Fortunately, as I mentioned in another email, its a little better now. I can get about 160Kbytes down and 360Kbytes up. Still seems a bit slow, and its puzzling that the upload speed is higher, but I can live with it for now :) I'll likely end up doing some wireless sniffing to try and figure out whats going on, as Jouni Malinen suggested. Best regards, Josh Green From aj at dungeon.inka.de Mon Mar 7 18:27:51 2005 From: aj at dungeon.inka.de (Andreas Jellinghaus) Date: Tue, 08 Mar 2005 00:27:51 +0100 Subject: access point for hostapd? Message-ID: <1110238071.26720.26.camel@simulacron> Hi, I'm looking for some access point where I can replace the binary only firmware with backdoords with some self compiled linux distribution. linksys wrt54g looks nice, but its driver does not support hostapd. if you have any idea of an access point, where I can replace the software, too, but it does have a driver that works with hostapd, then please let me know. (or some mini pc where I can add pc cards?) Thanks, Andreas -- ---------------------[ Ciphire Signature ]---------------------- From: aj at dungeon.inka.de signed email body (350 characters) Date: on 07 March 2005 at 23:24:06 UTC To: hostap at shmoo.com ---------------------------------------------------------------- : Ciphire has secured this email against identity theft. : Free download at www.ciphire.com. The garbled lines : below are the sender's verifiable digital signature. ---------------------------------------------------------------- 00fAAAAAEAAACW4ixCXgEAAMICAAIAAgACACBQ2JmUgw78JvBqhaOBPOsMFbVDS6 UaQIxcChG5IhzQhgEA0eMp7V0xI9MrMhC47uaTDnnuTnqi6z9oLEuev70rCXstTG JucUkmR9ZufA2SrlRwsaOdxhBXwDC3Sy3HDghSqQ== ------------------[ End Ciphire Signed Message ]---------------- From yenjung at gmail.com Mon Mar 7 20:38:41 2005 From: yenjung at gmail.com (YenJung Chang) Date: Tue, 8 Mar 2005 09:38:41 +0800 Subject: ap_scan=2 problem? In-Reply-To: <32653c97050303054122f0242a@mail.gmail.com> References: <32653c9705030218415266c89a@mail.gmail.com> <20050303041800.GI8756@jm.kir.nu> <32653c970503022154427d920d@mail.gmail.com> <32653c97050303054122f0242a@mail.gmail.com> Message-ID: <32653c9705030717387ad107b9@mail.gmail.com> On Thu, 3 Mar 2005 21:41:46 +0800, YenJung Chang wrote: > On Thu, 3 Mar 2005 13:54:46 +0800, YenJung Chang wrote: > > On Wed, 2 Mar 2005 20:18:00 -0800, Jouni Malinen wrote: > > > On Thu, Mar 03, 2005 at 10:41:14AM +0800, YenJung Chang wrote: > > > > > > > I tested wpa_supplicant with ap_scan=1 and ap_scan=2, and it seems > > > > there is some problem on ap_scan=2. > > > > > > > The testing steps on ap_scan=1 and ap_scan=2 are same: > > > > 1. $ wpa_supplicant.conf -i ath0 -c/etc/wpa_supplicant.conf -d > supp1.log > > > > > > I don't think the current madwifi driver and interface code for that in > > > wpa_supplicant support ap_scan=2. > > > > > > -- > > > Jouni Malinen PGP id EFC895FA > > > _______________________________________________ > > > HostAP mailing list > > > HostAP at shmoo.com > > > http://lists.shmoo.com/mailman/listinfo/hostap > > > > What I am curious is the connection to AP could be created > > successfully with ap_scan=2 at first time, but it failed after > > "wpa_cli reassoicate". > > Does it make sense? > > > > Regards, > > YJ. > > After suveyed the Madwifi source code, I guess the roaming parameter > set to madwifi when ap_scan=2 should be 1, not 0. > Because Madwifi would not start its state machine of authentication > and association after set essid if the roaming parameter is not 1. > I modified the parameter as following: > > --- driver_madwifi.c > +++ driver_madwifi.c > @@ -309,7 +309,7 @@ > * roaming */ > /* FIX: this does not seem to work; would probably need to > * change something in the driver */ > - if (set80211param(drv, IEEE80211_PARAM_ROAMING, 0, 1) < 0) > + if (set80211param(drv, IEEE80211_PARAM_ROAMING, 1, 1) < 0) > ret = -1; > > I tried it without security and it seems work well. But I have no idea > if the modification has any side effect. > Any comment? > > Regards, > YJ. > Jouni, You are right. I tested ap_scan=2 with above patch few days. It still has some problem on it. Madwifi does not support ap_scan=2 well. FYI. YJ. From thande at gmail.com Mon Mar 7 20:54:23 2005 From: thande at gmail.com (Shane Delight) Date: Mon, 7 Mar 2005 17:54:23 -0800 Subject: hostap_cs: RequestIRQ In-Reply-To: <005201c52255$99248880$c500a8c0@Home> References: <4167b1530503051159766ab0c1@mail.gmail.com> <005201c52255$99248880$c500a8c0@Home> Message-ID: <4167b15305030717545f148e48@mail.gmail.com> Thanks for the suggestion but unfortunately that seemed to make no difference. If there is any other info I could include that would be helpful, please let me know, I would be happy to include the info. Thanks shane On Sun, 6 Mar 2005 08:05:48 -0600, Jerry wrote: > Hello! > > Try "ignore_cis_vcc=1" (or 0, try them both) edit the > /etc/pcmcia/hostap_cs.conf file, scroll to the bottom for an example. > > Good luck!! > > Jerryf > > > > I've been having a problem with the hostap driver since I upgraded to > > to a 2.6 kernel from 2.4.23. Currently I'm running 2.6.10, Gentoo. I > > am using a SMC2532W-B EliteConnect Wireless Adapter to run an internal > > wireless AP with the hostap drivers. This worked great under the 2.4 > > kernel but I've had nothing but problems since I upgraded to the 2.6 > > kernel. > > I used to use an ISA to PCMCIA converter which is not recognized at > > all under the 2.6 kernel. I installed a PCI to PCMCIA converter, one > > made a Ricoh, and it is recognized but I cannot get it to load the > > hostap driver. It works fine with an orinoco card or a 3com ethernet > > card, the only other PCMCIA cards I have avalible for testing. Posted > > below are the output of dmesg, the logs generated when restarting the > > pcmcia service and the contents of the /proc/interrupts file. Similar > > messages are generated when ejecting and reinserting the card. I've > > done searching on the gentoo forums, googled it in as many ways as I > > could think of and searched through both this mailing list as well as > > the pcmcia lists to try and find a resolution to this. On google I > > was able to find many posts about this problem but no clear > > resolution. Hopefully someone here has knowledge about this problem > > and a fix for it. > > > > > > Dmesg output: > > > > hostap_cs: Driver unloaded > > hostap_crypt: unregistered algorithm 'NULL' (deinit) > > cs: IO port probe 0x0c00-0x0cff: clean. > > cs: IO port probe 0x0800-0x08ff: clean. > > cs: IO port probe 0x0100-0x04ff: excluding 0x3c0-0x3cf 0x4d0-0x4d7 > > cs: IO port probe 0x0a00-0x0aff: clean. > > hostap_crypt: registered algorithm 'NULL' > > hostap_cs: 0.2.6 - 2004-12-25 (Jouni Malinen ) > > hostap_cs: setting Vcc=33 (constant) > > hostap_cs: CS_EVENT_CARD_INSERTION > > hostap_cs: setting Vcc=50 (from config) > > Checking CFTABLE_ENTRY 0x01 (default 0x01) > > IO window settings: cfg->io.nwin=1 dflt.io.nwin=1 > > io->flags = 0x0046, io.base=0x0000, len=64 > > hostap_cs: Registered netdevice wifi0 > > hostap_cs: RequestIRQ: Resource in use > > prism2_config() failed > > > > Log output: > > Mar 5 11:47:01 [cardmgr] executing: 'modprobe -r hostap_cs' > > Mar 5 11:47:01 [kernel] hostap_cs: Driver unloaded > > Mar 5 11:47:02 [cardmgr] executing: 'modprobe -r hostap' > > Mar 5 11:47:02 [cardmgr] exiting > > Mar 5 11:47:04 [cardmgr] watching 1 socket > > Mar 5 11:47:04 [kernel] cs: IO port probe 0x0c00-0x0cff: clean. > > Mar 5 11:47:04 [kernel] cs: IO port probe 0x0800-0x08ff: clean. > > Mar 5 11:47:04 [kernel] cs: IO port probe 0x0100-0x04ff: excluding > > 0x3c0-0x3cf 0x4d0-0x4d7 > > Mar 5 11:47:04 [kernel] cs: IO port probe 0x0a00-0x0aff: clean. > > Mar 5 11:47:04 [cardmgr] starting, version is 3.2.5 > > Mar 5 11:47:04 [cardmgr] socket 0: Zcomax XI-325H 200mW > > Mar 5 11:47:04 [cardmgr] executing: 'modprobe hostap' > > Mar 5 11:47:04 [cardmgr] executing: 'modprobe hostap_cs' > > Mar 5 11:47:05 [kernel] hostap_cs: 0.2.6 - 2004-12-25 (Jouni Malinen > > ) > > Mar 5 11:47:05 [net.agent] add event not handled > > Mar 5 11:47:05 [kernel] hostap_cs: Registered netdevice wifi0 > > Mar 5 11:47:06 [cardmgr] get dev info on socket 0 failed: Resource > > temporarily unavailable > > Mar 5 11:47:06 [net.agent] remove event not handled > > > > /proc/interrupts > > > > CPU0 > > 0: 401886922 XT-PIC timer > > 2: 0 XT-PIC cascade > > 10: 3018972 XT-PIC eth0 > > 11: 2463662 XT-PIC eth1 > > 14: 453739 XT-PIC ide0 > > 15: 19121 XT-PIC ide1 > > NMI: 0 > > ERR: 0 > > _______________________________________________ > > HostAP mailing list > > HostAP at shmoo.com > > http://lists.shmoo.com/mailman/listinfo/hostap > > > > From jkmaline at cc.hut.fi Mon Mar 7 22:04:13 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Mon, 7 Mar 2005 19:04:13 -0800 Subject: WPA PSK-key length problem? In-Reply-To: <200503071207.11819.hs4233@mail.mn-solutions.de> References: <200503071042.24317.hs4233@mail.mn-solutions.de> <200503071207.11819.hs4233@mail.mn-solutions.de> Message-ID: <20050308030413.GA16257@jm.kir.nu> On Mon, Mar 07, 2005 at 12:07:11PM +0100, Holger Schurig wrote: > Hmm, I dissected the sent key and got this: > data_length 00 18 = 24 bytes > WPA-IE: dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 > f2 02 01 00 00 50 f2 02 > > But I fail to see why the AP expects 26 bytes. Did you get the same error with the newer version of the AP firmware? WPA IE is has variable length and it could be 26 bytes if all optional information is included. This example here is valid and it just does not include the 2-byte capability field. AP should not really be expecting that to be there, though, and I have seen this kind of WPA IE working fine with Cisco APs. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Mon Mar 7 22:08:41 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Mon, 7 Mar 2005 19:08:41 -0800 Subject: WPA PSK-key length problem? In-Reply-To: <200503071042.24317.hs4233@mail.mn-solutions.de> References: <200503071042.24317.hs4233@mail.mn-solutions.de> Message-ID: <20050308030841.GB16257@jm.kir.nu> On Mon, Mar 07, 2005 at 10:42:24AM +0100, Holger Schurig wrote: > The device that connects to the Access-Point is running Linux 2.4 on an > Intel XScale PXA255, an ARM like prozessor used in embedded devices and > PDAs. In history, I had to apply alignment fixes to some low-level stuff, > e.g. libusb. Maybe I run into the same problem zone here. > wpa_driver_hermes_init: eth1 > found Hermes 2 STA I have never tested Orinoco/Hermes cards with WPA, so I don't know what to expect from them and how the driver works. > WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 > 00 00 50 f2 02 01 00 00 50 f2 02 This is the WPA IE wpa_supplicant is trying to use and I did not see any AssocInfo events updating it. Could you please verify with a wireless sniffer that the WPA IE in Association Request matches with this one? The AP will verify that they do and will reject 4-Way Handshake if there is a mismatch. One possible reason for the debug log from Cisco AP would be in the AssocReq using 26-byte WPA IE. If this is the case, the driver would need to either use the WPA IE generated by wpa_supplicant or it would need to notify wpa_supplicant about the WPA IE used in AssocReq by using EVENT_ASSOCINFO. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Mon Mar 7 22:39:48 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Mon, 7 Mar 2005 19:39:48 -0800 Subject: hostap_cs: RequestIRQ In-Reply-To: <4167b1530503051159766ab0c1@mail.gmail.com> References: <4167b1530503051159766ab0c1@mail.gmail.com> Message-ID: <20050308033948.GD16257@jm.kir.nu> On Sat, Mar 05, 2005 at 11:59:51AM -0800, Shane Delight wrote: > I used to use an ISA to PCMCIA converter which is not recognized at > all under the 2.6 kernel. I installed a PCI to PCMCIA converter, one > made a Ricoh, and it is recognized but I cannot get it to load the > hostap driver. It works fine with an orinoco card or a 3com ethernet > card, the only other PCMCIA cards I have avalible for testing. Please be a bit more specific about what works here. Did you use the Orinoco card with Host AP driver or orinoco_cs driver from the kernel tree? Did you try using the SMC card with orinoco_cs driver? It looks like hostap_cs and orinoco_cs are using more less identical operations for requesting IRQs. You could also look whether 'dump_cis' shows any differences in the cftable_entries between the cards that work and don't work. -- Jouni Malinen PGP id EFC895FA From manojkn at noida.hcltech.com Tue Mar 8 00:21:04 2005 From: manojkn at noida.hcltech.com (Manoj Kundwani, Noida) Date: Tue, 8 Mar 2005 10:51:04 +0530 Subject: Wireless Tools problem Message-ID: <267988DEACEC5A4D86D5FCD780313FBB05619C7C@exch-03.noida.hcltech.com> Hi all, Actually when I am doing Iwpriv wlan0 ap_scan .... Then the following error is coming like SIOCIWPRIV buffer too small.... What it means ... Plz help me out.. Thanks , manoj -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050308/da6997d8/attachment.htm From manojkn at noida.hcltech.com Tue Mar 8 00:25:52 2005 From: manojkn at noida.hcltech.com (Manoj Kundwani, Noida) Date: Tue, 8 Mar 2005 10:55:52 +0530 Subject: Wpa-Psk Message-ID: <267988DEACEC5A4D86D5FCD780313FBB05619D05@exch-03.noida.hcltech.com> Hi All, Afer compiling wpa supplicant code and hostap driver code ..and the wireless card is pinging. But now when I am trying to do the association with AP ,and doing IWCONFIG WLAN0 , Then its associating with AP with MAC address 44:44:44:44:44:44 .But my AP mac address is something else. Plz suggest something.Thanks ,manoj -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050308/beff758a/attachment.htm From hs4233 at mail.mn-solutions.de Tue Mar 8 02:21:06 2005 From: hs4233 at mail.mn-solutions.de (Holger Schurig) Date: Tue, 8 Mar 2005 08:21:06 +0100 Subject: WPA PSK-key length problem? In-Reply-To: <20050308030841.GB16257@jm.kir.nu> References: <200503071042.24317.hs4233@mail.mn-solutions.de> <20050308030841.GB16257@jm.kir.nu> Message-ID: <200503080821.06281.hs4233@mail.mn-solutions.de> > > WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 > > 02 01 00 00 50 f2 02 01 00 00 50 f2 02 Do you know in which RFC or other documentation the WPA IEs are described? From hs4233 at mail.mn-solutions.de Tue Mar 8 02:42:23 2005 From: hs4233 at mail.mn-solutions.de (Holger Schurig) Date: Tue, 8 Mar 2005 08:42:23 +0100 Subject: WPA PSK-key length problem? In-Reply-To: <20050308030841.GB16257@jm.kir.nu> References: <200503071042.24317.hs4233@mail.mn-solutions.de> <20050308030841.GB16257@jm.kir.nu> Message-ID: <200503080842.24104.hs4233@mail.mn-solutions.de> > This is the WPA IE wpa_supplicant is trying to use and I did not see > any AssocInfo events updating it. There was one, I just had little output for it: -------------------------- wpa_driver_hermes_associate wpa_driver_hermes_set_wpa_ie Setting authentication timeout: 5 sec 0 usec -------------------------- I now output more info, it now looks like: -------------------------- wpa_driver_hermes_associate: priv=0x58538 freq=0 pairwise_suite=2 group_suite=2 key_mgmt_suite=1 auth_alg=1 mode=0 bssid=00:12:7f:8b:62:30 ssid - hexdump_ascii(len=7): 4d 4e 46 55 4e 4b 32 MNFUNK2 wpa_ie - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02 wpa_driver_hermes_set_wpa_ie -------------------------- > Could you please verify with a > wireless sniffer that the WPA IE in Association Request matches with > this one? I will try this. Also I will look at the WPA IE that Windows XP uses. > The AP will verify that they do and will reject 4-Way > Handshake if there is a mismatch. This seems to be the case here. :-( > Did you get the same error with the newer version of the AP firmware? Yes, I had this with 12.3(2)JA2 and with some older 12.2(xxx) firmware. From hs4233 at mail.mn-solutions.de Tue Mar 8 03:14:57 2005 From: hs4233 at mail.mn-solutions.de (Holger Schurig) Date: Tue, 8 Mar 2005 09:14:57 +0100 Subject: WPA PSK-key length problem? In-Reply-To: <20050308030841.GB16257@jm.kir.nu> References: <200503071042.24317.hs4233@mail.mn-solutions.de> <20050308030841.GB16257@jm.kir.nu> Message-ID: <200503080914.57121.hs4233@mail.mn-solutions.de> > This is the WPA IE wpa_supplicant is trying to use and I did not see > any AssocInfo events updating it. There is just one problem: The packet that the Cisco dumps ... ---------------- *Mar 1 00:34:59.531: EAPOL Version: 0x1 type: 0x3 length: 0x0077 *Mar 1 00:34:59.531: EAP code: 0xFE id: 0x1 length: 0x0900 type: 0x20 00E021B0: 01030077 FE010900 ...w~... 00E021C0: 20000000 00000000 01F353C6 C8D8EB7D ........sSFHXk} 00E021D0: 6843E1F1 8BA8024B 66A4380D 86875A70 hCaq.(.Kf$8...Zp 00E021E0: 7EE7C948 908F2ADB 60000000 00000000 ~gIH..*[`....... 00E021F0: 00000000 00000000 00000000 00000000 ................ 00E02200: 00000000 00000000 007D68EB 33AFD6EA .........}hk3/Vj 00E02210: 84E624D9 F2DF0902 7D0018DD 160050F2 .f$Yr_..}..]..Pr 00E02220: 01010000 50F20201 000050F2 02010000 ....Pr....Pr.... 00E02230: 50F202 ---------------- ... contains exactly the same WPA IE wether I associate successfully from Windows XP, Linux 2.6 + madwifi. And also the same WPA IE when I "associate" unsuccessfully from Linux 2.4/XScale + hermes. Vs Ty Len EAP Inf Len Replay Counter hermes: 01 03 0077 FE 0109 0020 0000000000000001 madwifi: 01 03 0077 FE 0109 0020 0000000000000001 Win XP: 01 03 0077 FE 0109 0020 0000000000000002 Nonce hermes: F353C6C8D8EB7D6843E1F18BA8024B66A4380D86875A707EE7C948908F2ADB60 madwifi: 852C5D7E20D5B539B6788EE12B58FA755223062BEF5CFDB45AA81EA14FB04DBB Win XP: A0D6FCB2D9F1F3335A30DA6DB38A91EDF3F623EC818C6A06B4605D63E7015265 Key IV Key RSC hermes: 00000000000000000000000000000000 0000000000000000 madwifi: 00000000000000000000000000000000 0000000000000000 Win XP: 00000000000000000000000000000000 0000000000000000 Key Id MIC hermes: 0000000000000000 7D68EB33AFD6EA84E624D9F2DF09027D madwifi: 0000000000000000 6B0C387518088E4A64E872CDC163EE4E Win XP: 0000000000000000 AD6225E12439847C8581756F29254C16 hermes: 0018 DD160050F20101000050F20201000050F20201000050F202 madwifi: 0018 DD160050F20101000050F20201000050F20201000050F202 Win XP: 0018 DD160050F20101000050F20201000050F20201000050F202 From hs4233 at mail.mn-solutions.de Tue Mar 8 04:16:27 2005 From: hs4233 at mail.mn-solutions.de (Holger Schurig) Date: Tue, 8 Mar 2005 10:16:27 +0100 Subject: WPA PSK-key length problem? In-Reply-To: <20050308030841.GB16257@jm.kir.nu> References: <200503071042.24317.hs4233@mail.mn-solutions.de> <20050308030841.GB16257@jm.kir.nu> Message-ID: <200503081016.27338.hs4233@mail.mn-solutions.de> > Could you please verify with a wireless sniffer that the WPA IE in > Association Request matches with this one? Okay, I used ethereal and found out some stuff ... The WPA IE is already send in the Beacon frames sent regularly by the AP. They contain a field that I did not see in the packet dump: Tag Number: 221 (Vendor Specific) Tag length: 24 Tag interpretation: WPA IE, type 1, version 1 Tag interpretation: Multicast cipher suite: TKIP Tag interpretation: # of unicast cipher suites: 1 Tag interpretation: Unicast cipher suite 1: TKIP Tag interpretation: # of auth key management suites: 1 Tag interpretation: auth key management suite 1: PSK Tag interpretation: Not interpreted The relevant part of the hexdump start's at offset 0xf7. The extra bytes are at offset 0x10f and 0x110. 0 1 2 3 4 5 6 7 8 9 a b c d e f 00f0 06 00 40 96 00 0d 00 dd 18 00 50 f2 01 01 00 00 .. at .......P..... 0100 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02 28 P.....P.....P..( 0110 00 dd 18 00 50 f2 02 01 01 04 00 03 a5 00 00 27 ....P..........' 0120 a5 00 00 42 54 5e 00 62 43 2f 00 dd 16 00 40 96 ...BT^.bC/.... at . 0130 04 00 04 07 a5 00 00 23 a5 00 00 42 54 00 00 62 .......#...BT..b 0140 43 00 00 dd 05 00 40 96 03 02 49 27 19 6c C..... at ...I'.l Later in the ethereal dump, my device sends an 802.11 Association Request. Here the last two bytes of the WPA IE are 00 00. The relevant part in the hexdump starts at 0xbb, the two null bytes are at 0xd3 and 0xd4. Tag Number: 221 (Vendor Specific) Tag length: 24 Tag interpretation: WPA IE, type 1, version 1 Tag interpretation: Multicast cipher suite: TKIP Tag interpretation: # of unicast cipher suites: 1 Tag interpretation: Unicast cipher suite 1: TKIP Tag interpretation: # of auth key management suites: 1 Tag interpretation: auth key management suite 1: PSK Tag interpretation: Not interpreted 0 1 2 3 4 5 6 7 8 9 a b c d e f 00b0 46 55 4e 4b 32 01 04 02 04 0b 16 dd 18 00 50 f2 FUNK2.........P. 00c0 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 ....P.....P..... 00d0 50 f2 02 00 00 ef 8b ea e9 P........ The Cisco sends an Association Response back with the "Successfull" status code. The the Cisco sends an EOPOL packet, starting at offset 0xb0: 802.1x Authentication Version: 1 Type: Key (3) Length: 95 Descriptor Type: EAPOL WPA key (254) Key Information: 0x0089 .... .... .... .001 = Key Descriptor Version: HMAC-MD5 for MIC and RC4 for encryption (1) .... .... .... 1... = Key Type: Pairwise key .... .... ..00 .... = Key Index: 0 .... .... .0.. .... = Install flag: Not set .... .... 1... .... = Key Ack flag: Set .... ...0 .... .... = Key MIC flag: Not set .... ..0. .... .... = Secure flag: Not set .... .0.. .... .... = Error flag: Not set .... 0... .... .... = Request flag: Not set ...0 .... .... .... = Encrypted Key Data flag: Not set Key Length: 32 Replay Counter: 1 Nonce: 0CB616E7D5688837AAAFB8D41D420096DD1F492CD3512852... Key IV: 00000000000000000000000000000000 WPA Key RSC: 0000000000000000 WPA Key ID: 0000000000000000 WPA Key MIC: 00000000000000000000000000000000 WPA Key Length: 0 0 1 2 3 4 5 6 7 8 9 a b c d e f 00b0 01 03 00 5f fe 00 89 00 20 00 00 00 00 00 00 00 ..._.... ....... 00c0 01 0c b6 16 e7 d5 68 88 37 aa af b8 d4 1d 42 00 ......h.7.....B. 00d0 96 dd 1f 49 2c d3 51 28 52 cc 89 c6 c5 db 13 b0 ...I,.Q(R....... 00e0 cd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0110 00 00 00 4e 97 74 00 and my device answers with some EOP frame, starting at offset 0xb0 as well: 802.1x Authentication Version: 1 Type: Key (3) Length: 119 Descriptor Type: EAPOL WPA key (254) Key Information: 0x0109 .... .... .... .001 = Key Descriptor Version: HMAC-MD5 for MIC and RC4 for encryption (1) .... .... .... 1... = Key Type: Pairwise key .... .... ..00 .... = Key Index: 0 .... .... .0.. .... = Install flag: Not set .... .... 0... .... = Key Ack flag: Not set .... ...1 .... .... = Key MIC flag: Set .... ..0. .... .... = Secure flag: Not set .... .0.. .... .... = Error flag: Not set .... 0... .... .... = Request flag: Not set ...0 .... .... .... = Encrypted Key Data flag: Not set Key Length: 32 Replay Counter: 1 Nonce: 3E96D3191E67841EB0CA741892A8B7D02BEBBD13955010B1... Key IV: 00000000000000000000000000000000 WPA Key RSC: 0000000000000000 WPA Key ID: 0000000000000000 WPA Key MIC: 4D65B298D68E98B8B321F5C1EE64C3B2 WPA Key Length: 24 WPA Key: DD160050F20101000050F20201000050F20201000050F202 Tag Number: 221 (Vendor Specific) Tag length: 22 Tag interpretation: WPA IE, type 1, version 1 Tag interpretation: Multicast cipher suite: TKIP Tag interpretation: # of unicast cipher suites: 1 Tag interpretation: Unicast cipher suite 1: TKIP Tag interpretation: # of auth key management suites: 1 Tag interpretation: auth key management suite 1: PSK 0 1 2 3 4 5 6 7 8 9 a b c d e f 00b0 01 03 00 77 fe 01 09 00 20 00 00 00 00 00 00 00 ...w.... ....... 00c0 01 3e 96 d3 19 1e 67 84 1e b0 ca 74 18 92 a8 b7 .>....g....t.... 00d0 d0 2b eb bd 13 95 50 10 b1 ed 8e f4 f3 46 08 bd .+....P......F.. 00e0 3e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >............... 00f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0100 00 4d 65 b2 98 d6 8e 98 b8 b3 21 f5 c1 ee 64 c3 .Me.......!...d. 0110 b2 00 18 dd 16 00 50 f2 01 01 00 00 50 f2 02 01 ......P.....P... 0120 00 00 50 f2 02 01 00 00 50 f2 02 5e d8 12 9e ..P.....P..^... But here the two bytes at the end, might they be 00 00 or 28 00, are missing :-( So I guess it's my kernel driver that sends a truncated WPA IE in it's association event and so wpa_supplicant in turn doesn't send the right WPA IE. From hs4233 at mail.mn-solutions.de Tue Mar 8 08:47:35 2005 From: hs4233 at mail.mn-solutions.de (Holger Schurig) Date: Tue, 8 Mar 2005 14:47:35 +0100 Subject: [patch] use channel if no frequency sent Message-ID: <200503081447.35265.hs4233@mail.mn-solutions.de> My driver doesn't send a frequency, but a channel when scanning access points with "iwlist eth1 scan". iwlist displays this correctly. This patch adds a local frequency table and converts the channel. driver_broadcom also has this frequency table, but for now I kept it local. After I got the right frequency, I called wpa_driver_wext_set_freq() from my driver_hermes.c and then I finally got an association event: ----------------------- State: GROUP_HANDSHAKE -> COMPLETED wpa_driver_wext_event_receive: event received wpa_driver_wext_event_rtm_newlink wpa_driver_wext_event_wireless Wireless event: cmd=0x8c02 len=82 Custom wireless event: 'ASSOCINFO(ReqIEs=dd180050f20101000050f20201000050f20201000050f2020000)' Association info event req_ies - hexdump(len=26): dd 18 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02 00 00 resp_ies - hexdump(len=0): assoc_wpa_ie - hexdump(len=26): dd 18 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02 00 00 wpa_driver_wext_event_receive: event received wpa_driver_wext_event_rtm_newlink wpa_driver_wext_event_wireless Wireless event: cmd=0x8b15 len=20 Wireless event: new AP: 00:12:7f:8b:62:30 State: COMPLETED -> ASSOCIATED Association event - clear replay counter Associated with 00:12:7f:8b:62:30 ----------------------- -- M&N Solutions GmbH http://www.mn-solutions.de Holger Schurig Dieselstr. 18 61191 Rosbach v.d.H?he Tel: (+49) 6003 9141 0 Fax: (+49) 6003 9141 49 -------------- next part -------------- A non-text attachment was scrubbed... Name: use-channel.patch Type: text/x-diff Size: 903 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050308/656566d9/attachment.patch From vivs at vt.edu Tue Mar 8 09:28:54 2005 From: vivs at vt.edu (Vivek Srivastava) Date: Tue, 8 Mar 2005 09:28:54 -0500 Subject: Help with hostap 0.2.6 and with 0.1.3 Message-ID: <002701c523eb$28183910$6401a8c0@FERRARI> Hello everyone, This question might be a little old looking at the current hostap versions out there. However, I am stuck with an old version of the kernel. I am trying to install hostap-driver-0.2.6 to my RedHat Linux 9.0 box(kernel: 2.4.20-8). Initially when I tried to install I got an error saying that it did not find a .config file. So I went to /usr/src/linux-2.4.20-8 and did a make xconfig and created a .config file without changing the existing kernel configuration. Later it complained about not finding the defs.h file in /usr/src/build/231485-i386/install/usr/src/linux-2.4.20-8/fs/jfs. So I created a symbolic link in /usr/src/build/231485-i386/install to /usr/src/linux-2.4.20-8 where the folder fs is located. So I could compile then without any problem but there were certain warnings such as "EISA_bus" redefined which I ignored and went on. I later did a make install but then I am confronted with the following error to which I do not know what to do. On doing a make install I get: ...... /sbin/depmod -ae ****Unresolved symbols in /lib/modules/2.4.20-8/net hostap.o depmod: _read_lock_failed depmod: _write_lock_failed I get the same error when it tries to install hostap_cs.o, hostap_pci.o and hostap_plx.o. I did read somewhere that sometimes a configuration file mismatch i.e. the running kernel configuration (which I think is in /boot directory) and the .config file in /usr/src/linux-2.4.20-8 could mismatch. But I have not installed any other wireless card or external pcmcia-cs package on my machine. Also, I did a rpm-qa| grep pcmcia to find out the pcmcia version I have and it says pcmcia-cs-3.1.31...so I did not feel the need to install an external pcmcia-cs package. Also, the machine I am using is a Dell Inspiron 5100. I get similar errors with hostap-driver-0.1.3 I am really stuck with this problem for a long time and I would like hostap to work since wlan-ng does not give me enough options. I am using a Linksys WPC11ver3 card. Any sort of help in this matter will be appreciated and is badly needed. Thanks a lot Vivek. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050308/c90ac8f0/attachment.htm From jkmaline at cc.hut.fi Tue Mar 8 09:41:07 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Tue, 8 Mar 2005 06:41:07 -0800 Subject: WPA PSK-key length problem? In-Reply-To: <200503080821.06281.hs4233@mail.mn-solutions.de> References: <200503071042.24317.hs4233@mail.mn-solutions.de> <20050308030841.GB16257@jm.kir.nu> <200503080821.06281.hs4233@mail.mn-solutions.de> Message-ID: <20050308144107.GG16257@jm.kir.nu> On Tue, Mar 08, 2005 at 08:21:06AM +0100, Holger Schurig wrote: > > > WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 > > > 02 01 00 00 50 f2 02 01 00 00 50 f2 02 > > Do you know in which RFC or other documentation the WPA IEs are described? They are specified in WPA Specification from http://www.wi-fi.org/OpenSection/protected_access_archive.asp -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Tue Mar 8 09:42:17 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Tue, 8 Mar 2005 06:42:17 -0800 Subject: WPA PSK-key length problem? In-Reply-To: <200503080842.24104.hs4233@mail.mn-solutions.de> References: <200503071042.24317.hs4233@mail.mn-solutions.de> <20050308030841.GB16257@jm.kir.nu> <200503080842.24104.hs4233@mail.mn-solutions.de> Message-ID: <20050308144217.GH16257@jm.kir.nu> On Tue, Mar 08, 2005 at 08:42:23AM +0100, Holger Schurig wrote: > > This is the WPA IE wpa_supplicant is trying to use and I did not see > > any AssocInfo events updating it. > There was one, I just had little output for it: > > -------------------------- > wpa_driver_hermes_associate > wpa_driver_hermes_set_wpa_ie That's not "AssocInfo". I'm talking about the driver providing association information to wpa_supplicant (EVENT_ASSOCINFO). -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Tue Mar 8 09:43:15 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Tue, 8 Mar 2005 06:43:15 -0800 Subject: WPA PSK-key length problem? In-Reply-To: <200503080914.57121.hs4233@mail.mn-solutions.de> References: <200503071042.24317.hs4233@mail.mn-solutions.de> <20050308030841.GB16257@jm.kir.nu> <200503080914.57121.hs4233@mail.mn-solutions.de> Message-ID: <20050308144315.GI16257@jm.kir.nu> On Tue, Mar 08, 2005 at 09:14:57AM +0100, Holger Schurig wrote: > There is just one problem: The packet that the Cisco dumps ... > ... contains exactly the same WPA IE wether I associate successfully from > Windows XP, Linux 2.6 + madwifi. And also the same WPA IE when I > "associate" unsuccessfully from Linux 2.4/XScale + hermes. In which case it looks like the hermes driver is using different WPA IE in Association Request and does not notify wpa_supplicant about this. -- Jouni Malinen PGP id EFC895FA From jar at pcuf.fi Tue Mar 8 09:51:44 2005 From: jar at pcuf.fi (Jar) Date: Tue, 8 Mar 2005 16:51:44 +0200 (EET) Subject: Help with hostap 0.2.6 and with 0.1.3 Message-ID: <52529.194.157.0.2.1110293504.squirrel@netlandzone.dyndns.org> > Hello everyone, > This question might be a little old looking at the current hostap versions out > there. However, I am stuck with an old version of the kernel. I am trying to install > hostap-driver-0.2.6 to my RedHat Linux 9.0 box(kernel: 2.4.20-8). Initially when I > tried to install I got an error saying that it did not find a .config file. So I > went to /usr/src/linux-2.4.20-8 and did a make xconfig and created a .config file > without changing the existing kernel configuration. How about: 1. Install the kernel-source.rpm which version is the same as the current running kernel. 2. cd /usr/src/ 3. Do symbolic link linux-2.4.20-8 --> linux 4. cd linux and do "make mrproper" 5. copy /boot/config-2.4.20-8 /usr/src/linux/.config 6. Run "make dep" 7. Compile & install hostap normally -- Best Regards, Jar From hs4233 at mail.mn-solutions.de Tue Mar 8 10:03:28 2005 From: hs4233 at mail.mn-solutions.de (Holger Schurig) Date: Tue, 8 Mar 2005 16:03:28 +0100 Subject: WPA PSK-key length problem? In-Reply-To: <20050308144217.GH16257@jm.kir.nu> References: <200503071042.24317.hs4233@mail.mn-solutions.de> <200503080842.24104.hs4233@mail.mn-solutions.de> <20050308144217.GH16257@jm.kir.nu> Message-ID: <200503081603.28559.hs4233@mail.mn-solutions.de> > That's not "AssocInfo". I'm talking about the driver providing > association information to wpa_supplicant (EVENT_ASSOCINFO). Okay, now I have this AssocInfo. And, after I also enabled -DUSE_WPA for my wlags driver I was able to successfully authenticate with Cisco: --------------------------- *Mar 1 07:30:06.096: %DOT11-6-ASSOC: Interface Dot11Radio0, Station 0010.c630.9bfe Associated KEY_MGMT[WPA PSK] -- M&N Solutions GmbH http://www.mn-solutions.de Holger Schurig Dieselstr. 18 61191 Rosbach v.d.H?he Tel: (+49) 6003 9141 0 Fax: (+49) 6003 9141 49 From jar at pcuf.fi Tue Mar 8 10:04:15 2005 From: jar at pcuf.fi (Jar) Date: Tue, 8 Mar 2005 17:04:15 +0200 (EET) Subject: Help with hostap 0.2.6 and with 0.1.3 In-Reply-To: <52529.194.157.0.2.1110293504.squirrel@netlandzone.dyndns.org> References: <52529.194.157.0.2.1110293504.squirrel@netlandzone.dyndns.org> Message-ID: <54101.194.157.0.2.1110294255.squirrel@netlandzone.dyndns.org> >> Hello everyone, >> This question might be a little old looking at the current hostap versions out >> there. However, I am stuck with an old version of the kernel. I am trying to >> install >> hostap-driver-0.2.6 to my RedHat Linux 9.0 box(kernel: 2.4.20-8). Initially when I >> tried to install I got an error saying that it did not find a .config file. So I >> went to /usr/src/linux-2.4.20-8 and did a make xconfig and created a .config file >> without changing the existing kernel configuration. > > How about: > > 1. Install the kernel-source.rpm which version is the same as the current running > kernel. > 2. cd /usr/src/ > 3. Do symbolic link linux-2.4.20-8 --> linux > 4. cd linux and do "make mrproper" > 5. copy /boot/config-2.4.20-8 /usr/src/linux/.config > 6. Run "make dep" > 7. Compile & install hostap normally 5.1. Run make oldconfig -- Best Regards, Jar From tonybox at inwind.it Tue Mar 8 10:09:06 2005 From: tonybox at inwind.it (Dario Tonesi) Date: Tue, 8 Mar 2005 16:09:06 +0100 Subject: Implementation of EAP-PSK Message-ID: Hi to everyone! I need some info about wpa_supplicant and EAP-PSK. 1) Have any of you used wpa_supplicant to authenticate with EAP-PSK? 2) Do you know which authentication server implements EAP-PSK? I'm using as client: wpa_supplicant 0.3.6 (it is supposed to implements EAP-PSK) with madwifi (driver) on Linux kernel version 2.4.27. The authentication server is a patched versione of FreeRADIUS (downloaded from http://perso.rd.francetelecom.fr/bersani/EAP_PSK/Release3.0/freeradius-snapshot-20040329.tar.gz) that is supposed to support EAP-PKS. Unfortunately, even if it looks like I set every parameter correctly, I cannot autheticate the client to the network by means of EAP-PSK. Could any of you please help me? Thankyou in advance Dario ____________________________________________________________ Navighi a 2 MEGA e i primi 3 mesi sono GRATIS. Scegli Libero Adsl Flat senza limiti su http://www.libero.it From hs4233 at mail.mn-solutions.de Tue Mar 8 10:10:25 2005 From: hs4233 at mail.mn-solutions.de (Holger Schurig) Date: Tue, 8 Mar 2005 16:10:25 +0100 Subject: current version of my driver_hermes.c Message-ID: <200503081610.25968.hs4233@mail.mn-solutions.de> With this driver_hermes.c I can successfully authenticate via WPA-PSK. * scan_ssid=1 inside a network definition doesn't work * but ap_scan=1 works :-) * WEP support is still missing * other WPA modes aren't tested * user kernel driver is wlags49_h2_cs from http://www.agere.com/mobility/docs/wl_lkm_718_release.tar.gz compiled with -DBUS_PCMCIA -DWVLAN_49 -DHAS_WIRELESS_EXTENSIONS -DUSE_UIL -DUSE_WPA -DSTA_ONLY -DHERMES2 -DUSE_RTS -- M&N Solutions GmbH http://www.mn-solutions.de Holger Schurig Dieselstr. 18 61191 Rosbach v.d.H?he Tel: (+49) 6003 9141 0 Fax: (+49) 6003 9141 49 -------------- next part -------------- A non-text attachment was scrubbed... Name: driver_hermes.c Type: text/x-csrc Size: 19701 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050308/0c5b8dc8/attachment.c From sujith_m at sifycorp.com Tue Mar 8 10:21:56 2005 From: sujith_m at sifycorp.com (Sujith) Date: Tue, 8 Mar 2005 20:51:56 +0530 Subject: win 2k problem Message-ID: <200503082051.56866.sujith_m@sifycorp.com> hi all, I am a complete newbie to 802.1x. I have the following setup : a win 2k machine with 802.1x authentication enabled. hostapd running on a machine, a freeradius server. a DHCP server. Now, whenever I enable the network device in the windows machine, it doesn't wait for the authentication to contact the DHCP server. An IP is assigned before the authentication dialog pops up. But shouldn't it be the other way ? Any help would be appreciated. regards, Sujith DISCLAIMER: Information contained and transmitted by this E-MAIL is proprietary to Sify Limited and is intended for use only by the individual or entity to which it is addressed, and may contain information that is privileged, confidential or exempt from disclosure under applicable law. If this is a forwarded message, the content of this E-MAIL may not have been sent with the authority of the Company. If you are not the intended recipient, an agent of the intended recipient or a person responsible for delivering the information to the named recipient, you are notified that any use, distribution, transmission, printing, copying or dissemination of this information in any way or in any manner is strictly prohibited. If you have received this communication in error, please delete this mail & notify us immediately at admin at sifycorp.com From vivs at vt.edu Tue Mar 8 10:45:00 2005 From: vivs at vt.edu (Vivek Srivastava) Date: Tue, 8 Mar 2005 10:45:00 -0500 Subject: Help with hostap 0.2.6 and with 0.1.3 References: <52529.194.157.0.2.1110293504.squirrel@netlandzone.dyndns.org> <54101.194.157.0.2.1110294255.squirrel@netlandzone.dyndns.org> Message-ID: <008601c523f5$c99dd150$6401a8c0@FERRARI> It is a complete fresh kernel reinstall with no other software added. Is it still required to compile the kernel again? Thanks Vivek. ----- Original Message ----- From: "Jar" To: Cc: Sent: Tuesday, March 08, 2005 10:04 AM Subject: Re: Help with hostap 0.2.6 and with 0.1.3 > >>> Hello everyone, >>> This question might be a little old looking at the current hostap >>> versions out >>> there. However, I am stuck with an old version of the kernel. I am >>> trying to >>> install >>> hostap-driver-0.2.6 to my RedHat Linux 9.0 box(kernel: 2.4.20-8). >>> Initially when I >>> tried to install I got an error saying that it did not find a .config >>> file. So I >>> went to /usr/src/linux-2.4.20-8 and did a make xconfig and created a >>> .config file >>> without changing the existing kernel configuration. >> >> How about: >> >> 1. Install the kernel-source.rpm which version is the same as the current >> running >> kernel. >> 2. cd /usr/src/ >> 3. Do symbolic link linux-2.4.20-8 --> linux >> 4. cd linux and do "make mrproper" >> 5. copy /boot/config-2.4.20-8 /usr/src/linux/.config >> 6. Run "make dep" >> 7. Compile & install hostap normally > > 5.1. Run make oldconfig > > -- > Best Regards, Jar From jar at pcuf.fi Tue Mar 8 11:22:45 2005 From: jar at pcuf.fi (Jar) Date: Tue, 8 Mar 2005 18:22:45 +0200 (EET) Subject: Help with hostap 0.2.6 and with 0.1.3 In-Reply-To: <008601c523f5$c99dd150$6401a8c0@FERRARI> References: <52529.194.157.0.2.1110293504.squirrel@netlandzone.dyndns.org><54101.194.157.0.2.1110294255.squirrel@netlandzone.dyndns.org> <008601c523f5$c99dd150$6401a8c0@FERRARI> Message-ID: <3074.192.168.0.150.1110298965.squirrel@kone> > It is a complete fresh kernel reinstall with no other software added. Is it > still required to compile the kernel again? I don?t know. But I have _always_ been able to compile hostap driver under RH, when first prepare the kernel-source by doing the steps 1-8. 1. Install the kernel-source.rpm which version corresponds the current running kernel. 2. cd /usr/src/ 3. Do symbolic link linux-2.4.20-8 --> linux 4. cd /usr/src/linux and do "make mrproper" 5. copy /boot/config-2.4.20-8 /usr/src/linux/.config 6. Edit Kernel Makefile: EXTRAVERSION = -20.8Custom --> EXTRAVERSION = -20.8 7. Run make oldconfig 8. Run "make dep" 9. Compile & install hostap normally -- Best Regards, Jar From eduardgv at gmail.com Tue Mar 8 11:47:48 2005 From: eduardgv at gmail.com (eduardgv) Date: Tue, 8 Mar 2005 17:47:48 +0100 Subject: access point for hostapd? In-Reply-To: <1110238071.26720.26.camel@simulacron> References: <1110238071.26720.26.camel@simulacron> Message-ID: <66c3877d05030808475c46ec71@mail.gmail.com> I think that the meshcube has a Prism2.5 mini PCI card which can be handled by the hostap driver. On Tue, 08 Mar 2005 00:27:51 +0100, Andreas Jellinghaus wrote: > Hi, > > I'm looking for some access point where I can replace > the binary only firmware with backdoords with some > self compiled linux distribution. linksys wrt54g looks > nice, but its driver does not support hostapd. > > if you have any idea of an access point, where I can > replace the software, too, but it does have a driver > that works with hostapd, then please let me know. > (or some mini pc where I can add pc cards?) > From aj at dungeon.inka.de Tue Mar 8 15:50:45 2005 From: aj at dungeon.inka.de (Andreas Jellinghaus) Date: Tue, 08 Mar 2005 21:50:45 +0100 Subject: access point for hostapd? In-Reply-To: <66c3877d05030808475c46ec71@mail.gmail.com> References: <1110238071.26720.26.camel@simulacron> <66c3877d05030808475c46ec71@mail.gmail.com> Message-ID: <1110315045.4355.15.camel@simulacron> On Tue, 2005-03-08 at 17:47 +0100, eduardgv wrote: > I think that the meshcube has a Prism2.5 mini PCI card which can be > handled by the hostap driver. thanks, didn't know about that one. the data sheets don't mention wpa or wpa2 or tkip or ccmp-aes, but I contacted them to see what they think about it. Regards, Andreas -- ---------------------[ Ciphire Signature ]---------------------- From: aj at dungeon.inka.de signed email body (263 characters) Date: on 08 March 2005 at 20:46:55 UTC To: eduardgv at gmail.com, hostap at shmoo.com ---------------------------------------------------------------- : Ciphire has secured this email against identity theft. : Free download at www.ciphire.com. The garbled lines : below are the sender's verifiable digital signature. ---------------------------------------------------------------- 00fAAAAAEAAAA/Dy5CBwEAAEMBAAIAAgACACBQ2JmUgw78JvBqhaOBPOsMFbVDS6 UaQIxcChG5IhzQhgEA0eMp7V0xI9MrMhC47uaTDnnuTnqi6z9oLEuev70rCXtUct HUojsB+wcaq2gIORLNKzjYDXISFUuQaofFcvMcxQ== ------------------[ End Ciphire Signed Message ]---------------- From symgryph at gmail.com Tue Mar 8 17:28:23 2005 From: symgryph at gmail.com (Thomas Munn) Date: Tue, 8 Mar 2005 17:28:23 -0500 Subject: Buffalo WLA2-G54L with WPA PSK and AES? Message-ID: <84bf3c3005030814285b33aa6d@mail.gmail.com> Dear Sirs: I am using a Buffalo WLI-CB-G54A wireless card with Linuxant drivers (the card associates quite nicely without encryption!), on a 2.6.9 kernel (custom) using version 0.3.8 version of the wpa_supplicat driver. I have turned off SSID broadcasts, as well. I have told the ap to use WPA-PSk with AES as the algorythm. My wpa_supplicant file looks like this: ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=0 eapol_version=1 ap_scan=0 fast_reauth=1 # Simple case: WPA-PSK, PSK as an ASCII passphrase, allow all valid ciphers network={ ssid="munnster" psk="somephrase" } When I run wpa_supplicant -c/etc/wpa_supplicant.conf -ieth1 -d I get "could not read bssid from driver." My wireless device is eth1, and again, it works great w/o encryption (packets, etc. work fine.) Not sure were to go from here, since I don't want to enable Broadcast SSID on the interface. Sincerely, Thomas J. Munn -- ----------------------- Two Wheels Good, Four Wheels Bad From symgryph at gmail.com Tue Mar 8 18:09:34 2005 From: symgryph at gmail.com (Thomas Munn) Date: Tue, 8 Mar 2005 18:09:34 -0500 Subject: Buffalo WLA2-G54L with WPA PSK and AES? Message-ID: <84bf3c30050308150917d36f3b@mail.gmail.com> I just got it working again. I changed the scan option to "1", and "turned on" ssid's with the ap. It seems that turning off SSIDS kills linuxant drivers. I saw some google info on this that linuxant acknowledged this problem. Now, for another question, could I specify the BSSID of the ap, and turn off the SSID and have it work? Has anyone tried this with success with linuxant drivers? -- ----------------------- Two Wheels Good, Four Wheels Bad Thomas Munn From jkmaline at cc.hut.fi Tue Mar 8 23:03:40 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Tue, 8 Mar 2005 20:03:40 -0800 Subject: Buffalo WLA2-G54L with WPA PSK and AES? In-Reply-To: <84bf3c30050308150917d36f3b@mail.gmail.com> References: <84bf3c30050308150917d36f3b@mail.gmail.com> Message-ID: <20050309040339.GJ16257@jm.kir.nu> On Tue, Mar 08, 2005 at 06:09:34PM -0500, Thomas Munn wrote: > I just got it working again. I changed the scan option to "1", and > "turned on" ssid's with the ap. It seems that turning off SSIDS kills > linuxant drivers. > > I saw some google info on this that linuxant acknowledged this > problem. I have not tested the Linuxant driver loader, but I believe that is (or at least was) the case. The open source ndiswrapper can be used with ap_scan=2 mode to work with hidden SSIDs. > Now, for another question, could I specify the BSSID of the > ap, and turn off the SSID and have it work? Has anyone tried this > with success with linuxant drivers? No, that would not work. For hidden SSIDs, you would either need to get Linuxant to modify their code (probably also move to use something else than driver_hostap.c in wpa_supplicant) or move to use ndiswrapper. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Tue Mar 8 23:08:16 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Tue, 8 Mar 2005 20:08:16 -0800 Subject: Implementation of EAP-PSK In-Reply-To: References: Message-ID: <20050309040816.GK16257@jm.kir.nu> On Tue, Mar 08, 2005 at 04:09:06PM +0100, Dario Tonesi wrote: > I need some info about wpa_supplicant and EAP-PSK. > 1) Have any of you used wpa_supplicant to authenticate with EAP-PSK? Yes, I have tested it. > 2) Do you know which authentication server implements EAP-PSK? There is a patch for FreeRADIUS to implement support for an old version of the EAP-PSK draft. I'm not aware of any newer server side implementation. > I'm using as client: wpa_supplicant 0.3.6 (it is supposed to implements EAP-PSK) > with madwifi (driver) on Linux kernel version 2.4.27. > The authentication server is a patched versione of FreeRADIUS (downloaded from > http://perso.rd.francetelecom.fr/bersani/EAP_PSK/Release3.0/freeradius-snapshot-20040329.tar.gz) > that is supposed to support EAP-PKS. > Unfortunately, even if it looks like I set every parameter correctly, I cannot > autheticate the client to the network by means of EAP-PSK. This would indeed be the patch I mentioned above and the one I used to successfully test EAP-PSK with wpa_supplicant.. I have to admit that this was a long time ago, so something may have changed after this. > Could any of you please help me? Please send debug log from both FreeRADIUS and wpa_supplicant and the relevant parts of the configuration files for EAP-PSK. -- Jouni Malinen PGP id EFC895FA From sujith_m at sifycorp.com Wed Mar 9 02:31:11 2005 From: sujith_m at sifycorp.com (sujith_m at sifycorp.com) Date: Wed, 09 Mar 2005 12:31:11 +0500 (IST) Subject: win2k Message-ID: <1110351671.422e9f37ce798@mail.sifycorp.com> Hi, I checked auth_algs parameter in the config file & tried all the possibilities (1,2,3), but nothing worked. Is there a way to block dhcp broadcast requests ? My requirement is : get an IP through DHCP after authentication. I am really in the dark here.Any pointers ? Regards, Sujith From hs4233 at mail.mn-solutions.de Wed Mar 9 03:00:19 2005 From: hs4233 at mail.mn-solutions.de (Holger Schurig) Date: Wed, 9 Mar 2005 09:00:19 +0100 Subject: win2k In-Reply-To: <1110351671.422e9f37ce798@mail.sifycorp.com> References: <1110351671.422e9f37ce798@mail.sifycorp.com> Message-ID: <200503090900.20092.hs4233@mail.mn-solutions.de> > Hi, > > I checked auth_algs parameter in the config file & tried all the > possibilities (1,2,3), but nothing worked. > > Is there a way to block dhcp broadcast requests ? > My requirement is : get an IP through DHCP after authentication. > > I am really in the dark here.Any pointers ? Your e-mail is not something that is easy to answer. You have a weird subject, that bears no relation to the text --- at least none that I could see. Anyway: some DHCP clients for Linux can try to get an IP and if this doesn't work, fork to the background and try again getting IP once every while. Please concentrate on your problems. If you have problems with IP settings, you don't need to specify the auth_algs parameters, they are unrelated. But maybe specify your environment, e.g. which distribution your have (Debian, SuSE, etc) and how the configuration file for your interface eth1/wlan0/ath0 etc) looks like. From sujith_m at sifycorp.com Wed Mar 9 10:05:08 2005 From: sujith_m at sifycorp.com (Sujith) Date: Wed, 9 Mar 2005 20:35:08 +0530 Subject: win2k dhcp IP assignment problem Message-ID: <200503092035.08215.sujith_m@sifycorp.com> Hi, Sorry that my previous mail was uninformative. My problem is not getting an IP using DHCP after authentication. The IP assignment is happening BEFORE authentication & I am able to access the internet.Now, I do not want this to happen. My setup: win 2k pc with Service pack 4 . hostapd-0.3.7 AP. FreeRadius server. dhcpd server. I have configured hostapd to use wired driver since the entire exercise takes place in a LAN. Basically, I am trying to achieve wired authentication here but the entire purpose is defeated since I am getting an IP before authentication. Thanks for any help. Regards, Sujith DISCLAIMER: Information contained and transmitted by this E-MAIL is proprietary to Sify Limited and is intended for use only by the individual or entity to which it is addressed, and may contain information that is privileged, confidential or exempt from disclosure under applicable law. If this is a forwarded message, the content of this E-MAIL may not have been sent with the authority of the Company. If you are not the intended recipient, an agent of the intended recipient or a person responsible for delivering the information to the named recipient, you are notified that any use, distribution, transmission, printing, copying or dissemination of this information in any way or in any manner is strictly prohibited. If you have received this communication in error, please delete this mail & notify us immediately at admin at sifycorp.com From hs4233 at mail.mn-solutions.de Wed Mar 9 05:39:16 2005 From: hs4233 at mail.mn-solutions.de (Holger Schurig) Date: Wed, 9 Mar 2005 11:39:16 +0100 Subject: win2k dhcp IP assignment problem In-Reply-To: <200503092035.08215.sujith_m@sifycorp.com> References: <200503092035.08215.sujith_m@sifycorp.com> Message-ID: <200503091139.17140.hs4233@mail.mn-solutions.de> > I have configured hostapd to use wired driver since the entire exercise > takes place in a LAN. Ahh, wired. > The IP assignment is happening BEFORE authentication & I am able to > access the internet.Now, I do not want this to happen. If you would use wireless, then you can't get an IP before the Authentication took place. BEFORE authentication the Access Point should not let pass any normal TCP or IP traffic, e.g. no DHCP packets. Only WPA (EAPOL etc) key exchange should be allowed. So the Access Point is kind of a firewall that get's switched on/off. I think that for a wired driver, you can use your system normally (e.g. ping, dhcp, telnet) --- even before authentication. Therefore I think that you need kind of a firewall before your machine that get's notified by either Windows 2000 or the Radius server that you're now authenticated and allowed to participate. From sujith_m at sifycorp.com Wed Mar 9 05:42:10 2005 From: sujith_m at sifycorp.com (Sujith) Date: Wed, 9 Mar 2005 16:12:10 +0530 Subject: win2k dhcp IP assignment problem In-Reply-To: <422EC7AD.80406@yahoo.de> References: <200503092035.08215.sujith_m@sifycorp.com> <422EC7AD.80406@yahoo.de> Message-ID: <200503091612.10826.sujith_m@sifycorp.com> Hi, hostapd runs on a Redhat 7.3 box with 2.4 kernel.The box is in bridge mode.2 ethernet interfaces eth2 & eth3 are bridged by an interface, br0 - on which hostapd runs. the win2k box is connected to eth2 interface. eth3 is plugged to the LAN. a separate FC2 box runs FreeRadius & dhcpd. On activating the net connection on the Win box, I get an authorization popup dialog, but on typing ipconfig/all I can see an assigned IP before I submit my user name & password. my hostapd.conf : *************** interface=br0 driver=wired logger_stdout=-1 logger_stdout_level=1 debug=2 dump_file=/tmp/hostapd.dump ctrl_interface=/var/run/hostapd wpa=0 auth_algs=3 ieee8021x=1 eap_reauth_period=3600 eapol_key_index_workaround=0 own_ip_addr= nas_identifier= auth_server_addr= auth_server_port=1812 auth_server_shared_secret=secret ************************** Now, is the above setup appropriate for achieving wired authentication ? thanks for the help guys, regards, Sujith On Wednesday 09 March 2005 3:23 pm, Gentoopower wrote: > Sujith wrote: > >Hi, > > > >Sorry that my previous mail was uninformative. > > > >My problem is not getting an IP using DHCP after authentication. > >The IP assignment is happening BEFORE authentication & I am able to > >access the internet.Now, I do not want this to happen. > > > >My setup: > > win 2k pc with Service pack 4 . > > hostapd-0.3.7 AP. > > FreeRadius server. > > dhcpd server. > > I think you should also add, which boxes run what. Or are you running > all of those services on the win2k box. I guess not, right? > > >I have configured hostapd to use wired driver since the entire exercise > > takes place in a LAN. > > > >Basically, I am trying to achieve wired authentication here but the entire > >purpose is defeated since I am getting an IP before authentication. > > Yeah, I think now everyone understood what you are trying to do, I had > no clue either in your first post. > > >Thanks for any help. > > > >Regards, > >Sujith DISCLAIMER: Information contained and transmitted by this E-MAIL is proprietary to Sify Limited and is intended for use only by the individual or entity to which it is addressed, and may contain information that is privileged, confidential or exempt from disclosure under applicable law. If this is a forwarded message, the content of this E-MAIL may not have been sent with the authority of the Company. If you are not the intended recipient, an agent of the intended recipient or a person responsible for delivering the information to the named recipient, you are notified that any use, distribution, transmission, printing, copying or dissemination of this information in any way or in any manner is strictly prohibited. If you have received this communication in error, please delete this mail & notify us immediately at admin at sifycorp.com From sujith_m at sifycorp.com Wed Mar 9 06:26:29 2005 From: sujith_m at sifycorp.com (Sujith) Date: Wed, 9 Mar 2005 16:56:29 +0530 Subject: win2k dhcp IP assignment problem In-Reply-To: <200503091139.17140.hs4233@mail.mn-solutions.de> References: <200503092035.08215.sujith_m@sifycorp.com> <200503091139.17140.hs4233@mail.mn-solutions.de> Message-ID: <200503091656.29190.sujith_m@sifycorp.com> Thanks, that sure cleared a lot of confusion. On Wednesday 09 March 2005 4:09 pm, Holger Schurig wrote: > > I think that for a wired driver, you can use your system normally (e.g. > ping, dhcp, telnet) --- even before authentication. Therefore I think > that you need kind of a firewall before your machine that get's notified > by either Windows 2000 or the Radius server that you're now authenticated > and allowed to participate. DISCLAIMER: Information contained and transmitted by this E-MAIL is proprietary to Sify Limited and is intended for use only by the individual or entity to which it is addressed, and may contain information that is privileged, confidential or exempt from disclosure under applicable law. If this is a forwarded message, the content of this E-MAIL may not have been sent with the authority of the Company. If you are not the intended recipient, an agent of the intended recipient or a person responsible for delivering the information to the named recipient, you are notified that any use, distribution, transmission, printing, copying or dissemination of this information in any way or in any manner is strictly prohibited. If you have received this communication in error, please delete this mail & notify us immediately at admin at sifycorp.com From g.hecker at et.bocholt.fh-ge.de Wed Mar 9 11:36:03 2005 From: g.hecker at et.bocholt.fh-ge.de (Gordon Hecker) Date: Wed, 09 Mar 2005 17:36:03 +0100 Subject: Smartcards and wpa_supplicant In-Reply-To: <20050228033121.GB8836@jm.kir.nu> References: <416BD7E9.7040403@et.bocholt.fh-ge.de> <20041013040555.GA21644@jm.kir.nu> <4173D26D.5080300@et.bocholt.fh-ge.de> <41F61B54.5060406@et.bocholt.fh-ge.de> <20050228033121.GB8836@jm.kir.nu> Message-ID: <422F25F3.40605@et.bocholt.fh-ge.de> Hi again, Jouni Malinen wrote: > On Tue, Jan 25, 2005 at 11:11:32AM +0100, Gordon Hecker wrote: > > >>First a short summary to get it all back to your mind: >>The patch implements smartcard support for EAP-TLS in wpa_supplicant >>using the Openssl Engine interface with the engines provided by the >>Opensc project. So at least in theory every smartcard supported by >>Opensc should be usable. I'm using a Cryptoflex Egate USB Token. > > > Unfortunately, OpenSC does not seem to support PKCS#15 initialization > for SetCOS and I happen to only have SetCOS cards. One of the cards is > actually already initialized, but of course I don't remember PIN for > it.. ;-) (nor do I have a private key that I could use in the > authentication server). > > In other words, I don't currently have suitable hardware for testing the > wpa_supplicant changes. I can try to find a source for supported cards > at some point, but that may take some time. If you happen to know one, > please let me know. I can also try to see if I could initialize the card > with another tool since it is only the initialization part that is > missing from OpenSC. I'm using cryptoflex egate - but I must admit that I never tried to order them myself. I only heard that it's not easy to get them. Anyway - I'm initializing my smartcard in a way that it works in combination with my usual environment. Certificates and authentication server. > > >>As I said, it would be great if you could integrate the code in one of >>the next wpa_supplicant releases. > > > I can start merging changes into wpa_supplicant. PIN through wpa_cli is > a good starting point, since it is needed for EAP-SIM/AKA, too. Rest of > the changes should be doable, but like I said, I won't be able to test > them completely. I have extracted the PIN-through-wpa_cli related changes and created a diff containing only those. As usual: http://ghe.dyndns.org/patches/wpa_supplicant/wpa_supplicant-pin-through-wpa_cli-20050309-2.patch It's mostly copy'n'paste from the corresponding functionality of the password command. In wpa_cli.c there's a workaround to detect if there's an exact match of a command - since the 'pin' command was rejected before because it is ambiguous with the first three characters of the 'ping' command. There's no code included that makes EAP-SIM or AKA use that functionality. I don't want to mess around in that code for now. So the patch on its own is pretty useless ;-) But if you are fine with it you might start merging it. > > Couple of changes needs to be done to the patch, though, before it can > be merged in. I went through the changes and here's list of comments: > I'm working through your comments on the other parts. Most of the things are solved, I'll see how I can split the big patch into pieces and resend them as soon as possible. > tls_openssl.c: > > + * tls_engine_load_dynamic_generic - > + * This function is a generic function that loads any openssl engine. > + * It's code is based upon an example found in the engine(3) manpage > + * from openssl > > > What license is used for that code? OpenSSL license is not compatible > with the license used in wpa_supplicant as far as including code from > OpenSSL to wpa_supplicant is concerned. > It's my own code, not a copy'n'paste. I just coded it after reading the manpage. So licensing it under wpa_supplicant's license should be fine. Gordon From aj at dungeon.inka.de Wed Mar 9 17:33:32 2005 From: aj at dungeon.inka.de (Andreas Jellinghaus) Date: Wed, 09 Mar 2005 23:33:32 +0100 Subject: example config for wired? Message-ID: <1110407612.3068.54.camel@simulacron> Hi, I would like to give wpa_supplicant, hostapd and freeswan a try in a wired setup. preferable with eap-tls and maybe even using smart cards. has anyone done something like this and could give a working example config? Regards, Andreas -- ---------------------[ Ciphire Signature ]---------------------- From: aj at dungeon.inka.de signed email body (198 characters) Date: on 09 March 2005 at 22:29:38 UTC To: hostap at shmoo.com ---------------------------------------------------------------- : Ciphire has secured this email against identity theft. : Free download at www.ciphire.com. The garbled lines : below are the sender's verifiable digital signature. ---------------------------------------------------------------- 00fAAAAAEAAADSeC9CxgAAAP4CAAIAAgACACBQ2JmUgw78JvBqhaOBPOsMFbVDS6 UaQIxcChG5IhzQhgEA0eMp7V0xI9MrMhC47uaTDnnuTnqi6z9oLEuev70rCXtO3N YQW13Aon3EYU52FwJ+cJ4ystwwjJpRDr8vHfAShA== ------------------[ End Ciphire Signed Message ]---------------- From shashilv at yahoo.com Wed Mar 9 18:45:08 2005 From: shashilv at yahoo.com (Shashidhar Lakkavalli) Date: Wed, 9 Mar 2005 15:45:08 -0800 (PST) Subject: wpa_supplicant with EAP-TLS and madwifi driver not authenticating Message-ID: <20050309234508.33531.qmail@web40914.mail.yahoo.com> Hi, I am trying to use EAP-TLS with a Linksys PCI card using the madwifi driver, to communicate with a Cisco 1100 series AP. The configuration file I have used is as follows: eapol_version=1 ap_scan=0 # IEEE 802.1X/EAPOL with dynamically generated WEP keys (i.e., no WPA) using # EAP-TLS for authentication and key generation; require both unicast and # broadcast WEP keys. network={ ssid="8021x" scan_ssid=0 proto=WPA key_mgmt=IEEE8021X eap=TLS identity="anonymous" anonymous_identity="anonymous" ca_cert="/usr/local/etc/1x/certs/root.pem" client_cert="/usr/local/etc/1x/certs/cert-clt.pem" private_key="/usr/local/etc/1x/certs/cert-clt.pem" private_key_passwd="whatever" eapol_flags=3 } The wpa_supplicant output file is attached with the email. The wpa_supplicant is able to send the EAPOL-Start, receive the EAP request and send the EAP response. But after that, the AiroPeek sniffer does not show any communication between the wpa_supplicant and the AP. This problem is only with IEEE8021x with dynamic WEP keys. I was able to get EAP-TLS using WPA, and WPA-PSK to work. Please let me know if I am missing something. I have attached the wpa_supplicant output for reference. Thanks, Shashi. __________________________________ Celebrate Yahoo!'s 10th Birthday! Yahoo! Netrospective: 100 Moments of the Web http://birthday.yahoo.com/netrospective/ -------------- next part -------------- A non-text attachment was scrubbed... Name: wpa_out Type: application/octet-stream Size: 9531 bytes Desc: wpa_out Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050309/5d05b41e/attachment.obj From jason at jeetkunedomaster.net Wed Mar 9 19:30:41 2005 From: jason at jeetkunedomaster.net (Jason Straight) Date: Wed, 9 Mar 2005 19:30:41 -0500 Subject: (Argh!) 2.6.11.1 w/ 0.3.7 = wifi0: hfa384x_cmd: entry still in list? Message-ID: <200503091930.41214.jason@jeetkunedomaster.net> Below is a bunch of crap :) hopefully containing the right information so someone can point me to the reason why I can't get my zcom 325-HP working. Here's the full dmesg: hostap_crypt: registered algorithm 'NULL' hostap_cs: 0.3.7 - 2005-02-12 (Jouni Malinen ) hostap_cs: setting Vcc=33 (constant) hostap_cs: CS_EVENT_CARD_INSERTION hostap_cs: setting Vcc=50 (from config) Checking CFTABLE_ENTRY 0x01 (default 0x01) IO window settings: cfg->io.nwin=1 dflt.io.nwin=1 io->flags = 0x0046, io.base=0x0000, len=64 hostap_cs: Registered netdevice wifi0 hostap_cs: index 0x01: Vcc 5.0, irq 16, io 0x0100-0x013f prism2_hw_init: initialized in 195 ms wifi0: hfa384x_cmd: entry still in list? (entry=ea665e80, type=0, res=0) wifi0: hfa384x_cmd: command was not completed (res=0, entry=ea665e80, type=0, cmd=0x0001, param0=0x0000, EVSTAT=8000 INTEN=0010) wifi0: MAC port 0 enabling failed wifi0: could not enable MAC port wifi0: hfa384x_cmd: entry still in list? (entry=c957d7c0, type=0, res=0) wifi0: hfa384x_cmd: command was not completed (res=0, entry=c957d7c0, type=0, cmd=0x0021, param0=0xfd0b, EVSTAT=8000 INTEN=0010) wifi0: hfa384x_get_rid: CMDCODE_ACCESS failed (res=-110, rid=fd0b, len=8) Could not get RID for component NIC hostap_cs: Initialization failed prism2_config() failed r8169: eth0: PHY reset until link up wifi0: hfa384x_cmd: entry still in list? (entry=ea665e80, type=0, res=0) wifi0: hfa384x_cmd: command was not completed (res=0, entry=ea665e80, type=0, cmd=0x0002, param0=0x0000, EVSTAT=8000 INTEN=0000) hostap_cs: Shutdown failed iwconfig shows: ath0 IEEE 802.11g ESSID:"{{}}" Nickname:"jkd.jeetkunedomaster.net" Mode:Managed Frequency:2.412 GHz Access Point: 00:04:5A:0E:3C:F6 Bit Rate:11 Mb/s Tx-Power:50 dBm Sensitivity=0/3 Retry:off RTS thr:off Fragment thr:off Encryption key:off Power Management:off Link Quality=60/94 Signal level=-35 dBm Noise level=-95 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:24 Invalid misc:24 Missed beacon:0 wifi0 no wireless extensions. Worth noting my machine has a wireless minipci dev running with madwifi on ath0. lspci: 00:00.0 Host bridge: VIA Technologies, Inc. VT8385 [K8T800 AGP] Host Bridge (rev 01) 00:01.0 PCI bridge: VIA Technologies, Inc. VT8237 PCI bridge [K8T800 South] 00:05.0 Ethernet controller: Atheros Communications, Inc. AR5212 802.11abg NIC (rev 01) 00:06.0 FireWire (IEEE 1394): Texas Instruments TSB43AB21 IEEE-1394a-2000 Controller (PHY/Link) 00:08.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL-8169 Gigabit Ethernet (rev 10) 00:0c.0 CardBus bridge: ENE Technology Inc CB1410 Cardbus Controller (rev 01) 00:0e.0 Unknown mass storage controller: Winbond Electronics Corp: Unknown device 8481 (rev 01) 00:0e.1 Unknown mass storage controller: Winbond Electronics Corp: Unknown device 8482 (rev 01) 00:10.0 USB Controller: VIA Technologies, Inc. VT82xxxxx UHCI USB 1.1 Controller (rev 80) 00:10.1 USB Controller: VIA Technologies, Inc. VT82xxxxx UHCI USB 1.1 Controller (rev 80) 00:10.2 USB Controller: VIA Technologies, Inc. VT82xxxxx UHCI USB 1.1 Controller (rev 80) 00:10.3 USB Controller: VIA Technologies, Inc. USB 2.0 (rev 82) 00:11.0 ISA bridge: VIA Technologies, Inc. VT8235 ISA Bridge 00:11.1 IDE interface: VIA Technologies, Inc. VT82C586A/B/VT82C686/A/B/VT823x/A/C PIPC Bus Master IDE (rev 06) 00:11.5 Multimedia audio controller: VIA Technologies, Inc. VT8233/A/8235/8237 AC97 Audio Controller (rev 50) 00:11.6 Communication controller: VIA Technologies, Inc. AC'97 Modem Controller (rev 80) 00:18.0 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] HyperTransport Technology Configuration 00:18.1 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] Address Map 00:18.2 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] DRAM Controller 00:18.3 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] Miscellaneous Control 01:00.0 VGA compatible controller: ATI Technologies Inc RV350 [Mobility Radeon 9600 M10] and /proc/interrupts [root at jkd hostap-driver-0.3.7]# cat /proc/interrupts CPU0 0: 71822068 IO-APIC-edge timer 1: 44579 IO-APIC-edge i8042 7: 2 IO-APIC-edge parport0 10: 179318 IO-APIC-level acpi 12: 178411 IO-APIC-edge i8042 14: 289309 IO-APIC-edge ide0 15: 646049 IO-APIC-edge ide1 16: 2099545 IO-APIC-level yenta, ath0, 0.0 17: 3 IO-APIC-level ohci1394 19: 6 IO-APIC-level eth0 21: 442114 IO-APIC-level uhci_hcd, uhci_hcd, uhci_hcd, ehci_hcd 22: 3248927 IO-APIC-level VIA8233 NMI: 0 LOC: 71817707 ERR: 0 MIS: 0 Thanks, this really bugs me since I don't really know what would cause this error. I know 2.6.11.1 has some new acpi IRQ handling but I don't know if that would cause this error or not. -- http://www.skycon.net/ AIM: JasonRStraight ICQ: 1796276 From jason at jeetkunedomaster.net Wed Mar 9 20:45:07 2005 From: jason at jeetkunedomaster.net (Jason Straight) Date: Wed, 9 Mar 2005 20:45:07 -0500 Subject: (Argh!) 2.6.11.1 w/ 0.3.7 = wifi0: hfa384x_cmd: entry still in list? In-Reply-To: <200503091930.41214.jason@jeetkunedomaster.net> References: <200503091930.41214.jason@jeetkunedomaster.net> Message-ID: <200503092045.07728.jason@jeetkunedomaster.net> Well, if I have my prism card in when pcmcia starts my card will work, at least until I eject/insert it again. Then it will fail. The io addy is still the same when it's working. It seems to be that as long as it loads before ath_pci it's ok? But if I ifconfig all the devs down, and remove all the modules and restart pcmcia when I re-insert the prism card it still fails. I'm wondering if this isn't more of a problem with madwifi drivers. On Wednesday 09 March 2005 19:30, Jason Straight wrote: > Below is a bunch of crap :) hopefully containing the right information so > someone can point me to the reason why I can't get my zcom 325-HP working. > > > Here's the full dmesg: > > hostap_crypt: registered algorithm 'NULL' > hostap_cs: 0.3.7 - 2005-02-12 (Jouni Malinen ) > hostap_cs: setting Vcc=33 (constant) > hostap_cs: CS_EVENT_CARD_INSERTION > hostap_cs: setting Vcc=50 (from config) > Checking CFTABLE_ENTRY 0x01 (default 0x01) > IO window settings: cfg->io.nwin=1 dflt.io.nwin=1 > io->flags = 0x0046, io.base=0x0000, len=64 > hostap_cs: Registered netdevice wifi0 > hostap_cs: index 0x01: Vcc 5.0, irq 16, io 0x0100-0x013f > prism2_hw_init: initialized in 195 ms > wifi0: hfa384x_cmd: entry still in list? (entry=ea665e80, type=0, res=0) > wifi0: hfa384x_cmd: command was not completed (res=0, entry=ea665e80, > type=0, cmd=0x0001, param0=0x0000, EVSTAT=8000 INTEN=0010) > wifi0: MAC port 0 enabling failed > wifi0: could not enable MAC port > wifi0: hfa384x_cmd: entry still in list? (entry=c957d7c0, type=0, res=0) > wifi0: hfa384x_cmd: command was not completed (res=0, entry=c957d7c0, > type=0, cmd=0x0021, param0=0xfd0b, EVSTAT=8000 INTEN=0010) > wifi0: hfa384x_get_rid: CMDCODE_ACCESS failed (res=-110, rid=fd0b, len=8) > Could not get RID for component NIC > hostap_cs: Initialization failed > prism2_config() failed > r8169: eth0: PHY reset until link up > wifi0: hfa384x_cmd: entry still in list? (entry=ea665e80, type=0, res=0) > wifi0: hfa384x_cmd: command was not completed (res=0, entry=ea665e80, > type=0, cmd=0x0002, param0=0x0000, EVSTAT=8000 INTEN=0000) > hostap_cs: Shutdown failed > > > iwconfig shows: > > ath0 IEEE 802.11g ESSID:"{{}}" Nickname:"jkd.jeetkunedomaster.net" > Mode:Managed Frequency:2.412 GHz Access Point: > 00:04:5A:0E:3C:F6 Bit Rate:11 Mb/s Tx-Power:50 dBm Sensitivity=0/3 > Retry:off RTS thr:off Fragment thr:off > Encryption key:off > Power Management:off > Link Quality=60/94 Signal level=-35 dBm Noise level=-95 dBm > Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 > Tx excessive retries:24 Invalid misc:24 Missed beacon:0 > > wifi0 no wireless extensions. > > > > Worth noting my machine has a wireless minipci dev running with madwifi on > ath0. > > lspci: > > 00:00.0 Host bridge: VIA Technologies, Inc. VT8385 [K8T800 AGP] Host Bridge > (rev 01) > 00:01.0 PCI bridge: VIA Technologies, Inc. VT8237 PCI bridge [K8T800 South] > 00:05.0 Ethernet controller: Atheros Communications, Inc. AR5212 802.11abg > NIC (rev 01) > 00:06.0 FireWire (IEEE 1394): Texas Instruments TSB43AB21 IEEE-1394a-2000 > Controller (PHY/Link) > 00:08.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL-8169 > Gigabit Ethernet (rev 10) > 00:0c.0 CardBus bridge: ENE Technology Inc CB1410 Cardbus Controller (rev > 01) 00:0e.0 Unknown mass storage controller: Winbond Electronics Corp: > Unknown device 8481 (rev 01) > 00:0e.1 Unknown mass storage controller: Winbond Electronics Corp: Unknown > device 8482 (rev 01) > 00:10.0 USB Controller: VIA Technologies, Inc. VT82xxxxx UHCI USB 1.1 > Controller (rev 80) > 00:10.1 USB Controller: VIA Technologies, Inc. VT82xxxxx UHCI USB 1.1 > Controller (rev 80) > 00:10.2 USB Controller: VIA Technologies, Inc. VT82xxxxx UHCI USB 1.1 > Controller (rev 80) > 00:10.3 USB Controller: VIA Technologies, Inc. USB 2.0 (rev 82) > 00:11.0 ISA bridge: VIA Technologies, Inc. VT8235 ISA Bridge > 00:11.1 IDE interface: VIA Technologies, Inc. > VT82C586A/B/VT82C686/A/B/VT823x/A/C PIPC Bus Master IDE (rev 06) > 00:11.5 Multimedia audio controller: VIA Technologies, Inc. > VT8233/A/8235/8237 AC97 Audio Controller (rev 50) > 00:11.6 Communication controller: VIA Technologies, Inc. AC'97 Modem > Controller (rev 80) > 00:18.0 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] > HyperTransport Technology Configuration > 00:18.1 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] > Address Map > 00:18.2 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] > DRAM Controller > 00:18.3 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] > Miscellaneous Control > 01:00.0 VGA compatible controller: ATI Technologies Inc RV350 [Mobility > Radeon 9600 M10] > > > and /proc/interrupts > > [root at jkd hostap-driver-0.3.7]# cat /proc/interrupts > CPU0 > 0: 71822068 IO-APIC-edge timer > 1: 44579 IO-APIC-edge i8042 > 7: 2 IO-APIC-edge parport0 > 10: 179318 IO-APIC-level acpi > 12: 178411 IO-APIC-edge i8042 > 14: 289309 IO-APIC-edge ide0 > 15: 646049 IO-APIC-edge ide1 > 16: 2099545 IO-APIC-level yenta, ath0, 0.0 > 17: 3 IO-APIC-level ohci1394 > 19: 6 IO-APIC-level eth0 > 21: 442114 IO-APIC-level uhci_hcd, uhci_hcd, uhci_hcd, ehci_hcd > 22: 3248927 IO-APIC-level VIA8233 > NMI: 0 > LOC: 71817707 > ERR: 0 > MIS: 0 > > Thanks, this really bugs me since I don't really know what would cause this > error. I know 2.6.11.1 has some new acpi IRQ handling but I don't know if > that would cause this error or not. -- http://www.skycon.net/ AIM: JasonRStraight ICQ: 1796276 From gbur at informatik.uni-rostock.de Thu Mar 10 02:12:45 2005 From: gbur at informatik.uni-rostock.de (Gunter Burchardt) Date: Thu, 10 Mar 2005 08:12:45 +0100 Subject: example config for wired? In-Reply-To: <1110407612.3068.54.camel@simulacron> References: <1110407612.3068.54.camel@simulacron> Message-ID: <20050310071245.GH4189@informatik.uni-rostock.de> > Hi, > > I would like to give wpa_supplicant, hostapd and freeswan > a try in a wired setup. preferable with eap-tls and maybe > even using smart cards. has anyone done something like this > and could give a working example config? A config for wired setup for hostapd is included in hostapd directory. But i think hostpad is not enough for an working authenticator. You need pae module. Its an extension for hostapd that enables hostapd to work in wired environments. I can send you the source of pae module. There will be a sourceforge project for this module soon. I will anounce this in this mailing list. wpa_supplicant also supports wired environment. But i didn't know any config. regards gunter From manojv at hcltech.com Thu Mar 10 04:51:46 2005 From: manojv at hcltech.com (Manoj Verma, Noida) Date: Thu, 10 Mar 2005 15:21:46 +0530 Subject: wpa_supplicant with EAP-TLS and madwifi driver not authentica ting Message-ID: <267988DEACEC5A4D86D5FCD780313FBB057EBD9D@exch-03.noida.hcltech.com> Hi, We had the similar problem with the CISCO AP, wherein in dynamic WEP Keys mode we were not able to communicate with the AP. The problem occurs because after the TTLS / TLS authentication, the key frame information sent by the AP is not complete, i.e. encrypted key from which the session key is derived is not provided by the AP. Manoj -----Original Message----- From: hostap-bounces+manojv=noida.hcltech.com at shmoo.com [mailto:hostap-bounces+manojv=noida.hcltech.com at shmoo.com] On Behalf Of Shashidhar Lakkavalli Sent: Thursday, March 10, 2005 5:15 AM To: hostap at shmoo.com Subject: wpa_supplicant with EAP-TLS and madwifi driver not authenticating Hi, I am trying to use EAP-TLS with a Linksys PCI card using the madwifi driver, to communicate with a Cisco 1100 series AP. The configuration file I have used is as follows: eapol_version=1 ap_scan=0 # IEEE 802.1X/EAPOL with dynamically generated WEP keys (i.e., no WPA) using # EAP-TLS for authentication and key generation; require both unicast and # broadcast WEP keys. network={ ssid="8021x" scan_ssid=0 proto=WPA key_mgmt=IEEE8021X eap=TLS identity="anonymous" anonymous_identity="anonymous" ca_cert="/usr/local/etc/1x/certs/root.pem" client_cert="/usr/local/etc/1x/certs/cert-clt.pem" private_key="/usr/local/etc/1x/certs/cert-clt.pem" private_key_passwd="whatever" eapol_flags=3 } The wpa_supplicant output file is attached with the email. The wpa_supplicant is able to send the EAPOL-Start, receive the EAP request and send the EAP response. But after that, the AiroPeek sniffer does not show any communication between the wpa_supplicant and the AP. This problem is only with IEEE8021x with dynamic WEP keys. I was able to get EAP-TLS using WPA, and WPA-PSK to work. Please let me know if I am missing something. I have attached the wpa_supplicant output for reference. Thanks, Shashi. __________________________________ Celebrate Yahoo!'s 10th Birthday! Yahoo! Netrospective: 100 Moments of the Web http://birthday.yahoo.com/netrospective/ From mapr at mx.sybcom.de Thu Mar 10 05:40:27 2005 From: mapr at mx.sybcom.de (mapr at mx.sybcom.de) Date: Thu, 10 Mar 2005 11:40:27 +0100 (CET) Subject: pccard (Linksys WPC11) resets constantly (fwd) Message-ID: Hello, I am running kernel 2.4.25 (i82365, N2K-card driver, etc. built into the kernel), hostap-driver-0.3.7 and cardmgr comes from pcmcia-cs-3.2.7. This configuration worked well with a Netgear MA401, but switching to a Linksys WPC11 brought several problems. I do an insmod to load the modules 'hostap.o' and 'hostap_cs.o', sometimes this runs without problems and I can run cardmgr and do a ram download (prism2_srec -r wlan0 rf010409.hex). After running for a short time the card is resetting constantly: NETDEV WATCHDOG: wifi0: transmit timed out wifi0 Tx timed out! Resetting card hostap_cs: wifi0: resetting card Spurious 8259A interrupt: IRQ7. NETDEV WATCHDOG: wifi0: transmit timed out wifi0 TX timed out! Resetting card wifi0: interrupt delivery does not seem to work wifi0: DTIM period setting to 1 failed NETDEV WATCHDOG: wifi0: transmit timed out wifi0: TX timed out! Resetting card wifi0: interrupt delivery does not seem to work wifi0: MAC port 0 enabling failed hostap_cs: wifi0: resetting card hostap_cs: wifi0: resetting card NETDEV WATCHDOG: wifi0 : transmit timed out wifi0 Tx timed out! Resetting card hostap_cs: wifi0: resetting card As far as I can see the problems arise already when the modules are loaded (if that could cause the above problems?), because most of the times after insmod'ing it says: 'unable to locate card memory' and later 'resource is temporarely not available' and something about not finding memory_cs [I don't need the memory_cs.o module, do I? And if, why does it run sometimes without?] Running cardmgr now freezes the whole computer. I don't do the 'modprobe' stuff, because I have very limited resources (no hd, only ramdisk) - so it's likely a general PCMCIA instead of a hostap* module problem. Sorry if being Off-Topic, but currently I don't get a step forward. Any hints will be appreciated Thanks, Mario From preining at logic.at Thu Mar 10 06:17:24 2005 From: preining at logic.at (Norbert Preining) Date: Thu, 10 Mar 2005 12:17:24 +0100 Subject: link beat not detected by ifplugd with hostap drivers Message-ID: <20050310111724.GD15480@gamma.logic.tuwien.ac.at> Hi all! I have the following problem with setting up the wlan interface with ifplugd, as it cannot detect the link beat on the hostap interface: debian/sid kernel 2.6.11-mm1 with kernel hostap drivers wpasupplicant 0.3.8-1 output of hostap_driver loading: hostap_pci: CVS (Jouni Malinen ) ACPI: PCI interrupt 0000:02:04.0[A] -> GSI 10 (level, low) -> IRQ 10 hostap_pci: Registered netdevice wifi0 wifi0: Original COR value: 0x6d prism2_hw_init: initialized in 263 ms wifi0: NIC: id=0x8022 v1.0.0 wifi0: PRI: id=0x15 v1.1.1 wifi0: STA: id=0x1f v1.8.0 wifi0: Intersil Prism2.5 PCI: mem=0xf8000000, ir q=10 Here a typical session: start wpa_supplicant: Mar 10 12:05:25 gandalf vmunix: wifi0: LinkStatus=2 (Disconnected) Mar 10 12:05:25 gandalf kernel: wifi0: LinkStatus: BSSID=44:44:44:44:44:44 Mar 10 12:05:25 gandalf vmunix: wifi0: LinkStatus=2 (Disconnected) Mar 10 12:05:25 gandalf kernel: wifi0: LinkStatus: BSSID=44:44:44:44:44:44 Mar 10 12:05:25 gandalf vmunix: wifi0: LinkStatus=2 (Disconnected) Mar 10 12:05:25 gandalf kernel: wifi0: LinkStatus: BSSID=44:44:44:44:44:44 Mar 10 12:05:25 gandalf vmunix: wifi0: LinkStatus=2 (Disconnected) Mar 10 12:05:25 gandalf kernel: wifi0: LinkStatus: BSSID=44:44:44:44:44:44 Mar 10 12:05:25 gandalf vmunix: wlan0: Trying to join BSSID 00:06:25:c4:7c:57 Mar 10 12:05:25 gandalf kernel: wifi0: LinkStatus=1 (Connected) Mar 10 12:05:25 gandalf vmunix: wifi0: LinkStatus: BSSID=00:06:25:c4:7c:57 ok, good, everything works start ifplugd: Mar 10 12:05:34 gandalf ifplugd(eth0)[6898]: ifplugd 0.26 initializing. Mar 10 12:05:34 gandalf ifplugd(eth0)[6898]: Using interface eth0/00:C0:9F:1F:59:38 with driver (version: 0.95) Mar 10 12:05:34 gandalf ifplugd(eth0)[6898]: Using detection mode: SIOCETHTOOL Mar 10 12:05:34 gandalf ifplugd(eth0)[6898]: Initialization complete, link beat not detected. Mar 10 12:05:34 gandalf ifplugd(wlan0)[6905]: ifplugd 0.26 initializing. Mar 10 12:05:34 gandalf ifplugd(wlan0)[6905]: Using interface wlan0/00:02:8A:95:EE:C0 with driver (version: CVS) Mar 10 12:05:34 gandalf ifplugd(wlan0)[6905]: Using detection mode: wireless extension Mar 10 12:05:34 gandalf ifplugd(wlan0)[6905]: Initialization complete, link beat not detected. Ummm, no link on wlan0, why? do I have to do more than this? I don't think so, because manually ifup wlan0 works: Mar 10 12:05:48 gandalf dhclient: Internet Systems Consortium DHCP Client V3.0.1 Mar 10 12:05:48 gandalf dhclient: Copyright 2004 Internet Systems Consortium. Mar 10 12:05:48 gandalf dhclient: All rights reserved. Mar 10 12:05:48 gandalf dhclient: For info, please visit http://www.isc.org/products/DHCP Mar 10 12:05:48 gandalf dhclient: Mar 10 12:05:48 gandalf dhclient: wifi0: unknown hardware address type 801 Mar 10 12:05:48 gandalf dhclient: eth2: unknown hardware address type 24 Mar 10 12:05:49 gandalf dhclient: wifi0: unknown hardware address type 801 Mar 10 12:05:49 gandalf dhclient: eth2: unknown hardware address type 24 Mar 10 12:05:49 gandalf dhclient: Listening on LPF/wlan0/00:02:8a:95:ee:c0 Mar 10 12:05:49 gandalf dhclient: Sending on LPF/wlan0/00:02:8a:95:ee:c0 Mar 10 12:05:49 gandalf dhclient: Sending on Socket/fallback Mar 10 12:05:50 gandalf dhclient: DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 3 Mar 10 12:05:50 gandalf dhclient: DHCPOFFER from 192.168.1.1 Mar 10 12:05:50 gandalf dhclient: DHCPREQUEST on wlan0 to 255.255.255.255 port 67 Mar 10 12:05:50 gandalf dhclient: DHCPACK from 192.168.1.1 Mar 10 12:05:50 gandalf dhclient: bound to 192.168.1.31 -- renewal in 41209 seconds. Any suggestions? Best wishes and thanks a lot Norbert ------------------------------------------------------------------------------- Norbert Preining Universit? di Siena sip:preining at at43.tuwien.ac.at +43 (0) 59966-690018 gpg DSA: 0x09C5B094 fp: 14DF 2E6C 0307 BE6D AD76 A9C0 D2BF 4AA3 09C5 B094 ------------------------------------------------------------------------------- it's at times like this, when I'm trapped in a Vogon airlock with a man from Betelgeuse, and about to die from asphyxiation in deep space that I really wish I'd listened to what my mother told me when I was young.' `Why, what did she tell you?' `I don't know, I didn't listen.' --- Arthur coping with certain death as best as he could. --- Douglas Adams, The Hitchhikers Guide to the Galaxy From jar at pcuf.fi Thu Mar 10 06:51:45 2005 From: jar at pcuf.fi (Jar) Date: Thu, 10 Mar 2005 13:51:45 +0200 (EET) Subject: pccard (Linksys WPC11) resets constantly (fwd) In-Reply-To: References: Message-ID: <42519.194.157.0.2.1110455505.squirrel@netlandzone.dyndns.org> > 'unable to locate card memory' and later > 'resource is temporarely not available' > > and something about not finding memory_cs [I don't need the memory_cs.o > module, do I? And if, why does it run sometimes without?] Running cardmgr > now freezes the whole computer. Maybe the cardmgr doesn't know what driver to map your wlan card. Maybe it sees the wlan card as anonymous memory. /etc/pcmcia/config card "Anonymous Memory" anonymous bind "memory_cs" Have you copied hostap_cs.conf to /etc/pcmcia ? Is your wlan card listed in that file? -- Best Regards, Jar From danigpino at hotmail.com Thu Mar 10 07:17:29 2005 From: danigpino at hotmail.com (=?iso-8859-1?B?RGFuaSBHYXJj7WEgUGlubw==?=) Date: Thu, 10 Mar 2005 13:17:29 +0100 Subject: wpa supplicant and Enterasys roamabout pcmcia card In-Reply-To: <20050309234715.641F01564D3@mail.iocaine.com> Message-ID: Hi! I have a Roamabout 802.11b card from Enterasys. I'm new in Linux and I need to connect to my enterprise wireless network. This network is encrypted with dynamical WEP keys and the authentication goes to a RADIUS server with EAP-TTLS/MS-CHAPV2 protocols. I've tried to use wpa supplicant to connect to the network, but I cannot associate with the AP. Here the configuration file: ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=0 eapol_version=1 ap_scan=2 network={ ssid="ssid" scan_ssid=1 proto=WPA key_mgmt=IEEE8021X pairwise=TKIP group=WEP104 eap=TTLS eapol_flags=3 anonymous_identity="anonymous" phase2="autheap=MSCHAPV2" } In other hand, my enterprise also have a free network for guests that only have a static WEP key for encryption. I think that, because its a much simple network configuration, I can start probing to connect to this network first, but I had the same results. Thisi is the configuration file for this network: ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=0 eapol_version=1 ap_scan=2 network={ ssid="free" scan_ssid=1 key_mgmt=NONE pairwise=NONE group=WEP40 wep_key1="static_wep_key" eapol_flags=0 } Finally I need to know what is the best driver to use with my wireless card (I think that it's an orinoco based card with an Hermes-I chipset, but I'm not sure). Now I'm using ndiswrapper, because is the unic that doesn't give me an error message, but I think that I'm not using it with the correct form: wpa_supplicant -i eth1 -dd -B -D ndiswrapper that's all, thanks in advance and sorry by my bad english, I'm Spanish :) greetings!! Dani From mapr at mx.sybcom.de Thu Mar 10 07:52:50 2005 From: mapr at mx.sybcom.de (mapr at mx.sybcom.de) Date: Thu, 10 Mar 2005 13:52:50 +0100 (CET) Subject: AW: pccard (Linksys WPC11) resets constantly Message-ID: > > Maybe the cardmgr doesn't know what driver to map your wlan > card. Maybe it sees the > wlan card as anonymous memory. > > /etc/pcmcia/config > card "Anonymous Memory" > anonymous > bind "memory_cs" > > Have you copied hostap_cs.conf to /etc/pcmcia ? > Is your wlan card listed in that file? > Yes, '/etc/pcmcia/hostap_cs.conf' shows: card "Linksys WPC11 Ver 3 11Mbps WLAN Card" manfid 0x0274, 0x1613 bind "hostap_cs" When I do the insmod it says something like the following: Jan 24 21:22:49 linux kernel: cs: unable to map card memory! Jan 24 21:22:49 linux kernel: cs: unable to map card memory! Jan 24 21:22:49 linux cardmgr[3891]: socket 0: Anonymous Memory Jan 24 21:22:49 linux cardmgr[3891]: executing: 'modprobe memory_cs 2>&1' Jan 24 21:22:49 linux cardmgr[3891]: + FATAL: Module memory_cs not found. Jan 24 21:22:49 linux cardmgr[3891]: modprobe exited with status 1 From jar at pcuf.fi Thu Mar 10 08:27:37 2005 From: jar at pcuf.fi (Jar) Date: Thu, 10 Mar 2005 15:27:37 +0200 (EET) Subject: AW: pccard (Linksys WPC11) resets constantly In-Reply-To: References: Message-ID: <54273.194.157.0.2.1110461257.squirrel@netlandzone.dyndns.org> > Yes, '/etc/pcmcia/hostap_cs.conf' shows: > > card "Linksys WPC11 Ver 3 11Mbps WLAN Card" > manfid 0x0274, 0x1613 > bind "hostap_cs" > > > When I do the insmod it says something like the following: > > Jan 24 21:22:49 linux kernel: cs: unable to map card memory! > Jan 24 21:22:49 linux kernel: cs: unable to map card memory! This is maybe because the pcmcia related modules are already loaded. Do cardctl eject, kill cardmgr and unload all pcmcia related modules first. > Jan 24 21:22:49 linux cardmgr[3891]: socket 0: Anonymous Memory > Jan 24 21:22:49 linux cardmgr[3891]: executing: 'modprobe memory_cs Reason or another cardmgr try to use memory_cs instead of hostap_cs. -- Best Regards, Jar From Ram.Ramgopal at fmr.com Thu Mar 10 08:58:59 2005 From: Ram.Ramgopal at fmr.com (Ramgopal, Ram) Date: Thu, 10 Mar 2005 08:58:59 -0500 Subject: Difficulty connecting different wireless devices to host ap Message-ID: Hi, I have hostap running using WPC11 ver 3. It is operating with 802.11b in managed mode. I am able to connect IBM T41 Notebooks with built in wireless cards and ASUS Wl-107g cards. But certain devices such as ZyXel wireless phones do not detect the ESSID. I have a Nokia wireless phone that detects the ESSID but does not connect to it. What can cause this problem? How can I troubleshoot this? Any help is appreciated. Thanks, Ram -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050310/ad115f65/attachment.htm From Premke at ess-ag.de Thu Mar 10 10:08:40 2005 From: Premke at ess-ag.de (Mario Premke) Date: Thu, 10 Mar 2005 16:08:40 +0100 Subject: AW: AW: pccard (Linksys WPC11) resets constantly Message-ID: > eject, kill cardmgr and unload all pcmcia related modules first. I always start with a new booted system (kernel&fs on floppy) > > Jan 24 21:22:49 linux cardmgr[3891]: socket 0: Anonymous Memory > > Jan 24 21:22:49 linux cardmgr[3891]: executing: 'modprobe memory_cs > Reason or another cardmgr try to use memory_cs instead of hostap_cs. OK, perhabs I will update to kernel 2.4.29 ... as I have no ideas any more I assume there are some incompatibilies in the kernel pcmcia driver and the pcmcia-cs programs ?!? Mario From fromkth+hostap at fastmail.fm Thu Mar 10 10:41:38 2005 From: fromkth+hostap at fastmail.fm (Ajeet Nankani) Date: Thu, 10 Mar 2005 07:41:38 -0800 Subject: PMKSA-cache: 802.1x authentication is forced even if AP have PMKID of the STA in its PMKSA-cache Message-ID: <1110469298.1143.218019111@webmail.messagingengine.com> I have 2 Hostapd APs, and one STA with wpa_supplicant(ap_scan=1). All are prism(1.7.4) based. I am using freeradius for authentication. When i roam back to the AP, to which i athenticated, just few minutes before, I see that STA sends PMKID from its PMKSA cache in the re-association frame, and in the AP log i see a message "PMKID found from PMKSA cache", but even then it starts 802.1x authentication with STA, which it should not as AP has found PMKID in its cache, and can use that one to drive PTKs and GTKs. here are the snippets of the log of AP, ================================================ mgmt::auth authentication: STA=00:a0:c5:7f:28:db auth_alg=0 auth_transaction=1 status_code=0 wep=0 New STA wlan0: STA 00:a0:c5:7f:28:db IEEE 802.11: authentication OK (open system) wlan0: STA 00:a0:c5:7f:28:db WPA: event 0 notification authentication reply: STA=00:a0:c5:7f:28:db auth_alg=0 auth_transaction=2 resp=0 Received 30 bytes management frame MGMT (TX callback) ACK mgmt::auth cb wlan0: STA 00:a0:c5:7f:28:db IEEE 802.11: authenticated Received 80 bytes management frame MGMT mgmt::assoc_req association request: STA=00:a0:c5:7f:28:db capab_info=0x11 listen_interval=10 RSN IE: STA PMKID - hexdump(len=16): c1 9a b7 71 c2 d4 5d 04 7f eb 68 30 1d ed c8 12 wlan0: STA 00:a0:c5:7f:28:db WPA: PMKID found from PMKSA cache new AID 1 wlan0: STA 00:a0:c5:7f:28:db IEEE 802.11: association OK (aid 1) Received 36 bytes management frame MGMT (TX callback) ACK mgmt::assoc_resp cb wlan0: STA 00:a0:c5:7f:28:db IEEE 802.11: associated (aid 1, accounting session 42305BC2-00000002) wlan0: STA 00:a0:c5:7f:28:db WPA: event 1 notification wlan0: STA 00:a0:c5:7f:28:db IAPP: IAPP-ADD.request(seq=2329) wlan0: STA 00:a0:c5:7f:28:db IEEE 802.1X: start authentication IEEE 802.1X: 00:a0:c5:7f:28:db AUTH_PAE entering state INITIALIZE IEEE 802.1X: 00:a0:c5:7f:28:db AUTH_PAE entering state INITIALIZE wlan0: STA 00:a0:c5:7f:28:db WPA: start authentication WPA: 00:a0:c5:7f:28:db WPA_PTK entering state INITIALIZE WPA: 00:a0:c5:7f:28:db WPA_PTK_GROUP entering state IDLE WPA: 00:a0:c5:7f:28:db WPA_PTK entering state AUTHENTICATION WPA: 00:a0:c5:7f:28:db WPA_PTK entering state AUTHENTICATION2 Wireless event: cmd=0x8c03 len=20 IEEE 802.1X: 00:a0:c5:7f:28:db AUTH_PAE entering state DISCONNECTED wlan0: STA 00:a0:c5:7f:28:db IEEE 802.1X: unauthorizing port IEEE 802.1X: 00:a0:c5:7f:28:db BE_AUTH entering state IDLE IEEE 802.1X: 00:a0:c5:7f:28:db REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:a0:c5:7f:28:db CTRL_DIR entering state FORCE_BOTH IEEE 802.1X: 00:a0:c5:7f:28:db AUTH_PAE entering state RESTART IEEE 802.1X: station 00:a0:c5:7f:28:db - new auth session, clearing State IEEE 802.1X: Generated EAP Request-Identity for 00:a0:c5:7f:28:db (identifier 0, timeout 30) IEEE 802.1X: 00:a0:c5:7f:28:db REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:a0:c5:7f:28:db AUTH_PAE entering state CONNECTING IEEE 802.1X: 00:a0:c5:7f:28:db REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:a0:c5:7f:28:db AUTH_PAE entering state AUTHENTICATING IEEE 802.1X: 00:a0:c5:7f:28:db BE_AUTH entering state REQUEST IEEE 802.1X: Sending EAP Packet to 00:a0:c5:7f:28:db (identifier 0) IEEE 802.1X: 00:a0:c5:7f:28:db REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:a0:c5:7f:28:db REAUTH_TIMER entering state INITIALIZE Received 46 bytes management frame DATA (TX callback) ACK IEEE 802.1X: 00:a0:c5:7f:28:db TX status - version=2 type=0 length=10 - ack=1 Received 53 bytes management frame DATA IEEE 802.1X: 21 bytes from 00:a0:c5:7f:28:db IEEE 802.1X: version=2 type=0 length=17 EAP: code=2 identifier=0 length=17 (response) wlan0: STA 00:a0:c5:7f:28:db IEEE 802.1X: received EAP packet (code=2 id=0 len=17) from STA: EAP Response-Identity (1) wlan0: STA 00:a0:c5:7f:28:db IEEE 802.1X: STA identity 'example-user' IEEE 802.1X: 00:a0:c5:7f:28:db BE_AUTH entering state RESPONSE Encapsulating EAP message into a RADIUS packet ===================================================================== So what could be worng here? Any suggestions. -ajeet. From hiphin at cat-net.co.yu Thu Mar 10 13:50:32 2005 From: hiphin at cat-net.co.yu (hiphin) Date: Thu, 10 Mar 2005 19:50:32 +0100 Subject: Difficulty connecting different wireless devices to host ap References: Message-ID: <001201c525a2$09687ee0$0200a8c0@racunar02> Difficulty connecting different wireless devices to host aphostap 2.4 <-> Asus WL-330 (bios v2.04.2921) ... does connect, but it isn't stable hostap 2.6 - 3.7 <-> Asus WL-330 (bios v2.04.2921) ... best results hostap 2.6 - 3.7 <-> Asus WL-330 (bios v2.08.2923) ... won't connect !!!!! experiment width firmware or bios, asus and other are playing width standards, ... ----- Original Message ----- From: Ramgopal, Ram To: hostap at shmoo.com Sent: Thursday, March 10, 2005 2:58 PM Subject: Difficulty connecting different wireless devices to host ap Hi, I have hostap running using WPC11 ver 3. It is operating with 802.11b in managed mode. I am able to connect IBM T41 Notebooks with built in wireless cards and ASUS Wl-107g cards. But certain devices such as ZyXel wireless phones do not detect the ESSID. I have a Nokia wireless phone that detects the ESSID but does not connect to it. What can cause this problem? How can I troubleshoot this? Any help is appreciated. Thanks, Ram _______________________________________________ HostAP mailing list HostAP at shmoo.com http://lists.shmoo.com/mailman/listinfo/hostap From zen_hacker at hotmail.com Thu Mar 10 15:51:14 2005 From: zen_hacker at hotmail.com (Brian Sturgill) Date: Thu, 10 Mar 2005 20:51:14 +0000 Subject: pccard (Linksys WPC11) resets constantly (fwd) In-Reply-To: Message-ID: Try excluding IRQ 7 from your available Interrupts for PCMCIA. In Redhat, the config file is /etc/pcmcia/pcmcia.opts .. >From: mapr at mx.sybcom.de >To: hostap at shmoo.com >Subject: pccard (Linksys WPC11) resets constantly (fwd) >Date: Thu, 10 Mar 2005 11:40:27 +0100 (CET) > > >Hello, >I am running kernel 2.4.25 (i82365, N2K-card driver, etc. built into the >kernel), hostap-driver-0.3.7 and cardmgr comes from pcmcia-cs-3.2.7. This >configuration worked well with a Netgear MA401, but switching to a >Linksys WPC11 brought several problems. > >I do an insmod to load the modules 'hostap.o' and 'hostap_cs.o', >sometimes this runs without problems and I can run cardmgr and do a ram >download (prism2_srec -r wlan0 rf010409.hex). After running for a short >time the card is resetting constantly: > >NETDEV WATCHDOG: wifi0: transmit timed out >wifi0 Tx timed out! Resetting card >hostap_cs: wifi0: resetting card >Spurious 8259A interrupt: IRQ7. >NETDEV WATCHDOG: wifi0: transmit timed out >wifi0 TX timed out! Resetting card >wifi0: interrupt delivery does not seem to work >wifi0: DTIM period setting to 1 failed >NETDEV WATCHDOG: wifi0: transmit timed out >wifi0: TX timed out! Resetting card >wifi0: interrupt delivery does not seem to work >wifi0: MAC port 0 enabling failed >hostap_cs: wifi0: resetting card >hostap_cs: wifi0: resetting card >NETDEV WATCHDOG: wifi0 : transmit timed out >wifi0 Tx timed out! Resetting card >hostap_cs: wifi0: resetting card > > >As far as I can see the problems arise already when the modules are >loaded (if that could cause the above problems?), because most of the >times after insmod'ing it says: > >'unable to locate card memory' and later >'resource is temporarely not available' > >and something about not finding memory_cs [I don't need the memory_cs.o >module, do I? And if, why does it run sometimes without?] Running cardmgr >now freezes the whole computer. > >I don't do the 'modprobe' stuff, because I have very limited resources >(no hd, only ramdisk) - so it's likely a general PCMCIA instead of a >hostap* module problem. Sorry if being Off-Topic, but currently I don't >get a step forward. > > >Any hints will be appreciated > >Thanks, >Mario >_______________________________________________ >HostAP mailing list >HostAP at shmoo.com >http://lists.shmoo.com/mailman/listinfo/hostap From gentoopower at yahoo.de Thu Mar 10 16:47:55 2005 From: gentoopower at yahoo.de (Stefan) Date: Thu, 10 Mar 2005 22:47:55 +0100 Subject: access point for hostapd? In-Reply-To: <1110238071.26720.26.camel@simulacron> References: <1110238071.26720.26.camel@simulacron> Message-ID: <4230C08B.1000606@yahoo.de> Andreas Jellinghaus wrote: >Hi, > >I'm looking for some access point where I can replace >the binary only firmware with backdoords with some >self compiled linux distribution. linksys wrt54g looks >nice, but its driver does not support hostapd. > >if you have any idea of an access point, where I can >replace the software, too, but it does have a driver >that works with hostapd, then please let me know. >(or some mini pc where I can add pc cards?) > >Thanks, Andreas > > > > Checkout netgear wireless routers for some models you will find the sources to the linuxversion and apps that are running on the router here: ftp://downloads.netgear.com/files/GPL/ Unfortunately they don't ship the webconfig pages and some other tool, but basically the rest is there. From bobbyc at sonnet.com Thu Mar 10 19:50:44 2005 From: bobbyc at sonnet.com (Bobby Curnow) Date: Thu, 10 Mar 2005 16:50:44 -0800 (PST) Subject: Experiments with different firmwares when card is in Master mode. In-Reply-To: <1109339698.7882.216015398@webmail.messagingengine.com> Message-ID: <20050310165007.M83893-100000@sonnet1.sonnet.com> Did you ever get this resolved, or have to downgrade the secondary firmware to 1.7.4? Bob C On Fri, 25 Feb 2005, Ajeet Nankani wrote: > There are some differences in operation of the prism2.5 pc-card when > different firmwares are used, at least in master(Access Point) mode. > > Here are my observations, > > PC-card in master mode. > Pri 1.1.1 > Sec 1.8.0 or 1.8.3 > Authentication request from STA to Authentication Response from AP takes > around 5ms to 70ms > (Re)Association request from STA to (Re)Association response from AP > takes around 100ms to 150ms > > PC-card in master mode. > Pri 1.1.1 > Sec 1.7.4 > Authentication request from STA to Authentication Response from AP takes > around 1ms to 2ms > (Re)Association request from STA to (Re)Association response from AP > takes around 1ms to 2ms > > So I guess 1.7.4 is the all time best to use. > > Does anybody have similar or different experiences? > Does anybody know of any bug(s) with 1.7.4? > I could not find on internet that what they have changed/improved from > 1.7.4 to 1.8.x > Does anybody know about firmware change log? > Jouni, any comments on above results, questions. > > -ajeet. > _______________________________________________ > HostAP mailing list > HostAP at shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap > From ged at jubileegroup.co.uk Fri Mar 11 03:08:55 2005 From: ged at jubileegroup.co.uk (Ged Haywood) Date: Fri, 11 Mar 2005 08:08:55 +0000 (GMT) Subject: Experiments with different firmwares when card is in Master mode. In-Reply-To: <20050311005111.A7302134537@mail.iocaine.com> References: <20050311005111.A7302134537@mail.iocaine.com> Message-ID: Hi there, On Thu, 10 Mar 2005 Bobby Curnow wrote: > On Fri, 25 Feb 2005, Ajeet Nankani wrote: > > ... > > PC-card in master mode. > > ... > > Sec 1.8.0 or 1.8.3 > > Authentication request from STA to Authentication Response from AP > > takes around 5ms to 70ms (Re)Association request from STA to > > (Re)Association response from AP 1takes around 100ms to 150ms > > ... > > Sec 1.7.4 > > Authentication request from STA to Authentication Response from AP > > takes around 1ms to 2ms (Re)Association request from STA to > > (Re)Association response from AP takes around 1ms to 2ms > > ... > > Did you ever get this resolved, or have to downgrade the secondary > firmware to 1.7.4? I'm still using 1.5.6 and I'm perfectly happy with it, is there any similar information for that version? 73, Ged. From fromkth+hostap at fastmail.fm Fri Mar 11 03:57:52 2005 From: fromkth+hostap at fastmail.fm (Ajeet Nankani) Date: Fri, 11 Mar 2005 09:57:52 +0100 Subject: Experiments with different firmwares when card is in Master mode. In-Reply-To: <20050310165007.M83893-100000@sonnet1.sonnet.com> References: <20050310165007.M83893-100000@sonnet1.sonnet.com> Message-ID: <42315D90.3050203@fastmail.fm> I downgraded to 1.7.4, also i could not find change log of firmwares. -ajeet. Bobby Curnow wrote: > Did you ever get this resolved, or have to downgrade the secondary > firmware to 1.7.4? > Bob C > > On Fri, 25 Feb 2005, Ajeet Nankani wrote: > > >>There are some differences in operation of the prism2.5 pc-card when >>different firmwares are used, at least in master(Access Point) mode. >> >>Here are my observations, >> >>PC-card in master mode. >>Pri 1.1.1 >>Sec 1.8.0 or 1.8.3 >>Authentication request from STA to Authentication Response from AP takes >>around 5ms to 70ms >>(Re)Association request from STA to (Re)Association response from AP >>takes around 100ms to 150ms >> >>PC-card in master mode. >>Pri 1.1.1 >>Sec 1.7.4 >>Authentication request from STA to Authentication Response from AP takes >>around 1ms to 2ms >>(Re)Association request from STA to (Re)Association response from AP >>takes around 1ms to 2ms >> >>So I guess 1.7.4 is the all time best to use. >> >>Does anybody have similar or different experiences? >>Does anybody know of any bug(s) with 1.7.4? >>I could not find on internet that what they have changed/improved from >>1.7.4 to 1.8.x >>Does anybody know about firmware change log? >>Jouni, any comments on above results, questions. >> >>-ajeet. From mrcool at stupidgamerz.com Fri Mar 11 07:49:25 2005 From: mrcool at stupidgamerz.com (Jerry) Date: Fri, 11 Mar 2005 06:49:25 -0600 Subject: Experiments with different firmwares when card is in Mastermode. References: <20050310165007.M83893-100000@sonnet1.sonnet.com> <42315D90.3050203@fastmail.fm> Message-ID: <002701c52638$c1687680$c500a8c0@Home> Hello! I have tried most of all the flavors of firmware, and indeed, 1.7.4 seems to be the best overall, with the least problems. 1.4.9 works good as a client or AP, but does not do WPA or WDS, also a dlink WRTG AP can cause a 1.4.9 firmware radio to roam to a complete different essid if the signal from the WRTG is strong enough. This has caused me to have to physically default-reset some CB3s because someone nearby bought a WRTG. This was the only way to get them to associate back to the correct essid (and they were set correctly). 1.5.6 is pretty good firmware too. Works good as an AP, and does WDS, but not WPA. Dont know if it has the roaming issue as 1.4.9 above. 1.5.6 does preform reasonably well, and seems stable. 1.7.4 solves the roaming issue mentioned above (thanks Eje --> www.wisp-router.com). It also does WDS and WPA. The performance of the 1.7.4 radios is strong, and seems quite stable. Personally I recommend 1.7.4, but wouldnt risk changing a 1.5.6 radio to anything else. 1.8.x just doesnt work for me. Everytime i have tried to use that firmware, things just dont work, clients cant associate, etc. I DO NOT recomment 1.8.x. <--For what its worth. :) There is my 2 pence, if anyone cares... ;) Good luck Jerryf > I downgraded to 1.7.4, also i could not find change log of firmwares. > > -ajeet. > > Bobby Curnow wrote: > > Did you ever get this resolved, or have to downgrade the secondary > > firmware to 1.7.4? > > Bob C > > > > On Fri, 25 Feb 2005, Ajeet Nankani wrote: > > > > > >>There are some differences in operation of the prism2.5 pc-card when > >>different firmwares are used, at least in master(Access Point) mode. > >> > >>Here are my observations, > >> > >>PC-card in master mode. > >>Pri 1.1.1 > >>Sec 1.8.0 or 1.8.3 > >>Authentication request from STA to Authentication Response from AP takes > >>around 5ms to 70ms > >>(Re)Association request from STA to (Re)Association response from AP > >>takes around 100ms to 150ms > >> > >>PC-card in master mode. > >>Pri 1.1.1 > >>Sec 1.7.4 > >>Authentication request from STA to Authentication Response from AP takes > >>around 1ms to 2ms > >>(Re)Association request from STA to (Re)Association response from AP > >>takes around 1ms to 2ms > >> > >>So I guess 1.7.4 is the all time best to use. > >> > >>Does anybody have similar or different experiences? > >>Does anybody know of any bug(s) with 1.7.4? > >>I could not find on internet that what they have changed/improved from > >>1.7.4 to 1.8.x > >>Does anybody know about firmware change log? > >>Jouni, any comments on above results, questions. > >> > >>-ajeet. > _______________________________________________ From preining at logic.at Fri Mar 11 12:20:34 2005 From: preining at logic.at (Norbert Preining) Date: Fri, 11 Mar 2005 18:20:34 +0100 Subject: wpa_supplicant and unkown open AP Message-ID: <20050311172034.GB24969@gamma.logic.tuwien.ac.at> Hi all! How do I configure wpa_supplicant so that it automatically associates with an access point if no encryption is required, but the ap is not in the wpa_supplicant config file? Thanks a lot and all the best Norbert ------------------------------------------------------------------------------- Norbert Preining Universit? di Siena sip:preining at at43.tuwien.ac.at +43 (0) 59966-690018 gpg DSA: 0x09C5B094 fp: 14DF 2E6C 0307 BE6D AD76 A9C0 D2BF 4AA3 09C5 B094 ------------------------------------------------------------------------------- AMERSHAM (n.) The sneeze which tickles but never comes. (Thought to derive from the Metropolitan Line tube station of the same name where the rails always rattle but the train never arrives.) --- Douglas Adams, The Meaning of Liff From jkmaline at cc.hut.fi Fri Mar 11 23:19:33 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Fri, 11 Mar 2005 20:19:33 -0800 Subject: wpa_supplicant and unkown open AP In-Reply-To: <20050311172034.GB24969@gamma.logic.tuwien.ac.at> References: <20050311172034.GB24969@gamma.logic.tuwien.ac.at> Message-ID: <20050312041933.GA8317@jm.kir.nu> On Fri, Mar 11, 2005 at 06:20:34PM +0100, Norbert Preining wrote: > How do I configure wpa_supplicant so that it automatically associates > with an access point if no encryption is required, but the ap is not in > the wpa_supplicant config file? This kind of operation is not currently supported. If you would like to have it added in future versions, please file a feature request to bugzilla at http://hostap.epitest.fi/ with some reasoning on why this functionality should be added into wpa_supplicant. Another, and actually prefered, option would be to implement this yourself (e.g., by using configuration entry without SSID to indicate 'any' SSID) and send a patch to this mailing list.. ;-) -- Jouni Malinen PGP id EFC895FA From saul at tannenbaum.org Sat Mar 12 15:37:52 2005 From: saul at tannenbaum.org (Saul Tannenbaum) Date: Sat, 12 Mar 2005 15:37:52 -0500 Subject: hostapd EAPOL-Key timeouts from Macintosh clients Message-ID: <42335320.4080204@tannenbaum.org> Folks, I'm out of my depth with this problem, and hoping for some help. I've been successfully using a Netgear MA311 PCI (PRI 1.1.1, STA 1.7.4) card in my Linux box as a basic AP, using the hostap drivers. Recently, I've been trying to get hostapd 0.3.7 to work, in order to upgrade to WPA, and in preparation for replacing the MA311 802.11b card with a 802.11g card of some kind. I've gotten hostapd working fine in WPA Personal mode, and I can connect from an Windows XP client without any problems. I've been unable to get it to connect from two Macintoshes I've tried. The Macs both are running Mac OS 10.3, one with an old Airport (802.11b) card, one a newer Airport Extreme (802.11g) card. Both should support WPA Personal, according to Apple. The Macs seem always to generate the following sequence: > Mar 12 14:41:14 gateway hostapd: wlan0: STA 00:30:65:1b:69:e4 IEEE 802.11: authentication OK (open system) > Mar 12 14:41:14 gateway hostapd: wlan0: STA 00:30:65:1b:69:e4 WPA: event 0 notification > Mar 12 14:41:14 gateway hostapd: wlan0: STA 00:30:65:1b:69:e4 IEEE 802.11: authenticated > Mar 12 14:41:14 gateway hostapd: wlan0: STA 00:30:65:1b:69:e4 IEEE 802.11: association OK (aid 1) > Mar 12 14:41:14 gateway hostapd: wlan0: STA 00:30:65:1b:69:e4 IEEE 802.11: associated (aid 1, accounting session 42334552-00000000) > Mar 12 14:41:14 gateway hostapd: wlan0: STA 00:30:65:1b:69:e4 WPA: event 1 notification > Mar 12 14:41:14 gateway hostapd: wlan0: STA 00:30:65:1b:69:e4 WPA: start authentication > Mar 12 14:41:14 gateway hostapd: wlan0: STA 00:30:65:1b:69:e4 IEEE 802.1X: unauthorizing port > Mar 12 14:41:14 gateway hostapd: wlan0: STA 00:30:65:1b:69:e4 WPA: sending 1/4 msg of 4-Way Handshake > Mar 12 14:41:15 gateway hostapd: wlan0: STA 00:30:65:1b:69:e4 WPA: EAPOL-Key timeout > Mar 12 14:41:15 gateway hostapd: wlan0: STA 00:30:65:1b:69:e4 WPA: sending 1/4 msg of 4-Way Handshake > Mar 12 14:41:16 gateway hostapd: wlan0: STA 00:30:65:1b:69:e4 WPA: EAPOL-Key timeout > Mar 12 14:41:16 gateway hostapd: wlan0: STA 00:30:65:1b:69:e4 WPA: sending 1/4 msg of 4-Way Handshake > Mar 12 14:41:17 gateway hostapd: wlan0: STA 00:30:65:1b:69:e4 WPA: EAPOL-Key timeout > Mar 12 14:41:17 gateway hostapd: wlan0: STA 00:30:65:1b:69:e4 WPA: sending 1/4 msg of 4-Way Handshake > Mar 12 14:41:17 gateway hostapd: wlan0: STA 00:30:65:1b:69:e4 IEEE 802.1X: unauthorizing port > Mar 12 14:41:17 gateway hostapd: wlan0: STA 00:30:65:1b:69:e4 IEEE 802.11: deauthenticated due to local deauth request My hostapd.conf file is attached, with passphrase deleted. Any help would be appreciated. Thanks in advance. - Saul -- Saul Tannenbaum Home: saul at tannenbaum.org Work: Saul.Tannenbaum at tufts.edu -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: hostapd.conf Url: http://lists.shmoo.com/pipermail/hostap/attachments/20050312/756bc593/attachment.txt From jkmaline at cc.hut.fi Sat Mar 12 15:51:35 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sat, 12 Mar 2005 12:51:35 -0800 Subject: hostapd EAPOL-Key timeouts from Macintosh clients In-Reply-To: <42335320.4080204@tannenbaum.org> References: <42335320.4080204@tannenbaum.org> Message-ID: <20050312205135.GF8317@jm.kir.nu> On Sat, Mar 12, 2005 at 03:37:52PM -0500, Saul Tannenbaum wrote: > I've gotten hostapd working fine in WPA Personal mode, > and I can connect from an Windows XP client without > any problems. > > I've been unable to get it to connect from two > Macintoshes I've tried. The Macs both are running > Mac OS 10.3, one with an old Airport (802.11b) > card, one a newer Airport Extreme (802.11g) card. I have not tested the current hostapd version with Mac OS 10.3 clients. Could you please first test what happens if you enable only TKIP as a pairwise cipher ("wpa_pairwise=TKIP")? If that does not help, I would suggest testing a change in hostap/ieee802_1x.h to use EAPOL version 1 (i.e., change '2' to '1' on "#define EAPOL_VERSION 2" line). -- Jouni Malinen PGP id EFC895FA From saul at tannenbaum.org Sat Mar 12 16:36:52 2005 From: saul at tannenbaum.org (Saul Tannenbaum) Date: Sat, 12 Mar 2005 16:36:52 -0500 Subject: hostapd EAPOL-Key timeouts from Macintosh clients In-Reply-To: <20050312205135.GF8317@jm.kir.nu> References: <42335320.4080204@tannenbaum.org> <20050312205135.GF8317@jm.kir.nu> Message-ID: <423360F4.4000108@tannenbaum.org> Jouni Malinen wrote: > On Sat, Mar 12, 2005 at 03:37:52PM -0500, Saul Tannenbaum wrote: > > >>I've gotten hostapd working fine in WPA Personal mode, >>and I can connect from an Windows XP client without >>any problems. >> >>I've been unable to get it to connect from two >>Macintoshes I've tried. The Macs both are running >>Mac OS 10.3, one with an old Airport (802.11b) >>card, one a newer Airport Extreme (802.11g) card. > > > I have not tested the current hostapd version with Mac OS 10.3 clients. > Could you please first test what happens if you enable only TKIP as a > pairwise cipher ("wpa_pairwise=TKIP")? That didn't help. > If that does not help, I would > suggest testing a change in hostap/ieee802_1x.h to use EAPOL version 1 > (i.e., change '2' to '1' on "#define EAPOL_VERSION 2" line). But that did. Both Macs and the XP box are now working fine. Out of curiosity, is this considered a Mac bug for not working with EAPOL version 2 correctly, or a hostapd bug, for not failing back to version 1 if version 2 fails? Or a gray area, where it's just up for grabs? Thanks, both for the software and the help. - Saul -- Saul Tannenbaum Home: saul at tannenbaum.org Work: Saul.Tannenbaum at tufts.edu From jkmaline at cc.hut.fi Sat Mar 12 16:50:29 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sat, 12 Mar 2005 13:50:29 -0800 Subject: hostapd EAPOL-Key timeouts from Macintosh clients In-Reply-To: <423360F4.4000108@tannenbaum.org> References: <42335320.4080204@tannenbaum.org> <20050312205135.GF8317@jm.kir.nu> <423360F4.4000108@tannenbaum.org> Message-ID: <20050312215029.GG8317@jm.kir.nu> On Sat, Mar 12, 2005 at 04:36:52PM -0500, Saul Tannenbaum wrote: > >If that does not help, I would > >suggest testing a change in hostap/ieee802_1x.h to use EAPOL version 1 > >(i.e., change '2' to '1' on "#define EAPOL_VERSION 2" line). > > But that did. Both Macs and the XP box are now working fine. > > Out of curiosity, is this considered a Mac bug for not > working with EAPOL version 2 correctly, or a hostapd > bug, for not failing back to version 1 if version 2 > fails? Or a gray area, where it's just up for grabs? It's a quite common bug in IEEE 802.1X/WPA supplicants to not process new EAPOL versions correctly. In other words, it is a bug in the Mac supplicant in this case. -- Jouni Malinen PGP id EFC895FA From ged at jubileegroup.co.uk Sat Mar 12 17:41:42 2005 From: ged at jubileegroup.co.uk (Ged Haywood) Date: Sat, 12 Mar 2005 22:41:42 +0000 (GMT) Subject: Experiments with different firmwares when card is in Mastermode. [OT] In-Reply-To: <20050312203858.E6AF8134564@mail.iocaine.com> References: <20050312203858.E6AF8134564@mail.iocaine.com> Message-ID: Hi Jerry, On Sat, 12 Mar 2005 Jerry wrote: > I have tried most of all the flavors of firmware, and indeed, 1.7.4 > seems to be the best overall, with the least problems. > ... > 1.7.4 radios is strong, and seems quite stable. Personally I recommend > 1.7.4, but wouldnt risk changing a 1.5.6 radio to anything else. > ... > There is my 2 pence, if anyone cares... ;) I care. :) Thanks Jerry, that's very useful. I want to try 1.7.4 sometime, probably next time I put a new installation together. I've heard that some people have noticed better ranges are achievable with some firmwares than with others. Have you any experiences like that? 73, Ged. From hareesh.khattri at ndsu.edu Sat Mar 12 21:24:39 2005 From: hareesh.khattri at ndsu.edu (hareesh.khattri at ndsu.edu) Date: Sat, 12 Mar 2005 20:24:39 -0600 (CST) Subject: Hostap with uclinux: 2511 MP + mini pci card not working. Message-ID: <2106.134.129.123.7.1110680679.squirrel@webmail.ndsu.nodak.edu> Hi I am using uclinux kernel on a IXP425 platform with 2511 MP + prism card. The pci utilities detect the card and the hostap driver is loaded and runing. But I don't get any wireless interface(wlan0). Also the hostap_pci module is unused. Any ideas on how to resolve the issue. # lsmod Module Size Used by Tainted: P hostap_pci 46820 0 (unused) hostap 81756 0 [hostap_pci] hostap_crypt_wep 2964 0 (unused) hostap_crypt 1144 0 [hostap hostap_crypt_wep] ixp425_eth 16780 1 ixp400 5243776 0 [ixp425_eth] # lspci 00:00.0 Class 0b40: 8086:8500 (rev 01) 00:02.0 Class 0280: 1260:3873 (rev 01) # ifconfig ixp0 Link encap:Ethernet HWaddr 00:02:B3:01:01:01 inet addr:134.129.123.244 Bcast:134.129.123.255 Mask:255.255.255.0 UP BROADCAST NOTRAILERS RUNNING MTU:1500 Metric:1 RX packets:16 errors:0 dropped:0 overruns:0 frame:0 TX packets:10 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:256 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 # iwconfig lo no wireless extensions. ixp0 no wireless extensions. From 5530570 at qq.com Mon Mar 14 00:22:00 2005 From: 5530570 at qq.com (5530570) Date: Mon, 14 Mar 2005 13:22:00 +0800 (CST) Subject: Help: About the EAPOL-START handling in WPA-PSK Message-ID: <1D949685868142.12484@qs4> An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050314/da2d4a99/attachment.htm From snillux at yahoo.com Mon Mar 14 03:36:16 2005 From: snillux at yahoo.com (sunny snell) Date: Mon, 14 Mar 2005 00:36:16 -0800 (PST) Subject: Is this hostap or some other problem?? Message-ID: <20050314083616.28294.qmail@web52408.mail.yahoo.com> Hello group, I have hostap running on my fedora core 2 kernel. I am doing this test as a part of my project which does not seem to work. Setting: My laptop has hostap running. A client associates with my AP. I can verify its mac-address in the /proc/net/hostap/wlan0 directory. I have supplied a static IP to my wlan0 interface. The client also has a static IP. Somehow the client cannot ping the AP. I ran ethereal both on my machine and the clients to check, but each of them just report an echo request being sent but no response. I would be glad to provide any further information. Thanks in advance for any help/pointers on this. Thanks, Sachin --------------------------------- Do you Yahoo!? Yahoo! Small Business - Try our new resources site! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050314/79177b6d/attachment.htm From justvio at rocketmail.com Mon Mar 14 07:22:17 2005 From: justvio at rocketmail.com (Violet Bugeja) Date: Mon, 14 Mar 2005 04:22:17 -0800 (PST) Subject: 802.11 MAC headers Message-ID: <20050314122218.71783.qmail@web40907.mail.yahoo.com> Hi, I have a Prism 2.5 card set to Master mode, and I'm trying to analyze the packets received by the network card. I am running Ethereal and the headers of the packets I'm receiving are Ethernet packets. When I set the card to monitor mode and run Ethereal again, the headers of the packets are IEEE 802.11. Is there any way I can get the IEEE 802.11 MAC header when the card is in Master mode, becuase I want this computer set as an Access Point and at the same time I need to analyze the packets coming in? __________________________________ Do you Yahoo!? Make Yahoo! your home page http://www.yahoo.com/r/hs From bramandia at softhome.net Mon Mar 14 08:09:10 2005 From: bramandia at softhome.net (Bramandia Ramadhana) Date: Mon, 14 Mar 2005 21:09:10 +0800 Subject: Disable backoff Message-ID: <000901c52897$0a7268d0$093614ac@wolverine> Hi all, Is it possible to force the driver to immediately send packet to the channel without adding some backoff? Anybody knows how to do it? Thank you, Regards, Bramandia R. From hostap at cos.user.lysator.liu.se Sun Mar 13 08:19:43 2005 From: hostap at cos.user.lysator.liu.se (Martin Samuelsson) Date: Sun, 13 Mar 2005 14:19:43 +0100 Subject: wpa_supplicant and unkown open AP In-Reply-To: <20050311172034.GB24969@gamma.logic.tuwien.ac.at> References: <20050311172034.GB24969@gamma.logic.tuwien.ac.at> Message-ID: <20050313131933.GD28644@ch.lugn.nu> On Fri, Mar 11, 2005 at 06:20:34PM +0100, Norbert Preining wrote: > Hi all! Cheers, > How do I configure wpa_supplicant so that it automatically associates > with an access point if no encryption is required, but the ap is not in > the wpa_supplicant config file? > > Thanks a lot and all the best I'm afraid I don't think it's possible. :( But please prove me wrong. Anyone? As a matter of fact I reported this feature lack as a wishlist bug to the debian bug tracking system when migrating from waproamd to wpasupplicant. Please see http://bugs.debian.org/287220 for that report. Unless I'm wrong and wpasupplicant indeed already supports connecting to unlisted networks my opinion is that adding the special case to connect to anything when ssid="any" would be the clean and natural thing to do. -- /Martin From pkoelle at gmail.com Thu Mar 17 23:33:39 2005 From: pkoelle at gmail.com (pkoelle) Date: Fri, 18 Mar 2005 05:33:39 +0100 Subject: Disable backoff In-Reply-To: <000901c52897$0a7268d0$093614ac@wolverine> References: <000901c52897$0a7268d0$093614ac@wolverine> Message-ID: <423A5A23.6010400@subsignal.org> Bramandia Ramadhana wrote: > Hi all, > > Is it possible to force the driver to immediately send packet to the > channel without adding some backoff? Maybe, but it might violate the spec and you will destroy bandwith arbitration in the cell. Sorry but I can't think of a valid scenario but cheating here... hth Paul From thirumalai at mistralsoftware.com Tue Mar 15 03:39:50 2005 From: thirumalai at mistralsoftware.com (Thirumalai T. Bhattar) Date: 15 Mar 2005 14:09:50 +0530 Subject: Useful link for searching HostAP mailing list Message-ID: <1110875989.5265.71.camel@Thirumalai> Hi, I was struggling to search the HostAP mailing list (the current/new one) and so created a freefind link for it. One can use the link http://search.freefind.com/find.html?id=39363193 to search for stuff available at the mailing list (in the URL http://sisyphus.iocaine.com/pipermail/hostap/ ) The site index will be built daily (if possible, as per freefind) and so we can hope of getting the latest info in the search results. May be we can add this link to the 'Host AP related links' or in the main HostAP site, so that it is useful for everybody. With regards, Thirumalai T. Bhattar From roby at netrotter.net Tue Mar 15 04:23:31 2005 From: roby at netrotter.net (roby) Date: Tue, 15 Mar 2005 10:23:31 +0100 Subject: WPA TKIP and 802.1x/EAP-TLS Message-ID: <20050315092331.28708.qmail@webmaildomini.aruba.it> Hi, i'm building a small wireless network. I'm using a Server Radius, for 802.1x authentication with EAP-TLS. I used a commercial Access point and it works fine with WPA-TKIP and 802.1x. Problems born when i try to use a linux box with a Intersil Prism II PCI, with hostap driver and hostpad. It works fine with WEP, but when i try to use WPA-TKIP the station are authenticated whit 802.1x but just after that 802.11 dissaciate the stations. I'm using standard WinXP supplicant. Anybody can help me? How can I set hostapd? Does hostapd work fine only with his hoatp-supplicant? Thanks for your help Roby From g.hecker at et.bocholt.fh-ge.de Tue Mar 15 04:35:46 2005 From: g.hecker at et.bocholt.fh-ge.de (Gordon Hecker) Date: Tue, 15 Mar 2005 10:35:46 +0100 Subject: [patch] usage of tail in toplevel Makefile Message-ID: <4236AC72.50506@et.bocholt.fh-ge.de> Hi, in the version of 'tail' I am using the 'tail -1' syntax is considered obsolete (tail (coreutils) 5.2.1). The attached patch changes 'tail -1' to 'tail -n 1'. Gordon -------------- next part -------------- A non-text attachment was scrubbed... Name: Makefile-tail.patch Type: text/x-patch Size: 694 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050315/40d18ee6/attachment.bin From hostap at cos.user.lysator.liu.se Tue Mar 15 05:02:32 2005 From: hostap at cos.user.lysator.liu.se (Martin Samuelsson) Date: Tue, 15 Mar 2005 11:02:32 +0100 Subject: Simple wpa_supplicant question Message-ID: <20050315100230.GB22384@ch.lugn.nu> Dear list, I have been using wpa_supplicant for a while now, since waproamd got orphaned by it's author. Until recently it has been working perfectly because all networks encountered have been open and thus not needed key configuration. However now I'm daily using a network with a WEP key and can't get it to work for me. Could anyone please give me a hint? I've read all the documentation and the configuration provided in the Debian package, but not fully understood it. Doing things'n'stuff manually works. I.e. giving a command like the following brings the interface up. iwconfig eth0 essid helllo key s:world ap 00:02:2D:61:4F:32 ? A simple case like this brings me to believe that I should go for a config looking something like what's included below: network={ ssid="helllo" bssid=00:02:2D:61:4F:32 key_mgmt=NONE wep_key0="world" wep_tx_keyidx=0 priority=1000 } However when trying to use the software now I get the following output: (The exclamation marks are what I feel look like bad lines) Setting scan request: 0 sec 0 usec Starting AP scan (broadcast SSID) EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Scan timeout - try to get results Received 748 bytes of scan results (4 BSSes) Scan results: 4 Selecting BSS from priority group 1000 0: 00:02:2d:61:4f:13 ssid='helllo' wpa_ie_len=0 rsn_ie_len=0 skip - no WPA/RSN IE 1: 00:02:2d:61:4f:32 ssid='helllo' wpa_ie_len=0 rsn_ie_len=0 skip - no WPA/RSN IE 2: 00:07:40:9f:14:71 ssid='helllo' wpa_ie_len=0 rsn_ie_len=0 skip - no WPA/RSN IE 3: 00:80:5a:22:ae:a2 ssid='OTHER' wpa_ie_len=0 rsn_ie_len=0 skip - no WPA/RSN IE selected non-WPA AP 00:02:2d:61:4f:32 ssid='helllo' Trying to associate with 00:02:2d:61:4f:32 (SSID='helllo' freq=0 MHz) Cancelling scan request Automatic auth_alg selection: 0x1 wpa_driver_ipw_set_auth_alg: auth_alg=0x1 No keys have been configured - skip key clearing wpa_driver_ipw_set_key: alg=WEP key_idx=0 set_tx=1 seq_len=0 key_len=5 wpa_driver_ipw_set_drop_unencrypted: enabled=1 wpa_driver_ipw_set_wpa: enabled=0 ! ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported ! ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported Setting authentication timeout: 5 sec 0 usec EAPOL: External notification - portControl=ForceAuthorized EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Wireless event: cmd=0x8b1a len=19 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 ! Authentication with 00:00:00:00:00:00 timed out. wpa_driver_ipw_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=1 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=2 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0 EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 Setting scan request: 0 sec 0 usec EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Starting AP scan (specific SSID) Scan SSID - hexdump_ascii(len=6): 73 65 63 72 65 74 secret ! ioctl[SIOCSIWSCAN{,EXT}]: Operation not supported Failed to initiate AP scan. Setting scan request: 10 sec 0 usec Is there something I've missed in my configuration or doesn't wpa_supplicant work with WEP encrypted networks and the ipw2100? Any help appreciated. I'm running Debian/Sarge with wpasupplicant 0.3.8-1, which should also be the latest upstream release, right? -- /Martin [1] The network identifying data has been changed to protect the innocent, but they are all ascii and their lengths match. (The HW addresses however are real) From dennis at kaarsemaker.net Tue Mar 15 15:01:52 2005 From: dennis at kaarsemaker.net (Dennis Kaarsemaker) Date: Tue, 15 Mar 2005 21:01:52 +0100 Subject: Madwifi - wpa_supplicant problem Message-ID: <1110916912.15307.4.camel@localhost.localdomain> Hello, When trying to get wpa_supplicant to work with an atheros chip, I noticed that sometimes the mac address of the accesspoint gets set to FF:FF:FF:FF:FF:FF and later the actual mac address and after that again to FF:FF:FF:FF:FF:FF and so on... A detailed log of wpa_supplicant can be found at http://pastebin.kaarsemaker.net/10 Can anybody tell me what I did wrong? The configfile is correct, I use the same config on another machine (ndiswrapper driver). -- Dennis K. And that's the way the cookie crumbles! From hareesh.khattri at ndsu.edu Tue Mar 15 16:52:45 2005 From: hareesh.khattri at ndsu.edu (hareesh.khattri at ndsu.edu) Date: Tue, 15 Mar 2005 15:52:45 -0600 (CST) Subject: Problem connecting Hostapd to external Radius server Message-ID: <36198.134.129.123.210.1110923565.squirrel@webmail.ndsu.nodak.edu> Hi I have the hostap driver and hostapd running on an IXP-425 platform with the 2.4.24-uc0 linux kernel. I want to configure it as the access point with the integrated EAP PAE running on the platform and the FREEradius server running on a computer with redhat9 OS with 2.4.20-8 kernel. I have the radius server running. It is connected to the platform with a wired ethernet interface eth0, and a minicom modem serial connection. When I set the hostapd.conf file to connect to the radius server it tries to do so with the wlan0 interface ( which is not connected to the wired interface). When I change the interface in the configuration to eth0 the hostapd doesn't start as the eth0 interface doesn't have the hostap driver running.?? Could someone please point to me as to how to configure a wired connection to the external Radius server with the hostapd.My hostapd configuration when using integrated Radius of hostapd. interface=wlan0 logger_syslog=-1 logger_syslog_level=2 logger_stdout=-1 logger_stdout_level=2 debug=2 dump_file=/tmp/hostapd.dump ctrl_interface_group=0 ssid=test macaddr_acl=0 accept_mac_file=/etc/hostapd.accept deny_mac_file=/etc/hostapd.deny auth_algs=3 ieee8021x=1 eap_authenticator=1 eap_user_file=/etc/hostapd.eap_user private_key_passwd=secret passphrase Another problem I am having is that when the supplicant (laptop station ) tries to connect to with the hostap access point I get the following output and the hostapd can't complete the 802.1x authentication. # ./hostapd /etc/hostapd.conf Configuration file: /etc/hostapd.conf Opening raw packet socket for ifindex 6 Using interface wlan0 with hwaddr 00:02:6f:37:26:b6 and ssid 'test' Flushing old station entries Deauthenticate all stations Wireless event: cmd=0x8c04 len=20 Received 30 bytes management frame MGMT mgmt::auth authentication: STA=00:0d:88:70:78:ec auth_alg=0 auth_transaction=1 status_code0 New STA authentication reply: STA=00:0d:88:70:78:ec auth_alg=0 auth_transaction=2 resp=0Received 30 bytes management frame MGMT (TX callback) ACK mgmt::auth cb wlan0: STA 00:0d:88:70:78:ec IEEE 802.11: authenticated Received 40 bytes management frame MGMT mgmt::assoc_req association request: STA=00:0d:88:70:78:ec capab_info=0x01 listen_interval=10 new AID 1 Received 36 bytes management frame MGMT (TX callback) ACK mgmt::assoc_resp cb wlan0: STA 00:0d:88:70:78:ec IEEE 802.11: associated (aid 1, accounting session)EAP: State machine created IEEE 802.1X: 00:0d:88:70:78:ec AUTH_PAE entering state INITIALIZE IEEE 802.1X: 00:0d:88:70:78:ec AUTH_PAE entering state INITIALIZE Wireless event: cmd=0x8c03 len=20 IEEE 802.1X: 00:0d:88:70:78:ec AUTH_PAE entering state DISCONNECTED IEEE 802.1X: 00:0d:88:70:78:ec BE_AUTH entering state IDLE IEEE 802.1X: 00:0d:88:70:78:ec REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:0d:88:70:78:ec CTRL_DIR entering state FORCE_BOTH IEEE 802.1X: 00:0d:88:70:78:ec AUTH_PAE entering state RESTART IEEE 802.1X: Integrated EAP Authenticator in use - do not generate EAP-Request/yIEEE 802.1X: 00:0d:88:70:78:ec REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:0d:88:70:78:ec REAUTH_TIMER entering state INITIALIZE EAP: EAP entering state INITIALIZE EAP: EAP entering state SELECT_ACTION EAP: getDecision: no identity known yet -> CONTINUE EAP: EAP entering state PROPOSE_METHOD EAP: getNextMethod: type 1 EAP: EAP entering state METHOD_REQUEST EAP: building EAP-Request: Identifier 103 EAP: EAP entering state SEND_REQUEST EAP: eapReqData -> EAPOL - hexdump(len=5): 01 67 00 05 01 EAP: EAP entering state IDLE IEEE 802.1X: 00:0d:88:70:78:ec AUTH_PAE entering state CONNECTING IEEE 802.1X: 00:0d:88:70:78:ec REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:0d:88:70:78:ec AUTH_PAE entering state AUTHENTICATING IEEE 802.1X: 00:0d:88:70:78:ec BE_AUTH entering state REQUEST IEEE 802.1X: Sending EAP Packet to 00:0d:88:70:78:ec (identifier 103) IEEE 802.1X: 00:0d:88:70:78:ec REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:0d:88:70:78:ec REAUTH_TIMER entering state INITIALIZE Received 41 bytes management frame DATA (TX callback) ACK IEEE 802.1X: 00:0d:88:70:78:ec TX status - version=2 type=0 length=5 - ack=1 IEEE 802.1X: 00:0d:88:70:78:ec REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:0d:88:70:78:ec REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:0d:88:70:78:ec REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:0d:88:70:78:ec REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:0d:88:70:78:ec REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:0d:88:70:78:ec REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:0d:88:70:78:ec REAUTH_TIMER entering state INITIALIZE Thanks Hareesh Khattri From fromkth+hostap at fastmail.fm Wed Mar 16 04:53:41 2005 From: fromkth+hostap at fastmail.fm (Ajeet Nankani) Date: Wed, 16 Mar 2005 10:53:41 +0100 Subject: PMKSA-cache: 802.1x authentication is forced even if AP have PMKID of the STA in its PMKSA-cache Message-ID: <42380225.70706@fastmail.fm> I mailed this a week back, but still have not got answer, so mailing it again. Jouni can you look into this. I have 2 Hostapd APs, and one STA with wpa_supplicant(ap_scan=1). All are prism(1.7.4) based. I am using freeradius for authentication. When i roam back to the AP, to which i athenticated, just few minutes before, I see that STA sends PMKID from its PMKSA cache in the re-association frame, and in the AP log i see a message "PMKID found from PMKSA cache", but even then it starts 802.1x authentication with STA, which it should not, as AP has found PMKID in its cache, and can use that one to drive PTKs and GTKs. here are the snippets of the log of AP, ================================================ mgmt::auth authentication: STA=00:a0:c5:7f:28:db auth_alg=0 auth_transaction=1 status_code=0 wep=0 New STA wlan0: STA 00:a0:c5:7f:28:db IEEE 802.11: authentication OK (open system) wlan0: STA 00:a0:c5:7f:28:db WPA: event 0 notification authentication reply: STA=00:a0:c5:7f:28:db auth_alg=0 auth_transaction=2 resp=0 Received 30 bytes management frame MGMT (TX callback) ACK mgmt::auth cb wlan0: STA 00:a0:c5:7f:28:db IEEE 802.11: authenticated Received 80 bytes management frame MGMT mgmt::assoc_req association request: STA=00:a0:c5:7f:28:db capab_info=0x11 listen_interval=10 RSN IE: STA PMKID - hexdump(len=16): c1 9a b7 71 c2 d4 5d 04 7f eb 68 30 1d ed c8 12 wlan0: STA 00:a0:c5:7f:28:db WPA: PMKID found from PMKSA cache new AID 1 wlan0: STA 00:a0:c5:7f:28:db IEEE 802.11: association OK (aid 1) Received 36 bytes management frame MGMT (TX callback) ACK mgmt::assoc_resp cb wlan0: STA 00:a0:c5:7f:28:db IEEE 802.11: associated (aid 1, accounting session 42305BC2-00000002) wlan0: STA 00:a0:c5:7f:28:db WPA: event 1 notification wlan0: STA 00:a0:c5:7f:28:db IAPP: IAPP-ADD.request(seq=2329) wlan0: STA 00:a0:c5:7f:28:db IEEE 802.1X: start authentication IEEE 802.1X: 00:a0:c5:7f:28:db AUTH_PAE entering state INITIALIZE IEEE 802.1X: 00:a0:c5:7f:28:db AUTH_PAE entering state INITIALIZE wlan0: STA 00:a0:c5:7f:28:db WPA: start authentication WPA: 00:a0:c5:7f:28:db WPA_PTK entering state INITIALIZE WPA: 00:a0:c5:7f:28:db WPA_PTK_GROUP entering state IDLE WPA: 00:a0:c5:7f:28:db WPA_PTK entering state AUTHENTICATION WPA: 00:a0:c5:7f:28:db WPA_PTK entering state AUTHENTICATION2 Wireless event: cmd=0x8c03 len=20 IEEE 802.1X: 00:a0:c5:7f:28:db AUTH_PAE entering state DISCONNECTED wlan0: STA 00:a0:c5:7f:28:db IEEE 802.1X: unauthorizing port IEEE 802.1X: 00:a0:c5:7f:28:db BE_AUTH entering state IDLE IEEE 802.1X: 00:a0:c5:7f:28:db REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:a0:c5:7f:28:db CTRL_DIR entering state FORCE_BOTH IEEE 802.1X: 00:a0:c5:7f:28:db AUTH_PAE entering state RESTART IEEE 802.1X: station 00:a0:c5:7f:28:db - new auth session, clearing State IEEE 802.1X: Generated EAP Request-Identity for 00:a0:c5:7f:28:db (identifier 0, timeout 30) IEEE 802.1X: 00:a0:c5:7f:28:db REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:a0:c5:7f:28:db AUTH_PAE entering state CONNECTING IEEE 802.1X: 00:a0:c5:7f:28:db REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:a0:c5:7f:28:db AUTH_PAE entering state AUTHENTICATING IEEE 802.1X: 00:a0:c5:7f:28:db BE_AUTH entering state REQUEST IEEE 802.1X: Sending EAP Packet to 00:a0:c5:7f:28:db (identifier 0) IEEE 802.1X: 00:a0:c5:7f:28:db REAUTH_TIMER entering state INITIALIZE IEEE 802.1X: 00:a0:c5:7f:28:db REAUTH_TIMER entering state INITIALIZE Received 46 bytes management frame DATA (TX callback) ACK IEEE 802.1X: 00:a0:c5:7f:28:db TX status - version=2 type=0 length=10 - ack=1 Received 53 bytes management frame DATA IEEE 802.1X: 21 bytes from 00:a0:c5:7f:28:db IEEE 802.1X: version=2 type=0 length=17 EAP: code=2 identifier=0 length=17 (response) wlan0: STA 00:a0:c5:7f:28:db IEEE 802.1X: received EAP packet (code=2 id=0 len=17) from STA: EAP Response-Identity (1) wlan0: STA 00:a0:c5:7f:28:db IEEE 802.1X: STA identity 'example-user' IEEE 802.1X: 00:a0:c5:7f:28:db BE_AUTH entering state RESPONSE Encapsulating EAP message into a RADIUS packet ........ ===================================================================== So what could be worng here? Any suggestions. -ajeet. From fromkth+hostap at fastmail.fm Wed Mar 16 05:16:50 2005 From: fromkth+hostap at fastmail.fm (Ajeet Nankani) Date: Wed, 16 Mar 2005 11:16:50 +0100 Subject: Problem connecting Hostapd to external Radius server In-Reply-To: <36198.134.129.123.210.1110923565.squirrel@webmail.ndsu.nodak.edu> References: <36198.134.129.123.210.1110923565.squirrel@webmail.ndsu.nodak.edu> Message-ID: <42380792.1010102@fastmail.fm> hareesh.khattri at ndsu.edu wrote: > > Could someone please point to me as to how to configure a wired > connection to the external Radius server with the hostapd.My hostapd > configuration when using integrated Radius of hostapd. > I did not get you, do you want to use external free-radius or the integrated radius in hostadp? atleast in the former case your configuration file is not correct. Atleast for me it was little bit confusing also in the begning, this eap_authenticator and then using this integrated eap_authenticator as a radius for other APs in DS. To make it more clear, I suggest Jouni to make a separate section in hostapd.conf file for this integrated radius server and name the section as INTEGRATED RADIUS SERVER, in which we move following options. eap_authenticator ca_cert=/etc/hostapd.ca.pem server_cert=/etc/hostapd.server.pem private_key=/etc/hostapd.server.prv private_key_passwd=secret passphrase eap_sim_db=/etc/hostapd.sim_db and if possible rename eap_authenticator as "integrated_radius_server" Any comments? -ajeet. From thirumalai at mistralsoftware.com Wed Mar 16 06:22:06 2005 From: thirumalai at mistralsoftware.com (Thirumalai T. Bhattar) Date: 16 Mar 2005 16:52:06 +0530 Subject: Useful link for searching HostAP mailing list In-Reply-To: <1110875989.5265.71.camel@Thirumalai> References: <1110875989.5265.71.camel@Thirumalai> Message-ID: <1110972126.5265.214.camel@Thirumalai> I have changed the site that should be searched & indexed to http://lists.shmoo.com/pipermail/hostap/ , which seems to be latest when compared to http://sisyphus.iocaine.com/pipermail/hostap/. The link for searching HostAP mailing list remains same as http://search.freefind.com/find.html?id=39363193 Thiru T On Tue, 2005-03-15 at 14:09, Thirumalai T. Bhattar wrote: > Hi, > > I was struggling to search the HostAP mailing list (the current/new one) > and so created a freefind link for it. > > One can use the link > > http://search.freefind.com/find.html?id=39363193 > > to search for stuff available at the mailing list (in the URL > http://sisyphus.iocaine.com/pipermail/hostap/ ) > > The site index will be built daily (if possible, as per freefind) and so > we can hope of getting the latest info in the search results. > > May be we can add this link to the 'Host AP related links' or in the > main HostAP site, so that it is useful for everybody. > > With regards, > Thirumalai T. Bhattar > > > _______________________________________________ > HostAP mailing list > HostAP at shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap > From manojkn at noida.hcltech.com Wed Mar 16 08:18:55 2005 From: manojkn at noida.hcltech.com (Manoj Kundwani, Noida) Date: Wed, 16 Mar 2005 18:48:55 +0530 Subject: Wpa_supplicant in WEP mode Message-ID: <267988DEACEC5A4D86D5FCD780313FBB05BD08C6@exch-03.noida.hcltech.com> Hi List, I am using wpa supplicant in WEP mode . The configuration file in /etc/wpa_supplicant file is Network { ssid="myDemo" Key_mgmt=NONE Wep_key0="abcde12345" Wep_tx_keyidx=0 } Now when I am running wpa_supplicant ,then I get these messages.... Scan result translation succeeded (length=0) Scan result translation succeeded (length=0) Scan result translation succeeded (length=0) Scan result translation succeeded (length=0) prism2: wlan0: operating mode changed 3 -> 2 wifi0: LinkStatus=2 (Disconnected) wifi0: LinkStatus: BSSID=44:44:44:44:44:44 wlan0: Trying to join BSSID 00:0f:34:89:29:ad wifi0: LinkStatus=6 (Association failed) wifi0: LinkStatus: BSSID=44:44:44:44:44:44 wlan0: updating basic rate set automatically to match with the new supported rate set wifi0: LinkStatus=2 (Disconnected) wifi0: LinkStatus: BSSID=44:44:44:44:44:44 wifi0: wifi0: LinkStatus: BSSID=44:44:44:44:44:44 wlan0: Trying to join BSSID 00:0f:34:89:29:8d wifi0: LinkStatus=6 (Association failed) wifi0: LinkStatus: BSSID=44:44:44:44:44:44 Can plz anyone give some pointers on it. And also what changes should I make in /etc/pcmcia/wireless.opts Thanks & Best Regards , manoj Disclaimer: This message and any attachment(s) contained here are information that is confidential,proprietary to HCL Technologies and its customers, privileged or otherwise protected by law.The information is solely intended for the individual or the entity it is addressed to. If you are not the intended recipient of this message, you are not authorized to read, forward, print,retain, copy or disseminate this message or any part of it. If you have received this e-mail in error, please notify the sender immediately by return e-mail and delete it from your computer. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050316/28f1729b/attachment.htm From jkmaline at cc.hut.fi Wed Mar 16 13:16:58 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Wed, 16 Mar 2005 10:16:58 -0800 Subject: Problem connecting Hostapd to external Radius server In-Reply-To: <42380792.1010102@fastmail.fm> References: <36198.134.129.123.210.1110923565.squirrel@webmail.ndsu.nodak.edu> <42380792.1010102@fastmail.fm> Message-ID: <20050316181658.GA8122@jm.kir.nu> On Wed, Mar 16, 2005 at 11:16:50AM +0100, Ajeet Nankani wrote: > Atleast for me it was little bit confusing also in the begning, this > eap_authenticator and then using this integrated eap_authenticator as a > radius for other APs in DS. > > To make it more clear, I suggest Jouni to make a separate section in > hostapd.conf file for this integrated radius server and name the section > as INTEGRATED RADIUS SERVER, in which we move following options. > > eap_authenticator > ca_cert=/etc/hostapd.ca.pem > server_cert=/etc/hostapd.server.pem > private_key=/etc/hostapd.server.prv > private_key_passwd=secret passphrase > eap_sim_db=/etc/hostapd.sim_db Moving these (and eap_user_file) into a separate section sounds reasonable, but "integrated radius server" is not a correct name for it. This configuration is for (integrated) EAP authenticator, not RADIUS server. The RADIUS server can also use this EAP authenticator, but these fields are generic to the EAP authenticator which can be used both without RADIUS and with RADIUS. > and if possible rename eap_authenticator as "integrated_radius_server" I do not agree with this change, eap_authenticator is used to enable EAP authentication that can be used as an intergrated authentication server (without RADIUS) and/or EAP authenticator for a RADIUS server that other devices can use. In other words, this option does not enable RADIUS server (but it is needed for the RADIUS server). -- Jouni Malinen PGP id EFC895FA From hareesh.khattri at ndsu.edu Wed Mar 16 22:35:18 2005 From: hareesh.khattri at ndsu.edu (hareesh.khattri at ndsu.edu) Date: Wed, 16 Mar 2005 21:35:18 -0600 (CST) Subject: WPA supplicant configuration error?? Message-ID: <32956.134.129.123.229.1111030518.squirrel@webmail.ndsu.nodak.edu> hi I am trying to get the hostapd to connect to an access point with minimal authentication features( to test the conection and then later and other configurations). My wpa supplicant configuration is: network={ ssid="test" mode=0 key_mgmt=NONE eap=MD5 identity="user at example.com" password="password" priority=2 } The access point is running the hostapd. The WPA supplicant scans and associates with the access point but the EAP authentication fails. This is the output I get from the WPA supplicant selected non-WPA AP 00:02:6f:37:26:b6 ssid='test' Trying to associate with 00:02:6f:37:26:b6 (SSID='test' freq=2422 MHz) Cancelling scan request Automatic auth_alg selection: 0x1 No keys have been configured - skip key clearing wpa_driver_hostap_set_drop_unencrypted: enabled=0 wpa_driver_hostap_associate Setting authentication timeout: 5 sec 0 usec EAPOL: External notification - portControl=ForceAuthorized Wireless event: cmd=0x8b15 len=20 Wireless event: new AP: 00:00:00:00:00:00 Added BSSID 00:00:00:00:00:00 into blacklist EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 Disconnect event - remove keys Wireless event: cmd=0x8b06 len=8 Wireless event: cmd=0x8b15 len=20 Wireless event: new AP: 00:00:00:00:00:00 EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 Disconnect event - remove keys Wireless event: cmd=0x8b04 len=12 Wireless event: cmd=0x8b15 len=20 Wireless event: new AP: 00:00:00:00:00:00 EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 Disconnect event - remove keys Wireless event: cmd=0x8b1a len=17 Wireless event: cmd=0x8b15 len=20 Wireless event: new AP: 00:02:6f:37:26:b6 Association event - clear replay counter Associated to a new BSS: BSSID=00:02:6f:37:26:b6 Associated with 00:02:6f:37:26:b6 EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 EAPOL: External notification - portEnabled=1 EAPOL: SUPP_PAE entering state S_FORCE_AUTH EAPOL: SUPP_BE entering state IDLE EAP: EAP entering state INITIALIZE EAP: EAP entering state IDLE Cancelling authentication timeout EAP: EAP entering state FAILURE The status as shown through the wpa_cli is like this: > status bssid=00:02:6f:37:26:b6 ssid=test pairwise_cipher=NONE group_cipher=NONE key_mgmt=NONE wpa_state=ASSOCIATED Supplicant PAE state=UNKNOWN suppPortStatus=Authorized EAP state=FAILURE > At the Access point side the hostapd gives these messages. # ./hostapd /etc/hostapd.conf Configuration file: /etc/hostapd.conf Opening raw packet socket for ifindex 6 Using interface wlan0 with hwaddr 00:02:6f:37:26:b6 and ssid 'test' wlan0: RADIUS Authentication server 134.129.123.204:1812 wlan0: RADIUS Accounting server 134.129.123.204:1813 Sending RADIUS message to accounting server Next RADIUS client retransmit in 3 seconds Flushing old station entries Deauthenticate all stations Wireless event: cmd=0x8c04 len=20 Received 20 bytes from RADIUS server Received RADIUS message Received RADIUS packet matched with a pending request, round trip time 0.09 sec Received 30 bytes management frame MGMT mgmt::auth authentication: STA=00:0d:88:70:78:ec auth_alg=0 auth_transaction=1 status_code0 New STA authentication reply: STA=00:0d:88:70:78:ec auth_alg=0 auth_transaction=2 resp=0Received 30 bytes management frame MGMT (TX callback) ACK mgmt::auth cb wlan0: STA 00:0d:88:70:78:ec IEEE 802.11: authenticated Received 40 bytes management frame MGMT mgmt::assoc_req association request: STA=00:0d:88:70:78:ec capab_info=0x01 listen_interval=10 new AID 1 Received 36 bytes management frame MGMT (TX callback) ACK mgmt::assoc_resp cb wlan0: STA 00:0d:88:70:78:ec IEEE 802.11: associated (aid 1, accounting session)Sending RADIUS message to accounting server Can any one please point out what is wrong with the configuration I am using and why the EAP authentication fails. Thanks Hareesh Khattri From kherring at gmail.com Thu Mar 17 02:52:51 2005 From: kherring at gmail.com (Keith Herring) Date: Thu, 17 Mar 2005 02:52:51 -0500 Subject: continuous transmit-debug mode Message-ID: <484ea96b050316235275f04147@mail.gmail.com> Hi, As far as I understand the prism2 chip set has a debug mode that allows a 16 bit sequence to be continously transmitted until told to stop. Can anyone enlighten me as to what register(s) need to be modified to enter this mode of operation and how to do this using the Linux HostAP 802.11 driver? Thanks, KH From hostap at cos.user.lysator.liu.se Wed Mar 16 15:06:32 2005 From: hostap at cos.user.lysator.liu.se (Martin Samuelsson) Date: Wed, 16 Mar 2005 21:06:32 +0100 Subject: Wpa_supplicant in WEP mode In-Reply-To: <267988DEACEC5A4D86D5FCD780313FBB05BD08C6@exch-03.noida.hcltech.com> References: <267988DEACEC5A4D86D5FCD780313FBB05BD08C6@exch-03.noida.hcltech.com> Message-ID: <20050316200631.GC4128@ch.lugn.nu> On Wed, Mar 16, 2005 at 06:48:55PM +0530, Manoj Kundwani, Noida wrote: > > Hi List, > I am using wpa supplicant in WEP mode . > > The configuration file in /etc/wpa_supplicant file is > > Network > { > ssid="myDemo" > Key_mgmt=NONE > Wep_key0="abcde12345" > Wep_tx_keyidx=0 > } Is it? Really? With upper case initials on the configuration variables? When I try something like that I get Line 372: unknown network field 'Wep_key0'. as the startup error message. > Now when I am running wpa_supplicant ,then I get these messages.... > > Can plz anyone give some pointers on it. > And also what changes should I make in /etc/pcmcia/wireless.opts Since I can't even get wpa_supplicant to work with WEP for myself I'm afraid I'm unable to help you aswell. However try telling the list what hardware you are using and start wpa_supplicant with the options "-dd" to get as much debugging information as possible. > Disclaimer: > > This message and any attachment(s) contained here are information that is > confidential,proprietary to HCL Technologies and its customers, privileged > or otherwise protected by law.The information is solely intended for the > individual or the entity it is addressed to. If you are not the intended > recipient of this message, you are not authorized to read, forward, > print,retain, copy or disseminate this message or any part of it. If you > have received this e-mail in error, please notify the sender immediately by > return e-mail and delete it from your computer. Can't you please try not having crap like this in your mails. It does nothing else than bringing people to believe that HCL Technologies is an unserious business with employees that don't know how to use e-mail. -- /Martin From hostap at cos.user.lysator.liu.se Wed Mar 16 14:47:01 2005 From: hostap at cos.user.lysator.liu.se (Martin Samuelsson) Date: Wed, 16 Mar 2005 20:47:01 +0100 Subject: Useful link for searching HostAP mailing list In-Reply-To: <1110972126.5265.214.camel@Thirumalai> References: <1110875989.5265.71.camel@Thirumalai> <1110972126.5265.214.camel@Thirumalai> Message-ID: <20050316194700.GB4128@ch.lugn.nu> On Wed, Mar 16, 2005 at 04:52:06PM +0530, Thirumalai T. Bhattar wrote: > On Tue, 2005-03-15 at 14:09, Thirumalai T. Bhattar wrote: > > Hi, > > > > I was struggling to search the HostAP mailing list (the current/new one) > > and so created a freefind link for it. > > > > One can use the link > > > > http://search.freefind.com/find.html?id=39363193 > > > > to search for stuff available at the mailing list (in the URL > > http://sisyphus.iocaine.com/pipermail/hostap/ ) Great initiative! That thing helped me read a fair bit of ipw2100 related problems, but none matching my mine. At least I know now that it hasn't been on the list before. > > May be we can add this link to the 'Host AP related links' or in the > > main HostAP site, so that it is useful for everybody. I second that! Could who ever manages the web site please give that idea a thought? -- /Martin From hostap at cos.user.lysator.liu.se Thu Mar 17 06:01:02 2005 From: hostap at cos.user.lysator.liu.se (Martin Samuelsson) Date: Thu, 17 Mar 2005 12:01:02 +0100 Subject: Simple wpa_supplicant question In-Reply-To: <20050315100230.GB22384@ch.lugn.nu> References: <20050315100230.GB22384@ch.lugn.nu> Message-ID: <20050317110101.GD6908@ch.lugn.nu> On Tue, Mar 15, 2005 at 11:02:32AM +0100, Martin Samuelsson wrote: > Dear list, > > I have been using wpa_supplicant for a while now, since waproamd got > orphaned by it's author. Until recently it has been working perfectly > because all networks encountered have been open and thus not needed key > configuration. > > However now I'm daily using a network with a WEP key and can't get it to > work for me. Could anyone please give me a hint? > > I've read all the documentation and the configuration provided in the > Debian package, but not fully understood it. > > Doing things'n'stuff manually works. I.e. giving a command like the > following brings the interface up. > > iwconfig eth0 essid helllo key s:world ap 00:02:2D:61:4F:32 ? > > A simple case like this brings me to believe that I should go for a config > looking something like what's included below: > > network={ > ssid="helllo" > bssid=00:02:2D:61:4F:32 > key_mgmt=NONE > wep_key0="world" > wep_tx_keyidx=0 > priority=1000 > } > > However when trying to use the software now I get the following output: (The > exclamation marks are what I feel look like bad lines) > > Setting scan request: 0 sec 0 usec > Starting AP scan (broadcast SSID) > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > Scan timeout - try to get results > Received 748 bytes of scan results (4 BSSes) > Scan results: 4 > Selecting BSS from priority group 1000 > 0: 00:02:2d:61:4f:13 ssid='helllo' wpa_ie_len=0 rsn_ie_len=0 > skip - no WPA/RSN IE > 1: 00:02:2d:61:4f:32 ssid='helllo' wpa_ie_len=0 rsn_ie_len=0 > skip - no WPA/RSN IE > 2: 00:07:40:9f:14:71 ssid='helllo' wpa_ie_len=0 rsn_ie_len=0 > skip - no WPA/RSN IE > 3: 00:80:5a:22:ae:a2 ssid='OTHER' wpa_ie_len=0 rsn_ie_len=0 > skip - no WPA/RSN IE > selected non-WPA AP 00:02:2d:61:4f:32 ssid='helllo' > Trying to associate with 00:02:2d:61:4f:32 (SSID='helllo' freq=0 MHz) > Cancelling scan request > Automatic auth_alg selection: 0x1 > wpa_driver_ipw_set_auth_alg: auth_alg=0x1 > No keys have been configured - skip key clearing > wpa_driver_ipw_set_key: alg=WEP key_idx=0 set_tx=1 seq_len=0 key_len=5 > wpa_driver_ipw_set_drop_unencrypted: enabled=1 > wpa_driver_ipw_set_wpa: enabled=0 > ! ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported > ! ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported > Setting authentication timeout: 5 sec 0 usec > EAPOL: External notification - portControl=ForceAuthorized > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > Wireless event: cmd=0x8b1a len=19 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > ! Authentication with 00:00:00:00:00:00 timed out. > wpa_driver_ipw_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0 > wpa_driver_ipw_set_key: alg=none key_idx=1 set_tx=0 seq_len=0 key_len=0 > wpa_driver_ipw_set_key: alg=none key_idx=2 set_tx=0 seq_len=0 key_len=0 > wpa_driver_ipw_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0 > EAPOL: External notification - portEnabled=0 > EAPOL: External notification - portValid=0 > Setting scan request: 0 sec 0 usec > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > Starting AP scan (specific SSID) > Scan SSID - hexdump_ascii(len=6): > 73 65 63 72 65 74 secret > ! ioctl[SIOCSIWSCAN{,EXT}]: Operation not supported > Failed to initiate AP scan. > Setting scan request: 10 sec 0 usec > > Is there something I've missed in my configuration or doesn't wpa_supplicant > work with WEP encrypted networks and the ipw2100? > > Any help appreciated. I'm running Debian/Sarge with wpasupplicant > 0.3.8-1, which should also be the latest upstream release, right? > > [1] The network identifying data has been changed to protect the innocent, but they > are all ascii and their lengths match. (The HW addresses however are real) For what it's worth I've now verified that I also use the latest firmware, namely version 1.3. Is there any other information I can provide to get help tracking down me problem? Could someone please verify that the ipw2100 currently is not supported with WEP networks or maybe tell me the opposite? -- /Martin From roby at netrotter.net Thu Mar 17 05:48:40 2005 From: roby at netrotter.net (roby) Date: Thu, 17 Mar 2005 11:48:40 +0100 Subject: CONFIG_NET_RADIO not enabled Message-ID: <20050317104840.17921.qmail@webmaildomini.aruba.it> Hi List, I'm compiling Hostap-driver-0.3.7, but during compile time it outpost a warning massage: "Network wireless Extension: CONFIG_NET_RADIO, not enabled in the kernel." After this if a try to install Modules It says Unable to find Symbols for all Hostap*.o. I'm using a RedHat9b with 2.4.20-20.9 Kernel. How can i enable it? Please is urgent? Someone can Help me? Malinen can you help me? Roby. From jar at pcuf.fi Thu Mar 17 06:08:58 2005 From: jar at pcuf.fi (Jar) Date: Thu, 17 Mar 2005 13:08:58 +0200 (EET) Subject: CONFIG_NET_RADIO not enabled In-Reply-To: <20050317104840.17921.qmail@webmaildomini.aruba.it> References: <20050317104840.17921.qmail@webmaildomini.aruba.it> Message-ID: <47172.194.157.0.2.1111057738.squirrel@netlandzone.dyndns.org> > I'm using a RedHat9b with 2.4.20-20.9 Kernel. > How can i enable it? Please is urgent? Someone can Help me? Malinen can you > help me? I have _always_ been able to compile hostap driver under RH 9, when first prepare the kernel-source by doing the steps 1-8. 1. Install the RedHat's kernel-source rpm package which is the same version the current running kernel you have. 2. cd /usr/src/ 3. Do symbolic link linux-2.4.20-9 --> linux 4. cd /usr/src/linux and do "make mrproper" 5. copy /boot/config-2.4.20-9 /usr/src/linux/.config 6. Edit Kernel Makefile: EXTRAVERSION = -20.8Custom --> EXTRAVERSION = -20.9 7. Run make oldconfig 8. Run "make dep" 9. Compile & install hostap normally -- Best Regards, Jar From daber at student.uci.agh.edu.pl Thu Mar 17 06:14:43 2005 From: daber at student.uci.agh.edu.pl (Marcin Dabrowski) Date: Thu, 17 Mar 2005 12:14:43 +0100 (CET) Subject: Selective scanning Message-ID: Hi, I'm trying to implement selective scanning in HostAp. I would like to change the local->passive_scan_timer.function from hostap_passive_scan to my function - for example my_scanning. my_scannig function could work as below: 1) it would check the singnal stregth by calling local->func->get_rid(local->dev,HFA384X_RID_COMMSQUALITY...) function 2) then it could scan my channel by calling local->func->set_rid(dev, HFA384X_RID_SCANREQUEST...) function 3) then it would check local->channel_mask whether the chosen channel can be used Is that scenario correct ??? Thanks, Marcin From fromkth+hostap at fastmail.fm Thu Mar 17 06:50:13 2005 From: fromkth+hostap at fastmail.fm (Ajeet Nankani) Date: Thu, 17 Mar 2005 12:50:13 +0100 Subject: hostapd - what "eap_authenticator" option actually is for? In-Reply-To: <20050316181658.GA8122@jm.kir.nu> References: <36198.134.129.123.210.1110923565.squirrel@webmail.ndsu.nodak.edu> <42380792.1010102@fastmail.fm> <20050316181658.GA8122@jm.kir.nu> Message-ID: <42396EF5.90908@fastmail.fm> Jouni Malinen wrote: > On Wed, Mar 16, 2005 at 11:16:50AM +0100, Ajeet Nankani wrote: > > >>Atleast for me it was little bit confusing also in the begning, this >>eap_authenticator and then using this integrated eap_authenticator as a >>radius for other APs in DS. >> >>To make it more clear, I suggest Jouni to make a separate section in >>hostapd.conf file for this integrated radius server and name the section >>as INTEGRATED RADIUS SERVER, in which we move following options. >> >>eap_authenticator >>ca_cert=/etc/hostapd.ca.pem >>server_cert=/etc/hostapd.server.pem >>private_key=/etc/hostapd.server.prv >>private_key_passwd=secret passphrase >>eap_sim_db=/etc/hostapd.sim_db > > > Moving these (and eap_user_file) into a separate section sounds > reasonable, but "integrated radius server" is not a correct name for it. > This configuration is for (integrated) EAP authenticator, not RADIUS > server. The RADIUS server can also use this EAP authenticator, but these > fields are generic to the EAP authenticator which can be used both > without RADIUS and with RADIUS. > > >>and if possible rename eap_authenticator as "integrated_radius_server" > > > I do not agree with this change, eap_authenticator is used to enable EAP > authentication that can be used as an intergrated authentication > server (without RADIUS) and/or EAP authenticator for a RADIUS server > that other devices can use. In other words, this option does not enable > RADIUS server (but it is needed for the RADIUS server). > I understand that it does not enable RADIUS server, but it does enable minimal RADIUS like functionality in authenticator, or to keep it simple(to hide which part in AP enables this functionality) we can say that this option enables very minimal RADIUS AS in AP, in that case its name should reelect what it does. See my comments below to support name changing. My understanding is that Authenticator is an element in AP which relays EAP packets from STA to AS(whether Co Located or external). But this Authenticator is enabled automatically when 802.1x is enabled, hence eap_authenticator option has nothing to do with enabling of AP authenticator itself, but name "eap_authenticator" of this option suggests otherwise. Am i right here? So we should use a name which reflects what it does, May be the name i suggested before is not a good candidate, but we can find some other suitable name. What about "co_located_minimal_RADIUS_AS" -ajeet. From jkmaline at cc.hut.fi Thu Mar 17 08:52:07 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Thu, 17 Mar 2005 05:52:07 -0800 Subject: hostapd - what "eap_authenticator" option actually is for? In-Reply-To: <42396EF5.90908@fastmail.fm> References: <36198.134.129.123.210.1110923565.squirrel@webmail.ndsu.nodak.edu> <42380792.1010102@fastmail.fm> <20050316181658.GA8122@jm.kir.nu> <42396EF5.90908@fastmail.fm> Message-ID: <20050317135207.GB8122@jm.kir.nu> On Thu, Mar 17, 2005 at 12:50:13PM +0100, Ajeet Nankani wrote: > I understand that it does not enable RADIUS server, but it does enable > minimal RADIUS like functionality in authenticator, or to keep it > simple(to hide which part in AP enables this functionality) we can say > that this option enables very minimal RADIUS AS in AP, in that case its > name should reelect what it does. See my comments below to support name > changing. It does not enable "minimal RADIUS". No RADIUS functionality is used for the authentication when the integrated EAP authenticator is used directly from the IEEE 802.1X/EAPOL state machines. > My understanding is that Authenticator is an element in AP which relays > EAP packets from STA to AS(whether Co Located or external). But this > Authenticator is enabled automatically when 802.1x is enabled, hence > eap_authenticator option has nothing to do with enabling of AP > authenticator itself, but name "eap_authenticator" of this option > suggests otherwise. The authenticator you are talking about is IEEE 802.1X authenticator. EAP authenticator is the server side endpoint for EAP authentication. The name "eap_authenticator" is used because it enables functionality called "EAP Authenticator". > So we should use a name which reflects what it does, We already do. > May be the name i > suggested before is not a good candidate, but we can find some other > suitable name. What about "co_located_minimal_RADIUS_AS" It has _nothing_ to do with RADIUS. Many RADIUS authentication servers implement EAP authenticators, but so does many Diameter servers, and so does EAP "servers". RADIUS is just one option for transfering the EAP conversation. -- Jouni Malinen PGP id EFC895FA From ckwesley at gmail.com Thu Mar 17 11:22:20 2005 From: ckwesley at gmail.com (wesley) Date: Fri, 18 Mar 2005 00:22:20 +0800 Subject: Can wpa_supplicant "auto" associate to 2nd AP when 1st AP shutdown Message-ID: <4217053405031708221a1a0573@mail.gmail.com> I setup an enviroment with two AP(using hostapd). I satrt this two hostapd process and one wpa_supplicant. The wpa_supplicant scan and associate with one AP(1st). After I shutdown the 1st hostapd(kill process), wpa_supplicant doesn't auto associate with the 2nd hostapd. Is there any method to let wpa_supplicant auto handover to 2nd AP? thanks a lot. From roby at netrotter.net Thu Mar 17 12:00:04 2005 From: roby at netrotter.net (roby) Date: Thu, 17 Mar 2005 18:00:04 +0100 Subject: Hostapd Segmentation Fault. Message-ID: <20050317170004.3465.qmail@webmaildomini.aruba.it> Hi list, i just compiled hostapd, but when i try to lunch it with the command: "./hostapd hostapd.conf" the putput is: ##################################### Configuration file: hostapd.conf Segmantation fault ################################### I did not make any modification to the hostapd.conf. Anybody now why and can help me? Regards Roby From imcdnzl at gmail.com Thu Mar 17 12:55:58 2005 From: imcdnzl at gmail.com (Ian McDonald) Date: Fri, 18 Mar 2005 06:55:58 +1300 Subject: Simple wpa_supplicant question In-Reply-To: <20050317110101.GD6908@ch.lugn.nu> References: <20050315100230.GB22384@ch.lugn.nu> <20050317110101.GD6908@ch.lugn.nu> Message-ID: Martin, Have a look at this which should help you: http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/Linux.Wireless.drivers.802.11b.html#Centrino >From memory with WEP don't use wpa_supplicant for these but use Linux kernel directly. The reason for this is the bugs in the 2100 code. 2200 has similar issues that were reported to the list. With the latest Linux kernels you only need wpa_supplicant for WPA and Jouni is helping migrate more of that into the kernel as well - hopefully we are not too far away from where WPA just works - Linus has said it is one of his main goals to get working also. The parent URL also has lots of useful info: http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/ Regards, Ian On Thu, 17 Mar 2005 12:01:02 +0100, Martin Samuelsson wrote: > On Tue, Mar 15, 2005 at 11:02:32AM +0100, Martin Samuelsson wrote: > > Dear list, > > > > I have been using wpa_supplicant for a while now, since waproamd got > > orphaned by it's author. Until recently it has been working perfectly > > because all networks encountered have been open and thus not needed key > > configuration. > > > > However now I'm daily using a network with a WEP key and can't get it to > > work for me. Could anyone please give me a hint? > > > > I've read all the documentation and the configuration provided in the > > Debian package, but not fully understood it. > > > > Doing things'n'stuff manually works. I.e. giving a command like the > > following brings the interface up. > > > > iwconfig eth0 essid helllo key s:world ap 00:02:2D:61:4F:32 ? > > > > A simple case like this brings me to believe that I should go for a config > > looking something like what's included below: > > > > network={ > > ssid="helllo" > > bssid=00:02:2D:61:4F:32 > > key_mgmt=NONE > > wep_key0="world" > > wep_tx_keyidx=0 > > priority=1000 > > } > > > > However when trying to use the software now I get the following output: (The > > exclamation marks are what I feel look like bad lines) > > > > Setting scan request: 0 sec 0 usec > > Starting AP scan (broadcast SSID) > > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > > Scan timeout - try to get results > > Received 748 bytes of scan results (4 BSSes) > > Scan results: 4 > > Selecting BSS from priority group 1000 > > 0: 00:02:2d:61:4f:13 ssid='helllo' wpa_ie_len=0 rsn_ie_len=0 > > skip - no WPA/RSN IE > > 1: 00:02:2d:61:4f:32 ssid='helllo' wpa_ie_len=0 rsn_ie_len=0 > > skip - no WPA/RSN IE > > 2: 00:07:40:9f:14:71 ssid='helllo' wpa_ie_len=0 rsn_ie_len=0 > > skip - no WPA/RSN IE > > 3: 00:80:5a:22:ae:a2 ssid='OTHER' wpa_ie_len=0 rsn_ie_len=0 > > skip - no WPA/RSN IE > > selected non-WPA AP 00:02:2d:61:4f:32 ssid='helllo' > > Trying to associate with 00:02:2d:61:4f:32 (SSID='helllo' freq=0 MHz) > > Cancelling scan request > > Automatic auth_alg selection: 0x1 > > wpa_driver_ipw_set_auth_alg: auth_alg=0x1 > > No keys have been configured - skip key clearing > > wpa_driver_ipw_set_key: alg=WEP key_idx=0 set_tx=1 seq_len=0 key_len=5 > > wpa_driver_ipw_set_drop_unencrypted: enabled=1 > > wpa_driver_ipw_set_wpa: enabled=0 > > ! ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported > > ! ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported > > Setting authentication timeout: 5 sec 0 usec > > EAPOL: External notification - portControl=ForceAuthorized > > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > > Wireless event: cmd=0x8b1a len=19 > > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > > ! Authentication with 00:00:00:00:00:00 timed out. > > wpa_driver_ipw_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0 > > wpa_driver_ipw_set_key: alg=none key_idx=1 set_tx=0 seq_len=0 key_len=0 > > wpa_driver_ipw_set_key: alg=none key_idx=2 set_tx=0 seq_len=0 key_len=0 > > wpa_driver_ipw_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0 > > EAPOL: External notification - portEnabled=0 > > EAPOL: External notification - portValid=0 > > Setting scan request: 0 sec 0 usec > > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > > Starting AP scan (specific SSID) > > Scan SSID - hexdump_ascii(len=6): > > 73 65 63 72 65 74 secret > > ! ioctl[SIOCSIWSCAN{,EXT}]: Operation not supported > > Failed to initiate AP scan. > > Setting scan request: 10 sec 0 usec > > > > Is there something I've missed in my configuration or doesn't wpa_supplicant > > work with WEP encrypted networks and the ipw2100? > > > > Any help appreciated. I'm running Debian/Sarge with wpasupplicant > > 0.3.8-1, which should also be the latest upstream release, right? > > > > [1] The network identifying data has been changed to protect the innocent, but they > > are all ascii and their lengths match. (The HW addresses however are real) > > For what it's worth I've now verified that I also use the latest > firmware, namely version 1.3. > > Is there any other information I can provide to get help tracking down > me problem? > > Could someone please verify that the ipw2100 currently is not supported > with WEP networks or maybe tell me the opposite? > -- > /Martin > _______________________________________________ > HostAP mailing list > HostAP at shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap > From denier at umr.edu Thu Mar 17 19:13:36 2005 From: denier at umr.edu (Robert Denier) Date: Thu, 17 Mar 2005 18:13:36 -0600 Subject: OT: Wireless Cryptography Message-ID: <1111104816.8338.43.camel@chidori.cephiro> I apologize for this being slightly OT. If anyones interested in discussing the cryptographic design I made, wireless network design, cryptography in general, electrical engineering, signal processing, Labview, etc they are more than welcome to join my new mailing list at http://lists.sourceforge.net/mailman/listinfo/ses-devel and perhaps I will know something, or perhaps someone else who joins the list will. The sourceforge page for my work with code (kernel modules) is at http://www.sourceforge.net/projects/ses/ or you can take a look at my own web page in my signature. Included there is what will likely be the final copy of my dissertation as well as a shorter paper on the subject, and of course the actual code. -thanks, -- Robert Denier (denier at umr.edu) PhD Electrical Engineering (May 2005) University of Missouri-Rolla http://www.finiteinfinity.com From boavista54 at sbcglobal.net Thu Mar 17 19:54:58 2005 From: boavista54 at sbcglobal.net (Doug Bradford) Date: Thu, 17 Mar 2005 16:54:58 -0800 Subject: How do you install HostAP on a stripped down Linux system? Message-ID: <4.2.2.20050317165216.01367068@127.0.0.1> I have the latest hostap driver and related programs successfully running on my development system. How do I install hostap driver and related programs on a second stripped down Linux machine that has no development environment? Thanks, Doug From roby at netrotter.net Fri Mar 18 02:58:51 2005 From: roby at netrotter.net (roby) Date: Fri, 18 Mar 2005 08:58:51 +0100 Subject: Hostapd Segmentation Fault. In-Reply-To: <4239CED0.6010509@thesae.k12.ca.us> References: <20050317170004.3465.qmail@webmaildomini.aruba.it> <4239CED0.6010509@thesae.k12.ca.us> Message-ID: <20050318075851.17618.qmail@webmaildomini.aruba.it> Hi Chris, i'm using a RedHat9, 2.4.20 Core. The Hostap version is 0.3.7 and works fine, for hostapd the version is 0.3.7. Ideas for solution? By Roby. R. Chris Evans writes: > I think I got this when I was running hostap on debian ppc, with a > nonstandard locale, with a bug in glibc related to de locale. > > What distro are you using, which version of the distro, did you compile > hostap, what version of hostap? > > roby wrote: >> >> Hi list, >> i just compiled hostapd, but when i try to lunch it with the command: >> "./hostapd hostapd.conf" >> the putput is: >> ##################################### >> Configuration file: hostapd.conf >> Segmantation fault >> ################################### >> >> I did not make any modification to the hostapd.conf. >> Anybody now why and can help me? >> Regards >> Roby >> _______________________________________________ >> HostAP mailing list >> HostAP at shmoo.com >> http://lists.shmoo.com/mailman/listinfo/hostap >> From roby at netrotter.net Fri Mar 18 05:26:52 2005 From: roby at netrotter.net (roby) Date: Fri, 18 Mar 2005 11:26:52 +0100 Subject: Firmware Station for WPA Message-ID: <20050318102652.24836.qmail@webmaildomini.aruba.it> Hi list, i'm trying to set hostapd to work with WPA-TKIP and authentication mode EAP-TLS. The autentication goes rights, but the Access point deassociate the stations... I'm using hostap driver 0.2.4, redhat9b. I'm using a netgear MA401 PCI with firmware 1.3.6, is this the problem? Do I have to upgrade the firmware? If yes wich one, 1.7 or more? Thanks R. From fromkth+hostap at fastmail.fm Fri Mar 18 05:34:29 2005 From: fromkth+hostap at fastmail.fm (Ajeet Nankani) Date: Fri, 18 Mar 2005 11:34:29 +0100 Subject: about: "PMKSA-cache: 802.1x authentication is forced even if AP have PMKID of the STA in its PMKSA-cache" + handoff process in wpa supplicant In-Reply-To: <4217053405031723097b770895@mail.gmail.com> References: <4217053405031723097b770895@mail.gmail.com> Message-ID: <423AAEB5.90707@fastmail.fm> wesley wrote: > Dear Ajeet Nankani > > I have read you post at Hostap mailing list. What you described is > also happened to me. And I have no idea about solving this problem. :( Jouni can you look into my old post about the same subject and see what could be the problem. > > I wonder how you force wpa_supplicant handoff to another hostapd. I > make it by kill the original hostapd process and shutdown > corresponding wlan interface (ifconfig wlan0 down). Then I call > 'reassociate' in wpa_cli to force wpa_supplicant handoff to another > hostapd. Could you tell me how you do it? The same as i do? For me it is actual handoff between two APs as it normally happens in real environment. I have two laptops as hostapd APs, and one as hostap STA. i just move STA between two hostapd laptops to make a handoff. But to actually do it in small room area either you have to play with transmit power and receive sensitivities of all cards or the antennas if they are detachable. As, ap_scan=1 so the decision to scan and join is done by WPA Supplicant(host_roaming 2), so I guess WPA Supplicant takes care of handoff also, means it checks the SNR or the CommQuality with the current AP and asks driver to scan when it notices CommQuality or SNR lower than the defined one. So after getting scan results from driver it joins the new AP according to network block policy, thus actually making a handoff. Jouni can you comment on this, that if the procedure is like what i have described above. -ajeet. From michael.walter at polit-web.de Fri Mar 18 05:36:09 2005 From: michael.walter at polit-web.de (Michael Walter) Date: Fri, 18 Mar 2005 11:36:09 +0100 Subject: Firmware Station for WPA In-Reply-To: <20050318102652.24836.qmail@webmaildomini.aruba.it> References: <20050318102652.24836.qmail@webmaildomini.aruba.it> Message-ID: <05ce261a3eca55cd55c809230fdd8c72@sauerbruch.dyndns.org> I am using firmware 1.7.4 which is known to work well. Also think about upgrading the primary firmware too. "hostap_diag wlan0" shows for my machine: Host AP driver diagnostics information for 'wlan0' NICID: id=0x8013 v1.0.0 (PRISM II (2.5) Mini-PCI (SST parallel flash)) PRIID: id=0x0015 v1.1.1 STAID: id=0x001f v1.7.4 (station firmware) Regards, Michael On Fri, 18 Mar 2005 11:26:52 +0100 "roby" wrote: > Hi list, > > i'm trying to set hostapd to work with WPA-TKIP and authentication > mode EAP-TLS. The autentication goes rights, but the Access point > deassociate the stations... I'm using hostap driver 0.2.4, redhat9b. > I'm using a netgear MA401 PCI with firmware 1.3.6, is this the > problem? Do I have to upgrade the firmware? If yes wich one, 1.7 or > more? > Thanks > R. > _______________________________________________ > HostAP mailing list > HostAP at shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap > From fromkth+hostap at fastmail.fm Fri Mar 18 05:40:47 2005 From: fromkth+hostap at fastmail.fm (Ajeet Nankani) Date: Fri, 18 Mar 2005 11:40:47 +0100 Subject: hostapd - what "eap_authenticator" option actually is for? In-Reply-To: <20050317135207.GB8122@jm.kir.nu> References: <36198.134.129.123.210.1110923565.squirrel@webmail.ndsu.nodak.edu> <42380792.1010102@fastmail.fm> <20050316181658.GA8122@jm.kir.nu> <42396EF5.90908@fastmail.fm> <20050317135207.GB8122@jm.kir.nu> Message-ID: <423AB02F.3060105@fastmail.fm> > The authenticator you are talking about is IEEE 802.1X authenticator. > EAP authenticator is the server side endpoint for EAP authentication. > The name "eap_authenticator" is used because it enables functionality > called "EAP Authenticator". Aha, i was mixing EAP Authenticator with 802.1x Authenticator, but now after understanding it, i fully agree with you. But it would be good to move all these options in new section, as you also agreed. -ajeet. From tonybox at inwind.it Fri Mar 18 09:58:17 2005 From: tonybox at inwind.it (Dario Tonesi) Date: Fri, 18 Mar 2005 15:58:17 +0100 Subject: Implementation of EAP-PSK Message-ID: Hi to everyone! I need some info about wpa_supplicant and EAP-PSK. 1) Have any of you used wpa_supplicant to authenticate with EAP-PSK? 2) Do you know which authentication server implements EAP-PSK? I'm using as client: wpa_supplicant 0.3.6 (it is supposed to implements EAP-PSK) with madwifi (driver) on Linux kernel version 2.4.27. The authentication server is a patched versione of FreeRADIUS (downloaded from http://perso.rd.francetelecom.fr/bersani/EAP_PSK/Release3.0/freeradius-snapshot-20040329.tar.gz) that is supposed to support EAP-PKS. Unfortunately, even if it looks like I set every parameter correctly, I cannot autheticate the client to the network by means of EAP-PSK. Could any of you please help me? Thankyou in advance Dario ____________________________________________________________ Navighi a 2 MEGA e i primi 3 mesi sono GRATIS. Scegli Libero Adsl Flat senza limiti su http://www.libero.it _______________________________________________ HostAP mailing list HostAP at shmoo.com http://lists.shmoo.com/mailman/listinfo/hostap ____________________________________________________________ Navighi a 2 MEGA e i primi 3 mesi sono GRATIS. Scegli Libero Adsl Flat senza limiti su http://www.libero.it From cross+wpa at distal.com Fri Mar 18 13:12:08 2005 From: cross+wpa at distal.com (Chris Ross) Date: Fri, 18 Mar 2005 13:12:08 -0500 Subject: Problems with wpa_supplicant/ipw2200/D-link Message-ID: <423B19F8.3090007@distal.com> I have a D-link DWL-7000AP, configured to have it's B/G side running WPA-PSK. I configured the wpa_supplicant.conf file as demonstrated in the README with wpa_supplicant 0.3.8: # allow frontend (e.g., wpa_cli) to be used by all users in 'wheel' group ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=wheel # # home network; allow all valid ciphers network={ ssid="my-ssid" scan_ssid=1 key_mgmt=WPA-PSK psk="my PSK goes here" } However, when I start up the wpa_supplicant (compiled only with IPW driver support), it scans for APs, and sees two: My non-broadcasting 802.11b AP, not WPA capable, and My DWL-7000 broadcasting for ssid "my-ssid". But, it reports a wpa_ie_len of 0 for both. I'm not sure why, but it reports that the DWL-7000 isn't WPA capable. But, it is. I configured it this way, and it works fine in Windows XP. I'm using the built-in WPA stuff downloaded from Microsoft, and doing WPA-PSK, just as I configured the access-point to do. Any idea what I'm doing wrong? Is this an AP bug? I updated it to the latest firmware a month or two ago, and that's still the newest one d-link is offering. Is the AP not reporting something it should be, or is wpa_supplicant getting it wrong somehow. Can I hard configure wpa_supplicant to try it anyway, since I know it works (based on the windows driver working) ? Thanks... - Chris From ramalhais at serrado.net Fri Mar 18 13:34:24 2005 From: ramalhais at serrado.net (Pedro Ramalhais) Date: Fri, 18 Mar 2005 18:34:24 +0000 Subject: Problems with wpa_supplicant/ipw2200/D-link In-Reply-To: <423B19F8.3090007@distal.com> References: <423B19F8.3090007@distal.com> Message-ID: <1111170864.24674.9387.camel@gandalf.uninova.pt> On Fri, 2005-03-18 at 18:12, Chris Ross wrote: > I have a D-link DWL-7000AP, configured to have it's B/G side running > WPA-PSK. I configured the wpa_supplicant.conf file as demonstrated in > the README with wpa_supplicant 0.3.8: > > # allow frontend (e.g., wpa_cli) to be used by all users in 'wheel' group > ctrl_interface=/var/run/wpa_supplicant > ctrl_interface_group=wheel > # > # home network; allow all valid ciphers > network={ > ssid="my-ssid" > scan_ssid=1 > key_mgmt=WPA-PSK > psk="my PSK goes here" > } > > However, when I start up the wpa_supplicant (compiled only with > IPW driver support), it scans for APs, and sees two: > > My non-broadcasting 802.11b AP, not WPA capable, and > My DWL-7000 broadcasting for ssid "my-ssid". > > But, it reports a wpa_ie_len of 0 for both. I'm not sure why, > but it reports that the DWL-7000 isn't WPA capable. But, it is. > I configured it this way, and it works fine in Windows XP. I'm > using the built-in WPA stuff downloaded from Microsoft, and > doing WPA-PSK, just as I configured the access-point to do. > > Any idea what I'm doing wrong? Is this an AP bug? I updated > it to the latest firmware a month or two ago, and that's still > the newest one d-link is offering. Is the AP not reporting something > it should be, or is wpa_supplicant getting it wrong somehow. > Can I hard configure wpa_supplicant to try it anyway, since I > know it works (based on the windows driver working) ? > > Thanks... > > - Chris > > _______________________________________________ > HostAP mailing list > HostAP at shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap Remove scan_ssid=1. Run wpa_supplicant in the foreground with -dddd and post the log. If you're using wpa_supplicant from debian try using the original source for wpa_supplicant. -- Pedro Ramalhais From cross+wpa at distal.com Fri Mar 18 13:44:54 2005 From: cross+wpa at distal.com (Chris Ross) Date: Fri, 18 Mar 2005 13:44:54 -0500 Subject: Problems with wpa_supplicant/ipw2200/D-link In-Reply-To: <1111170864.24674.9387.camel@gandalf.uninova.pt> References: <423B19F8.3090007@distal.com> <1111170864.24674.9387.camel@gandalf.uninova.pt> Message-ID: <423B21A6.7010009@distal.com> Pedro Ramalhais wrote: > Remove scan_ssid=1. Run wpa_supplicant in the foreground with -dddd and > post the log. If you're using wpa_supplicant from debian try using the > original source for wpa_supplicant. I had already tried setting that to 0, does removing the line from the config file have a different effect? I'll run the debug run a little bit later and report back. thanks... - Chris From jkmaline at cc.hut.fi Fri Mar 18 23:03:09 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Fri, 18 Mar 2005 20:03:09 -0800 Subject: Hostapd Segmentation Fault. In-Reply-To: <20050317170004.3465.qmail@webmaildomini.aruba.it> References: <20050317170004.3465.qmail@webmaildomini.aruba.it> Message-ID: <20050319040309.GC8179@jm.kir.nu> On Thu, Mar 17, 2005 at 06:00:04PM +0100, roby wrote: > i just compiled hostapd, but when i try to lunch it with the command: > "./hostapd hostapd.conf" > > the putput is: > ##################################### > Configuration file: hostapd.conf > Segmantation fault Could you please try to get backtrace of this segfault with gdb? You can do this, e.g., with following commands: gdb ./hostapd run -dd hostapd.conf bt quit -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Fri Mar 18 23:04:57 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Fri, 18 Mar 2005 20:04:57 -0800 Subject: How do you install HostAP on a stripped down Linux system? In-Reply-To: <4.2.2.20050317165216.01367068@127.0.0.1> References: <4.2.2.20050317165216.01367068@127.0.0.1> Message-ID: <20050319040457.GD8179@jm.kir.nu> On Thu, Mar 17, 2005 at 04:54:58PM -0800, Doug Bradford wrote: > How do I install hostap driver and related programs on a second stripped > down Linux machine that has no development environment? In the same way that you would be building and installing any other kernel module for that system. In other words, it depends on your "stripped down Linux system". -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Fri Mar 18 23:10:21 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Fri, 18 Mar 2005 20:10:21 -0800 Subject: WPA supplicant configuration error?? In-Reply-To: <32956.134.129.123.229.1111030518.squirrel@webmail.ndsu.nodak.edu> References: <32956.134.129.123.229.1111030518.squirrel@webmail.ndsu.nodak.edu> Message-ID: <20050319041021.GE8179@jm.kir.nu> On Wed, Mar 16, 2005 at 09:35:18PM -0600, hareesh.khattri at ndsu.edu wrote: > I am trying to get the hostapd to connect to an access point with > minimal authentication features( to test the conection and then later > and other configurations). What do you mean with "minimal authentication"? > My wpa supplicant configuration is: > > network={ > ssid="test" > mode=0 > key_mgmt=NONE > eap=MD5 > identity="user at example.com" > password="password" > priority=2 > } If you are trying to use IEEE 802.1X, key_mgmt should be IEEE8021X. EAP-MD5 does not provide keying material, so you would also need eapol_flags=0 into that network block. Please also send hostapd.conf. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Fri Mar 18 23:15:25 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Fri, 18 Mar 2005 20:15:25 -0800 Subject: Madwifi - wpa_supplicant problem In-Reply-To: <1110916912.15307.4.camel@localhost.localdomain> References: <1110916912.15307.4.camel@localhost.localdomain> Message-ID: <20050319041525.GF8179@jm.kir.nu> On Tue, Mar 15, 2005 at 09:01:52PM +0100, Dennis Kaarsemaker wrote: > When trying to get wpa_supplicant to work with an atheros chip, I > noticed that sometimes the mac address of the accesspoint gets set to > FF:FF:FF:FF:FF:FF and later the actual mac address and after that again > to FF:FF:FF:FF:FF:FF and so on... > > A detailed log of wpa_supplicant can be found at > http://pastebin.kaarsemaker.net/10 In the future, please send text output as plain ASCII to the mailing list. HTML with completely unrelated information is making it more difficult to use the debug log. > Can anybody tell me what I did wrong? Your description does not match with the debug log. FF:FF:FF:FF:FF:FF does not appear in the log at all. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Fri Mar 18 23:17:46 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Fri, 18 Mar 2005 20:17:46 -0800 Subject: [patch] usage of tail in toplevel Makefile In-Reply-To: <4236AC72.50506@et.bocholt.fh-ge.de> References: <4236AC72.50506@et.bocholt.fh-ge.de> Message-ID: <20050319041746.GG8179@jm.kir.nu> On Tue, Mar 15, 2005 at 10:35:46AM +0100, Gordon Hecker wrote: > in the version of 'tail' I am using the 'tail -1' syntax is considered > obsolete (tail (coreutils) 5.2.1). > > The attached patch changes 'tail -1' to 'tail -n 1'. Thanks, applied. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Sat Mar 19 00:53:14 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Fri, 18 Mar 2005 21:53:14 -0800 Subject: Useful link for searching HostAP mailing list In-Reply-To: <1110875989.5265.71.camel@Thirumalai> References: <1110875989.5265.71.camel@Thirumalai> Message-ID: <20050319055314.GH8179@jm.kir.nu> On Tue, Mar 15, 2005 at 02:09:50PM +0530, Thirumalai T. Bhattar wrote: > I was struggling to search the HostAP mailing list (the current/new one) > and so created a freefind link for it. Getting the current mailing list archives included in the search is a good idea, but there seems to be couple of drawbacks with this link to freefind. It does not index all pages (at least currently), i.e., it does not find all messages. The search does not include messages from the previously used archive. I do not agree with all "terms and conditions" for the freefind search. > May be we can add this link to the 'Host AP related links' or in the > main HostAP site, so that it is useful for everybody. Based on the above mentioned reasons I'm not going to add this link. However, I added the new mailing list archive to the mailing list search at http://hostap.epitest.fi/. -- Jouni Malinen PGP id EFC895FA From ged at jubileegroup.co.uk Sat Mar 19 05:25:39 2005 From: ged at jubileegroup.co.uk (Ged Haywood) Date: Sat, 19 Mar 2005 10:25:39 +0000 (GMT) Subject: How do you install HostAP on a stripped down Linux system? In-Reply-To: <20050318103618.1A9511345B4@mail.iocaine.com> References: <20050318103618.1A9511345B4@mail.iocaine.com> Message-ID: Hi there, On Fri, 18 Mar 2005 Doug Bradford wrote: > I have the latest hostap driver and related programs successfully > running on my development system. How do I install hostap driver > and related programs on a second stripped down Linux machine that > has no development environment? Either build the kernel with HostAP compiled into it or make a module and transfer that module to the second system so that the kernel can load it. In that case the module must have been compiled for the kernel that is going to load it so be careful if the two machines run different kernels. Would I be right in guessing that the system that has no development environment is a firewall? 73, Ged. From aj at dungeon.inka.de Sat Mar 19 06:51:24 2005 From: aj at dungeon.inka.de (Andreas Jellinghaus) Date: Sat, 19 Mar 2005 12:51:24 +0100 Subject: pci card for hostapd Message-ID: <1111233085.3599.0.camel@simulacron> Hi, can anyone suggest a pci card for use with hostapd? (hostap, prism54 or madwifi driver) Thanks, Andreas -- ---------------------[ Ciphire Signature ]---------------------- From: aj at dungeon.inka.de signed email body (90 characters) Date: on 19 March 2005 at 11:46:35 UTC To: hostap at shmoo.com ---------------------------------------------------------------- : Ciphire has secured this email against identity theft. : Free download at www.ciphire.com. The garbled lines : below are the sender's verifiable digital signature. ---------------------------------------------------------------- 00fAAAAAEAAAAbETxCWgAAAIEBAAIAAgACACBQ2JmUgw78JvBqhaOBPOsMFbVDS6 UaQIxcChG5IhzQhgEA0eMp7V0xI9MrMhC47uaTDnnuTnqi6z9oLEuev70rCXu40S nJMFxIaK3GZMnFEM+SimA2+9BGnKAIjL7vZJHTEQ== ------------------[ End Ciphire Signed Message ]---------------- From jar at pcuf.fi Sat Mar 19 09:58:19 2005 From: jar at pcuf.fi (Jar) Date: Sat, 19 Mar 2005 14:58:19 +0000 Subject: pci card for hostapd In-Reply-To: <1111233085.3599.0.camel@simulacron> References: <1111233085.3599.0.camel@simulacron> Message-ID: <423C3E0B.2070202@pcuf.fi> Andreas Jellinghaus wrote: > can anyone suggest a pci card for use with hostapd? > (hostap, prism54 or madwifi driver) 3COM WIRELESS PCI CARD 3CRDW696 (prism2.5/hostap_pci). -- Best Regards, Jar From rankincj at yahoo.com Sat Mar 19 10:26:47 2005 From: rankincj at yahoo.com (Chris Rankin) Date: Sat, 19 Mar 2005 15:26:47 +0000 (GMT) Subject: Low TX rate (1 Mbps) from hostap to prism2_usb Message-ID: <20050319152648.88842.qmail@web52903.mail.yahoo.com> Hi, I am running hostap 0.3.7 on a Netgear MA301 Send instant messages to your online friends http://uk.messenger.yahoo.com From rankincj at yahoo.com Sat Mar 19 10:42:53 2005 From: rankincj at yahoo.com (Chris Rankin) Date: Sat, 19 Mar 2005 15:42:53 +0000 (GMT) Subject: Low TX rate (1 Mbps) from hostap 0.3.7 to prism2_usb (subversion r1715) Message-ID: <20050319154253.87404.qmail@web52905.mail.yahoo.com> Hi, I am running hostap 0.3.7 on a Netgear MA301 PLX adapter, and I am noticing that the transfer rate from the hostap device to my prism2_usb device keeps dropping to 1 Mbps. For example, I have FTP'ed a file back and forth across the link: ftp> put tv_future_640_dl.zip tv.zip local: tv_future_640_dl.zip remote: tv.zip 227 Entering Passive Mode (192,168,1,1,83,156) 150 Opening BINARY mode data connection for tv.zip. 226 Transfer complete. 5132250 bytes sent in 19.4 secs (2.6e+02 Kbytes/sec) ftp> get tv.zip get.zip local: get.zip remote: tv.zip 227 Entering Passive Mode (192,168,1,1,92,188) 150 Opening BINARY mode data connection for tv.zip (5132250 bytes). 226 Transfer complete. 5132250 bytes received in 203 secs (25 Kbytes/sec) As you can see, transmitting *to* the hostap device is about 10 times faster than receiving *from* the hostap device. According to the hostap logs, the TX rate is constantly being raised and then lowered again to 10. This is what iwconfig has to say: wifi0 IEEE 802.11b ESSID:"xxxxxxxxxx" Nickname:"xxxxxxxxxx" Mode:Master Frequency:2.437 GHz Access Point: xx:xx:xx:xx:xx:xx Bit Rate:1 Mb/s Sensitivity=1/3 Retry min limit:8 RTS thr:off Fragment thr:off Power Management:off Link Quality:0 Signal level:0 Noise level:0 Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:5711 Invalid misc:1792 Missed beacon:0 Obviously the numbers of "excessive retries" and "invalid misc" worry me. However, the prism2_usb driver actually has quite a fast RX path. I certainly didn't have this problem when I was using prism2_plx and linked my two machines via Ad-Hoc mode. I am running 128 bit WEP in hardware. hostap machine: Linux 2.4.29, Pentium 120MHz, Netgear MA301, Firmware 0.3.0/1.7.1 prism2_usb machine: Linux 2.6.11, Pentium2 350 MHz, Actiontec USB, Firmware 1.1.2/1.8.3 Does anyone else see anything like this, please? Cheers, Chris Send instant messages to your online friends http://uk.messenger.yahoo.com From cross+wpa at distal.com Sat Mar 19 11:25:15 2005 From: cross+wpa at distal.com (Chris Ross) Date: Sat, 19 Mar 2005 11:25:15 -0500 Subject: Problems with wpa_supplicant/ipw2200/D-link In-Reply-To: <1111170864.24674.9387.camel@gandalf.uninova.pt> References: <423B19F8.3090007@distal.com> <1111170864.24674.9387.camel@gandalf.uninova.pt> Message-ID: <423C526B.9070408@distal.com> Pedro Ramalhais wrote: >Remove scan_ssid=1. Run wpa_supplicant in the foreground with -dddd and >post the log. If you're using wpa_supplicant from debian try using the >original source for wpa_supplicant. > > Okay. I'm using source I compiled of wpa_supplicant 0.3.8, on FC3. I commented out the scan_ssid=1 line, and now just have: # allow frontend (e.g., wpa_cli) to be used by all users in 'wheel' group ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=wheel # # home network; allow all valid ciphers network={ ssid="chili-BG" # scan_ssid=1 key_mgmt=WPA-PSK psk="passkey goes here" } I ran wpa_supplicant with -dddd, and didn't get anything noticably more interesting. The output of running it, and killing it (Ctrl-C) about 10-15 seconds later, is attached. Thanks. - Chris -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: wpa_supp.debug Url: http://lists.shmoo.com/pipermail/hostap/attachments/20050319/daf18e38/attachment.txt From jkmaline at cc.hut.fi Sat Mar 19 11:38:44 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sat, 19 Mar 2005 08:38:44 -0800 Subject: Problems with wpa_supplicant/ipw2200/D-link In-Reply-To: <423C526B.9070408@distal.com> References: <423B19F8.3090007@distal.com> <1111170864.24674.9387.camel@gandalf.uninova.pt> <423C526B.9070408@distal.com> Message-ID: <20050319163844.GA23853@jm.kir.nu> On Sat, Mar 19, 2005 at 11:25:15AM -0500, Chris Ross wrote: > ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported Which version of the ipw2200 driver are you using? It looks like it does not support the ioctl commands used by wpa_supplicant which would suggest that you might be using an older version of the driver that does not include WPA support. -- Jouni Malinen PGP id EFC895FA From cross+wpa at distal.com Sat Mar 19 11:51:36 2005 From: cross+wpa at distal.com (Chris Ross) Date: Sat, 19 Mar 2005 11:51:36 -0500 Subject: Problems with wpa_supplicant/ipw2200/D-link In-Reply-To: <20050319163844.GA23853@jm.kir.nu> References: <423B19F8.3090007@distal.com> <1111170864.24674.9387.camel@gandalf.uninova.pt> <423C526B.9070408@distal.com> <20050319163844.GA23853@jm.kir.nu> Message-ID: <423C5898.5010203@distal.com> Jouni Malinen wrote: >On Sat, Mar 19, 2005 at 11:25:15AM -0500, Chris Ross wrote: > > > >>ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported >> >> > >Which version of the ipw2200 driver are you using? It looks like it does >not support the ioctl commands used by wpa_supplicant which would >suggest that you might be using an older version of the driver that does >not include WPA support. > This is 1.0.1. I manually deleted the older code installed with FC3, and did a 'make install' from the sources of 1.0.1. Any idea why that might still be a problem? - Chris From ramalhais at serrado.net Sat Mar 19 14:02:23 2005 From: ramalhais at serrado.net (Pedro Ramalhais) Date: Sat, 19 Mar 2005 19:02:23 +0000 Subject: Problems with wpa_supplicant/ipw2200/D-link In-Reply-To: <423C526B.9070408@distal.com> References: <423B19F8.3090007@distal.com> <1111170864.24674.9387.camel@gandalf.uninova.pt> <423C526B.9070408@distal.com> Message-ID: <423C773F.6090703@serrado.net> Chris Ross wrote: > Pedro Ramalhais wrote: > >> Remove scan_ssid=1. Run wpa_supplicant in the foreground with -dddd and >> post the log. If you're using wpa_supplicant from debian try using the >> original source for wpa_supplicant. >> >> > > Okay. I'm using source I compiled of wpa_supplicant 0.3.8, on FC3. I > commented out the scan_ssid=1 line, and now just have: > > # allow frontend (e.g., wpa_cli) to be used by all users in 'wheel' group > ctrl_interface=/var/run/wpa_supplicant > ctrl_interface_group=wheel > # > # home network; allow all valid ciphers > network={ > ssid="chili-BG" > # scan_ssid=1 > key_mgmt=WPA-PSK > psk="passkey goes here" > } > > I ran wpa_supplicant with -dddd, and didn't get anything noticably more > interesting. The output of running it, and killing it (Ctrl-C) about > 10-15 seconds > later, is attached. Thanks. > > - Chris > > > > ------------------------------------------------------------------------ > > ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported > ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported > ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported > ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported > ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported > ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported > ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported It looks like your driver is compiled without WPA support... > Initializing interface 'eth1' conf '/etc/wpa_supplicant.conf' driver 'default' > Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf' > Reading configuration file '/etc/wpa_supplicant.conf' > ctrl_interface='/var/run/wpa_supplicant' > ctrl_interface_group=10 (from group name 'wheel') > Line: 6 - start of a new network block > ssid - hexdump_ascii(len=8): > 63 68 69 6c 69 2d 42 47 chili-BG > key_mgmt: 0x2 > PSK (ASCII passphrase) - hexdump_ascii(len=20): [REMOVED] > PSK (from passphrase) - hexdump(len=32): [REMOVED] > Priority group 0 > id=0 ssid='chili-BG' > Initializing interface (2) 'eth1' > EAPOL: SUPP_PAE entering state DISCONNECTED > EAPOL: KEY_RX entering state NO_KEY_RECEIVE > EAPOL: SUPP_BE entering state INITIALIZE > EAP: EAP entering state DISABLED > EAPOL: External notification - portEnabled=0 > EAPOL: External notification - portValid=0 > wpa_driver_ipw_init is called > Own MAC address: 00:0e:35:b8:f4:8c > wpa_driver_ipw_set_wpa: enabled=1 > wpa_driver_ipw_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0 > Failed to set encryption. > wpa_driver_ipw_set_key: alg=none key_idx=1 set_tx=0 seq_len=0 key_len=0 > Failed to set encryption. > wpa_driver_ipw_set_key: alg=none key_idx=2 set_tx=0 seq_len=0 key_len=0 > Failed to set encryption. > wpa_driver_ipw_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0 > Failed to set encryption. > wpa_driver_ipw_set_countermeasures: enabled=0 > wpa_driver_ipw_set_drop_unencrypted: enabled=1 > Setting scan request: 0 sec 100000 usec > Wireless event: cmd=0x8b06 len=8 > RTM_NEWLINK, IFLA_IFNAME: Interface 'eth1' added > RTM_NEWLINK, IFLA_IFNAME: Interface 'eth1' added > Starting AP scan (broadcast SSID) > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > Scan timeout - try to get results > Received 392 bytes of scan results (2 BSSes) > Scan results: 2 > Selecting BSS from priority group 0 > 0: 00:05:5d:97:5f:22 ssid='chili-BG' wpa_ie_len=0 rsn_ie_len=0 > skip - no WPA/RSN IE > 1: 00:40:96:30:b0:63 ssid='' wpa_ie_len=0 rsn_ie_len=0 > skip - no WPA/RSN IE > No suitable AP found. > Setting scan request: 5 sec 0 usec > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > Starting AP scan (broadcast SSID) > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > Scan timeout - try to get results > Received 393 bytes of scan results (2 BSSes) > Scan results: 2 > Selecting BSS from priority group 0 > 0: 00:05:5d:97:5f:22 ssid='chili-BG' wpa_ie_len=0 rsn_ie_len=0 > skip - no WPA/RSN IE > 1: 00:40:96:30:b0:63 ssid='' wpa_ie_len=0 rsn_ie_len=0 > skip - no WPA/RSN IE > No suitable AP found. > Setting scan request: 5 sec 0 usec > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > Starting AP scan (broadcast SSID) > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > Scan timeout - try to get results > Received 392 bytes of scan results (2 BSSes) > Scan results: 2 > Selecting BSS from priority group 0 > 0: 00:05:5d:97:5f:22 ssid='chili-BG' wpa_ie_len=0 rsn_ie_len=0 > skip - no WPA/RSN IE > 1: ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported > ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported > ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported > ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported > 00:40:96:30:b0:63 ssid='' wpa_ie_len=0 rsn_ie_len=0 > skip - no WPA/RSN IE > No suitable AP found. > Setting scan request: 5 sec 0 usec > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 > Signal 2 received - terminating > No keys have been configured - skip key clearing > EAPOL: External notification - portEnabled=0 > EAPOL: External notification - portValid=0 > wpa_driver_ipw_set_wpa: enabled=0 > wpa_driver_ipw_set_drop_unencrypted: enabled=0 > wpa_driver_ipw_set_countermeasures: enabled=0 > > > ------------------------------------------------------------------------ > > _______________________________________________ > HostAP mailing list > HostAP at shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap Make sure you have the latest driver. Use the ./unload and ./load scripts to load the driver to make sure the loaded driver is the latest. From daber at student.uci.agh.edu.pl Sat Mar 19 14:45:10 2005 From: daber at student.uci.agh.edu.pl (Marcin Dabrowski) Date: Sat, 19 Mar 2005 20:45:10 +0100 (CET) Subject: invalid context and set_rid/get_rid Message-ID: Hi, When I try to call function set_rid or get_rid I get this log: kernel: Debug: sleeping function called from invalid context at include/asm/semaphore.h:130 Does anybody know what'w wrong ???? Marcin From jkmaline at cc.hut.fi Sat Mar 19 15:54:04 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sat, 19 Mar 2005 12:54:04 -0800 Subject: invalid context and set_rid/get_rid In-Reply-To: References: Message-ID: <20050319205404.GA8648@jm.kir.nu> On Sat, Mar 19, 2005 at 08:45:10PM +0100, Marcin Dabrowski wrote: > When I try to call function set_rid or get_rid I get this log: > kernel: Debug: sleeping function called from invalid context at > include/asm/semaphore.h:130 Where are you calling them from? Those functions can sleep and as such, they must not be called from interrupt context. -- Jouni Malinen PGP id EFC895FA From daber at student.uci.agh.edu.pl Sat Mar 19 16:06:47 2005 From: daber at student.uci.agh.edu.pl (Marcin Dabrowski) Date: Sat, 19 Mar 2005 22:06:47 +0100 (CET) Subject: invalid context and set_rid/get_rid Message-ID: I've swaped local->passive_scan_timer.function to my own. In my function I'm calling get_rid to check link quality and set_rid to force scanning. Marcin >On Sat, Mar 19, 2005 at 08:45:10PM +0100, Marcin Dabrowski wrote: >> When I try to call function set_rid or get_rid I get this log: >> kernel: Debug: sleeping function called from invalid context at >> include/asm/semaphore.h:130 >Where are you calling them from? Those functions can sleep and as such, >they must not be called from interrupt context. >-- >Jouni Malinen PGP id EFC895FA From cross at distal.com Sat Mar 19 11:48:46 2005 From: cross at distal.com (Chris Ross) Date: Sat, 19 Mar 2005 11:48:46 -0500 Subject: Problems with wpa_supplicant/ipw2200/D-link In-Reply-To: <20050319163844.GA23853@jm.kir.nu> References: <423B19F8.3090007@distal.com> <1111170864.24674.9387.camel@gandalf.uninova.pt> <423C526B.9070408@distal.com> <20050319163844.GA23853@jm.kir.nu> Message-ID: <423C57EE.7090101@distal.com> Jouni Malinen wrote: >On Sat, Mar 19, 2005 at 11:25:15AM -0500, Chris Ross wrote: > > > >>ioctl[IPW_IOCTL_WPA_SUPPLICANT]: Operation not supported >> >> > >Which version of the ipw2200 driver are you using? It looks like it does >not support the ioctl commands used by wpa_supplicant which would >suggest that you might be using an older version of the driver that does >not include WPA support. > This is 1.0.1. I manually deleted the older code installed with FC3, and did a make install from the sources of 1.0.1. Any idea why that might still be a problem? - Chris From georg.wild at gmx.de Sat Mar 19 06:03:57 2005 From: georg.wild at gmx.de (Georg Wild) Date: Sat, 19 Mar 2005 12:03:57 +0100 Subject: DCF 660W working Message-ID: <423C071D.2050303@gmx.de> Hello everybody, I bought a D-Link DCF 660W WLAN card for my Zaurus SL-C 3000 (HW Ver.: A1, FW Ver.: 1.7.4). Now it is not working. I did some experiments and realized that it has maybe sth to do with the highest bit of param0-2. I changed the initialization code in hostap_download.c a bit to get more debug output: > printk("Eigenbau (dev->baseaddr %x)!\n",dev->base_addr); > outw(HFA384X_AUX_MAGIC2, HFA384X_PARAM2_OFF+dev->base_addr); > printk("Returned for MAGIC2: > %x\n",inw(HFA384X_PARAM2_OFF+dev->base_addr)); > outw(HFA384X_AUX_MAGIC1, HFA384X_PARAM1_OFF+dev->base_addr); > printk("Returned for MAGIC1: > %x\n",inw(HFA384X_PARAM1_OFF+dev->base_addr)); > outw(HFA384X_AUX_MAGIC0, HFA384X_PARAM0_OFF+dev->base_addr); > printk("Returned for MAGIC0: > %x\n",inw(HFA384X_PARAM0_OFF+dev->base_addr)); > printk("Aux2: %x,%x,%x\n",inw(HFA384X_PARAM0_OFF+dev->base_addr), > > inw(HFA384X_PARAM1_OFF+dev->base_addr),inw(HFA384X_PARAM2_OFF+dev->base_addr)); > > > for (i2=0; i2<=80; i2++) { data[i2]=inw(dev->base_addr+i2);} > printk("ReadOut: "); > for (i2=0; i2<=80; i2=i2+2) {printk("%x,",data[i2]); } > printk("\n"); > > printk("/Eigenbau!\n"); What I get as log output is: > <4>Eigenbau (dev->baseaddr f6000000)! > <4>Returned for MAGIC2: 3a45 > <4>Returned for MAGIC1: dc23 > <4>Returned for MAGIC0: fe01 > <4>Aux2: 7e01,5c23,3a45 > <4>ReadOut: > 0,7e01,5c23,3a45,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,208,0,0,0,0,7e01,5c23,3a45,0,0,0,0,0, > <4>/Eigenbau! It looks for me that the highest bit in Param0-2 is accidentially reset. It seems the correct value stands in the memory for a short time and then the highest bit is deleted causing the aux port not to be enabled. Are there any ideas? Greetings Georg Wild From cwevans at thesae.k12.ca.us Thu Mar 17 13:39:12 2005 From: cwevans at thesae.k12.ca.us (Chris Evans) Date: Thu, 17 Mar 2005 10:39:12 -0800 Subject: Hostapd Segmentation Fault. In-Reply-To: <20050317170004.3465.qmail@webmaildomini.aruba.it> References: <20050317170004.3465.qmail@webmaildomini.aruba.it> Message-ID: <4239CED0.6010509@thesae.k12.ca.us> I think I got this when I was running hostap on debian ppc, with a nonstandard locale, with a bug in glibc related to de locale. What distro are you using, which version of the distro, did you compile hostap, what version of hostap? roby wrote: > > Hi list, > i just compiled hostapd, but when i try to lunch it with the command: > "./hostapd hostapd.conf" > the putput is: > ##################################### > Configuration file: hostapd.conf > Segmantation fault > ################################### > > I did not make any modification to the hostapd.conf. > Anybody now why and can help me? > Regards > Roby > _______________________________________________ > HostAP mailing list > HostAP at shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap > From jkmaline at cc.hut.fi Sat Mar 19 16:53:19 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sat, 19 Mar 2005 13:53:19 -0800 Subject: invalid context and set_rid/get_rid In-Reply-To: References: Message-ID: <20050319215319.GB8648@jm.kir.nu> On Sat, Mar 19, 2005 at 10:06:47PM +0100, Marcin Dabrowski wrote: > I've swaped local->passive_scan_timer.function to my own. > In my function I'm calling get_rid to check link quality and set_rid > to force scanning. That function is being called as a timer handler, i.e., in soft interrupt context. You cannot use set_rid/get_rid from there. One option would be to schedule a process context handler to do this from the timer (search for PRISM2_SCHEDULE_TASK to get some examples). Creating a separate thread for doing this would be another way of handling this. Then again, I don't know whether you will actually get the information you are looking for from any of the RIDs, so I would recommend verifying that this is going to work before spending much time getting the passive_scan_timer function to do read RIDs. -- Jouni Malinen PGP id EFC895FA From daber at student.uci.agh.edu.pl Sat Mar 19 17:01:35 2005 From: daber at student.uci.agh.edu.pl (Marcin Dabrowski) Date: Sat, 19 Mar 2005 23:01:35 +0100 (CET) Subject: invalid context and set_rid/get_rid Message-ID: So in your opinion where is the best place to start implementing selective scanning :( Marcin From ged at jubileegroup.co.uk Sat Mar 19 19:08:21 2005 From: ged at jubileegroup.co.uk (Ged Haywood) Date: Sun, 20 Mar 2005 00:08:21 +0000 (GMT) Subject: HostAP Digest, Vol 23, Issue 22 In-Reply-To: <20050319190416.E512B134651@mail.iocaine.com> References: <20050319190416.E512B134651@mail.iocaine.com> Message-ID: Hi there, On Sat, 19 Mar 2005 Andreas Jellinghaus wrote: > can anyone suggest a pci card for use with hostapd? > (hostap, prism54 or madwifi driver) We use the MA311 (MA311GE in the UK, I guess the same in DE). If you have trouble finding a card let me know. 73, Ged. From jhiller at visi.net Sat Mar 19 21:03:07 2005 From: jhiller at visi.net (James B. Hiller) Date: Sat, 19 Mar 2005 21:03:07 -0500 (EST) Subject: HostAP Digest, Vol 23, Issue 22 In-Reply-To: Message-ID: <200503200203.j2K237im009085@bassett.home.org> > > can anyone suggest a pci card for use with hostapd? > > (hostap, prism54 or madwifi driver) > > We use the MA311 (MA311GE in the UK, I guess the same in DE). > If you have trouble finding a card let me know. That's a good one; also, I've been using the DWL-520 (A_ and B_ versions) for like two years now. Very happy. jbh From info.radek at suski.org Sun Mar 20 04:59:36 2005 From: info.radek at suski.org (Radek Suski) Date: Sun, 20 Mar 2005 10:59:36 +0100 Subject: Try to install HostAP on Fedora Core 3 but it don't work. Message-ID: <20050320100133.5F07A13420E@mail.iocaine.com> Hi, I tried to install HostAP (0.3.7) on my Laptop (HP xe3) with Fedora3. I have the Kernel sources and, I think, all what I need. I try to install hostAP (make, make Install) and it works. I have no Error Message or something like that. After this installation I should have, if I understand good, new device(s) called wlan0. But I don't have this. What make I wrong? Is it possible that this doesn't work because I have already an Ethernet device called eth1 (prism/intersil) which was automatically created from Fedora. I don't understand why I have no any error message. The system is new installed (extra to do this). I installed the kernel sources by myself because Fedora doesn't include it. Can someone help me? Best regards, Radek -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050320/348f5ca7/attachment.htm From togg at togg.de Sun Mar 20 06:10:55 2005 From: togg at togg.de (Sebastian Weitzel) Date: Sun, 20 Mar 2005 12:10:55 +0100 Subject: Try to install HostAP on Fedora Core 3 but it don't work. In-Reply-To: <20050320100133.5F07A13420E@mail.iocaine.com> References: <20050320100133.5F07A13420E@mail.iocaine.com> Message-ID: <20050320121055.rmb9fioj1p4c0owc@webmail.togg.de> > What did I make wrong? You will have to remove the driver which already is assigned to your prism device. rmmod orinoco should do the job at first instance. You will also have to add the orinoco module to the autoprobe blacklist (distribution dependent) to prevent loading this module via coldplug/hotplug on boot time. After then hostap_pci should load. Regards, Sebastian Weitzel ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. From jar at pcuf.fi Sun Mar 20 06:24:36 2005 From: jar at pcuf.fi (Jar) Date: Sun, 20 Mar 2005 13:24:36 +0200 Subject: Try to install HostAP on Fedora Core 3 but it don't work. In-Reply-To: <20050320100133.5F07A13420E@mail.iocaine.com> References: <20050320100133.5F07A13420E@mail.iocaine.com> Message-ID: <423D5D74.3070407@pcuf.fi> Radek Suski wrote: > I tried to install HostAP (0.3.7) on my Laptop (HP xe3) with Fedora3. > > I have the Kernel sources and, I think, all what I need. FYI: Kernel-sourcecode is not needed any more with 2.6.x kernels, when building modules outside the kernel tree. Kernel-sourcecode is only needed if you want to build your own custom kernel. -- Best Regards, Jar From daber at student.uci.agh.edu.pl Sun Mar 20 06:47:09 2005 From: daber at student.uci.agh.edu.pl (Marcin Dabrowski) Date: Sun, 20 Mar 2005 12:47:09 +0100 (CET) Subject: Scanning routine Message-ID: Hi, Is there any routine which is called when station needs to do handoff ?? Marcin From cross+wpa at distal.com Sun Mar 20 23:11:09 2005 From: cross+wpa at distal.com (Chris Ross) Date: Sun, 20 Mar 2005 23:11:09 -0500 Subject: Problems with wpa_supplicant/ipw2200/D-link In-Reply-To: <423C773F.6090703@serrado.net> References: <423B19F8.3090007@distal.com> <1111170864.24674.9387.camel@gandalf.uninova.pt> <423C526B.9070408@distal.com> <423C773F.6090703@serrado.net> Message-ID: <423E495D.8070707@distal.com> Pedro Ramalhais wrote: > Make sure you have the latest driver. Use the ./unload and ./load > scripts to load the driver to make sure the loaded driver is the latest. Ahh. Okay. I looked into this s'more. It wasn't that I was loading the wrong driver, it was that it wasn't compiling right. I'm not 100% sure why, but perhaps because this distribution was built with an old version of the ipw2200 module, it got defaults from somewhere. If I comment out the ifdef in the makefile, and cause it to set EXTERNAL_BUILD to "y", it gets all the defs right and compiles the module with WPA support. I did that, and now get different output. Unfortunately, I appear not to have saved that output anywhere. I'll have to regenerate it. :-( The last time I tried to run wpa_supplicant, it wedged my interface so much that I couldn't get it back, and had to reboot. So I'll compose a new message once I have the output saved. Thanks... - Chris From oleg at bal.ru Mon Mar 21 05:23:36 2005 From: oleg at bal.ru (Oleg Borovkov) Date: Mon, 21 Mar 2005 13:23:36 +0300 Subject: how built hostap inside kernel? In-Reply-To: <20050320111343.0F531134421@mail.iocaine.com> References: <20050320111343.0F531134421@mail.iocaine.com> Message-ID: <1268936237.20050321132336@bal.ru> Hello All, Please help me - explaine how i can build hostap driver inside kernel (not a module) it's need for embedded system... -- Best regards, Oleg mailto:oleg at bal.ru From kundwani_mnit at rediffmail.com Mon Mar 21 05:26:13 2005 From: kundwani_mnit at rediffmail.com (manoj kundwani) Date: 21 Mar 2005 10:26:13 -0000 Subject: Regarding Client Certificate Generation Message-ID: <20050321102613.17423.qmail@webmail8.rediffmail.com> ?Hi List, I have to generate the client certificate for EAP-TLS Authentication. Is there is anyway to generate the client certificates using openssl. Plz let me know the procedure to generate the client certificate. Can anybody help me in this. Thanks in Advance, manoj -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050321/c576f4eb/attachment.htm From thirumalai at mistralsoftware.com Mon Mar 21 05:42:49 2005 From: thirumalai at mistralsoftware.com (Thirumalai T. Bhattar) Date: Mon, 21 Mar 2005 16:12:49 +0530 Subject: Useful link for searching HostAP mailing list In-Reply-To: <20050319055314.GH8179@jm.kir.nu> References: <1110875989.5265.71.camel@Thirumalai> <20050319055314.GH8179@jm.kir.nu> Message-ID: <1111401769.4189.30.camel@thirumalai> On Fri, 2005-03-18 at 21:53 -0800, Jouni Malinen wrote: > However, I added the new mailing list archive to the mailing list search > at http://hostap.epitest.fi/. That's a great help, Jouni. Now, we can ask/expect the people to search the mailing list archives ( using the link http://hostap.epitest.fi/htdig/ ), before posting their query. Thirumalai T. Bhattar From jasper at vs19.net Mon Mar 21 05:43:19 2005 From: jasper at vs19.net (Jasper Spaans) Date: Mon, 21 Mar 2005 11:43:19 +0100 Subject: Regarding Client Certificate Generation In-Reply-To: <20050321102613.17423.qmail@webmail8.rediffmail.com> References: <20050321102613.17423.qmail@webmail8.rediffmail.com> Message-ID: <20050321104319.GA12913@spaans.vs19.net> Hi, On Mon, Mar 21, 2005 at 10:26:13AM -0000, manoj kundwani wrote: > I have to generate the client certificate for EAP-TLS Authentication. > > Is there is anyway to generate the client certificates using openssl. > Plz let me know the procedure to generate the client certificate. > Can anybody help me in this. Here's a good howto: http://www.austux.net/resources/network/eaptls.html Another option is to use TinyCA, http://tinyca.sm-zone.net/ which provides a gui for CA-management. It does however have some odd library dependencies, so if you're not afraid of the commandline I'd try the howto first. Groet, -- Jasper Spaans http://jsp.vs19.net/ 11:34:49 up 10260 days, 3:21, 0 users, load average: 5.67 5.75 5.33 -... .- -.. --. . .-. -... .- -.. --. . .-. -... .- -.. --. . .-. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050321/8dfc9463/attachment.pgp From fromkth+hostap at fastmail.fm Mon Mar 21 06:52:31 2005 From: fromkth+hostap at fastmail.fm (Ajeet Nankani) Date: Mon, 21 Mar 2005 12:52:31 +0100 Subject: Selective scanning In-Reply-To: References: Message-ID: <423EB57F.7070800@fastmail.fm> I am currently involved more or less into same kind of thing that is selective scanning, but only in STA mode. My task is to do selective active scanning, can you help me a little bit where and what to change in scanning functions and or structures to accomplish this scanning of particular channel. Do i have to write separate program for that? After reading the code, it seems that in file "hostap_ioctl.c" function static int prism2_request_hostscan(struct net_device *dev, u8 *ssid, u8 ssid_len is called when the host requests a scan(RID FCE5). In that function, channels to be scanned are copied from local->channel_mask From inspecting RID-FCE5, it seems that this channel_mask gets channel list from RID-FD10, but exactly where in the code this channel_mask gets populated with the channel list. Can you point out this? Also as this host scan (RID-FCE5) gives option to specify the subset of channels to be scanned, so to implement that, only particular different channels be scanned every time when it is called, should not be that much hard. Thanks, -ajeet. Marcin Dabrowski wrote: > Hi, > > I'm trying to implement selective scanning in HostAp. > I would like to change the local->passive_scan_timer.function > from hostap_passive_scan to my function - for example my_scanning. > my_scannig function could work as below: > 1) it would check the singnal stregth by calling > local->func->get_rid(local->dev,HFA384X_RID_COMMSQUALITY...) function > 2) then it could scan my channel by calling local->func->set_rid(dev, > HFA384X_RID_SCANREQUEST...) function > 3) then it would check local->channel_mask whether the chosen channel > can be used > > Is that scenario correct ??? > > Thanks, > Marcin From ambilyunni at yahoo.com Mon Mar 21 08:05:29 2005 From: ambilyunni at yahoo.com (Ambily N) Date: Mon, 21 Mar 2005 05:05:29 -0800 (PST) Subject: WPA supplicant with NO WEP/802.1X authentication Message-ID: <20050321130529.95125.qmail@web51003.mail.yahoo.com> Hi, We are adding WPA supplicant support to AR5005 chipset. Our configuration file looks like, network={ ssid="WBH" scan_ssid=1 key_mgmt=NONE } What we were trying to do was try 802.11 association without encryption or other authentication using WPA supplicant. When we tried this, association and disassociation are happening but continuing in a loop. What we could understand was, 802.11 association is happening,then we receive an EAPOL packet from the AP,then a timeout of 10 seconds is registered as (in wpa.c) if (wpa_s->eapol_received == 0) { /* Timeout for completing IEEE 802.1X and WPA authentication */ wpa_supplicant_req_auth_timeout( wpa_s, (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X || wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) ? 70 : 10, 0); } For this wait to cancel, either an association should happen or EAPOLDONE state shopuld be reached.But since association happened before this, it doent happen again .Also the eapol_done state also is never reached. So we deauthenticate and try again. Is our findings correct? Why does the AP send an EAP frame for a normal 802.11 association? Is there anything wrong with our configuraion? The same thing happens with static WEP keys. association is success, we are able to ping but soon it gets deauthenticated. Attaching the Log file also Regards Ambily. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: log.txt Url: http://lists.shmoo.com/pipermail/hostap/attachments/20050321/fda5d805/attachment.txt From vda at port.imtp.ilyichevsk.odessa.ua Mon Mar 21 09:50:53 2005 From: vda at port.imtp.ilyichevsk.odessa.ua (Denis Vlasenko) Date: Mon, 21 Mar 2005 16:50:53 +0200 Subject: [BUG] after switching from monitor mode to master, hostap sends IBSS beacons instead of ESS Message-ID: <200503211650.34030.vda@ilport.com.ua> If I do: # iwconfig wlan0 mode monitor # iwconfig wlan0 mode master then I see wlan0 emitting *IBSS* beacons! I am capturing it by having another hostap card in monitor mode in the same box and running tcpdump on it: 14:25:46.759099 Beacon (mon) [1.0* 2.0* 5.5 11.0 Mbit] IBSS CH: 1 ^^^^^^ This fixes it: # iwconfig wlan0 mode ad-hoc # iwconfig wlan0 mode master 14:26:13.591276 Beacon (mon) [1.0* 2.0* 5.5 11.0 Mbit] ESS CH: 1 Happens with Netgear PCI card, hostap 0.3.7 + fw 1.8.0 + Linux 2.6.11 -- vda From daber at student.uci.agh.edu.pl Mon Mar 21 10:18:11 2005 From: daber at student.uci.agh.edu.pl (Marcin Dabrowski) Date: Mon, 21 Mar 2005 16:18:11 +0100 (CET) Subject: Selective scanning Message-ID: Unfortunately prism2_request_hostscan is invoked only by "iwlist ... scanning" command :( So i think it's useless :( I'm afraid that the only way is to send probe request and process probe responses :( Marcin I am currently involved more or less into same kind of thing that is selective scanning, but only in STA mode. My task is to do selective active scanning, can you help me a little bit where and what to change in scanning functions and or structures to accomplish this scanning of particular channel. Do i have to write separate program for that? After reading the code, it seems that in file "hostap_ioctl.c" function static int prism2_request_hostscan(struct net_device *dev, u8 *ssid, u8 ssid_len is called when the host requests a scan(RID FCE5). In that function, channels to be scanned are copied from local->channel_mask >From inspecting RID-FCE5, it seems that this channel_mask gets channel list from RID-FD10, but exactly where in the code this channel_mask gets populated with the channel list. Can you point out this? Also as this host scan (RID-FCE5) gives option to specify the subset of channels to be scanned, so to implement that, only particular different channels be scanned every time when it is called, should not be that much hard. Thanks, -ajeet. From jj at nufone.net Mon Mar 21 11:05:33 2005 From: jj at nufone.net (Jeremy McNamara) Date: Mon, 21 Mar 2005 11:05:33 -0500 Subject: storage size of `io' isn't known Message-ID: <423EF0CD.9090007@nufone.net> I have setup my own toolchain for the PC Engines WRAP board and Prism2 mini-pci card. When I compile the hostap driver I get the following error and warning from gcc 2.95.3. make CC=i386-linux-gcc DESTDIR=/usr/src/wrap/rootfs i386-linux-gcc -MMD -O2 -Wall -g -DHOSTAPD_DUMP_STATE -I. -I. -I../utils -I. -DCONFIG_DRIVER_HOSTAP -c -o ctrl_iface.o ctrl_iface.c ctrl_iface.c: In function `hostapd_ctrl_iface_send': ctrl_iface.c:412: storage size of `io' isn't known ctrl_iface.c:412: warning: unused variable `io' make: *** [ctrl_iface.o] Error 1 My research has found that gcc has trouble determining the storage size when cross-compiling. Does anyone know a work around for this? Google shows many other projects having this same trouble when their code is cross-compiled. Thank you, Jeremy McNamara From fromkth+hostap at fastmail.fm Mon Mar 21 12:31:22 2005 From: fromkth+hostap at fastmail.fm (Ajeet Nankani) Date: Mon, 21 Mar 2005 18:31:22 +0100 Subject: Selective scanning In-Reply-To: References: Message-ID: <423F04EA.7080404@fastmail.fm> I think it does not matter which command invokes the host scan functionality. The problem is if you leave scanning on firmware, it scans all allowed(RID-FD10 or rather PDR 0x0303) channels and does not give option to the host to specify channels, one must use host scan functionality to scan selected channels only. I think there are 2 ways to do it. One way is to build another program and run it as daemon, this daemon would take control of roaming/handoff, hence can do selective scanning also. Another way could be to insert this handoff/roaming code in hostap module, so that if STA is in host roaming mode 2 then this code takes over the roaming, scanning, and selection of new AP. Marcin and Jouni any comments on above ideas? Jouni can you point out where would be the appropriate place to implement the later option, that is inserting code in hostap to handle host roaming mode 2. Thanks, -ajeet. Marcin Dabrowski wrote: > > Unfortunately prism2_request_hostscan is invoked only by "iwlist ... > scanning" command :( So i think it's useless :( > I'm afraid that the only way is to send probe request and process probe > responses :( > > > Marcin > > > > I am currently involved more or less into same kind of thing that is > selective scanning, but only in STA mode. > > My task is to do selective active scanning, can you help me a little bit > where and what to change in scanning functions and or structures to > accomplish this scanning of particular channel. > > Do i have to write separate program for that? > > After reading the code, it seems that in file "hostap_ioctl.c" function > > static int prism2_request_hostscan(struct net_device *dev, > u8 *ssid, u8 ssid_len > > is called when the host requests a scan(RID FCE5). > In that function, channels to be scanned are copied from > local->channel_mask >>From inspecting RID-FCE5, it seems that this channel_mask gets channel > list from RID-FD10, but exactly where in the code this channel_mask gets > populated with the channel list. Can you point out this? > > Also as this host scan (RID-FCE5) gives option to specify the subset of > channels to be scanned, so to implement that, only particular different > channels be scanned every time when it is called, should not be that much > hard. > > Thanks, > > -ajeet. > From jj at nufone.net Mon Mar 21 12:59:31 2005 From: jj at nufone.net (Jeremy McNamara) Date: Mon, 21 Mar 2005 12:59:31 -0500 Subject: storage size of `io' isn't known In-Reply-To: <423EF0CD.9090007@nufone.net> References: <423EF0CD.9090007@nufone.net> Message-ID: <423F0B83.9020905@nufone.net> Jeremy McNamara wrote: > I have setup my own toolchain for the PC Engines WRAP board and Prism2 > mini-pci card. When I compile the hostap driver I get the following > error and warning from gcc 2.95.3. It is not the driver it is this hostapd that is having problems compiling. Plus, this only happens when cross-compiling. Just wanted to be clear and yes I am replying to myself ;) Jeremy McNamara From jj at nufone.net Mon Mar 21 14:13:15 2005 From: jj at nufone.net (Jeremy McNamara) Date: Mon, 21 Mar 2005 14:13:15 -0500 Subject: storage size of `io' isn't known (SOLUTION) In-Reply-To: <423F0B83.9020905@nufone.net> References: <423EF0CD.9090007@nufone.net> <423F0B83.9020905@nufone.net> Message-ID: <423F1CCB.5010501@nufone.net> A simple missing include seems to have solved this issue for me. Attached is a diff -u. Jeremy McNamara --- ctrl_iface.c 2005-03-21 14:14:18.000000000 -0500 +++ ctrl_iface.c.new 2005-03-21 14:14:08.000000000 -0500 @@ -20,6 +20,7 @@ #include #include #include +#include #include #include #include From josh at vnetworx.net Mon Mar 21 18:04:55 2005 From: josh at vnetworx.net (josh) Date: Mon, 21 Mar 2005 18:04:55 -0500 Subject: WPA on Ibook G3 running ubuntu? Message-ID: <20050321230456.27858.qmail@broadway.vnetworx.net> Is there anyway to get WPA working on a ibook G3 (Airport card) running ubuntu? WPA Supplicant spits this out in the log: root at ibook:/home/sniper # wpa_supplicant -c /etc/wpa_supplicant.conf -w -dd -ieth1 Initializing interface 'eth1' conf '/etc/wpa_supplicant.conf' driver 'default' Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf' Reading configuration file '/etc/wpa_supplicant.conf' Line: 1 - start of a new network block ssid - hexdump_ascii(len=27): 44 53 34 32 34 6b 64 6b 73 6c 6b 64 6c 6b 34 32 DS424kdkslkdlk42 32 33 34 32 64 64 66 73 6b 64 73 2342ddfskds proto: 0x1 scan_ssid=1 (0x1) key_mgmt: 0x2 PSK (ASCII passphrase) - hexdump_ascii(len=28): [REMOVED] PSK (from passphrase) - hexdump(len=32): [REMOVED] Priority group 0 id=0 ssid='Removed as to not be flamed' Initializing interface (2) 'eth1' EAPOL: SUPP_PAE entering state DISCONNECTED EAPOL: KEY_RX entering state NO_KEY_RECEIVE EAPOL: SUPP_BE entering state INITIALIZE EAP: EAP entering state DISABLED EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 Own MAC address: 00:30:65:03:1d:88 wpa_driver_hostap_set_wpa: enabled=1 wpa_driver_hostap_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0 ioctl[PRISM2_IOCTL_HOSTAPD]: Operation not supported Failed to set encryption. wpa_driver_hostap_set_key: alg=none key_idx=1 set_tx=0 seq_len=0 key_len=0 ioctl[PRISM2_IOCTL_HOSTAPD]: Operation not supported Failed to set encryption. wpa_driver_hostap_set_key: alg=none key_idx=2 set_tx=0 seq_len=0 key_len=0 ioctl[PRISM2_IOCTL_HOSTAPD]: Operation not supported Failed to set encryption. wpa_driver_hostap_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0 ioctl[PRISM2_IOCTL_HOSTAPD]: Operation not supported Failed to set encryption. wpa_driver_hostap_set_countermeasures: enabled=0 wpa_driver_hostap_set_drop_unencrypted: enabled=1 Setting scan request: 0 sec 100000 usec l2_packet_receive - recv: Network is down Starting AP scan (specific SSID) Scan SSID - hexdump_ascii(len=27): 44 53 34 32 34 6b 64 6b 73 6c 6b 64 6c 6b 34 32 DS424kdkslkdlk42 32 33 34 32 64 64 66 73 6b 64 73 2342ddfskds ioctl[PRISM2_IOCTL_HOSTAPD]: Operation not supported Failed to initiate AP scan. Setting scan request: 10 sec 0 usec EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Scan timeout - try to get results ioctl[SIOCGIWSCAN]: Operation not supported Scan results: -1 Failed to get scan results - try scanning again Setting scan request: 1 sec 0 usec EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Starting AP scan (broadcast SSID) ioctl[SIOCSIWSCAN{,EXT}]: Operation not supported Failed to initiate AP scan. Setting scan request: 10 sec 0 usec EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Scan timeout - try to get results ioctl[SIOCGIWSCAN]: Operation not supported Scan results: -1 Failed to get scan results - try scanning again Setting scan request: 1 sec 0 usec EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Starting AP scan (specific SSID) Scan SSID - hexdump_ascii(len=27): 44 53 34 32 34 6b 64 6b 73 6c 6b 64 6c 6b 34 32 DS424kdkslkdlk42 32 33 34 32 64 64 66 73 6b 64 73 2342ddfskds ioctl[PRISM2_IOCTL_HOSTAPD]: Operation not supported Failed to initiate AP scan. Setting scan request: 10 sec 0 usec EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Signal 2 received - terminating No keys have been configured - skip key clearing EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 wpa_driver_hostap_set_wpa: enabled=0 ioctl[PRISM2_IOCTL_HOSTAPD]: Operation not supported wpa_driver_hostap_set_drop_unencrypted: enabled=0 wpa_driver_hostap_set_countermeasures: enabled=0 Am i doomed or what? :) Thank you, -Josh P From jkmaline at cc.hut.fi Mon Mar 21 23:02:25 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Mon, 21 Mar 2005 20:02:25 -0800 Subject: WPA on Ibook G3 running ubuntu? In-Reply-To: <20050321230456.27858.qmail@broadway.vnetworx.net> References: <20050321230456.27858.qmail@broadway.vnetworx.net> Message-ID: <20050322040225.GS8648@jm.kir.nu> On Mon, Mar 21, 2005 at 06:04:55PM -0500, josh wrote: > Is there anyway to get WPA working on a ibook G3 (Airport card) running > ubuntu? WPA Supplicant spits this out in the log: What is this "Airport card" and what driver does it use? It looks like it is not using Host AP driver or at least the Host AP -specific ioctl calls are failing. -- Jouni Malinen PGP id EFC895FA From daber at student.uci.agh.edu.pl Tue Mar 22 06:05:15 2005 From: daber at student.uci.agh.edu.pl (Marcin Dabrowski) Date: Tue, 22 Mar 2005 12:05:15 +0100 (CET) Subject: Host-base Mode + selective scanning Message-ID: Is that true that host-based mode is only accesible in AP mode ?? To implement selective scanning I need possibility to send probe requests and to process all received frames. But it seems that it can be achieved only in master mode with host roaming mode set to 2. Unfortunately master mode makes AP from my card :( Also in master mode card receives all frames from all channel. Is it possible to force card to receive frames from chosen channels ? Another question is how to distinguish from which channel frame was received ? Thanks, Marcin From josh at vnetworx.net Tue Mar 22 14:14:42 2005 From: josh at vnetworx.net (josh) Date: Tue, 22 Mar 2005 14:14:42 -0500 Subject: WPA on Ibook G3 running ubuntu? In-Reply-To: <20050322040225.GS8648@jm.kir.nu> References: <20050321230456.27858.qmail@broadway.vnetworx.net> <20050322040225.GS8648@jm.kir.nu> Message-ID: <20050322191442.14779.qmail@broadway.vnetworx.net> Hey Jouni, First off thanks for the reply, It's basically the only wifi card that will work in a G3 Ibook, Macintosh's are proprietary hardware. It isnt a PCMCIA Card either, it is installed under the keyboard /w a built in antenna. I believe the driver is 'Airport' Here's some more info on this: http://www.ubuntuforums.org/showthread.php?t=17009 http://lists.shmoo.com/pipermail/hostap/2005-March/009628.html (I think) http://www.netstumbler.org/archive/index.php/t-13950.html Thank you, -Josh Jouni Malinen writes: > On Mon, Mar 21, 2005 at 06:04:55PM -0500, josh wrote: > >> Is there anyway to get WPA working on a ibook G3 (Airport card) running >> ubuntu? WPA Supplicant spits this out in the log: > > What is this "Airport card" and what driver does it use? It looks like > it is not using Host AP driver or at least the Host AP -specific ioctl > calls are failing. > > -- > Jouni Malinen PGP id EFC895FA > _______________________________________________ > HostAP mailing list > HostAP at shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap From mrcool at stupidgamerz.com Tue Mar 22 16:11:35 2005 From: mrcool at stupidgamerz.com (mrcool at stupidgamerz.com) Date: Tue, 22 Mar 2005 15:11:35 -0600 Subject: How do you create a WPA --ACCESS POINT--? Message-ID: <20050322211350.63662134184@mail.iocaine.com> Hello! The readme only talks about using WPA as a client... How do you make an WPA access point?? Jerryf From enochs at itd.nrl.navy.mil Tue Mar 22 19:18:48 2005 From: enochs at itd.nrl.navy.mil (Brandon Enochs) Date: Tue, 22 Mar 2005 19:18:48 -0500 Subject: hostap_80211_rx.c (129) Message-ID: <4240B5E8.3080303@itd.nrl.navy.mil> line 129 of hostap_80211_rx.c should read: LWNG_SETVAL(mactime, 2, 0, 4, rx_stats->mac_time); not: LWNG_SETVAL(mactime, 2, 0, 0, rx_stats->mac_time); The length field is incorrect. From jcui at skymv.com Tue Mar 22 23:26:11 2005 From: jcui at skymv.com (Jungle Cui) Date: Tue, 22 Mar 2005 20:26:11 -0800 Subject: Question about Access Point roaming time interval Message-ID: Hello! We use SMC-2532W-B WiFi card did the following experiment: 1): Set up two access points with same configuration in WEP mode 2): Have the WiFi card associate with one of the access point 3): Turn off the access point that the WiFi card is associated with 4): Then, as expected, the WiFi card automatically associates with the other access point 5): We use Sniffer to monitor the traffic and find out that: it takes about 3.8 seconds for the whole roaming (de-association and re-association) process to complete. (We measure it by counting the time interval between the last beacon from the 1st access point and the Probe Request from the Wifi card. Actually, after the Probe Request is sent out, it just takes about 200ms for re-association to complete) 6): We get the same results no matter weather the "host_roaming" is set to 0 or 1 We just want to know why it takes about 3.8 seconds for the WiFi card to find out that the 1st access point is no along available and need to seek another one? Is there any way for us to shorten this timne interval? Best Regards, From jkmaline at cc.hut.fi Tue Mar 22 23:59:10 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Tue, 22 Mar 2005 20:59:10 -0800 Subject: 2.6.12-rc1-mm1: hostap stack usage In-Reply-To: <20050322163340.GD1948@stusta.de> References: <20050321025159.1cabd62e.akpm@osdl.org> <20050322163340.GD1948@stusta.de> Message-ID: <20050323045909.GT8648@jm.kir.nu> (netdev added to cc:) On Tue, Mar 22, 2005 at 05:33:40PM +0100, Adrian Bunk wrote: > The stack usage in some files under drivers/net/wireless/hostap/ is > too high. Thanks; I'll fix these and submit a patch (or two) after some testing. > drivers/net/wireless/hostap/hostap_ioctl.c: > > prism2_ioctl_giwaplist: > struct sockaddr addr[IW_MAX_AP]; > struct iw_quality qual[IW_MAX_AP]; > > 64 * (16 + 4) Bytes = 1280 Bytes OK. > prism2_ioctl_ethtool: > struct ethtool_drvinfo info = { ETHTOOL_GDRVINFO }; > > 196 Bytes This seems to be somewhat obsolete now since most drivers have moved to use get_drvinfo of ethtool_ops; I'll do the same. > __prism2_translate_scan: > char buf[MAX_WPA_IE_LEN * 2 + 30]; > > (64 * 2) + 30 Bytes = 158 Bytes OK. > drivers/net/wireless/hostap/hostap_cs.c: > > prism2_config: > cisparse_t parse; > u_char buf[64]; > config_info_t conf; > > The main offender seems to be "parse" (but I'm too lame counting how > many bytes it's exactly) resulting in nearly 1 kB stack usage. This is actually very common for PC Card drivers in the current kernel tree.. I'll change Host AP to kmalloc this, but someone might consider going through all *_cs.c drivers.. > drivers/net/wireless/hostap/hostap_plx.c: > > prism2_plx_check_cis: > #define CIS_MAX_LEN 256 > u8 cis[CIS_MAX_LEN]; OK. -- Jouni Malinen PGP id EFC895FA From daber at student.uci.agh.edu.pl Wed Mar 23 00:26:02 2005 From: daber at student.uci.agh.edu.pl (Marcin Dabrowski) Date: Wed, 23 Mar 2005 06:26:02 +0100 (CET) Subject: Host-base Mode + selective scanning Message-ID: Is that true that host-based mode is only accesible in AP mode ?? To implement selective scanning I need possibility to send probe requests and to process all received frames. But it seems that it can be achieved only in master mode with host roaming mode set to 2. Unfortunately master mode makes AP from my card :( Also in master mode card receives all frames from all channel. Is it possible to force card to receive frames from chosen channels ? Another question is how to distinguish from which channel frame was received ? Thanks, Marcin From daber at student.uci.agh.edu.pl Wed Mar 23 01:27:17 2005 From: daber at student.uci.agh.edu.pl (Marcin Dabrowski) Date: Wed, 23 Mar 2005 07:27:17 +0100 (CET) Subject: Selective scanning solution Message-ID: Hi, I studied Prism2 manual once more and I think I've found the simpliest solution for selective scanning. Probe Request frames can be sent by _RID_HOSTSCAN (RID FCE5) command. Then after card has received probe response from chosen channels prism2_info_hostscanresults function is invoked (haven't tested yet). It bases on HostScanResults (RID F103). If given results are correct station can start Authentication/Association phase by calling join request (RID FCE2). Of course all of this works in roaming mode 2 (RID FC2D set on 3). But :), I don't know how can I find the right moment to start scanning. Is there any function which is called when station looses connectivity or which measures channel parameters permanently ?? Thanks, Marcin From eduardgv at gmail.com Wed Mar 23 07:00:49 2005 From: eduardgv at gmail.com (eduardgv) Date: Wed, 23 Mar 2005 13:00:49 +0100 Subject: Question about Access Point roaming time interval In-Reply-To: References: Message-ID: <66c3877d05032304002b21fe1a@mail.gmail.com> Hi, I find your experiment interesting. Is your client loading the AP with traffic, is it receiving traffic from the AP or there is no traffic at all? I think that if the client acts as "sender", it shall perform a faster handover since it is not getting layer 2 ACKs and hence, it realizes the AP is down. I think values from 300 to 500 ms should be measured. I 'd be grateful if you post the results ;) On Tue, 22 Mar 2005 20:26:11 -0800, Jungle Cui wrote: > Hello! > > We use SMC-2532W-B WiFi card did the following experiment: > > 1): Set up two access points with same configuration in WEP mode > 2): Have the WiFi card associate with one of the access point > 3): Turn off the access point that the WiFi card is associated with > 4): Then, as expected, the WiFi card automatically associates with the other access point > 5): We use Sniffer to monitor the traffic and find out that: it takes about 3.8 > seconds for the whole roaming (de-association and re-association) process to complete. > (We measure it by counting the time interval between the last beacon from the 1st access > point and the Probe Request from the Wifi card. Actually, after the Probe Request > is sent out, it just takes about 200ms for re-association to complete) > 6): We get the same results no matter weather the "host_roaming" is set to 0 or 1 > > We just want to know why it takes about 3.8 seconds for the WiFi card to find out that > the 1st access point is no along available and need to seek another one? Is there > any way for us to shorten this timne interval? > > Best Regards, > _______________________________________________ > HostAP mailing list > HostAP_at_shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap > From mail at marioland.it Tue Mar 22 07:43:50 2005 From: mail at marioland.it (Mario) Date: Tue, 22 Mar 2005 13:43:50 +0100 Subject: ipw2200 + wpa_supplicant + wep AP Message-ID: <42401306.4060004@marioland.it> Hi all, I replaced waproamd with wpa_supplicant as wireless auto-scan agent to join to known wep and wpa APs. With my pcmcia prism2-based with hostap drivers my configuration of wpa_supplicant works greatly (with wep and wpa APs). With my internal centrino wireless card (ipw2200 driver) it works well with wpa-psk AP but I have problems with simple wep AP. :( Here some informations: - Debian Sarge 3.1 - wpa_supplicant 0.3.8 (with debian-specific patches REMOVED, a vanilla version); - ipw2200 1.0.1 + firmware 2.2 my wpa_supplicant.conf: ----------------------------------------- ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=0 eapol_version=1 #ap_scan=1 network={ ssid="gandalf" key_mgmt=NONE wep_key0="XXXXXXX" wep_tx_keyidx=0 auth_alg=SHARED priority=1000 } ----------------------------------------- With this configuration it find the AP with it goes in time-out out! root at legolas:~# wpa_supplicant -i eth1 -D ipw Trying to associate with 00:0f:b5:56:35:68 (SSID='gandalf' freq=0 MHz) Authentication with 00:00:00:00:00:00 timed out. Trying to associate with 00:0f:b5:56:35:68 (SSID='gandalf' freq=0 MHz) Authentication with 00:00:00:00:00:00 timed out. It works with a wpa-psk AP. I tried also 'ap_scan=1' and 'ap_scan=0'... :( Can anyone help me? Here the full log of wpa_supplicant: root at legolas:~# wpa_supplicant -i eth1 -D ipw -dddd Initializing interface 'eth1' conf '(null)' driver 'ipw' Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf' Reading configuration file '/etc/wpa_supplicant.conf' ctrl_interface='/var/run/wpa_supplicant' ctrl_interface_group=0 eapol_version=1 Line: 8 - start of a new network block ssid - hexdump_ascii(len=7): 67 61 6e 64 61 6c 66 gandalf key_mgmt: 0x4 wep_key0 - hexdump(len=13): [REMOVED] wep_tx_keyidx=0 (0x0) auth_alg: 0x2 priority=1000 (0x3e8) Priority group 1000 id=0 ssid='gandalf' Initializing interface (2) 'eth1' EAPOL: SUPP_PAE entering state DISCONNECTED EAPOL: KEY_RX entering state NO_KEY_RECEIVE EAPOL: SUPP_BE entering state INITIALIZE EAP: EAP entering state DISABLED EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 wpa_driver_ipw_init is called Own MAC address: 00:0e:35:ce:7c:ae wpa_driver_ipw_set_wpa: enabled=1 wpa_driver_ipw_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=1 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=2 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_countermeasures: enabled=0 wpa_driver_ipw_set_drop_unencrypted: enabled=1 Setting scan request: 0 sec 100000 usec Wireless event: cmd=0x8b06 len=8 RTM_NEWLINK, IFLA_IFNAME: Interface 'eth1' added RTM_NEWLINK, IFLA_IFNAME: Interface 'eth1' added Starting AP scan (broadcast SSID) EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Scan timeout - try to get results Received 207 bytes of scan results (1 BSSes) Scan results: 1 Selecting BSS from priority group 1000 0: 00:0f:b5:56:35:68 ssid='gandalf' wpa_ie_len=0 rsn_ie_len=0 skip - no WPA/RSN IE selected non-WPA AP 00:0f:b5:56:35:68 ssid='gandalf' Trying to associate with 00:0f:b5:56:35:68 (SSID='gandalf' freq=0 MHz) Cancelling scan request Automatic auth_alg selection: 0x1 Overriding auth_alg selection: 0x2 wpa_driver_ipw_set_auth_alg: auth_alg=0x2 No keys have been configured - skip key clearing wpa_driver_ipw_set_key: alg=WEP key_idx=0 set_tx=1 seq_len=0 key_len=13 wpa_driver_ipw_set_drop_unencrypted: enabled=1 Setting authentication timeout: 5 sec 0 usec EAPOL: External notification - portControl=ForceAuthorized Wireless event: cmd=0x8b1a len=20 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Authentication with 00:00:00:00:00:00 timed out. Added BSSID 00:00:00:00:00:00 into blacklist wpa_driver_ipw_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=1 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=2 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0 EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 Setting scan request: 0 sec 0 usec Starting AP scan (broadcast SSID) EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Scan timeout - try to get results Received 207 bytes of scan results (1 BSSes) Scan results: 1 Selecting BSS from priority group 1000 0: 00:0f:b5:56:35:68 ssid='gandalf' wpa_ie_len=0 rsn_ie_len=0 skip - no WPA/RSN IE selected non-WPA AP 00:0f:b5:56:35:68 ssid='gandalf' Trying to associate with 00:0f:b5:56:35:68 (SSID='gandalf' freq=0 MHz) Cancelling scan request Automatic auth_alg selection: 0x1 Overriding auth_alg selection: 0x2 wpa_driver_ipw_set_auth_alg: auth_alg=0x2 No keys have been configured - skip key clearing wpa_driver_ipw_set_key: alg=WEP key_idx=0 set_tx=1 seq_len=0 key_len=13 wpa_driver_ipw_set_drop_unencrypted: enabled=1 Setting authentication timeout: 5 sec 0 usec EAPOL: External notification - portControl=ForceAuthorized Wireless event: cmd=0x8b1a len=20 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Authentication with 00:00:00:00:00:00 timed out. wpa_driver_ipw_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=1 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=2 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0 EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 Setting scan request: 0 sec 0 usec Starting AP scan (broadcast SSID) EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Scan timeout - try to get results Received 207 bytes of scan results (1 BSSes) Scan results: 1 Selecting BSS from priority group 1000 0: 00:0f:b5:56:35:68 ssid='gandalf' wpa_ie_len=0 rsn_ie_len=0 skip - no WPA/RSN IE selected non-WPA AP 00:0f:b5:56:35:68 ssid='gandalf' Trying to associate with 00:0f:b5:56:35:68 (SSID='gandalf' freq=0 MHz) Cancelling scan request Automatic auth_alg selection: 0x1 Overriding auth_alg selection: 0x2 wpa_driver_ipw_set_auth_alg: auth_alg=0x2 No keys have been configured - skip key clearing wpa_driver_ipw_set_key: alg=WEP key_idx=0 set_tx=1 seq_len=0 key_len=13 wpa_driver_ipw_set_drop_unencrypted: enabled=1 Setting authentication timeout: 5 sec 0 usec EAPOL: External notification - portControl=ForceAuthorized Wireless event: cmd=0x8b1a len=20 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Authentication with 00:00:00:00:00:00 timed out. wpa_driver_ipw_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=1 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=2 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0 EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 Setting scan request: 0 sec 0 usec Starting AP scan (broadcast SSID) EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Scan timeout - try to get results Received 207 bytes of scan results (1 BSSes) Scan results: 1 Selecting BSS from priority group 1000 0: 00:0f:b5:56:35:68 ssid='gandalf' wpa_ie_len=0 rsn_ie_len=0 skip - no WPA/RSN IE selected non-WPA AP 00:0f:b5:56:35:68 ssid='gandalf' Trying to associate with 00:0f:b5:56:35:68 (SSID='gandalf' freq=0 MHz) Cancelling scan request Automatic auth_alg selection: 0x1 Overriding auth_alg selection: 0x2 wpa_driver_ipw_set_auth_alg: auth_alg=0x2 No keys have been configured - skip key clearing wpa_driver_ipw_set_key: alg=WEP key_idx=0 set_tx=1 seq_len=0 key_len=13 wpa_driver_ipw_set_drop_unencrypted: enabled=1 Setting authentication timeout: 5 sec 0 usec EAPOL: External notification - portControl=ForceAuthorized Wireless event: cmd=0x8b1a len=20 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Authentication with 00:00:00:00:00:00 timed out. wpa_driver_ipw_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=1 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=2 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0 EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 Setting scan request: 0 sec 0 usec Starting AP scan (broadcast SSID) EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Scan timeout - try to get results Received 207 bytes of scan results (1 BSSes) Scan results: 1 Selecting BSS from priority group 1000 0: 00:0f:b5:56:35:68 ssid='gandalf' wpa_ie_len=0 rsn_ie_len=0 skip - no WPA/RSN IE selected non-WPA AP 00:0f:b5:56:35:68 ssid='gandalf' Trying to associate with 00:0f:b5:56:35:68 (SSID='gandalf' freq=0 MHz) Cancelling scan request Automatic auth_alg selection: 0x1 Overriding auth_alg selection: 0x2 wpa_driver_ipw_set_auth_alg: auth_alg=0x2 No keys have been configured - skip key clearing wpa_driver_ipw_set_key: alg=WEP key_idx=0 set_tx=1 seq_len=0 key_len=13 wpa_driver_ipw_set_drop_unencrypted: enabled=1 Setting authentication timeout: 5 sec 0 usec EAPOL: External notification - portControl=ForceAuthorized Wireless event: cmd=0x8b1a len=20 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Signal 2 received - terminating wpa_driver_ipw_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=1 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=2 set_tx=0 seq_len=0 key_len=0 wpa_driver_ipw_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0 EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 wpa_driver_ipw_set_wpa: enabled=0 wpa_driver_ipw_set_drop_unencrypted: enabled=0 wpa_driver_ipw_set_countermeasures: enabled=0 Removed BSSID 00:00:00:00:00:00 from blacklist (clear) -- Home Page: http://www.marioland.it GnuPG/PGP key (ID BAC3EBB1) available on key-servers From stefan at ru.is Wed Mar 23 09:24:51 2005 From: stefan at ru.is (=?ISO-8859-1?Q?Stef=E1n_Freyr_Stef=E1nsson?=) Date: Wed, 23 Mar 2005 14:24:51 +0000 Subject: Silly question - HostAP in kernel tree Message-ID: <42417C33.6010600@ru.is> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi. I was under the impression that the HostAP driver would be in the official kernel tree from version 2.6.11 (don't ask me why... thought I saw it somewhere but can't remember where). This didn't happen so I wanted to ask if this is something that is foreseeable (2.6.12 maybe)? If this is in the works, would it be at all possible to include the default mode that the driver uses in the kernel config? I would very much love to use HostAP rather than the Hermes/Orinoco one(s), I've had much more pleasant results from HostAP. However, I don't like the fact that I have to compile the driver manually after each kernel update (I know, it's not a big deal at all... just that after building the kernel for 5 minutes I really would like to be done with it) so since the Orinoco driver does work I use that instead currently. Anyways, these are just curiosity questions. Kind regards, Stefan Freyr. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQkF8Mr0ge6mq4AL2AQKMMAgAxvuS66EilizW3wJPLlgm5FOIUAC2pe9D CvIdiyg6WhliS1Dl5xfsGtNyCwi995yNDvhWaemt2343C1SZozr5oUCj2EVvoHoO 5sRADsd7hHw0ar1JZJv7MsdiZPDLLmxGJccsQo0Bvo9usfK43lbvgKc3W7YN3boj 82cU2GxDhOUwcvcLi7MsZQuVFIE6e7c/qTPGtIjhtnZAfmLFw+xuHzdYVRF2opBq LXhf32keLVyzls8PSeK1sonIISyJuc0ofzC9Q6PuG2zjW/pH9SEcIcM9vIJUbNEV Pn0d+bWnM1ZwvT33GXUsOecOU/WNblwgqZ0OmR378mH4UGcI25rpbQ== =BuyZ -----END PGP SIGNATURE----- From bunk at stusta.de Tue Mar 22 11:33:40 2005 From: bunk at stusta.de (Adrian Bunk) Date: Tue, 22 Mar 2005 17:33:40 +0100 Subject: 2.6.12-rc1-mm1: hostap stack usage In-Reply-To: <20050321025159.1cabd62e.akpm@osdl.org> References: <20050321025159.1cabd62e.akpm@osdl.org> Message-ID: <20050322163340.GD1948@stusta.de> On Mon, Mar 21, 2005 at 02:51:59AM -0800, Andrew Morton wrote: >... > Changes since 2.6.11-mm4: >... > bk-netdev.patch >... > Latest versions of various bk trees >... The stack usage in some files under drivers/net/wireless/hostap/ is too high. drivers/net/wireless/hostap/hostap_ioctl.c: prism2_ioctl_giwaplist: struct sockaddr addr[IW_MAX_AP]; struct iw_quality qual[IW_MAX_AP]; 64 * (16 + 4) Bytes = 1280 Bytes prism2_ioctl_ethtool: struct ethtool_drvinfo info = { ETHTOOL_GDRVINFO }; 196 Bytes __prism2_translate_scan: char buf[MAX_WPA_IE_LEN * 2 + 30]; (64 * 2) + 30 Bytes = 158 Bytes drivers/net/wireless/hostap/hostap_cs.c: prism2_config: cisparse_t parse; u_char buf[64]; config_info_t conf; The main offender seems to be "parse" (but I'm too lame counting how many bytes it's exactly) resulting in nearly 1 kB stack usage. drivers/net/wireless/hostap/hostap_plx.c: prism2_plx_check_cis: #define CIS_MAX_LEN 256 u8 cis[CIS_MAX_LEN]; 256 Bytes cu Adrian -- "Is there not promise of rain?" Ling Tan asked suddenly out of the darkness. There had been need of rain for many days. "Only a promise," Lao Er said. Pearl S. Buck - Dragon Seed From jcui at skymv.com Wed Mar 23 10:44:03 2005 From: jcui at skymv.com (Jungle Cui) Date: Wed, 23 Mar 2005 07:44:03 -0800 Subject: Question about Access Point roaming time interval Message-ID: Hi, Eduardgv, During the experiment, there is no traffic from AP to client; from client to AP, there is only continous standard ICMP ping requests to AP with time interval of 0.1 seconds We will try to inject some other types of traffic from client to AP to see the behavior. Regards, From fromkth+hostap at fastmail.fm Wed Mar 23 11:14:43 2005 From: fromkth+hostap at fastmail.fm (Ajeet Nankani) Date: Wed, 23 Mar 2005 17:14:43 +0100 Subject: Wireless Extensions - 18 and HostAP Message-ID: <424195F3.10209@fastmail.fm> Though it is not directly related to HostAP, but still concerned with it. How to upgrade to Wireles Extensions to 18 from 16 or 17? I guess Jouni can answer better following question. WE-18, defines extended scan request, which includes many options. What options, in that extended scan request, from the following are supported by prism2/2.5/3-(1.7.4.) with HostAP 0.3.7 driver. mode, scan_type, essid_len, num_channels, sockaddr bssid, essid, probe_delay, min_channel_time, max_channel_time. -ajeet. From rankincj at yahoo.com Wed Mar 23 18:29:47 2005 From: rankincj at yahoo.com (Chris Rankin) Date: Wed, 23 Mar 2005 23:29:47 +0000 (GMT) Subject: Low TX rate (1 Mbps) from hostap 0.3.7 to prism2_usb (subversion r1715) In-Reply-To: 6667 Message-ID: <20050323232947.10157.qmail@web52910.mail.yahoo.com> Hi, I have been investigating the curious performance problem when prism2_usb links with hostap-0.3.7, and it seems to be down to the firmware. For example, here are the results of FTPing 100MB back and forth when the prism2_usb device contains firmware 1.7.4: hostap to prism2_usb(1.7.4): ftp> get trailer_final_1000_dl.zip get.zip local: get.zip remote: trailer_final_1000_dl.zip 227 Entering Passive Mode (192,168,1,1,186,140) 150 Opening BINARY mode data connection for trailer_final_1000_dl.zip (99292202 bytes). 226 Transfer complete. 99292202 bytes received in 203 secs (4.8e+02 Kbytes/sec) prism2_usb(1.7.4) to hostap: ftp> put get.zip put.zip local: get.zip remote: put.zip 227 Entering Passive Mode (192,168,1,1,82,8) 150 Opening BINARY mode data connection for put.zip. 226 Transfer complete. 99292202 bytes sent in 247 secs (3.9e+02 Kbytes/sec) And for USB firmware 1.7.6: prism2_usb(1.7.6) to hostap: ftp> put trailer_final_1000_dl.zip put.zip local: trailer_final_1000_dl.zip remote: put.zip 227 Entering Passive Mode (192,168,1,1,249,205) 150 Opening BINARY mode data connection for put.zip. 226 Transfer complete. 99292202 bytes sent in 243 secs (4e+02 Kbytes/sec) hostap to prism2_usb(1.7.6): ftp> get put.zip get.zip local: get.zip remote: put.zip 227 Entering Passive Mode (192,168,1,1,224,174) 150 Opening BINARY mode data connection for put.zip (99292202 bytes). 226 Transfer complete. 99292202 bytes received in 200 secs (4.8e+02 Kbytes/sec) And finally for USB firmware 1.8.3: prism2_usb(1.8.3) to hostap: ftp> put trailer_final_1000_dl.zip put.zip local: trailer_final_1000_dl.zip remote: put.zip 227 Entering Passive Mode (192,168,1,1,56,48) 150 Opening BINARY mode data connection for put.zip. 226 Transfer complete. 99292202 bytes sent in 810 secs (1.2e+02 Kbytes/sec) hostap to prism2_usb(1.8.3): ftp> get put.zip get.zip local: get.zip remote: put.zip 227 Entering Passive Mode (192,168,1,1,172,18) 150 Opening BINARY mode data connection for put.zip (99292202 bytes). 226 Transfer complete. 99292202 bytes received in 3.39e+03 secs (29 Kbytes/sec) As you can see, hostap has *real* trouble when the USB adapter contains firmware 1.8.3.; although the USB adapter keeps operating at 11 Mbps, the hostap device (MA301 PLX adapter) keeps dropping down to 1 Mbps. This affects hostap's TX path more than its RX path, but even the RX path has a more than 3-fold drop in performance. Does anyone have any idea what the 1.8.3 USB firmware does that hostap hates so much, please? The hostap device is running firmware 0.3.0/1.7.1. Thanks, Chris Send instant messages to your online friends http://uk.messenger.yahoo.com From daber at student.uci.agh.edu.pl Wed Mar 23 18:33:50 2005 From: daber at student.uci.agh.edu.pl (Marcin Dabrowski) Date: Thu, 24 Mar 2005 00:33:50 +0100 (CET) Subject: Signal level Message-ID: How can I monitor signal level in station mode except from using get_rid on FD43 ? Marcin From ramalhais at serrado.net Wed Mar 23 18:37:40 2005 From: ramalhais at serrado.net (Pedro Ramalhais) Date: Wed, 23 Mar 2005 23:37:40 +0000 Subject: ipw2200 + wpa_supplicant + wep AP In-Reply-To: <42401306.4060004@marioland.it> References: <42401306.4060004@marioland.it> Message-ID: <4241FDC4.3040102@serrado.net> Mario wrote: > Hi all, > I replaced waproamd with wpa_supplicant as wireless auto-scan agent to > join to known wep and wpa APs. > > With my pcmcia prism2-based with hostap drivers my configuration of > wpa_supplicant works greatly (with wep and wpa APs). > With my internal centrino wireless card (ipw2200 driver) it works well > with wpa-psk AP but I have problems with simple wep AP. :( > > Here some informations: > - Debian Sarge 3.1 > - wpa_supplicant 0.3.8 (with debian-specific patches REMOVED, a vanilla > version); > - ipw2200 1.0.1 + firmware 2.2 > > my wpa_supplicant.conf: > ----------------------------------------- > ctrl_interface=/var/run/wpa_supplicant > ctrl_interface_group=0 > eapol_version=1 > #ap_scan=1 > > network={ > ssid="gandalf" > key_mgmt=NONE > wep_key0="XXXXXXX" > wep_tx_keyidx=0 > auth_alg=SHARED > priority=1000 > } It's a known problem with the current driver. There's a work-around for wpa_supplicant which involves patching it with a patch that you can probably find in the hostap ML archives or in the debian package. -- Pedro Ramalhais From jukim74 at paran.com Wed Mar 23 19:32:54 2005 From: jukim74 at paran.com (±èÁ¾¿í) Date: Thu, 24 Mar 2005 09:32:54 +0900 Subject: WPA2-PSK and madwifi Fail [ 3/4 msg of 4-Way Handshake ] Message-ID: <1111624374.8759.mail12x0@mail12> An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050324/265429cb/attachment.htm From lorenzo at colitti.com Wed Mar 23 19:49:24 2005 From: lorenzo at colitti.com (Lorenzo Colitti) Date: Thu, 24 Mar 2005 01:49:24 +0100 Subject: wpa_supplicant WPA crashes Sitecom WL-114 router Message-ID: <42420E94.1030902@colitti.com> Hi, I am trying to use wpa_supplicant to connect to a Sitecom WL-114 AP using WPA. Authentication seems to go fine, but I can't send any packets through (except maybe a single one if I'm lucky just after authenticating). I suspect that the AP is crashing since just after authentication completes it stops pinging from the wired interface for about ten seconds and when it comes back up the clock has been reset to its default value and the logs are empty. Is there anything I can do to figure out what is causing this? I am using latest wpa_supplicant CVS with latest madwifi CVS. This is what I have in wpa_supplicant.conf: > network={ > ssid="VDM" > psk="xxx" > } and this is what wpa_supplicant says: > # devel/hostap/wpa_supplicant/wpa_supplicant -dddd -i ath0 -D madwifi -c /etc/wpa_supplicant.conf > Initializing interface 'ath0' conf '/etc/wpa_supplicant.conf' driver 'madwifi' > Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf' > Reading configuration file '/etc/wpa_supplicant.conf' > ctrl_interface='/var/run/wpa_supplicant' > ctrl_interface_group=0 > eapol_version=1 > ap_scan=1 > fast_reauth=1 > [...] > Line: 273 - start of a new network block > ssid - hexdump_ascii(len=3): > 56 44 4d VDM > PSK (ASCII passphrase) - hexdump_ascii(len=32): [REMOVED] > PSK (from passphrase) - hexdump(len=32): [REMOVED] > Priority group 0 > [...] > id=3 ssid='VDM' > Initializing interface (2) 'ath0' > EAPOL: SUPP_PAE entering state DISCONNECTED > EAPOL: KEY_RX entering state NO_KEY_RECEIVE > EAPOL: SUPP_BE entering state INITIALIZE > EAP: EAP entering state DISABLED > EAPOL: External notification - portEnabled=0 > EAPOL: External notification - portValid=0 > ioctl[SIOCSIWPMKSA]: Operation not supported > Own MAC address: 00:11:0a:81:6b:64 > wpa_driver_madwifi_del_key: keyidx=0 > wpa_driver_madwifi_del_key: keyidx=1 > wpa_driver_madwifi_del_key: keyidx=2 > wpa_driver_madwifi_del_key: keyidx=3 > wpa_driver_madwifi_set_countermeasures: enabled=0 > wpa_driver_madwifi_set_drop_unencrypted: enabled=1 > Setting scan request: 0 sec 100000 usec > Wireless event: cmd=0x8b06 len=8 > RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added > RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added > State: DISCONNECTED -> SCANNING > Starting AP scan (broadcast SSID) > Wireless event: cmd=0x8b1a len=12 > Wireless event: cmd=0x8b19 len=12 > Received 755 bytes of scan results (4 BSSes) > Scan results: 4 > Selecting BSS from priority group 0 > 0: 00:0c:f6:10:75:a9 ssid='VDM' wpa_ie_len=24 rsn_ie_len=0 > skip - SSID mismatch > skip - SSID mismatch > skip - SSID mismatch > selected > Trying to associate with 00:0c:f6:10:75:a9 (SSID='VDM' freq=2427 MHz) > Cancelling scan request > Automatic auth_alg selection: 0x1 > WPA: using IEEE 802.11i/D3.0 > WPA: Selected cipher suites: group 8 pairwise 8 key_mgmt 2 > WPA: using GTK TKIP > WPA: using PTK TKIP > WPA: using KEY_MGMT WPA-PSK > WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02 > No keys have been configured - skip key clearing > wpa_driver_madwifi_set_drop_unencrypted: enabled=1 > State: SCANNING -> ASSOCIATING > wpa_driver_madwifi_associate > Setting authentication timeout: 5 sec 0 usec > EAPOL: External notification - EAP success=0 > EAPOL: External notification - EAP fail=0 > EAPOL: External notification - portControl=Auto > Wireless event: cmd=0x8b1a len=16 > Wireless event: cmd=0x8b15 len=20 > Wireless event: new AP: 00:0c:f6:10:75:a9 > State: ASSOCIATING -> ASSOCIATED > Association event - clear replay counter > Associated to a new BSS: BSSID=00:0c:f6:10:75:a9 > No keys have been configured - skip key clearing > Associated with 00:0c:f6:10:75:a9 > EAPOL: External notification - portEnabled=0 > EAPOL: External notification - portValid=0 > EAPOL: External notification - EAP success=0 > EAPOL: External notification - portEnabled=1 > EAPOL: SUPP_PAE entering state CONNECTING > EAPOL: txStart > WPA: drop TX EAPOL in non-IEEE 802.1X mode (type=1 len=0) > EAPOL: SUPP_BE entering state IDLE > EAP: EAP entering state INITIALIZE > EAP: EAP entering state IDLE > Setting authentication timeout: 10 sec 0 usec > RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added > RX EAPOL from 00:0c:f6:10:75:a9 > RX EAPOL - hexdump(len=99): 01 03 00 5f fe 00 89 00 20 00 00 00 00 00 00 00 05 d0 9f e5 cf 6a d5 1d c4 72 c0 86 97 15 dc 3f 88 f0 d9 9e ef 1b db 08 68 ba 6f 11 04 5e 24 83 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > Setting authentication timeout: 10 sec 0 usec > IEEE 802.1X RX: version=1 type=3 length=95 > EAPOL-Key type=254 > WPA: RX EAPOL-Key - hexdump(len=99): 01 03 00 5f fe 00 89 00 20 00 00 00 00 00 00 00 05 d0 9f e5 cf 6a d5 1d c4 72 c0 86 97 15 dc 3f 88 f0 d9 9e ef 1b db 08 68 ba 6f 11 04 5e 24 83 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > State: ASSOCIATED -> 4WAY_HANDSHAKE > WPA: RX message 1 of 4-Way Handshake from 00:0c:f6:10:75:a9 (ver=1) > WPA: WPA IE for msg 2/4 - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02WPA: Renewed SNonce - hexdump(len=32): 76 fe 63 75 2a 3f 01 b8 19 6f f3 c6 37 5a a9 9a 28 fc 4d 58 9c c3 11 0c fd 75 af 5d 32 2a 4a 53 > WPA: PMK - hexdump(len=32): [REMOVED] > WPA: PTK - hexdump(len=64): [REMOVED] > WPA: Sending EAPOL-Key 2/4 > WPA: TX EAPOL-Key - hexdump(len=137): 00 0c f6 10 75 a9 00 11 0a 81 6b 64 88 8e 01 03 00 77 fe 01 09 00 20 00 00 00 00 00 00 00 05 76 fe 63 75 2a 3f 01 b8 19 6f f3 c6 37 5a a9 9a 28 fc 4d 58 9c c3 11 0c fd 75 af 5d 32 2a 4a 53 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 19 ae d4 d8 77 75 3b 90 d7 1e ce 05 3e 91 95 00 18 dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02 > RX EAPOL from 00:0c:f6:10:75:a9 > RX EAPOL - hexdump(len=123): 01 03 00 77 fe 01 c9 00 20 00 00 00 00 00 00 00 06 d0 9f e5 cf 6a d5 1d c4 72 c0 86 97 15 dc 3f 88 f0 d9 9e ef 1b db 08 68 ba 6f 11 04 5e 24 83 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5e ac cf 02 60 69 97 94 7d 10 1a a9 32 30 f6 44 00 18 dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02 > IEEE 802.1X RX: version=1 type=3 length=119 > EAPOL-Key type=254 > WPA: RX EAPOL-Key - hexdump(len=123): 01 03 00 77 fe 01 c9 00 20 00 00 00 00 00 00 00 06 d0 9f e5 cf 6a d5 1d c4 72 c0 86 97 15 dc 3f 88 f0 d9 9e ef 1b db 08 68 ba 6f 11 04 5e 24 83 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5e ac cf 02 60 69 97 94 7d 10 1a a9 32 30 f6 44 00 18 dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02 > State: 4WAY_HANDSHAKE -> 4WAY_HANDSHAKE > WPA: RX message 3 of 4-Way Handshake from 00:0c:f6:10:75:a9 (ver=1) > WPA: IE KeyData - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02 > WPA: Sending EAPOL-Key 4/4 > WPA: TX EAPOL-Key - hexdump(len=113): 00 0c f6 10 75 a9 00 11 0a 81 6b 64 88 8e 01 03 00 5f fe 01 09 00 20 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6e 93 a4 53 7d 8a 4f 5d f0 b1 29 e9 3b cc c5 98 00 00 > WPA: Installing PTK to the driver. > WPA: RSC - hexdump(len=6): 00 00 00 00 00 00 > wpa_driver_madwifi_set_key: alg=TKIP key_idx=0 set_tx=1 seq_len=6 key_len=32 > State: 4WAY_HANDSHAKE -> GROUP_HANDSHAKE > Wireless event: cmd=0x8c02 len=81 > Custom wireless event: 'MLME-REPLAYFAILURE.indication(keyid=0 unicast addr=00:11:0a:81:6b:64)' > RX EAPOL from 00:0c:f6:10:75:a9 > RX EAPOL - hexdump(len=131): 01 03 00 7f fe 03 91 00 20 00 00 00 00 00 00 00 08 5e 37 dc e7 59 c3 e7 70 80 f3 64 d9 85 22 97 a8 58 11 be 3f c5 c5 42 cf a7 40 1f eb fb d9 e5 c4 58 11 be 3f c5 c5 42 cf a7 40 1f eb fb d9 e5 c6 13 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a3 eb d3 2f 2a 8d 16 3d 73 ba f1 5d ac 78 c7 c4 00 20 08 39 b3 25 20 02 21 ec fd 9e 7c 88 f3 a6 d8 3e d6 32 64 9c 43 49 15 df 3c 5a 49 cd 11 c7 7c 7a > IEEE 802.1X RX: version=1 type=3 length=127 > EAPOL-Key type=254 > WPA: RX EAPOL-Key - hexdump(len=131): 01 03 00 7f fe 03 91 00 20 00 00 00 00 00 00 00 08 5e 37 dc e7 59 c3 e7 70 80 f3 64 d9 85 22 97 a8 58 11 be 3f c5 c5 42 cf a7 40 1f eb fb d9 e5 c4 58 11 be 3f c5 c5 42 cf a7 40 1f eb fb d9 e5 c6 13 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a3 eb d3 2f 2a 8d 16 3d 73 ba f1 5d ac 78 c7 c4 00 20 08 39 b3 25 20 02 21 ec fd 9e 7c 88 f3 a6 d8 3e d6 32 64 9c 43 49 15 df 3c 5a 49 cd 11 c7 7c 7a > State: GROUP_HANDSHAKE -> GROUP_HANDSHAKE > WPA: RX message 1 of Group Key Handshake from 00:0c:f6:10:75:a9 (ver=1) > WPA: Group Key - hexdump(len=32): [REMOVED] > WPA: Installing GTK to the driver (keyidx=1 tx=0). > WPA: RSC - hexdump(len=6): 13 00 00 00 00 00 > wpa_driver_madwifi_set_key: alg=TKIP key_idx=1 set_tx=0 seq_len=6 key_len=32 > WPA: Sending EAPOL-Key 2/2 > WPA: TX EAPOL-Key - hexdump(len=113): 00 0c f6 10 75 a9 00 11 0a 81 6b 64 88 8e 01 03 00 5f fe 03 11 00 20 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 75 eb ed bf 35 c5 ea e8 32 5d 99 2c 7e 34 89 00 00 > WPA: Key negotiation completed with 00:0c:f6:10:75:a9 [PTK=TKIP GTK=TKIP] > Cancelling authentication timeout > State: GROUP_HANDSHAKE -> COMPLETED > Connection to 00:0c:f6:10:75:a9 completed (auth) > EAPOL: External notification - portValid=1 > EAPOL: External notification - EAP success=1 > EAPOL: SUPP_PAE entering state AUTHENTICATING > EAPOL: SUPP_BE entering state SUCCESS > EAPOL: SUPP_PAE entering state AUTHENTICATED > EAPOL: SUPP_BE entering state IDLE As soon as this message appears, the router stops pinging on the wired interface for a few seconds, as if it had crashed and were resetting itself. After about ten seconds, it starts pinging again and I get the following: > Wireless event: cmd=0x8c02 len=83 > Custom wireless event: 'MLME-REPLAYFAILURE.indication(keyid=1 broadcast addr=ff:ff:ff:ff:ff:ff)' > Wireless event: cmd=0x8c02 len=83 > Custom wireless event: 'MLME-REPLAYFAILURE.indication(keyid=1 broadcast addr=ff:ff:ff:ff:ff:ff)' > EAPOL: startWhen --> 0 > EAPOL: idleWhile --> 0 Any ideas? Cheers, Lorenzo From graman at arubanetworks.com Wed Mar 23 21:02:53 2005 From: graman at arubanetworks.com (Gopalakrishnan Raman) Date: Wed, 23 Mar 2005 18:02:53 -0800 Subject: HostAP Digest, Vol 23, Issue 27 Message-ID: Hi Please also mail us the log of wpa_supplicant. I'm pretty sure that the failure is because hostapd sends out the RSN IE in msg 3/4 and the supplicant compares this with the IE that it saw in the beacon. There must be a mismatch in the 2 IEs. I see that you have enabled RSN in hostapd.conf. It turns out that the madwifi driver file ieee80211_output.c has the function ieee80211_setup_rsn_ie() that does not always add the 2-byte RSN capabilities in the beacon. It adds it only if RSN capabilities are configured. The hostapd on the other hand always adds the 2 byte capabilites field (even if it is all 0). The fix is simple. Change the following lines in the function ieee80211_setup_rsh_ie() as follows THIS IS WHAT IT IS /optional capabilities */ if (rsn->rsn_caps != 0) ADDSHORT(frm, rsn->rsn_caps); CHANGE IT TO /* optional capabilities */ ADDSHORT(frm, rsn->rsn_caps); Recompile and re-install madwifi driver and try again Cheers -gopal > Message: 4 > Date: Thu, 24 Mar 2005 09:32:54 +0900 > From: "??????" > Subject: WPA2-PSK and madwifi Fail [ 3/4 msg of 4-Way Handshake ] > To: hostap at shmoo.com > Message-ID: <1111624374.8759.mail12x0 at mail12> > Content-Type: text/plain; charset="us-ascii" > > An HTML attachment was scrubbed... > URL: > http://incognito.shmoo.com/pipermail/hostap/attachments/200503 > 24/265429cb/attachment-0001.htm > From jukim at mercurykr.com Wed Mar 23 21:15:25 2005 From: jukim at mercurykr.com (=?ks_c_5601-1987?B?sejBvr/t?=) Date: Thu, 24 Mar 2005 11:15:25 +0900 Subject: WPA2-PSK Test Fail ( 3/4 msg of 4-Way Handshake ) Message-ID: <000901c53017$57908fc0$f90b85a5@Averatec6300> Above "WPA2-PSK and madwifi Fail [ 3/4 msg of 4-Way Handshake ]" mail is a fault. Sorry. ---- Hi I used to hostapd ( 0.3.7) and madwifi driver for WPA2-PSK authentication. Supplicant is "Intel Proset/wireless 9.0 driver. But WPA2-PSK Test is Fail ( WPA-PSK Test is Success ). Fail Point is "3/4 msg of 4-Way Handshake" Hostapd send 3/4 msg and receive a disassociation message. why WPA-PSK2 test is fail ? please send a solution for me! -enviroment- AP wireless : AR5213 CPU = IXP425 OS = linux2.4.24 hostapd = 0.3.7 wlan driver = madwifi AP mode : master ssid : rush supplicant : intel 2200BG ( driver version : 9.0.1.9 ) - hostapd.conf- logger_syslog=-1 logger_syslog_level=2 logger_stdout=-1 logger_stdout_level=2 debug=0 dump_file=/tmp/hostapd.dump ssid=rush eap_message=hello wep_key_len_broadcast=13 wep_key_len_unicast=13 wep_rekey_period=300 eapol_key_index_workaround=0 wpa=2 wpa_passphrase=xxxxxxxxxx wpa_key_mgmt=WPA-PSK WPA-EAP wpa_pairwise=TKIP wpa_group_rekey=600 wpa_gmk_rekey=86400 - Test Log - root at TEST-R:~# insmod ./ath_hal.o Using ./ath_hal.o ath_hal: 0.9.14.9 (AR5210, AR5211, AR5212, RF5111, RF5112, RF2413, REGOPS_FUNC) root at TEST-R:~# insmod ./wlan.o wlan: 0.8.4.5 (EXPERIMENTAL) ~# insmod ./wlan_tkip.o ~# insmod ./wlan_acl.o ~# insmod ./wlan_xauth.o ~# insmod ./ath_rate_onoe.o ~# insmod ./ath_pci.o Using ./ath_pci.o ath_pci: 0.9.4.12 (EXPERIMENTAL) ath0: 11a rates: 6Mbps 9Mbps 12Mbps 18Mbps 24Mbps 36Mbps 48Mbps 54Mbps ath0: 11b rates: 1Mbps 2Mbps 5.5Mbps 11Mbps ath0: 11g rates: 1Mbps 2Mbps 5.5Mbps 11Mbps 6Mbps 9Mbps 12Mbps 18Mbps 24Mbps 36Mbps 48Mbps 54Mbps ath0: mac 5.9 phy 4.3 radio 3.6 ath0: 802.11 address: 00:02:78:42:73:1f ath0: Use hw queue 0 for WME_AC_BE traffic ath0: Use hw queue 1 for WME_AC_BK traffic ath0: Use hw queue 2 for WME_AC_VI traffic ath0: Use hw queue 3 for WME_AC_VO traffic ath0: Atheros 5212: mem=0x4bff0000, irq=19 ~# iwconfig ath0 mode master ~# iwconfig ath0 essid rush ~# iwpriv ath0 mode 3 ~# iwconfig ath0 channel 10 ~# ifconfig ath0 10.10.1.254 netmask 255.255.255.0 ~# ./hostapd -ddd ./hostapd.conf Configuration file: ./hostapd.conf madwifi_set_iface_flags: dev_up=0 Using interface ath0 with hwaddr 00:02:78:42:73:1f and ssid 'rush' madwifi_set_ieee8021x: enabled=1 madwifi_configure_wpa: group key cipher=1 madwifi_configure_wpaipv6_add_addr: already assigned : pairwise key ciphers=0x2 madwifi_configure_wpa: key management algorithms=0x3 madwifi_configure_wpa: rsn capabilities=0x0 madwifi_configure_wpa: enable WPA= 0x2 madwifi_set_iface_flags: dev_up=1 madwifi_del_key: addr=00:00:00:00:00:00 key_idx=0 madwifi_del_key: addr=00:00:00:00:00:00 key_idx=1 madwifi_del_key: addr=00:00:00:00:00:00 key_idx=2 madwifi_del_key: addr=00:00:00:00:00:00 key_idx=3 IEEE 802.1X: New default WEP key index 2 IEEE 802.1X: New default WEP key - hexdump(len=13): e3 2e 4e 4d 82 5f 13 f6 86 19 2d 0e 72 madwifi_set_key: alg=WEP addr=00:00:00:00:00:00 key_idx=2 madwifi_set_privacy: enabled=1 WPA: group state machine entering state GTK_INIT GMK - hexdump(len=32): 5c 46 59 69 6d ab 14 cb 3b 46 42 f9 7b 72 ed 3a ad 64 bf c6 b8 de 76 d5 70 db 04 15 d6 4f a7 d7 GTK - hexdump(len=32): 76 a3 6a 60 8b 6c 95 1d ae 60 e3 d0 09 0c 81 75 61 03 4b 81 35 0d 8c a6 b3 6e 9f a4 05 92 71 41 WPA: group state machine entering state SETKEYSDONE madwifi_set_key: alg=TKIP addr=00:00:00:00:00:00 key_idx=1 Flushing old station entries Deauthenticate all stations l2_packet_receive - recv: Network is down Wireless event: cmd=0x8c03 len=20 ath0: STA 00:0e:35:82:60:e8 IEEE 802.11: associated New STA ath0: STA 00:0e:35:82:60:e8 WPA: event 1 notification ath0: STA 00:0e:35:82:60:e8 WPA: start authentication WPA: 00:0e:35:82:60:e8 WPA_PTK entering state INITIALIZE madwifi_del_key: addr=00:0e:35:82:60:e8 key_idx=0 ath0: STA 00:0e:35:82:60:e8 IEEE 802.1X: unauthorizing port madwifi_set_sta_authorized: addr=00:0e:35:82:60:e8 authorized=0 WPA: 00:0e:35:82:60:e8 WPA_PTK_GROUP entering state IDLE WPA: 00:0e:35:82:60:e8 WPA_PTK entering state AUTHENTICATION WPA: 00:0e:35:82:60:e8 WPA_PTK entering state AUTHENTICATION2 WPA: 00:0e:35:82:60:e8 WPA_PTK entering state INITPSK WPA: 00:0e:35:82:60:e8 WPA_PTK entering state PTKSTART ath0: STA 00:0e:35:82:60:e8 WPA: sending 1/4 msg of 4-Way Handshake TX EAPOL - hexdump(len=113): 00 0e 35 82 60 e8 00 02 78 42 73 1f 88 8e 02 03 00 5f 02 00 89 00 20 00 00 00 00 00 00 00 01 77 15 57 a7 d9 27 63 7d ef 81 42 54 a8 e6 59 6c 10 14 01 10 b6 1f 3f 55 34 39 69 2f 02 25 46 ce 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ath0: STA 00:0e:35:82:60:e8 WPA: EAPOL-Key timeout WPA: 00:0e:35:82:60:e8 WPA_PTK entering state PTKSTART ath0: STA 00:0e:35:82:60:e8 WPA: sending 1/4 msg of 4-Way Handshake TX EAPOL - hexdump(len=113): 00 0e 35 82 60 e8 00 02 78 42 73 1f 88 8e 02 03 00 5f 02 00 89 00 20 00 00 00 00 00 00 00 02 77 15 57 a7 d9 27 63 7d ef 81 42 54 a8 e6 59 6c 10 14 01 10 b6 1f 3f 55 34 39 69 2f 02 25 46 ce 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 IEEE 802.1X: 121 bytes from 00:0e:35:82:60:e8 IEEE 802.1X: version=1 type=3 length=117 ath0: STA 00:0e:35:82:60:e8 WPA: received EAPOL-Key frame (2/4 Pairwise) WPA: 00:0e:35:82:60:e8 WPA_PTK entering state PTKCALCNEGOTIATING PMK - hexdump(len=32): 5d 70 45 ab 0a f6 47 d2 76 5c b3 74 9f 7e 2a ae 94 78 b2 fa 04 da 87 5d f2 d6 85 64 c3 0d bc 82 PTK - hexdump(len=64): 89 76 9f ec b6 46 99 01 91 88 18 58 a2 9f fe 20 37 14 ec 30 af 6c aa 57 62 45 ae 24 93 5f 11 89 46 5d 00 08 7f 16 3a e9 8d a7 3a 36 f0 82 09 27 4f 04 cb 2a 11 d9 ff 98 55 fa e1 e4 40 25 5e 1f WPA: 00:0e:35:82:60:e8 WPA_PTK entering state PTKCALCNEGOTIATING2 WPA: 00:0e:35:82:60:e8 WPA_PTK entering state PTKINITNEGOTIATING madwifi_get_seqnum: addr=00:00:00:00:00:00 idx=1 ath0: STA 00:0e:35:82:60:e8 WPA: sending 3/4 msg of 4-Way Handshake Plaintext EAPOL-Key Key Data - hexdump(len=66): 30 18 01 00 00 0f ac 02 01 00 00 0f ac 02 02 00 00 0f ac 01 00 0f ac 02 00 00 dd 26 00 0f ac 01 01 00 76 a3 6a 60 8b 6c 95 1d ae 60 e3 d0 09 0c 81 75 61 03 4b 81 35 0d 8c a6 b3 6e 9f a4 05 92 71 41 TX EAPOL - hexdump(len=179): 00 0e 35 82 60 e8 00 02 78 42 73 1f 88 8e 02 03 00 a1 02 13 c9 00 20 00 00 00 00 00 00 00 03 77 15 57 a7 d9 27 63 7d ef 81 42 54 a8 e6 59 6c 10 14 01 10 b6 1f 3f 55 34 39 69 2f 02 25 46 ce 10 14 01 10 b6 1f 3f 55 34 39 69 2f 02 25 46 cf 00 00 00 00 00 00 00 03 00 00 00 00 00 00 00 00 65 14 69 b1 fc a4 f2 d0 bf d5 43 02 a9 5c e9 11 00 42 6b 11 94 5e f8 82 8f 18 58 74 ce e4 67 13 d5 5e 44 e0 b1 cf b6 df ea d3 04 92 bd 37 ba fe ee 61 9a 9a 94 90 4f 18 7b c7 fa 74 72 d3 f5 28 a9 a4 e3 c2 a8 ee af 81 32 aa 1e 49 1f 71 60 c5 19 ef ab 09 Wireless event: cmd=0x8c04 len=20 ath0: STA 00:0e:35:82:60:e8 IEEE 802.11: deassociated ath0: STA 00:0e:35:82:60:e8 WPA: event 2 notification madwifi_del_key: addr=00:0e:35:82:60:e8 key_idx=0 WPA: 00:0e:35:82:60:e8 WPA_PTK entering state DISCONNECTED WPA: 00:0e:35:82:60:e8 WPA_PTK entering state INITIALIZE madwifi_del_key: addr=00:0e:35:82:60:e8 key_idx=0 ath0: STA 00:0e:35:82:60:e8 IEEE 802.1X: unauthorizing port madwifi_set_sta_authorized: addr=00:0e:35:82:60:e8 authorized=0 ... repeating.... From jkmaline at cc.hut.fi Wed Mar 23 22:47:56 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Wed, 23 Mar 2005 19:47:56 -0800 Subject: WPA2-PSK and madwifi Fail [ 3/4 msg of 4-Way Handshake ] In-Reply-To: References: Message-ID: <20050324034756.GA8648@jm.kir.nu> On Wed, Mar 23, 2005 at 06:02:53PM -0800, Gopalakrishnan Raman wrote: > Please also mail us the log of wpa_supplicant. I'm pretty sure that the > failure is because hostapd sends out the RSN IE in msg 3/4 and > the supplicant compares this with the IE that it saw in the beacon. There > must be a mismatch in the 2 IEs. I would agree that this is the most likely reason for the authentication failing here. > I see that you have enabled RSN in > hostapd.conf. It turns out that the madwifi driver file ieee80211_output.c > has the function ieee80211_setup_rsn_ie() that does not always add the > 2-byte RSN capabilities in the beacon. It adds it only if RSN capabilities > are configured. The hostapd on the other hand always adds the 2 byte > capabilites field (even if it is all 0). The fix is simple. Change the > following lines in the function ieee80211_setup_rsh_ie() as follows This is not really a generic fix, just a workaround for one of the cases. The main problem is in madwifi driver not providing synchronization for the WPA/RSN IE with hostapd. Either the driver would need to use the IE that hostapd generates or it would need to provide a mechanism for hostapd to update its IE based on what the driver generated. In this particular case, both WPA2-PSK and WPA2-EAP seemed to be enabled in hostapd.conf, which will make hostapd to advertise both key management suites. The driver is unlikely to do this and the IEs end up being different which will make the supplicant to drop message 3/4. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Wed Mar 23 22:50:16 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Wed, 23 Mar 2005 19:50:16 -0800 Subject: wpa_supplicant WPA crashes Sitecom WL-114 router In-Reply-To: <42420E94.1030902@colitti.com> References: <42420E94.1030902@colitti.com> Message-ID: <20050324035016.GB8648@jm.kir.nu> On Thu, Mar 24, 2005 at 01:49:24AM +0100, Lorenzo Colitti wrote: > I am trying to use wpa_supplicant to connect to a Sitecom WL-114 AP > using WPA. Authentication seems to go fine, but I can't send any packets > through (except maybe a single one if I'm lucky just after authenticating). > > I suspect that the AP is crashing since just after authentication > completes it stops pinging from the wired interface for about ten > seconds and when it comes back up the clock has been reset to its > default value and the logs are empty. > > Is there anything I can do to figure out what is causing this? If you can get the vendor of that AP looking at this.. Are you running the latest firmware version for the AP? If not, I would consider upgrading; if yes, I would recommend at least trying to go through tech support.. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Wed Mar 23 22:58:03 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Wed, 23 Mar 2005 19:58:03 -0800 Subject: Wireless Extensions - 18 and HostAP In-Reply-To: <424195F3.10209@fastmail.fm> References: <424195F3.10209@fastmail.fm> Message-ID: <20050324035803.GC8648@jm.kir.nu> On Wed, Mar 23, 2005 at 05:14:43PM +0100, Ajeet Nankani wrote: > How to upgrade to Wireles Extensions to 18 from 16 or 17? Either by upgrading to a kernel version that includes WE-18 (wireless-2.6 tree snapshot or wait for the next release) or by patching your current kernel with the patch from http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/iw_we18-5.diff > WE-18, defines extended scan request, which includes many options. > What options, in that extended scan request, from the following are > supported by prism2/2.5/3-(1.7.4.) with HostAP 0.3.7 driver. > > mode, scan_type, essid_len, num_channels, sockaddr bssid, essid, > probe_delay, min_channel_time, max_channel_time. Actually, mode and probe_delay were removed from WE-18. Anyway, the current Host AP driver snapshot supports SSID selection for the scan (i.e., essid_len and essid from this list). 0.3.7 release allows SSID parameter, but its WE-18 support does not match completely with the version of wireless extensions that went in the wireless-2.6 tree. -- Jouni Malinen PGP id EFC895FA From matti.lattu at helsinki.fi Wed Mar 23 23:48:17 2005 From: matti.lattu at helsinki.fi (Matti Lattu) Date: Thu, 24 Mar 2005 06:48:17 +0200 Subject: wpa_supplicant + ndiswrapper + WPA-PSK-AP Message-ID: <1111639697.424246916afff@www2.helsinki.fi> Hi there I'm trying to access my AP (D-Link DI 714P+) which has WPA-PSK enabled. My not-working configuration is ndiswrapper 1.1 + D-link DWL-650+, but I've accessed the AP with Windoze + ipw2200-based card, so the AP should work. The ndiswrappered card contacts the AP if the WPA is turned off. My wpa_supplicant is 0.3.8. What happens is the wpa_supplicant does not find "suitable AP" and loops following information: ---- Scan results: 1 Selecting BSS from priority group 0 0: 00:0d:88:07:71:ce ssid='harkkonet' wpa_ie_len=0 rsn_ie_len=0 skip - no WPA/RSN IE No suitable AP found. ---- Someone in this list suggested that upgrading ndiswrapper helped him, but the 1.1 is quite new (newer than his posting) and the bleeding-edge version of ndiswrapper does not compile in my setup. Please let me know if there is known problem or any tricks which I could try. I've attached the relevant information. r. Matti L ---- modprobe ndiswrapper: Mar 24 07:38:24 debian kernel: ndiswrapper version 1.1 loaded (preempt=no,smp=no) Mar 24 07:38:24 debian kernel: ndiswrapper: driver airplus (D-Link,09/08/2003,4.15.5.1) loaded Mar 24 07:38:25 debian kernel: PCI: Setting latency timer of device 03:00.0 to 64 Mar 24 07:38:25 debian kernel: ndiswrapper: using irq 11 Mar 24 07:38:26 debian kernel: wlan0: ndiswrapper ethernet device 00:0f:3d:03:1a:f8 using driver airplus, configuration file 104C:8400:1186:3B00.5.conf Mar 24 07:38:26 debian kernel: wlan0: encryption modes supported: WEP, WPA with TKIP iwconfig wlan0 wlan0 IEEE 802.11b ESSID:off/any Mode:Managed Frequency:2.432GHz Access Point: 00:00:00:00:00:00 Bit Rate:22Mb/s Tx-Power:0 dBm Sensitivity=0/3 RTS thr:4096 B Fragment thr:4095 B Encryption key:off Power Management:off Link Quality:100/100 Signal level:-100 dBm Noise level:-256 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0 iwlist wlan0 scan wlan0 Scan completed : Cell 01 - Address: 00:0D:88:07:71:CE ESSID:"harkkonet" Protocol:IEEE 802.11FH Mode:Managed Frequency:2.432GHz Quality:0/100 Signal level:83/154 Noise level:0/154 Encryption key:on Bit Rate:1Mb/s Bit Rate:2Mb/s Bit Rate:5.5Mb/s Bit Rate:11Mb/s Bit Rate:22Mb/s Extra:bcn_int=100 Extra:atim=0 cat /etc/wpa_supplicant.conf # allow frontend (e.g., wpa_cli) to be used by all users in 'wheel' group ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=staff # # home network; allow all valid ciphers network={ ssid="harkkonet" scan_ssid=1 key_mgmt=WPA-PSK psk="my_password" } wpa_supplicant -iwlan0 -c/etc/wpa_supplicant.conf -dd Initializing interface 'wlan0' conf '/etc/wpa_supplicant.conf' driver 'default' Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf' Reading configuration file '/etc/wpa_supplicant.conf' ctrl_interface='/var/run/wpa_supplicant' ctrl_interface_group=50 (from group name 'staff') Line: 8 - start of a new network block ssid - hexdump_ascii(len=9): 68 61 72 6b 6b 6f 6e 65 74 harkkonet scan_ssid=1 (0x1) key_mgmt: 0x2 PSK (ASCII passphrase) - hexdump_ascii(len=9): [REMOVED] PSK (from passphrase) - hexdump(len=32): [REMOVED] Priority group 0 id=0 ssid='harkkonet' Initializing interface (2) 'wlan0' Own MAC address: 00:0f:3d:03:1a:f8 Setting scan request: 0 sec 100000 usec Wireless event: cmd=0x8b06 len=8 RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added Starting AP scan (specific SSID) Scan SSID - hexdump_ascii(len=9): 68 61 72 6b 6b 6f 6e 65 74 harkkonet ioctl[SIOCSIWSCAN{,EXT}]: No such device Failed to initiate AP scan. Setting scan request: 10 sec 0 usec Scan timeout - try to get results Received 186 bytes of scan results (1 BSSes) Scan results: 1 Selecting BSS from priority group 0 0: 00:0d:88:07:71:ce ssid='harkkonet' wpa_ie_len=0 rsn_ie_len=0 skip - no WPA/RSN IE No suitable AP found. Setting scan request: 5 sec 0 usec Starting AP scan (broadcast SSID) Scan timeout - try to get results Received 186 bytes of scan results (1 BSSes) Scan results: 1 Selecting BSS from priority group 0 0: 00:0d:88:07:71:ce ssid='harkkonet' wpa_ie_len=0 rsn_ie_len=0 skip - no WPA/RSN IE No suitable AP found. Setting scan request: 5 sec 0 usec Starting AP scan (specific SSID) Scan SSID - hexdump_ascii(len=9): 68 61 72 6b 6b 6f 6e 65 74 harkkonet ioctl[SIOCSIWSCAN{,EXT}]: No such device Failed to initiate AP scan. Setting scan request: 10 sec 0 usec Scan timeout - try to get results Received 186 bytes of scan results (1 BSSes) Scan results: 1 Selecting BSS from priority group 0 0: 00:0d:88:07:71:ce ssid='harkkonet' wpa_ie_len=0 rsn_ie_len=0 skip - no WPA/RSN IE No suitable AP found. Setting scan request: 5 sec 0 usec Starting AP scan (broadcast SSID) Scan timeout - try to get results Received 186 bytes of scan results (1 BSSes) Scan results: 1 Selecting BSS from priority group 0 0: 00:0d:88:07:71:ce ssid='harkkonet' wpa_ie_len=0 rsn_ie_len=0 skip - no WPA/RSN IE No suitable AP found. Setting scan request: 5 sec 0 usec Starting AP scan (specific SSID) Scan SSID - hexdump_ascii(len=9): 68 61 72 6b 6b 6f 6e 65 74 harkkonet ioctl[SIOCSIWSCAN{,EXT}]: No such device Failed to initiate AP scan. Setting scan request: 10 sec 0 usec Scan timeout - try to get results Received 186 bytes of scan results (1 BSSes) Scan results: 1 Selecting BSS from priority group 0 0: 00:0d:88:07:71:ce ssid='harkkonet' wpa_ie_len=0 rsn_ie_len=0 skip - no WPA/RSN IE No suitable AP found. Setting scan request: 5 sec 0 usec [^C pressed] Signal 2 received - terminating No keys have been configured - skip key clearing From lorenzo at colitti.com Thu Mar 24 06:01:18 2005 From: lorenzo at colitti.com (Lorenzo Colitti) Date: Thu, 24 Mar 2005 12:01:18 +0100 Subject: wpa_supplicant WPA crashes Sitecom WL-114 router In-Reply-To: <20050324035016.GB8648@jm.kir.nu> References: <42420E94.1030902@colitti.com> <20050324035016.GB8648@jm.kir.nu> Message-ID: <42429DFE.1030303@colitti.com> Jouni Malinen wrote: > If you can get the vendor of that AP looking at this.. Are you running > the latest firmware version for the AP? If not, I would consider > upgrading; if yes, I would recommend at least trying to go through tech > support.. Upgrading the firmware was one of the first things I tried. I tried playing with the wpa_supplicant settings but it seems like it only supports TKIP as group and TKIP as pairwise cipher, EAP v1 and WPA-PSK, so there are no knobs left to turn. As regards support, I have written to them but I doubt that it will have any effect. This is a cheap home wireless AP/router, and I don't think they even make it themselves. The only thing I can think of is put my wadwifi card in monitor mode and sniff the (succesful) authentication of my friend's Windows laptop. However, I don't know what to look for. Based on the logs I sent to the list, what would you suggest? Should I be looking at what happens after auth? Cheers, Lorenzo From fromkth+hostap at fastmail.fm Thu Mar 24 07:20:25 2005 From: fromkth+hostap at fastmail.fm (Ajeet Nankani) Date: Thu, 24 Mar 2005 13:20:25 +0100 Subject: Wireless Extensions - 18 and HostAP - extended scan request In-Reply-To: <20050324035803.GC8648@jm.kir.nu> References: <424195F3.10209@fastmail.fm> <20050324035803.GC8648@jm.kir.nu> Message-ID: <4242B089.3030905@fastmail.fm> Jouni Malinen wrote: >>WE-18, defines extended scan request, which includes many options. >>What options, in that extended scan request, from the following are >>supported by prism2/2.5/3-(1.7.4.) with HostAP 0.3.7 driver. >> >>mode, scan_type, essid_len, num_channels, sockaddr bssid, essid, >>probe_delay, min_channel_time, max_channel_time. > > > Actually, mode and probe_delay were removed from WE-18. Anyway, the > current Host AP driver snapshot supports SSID selection for the scan > (i.e., essid_len and essid from this list). 0.3.7 release allows SSID > parameter, but its WE-18 support does not match completely with the > version of wireless extensions that went in the wireless-2.6 tree. > This means we have play with RIDs directly to control extended scan options until HostAP driver and WE supports it completely Do you know of any RIDs which may be used to manipulate probe_delay, min_channel_time and ,max_channel_time. Because in prism manual, I could not find any RIDs useful for above options. Also do you know of any other driver and or wireless tools which actually have implemented this extended scan request of WE-18. -ajeet. From lorenzo at colitti.com Thu Mar 24 09:44:12 2005 From: lorenzo at colitti.com (Lorenzo Colitti) Date: Thu, 24 Mar 2005 15:44:12 +0100 Subject: wpa_supplicant WPA crashes Sitecom WL-114 router In-Reply-To: <42429DFE.1030303@colitti.com> References: <42420E94.1030902@colitti.com> <20050324035016.GB8648@jm.kir.nu> <42429DFE.1030303@colitti.com> Message-ID: <4242D23C.5090802@colitti.com> Lorenzo Colitti wrote: > The only thing I can think of is put my wadwifi card in monitor mode and > sniff the (succesful) authentication of my friend's Windows laptop. > > However, I don't know what to look for. Based on the logs I sent to the > list, what would you suggest? Should I be looking at what happens after > auth? Ok, capture file attached. The differences I can see are the following: - Windows starts by requesting a WPA key of length 0, and then tries again requesting a key of length 32. - There is no group handshake??? All I can see is the following: 1. STA -> AP EAPOL start 2. AP -> STA Key req (len 0) 3. STA -> AP Key 4. AP -> STA Key req (len 32) (1/4?) 5. STA -> AP Key (2/4?) 6. AP -> STA Key (3/4?) 7. STA -> AP Key (4/4?) and then data. Is this possible? Using wpa_supplicant I also see group key exchange mechanisms. Or is the group key exchange encrypted using the pairwise key, so I can't see it using ethereal? Any ideas? Cheers, Lorenzo -------------- next part -------------- A non-text attachment was scrubbed... Name: wpa.pcap.gz Type: application/x-gzip Size: 12813 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050324/4dfa481a/attachment.bin From eden.akhavi at ltt.com Thu Mar 24 17:44:57 2005 From: eden.akhavi at ltt.com (Eden Akhavi) Date: Thu, 24 Mar 2005 23:44:57 +0100 Subject: Linux 2.6.11.5 + Hostapd + Madwifi Message-ID: <422906C4001CFCAD@n054.sc0.cp.net> (added by postmaster@bouncemessage.net) Hi, I have looked about the mailing archives to see if anyone else is suffering from this and could not see anything, so I am assuming its just a bad config my side. I am running Linux 2.6.11.5 with a Atheros based Cardbus card When I run hostapd, I get: Configuration file: ./madwifi.conf madwifi_set_iface_flags: dev_up=0 Using interface ath0 with hwaddr 00:01:24:60:0b:2c and ssid 'wpa-test' madwifi_set_ieee8021x: enabled=1 madwifi_configure_wpa: group key cipher=1 ioctl[IEEE80211_IOCTL_SETPARAM]: Invalid argument Unable to set group key cipher to 1 ath0: DRIVER Error configuring WPA state! IEEE 802.1X initialization failed. rmdir[ctrl_interface]: Bad address madwifi_set_privacy: enabled=0 madwifi_set_ieee8021x: enabled=0 madwifi_set_iface_flags: dev_up=0 --- I have Madwifi (ath_pci) 0.9.4.12, hostapd fresh from the CVS tonight. The Atheros card appears to be working fine, I have an unencrypted connection working fine with it. madwifi.conf: interface=ath0 driver=madwifi logger_syslog=-1 logger_syslog_level=2 logger_stdout=-1 logger_stdout_level=2 debug=0 dump_file=/tmp/hostapd.dump ssid=wpa-test eap_message=hello eapol_key_index_workaround=0 own_ip_addr=127.0.0.1 wpa=1 wpa_passphrase=secret passphrase wpa_key_mgmt=WPA-PSK WPA-EAP wpa_pairwise=TKIP CCMP -------------- lsmod shows the relevant drivers loaded: wlan_wep 6528 0 wlan_xauth 1536 0 wlan_ccmp 6912 0 wlan_tkip 11648 0 ath_pci 64032 0 ath_rate_onoe 9096 1 ath_pci wlan 116444 7 wlan_wep,wlan_xauth,wlan_ccmp,wlan_tkip,ath_pci,ath_rate_onoe ath_hal 133200 2 ath_pci Has anyone seen this before or solved it. Thanks in advance //Eden From jkmaline at cc.hut.fi Thu Mar 24 22:00:12 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Thu, 24 Mar 2005 19:00:12 -0800 Subject: wpa_supplicant WPA crashes Sitecom WL-114 router In-Reply-To: <4242D23C.5090802@colitti.com> References: <42420E94.1030902@colitti.com> <20050324035016.GB8648@jm.kir.nu> <42429DFE.1030303@colitti.com> <4242D23C.5090802@colitti.com> Message-ID: <20050325030012.GF8648@jm.kir.nu> On Thu, Mar 24, 2005 at 03:44:12PM +0100, Lorenzo Colitti wrote: > Ok, capture file attached. The differences I can see are the following: > > - Windows starts by requesting a WPA key of length 0, and then tries > again requesting a key of length 32. I'm not sure what you mean by this. Client side does not request any specific key length in 4-Way Handshake. > - There is no group handshake??? All I can see is the following: > > 1. STA -> AP EAPOL start > 2. AP -> STA Key req (len 0) > 3. STA -> AP Key > 4. AP -> STA Key req (len 32) (1/4?) > 5. STA -> AP Key (2/4?) > 6. AP -> STA Key (3/4?) > 7. STA -> AP Key (4/4?) The sent frames in wpa.pcap were: STA -> AP EAPOL-Start AP->STA WPA 1/4 STA->AP WPA 2/4 AP->STA WPA 1/4 (apparently AP did not receive 2/4 soon enough) STA->AP WPA 2/4 AP->STA WPA 3/4 STA->AP WPA 4/4 This is followed by group key handshake (encrypted): AP->STA WPA group 1/2 STA->AP WPA group 2/2 > and then data. Is this possible? Using wpa_supplicant I also see group > key exchange mechanisms. Or is the group key exchange encrypted using > the pairwise key, so I can't see it using ethereal? If you were to use wireless sniffer in monitor mode for both cases, you should see the group key exchange being encrypted. If you run a sniffer on the client machine using wpa_supplicant, you will see decrypted packets since encryption/decryption is done in the driver, not wpa_supplicant. -- Jouni Malinen PGP id EFC895FA From jerome at schevingt.com Fri Mar 25 07:42:37 2005 From: jerome at schevingt.com (Jerome SCHEVINGT) Date: Fri, 25 Mar 2005 13:42:37 +0100 Subject: a small question .. Message-ID: <063101c53138$2084c970$6432a8c0@jerome> Hi a small question: Linksys WMP54G or Netgear WG311 are not supported by hostap for master mode ? thanks From jukim at mercurykr.com Fri Mar 25 07:58:27 2005 From: jukim at mercurykr.com (=?ks_c_5601-1987?B?sejBvr/t?=) Date: Fri, 25 Mar 2005 21:58:27 +0900 Subject: WPA-PSK 1/ 4-way Handshake Fail [ madwifi+hostapd ] Message-ID: <000b01c5313a$56b76190$f00b85a5@Averatec6300> Hi I tested WPA-PSK ( madwifi + hostapd-0.3.7 ) with samsung 5300M pcmcia card, netgear WG111 Test result is fail. Association is success but 1/ 4-way Handshake is fail ( test log is dsplayed that supplicant 2/4-way Handshake is not send ) why WPA-PSK supplicant is not send 2/4-way Handshake please send a solution for me! -enviroment- AP wireless : AR5213 CPU = IXP425 OS = linux2.4.24 hostapd = 0.3.7 wlan driver = madwifi AP mode : master ssid : rush supplicant : samsung 5300M, Netgear WG111 ( WinXP ) - hostapd.conf- logger_syslog=-1 logger_syslog_level=2 logger_stdout=-1 logger_stdout_level=2 debug=0 dump_file=/tmp/hostapd.dump ssid=rush eap_message=hello wep_key_len_broadcast=13 wep_key_len_unicast=13 wep_rekey_period=300 eapol_key_index_workaround=0 wpa=1 wpa_passphrase=xxxxxxxxxx wpa_key_mgmt=WPA-PSK wpa_pairwise=TKIP wpa_group_rekey=600 wpa_gmk_rekey=86400 - test log(only L2 send Message) - ~# iwconfig ath0 mode master ~# iwconfig ath0 essid rush ~# iwpriv ath0 mode 3 ~# iwconfig ath0 channel 10 ~# ifconfig ath0 10.10.1.254 netmask 255.255.255.0 ~# chmod 755 h* ~# ./hostapd -B ./hostapd.co Using interface ath0 with hwaddr 00:02:78:42:73:1f and ssid 'rush' ipv6_add_addr: already assigned Flushing old station entries Deauthenticate all stations FRDS 00:02:78:42:73:1f->33:33:ff:42:73:1f(00:02:78:42:73:1f) data WEP [IV 00 20 01 KID 1] 1M 0842 0000 3333 ff42 731f 0002 7842 731f 0002 7842 731f 2000 0020 0160 0000 0000 aaaa 0300 0000 86dd 6000 0000 0018 3aff 0000 0000 0000 0000 0000 0000 0000 0000 ff02 0000 0000 0000 0000 0001 ff42 731f 8700 1c62 0000 0000 fe80 0000 0000 0000 0202 78ff fe42 731f NODS 00:02:78:fd:64:aa->ff:ff:ff:ff:ff:ff(ff:ff:ff:ff:ff:ff) probe_req 1M +23 4000 0000 ffff ffff ffff 0002 78fd 64aa ffff ffff ffff f08f 0004 7275 7368 0108 0204 0b16 0c18 3048 3204 1224 606c c3c4 cdd2 NODS 00:02:78:42:73:1f->00:02:78:fd:64:aa(00:02:78:42:73:1f) probe_resp 1M 5000 3a01 0002 78fd 64aa 0002 7842 731f 0002 7842 731f 0000 2ac1 0b00 0000 0000 6400 3104 0004 7275 7368 0108 8284 8b96 0c12 1824 0301 0add 1800 50f2 0101 0000 50f2 0201 0000 50f2 0201 0000 50f2 0200 002a 0100 3204 3048 606c NODS 00:02:78:fd:64:aa->ff:ff:ff:ff:ff:ff(ff:ff:ff:ff:ff:ff) probe_req 1M +25 4000 0000 ffff ffff ffff 0002 78fd 64aa ffff ffff ffff 0090 0000 0108 0204 0b16 0c18 3048 3204 1224 606c 356e f78f NODS 00:02:78:42:73:1f->00:02:78:fd:64:aa(00:02:78:42:73:1f) probe_resp 1M 5000 3a01 0002 78fd 64aa 0002 7842 731f 0002 7842 731f 1000 c7a9 0c00 0000 0000 6400 3104 0004 7275 7368 0108 8284 8b96 0c12 1824 0301 0add 1800 50f2 0101 0000 50f2 0201 0000 50f2 0201 0000 50f2 0200 002a 0100 3204 3048 606c FRDS 00:02:78:42:73:1f->33:33:00:00:00:16(00:02:78:42:73:1f) data WEP [IV 00 20 02 KID 1] 1M 0842 0000 3333 0000 0016 0002 7842 731f 0002 7842 731f 3000 0020 0260 0000 0000 aaaa 0300 0000 86dd 6000 0000 0024 0001 fe80 0000 0000 0000 0202 78ff fe42 731f ff02 0000 0000 0000 0000 0000 0000 0016 3a00 0502 0000 0100 8f00 84a5 0000 0001 0400 0000 ff02 0000 0000 0000 0000 0001 ff00 0000 NODS 00:02:78:fd:64:aa->ff:ff:ff:ff:ff:ff(ff:ff:ff:ff:ff:ff) probe_req 1M +26 4000 0000 ffff ffff ffff 0002 78fd 64aa ffff ffff ffff 1091 0004 7275 7368 0108 0204 0b16 0c18 3048 3204 1224 606c 7682 7fab NODS 00:02:78:42:73:1f->00:02:78:fd:64:aa(00:02:78:42:73:1f) probe_resp 1M 5000 3a01 0002 78fd 64aa 0002 7842 731f 0002 7842 731f 0000 53c6 1a00 0000 0000 6400 3104 0004 7275 7368 0108 8284 8b96 0c12 1824 0301 0add 1800 50f2 0101 0000 50f2 0201 0000 50f2 0201 0000 50f2 0200 002a 0100 3204 3048 606c NODS 00:02:78:fd:64:aa->ff:ff:ff:ff:ff:ff(ff:ff:ff:ff:ff:ff) probe_req 1M +27 4000 0000 ffff ffff ffff 0002 78fd 64aa ffff ffff ffff 2091 0000 0108 0204 0b16 0c18 3048 3204 1224 606c 66be e942 NODS 00:02:78:42:73:1f->00:02:78:fd:64:aa(00:02:78:42:73:1f) probe_resp 1M 5000 3a01 0002 78fd 64aa 0002 7842 731f 0002 7842 731f 1000 fbae 1b00 0000 0000 6400 3104 0004 7275 7368 0108 8284 8b96 0c12 1824 0301 0add 1800 50f2 0101 0000 50f2 0201 0000 50f2 0201 0000 50f2 0200 002a 0100 3204 3048 606c NODS 00:02:78:fd:64:aa->00:02:78:42:73:1f(00:02:78:42:73:1f) probe_req 1M +34 4000 3a01 0002 7842 731f 0002 78fd 64aa 0002 7842 731f d091 0004 7275 7368 0108 0204 0b16 0c18 3048 3204 1224 606c 0189 bdb8 NODS 00:02:78:42:73:1f->00:02:78:fd:64:aa(00:02:78:42:73:1f) probe_resp 1M 5000 3a01 0002 78fd 64aa 0002 7842 731f 0002 7842 731f 0000 0b1c 2400 0000 0000 6400 3104 0004 7275 7368 0108 8284 8b96 0c12 1824 0301 0add 1800 50f2 0101 0000 50f2 0201 0000 50f2 0201 0000 50f2 0200 002a 0100 3204 3048 606c NODS 00:02:78:fd:64:aa->00:02:78:42:73:1f(00:02:78:42:73:1f) auth 1M +30 b000 3a01 0002 7842 731f 0002 78fd 64aa 0002 7842 731f e091 0000 0100 0000 1a0b 3ecf ath0: [00:02:78:fd:64:aa] received auth rssi 30 ath0: sending auth to 00:02:78:fd:64:aa on channel 10 NODS 00:02:78:42:73:1f->00:02:78:fd:64:aa(00:02:78:42:73:1f) auth 1M b000 3a01 0002 78fd 64aa 0002 7842 731f 0002 7842 731f 1000 0000 0200 0000 NODS 00:02:78:fd:64:aa->00:02:78:42:73:1f(00:02:78:42:73:1f) assoc_req 1M +33 0000 3a01 0002 7842 731f 0002 78fd 64aa 0002 7842 731f f091 3104 0100 0004 7275 7368 0108 0204 0b16 0c12 1824 3204 3048 606c dd16 0050 f201 0100 0050 f202 0100 0050 f202 0100 0050 f202 8c5a 4be2 ath0: [00:02:78:fd:64:aa] received assoc_req rssi 33 station 00:02:78:fd:64:aa newly associated at aid 1 ath0: sending assoc_resp to 00:02:78:fd:64:aa on channel 10 NODS 00:02:78:42:73:1f->00:02:78:fd:64:aa(00:02:78:42:73:1f) assoc_resp 1M 1000 3a01 0002 78fd 64aa 0002 7842 731f 0002 7842 731f 2000 3104 0000 01c0 0108 8284 8b0c 1296 1824 3204 3048 606c FRDS 00:02:78:42:73:1f->00:02:78:fd:64:aa(00:02:78:42:73:1f) data 36M 0802 2c00 0002 78fd 64aa 0002 7842 731f 0002 7842 731f 3000 aaaa 0300 0000 888e 0203 005f fe00 8900 2000 0000 0000 0000 01de d268 4be8 45d3 6eb8 78e1 d351 2e4f 27dd 109e 0c40 e94b 6c38 7224 622b 3573 6300 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 00 FRDS 00:02:78:42:73:1f->00:02:78:fd:64:aa(00:02:78:42:73:1f) data 36M 0802 2c00 0002 78fd 64aa 0002 7842 731f 0002 7842 731f 4000 aaaa 0300 0000 888e 0203 005f fe00 8900 2000 0000 0000 0000 02de d268 4be8 45d3 6eb8 78e1 d351 2e4f 27dd 109e 0c40 e94b 6c38 7224 622b 3573 6300 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 00 FRDS 00:02:78:42:73:1f->00:02:78:fd:64:aa(00:02:78:42:73:1f) data 36M 0802 2c00 0002 78fd 64aa 0002 7842 731f 0002 7842 731f 5000 aaaa 0300 0000 888e 0203 005f fe00 8900 2000 0000 0000 0000 03de d268 4be8 45d3 6eb8 78e1 d351 2e4f 27dd 109e 0c40 e94b 6c38 7224 622b 3573 6300 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 00 FRDS 00:02:78:42:73:1f->00:02:78:fd:64:aa(00:02:78:42:73:1f) data 36M 0802 2c00 0002 78fd 64aa 0002 7842 731f 0002 7842 731f 6000 aaaa 0300 0000 888e 0203 005f fe00 8900 2000 0000 0000 0000 04de d268 4be8 45d3 6eb8 78e1 d351 2e4f 27dd 109e 0c40 e94b 6c38 7224 622b 3573 6300 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 00 ath0: sending deauth to 00:02:78:fd:64:aa on channel 10 NODS 00:02:78:42:73:1f->00:02:78:fd:64:aa(00:02:78:42:73:1f) deauth 1M c000 3a01 0002 78fd 64aa 0002 7842 731f 0002 7842 731f 7000 0200 .... repeat ..... -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050325/d0efe3df/attachment.htm From lorenzo at colitti.com Fri Mar 25 07:59:14 2005 From: lorenzo at colitti.com (Lorenzo Colitti) Date: Fri, 25 Mar 2005 13:59:14 +0100 Subject: wpa_supplicant WPA crashes Sitecom WL-114 router In-Reply-To: <20050325030012.GF8648@jm.kir.nu> References: <42420E94.1030902@colitti.com> <20050324035016.GB8648@jm.kir.nu> <42429DFE.1030303@colitti.com> <4242D23C.5090802@colitti.com> <20050325030012.GF8648@jm.kir.nu> Message-ID: <42440B22.8020902@colitti.com> Jouni Malinen wrote: > I'm not sure what you mean by this. Client side does not request any > specific key length in 4-Way Handshake. I was referring to what ethereal sees as the "key length" field in messages 2/4 and 4/4. wpa_supplicant sets it to 32 in wpa.c: > reply->key_length = wpa_s->proto == WPA_PROTO_RSN ? > 0 : key->key_length; but Windows sends 0. I hacked this but it doesn't seem to make a big difference. I dug a little bit deeper and I think that the key to understanding the problem is that the AP skips a number in the replay counters between 4/4 4-way and 1/2 group. This suggests it's hardcoding replies and receiving packets from the supplicant that it doesn't expect. wpa_supplicant does complain about the replay counters: > Custom wireless event: 'MLME-REPLAYFAILURE.indication(keyid=0 unicast addr=00:11:0a:81:6b:64)' and perhaps madwifi bails out for that reason (with a "new AP 00:00:00:00:00:00 found" wireless event). I found that one thing the AP didn't like was that wpa_supplicant doesn't send an EAPOL start message. I hacked wpa_supplicant to include that and the packets that the AP sends are much more similar to the ones it sends to Windows. But I still can't get it to work. I used Ethereal to sniff the unencrypted packets both on Windows and on Linux, and the only significant differences I see, apart from the fact that the Windows driver sends WPA keys of length 26 instead of 24, are the replay counters. (See attached text files for decoded packets and diff.txt for differences.) I can't for the life of me understand why the AP is behaving like that! It seems to receive almost exactly the same packets, but to Windows it sends a correct replay counter and to wpa_supplicant it skips a number. I hacked wpa_supplicant to send keys of length 26, but that didn't help. Any ideas? Should I try to get a second card in monitor mode and see what happens? Cheers, Lorenzo -------------- next part -------------- A non-text attachment was scrubbed... Name: wpa-win.pcap Type: application/octet-stream Size: 1201 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050325/b0fe45a8/attachment.obj -------------- next part -------------- A non-text attachment was scrubbed... Name: wpa-linux.pcap Type: application/octet-stream Size: 1200 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050325/b0fe45a8/attachment-0001.obj -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: wpa-win.txt Url: http://lists.shmoo.com/pipermail/hostap/attachments/20050325/b0fe45a8/attachment.txt -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: wpa-linux.txt Url: http://lists.shmoo.com/pipermail/hostap/attachments/20050325/b0fe45a8/attachment-0001.txt -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: diff.txt Url: http://lists.shmoo.com/pipermail/hostap/attachments/20050325/b0fe45a8/attachment-0002.txt From eden.akhavi at ltt.com Sat Mar 26 14:55:05 2005 From: eden.akhavi at ltt.com (Eden Akhavi) Date: Sat, 26 Mar 2005 20:55:05 +0100 Subject: Linux 2.6.11.5 + Hostapd + Madwifi Message-ID: <42438B1A0002D14F@n120.sc0.cp.net> (added by postmaster@bouncemessage.net) I sent this email out a few days back; can anyone confirm whether they have an atheros (madwifi) interface and hostapd running; or am I doing something that is not implemented. Thanks //Eden -- Hi, I have looked about the mailing archives to see if anyone else is suffering from this and could not see anything, so I am assuming its just a bad config my side. I am running Linux 2.6.11.5 with a Atheros based Cardbus card When I run hostapd, I get: Configuration file: ./madwifi.conf madwifi_set_iface_flags: dev_up=0 Using interface ath0 with hwaddr 00:01:24:60:0b:2c and ssid 'wpa-test' madwifi_set_ieee8021x: enabled=1 madwifi_configure_wpa: group key cipher=1 ioctl[IEEE80211_IOCTL_SETPARAM]: Invalid argument Unable to set group key cipher to 1 ath0: DRIVER Error configuring WPA state! IEEE 802.1X initialization failed. rmdir[ctrl_interface]: Bad address madwifi_set_privacy: enabled=0 madwifi_set_ieee8021x: enabled=0 madwifi_set_iface_flags: dev_up=0 --- I have Madwifi (ath_pci) 0.9.4.12, hostapd fresh from the CVS tonight. The Atheros card appears to be working fine, I have an unencrypted connection working fine with it. madwifi.conf: interface=ath0 driver=madwifi logger_syslog=-1 logger_syslog_level=2 logger_stdout=-1 logger_stdout_level=2 debug=0 dump_file=/tmp/hostapd.dump ssid=wpa-test eap_message=hello eapol_key_index_workaround=0 own_ip_addr=127.0.0.1 wpa=1 wpa_passphrase=secret passphrase wpa_key_mgmt=WPA-PSK WPA-EAP wpa_pairwise=TKIP CCMP -------------- lsmod shows the relevant drivers loaded: wlan_wep 6528 0 wlan_xauth 1536 0 wlan_ccmp 6912 0 wlan_tkip 11648 0 ath_pci 64032 0 ath_rate_onoe 9096 1 ath_pci wlan 116444 7 wlan_wep,wlan_xauth,wlan_ccmp,wlan_tkip,ath_pci,ath_rate_onoe ath_hal 133200 2 ath_pci Has anyone seen this before or solved it. Thanks in advance //Eden From hareesh.khattri at ndsu.edu Sat Mar 26 16:29:56 2005 From: hareesh.khattri at ndsu.edu (hareesh.khattri at ndsu.edu) Date: Sat, 26 Mar 2005 15:29:56 -0600 (CST) Subject: Configuration for 802.1x/EAPOL authentication with WEP keys Message-ID: <34470.134.129.123.229.1111872596.squirrel@webmail.ndsu.nodak.edu> hi I am trying to use 802.1x/EAPOL authentication with dynamic WEP key generation. The access point is connected to an external Freeradius server. My WPA_supplicant configuration is: network={ ssid="test" mode=0 key_mgmt=IEEE8021X eap=TLS identity="client at example.com" ca_cert="/home/hareesh/supplicant/certs/CAcert.pem" client_cert="/home/hareesh/supplicant/certs/client-cert.pem" private_key="/home/hareesh/supplicant/certs/client-key.pem" private_key_passwd="secretkey" eapol_flags=3 priority=1 } This I took right out of the example configuration given in the .conf file. The CAcert and client certificates I generated using Tinyca. All files seem to be loaded and working properly both with WPA_supplicant and the Freeradius server. My hostapd (running in uclinux kernel acting in master mode) configuration is : ssid=test macaddr_acl=1 accept_mac_file=/etc/hostapd.accept deny_mac_file=/etc/hostapd.deny auth_algs=3 ieee8021x=1 wep_key_len_broadcast=13 wep_key_len_unicast=13 wep_rekey_period=900 own_ip_addr=134.129.123.104 # RADIUS authentication server auth_server_addr=134.129.123.204 auth_server_port=1812 auth_server_shared_secret=secret # RADIUS accounting server acct_server_addr=134.129.123.204 acct_server_port=1813 acct_server_shared_secret=secret I have attached with this mail the output given by the hostapd and wpa_supplicant and the radius server. All running in debug. My problem is that I can't get the authentication to work properly.I keep getting this message with the wpa_supplicant WPA: EAPOL frame too short, len 10, expecting at least 99 The wep key length I am using is the 13 (104). Also I have problems getting the radius server to authenticate the client. The setup between the access point and the server I think is working fine. Another problem I am having is that when I try using the configuration for WPA-EAP key management. Changing both the hostapd and wpa_supplicant configuration accordingly. The wpa_supplicant doesn't recognize the access point as WPA/RSN capable and so doesn't associate with it. The configuration I am using now is : ssid=test macaddr_acl=1 accept_mac_file=/etc/hostapd.accept deny_mac_file=/etc/hostapd.deny ieee8021x=1 own_ip_addr=134.129.123.104 # RADIUS authentication server auth_server_addr=134.129.123.204 auth_server_port=1812 auth_server_shared_secret=secret # RADIUS accounting server acct_server_addr=134.129.123.204 acct_server_port=1813 acct_server_shared_secret=secret wpa=1 wpa_key_mgmt=WPA-EAP wpa_pairwise=TKIP CCMP wpa_group_rekey=300 wpa_gmk_rekey=6400 network={ ssid="test" proto=WPA key_mgmt=WPA-EAP pairwise=CCMP TKIP group=CCMP TKIP eap=TLS identity="client at example.com" ca_cert="/home/hareesh/supplicant/certs/CAcert.pem" client_cert="/home/hareesh/supplicant/certs/client-cert.pem" private_key="/home/hareesh/supplicant/certs/client-key.pem" private_key_passwd="secretkey" priority=1 } If anyone could please point to me as to what is wrong with the configuration I am using. Thanks Hareesh khattri -------------- next part -------------- A non-text attachment was scrubbed... Name: hostapd.gz Type: application/x-gzip Size: 1467 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050326/4f158eea/attachment.bin -------------- next part -------------- A non-text attachment was scrubbed... Name: radiusout.gz Type: application/x-gzip Size: 7397 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050326/4f158eea/attachment-0001.bin -------------- next part -------------- A non-text attachment was scrubbed... Name: wpasupp.gz Type: application/x-gzip Size: 2662 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050326/4f158eea/attachment-0002.bin From jkmaline at cc.hut.fi Sat Mar 26 18:07:38 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sat, 26 Mar 2005 15:07:38 -0800 Subject: Configuration for 802.1x/EAPOL authentication with WEP keys In-Reply-To: <34470.134.129.123.229.1111872596.squirrel@webmail.ndsu.nodak.edu> References: <34470.134.129.123.229.1111872596.squirrel@webmail.ndsu.nodak.edu> Message-ID: <20050326230737.GA8204@jm.kir.nu> On Sat, Mar 26, 2005 at 03:29:56PM -0600, hareesh.khattri at ndsu.edu wrote: > I am trying to use 802.1x/EAPOL authentication with dynamic WEP key > generation. The access point is connected to an external Freeradius > server. > This I took right out of the example configuration given in the .conf file. > The CAcert and client certificates I generated using Tinyca. All files > seem to be loaded and working properly both with WPA_supplicant and the > Freeradius server. FreeRADIUS is rejecting the authentication since it did not recognize the CA certificate used in signing the client certificate. Did you generate both the client and server certificates with the same CA? > My problem is that I can't get the authentication to work properly.I keep > getting this message with the wpa_supplicant > > WPA: EAPOL frame too short, len 10, expecting at least 99 This is ok; WPA state machine is just ignoring an EAPOL message that was for IEEE 802.1X/EAPOL state machine. > Another problem I am having is that when I try using the configuration for > WPA-EAP key management. Changing both the hostapd and wpa_supplicant > configuration accordingly. The wpa_supplicant doesn't recognize the access > point as WPA/RSN capable and so doesn't associate with it. Please send debug log from hostapd and wpa_supplicant also for this case. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Sat Mar 26 18:11:54 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sat, 26 Mar 2005 15:11:54 -0800 Subject: Silly question - HostAP in kernel tree In-Reply-To: <42417C33.6010600@ru.is> References: <42417C33.6010600@ru.is> Message-ID: <20050326231154.GB8204@jm.kir.nu> On Wed, Mar 23, 2005 at 02:24:51PM +0000, Stef?n Freyr Stef?nsson wrote: > I was under the impression that the HostAP driver would be in the > official kernel tree from version 2.6.11 (don't ask me why... thought I > saw it somewhere but can't remember where). This didn't happen so I > wanted to ask if this is something that is foreseeable (2.6.12 maybe)? There was no plan in getting Host AP driver into 2.6.11 and it will not be in 2.6.12 either. Host AP driver is currently in wireless-2.6 and -mm trees. > If this is in the works, would it be at all possible to include the > default mode that the driver uses in the kernel config? If you mean iw_mode option, yes, it could be added to kernel config. Then again, you can already set it as a module parameters. -- Jouni Malinen PGP id EFC895FA From waynix at gmail.com Sat Mar 26 18:53:58 2005 From: waynix at gmail.com (wayne liu) Date: Sat, 26 Mar 2005 15:53:58 -0800 Subject: hostap_driver_data vs. driver_ops. A bug? Message-ID: I'm a newbie to the list and have been reading the src of ver 0.3.7. I have a question here, probably directed to Jouni. hostap_driver_deinit() takes a parameter, void* priv, and casts it as hostap_driver_data. But the caller of this routine, hostapd_driver_deinit(), is passing in a param of type struct driver_ops when doing hapd->driver->deinit(hapd->driver); Similarly, hostap_wireless_event_init() takes a param and casts it into hostap_driver_data*, but the caller, hostapd_wireless_event_init(), is passing in hapd->driver. As a related issue, in hostap_init(), the locally malloc'ed hostap_driver_data *drv does not seem to be held by anybody or free()'ed at the end and hence is lost when call is returned. So the question is should hapd->driver be pointing to hostap_driver_data instead of driver_ops ? Given that the 1st variable of struct hostap_driver_data is driver_ops (by design?), access to any APIs in the driver_ops won't be messed up by the mismatch of the param. But what about other data fields? Actually in hostap_wireless_event_init(), the statement: drv->wext_sock = -1; would have screwed things up. The fact the it didn't (did it?) probably means I'm missing something ? From jkmaline at cc.hut.fi Sat Mar 26 19:17:14 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sat, 26 Mar 2005 16:17:14 -0800 Subject: WPA on Ibook G3 running ubuntu? In-Reply-To: <20050322191442.14779.qmail@broadway.vnetworx.net> References: <20050321230456.27858.qmail@broadway.vnetworx.net> <20050322040225.GS8648@jm.kir.nu> <20050322191442.14779.qmail@broadway.vnetworx.net> Message-ID: <20050327001714.GD8204@jm.kir.nu> On Tue, Mar 22, 2005 at 02:14:42PM -0500, josh wrote: > First off thanks for the reply, > It's basically the only wifi card that will work in a G3 Ibook, Macintosh's > are proprietary hardware. It isnt a PCMCIA Card either, it is installed > under the keyboard /w a built in antenna. > > I believe the driver is 'Airport' I still don't know what card this is or what driver it is using. I'm not aware of any driver called 'Airport'. If it Hermes II -based card like some of the threads seem to indicate, you would need to use another driver interface in wpa_supplicant. This interface code is not under compatible license, so it is not included in the wpa_supplicant releases nor do I do any testing on it, so you would need to ask someone else for help with that. This is of course assuming, that you are indeed using the Agere driver. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Sat Mar 26 21:00:12 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sat, 26 Mar 2005 18:00:12 -0800 Subject: hostap_driver_data vs. driver_ops. A bug? In-Reply-To: References: Message-ID: <20050327020012.GE8204@jm.kir.nu> On Sat, Mar 26, 2005 at 03:53:58PM -0800, wayne liu wrote: > hostap_driver_deinit() takes a parameter, void* priv, and casts it as > hostap_driver_data. But the caller of this routine, hostapd_driver_deinit(), > is passing in a param of type struct driver_ops when doing > hapd->driver->deinit(hapd->driver); The driver interface code (driver.c) uses struct hostap_driver_data as a data structure that starts with struct driver_ops, but has private variables in the end. Generic hostapd code does not know about these and only has a pointer to struct driver_ops. Anyway, these are pointing to the same address. > As a related issue, in hostap_init(), the locally malloc'ed > hostap_driver_data *drv does not seem to be held by anybody or free()'ed > at the end and hence is lost when call is returned. This pointer is stored in hapd->driver; this is due to drv and &drv->ops pointing to the same address. > So the question is should hapd->driver be pointing to hostap_driver_data > instead of driver_ops ? No, core hostapd code should not know anything about private driver interface structures (e.g., struct hostap_driver_data). > Given that the 1st variable of struct > hostap_driver_data > is driver_ops (by design?), access to any APIs in the driver_ops won't be > messed up by the mismatch of the param. But what about other data fields? Yes, this is by design; and no, this does not mess up other fields. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Sat Mar 26 21:07:36 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sat, 26 Mar 2005 18:07:36 -0800 Subject: wpa_supplicant WPA crashes Sitecom WL-114 router In-Reply-To: <42440B22.8020902@colitti.com> References: <42420E94.1030902@colitti.com> <20050324035016.GB8648@jm.kir.nu> <42429DFE.1030303@colitti.com> <4242D23C.5090802@colitti.com> <20050325030012.GF8648@jm.kir.nu> <42440B22.8020902@colitti.com> Message-ID: <20050327020736.GF8204@jm.kir.nu> On Fri, Mar 25, 2005 at 01:59:14PM +0100, Lorenzo Colitti wrote: > I dug a little bit deeper and I think that the key to understanding the > problem is that the AP skips a number in the replay counters between 4/4 > 4-way and 1/2 group. This suggests it's hardcoding replies and receiving > packets from the supplicant that it doesn't expect. wpa_supplicant does > complain about the replay counters: > > >Custom wireless event: 'MLME-REPLAYFAILURE.indication(keyid=0 unicast > >addr=00:11:0a:81:6b:64)' These are two completely different replay counters. This messages is actually from the driver and it indicates that an encrypted packet was dropped because its sequence number did not increase. AP is probably not skipping any number; this is more likely caused by the client missing the first encrypted group key message and then receiving the second one. > I found that one thing the AP didn't like was that wpa_supplicant > doesn't send an EAPOL start message. I hacked wpa_supplicant to include > that and the packets that the AP sends are much more similar to the ones > it sends to Windows. What do you mean by "AP didn't like"? Did it do something incorrect? EAPOL-Start is not used in WPA-PSK even though the Microsoft supplicant does indeed send it. > But I still can't get it to work. I used Ethereal to sniff the > unencrypted packets both on Windows and on Linux, and the only > significant differences I see, apart from the fact that the Windows > driver sends WPA keys of length 26 instead of 24, are the replay > counters. (See attached text files for decoded packets and diff.txt for > differences.) Those are not "keys", but WPA IEs which is of variable length. > Any ideas? Should I try to get a second card in monitor mode and see > what happens? That would be more or less the only remaining thing that could be done easily without having to get the AP vendor involved in debugging what is going wrong.. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Sat Mar 26 21:09:08 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sat, 26 Mar 2005 18:09:08 -0800 Subject: How do you create a WPA --ACCESS POINT--? In-Reply-To: <20050322211350.63662134184@mail.iocaine.com> References: <20050322211350.63662134184@mail.iocaine.com> Message-ID: <20050327020908.GG8204@jm.kir.nu> On Tue, Mar 22, 2005 at 03:11:35PM -0600, mrcool at stupidgamerz.com wrote: > The readme only talks about using WPA as a client... How do you make an WPA > access point?? Which readme are you talking about? hostapd README file has information WPA for an AP. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Sat Mar 26 22:06:18 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sat, 26 Mar 2005 19:06:18 -0800 Subject: Linux 2.6.11.5 + Hostapd + Madwifi In-Reply-To: <422906C4001CFCAD@n054.sc0.cp.net> References: <422906C4001CFCAD@n054.sc0.cp.net> Message-ID: <20050327030618.GM8204@jm.kir.nu> On Thu, Mar 24, 2005 at 11:44:57PM +0100, Eden Akhavi wrote: > I am running Linux 2.6.11.5 with a Atheros based Cardbus card > When I run hostapd, I get: > > Configuration file: ./madwifi.conf > madwifi_set_iface_flags: dev_up=0 > Using interface ath0 with hwaddr 00:01:24:60:0b:2c and ssid 'wpa-test' > madwifi_set_ieee8021x: enabled=1 > madwifi_configure_wpa: group key cipher=1 > ioctl[IEEE80211_IOCTL_SETPARAM]: Invalid argument > Unable to set group key cipher to 1 > ath0: DRIVER Error configuring WPA state! > IEEE 802.1X initialization failed. > rmdir[ctrl_interface]: Bad address > madwifi_set_privacy: enabled=0 > madwifi_set_ieee8021x: enabled=0 > madwifi_set_iface_flags: dev_up=0 I cannot reproduce this on Linux 2.6.11.5 using the current CVS snapshots of madwifi and hostapd. I get following output with the exact same configuration file: Configuration file: madwifi.conf madwifi_set_iface_flags: dev_up=0 Using interface ath0 with hwaddr 02:11:22:33:44:55 and ssid 'wpa-test' madwifi_set_ieee8021x: enabled=1 madwifi_configure_wpa: group key cipher=1 madwifi_configure_wpa: pairwise key ciphers=0xa madwifi_configure_wpa: key management algorithms=0x3 madwifi_configure_wpa: rsn capabilities=0x0 madwifi_configure_wpa: enable WPA= 0x1 madwifi_set_iface_flags: dev_up=1 madwifi_set_privacy: enabled=1 WPA: group state machine entering state GTK_INIT GMK - hexdump(len=32): 8f 77 72 00 58 e8 17 75 7b b9 9a b8 fd 41 c1 1b 05 ea 79 d2 ab d0 d7 f4 8c 07 4a c8 b6 94 3d 85 GTK - hexdump(len=32): 59 02 fa 5d f0 07 e2 9e 2a 73 2b 97 d4 79 fe 09 4d de cf 1b c0 f6 44 89 c6 36 c2 7c 79 71 c8 6e WPA: group state machine entering state SETKEYSDONE madwifi_set_key: alg=TKIP addr=00:00:00:00:00:00 key_idx=1 Flushing old station entries Deauthenticate all stations l2_packet_receive - recv: Network is down -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Sat Mar 26 22:14:52 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sat, 26 Mar 2005 19:14:52 -0800 Subject: Host-base Mode + selective scanning In-Reply-To: References: Message-ID: <20050327031452.GN8204@jm.kir.nu> On Wed, Mar 23, 2005 at 06:26:02AM +0100, Marcin Dabrowski wrote: > Is that true that host-based mode is only accesible in > AP mode ?? I'm not sure that I understood what you mean, but yes, Prism2/2.5/3 firmware takes care of number of management tasks in client mode and does not allow the driver to fully control things like authentication and association frame sending. > To implement selective scanning I need possibility to send > probe requests and to process all received frames. But it seems that > it can be achieved only in master mode with host roaming mode set to > 2. Unfortunately master mode makes AP from my card :( I don't see why this would require processing all received frames. It should be enough to receive all Beacon and Probe Response frames. In addition, Master mode does not use host roaming configuration and host scan command can be used to do somewhat selective scanning (e.g., to select which channels to scan). > Also in master mode card receives all frames from all channel. Is it > possible to force card to receive frames from chosen channels ? Only in monitor mode (in which the card does not work correctly as far as AP or client functionality is concerned). > Another question is how to distinguish from which channel frame was > received ? Most IEEE 802.11b/g cards are unable to do this for frames sent in IEEE 802.11b rates. In other words, the card can receive frames sent on other channels and still assume that they came on the currently configured channel. However, if you are talking about IEEE 802.11b Beacon and Probe Response frames, you could parse them and look at the DS params IE for the advertised channel. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Sat Mar 26 22:27:04 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sat, 26 Mar 2005 19:27:04 -0800 Subject: WPA supplicant with NO WEP/802.1X authentication In-Reply-To: <20050321130529.95125.qmail@web51003.mail.yahoo.com> References: <20050321130529.95125.qmail@web51003.mail.yahoo.com> Message-ID: <20050327032704.GO8204@jm.kir.nu> On Mon, Mar 21, 2005 at 05:05:29AM -0800, Ambily N wrote: > We are adding WPA supplicant support to AR5005 > chipset. Which driver are you using? > network={ > ssid="WBH" > scan_ssid=1 > key_mgmt=NONE > } > What we were trying to do was try 802.11 association > without encryption or other authentication using WPA > supplicant. > 802.11 association is happening,then we receive an > EAPOL packet from the AP,then a timeout of 10 seconds > is registered as (in wpa.c) What is this AP configured to do? Your configuration file above is for plaintext network, but the AP is configured to start EAPOL authentication?? > Is our findings correct? Why does the AP send an EAP > frame for a normal 802.11 association? If the AP is configured to use plaintext mode, it is broken.. What AP is this? Please re-test with the current development snapshot of wpa_supplicant. It has some code for ignoring EAPOL frames in this kind of case. > wpa_driver_ar5005_set_wpa: enabled=1 Is this code implementing wpa_driver_ar5005_* functions available somewhere? -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Sat Mar 26 22:32:23 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sat, 26 Mar 2005 19:32:23 -0800 Subject: storage size of `io' isn't known (SOLUTION) In-Reply-To: <423F1CCB.5010501@nufone.net> References: <423EF0CD.9090007@nufone.net> <423F0B83.9020905@nufone.net> <423F1CCB.5010501@nufone.net> Message-ID: <20050327033223.GP8204@jm.kir.nu> On Mon, Mar 21, 2005 at 02:13:15PM -0500, Jeremy McNamara wrote: > A simple missing include seems to have solved this issue for me. > Attached is a diff -u. Thanks. This was already included for wpa_supplicant, but hostapd was not including uio.h. All the toolchains (well, mainly header files) that I'm testing with seemed to include sys/uio.h implicitly, so I haven't seen this before. Anyway, this is now fixed in CVS development branch. -- Jouni Malinen PGP id EFC895FA From andytripp at gmail.com Sat Mar 26 22:41:26 2005 From: andytripp at gmail.com (Andy Tripp) Date: Sat, 26 Mar 2005 21:41:26 -0600 Subject: WPA-PSK 'failed to read configuration file Message-ID: I am running Fedora Core 3, ndiswrapper 1.1, wpa supplicant 0.3.8. Wireless works with no encryption/wep, but I would like to get wpa working. Any ideas? Anymore info needed? Thanks in advance, Andy My config file looks like this # allow frontend (e.g., wpa_cli) to be used by all users in 'atripp' group ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=atripp # # home network; allow all valid ciphers network={ ssid="revonex" scan_ssid=1 key_mgmt=WPA-PSK psk="mykey" } When I run debug I get this [root at localhost etc]# wpa_supplicant -iwlan0 -c/etc/wpa_supplicant.conf -d -Dndiswrapper Initializing interface 'wlan0' conf '/etc/wpa_supplicant.conf' driver 'ndiswrapper' Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf' Reading configuration file '/etc/wpa_supplicant.conf' Line 2: Invalid configuration line 'ctrl_interface=/var/run/wpa_supplicant'. Line 3: Invalid configuration line 'ctrl_interface_group=atripp'. Priority group 0 id=0 ssid='revonex' Failed to read From jkmaline at cc.hut.fi Sun Mar 27 00:34:20 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sat, 26 Mar 2005 21:34:20 -0800 Subject: WPA-PSK 'failed to read configuration file In-Reply-To: References: Message-ID: <20050327053420.GA8426@jm.kir.nu> On Sat, Mar 26, 2005 at 09:41:26PM -0600, Andy Tripp wrote: > # allow frontend (e.g., wpa_cli) to be used by all users in 'atripp' group > ctrl_interface=/var/run/wpa_supplicant > ctrl_interface_group=atripp > Line 2: Invalid configuration line 'ctrl_interface=/var/run/wpa_supplicant'. > Line 3: Invalid configuration line 'ctrl_interface_group=atripp'. wpa_supplicant was built without control interface support (no CONFIG_CTRL_IFACE=y line in .config), but the configuration file is trying to use this. Either add this option into .config and rebuild wpa_supplicant or remove these two lines from the configuration file if you do not want to include control interface support. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Sun Mar 27 00:44:42 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sat, 26 Mar 2005 21:44:42 -0800 Subject: Selective scanning solution In-Reply-To: References: Message-ID: <20050327054442.GB8426@jm.kir.nu> On Wed, Mar 23, 2005 at 07:27:17AM +0100, Marcin Dabrowski wrote: > But :), I don't know how can I find the right moment to start > scanning. Is there any function which is called when station looses > connectivity or which measures channel parameters permanently ?? Unfortunately not in host_roaming=2 mode.. I'm not aware of any reliable way of finding out that the connection is lost. RID FD43 (CommsQuality) could be polled for signal quality information, but it looked like firmware just stopped updating this if no more packets were received from the current AP. In theory (but not necessarily always in practice), signal strength could drop just before the connectivity is lost, so polling this RID could be enough to trigger full scan. PS. I just added support for selecting which channels to include in the scan. The current development snapshot from CVS includes new parameter, scan_channels (e.g., iwpriv wlan0 scan_channels 0x00ff) that is used to mask channels for scans (iwlist wlan0 scan). In addition, I fixed an issue with scan requests in host_roaming=2 mode. Previously, data connection died when this was done. Now the connection is restored automatically by re-joining (which does not actually do anything else than fixes firmware state). This allows background scans, e.g., when using wpa_supplicant. It's also a step towards making roaming work for this case. For now, it would be possible to run something like 'while true; do iwlist wlan0 scan; sleep 60; done' to make the client eventually roam. I'm also looking into making host_roaming=1 work with wpa_supplicant since this mode should generate events notifying connection loss and would thus allow faster roaming. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Sun Mar 27 00:46:40 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sat, 26 Mar 2005 21:46:40 -0800 Subject: Scanning routine In-Reply-To: References: Message-ID: <20050327054640.GC8426@jm.kir.nu> On Sun, Mar 20, 2005 at 12:47:09PM +0100, Marcin Dabrowski wrote: > Is there any routine which is called when station needs to do > handoff ?? prism2_host_roaming() should be called in this case if the firmware is configured in host_roaming=1 mode. -- Jouni Malinen PGP id EFC895FA From waynix at gmail.com Sun Mar 27 02:30:03 2005 From: waynix at gmail.com (wayne liu) Date: Sat, 26 Mar 2005 23:30:03 -0800 Subject: hostap_driver_data vs. driver_ops. A bug? In-Reply-To: <20050327020012.GE8204@jm.kir.nu> References: <20050327020012.GE8204@jm.kir.nu> Message-ID: Thanks Jouni. I got it. This is kind of like hostap_driver_data being a "derived class" of driver_ops, by virtual of the fact that the former has the latter as the first element. That was a careless overlook on my part. On Sat, 26 Mar 2005 18:00:12 -0800, Jouni Malinen wrote: > On Sat, Mar 26, 2005 at 03:53:58PM -0800, wayne liu wrote: > > > hostap_driver_deinit() takes a parameter, void* priv, and casts it as > > hostap_driver_data. But the caller of this routine, hostapd_driver_deinit(), > > is passing in a param of type struct driver_ops when doing > > hapd->driver->deinit(hapd->driver); > > The driver interface code (driver.c) uses struct hostap_driver_data as a > data structure that starts with struct driver_ops, but has private > variables in the end. Generic hostapd code does not know about these and > only has a pointer to struct driver_ops. Anyway, these are pointing to > the same address. > > > As a related issue, in hostap_init(), the locally malloc'ed > > hostap_driver_data *drv does not seem to be held by anybody or free()'ed > > at the end and hence is lost when call is returned. > > This pointer is stored in hapd->driver; this is due to drv and &drv->ops > pointing to the same address. > > > So the question is should hapd->driver be pointing to hostap_driver_data > > instead of driver_ops ? > > No, core hostapd code should not know anything about private driver > interface structures (e.g., struct hostap_driver_data). > > > Given that the 1st variable of struct > > hostap_driver_data > > is driver_ops (by design?), access to any APIs in the driver_ops won't be > > messed up by the mismatch of the param. But what about other data fields? > > Yes, this is by design; and no, this does not mess up other fields. > > -- > Jouni Malinen PGP id EFC895FA > _______________________________________________ > HostAP mailing list > HostAP at shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap > From axel at zedx.org Sun Mar 27 06:45:32 2005 From: axel at zedx.org (Axel Christiansen) Date: Sun, 27 Mar 2005 13:45:32 +0200 Subject: reread hostap-daemon configs Message-ID: <42469CDC.1050409@zedx.org> Hi list, can one somehow reread the hostapd.conf file or the mac lists without restarting the daemon? Thx, Axel From axel at zedx.org Sun Mar 27 07:00:42 2005 From: axel at zedx.org (Axel Christiansen) Date: Sun, 27 Mar 2005 14:00:42 +0200 Subject: reread hostap-daemon configs In-Reply-To: <42469CDC.1050409@zedx.org> References: <42469CDC.1050409@zedx.org> Message-ID: <4246A06A.5050303@zedx.org> Axel Christiansen wrote: > Hi list, > > can one somehow reread the hostapd.conf file or the > mac lists without restarting the daemon? oops, should have read the config complete ;) . # Accept/deny lists are read from separate files (containing list of # MAC addresses, one per line). Use absolute path name to make sure that the # files can be read on SIGHUP configuration reloads. Axel From eden.akhavi at ltt.com Sun Mar 27 08:51:40 2005 From: eden.akhavi at ltt.com (Eden Akhavi) Date: Sun, 27 Mar 2005 15:51:40 +0200 Subject: Linux 2.6.11.5 + Hostapd + Madwifi In-Reply-To: <20050327030618.GM8204@jm.kir.nu> Message-ID: <42438B0400039227@n126.sc0.cp.net> (added by postmaster@bouncemessage.net) Could this be a card related issue? My test card is an SMC 2335W (Cardbus). //Eden > -----Original Message----- > From: hostap-bounces+eden.akhavi=ltt.com at shmoo.com > [mailto:hostap-bounces+eden.akhavi=ltt.com at shmoo.com] On > Behalf Of Jouni Malinen > Sent: 27 March 2005 05:06 > To: hostap at shmoo.com > Subject: Re: Linux 2.6.11.5 + Hostapd + Madwifi > > On Thu, Mar 24, 2005 at 11:44:57PM +0100, Eden Akhavi wrote: > > > I am running Linux 2.6.11.5 with a Atheros based Cardbus card > > > When I run hostapd, I get: > > > > Configuration file: ./madwifi.conf > > madwifi_set_iface_flags: dev_up=0 > > Using interface ath0 with hwaddr 00:01:24:60:0b:2c and ssid > 'wpa-test' > > madwifi_set_ieee8021x: enabled=1 > > madwifi_configure_wpa: group key cipher=1 > > ioctl[IEEE80211_IOCTL_SETPARAM]: Invalid argument Unable to > set group > > key cipher to 1 > > ath0: DRIVER Error configuring WPA state! > > IEEE 802.1X initialization failed. > > rmdir[ctrl_interface]: Bad address > > madwifi_set_privacy: enabled=0 > > madwifi_set_ieee8021x: enabled=0 > > madwifi_set_iface_flags: dev_up=0 > > I cannot reproduce this on Linux 2.6.11.5 using the current > CVS snapshots of madwifi and hostapd. I get following output > with the exact same configuration file: > > Configuration file: madwifi.conf > madwifi_set_iface_flags: dev_up=0 > Using interface ath0 with hwaddr 02:11:22:33:44:55 and ssid 'wpa-test' > madwifi_set_ieee8021x: enabled=1 > madwifi_configure_wpa: group key cipher=1 > madwifi_configure_wpa: pairwise key ciphers=0xa > madwifi_configure_wpa: key management algorithms=0x3 > madwifi_configure_wpa: rsn capabilities=0x0 > madwifi_configure_wpa: enable WPA= 0x1 > madwifi_set_iface_flags: dev_up=1 > madwifi_set_privacy: enabled=1 > WPA: group state machine entering state GTK_INIT GMK - > hexdump(len=32): 8f 77 72 00 58 e8 17 75 7b b9 9a b8 fd 41 c1 > 1b 05 ea 79 d2 ab d0 d7 f4 8c 07 4a c8 b6 94 3d 85 GTK - > hexdump(len=32): 59 02 fa 5d f0 07 e2 9e 2a 73 2b 97 d4 79 fe > 09 4d de cf 1b c0 f6 44 89 c6 36 c2 7c 79 71 c8 6e > WPA: group state machine entering state SETKEYSDONE > madwifi_set_key: alg=TKIP addr=00:00:00:00:00:00 key_idx=1 > Flushing old station entries Deauthenticate all stations > l2_packet_receive - recv: Network is down > > -- > Jouni Malinen PGP > id EFC895FA > _______________________________________________ > HostAP mailing list > HostAP at shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap > From josh at vnetworx.net Sun Mar 27 20:52:37 2005 From: josh at vnetworx.net (josh) Date: Sun, 27 Mar 2005 20:52:37 -0500 Subject: WPA on Ibook G3 running ubuntu? In-Reply-To: <20050327001714.GD8204@jm.kir.nu> References: <20050321230456.27858.qmail@broadway.vnetworx.net> <20050322040225.GS8648@jm.kir.nu> <20050322191442.14779.qmail@broadway.vnetworx.net> <20050327001714.GD8204@jm.kir.nu> Message-ID: <20050328015238.32708.qmail@broadway.vnetworx.net> Jouni, Thanks for the reply, Yeah it is the Hermes-II Driver i do believe, If i get it working i will post a page on doing it. Thanks, -josh Jouni Malinen writes: > On Tue, Mar 22, 2005 at 02:14:42PM -0500, josh wrote: > >> First off thanks for the reply, >> It's basically the only wifi card that will work in a G3 Ibook, Macintosh's >> are proprietary hardware. It isnt a PCMCIA Card either, it is installed >> under the keyboard /w a built in antenna. >> >> I believe the driver is 'Airport' > > I still don't know what card this is or what driver it is using. I'm not > aware of any driver called 'Airport'. If it Hermes II -based card like > some of the threads seem to indicate, you would need to use another > driver interface in wpa_supplicant. This interface code is not under > compatible license, so it is not included in the wpa_supplicant releases > nor do I do any testing on it, so you would need to ask someone else for > help with that. This is of course assuming, that you are indeed using > the Agere driver. > > -- > Jouni Malinen PGP id EFC895FA > _______________________________________________ > HostAP mailing list > HostAP at shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap From hareesh.khattri at ndsu.edu Sun Mar 27 22:16:20 2005 From: hareesh.khattri at ndsu.edu (hareesh.khattri at ndsu.edu) Date: Sun, 27 Mar 2005 21:16:20 -0600 (CST) Subject: Configuration for 802.1x/EAPOL authentication with WEP keys In-Reply-To: <20050326230737.GA8204@jm.kir.nu> References: <34470.134.129.123.229.1111872596.squirrel@webmail.ndsu.nodak.edu> <20050326230737.GA8204@jm.kir.nu> Message-ID: <33857.134.129.123.229.1111979780.squirrel@webmail.ndsu.nodak.edu> Thanks Jouni, > FreeRADIUS is rejecting the authentication since it did not recognize > the CA certificate used in signing the client certificate. Did you > generate both the client and server certificates with the same CA? > I generated both the certificates after creating a root CA. And signed both using the same CA. My configuration for WPA-EAP, network={ ssid="test" proto=WPA key_mgmt=WPA-EAP pairwise=CCMP TKIP group=CCMP TKIP eap=TLS identity="client at example.com" ca_cert="/etc/certs/cacert.pem" client_cert="/etc/certs/cert-clt.pem" private_key="/etc/certs/cert-clt.pem" private_key_passwd="whatever" priority=1 } for hostapd conf sid=test macaddr_acl=1 accept_mac_file=/etc/hostapd.accept deny_mac_file=/etc/hostapd.deny ieee8021x=1 own_ip_addr=134.129.123.104 # RADIUS authentication server auth_server_addr=134.129.123.204 auth_server_port=1812 auth_server_shared_secret=secret # RADIUS accounting server acct_server_addr=134.129.123.204 acct_server_port=1813 acct_server_shared_secret=secret wpa=1 wpa_key_mgmt=WPA-EAP wpa_pairwise=TKIP CCMP wpa_group_rekey=300 wpa_gmk_rekey=6400 Configuration for WPA-PSK: network={ ssid="test" psk="secretpassphrase" priority=5 } For the hostapd conf: ssid=test macaddr_acl=1 accept_mac_file=/etc/hostapd.accept deny_mac_file=/etc/hostapd.deny auth_algs=1 own_ip_addr=134.129.123.104 wpa=1 wpa_passphrase=secretpassphrase wpa_key_mgmt=WPA-PSK wpa_pairwise=TKIP CCMP I have attached the debug messages from the wpa-supplicant and the hostapd. The wpa_supplicant scans the network with ssid "test" but does not detect it to be WPA/RSN capable so it does not associate. Hareesh -------------- next part -------------- A non-text attachment was scrubbed... Name: wpasupp-debug.gz Type: application/x-gzip Size: 1180 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050327/785bfa23/attachment.bin -------------- next part -------------- A non-text attachment was scrubbed... Name: hostapd-debug.gz Type: application/x-gzip Size: 723 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050327/785bfa23/attachment-0001.bin From jellenz at planetkc.com Sun Mar 27 22:37:05 2005 From: jellenz at planetkc.com (John Ellenz) Date: Sun, 27 Mar 2005 21:37:05 -0600 Subject: Hostap + WPA_Supplicant LEAP support Message-ID: All, We are currently using hostap+wpa_supplicant successfully in an embedded linux environment with the 2.4 kernel in WEP, PSK, and TLS environments with FreeRadius. We will be installing a Cisco ACS to test compatibility with Cisco LEAP installations. Is hostap+wpa_supplicant known to work with LEAP, or does that 'requires special support from driver' in the wpa_supplicant mean that life is not so easy? Thanks From jkmaline at cc.hut.fi Mon Mar 28 00:01:44 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Sun, 27 Mar 2005 21:01:44 -0800 Subject: Hostap + WPA_Supplicant LEAP support In-Reply-To: References: Message-ID: <20050328050144.GD8180@jm.kir.nu> On Sun, Mar 27, 2005 at 09:37:05PM -0600, John Ellenz wrote: > We are currently using hostap+wpa_supplicant successfully in an embedded > linux environment with the 2.4 kernel in WEP, PSK, and TLS environments with > FreeRadius. We will be installing a Cisco ACS to test compatibility with > Cisco LEAP installations. Is hostap+wpa_supplicant known to work with LEAP, > or does that 'requires special support from driver' in the wpa_supplicant > mean that life is not so easy? Host AP driver has that 'special support' for LEAP, or well, to be more exact, for Network EAP authentication. I haven't tested LEAP with Cisco ACS, but I would expect it to work. -- Jouni Malinen PGP id EFC895FA From waynix at gmail.com Mon Mar 28 02:40:30 2005 From: waynix at gmail.com (wayne liu) Date: Sun, 27 Mar 2005 23:40:30 -0800 Subject: Bridge MAC addr learning from WiFi port Message-ID: I was wondering what the consideration was when in bridge mode frames from one associated STA to another assocaietd STA are only sent back to wireless media, but not to the kernel network code. I know in terms of frames reaching its destination, this is the all that's needed, but wouldn't this hide the traffic from the bridge so that the forwarding database entry for the STA won't be refreshed ? This would lead to only minor performance impact for bridging when e.g. a machine which talked to the WiFi STA earlier has a record of the STA (e.g. ARP entry) that ages slower that bridge's fdb, leading to flooding of future frames from that machine to the STA. I'm doing my own driver and planning to send such frames to both its dst and the bridge, or inform bridge of the active status of the STA by sending Layer 2 XID frames to the bridge to freshen up the fdb. Of course this incurs its own overhead. A brief explanation from Jouni would be appreciated. From amylu at cmu.edu Mon Mar 28 03:41:30 2005 From: amylu at cmu.edu (Amy, Mei-Hsuan Lu) Date: Mon, 28 Mar 2005 03:41:30 -0500 Subject: hostap beginner Message-ID: <000901c53371$f085aaa0$2fe3ed80@csdlaptop> Hello folks, I am a hostap beginner. Recently I am starting to implement some research work onto hostap driver. I would like to know if there are any good resources to start with? Thanks. ---- Meihsuan Lu -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050328/e98bceb6/attachment.htm From vatn at imit.kth.se Mon Mar 28 04:33:04 2005 From: vatn at imit.kth.se (Jon-Olov Vatn) Date: Mon, 28 Mar 2005 11:33:04 +0200 (CEST) Subject: Bridge MAC addr learning from WiFi port In-Reply-To: References: Message-ID: <33268.213.66.212.219.1112002384.squirrel@webmail.imit.kth.se> Hi, I'm not sure if it applies to your case, but I initiated an email discussion on hostap and bridging code interaction some time ago. (In case you want to search the mail archives, the subject line was "Question on HostAP, IAPP link layer update and bridge station cache"). I have not followed what has happened since then, so I cannot say how relevant it is today. You may be interested in sections 4.1-4.2 of http://www.it.kth.se/~vatn/research/handover-perf.pdf BW J-O On Mon, March 28, 2005 9:40 am, wayne liu said: > I was wondering what the consideration was when in bridge mode frames from > one associated STA to another assocaietd STA are only sent back to > wireless > media, but not to the kernel network code. I know in terms of frames > reaching its > destination, this is the all that's needed, but wouldn't this hide the > traffic from > the bridge so that the forwarding database entry for the STA won't be > refreshed ? This would lead to only minor performance impact for bridging > when e.g. a machine which talked to the WiFi STA earlier has a record of > the STA (e.g. ARP entry) that ages slower that bridge's fdb, leading to > flooding of future frames from that machine to the STA. > > I'm doing my own driver and planning to send such frames to both its dst > and > the bridge, or inform bridge of the active status of the STA by > sending Layer 2 XID > frames to the bridge to freshen up the fdb. Of course this incurs its > own overhead. > > A brief explanation from Jouni would be appreciated. > _______________________________________________ > HostAP mailing list > HostAP at shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap > From andytripp at gmail.com Mon Mar 28 13:44:21 2005 From: andytripp at gmail.com (Andy Tripp) Date: Mon, 28 Mar 2005 12:44:21 -0600 Subject: SSID - not broadcasting Message-ID: I am not broadcasting my SSID. Do I need to put something special in the .conf file?? When I debug it performs the AP scan and can't find any APs... Thanks in advance, Andy From waynix at gmail.com Mon Mar 28 14:04:41 2005 From: waynix at gmail.com (wayne liu) Date: Mon, 28 Mar 2005 11:04:41 -0800 Subject: Bridge MAC addr learning from WiFi port In-Reply-To: <33268.213.66.212.219.1112002384.squirrel@webmail.imit.kth.se> References: <33268.213.66.212.219.1112002384.squirrel@webmail.imit.kth.se> Message-ID: Haven't found your thread yet. Thanks for the paper. I only got a chance to take a very brief look of those two sections, it seems I would agree on what should be done as you described. I believe the effect of not having updated fdb is only a performance issue not a functionality one. If nobody knows where a STA has roamed to, then flood. It may or may not be serious depending on actual appl. and/or traffic scenario. In your VoIP case, it probably is. On Mon, 28 Mar 2005 11:33:04 +0200 (CEST), Jon-Olov Vatn wrote: > Hi, > > I'm not sure if it applies to your case, but I initiated an email > discussion on hostap and bridging code interaction some time ago. > (In case you want to search the mail archives, the subject line was > "Question on HostAP, IAPP link layer update and bridge station cache"). > > I have not followed what has happened since then, so I cannot say > how relevant it is today. You may be interested in sections 4.1-4.2 > of http://www.it.kth.se/~vatn/research/handover-perf.pdf > > BW J-O > > On Mon, March 28, 2005 9:40 am, wayne liu said: > > I was wondering what the consideration was when in bridge mode frames from > > one associated STA to another assocaietd STA are only sent back to > > wireless > > media, but not to the kernel network code. I know in terms of frames > > reaching its > > destination, this is the all that's needed, but wouldn't this hide the > > traffic from > > the bridge so that the forwarding database entry for the STA won't be > > refreshed ? This would lead to only minor performance impact for bridging > > when e.g. a machine which talked to the WiFi STA earlier has a record of > > the STA (e.g. ARP entry) that ages slower that bridge's fdb, leading to > > flooding of future frames from that machine to the STA. > > > > I'm doing my own driver and planning to send such frames to both its dst > > and > > the bridge, or inform bridge of the active status of the STA by > > sending Layer 2 XID > > frames to the bridge to freshen up the fdb. Of course this incurs its > > own overhead. > > > > A brief explanation from Jouni would be appreciated. > > _______________________________________________ > > HostAP mailing list > > HostAP at shmoo.com > > http://lists.shmoo.com/mailman/listinfo/hostap > > > > From maco at maco.sk Mon Mar 28 18:03:30 2005 From: maco at maco.sk (Marcel Hecko) Date: Tue, 29 Mar 2005 01:03:30 +0200 Subject: Prove of prism chipset version Message-ID: <42488D42.1010106@maco.sk> Hi all, is there any way to prove if PC card is based on prism 3 chipset, not 2 or 2.5 chipset? Thanks Marcel Hecko Slovakia From waynix at gmail.com Mon Mar 28 18:12:10 2005 From: waynix at gmail.com (wayne liu) Date: Mon, 28 Mar 2005 15:12:10 -0800 Subject: Bridge MAC addr learning from WiFi port In-Reply-To: <33268.213.66.212.219.1112002384.squirrel@webmail.imit.kth.se> References: <33268.213.66.212.219.1112002384.squirrel@webmail.imit.kth.se> Message-ID: Thanks for pointing out that earlier thread. I've found it. Your scenario examplifies what I intended to cover by inserting L2 XID frame on behalf of the STA. I need to look at the code to see what's in now after two years from that discussion. I was wrong earlier in saying flooding is the only impact, actually before local fdb entry ages out, there is loss of traffic. Wayne On Mon, 28 Mar 2005 11:33:04 +0200 (CEST), Jon-Olov Vatn wrote: > Hi, > > I'm not sure if it applies to your case, but I initiated an email > discussion on hostap and bridging code interaction some time ago. > (In case you want to search the mail archives, the subject line was > "Question on HostAP, IAPP link layer update and bridge station cache"). > > I have not followed what has happened since then, so I cannot say > how relevant it is today. You may be interested in sections 4.1-4.2 > of http://www.it.kth.se/~vatn/research/handover-perf.pdf > > BW J-O > > On Mon, March 28, 2005 9:40 am, wayne liu said: > > I was wondering what the consideration was when in bridge mode frames from > > one associated STA to another assocaietd STA are only sent back to > > wireless > > media, but not to the kernel network code. I know in terms of frames > > reaching its > > destination, this is the all that's needed, but wouldn't this hide the > > traffic from > > the bridge so that the forwarding database entry for the STA won't be > > refreshed ? This would lead to only minor performance impact for bridging > > when e.g. a machine which talked to the WiFi STA earlier has a record of > > the STA (e.g. ARP entry) that ages slower that bridge's fdb, leading to > > flooding of future frames from that machine to the STA. > > > > I'm doing my own driver and planning to send such frames to both its dst > > and > > the bridge, or inform bridge of the active status of the STA by > > sending Layer 2 XID > > frames to the bridge to freshen up the fdb. Of course this incurs its > > own overhead. > > > > A brief explanation from Jouni would be appreciated. > > _______________________________________________ > > HostAP mailing list > > HostAP at shmoo.com > > http://lists.shmoo.com/mailman/listinfo/hostap > > > > From espy at pepper.com Mon Mar 28 18:14:16 2005 From: espy at pepper.com (Tony Espy) Date: Mon, 28 Mar 2005 18:14:16 -0500 Subject: Prove of prism chipset version In-Reply-To: <42488D42.1010106@maco.sk> References: <42488D42.1010106@maco.sk> Message-ID: <42488FC8.60100@pepper.com> Marcel Hecko wrote: > Hi all, > is there any way to prove if PC card is based on prism 3 chipset, not 2 > or 2.5 chipset? try: hostap_diag wlan0 this should output the various firmware revs as well as the chipset type. /tony Pepper Computer From espy at pepper.com Mon Mar 28 19:02:32 2005 From: espy at pepper.com (Tony Espy) Date: Mon, 28 Mar 2005 19:02:32 -0500 Subject: Managed Mode -- Use of wifi0 and wlan0 devices? Message-ID: <42489B18.20006@pepper.com> I'm using HostAP in managed mode, in conjunction with an older DHCP client ( pump ). I'm considering moving to ISC's dhclient, but for now I'm stuck with pump ( 0.8.21 ). One of the first things I ran into was that when killed, pump marked the interface as DOWN. Since HostAP requires one or more of it's device(s) to be UP in order function, I had to run some extra code to make sure "wlan0" was marked UP before associating with a new AP. It also seems to me that the right way to handle changing IP addresses, is to mark the interface DOWN, muck with the IP parameters, then mark the interface UP. So, I came up with the idea of using both HostAP devices; "wifi0" for association, and "wlan0" as my actual IP interface. This allows toggling of "wlan0"'s UP/DOWN flag ( by pump, or other code ) without disabling the HostAP driver as "wifi0" remains UP and thus wpa_supplicant is free to do it's thing. This seems to work great, although I wasn't able to find any documentation, nor threads on the mailing list re: running in such a configuration. Am I correct to be using both HostAP devices in such a manner while in managed (STA) mode? ciao, Tony Espy, Pepper Computer From espy at pepper.com Mon Mar 28 19:17:36 2005 From: espy at pepper.com (Tony Espy) Date: Mon, 28 Mar 2005 19:17:36 -0500 Subject: Selective scanning solution In-Reply-To: <20050327054442.GB8426@jm.kir.nu> References: <20050327054442.GB8426@jm.kir.nu> Message-ID: <42489EA0.5050000@pepper.com> Jouni Malinen wrote: > I just added support for selecting which channels to include in the > scan. The current development snapshot from CVS includes new parameter, > scan_channels (e.g., iwpriv wlan0 scan_channels 0x00ff) that is used to > mask channels for scans (iwlist wlan0 scan). > > In addition, I fixed an issue with scan requests in host_roaming=2 mode. > Previously, data connection died when this was done. Now the connection > is restored automatically by re-joining (which does not actually do > anything else than fixes firmware state). Jouni -- This last paragraph is a bit of a surprise to me. I've actually made some modifications to wpa_supplicant to allow another process to ask it to scan and/or associate via the control socket. I haven't seen a problem with the connection dropping when this is done. I'll try and pull down the latest code from CVS tomorrow. What code did you change to allow the connection to be restored? By the way, I'm using the HostAP driver ( v0.2.5 ). thanks, Tony Espy Pepper Computer p.s. I haven't made my wpa_supplicant changes available as I intend to port them to 0.3.7 first, however if you ( or anyone else ) are interested in seeing them please let me know. From jkmaline at cc.hut.fi Mon Mar 28 22:42:56 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Mon, 28 Mar 2005 19:42:56 -0800 Subject: Selective scanning solution In-Reply-To: <42489EA0.5050000@pepper.com> References: <20050327054442.GB8426@jm.kir.nu> <42489EA0.5050000@pepper.com> Message-ID: <20050329034256.GK8180@jm.kir.nu> On Mon, Mar 28, 2005 at 07:17:36PM -0500, Tony Espy wrote: > This last paragraph is a bit of a surprise to me. I've actually made > some modifications to wpa_supplicant to allow another process to ask it > to scan and/or associate via the control socket. I haven't seen a > problem with the connection dropping when this is done. Which firmware version are you using? I'm testing with STA f/w v1.8.3 and it ended up in odd state where all TX packets are being dropped if I do a scan request in host_roaming=2 mode. > I'll try and pull down the latest code from CVS tomorrow. What code did > you change to allow the connection to be restored? I changed hostap_info.c to issue a join request in host_roaming=2 mode in the same way that was done in host_roaming=1 case when scan results become available. This fixes the connection in my tests. > By the way, I'm using the HostAP driver ( v0.2.5 ). I don't think there have been changes on this part of the code, so I would have expected v0.2.5 work (well, _not_ work in this case) in the same way. > p.s. I haven't made my wpa_supplicant changes available as I intend to > port them to 0.3.7 first, however if you ( or anyone else ) are > interested in seeing them please let me know. In generel, I would suggest the "release early, release often" mantra often used with Linux development. I don't have a fixed plan on when something like this would happen, but improvements on this area are certainly on my to-do list for wpa_supplicant.. In other words, there are risks of doing double work here. -- Jouni Malinen PGP id EFC895FA From NEENAMS at nestec.net Tue Mar 29 02:10:50 2005 From: NEENAMS at nestec.net (NEENA M S) Date: Tue, 29 Mar 2005 12:40:50 +0530 Subject: roaming & context transfer Message-ID: Hi, I have some doubts on roaming & context transfer. When a stations roams from AP1(AccessPoint 1) to AP2, how & what parameters need to be transferred?what is information in the context block?how the context is defined?what is the format of 802.11 context information?is it vendor specific? . How about the WEP Keys transfer from AP1 to AP2? Is there any specific format which any document specifies ?? Or it should be vendor specific?? If so how about interoperability ?? Thanks & Regards neena --------------------------------------------------------------------------- "This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email or any action taken upon this e-mail is strictly prohibited and may be unlawful." --------------------------------------------------------------------------- From daber at student.uci.agh.edu.pl Tue Mar 29 03:53:41 2005 From: daber at student.uci.agh.edu.pl (Marcin Dabrowski) Date: Tue, 29 Mar 2005 10:53:41 +0200 (CEST) Subject: Scanning routine Message-ID: > Is there any routine which is called when station needs to do >> handoff ?? >>prism2_host_roaming() should be called in this case if the firmware is >>configured in host_roaming=1 mode. But is there any routine which is called before scanning has been started ?? For example if there was one, it could be possible to change host_roaming mode to 2 in that routine, do scanning manually, and at the end restore host_roaming to 1. Marcin From daber at student.uci.agh.edu.pl Tue Mar 29 04:16:12 2005 From: daber at student.uci.agh.edu.pl (Marcin Dabrowski) Date: Tue, 29 Mar 2005 11:16:12 +0200 (CEST) Subject: Signal testing Message-ID: In prism manual I read that if card works in host_roaming mode=2 it should pass all data frames to the driver. So, where in hostap driver is function which is responsible for receiving data frames in this mode? I ask, beacuse I've noticed that in AP mode, while driver process received frames it is also given the hostap_80211_rx_status structure which contains information about signal quality. If there was similar routine (using hostap_80211_rx_status struct) in host_roaming=2 it could help to determine when scanning process should start. Marcin From NEENAMS at nestec.net Tue Mar 29 04:39:10 2005 From: NEENAMS at nestec.net (NEENA M S) Date: Tue, 29 Mar 2005 15:09:10 +0530 Subject: context transfer Message-ID: Hi, when a station roam to a new ap then the iapp module send a move notify to old ap and the old ap returns a context of the station to new ap. what is the context? how the context is defined?anybody to help? Regards neena --------------------------------------------------------------------------- "This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email or any action taken upon this e-mail is strictly prohibited and may be unlawful." --------------------------------------------------------------------------- From bilal_shahid4 at hotmail.com Tue Mar 29 08:15:07 2005 From: bilal_shahid4 at hotmail.com (Bilal Shahid) Date: Tue, 29 Mar 2005 18:15:07 +0500 Subject: Re-authentication issue Message-ID: Hi, I am sorry if this question does not belong to this list but I am facing huge problems. I am testing 802.11i (CCMP) re-authentication for wireless 802.11 station (supplicant). Access Point is Proxim Orinono AP600 and RADIUS Server is FreeRADIUS 1.0.1. Now while the initial first time CCMP authentication goes on alright, the reauthentication just never happens. When the session_timeout on the RADIUS Server expires, re-authentication DOES start but it just never goes beyond the Access Point asking for Station/Supplicant for the ID (Req-ID). Supplicant responds with the proper ID but then nothing happens. Access Point keeps on sending the Request-ID packets to the Station/Supplicant and the process never moves. Could someone please tell me exactly is happening? Are there some special requirements for 802.1X "Re-authentication" with 802.11i (CCMP)? Many thanks. Bilal _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ From brix at gentoo.org Tue Mar 29 08:17:45 2005 From: brix at gentoo.org (Henrik Brix Andersen) Date: Tue, 29 Mar 2005 15:17:45 +0200 Subject: ipw2200 + wpa_supplicant + wep AP In-Reply-To: <4241FDC4.3040102@serrado.net> References: <42401306.4060004@marioland.it> <4241FDC4.3040102@serrado.net> Message-ID: <1112102266.18623.1.camel@sponge.fungus> On Wed, 2005-03-23 at 23:37 +0000, Pedro Ramalhais wrote: > It's a known problem with the current driver. There's a work-around for > wpa_supplicant which involves patching it with a patch that you can > probably find in the hostap ML archives or in the debian package. Has this patch been submitted for inclusion in wpa_supplicant proper? ./Brix -- Henrik Brix Andersen Gentoo Linux -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050329/4d67e4ee/attachment.pgp From hostap at cos.user.lysator.liu.se Tue Mar 29 03:55:17 2005 From: hostap at cos.user.lysator.liu.se (Martin Samuelsson) Date: Tue, 29 Mar 2005 10:55:17 +0200 Subject: Simple wpa_supplicant question [Resolved] In-Reply-To: References: <20050315100230.GB22384@ch.lugn.nu> <20050317110101.GD6908@ch.lugn.nu> Message-ID: <20050329085516.GB8367@ch.lugn.nu> On Fri, Mar 18, 2005 at 06:55:58AM +1300, Ian McDonald wrote: > Have a look at this which should help you: > > ... > > The parent URL also has lots of useful info: > ... For what it's worth. Maybe to anyone else searching this thread having the same problem. The cause of the problem was neither wpa_supplicant nor bugs in the ipw driver, but actually due to a bug introduced in the debian packaging. Debian bug #296291 to be exact. -- /Martin From jkmaline at cc.hut.fi Tue Mar 29 09:54:46 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Tue, 29 Mar 2005 06:54:46 -0800 Subject: Signal testing In-Reply-To: References: Message-ID: <20050329145446.GM8180@jm.kir.nu> On Tue, Mar 29, 2005 at 11:16:12AM +0200, Marcin Dabrowski wrote: > In prism manual I read that if card works in host_roaming > mode=2 it should pass all data frames to the driver. So, where in > hostap driver is function which is responsible for receiving data > frames in this mode? I ask, beacuse I've noticed that in AP mode, while > driver process received frames it is also given the hostap_80211_rx_status > structure which contains information about signal quality. If there was > similar routine (using hostap_80211_rx_status struct) in host_roaming=2 it > could help to determine when scanning process should start. There is no special receive function for host_roaming=2; it shares the same receive function like all other modes. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Tue Mar 29 09:55:43 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Tue, 29 Mar 2005 06:55:43 -0800 Subject: Scanning routine In-Reply-To: References: Message-ID: <20050329145543.GN8180@jm.kir.nu> On Tue, Mar 29, 2005 at 10:53:41AM +0200, Marcin Dabrowski wrote: > But is there any routine which is called before scanning has been > started ?? For example if there was one, it could be possible to change > host_roaming mode to 2 in that routine, do scanning manually, and at the > end restore host_roaming to 1. I'm not aware of any way to get such event from the firmware. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Tue Mar 29 10:14:14 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Tue, 29 Mar 2005 07:14:14 -0800 Subject: Re-authentication issue In-Reply-To: References: Message-ID: <20050329151414.GO8180@jm.kir.nu> On Tue, Mar 29, 2005 at 06:15:07PM +0500, Bilal Shahid wrote: > I am testing 802.11i (CCMP) re-authentication for wireless 802.11 station > (supplicant). Access Point is Proxim Orinono AP600 and RADIUS Server is > FreeRADIUS 1.0.1. Which supplicant are you using? Please send debug log from it. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Tue Mar 29 10:15:39 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Tue, 29 Mar 2005 07:15:39 -0800 Subject: ipw2200 + wpa_supplicant + wep AP In-Reply-To: <1112102266.18623.1.camel@sponge.fungus> References: <42401306.4060004@marioland.it> <4241FDC4.3040102@serrado.net> <1112102266.18623.1.camel@sponge.fungus> Message-ID: <20050329151539.GP8180@jm.kir.nu> On Tue, Mar 29, 2005 at 03:17:45PM +0200, Henrik Brix Andersen wrote: > On Wed, 2005-03-23 at 23:37 +0000, Pedro Ramalhais wrote: > > It's a known problem with the current driver. There's a work-around for > > wpa_supplicant which involves patching it with a patch that you can > > probably find in the hostap ML archives or in the debian package. > > Has this patch been submitted for inclusion in wpa_supplicant proper? If this is the patch that breaks moving between WPA and non-WPA cases, it is not going to be merged in.. Something needs to be fixed in the driver. -- Jouni Malinen PGP id EFC895FA From daber at student.uci.agh.edu.pl Tue Mar 29 10:34:01 2005 From: daber at student.uci.agh.edu.pl (Marcin Dabrowski) Date: Tue, 29 Mar 2005 17:34:01 +0200 (CEST) Subject: Scanning routine Message-ID: > But is there any routine which is called before scanning has been >> started ?? For example if there was one, it could be possible to change >> host_roaming mode to 2 in that routine, do scanning manually, and at the >> end restore host_roaming to 1. >>I'm not aware of any way to get such event from the firmware. So in host_roaming = 2 I can only test signal quality during data tramsminssion. Is there any way to influence the channel that are to scan in host_roaming mode set to 1. How is the scanning done in this mode: by sending probe requests or analyzing beacons ?? Marcin From espy at pepper.com Tue Mar 29 11:36:51 2005 From: espy at pepper.com (Tony Espy) Date: Tue, 29 Mar 2005 11:36:51 -0500 Subject: Selective scanning solution In-Reply-To: <20050329034256.GK8180@jm.kir.nu> References: <20050327054442.GB8426@jm.kir.nu> <42489EA0.5050000@pepper.com> <20050329034256.GK8180@jm.kir.nu> Message-ID: <42498423.4030906@pepper.com> Jouni Malinen wrote: > On Mon, Mar 28, 2005 at 07:17:36PM -0500, Tony Espy wrote: > >>This last paragraph is a bit of a surprise to me. I've actually made >>some modifications to wpa_supplicant to allow another process to ask it >>to scan and/or associate via the control socket. I haven't seen a >>problem with the connection dropping when this is done. > > Which firmware version are you using? I'm testing with STA f/w v1.8.3 > and it ended up in odd state where all TX packets are being dropped if I > do a scan request in host_roaming=2 mode. We're mostly using STA f/w v1.8.3, although some of our pads are running v1.7.4. The PRI f/w is a mix of v1.1.0 and v1.1.1. FYI, I'm only doing BROADCAST scans, never for a single SSID. >>p.s. I haven't made my wpa_supplicant changes available as I intend to >>port them to 0.3.7 first, however if you ( or anyone else ) are >>interested in seeing them please let me know. > > In generel, I would suggest the "release early, release often" mantra > often used with Linux development. I don't have a fixed plan on when > something like this would happen, but improvements on this area are > certainly on my to-do list for wpa_supplicant.. In other words, there > are risks of doing double work here. Point taken. I've only really been working with Linux for about 9 months or so ( and HostAP / wpa_supplicant for about 5 months ). I definately need to port my changes to your latest stable release before publishing them. It's on my to-do list. I've been fighting hardware lockup problems ( most likely our hardware bug ), signal quality problems and most recently problems with our DHCP client that all need to be fixed before we can ship... so these have to come first. By the way, in addition to the scan and associate requests over the control socket, I also had to switch the control socket from Unix Domain sockets to Inet sockets so I could talk to the socket from Java ( which lacks UD socket support ). This might also be something you'd want to incorporate as a config option. Also, did you see my note re: use of both wifi0 and wlan0 in Managed mode? I want to push ahead with this idea, but I'm not sure this is a valid use of HostAP's devices. thanks, Tony Espy Pepper Computer From ramalhais at serrado.net Tue Mar 29 11:47:34 2005 From: ramalhais at serrado.net (Pedro Ramalhais) Date: Tue, 29 Mar 2005 17:47:34 +0100 Subject: ipw2200 + wpa_supplicant + wep AP In-Reply-To: <1112102266.18623.1.camel@sponge.fungus> References: <42401306.4060004@marioland.it> <4241FDC4.3040102@serrado.net> <1112102266.18623.1.camel@sponge.fungus> Message-ID: <424986A6.1050706@serrado.net> Henrik Brix Andersen wrote: > On Wed, 2005-03-23 at 23:37 +0000, Pedro Ramalhais wrote: > >>It's a known problem with the current driver. There's a work-around for >>wpa_supplicant which involves patching it with a patch that you can >>probably find in the hostap ML archives or in the debian package. > > > Has this patch been submitted for inclusion in wpa_supplicant proper? > > ./Brix That patch is not acceptable since it breaks ipw2100. From kshogan at linora.com Tue Mar 29 04:58:51 2005 From: kshogan at linora.com (Kelly Hogan) Date: Tue, 29 Mar 2005 01:58:51 -0800 Subject: Radio Stops Receiving on wlan0 - wifi0 shows traffic Message-ID: <1112090331.9126.19.camel@m187.linora.com> We have an interesting scenario where we see RX traffic at the wlan0 interface stop. TX continues, but RX blocks. We do see traffic at the wifi0 layer, but it is somehow not migrating to the wlan0 interface. We also see that the wlan0 interface is dropping packets on the receive side. Wlan0 is then bridged to a br0 interface. wifi0 Link encap:UNSPEC HWaddr 00-02-6F-36-9E-F4-00-00-00-00-00-00-00-00-00-00 unspec addr:[NONE SET] Bcast:[NONE SET] Mask:[NONE SET] UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:88038 errors:0 dropped:0 overruns:0 frame:0 TX packets:26644 errors:0 dropped:0 overruns:0 carrier:0 Collisions:0 Interrupt:10 Memory:c4888000-c4889000 wlan0 Link encap:Ethernet HWaddr 00:02:6F:36:9E:F4 unspec addr:[NONE SET] Bcast:[NONE SET] Mask:[NONE SET] UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:6248 errors:0 dropped:8711 overruns:0 frame:0 TX packets:14125 errors:0 dropped:0 overruns:0 carrier:0 Collisions:0 Interrupt:10 Memory:c4888000-c4889000 We see an interesting set packets in the wifi0 stream. 17:10:50.014934 > 0:0:0:0:0:0 > 0:2:6f:36:9e:f4 802.1d ui/C 17:10:51.260680 > 0:0:0:0:0:0 null > 0:2:6f:36:9e:f4 sap b0 I (s=0,r=0,C) len=26 0002 6f36 9ef4 0002 6f36 9ef4 0002 6f36 9ef4 0000 0000 0200 0100 17:10:52.014959 > 0:0:0:0:0:0 > 0:2:6f:36:9e:f4 802.1d ui/C 17:10:52.252912 > 0:0:0:0:0:0 null > 0:2:6f:36:9e:f4 sap b0 I (s=0,r=0,C) len=26 0002 6f36 9ef4 0002 6f36 9ef4 0002 6f36 9ef4 0000 0000 0200 0100 17:10:57.235225 > ip_hl < 5 (0) 17:10:58.014924 > 0:0:0:0:0:0 > 0:2:6f:36:9e:f4 802.1d ui/C 17:10:58.239371 > 0:0:0:0:0:0 null > 0:2:6f:36:9e:f4 sap b0 I (s=0,r=0,C) len=26 0002 6f36 9ef4 0002 6f36 9ef4 0002 6f36 9ef4 0000 0000 0200 0100 Anyone know what those are? The radio can only return to running mode after a complete power cycle, not reboot, but power down the radio and restart. We are using hostap 0.2.4 stable, fw 1.5.6 & 1.1.0 Thanks for any ideas. From brix at gentoo.org Tue Mar 29 15:12:09 2005 From: brix at gentoo.org (Henrik Brix Andersen) Date: Tue, 29 Mar 2005 22:12:09 +0200 Subject: ipw2200 + wpa_supplicant + wep AP In-Reply-To: <20050329151539.GP8180@jm.kir.nu> References: <42401306.4060004@marioland.it> <4241FDC4.3040102@serrado.net> <1112102266.18623.1.camel@sponge.fungus> <20050329151539.GP8180@jm.kir.nu> Message-ID: <1112127129.11263.0.camel@sponge.fungus> On Tue, 2005-03-29 at 07:15 -0800, Jouni Malinen wrote: > If this is the patch that breaks moving between WPA and non-WPA cases, > it is not going to be merged in.. Something needs to be fixed in the > driver. Right. I wasn't aware that it broke other scenarios. ./Brix -- Henrik Brix Andersen Gentoo Linux -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050329/f52a372b/attachment.pgp From ognjen at mailshack.com Tue Mar 29 15:39:12 2005 From: ognjen at mailshack.com (Ognjen Bezanov) Date: Tue, 29 Mar 2005 20:39:12 +0000 Subject: Can HostAP be used with manged mode? Message-ID: <4249BCF0.2070303@mailshack.com> Ok, so i have hostap installed on my PC (with a prism II pcmcia card) and it functions as an access point well. Now my question is how can i get the card to work in managed mode? sometimes i want to associate to other networks but the card (when placed in managed mode) refuses to associate to any AP. Can the hostap(_cs) driver work in managed mode? If it can how do i go about setting it up to? and If it cant can anyone tell me what drivers are needed to use my card in managed mode (preferably without losing hostap functionality) and in wireless-tools Cheers P.S Running Gentoo with kernel 2.4.28 From espy at pepper.com Tue Mar 29 16:30:07 2005 From: espy at pepper.com (Tony Espy) Date: Tue, 29 Mar 2005 16:30:07 -0500 Subject: Can HostAP be used with manged mode? In-Reply-To: <4249BCF0.2070303@mailshack.com> References: <4249BCF0.2070303@mailshack.com> Message-ID: <4249C8DF.2000805@pepper.com> Ognjen Bezanov wrote: > Ok, so i have hostap installed on my PC (with a prism II pcmcia card) > and it functions as an access point well. > > Now my question is how can i get the card to work in managed mode? > > sometimes i want to associate to other networks but the card (when > placed in managed mode) refuses to associate to any AP. > > Can the hostap(_cs) driver work in managed mode? yes. > If it can how do i go about setting it up to? first, checkout the README in the top-level of the driver distribution...as we used to say, 'RTFM'. ;)- if the driver/modules are already loaded, you need to make sure that you set the mode to "managed", then mark at least one of the devices ( eg. wlan0 ) UP with 'ifconfig'. to associate with an open AP, you need hostap.o and hostap_cs.o modules; the command to associate with an AP is: iwconfig wlan0 essid if the AP is configured for WEP, you need the additional hostap_crypt_wep.o module. then do something like this: iwconfig wlan0 essid key 01ffab.... OR s:ASCIIKey if you're trying to associate with a WPA access point, you'll need wpa_supplicant in the picture too. ciao, Tony Espy Pepper Computer From jim at grayraven.com Tue Mar 29 17:35:32 2005 From: jim at grayraven.com (Jim Howard) Date: Tue, 29 Mar 2005 16:35:32 -0600 Subject: WPA-PSK Message 2 MIC calculation question Message-ID: <015701c534af$9e60c3b0$060110ac@austin.swinc.com> Howdy, I'm working on my own TKIP WPA-PSK client. I'm having trouble with message 2 of the four way handshake. Specifcally, using Ethereal I can verify that I correctly send EAPOL start, and that I correctly parse Message 1 from the Access point to the supplicant. I compose Message 2 according to the spec. My routines for calculating the password hash, pairwise temporal key, and HMAC-MD5 hash produce the correct answers when using the spec test vectors. When I send Message 2 it is ignored by the AP, and ethereal complains that it is a malformed packet. Here is my Message 2 as captured: ================================= No. Time Source Destination Protocol Info 14 38.256563 172.16.1.6 D-Link_bc:28:e9 EAPOL Key[Malformed Packet] Frame 14 (121 bytes on wire, 121 bytes captured) Arrival Time: Mar 29, 2005 16:22:20.661177000 Time delta from previous packet: 1.250820000 seconds Time since reference or first frame: 38.256563000 seconds Frame Number: 14 Packet Length: 121 bytes Capture Length: 121 bytes Ethernet II, Src: 00:02:8a:c8:33:2a, Dst: 00:0d:88:bc:28:e9 Destination: 00:0d:88:bc:28:e9 (D-Link_bc:28:e9) Source: 00:02:8a:c8:33:2a (172.16.1.6) Type: 802.1X Authentication (0x888e) 802.1x Authentication Version: 1 Type: Key (3) Length: 121 Descriptor Type: EAPOL WPA key (254) Key Information: 0x0109 .... .... .... .001 = Key Descriptor Version: HMAC-MD5 for MIC and RC4 for encryption (1) .... .... .... 1... = Key Type: Pairwise key .... .... ..00 .... = Key Index: 0 .... .... .0.. .... = Install flag: Not set .... .... 0... .... = Key Ack flag: Not set .... ...1 .... .... = Key MIC flag: Set .... ..0. .... .... = Secure flag: Not set .... .0.. .... .... = Error flag: Not set .... 0... .... .... = Request flag: Not set ...0 .... .... .... = Encrypted Key Data flag: Not set Key Length: 32 Replay Counter: 3 Nonce: FCFB4B2ADC5C314394AB890413628B3D1F571880369EE664... Key IV: 00000000000000000000000000000000 WPA Key RSC: 0000000000000000 WPA Key ID: 0000000000000000 WPA Key MIC: 5BC9C16E109AB8C9347A2156283A4396 WPA Key Length: 26 [Malformed Packet: EAPOL] 0000 00 0d 88 bc 28 e9 00 02 8a c8 33 2a 88 8e 01 03 ....(.....3*.... 0010 00 79 fe 01 09 00 20 00 00 00 00 00 00 00 03 fc .y.... ......... 0020 fb 4b 2a dc 5c 31 43 94 ab 89 04 13 62 8b 3d 1f .K*.\1C.....b.=. 0030 57 18 80 36 9e e6 64 16 38 38 97 84 fa fa 8e 00 W..6..d.88...... 0040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5b ...............[ 0060 c9 c1 6e 10 9a b8 c9 34 7a 21 56 28 3a 43 96 00 ..n....4z!V(:C.. 0070 1a dd 18 00 50 f2 01 01 00 ....P.... ====================================== I am not sure what the problem is, but I have two suspections: 1) I may not be correctly calcuting the MIC. Specifically, am I correct in saying that: a) the MIC is calculated using HMAC-MD5 , and b) the input to the HMAC-MD5 has function should be the frame as shown above begining just past the destination and source address, that is starting with the ethernet verison packet: 01, 03, 00, 79..... and continuing through the end of the Information Element at the end of the packet? As you see, Ethereal is truncating the IE for some reason. 2) I am returning the Information Element exactly as I receive it from the access point. Is that correct, or should I do some kind of processing on it? Thanks, Jim Howard -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050329/96983fa0/attachment.htm From cathyliu at aphelions.com Tue Mar 29 20:32:22 2005 From: cathyliu at aphelions.com (cathylilu) Date: Wed, 30 Mar 2005 09:32:22 +0800 Subject: Wpa_supplicant can not send associattion request Message-ID: <20050330013223.D1F83394025@mail.aphelions.com> Dear All, I have some problems with wpa_supplicant v0.2.5+prism54. Prism54 do not support WPA. So I modify the prism54 based on initial patches from Jouni Malinen jkmaline at cc.hut.fi Wpa_supplicant can not send ASSOC Req to the AP. Wpa_supplicant has following actions 1. Scan 2. Get_scan_result 3. Set_wpa_ie, Set_freq, Set_ssid, Set_bssid After Set_bssid, Wpa_supplicant can not trigger the dirver to send "ASSCOReq" Any comment for me, I will very appreciate. Thanks in advance. CathyLiu -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050330/814779ad/attachment.htm From jkmaline at cc.hut.fi Tue Mar 29 23:35:50 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Tue, 29 Mar 2005 20:35:50 -0800 Subject: Wpa_supplicant can not send associattion request In-Reply-To: <20050330013223.D1F83394025@mail.aphelions.com> References: <20050330013223.D1F83394025@mail.aphelions.com> Message-ID: <20050330043550.GR8180@jm.kir.nu> On Wed, Mar 30, 2005 at 09:32:22AM +0800, cathylilu wrote: > I have some problems with wpa_supplicant v0.2.5+prism54. > > Prism54 do not support WPA. > Any comment for me, I will very appreciate. You already know the most important part and wrote it above.. This is not yet supported. This is a driver specific issue and a Pris54.org mailing list would be better place for discussion on how to get WPA working in client mode with those cards. -- Jouni Malinen PGP id EFC895FA From bilal_shahid4 at hotmail.com Wed Mar 30 00:17:34 2005 From: bilal_shahid4 at hotmail.com (Bilal Shahid) Date: Wed, 30 Mar 2005 10:17:34 +0500 Subject: Re-authentication issue In-Reply-To: <20050329151414.GO8180@jm.kir.nu> Message-ID: Thanks you for your reply. Supplicant is Open1X modified to cater WPA/802.11i. Unfortunately, no debug log exists for it. Complete and successful reauthentication occurs with TKIP-TLS combination but fails for CCMP-TLS combination as I mentioned in my previous message. I understand that ut would be hard to give any input in the absence of a debug log but even if someone could point out any known reauthentication issues with CCMP or any special CCMP requirements with respect to reauthentication it would be very helpful. Just would like to add that Supplicant on its part is doing this correctly apparently. For example, the Response-Id it sends to the AP600 does reach the FreeRADIUS Server, the server parses it correctly and sends out a challenge response to be delivered to the Supplicant. The AP however, seems to block that challenge response from the Free RADIUS Server and never delivers it to the Supplicant. Could it be that the AP doesn't like the encrytion being done by the Supplicant? All the re-authentication exchanges are of course taking place in encrypted format. Thanks Bilal >From: Jouni Malinen >To: hostap at shmoo.com >Subject: Re: Re-authentication issue >Date: Tue, 29 Mar 2005 07:14:14 -0800 > >On Tue, Mar 29, 2005 at 06:15:07PM +0500, Bilal Shahid wrote: > > > I am testing 802.11i (CCMP) re-authentication for wireless 802.11 >station > > (supplicant). Access Point is Proxim Orinono AP600 and RADIUS Server is > > FreeRADIUS 1.0.1. > >Which supplicant are you using? Please send debug log from it. > >-- >Jouni Malinen PGP id EFC895FA >_______________________________________________ >HostAP mailing list >HostAP at shmoo.com >http://lists.shmoo.com/mailman/listinfo/hostap _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ From sree_raju at rediffmail.com Wed Mar 30 01:21:29 2005 From: sree_raju at rediffmail.com (Sreedhar .M) Date: 30 Mar 2005 06:21:29 -0000 Subject: Wpa_supplicant can not send associattion request Message-ID: <20050330062129.9653.qmail@webmail8.rediffmail.com> hi. wpa of smc router(A.P) u need to configure the WEP keys wep key1,k2...k4 ; post it by HTTP client to the server(HTTP) ..i mean smc server POST /cgi-bin/wireless.exe HTTP1.0/1.1 lemme tell wat happned after the configuration !!! regards sreedhar -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050330/ad0572b0/attachment.htm From preining at logic.at Wed Mar 30 01:40:53 2005 From: preining at logic.at (Norbert Preining) Date: Wed, 30 Mar 2005 08:40:53 +0200 Subject: Bug#287220: wpa_supplicant and unkown open AP In-Reply-To: <20050321085058.GG14614@gamma.logic.tuwien.ac.at> References: <20050311172034.GB24969@gamma.logic.tuwien.ac.at> <20050313131933.GD28644@ch.lugn.nu> <20050314234538.GB4394@roadwarrior.mcmartin.ca> <20050316193924.GA4128@ch.lugn.nu> <20050318130900.GF628@gamma.logic.tuwien.ac.at> <20050320115024.GA5107@ch.lugn.nu> <20050321085058.GG14614@gamma.logic.tuwien.ac.at> Message-ID: <20050330064053.GC26380@gamma.logic.tuwien.ac.at> On Mon, 21 M?r 2005, preining wrote: > Ok, so it was too simple. Well, I will look into the code and see what > has happened. The problem is that I don't have an AP around here to test > it, grrr. SUCCESS!! Ok, at least for *me* it did work with the attached patch. I don't know when the other function is called, but I found the place where it is really usefull to add the patch. Here in my flat it worked ... See attached diff Best wishes Norbert ------------------------------------------------------------------------------- Norbert Preining Universit? di Siena sip:preining at at43.tuwien.ac.at +43 (0) 59966-690018 gpg DSA: 0x09C5B094 fp: 14DF 2E6C 0307 BE6D AD76 A9C0 D2BF 4AA3 09C5 B094 ------------------------------------------------------------------------------- GREAT WAKERING (participial vb.) Panic which sets in when you badly need to go to the lavatory and cannot make up your mind about what book or magazine to take with you. --- Douglas Adams, The Meaning of Liff -------------- next part -------------- --- wpa_supplicant.c.orig 2005-03-30 08:35:18.000000000 +0200 +++ wpa_supplicant.c 2005-03-30 08:34:10.000000000 +0200 @@ -1756,6 +1756,26 @@ break; } } + /* scan for ssid=* */ + for (ssid = group; ssid; ssid = ssid->pnext) { + if (ssid->ssid_len == 1 && + memcmp(ssid->ssid,"*",1) == 0 + && + (!ssid->bssid_set || + memcmp(bss->bssid, ssid->bssid, ETH_ALEN) == 0) && + ((ssid->key_mgmt & WPA_KEY_MGMT_NONE) || + (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA))) + { + selected = bss; + *selected_ssid = ssid; + wpa_printf(MSG_DEBUG, " selected non-WPA DEFAULT AP " + MACSTR " ssid='%s'", + MAC2STR(bss->bssid), + wpa_ssid_txt(bss->ssid, + bss->ssid_len)); + break; + } + } } return selected; From vatn at imit.kth.se Wed Mar 30 02:22:48 2005 From: vatn at imit.kth.se (Jon-Olov Vatn) Date: Wed, 30 Mar 2005 09:22:48 +0200 (CEST) Subject: OT: Latency studies of EAP methods? Message-ID: <33043.130.237.15.67.1112167368.squirrel@webmail.imit.kth.se> Hi, Is anyone aware of some good studies providing practical delay measurements on various EAP authentication schemes (EAP-TLS, EAP-SIM, ...), either in general or in the context of e.g., IEEE 802.11i/802.1X, PPP/PPTP/L2TP or IKEv2? Sorry to post a question which is a bit off topic, but I believe there are a lot of people knowledgeable in this area subscribing to this list. BW J-O From NEENAMS at nestec.net Wed Mar 30 03:12:57 2005 From: NEENAMS at nestec.net (NEENA M S) Date: Wed, 30 Mar 2005 13:42:57 +0530 Subject: roaming ap? Message-ID: hi, i have a doubt. at the time of roaming the old ap sends some context to new ap (move response- 802.11f). what is the context need to transfer from the old ap to new ap? is there any need to send sib (station transmit frame count ,error frames etc) infoamtation to new ap? regards neena --------------------------------------------------------------------------- "This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email or any action taken upon this e-mail is strictly prohibited and may be unlawful." --------------------------------------------------------------------------- From glynedwards at fastmail.fm Wed Mar 30 03:33:11 2005 From: glynedwards at fastmail.fm (Glyn Edwards) Date: Wed, 30 Mar 2005 09:33:11 +0100 Subject: Madwifi, wpa_supplicant, static 104bit WEP, key not set Message-ID: <1112171591.11881.11.camel@localhost> Hi, I am using the Madwifi drivers with the following versions wlan: 0.8.4.5 (EXPERIMENTAL) ath_hal: 0.9.12.14 (AR5210, AR5211, AR5212) ath_rate_onoe: 1.0 ath_pci: 0.9.4.12 (EXPERIMENTAL) and the wpa_supplicant version 0.3.8 I have a simple static WEP network using a 104bit WEP key which I can associate with normally. Wpa_supplicant finds the network and sets up everything apart from the key and I can't seem to work out why. My wpa_supplicant.conf contains (with the key changed) # Shared WEP key connection (no WPA, no IEEE 802.1X) network={ ssid="Exxon4" key_mgmt=NONE wep_key0=3C261837B41ED435C7A11ECB3D priority=5 } The output of wpa_supplicant launched with wpa_supplicant -dd -D madwifi -i ath0 -c /etc/wpa_supplicant.conf" is at http://www.srcf.ucam.org/~grhe2/wpa_debug The only thing I can see the card complain about is a bad parameter for scanning. Have I got the syntax in wpa_supplicant.conf wrong (It seems to parse correctly) or is it something else. Many thanks in advance Glyn From jkmaline at cc.hut.fi Wed Mar 30 09:11:05 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Wed, 30 Mar 2005 06:11:05 -0800 Subject: Bug#287220: wpa_supplicant and unkown open AP In-Reply-To: <20050330064053.GC26380@gamma.logic.tuwien.ac.at> References: <20050311172034.GB24969@gamma.logic.tuwien.ac.at> <20050313131933.GD28644@ch.lugn.nu> <20050314234538.GB4394@roadwarrior.mcmartin.ca> <20050316193924.GA4128@ch.lugn.nu> <20050318130900.GF628@gamma.logic.tuwien.ac.at> <20050320115024.GA5107@ch.lugn.nu> <20050321085058.GG14614@gamma.logic.tuwien.ac.at> <20050330064053.GC26380@gamma.logic.tuwien.ac.at> Message-ID: <20050330141105.GS8180@jm.kir.nu> On Wed, Mar 30, 2005 at 08:40:53AM +0200, Norbert Preining wrote: > SUCCESS!! Ok, at least for *me* it did work with the attached patch. I > don't know when the other function is called, but I found the place > where it is really usefull to add the patch. Thanks. However, * is a valid SSID, so I'm not going to accept it as a special wildcard for something like this. Trivial change would be to change the test to be ssid_len == 0.. I'll merge this into the wpa_supplicant development tree after a quick test. -- Jouni Malinen PGP id EFC895FA From preining at logic.at Wed Mar 30 16:37:18 2005 From: preining at logic.at (Norbert Preining) Date: Wed, 30 Mar 2005 23:37:18 +0200 Subject: Bug#287220: wpa_supplicant and unkown open AP In-Reply-To: <20050330141105.GS8180@jm.kir.nu> References: <20050311172034.GB24969@gamma.logic.tuwien.ac.at> <20050313131933.GD28644@ch.lugn.nu> <20050314234538.GB4394@roadwarrior.mcmartin.ca> <20050316193924.GA4128@ch.lugn.nu> <20050318130900.GF628@gamma.logic.tuwien.ac.at> <20050320115024.GA5107@ch.lugn.nu> <20050321085058.GG14614@gamma.logic.tuwien.ac.at> <20050330064053.GC26380@gamma.logic.tuwien.ac.at> <20050330141105.GS8180@jm.kir.nu> Message-ID: <20050330213718.GA18859@gamma.logic.tuwien.ac.at> Dear Jouni! On Mit, 30 M?r 2005, Jouni Malinen wrote: > Thanks. However, * is a valid SSID, so I'm not going to accept it as a > special wildcard for something like this. Trivial change would be to > change the test to be ssid_len == 0.. I'll merge this into the > wpa_supplicant development tree after a quick test. Oh, thanks for this, but please take at least 10secs to check wether there are no other border cases. It *is* working in my setting, but I couldn't test it with other cases. I just checked the messages of wpa_supplicant -dd, got the function which is called for getting AP, and added this one loop. Maybe there are other places where something similar should be added. Concerning * vs something else: Does this mean we will have to add something like ssid=""; or leave out the ssid entry completely? Best wishes Norbert ------------------------------------------------------------------------------- Norbert Preining Universit? di Siena sip:preining at at43.tuwien.ac.at +43 (0) 59966-690018 gpg DSA: 0x09C5B094 fp: 14DF 2E6C 0307 BE6D AD76 A9C0 D2BF 4AA3 09C5 B094 ------------------------------------------------------------------------------- RECULVER (n.) The sort of remark only ever made during Any Questions. --- Douglas Adams, The Meaning of Liff From gonzalo.diethelm at diethelm.org Wed Mar 30 19:16:28 2005 From: gonzalo.diethelm at diethelm.org (Gonzalo Diethelm) Date: Wed, 30 Mar 2005 20:16:28 -0400 Subject: wpa_supplicant, madwifi and WEP? Message-ID: <1112228188.3412.20.camel@laptop-gonzo> Hello, first post here. I'm using linux 2.6.8 (debian unstable), and my WiFi card is: 0000:00:09.0 Ethernet controller: Atheros Communications, Inc. AR5212802.11abg NIC (rev 01) The madwifi driver is from CVS as of today. This is my wpa_supplicant configuration (the XXX values are there to protect the innocent): network={ ssid="XXX" scan_ssid=1 priority=50 auth_alg=SHARED key_mgmt=NONE wep_key0=xxxxxxxxx0 wep_key1=xxxxxxxxx1 wep_key2=xxxxxxxxx2 wep_key3=xxxxxxxxx3 wep_tx_keyidx=0 } The scan_ssid is there because this network does not broadcast its SSID; is this the right approach? (At least it did allow me to find the AP and try to bind to it). Now, when I run wpa_supplicant in debug mode it does find the AP and it does bind to it, but the WEP keys are never passed on to the card, and therefore the card eventually unbinds from the AP. Here is part of the log I'm seeing: Trying to associate with 00:4f:62:00:00:2a (SSID='ovislink' freq=2437 MHz) Cancelling scan request Automatic auth_alg selection: 0x1 Overriding auth_alg selection: 0x2 No keys have been configured - skip key clearing wpa_driver_madwifi_set_key: alg=WEP key_idx=0 set_tx=1 seq_len=0 key_len=5 wpa_driver_madwifi_set_key: alg=WEP key_idx=1 set_tx=0 seq_len=0 key_len=5 wpa_driver_madwifi_set_key: alg=WEP key_idx=2 set_tx=0 seq_len=0 key_len=5 wpa_driver_madwifi_set_key: alg=WEP key_idx=3 set_tx=0 seq_len=0 key_len=5 wpa_driver_madwifi_set_drop_unencrypted: enabled=1 wpa_driver_madwifi_associate wpa_driver_madwifi_set_wpa: enabled=0 Setting authentication timeout: 5 sec 0 usec EAPOL: External notification - portControl=ForceAuthorized Wireless event: cmd=0x8b1a len=21 Wireless event: cmd=0x8b15 len=20 Wireless event: new AP: 00:4f:62:00:00:2a Association event - clear replay counter Associated to a new BSS: BSSID=00:4f:62:00:00:2a Associated with 00:4f:62:00:00:2a EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 EAPOL: External notification - portEnabled=1 EAPOL: SUPP_PAE entering state S_FORCE_AUTH EAPOL: SUPP_BE entering state IDLE EAP: EAP entering state INITIALIZE EAP: EAP entering state IDLE Cancelling authentication timeout RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added After that final line, I do a iwconfig on the card and it does show the correct AP MAC address and ESSID name, but the encryption key is off. Can anybody give me a hand here? Am I misconfiguring wpa_supplicant? Is perhaps this mode (WEP with encryption) not supported? Thanks in advance, and best regards. -- Gonzalo Diethelm gonzalo.diethelm at aditiva.com From bigjoe1008 at gmail.com Wed Mar 30 21:53:34 2005 From: bigjoe1008 at gmail.com (Joe Harnish) Date: Wed, 30 Mar 2005 21:53:34 -0500 Subject: Building with EAP-FAST support Message-ID: <1112237615.6339.7.camel@doit-l52125> Hello, Does anyone know how to work around this: tls_openssl.c: In function `tls_connection_client_hello_ext': tls_openssl.c:852: error: structure has no member named `hello_extension' tls_openssl.c:854: error: structure has no member named `hello_extension' tls_openssl.c:855: error: structure has no member named `hello_extension_len' tls_openssl.c:859: error: structure has no member named `hello_extension' tls_openssl.c:860: error: structure has no member named `hello_extension_len' tls_openssl.c:863: error: structure has no member named `hello_extension' tls_openssl.c:864: error: structure has no member named `hello_extension' tls_openssl.c:867: error: structure has no member named `hello_extension' tls_openssl.c:872: error: structure has no member named `hello_extension_len' make: *** [tls_openssl.o] Error 1 I am building with CONFIG-EAP-FAST=y Thanks for any help Joe From jkmaline at cc.hut.fi Wed Mar 30 22:09:37 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Wed, 30 Mar 2005 19:09:37 -0800 Subject: Bug#287220: wpa_supplicant and unkown open AP In-Reply-To: <20050330213718.GA18859@gamma.logic.tuwien.ac.at> References: <20050311172034.GB24969@gamma.logic.tuwien.ac.at> <20050313131933.GD28644@ch.lugn.nu> <20050314234538.GB4394@roadwarrior.mcmartin.ca> <20050316193924.GA4128@ch.lugn.nu> <20050318130900.GF628@gamma.logic.tuwien.ac.at> <20050320115024.GA5107@ch.lugn.nu> <20050321085058.GG14614@gamma.logic.tuwien.ac.at> <20050330064053.GC26380@gamma.logic.tuwien.ac.at> <20050330141105.GS8180@jm.kir.nu> <20050330213718.GA18859@gamma.logic.tuwien.ac.at> Message-ID: <20050331030937.GZ8180@jm.kir.nu> On Wed, Mar 30, 2005 at 11:37:18PM +0200, Norbert Preining wrote: > Concerning * vs something else: Does this mean we will have to add > something like > ssid=""; > or leave out the ssid entry completely? Both alternatives would work. -- Jouni Malinen PGP id EFC895FA From jkmaline at cc.hut.fi Wed Mar 30 22:17:45 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Wed, 30 Mar 2005 19:17:45 -0800 Subject: Building with EAP-FAST support In-Reply-To: <1112237615.6339.7.camel@doit-l52125> References: <1112237615.6339.7.camel@doit-l52125> Message-ID: <20050331031745.GA8180@jm.kir.nu> On Wed, Mar 30, 2005 at 09:53:34PM -0500, Joe Harnish wrote: > Does anyone know how to work around this: > > tls_openssl.c: In function `tls_connection_client_hello_ext': > tls_openssl.c:852: error: structure has no member named > I am building with CONFIG-EAP-FAST=y The current openssl release does not support all the functionality needed for EAP-FAST and as such, it requires a patch for this. The patch file (openssl-tls-extensions.patch) included in wpa_supplicant releases has proof-of-concept type of example on how this could be done. If you want to build EAP-FAST support, you will need to apply this patch to openssl. -- Jouni Malinen PGP id EFC895FA From cathyliu at aphelions.com Wed Mar 30 22:36:36 2005 From: cathyliu at aphelions.com (cathylilu) Date: Thu, 31 Mar 2005 11:36:36 +0800 Subject: Wpa_supplicant can not send associattion request Message-ID: <20050331033644.077F5394024@mail.aphelions.com> Dear Screedhar, Thanks for your response. Sorry, I don't real know what do you mean? So, I describe my testing environment. The "wpa_psk" client authenticate to AP. 1. Wpa_supplicant v0.2.5 +11G MINI PCI card (prism54) 2. ZyXEL G-3000 AP Wpa_supplicant .conf file see below. ####################################################################### network={ ssid="SURFAP1" proto=WPA key_mgmt=WPA-PSK pairwise=CCMP TKIP group=CCMP TKIP WEP104 WEP40 #psk="secretpassphrase" psk=125e8baeb8b8581f8834b9b4fef8379719d417dc9506fb06872f61774615d947 ########################################################################## Any comment for me, thanks in advance. Cathy Liu -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050331/3bd35b3c/attachment.htm From jay.smith at tenanji.com Wed Mar 30 22:53:10 2005 From: jay.smith at tenanji.com (Jay Smith) Date: Wed, 30 Mar 2005 21:53:10 -0600 Subject: How do you create a WPA --ACCESS POINT--? In-Reply-To: <20050327020908.GG8204@jm.kir.nu> References: <20050322211350.63662134184@mail.iocaine.com> <20050327020908.GG8204@jm.kir.nu> Message-ID: <424B7426.30306@tenanji.com> Jouni Malinen wrote: >On Tue, Mar 22, 2005 at 03:11:35PM -0600, mrcool at stupidgamerz.com wrote: > > > >>The readme only talks about using WPA as a client... How do you make an WPA >>access point?? >> >> > >Which readme are you talking about? hostapd README file has information >WPA for an AP. > > > I have read through the readme for hostapd and am unable to find the section about creating an access point. I see several references to access points but nothing that says here is how to create one. Can you verify I am looking at the correct readme? Thanks, Jay From jkmaline at cc.hut.fi Wed Mar 30 23:02:09 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Wed, 30 Mar 2005 20:02:09 -0800 Subject: Wpa_supplicant can not send associattion request In-Reply-To: <20050331033644.077F5394024@mail.aphelions.com> References: <20050331033644.077F5394024@mail.aphelions.com> Message-ID: <20050331040209.GB8180@jm.kir.nu> On Thu, Mar 31, 2005 at 11:36:36AM +0800, cathylilu wrote: > The "wpa_psk" client authenticate to AP. > > 1. Wpa_supplicant v0.2.5 +11G MINI PCI card (prism54) Prism54 are _not_ yet supported in WPA client mode. -- Jouni Malinen PGP id EFC895FA From imcdnzl at gmail.com Wed Mar 30 23:05:28 2005 From: imcdnzl at gmail.com (Ian McDonald) Date: Thu, 31 Mar 2005 16:05:28 +1200 Subject: Wpa_supplicant can not send associattion request In-Reply-To: <20050331040209.GB8180@jm.kir.nu> References: <20050331033644.077F5394024@mail.aphelions.com> <20050331040209.GB8180@jm.kir.nu> Message-ID: Cathy, In other words if you want to do WPA you need to buy a different card or write a lot of code. Jouni - rewriting your reply as this has already been misunderstood once. Regards, Ian On Wed, 30 Mar 2005 20:02:09 -0800, Jouni Malinen wrote: > On Thu, Mar 31, 2005 at 11:36:36AM +0800, cathylilu wrote: > > > The "wpa_psk" client authenticate to AP. > > > > 1. Wpa_supplicant v0.2.5 +11G MINI PCI card (prism54) > > Prism54 are _not_ yet supported in WPA client mode. > > -- > Jouni Malinen PGP id EFC895FA > _______________________________________________ > HostAP mailing list > HostAP at shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap > From docnielsen at gmail.com Thu Mar 31 00:26:14 2005 From: docnielsen at gmail.com (Doc Nielsen) Date: Thu, 31 Mar 2005 07:26:14 +0200 Subject: wpa_supplicant and ifupdown scripts Message-ID: <78e398b305033021261381a439@mail.gmail.com> Hey I was just wondering if it is possible to have wpa_supplicant (running as background daemon) exec some part of the ifupdown scripts available? I would really like to have ifup or dhclient run once i get connected to an AP. Is this possible? Will it be in the future? - Doc -- Evry little box should have a pat on the back by uid 0 at least once a day Even a tux or a beastie needs love, just like I do :o) From preining at logic.at Thu Mar 31 00:50:40 2005 From: preining at logic.at (Norbert Preining) Date: Thu, 31 Mar 2005 07:50:40 +0200 Subject: wpa_supplicant and ifupdown scripts In-Reply-To: <78e398b305033021261381a439@mail.gmail.com> References: <78e398b305033021261381a439@mail.gmail.com> Message-ID: <20050331055040.GA9283@gamma.logic.tuwien.ac.at> On Don, 31 M?r 2005, Doc Nielsen wrote: > I would really like to have ifup or dhclient run once i get connected to an AP. ifplugd http://0pointer.de/lennart/projects/ifplugd/ Best wishes Norbert ------------------------------------------------------------------------------- Norbert Preining Universit? di Siena sip:preining at at43.tuwien.ac.at +43 (0) 59966-690018 gpg DSA: 0x09C5B094 fp: 14DF 2E6C 0307 BE6D AD76 A9C0 D2BF 4AA3 09C5 B094 ------------------------------------------------------------------------------- ROCHESTER (n.) One who is able to gain occupation of the armrest on both sides of their cinema or aircraft seat. --- Douglas Adams, The Meaning of Liff From bigjoe1008 at gmail.com Thu Mar 31 10:18:04 2005 From: bigjoe1008 at gmail.com (Joe Harnish) Date: Thu, 31 Mar 2005 10:18:04 -0500 Subject: Building with EAP-FAST support In-Reply-To: <20050331031745.GA8180@jm.kir.nu> References: <1112237615.6339.7.camel@doit-l52125> <20050331031745.GA8180@jm.kir.nu> Message-ID: <1112282284.7378.2.camel@doit-l52125> Do you happen to know if this patch (or something similar) is going to be added to openssl? Thanks Joe On Wed, 2005-03-30 at 19:17 -0800, Jouni Malinen wrote: > On Wed, Mar 30, 2005 at 09:53:34PM -0500, Joe Harnish wrote: > > > Does anyone know how to work around this: > > > > tls_openssl.c: In function `tls_connection_client_hello_ext': > > tls_openssl.c:852: error: structure has no member named > > > I am building with CONFIG-EAP-FAST=y > > The current openssl release does not support all the functionality > needed for EAP-FAST and as such, it requires a patch for this. The > patch file (openssl-tls-extensions.patch) included in wpa_supplicant > releases has proof-of-concept type of example on how this could be done. > If you want to build EAP-FAST support, you will need to apply this patch > to openssl. > From kywu2 at ie.cuhk.edu.hk Thu Mar 31 10:28:14 2005 From: kywu2 at ie.cuhk.edu.hk (Tomy) Date: Thu, 31 Mar 2005 23:28:14 +0800 Subject: Implementation of dual queue Message-ID: <001601c53606$4542da40$25f4000a@yourtommy> Dear Jouni, If I would like to implentment a dual queue strategy, that is provide one queue for the real time packets and another queue for the non-real time packets and give priority to real time packets in order to improve the efficiency of the real time application. Which part of the hostap code do i need to pay attention to??? Or what material do i need to study to implement the above strategy?? Thank you very much Tomy -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050331/298772eb/attachment.htm From mrcool at stupidgamerz.com Thu Mar 31 12:54:34 2005 From: mrcool at stupidgamerz.com (mrcool at stupidgamerz.com) Date: Thu, 31 Mar 2005 11:54:34 -0600 Subject: Compiling hostapd problems Message-ID: <20050331175901.65DD8134290@mail.iocaine.com> Hello! Im trying to compile hostapd for madwifi to use it as an authenticator aginst radius (NO WPA WILL BE USED, NONE). I have been using hostap and hostapd to authenticate users for my wireless customers (just mac authentication), I wish to try a madwifi accesspoint, and am trying to compile hostapd to use with madwifi. I get this error: (I have turned OFF all the different ciphers in the driver, as Im not using wep, and have commented them out in the .config for hostapd) This is a cross compile (drivers are for wisp-dist 2.4.25 kernel). echo '#include ' >> driver_conf.c echo '#include ' >> driver_conf.c echo '#include ' >> driver_conf.c echo '#include ' >> driver_conf.c echo '#include "hostapd.h"' >> driver_conf.c echo '#include "driver.h"' >> driver_conf.c echo "void madwifi_driver_register(void);" >> driver_conf.c echo 'void register_drivers(void) {' >> driver_conf.c echo "madwifi_driver_register();" >> driver_conf.c echo '}' >> driver_conf.c gcc -MMD -O2 -Wall -g -DHOSTAPD_DUMP_STATE -I. -I../driver/modules -I../utils -I../wpa_supplicant -I../home/files/2.4.25/bsd/madwifi -DCONFIG_DRIVER_MADWIFI -c -o driver_conf.o driver_conf.c gcc -MMD -O2 -Wall -g -DHOSTAPD_DUMP_STATE -I. -I../driver/modules -I../utils -I../wpa_supplicant -I../home/files/2.4.25/bsd/madwifi -DCONFIG_DRIVER_MADWIFI -c -o driver_madwifi.o driver_madwifi.c driver_madwifi.c:24:28: warning: include/compat.h: No such file or directory driver_madwifi.c:25:32: warning: net80211/ieee80211.h: No such file or directory driver_madwifi.c:26:39: warning: net80211/ieee80211_crypto.h: No such file or directory driver_madwifi.c:27:38: warning: net80211/ieee80211_ioctl.h: No such file or directory driver_madwifi.c: In function `set80211param': driver_madwifi.c:130: error: `IEEE80211_IOCTL_SETPARAM' undeclared (first use in this function) driver_madwifi.c:130: error: (Each undeclared identifier is reported only once driver_madwifi.c:130: error: for each function it appears in.) driver_madwifi.c: In function `madwifi_configure_wpa': driver_madwifi.c:161: error: `IEEE80211_CIPHER_AES_CCM' undeclared (first use in this function) driver_madwifi.c:164: error: `IEEE80211_CIPHER_TKIP' undeclared (first use in this function) driver_madwifi.c:167: error: `IEEE80211_CIPHER_WEP' undeclared (first use in this function) driver_madwifi.c:173: error: `IEEE80211_CIPHER_NONE' undeclared (first use in this function) driver_madwifi.c:182: error: `IEEE80211_PARAM_MCASTCIPHER' undeclared (first use in this function) driver_madwifi.c:189: error: `IEEE80211_PARAM_MCASTKEYLEN' undeclared (first use in this function) driver_madwifi.c:204: error: `IEEE80211_PARAM_UCASTCIPHERS' undeclared (first use in this function) driver_madwifi.c:212: error: `IEEE80211_PARAM_KEYMGTALGS' undeclared (first use in this function) driver_madwifi.c:223: error: `IEEE80211_PARAM_RSNCAPS' undeclared (first use in this function) driver_madwifi.c:230: error: `IEEE80211_PARAM_WPA' undeclared (first use in this function) driver_madwifi.c: In function `madwifi_set_ieee8021x': driver_madwifi.c:295: error: `IEEE80211_PARAM_AUTHMODE' undeclared (first use in this function) driver_madwifi.c:296: error: `IEEE80211_AUTH_AUTO' undeclared (first use in this function) driver_madwifi.c:309: error: `IEEE80211_AUTH_WPA' undeclared (first use in this function) driver_madwifi.c:309: error: `IEEE80211_AUTH_8021X' undeclared (first use in this function) driver_madwifi.c: In function `madwifi_set_privacy': driver_madwifi.c:326: error: `IEEE80211_PARAM_PRIVACY' undeclared (first use in this function) driver_madwifi.c: In function `madwifi_set_sta_authorized': driver_madwifi.c:334: error: storage size of `mlme' isn't known driver_madwifi.c:341: error: `IEEE80211_MLME_AUTHORIZE' undeclared (first use in this function) driver_madwifi.c:343: error: `IEEE80211_MLME_UNAUTHORIZE' undeclared (first use in this function) driver_madwifi.c:345: error: `IEEE80211_ADDR_LEN' undeclared (first use in this function) driver_madwifi.c:346: error: `IEEE80211_IOCTL_SETMLME' undeclared (first use in this function) driver_madwifi.c:334: warning: unused variable `mlme' driver_madwifi.c: In function `madwifi_del_key': driver_madwifi.c:355: error: storage size of `wk' isn't known driver_madwifi.c:364: error: `IEEE80211_ADDR_LEN' undeclared (first use in this function) driver_madwifi.c:366: error: `IEEE80211_IOCTL_DELKEY' undeclared (first use in this function) driver_madwifi.c:355: warning: unused variable `wk' driver_madwifi.c: In function `madwifi_set_key': driver_madwifi.c:376: error: storage size of `wk' isn't known driver_madwifi.c:387: error: `IEEE80211_CIPHER_WEP' undeclared (first use in this function) driver_madwifi.c:389: error: `IEEE80211_CIPHER_TKIP' undeclared (first use in this function) driver_madwifi.c:391: error: `IEEE80211_CIPHER_AES_CCM' undeclared (first use in this function) driver_madwifi.c:406: error: `IEEE80211_KEY_RECV' undeclared (first use in this function) driver_madwifi.c:406: error: `IEEE80211_KEY_XMIT' undeclared (first use in this function) driver_madwifi.c:408: error: `IEEE80211_ADDR_LEN' undeclared (first use in this function) driver_madwifi.c:410: error: `IEEE80211_KEY_DEFAULT' undeclared (first use in this function) driver_madwifi.c:413: error: `IEEE80211_KEYIX_NONE' undeclared (first use in this function) driver_madwifi.c:418: error: `IEEE80211_IOCTL_SETKEY' undeclared (first use in this function) driver_madwifi.c:376: warning: unused variable `wk' driver_madwifi.c: In function `madwifi_get_seqnum': driver_madwifi.c:427: error: storage size of `wk' isn't known driver_madwifi.c:434: error: `IEEE80211_ADDR_LEN' undeclared (first use in this function) driver_madwifi.c:439: error: `IEEE80211_IOCTL_GETKEY' undeclared (first use in this function) driver_madwifi.c:427: warning: unused variable `wk' driver_madwifi.c: In function `madwifi_sta_deauth': driver_madwifi.c:521: error: storage size of `mlme' isn't known driver_madwifi.c:527: error: `IEEE80211_MLME_DEAUTH' undeclared (first use in this function) driver_madwifi.c:529: error: `IEEE80211_ADDR_LEN' undeclared (first use in this function) driver_madwifi.c:530: error: `IEEE80211_IOCTL_SETMLME' undeclared (first use in this function) driver_madwifi.c:521: warning: unused variable `mlme' driver_madwifi.c: In function `madwifi_sta_disassoc': driver_madwifi.c:538: error: storage size of `mlme' isn't known driver_madwifi.c:545: error: `IEEE80211_ADDR_LEN' undeclared (first use in this function) driver_madwifi.c:546: error: `IEEE80211_IOCTL_SETMLME' undeclared (first use in this function) driver_madwifi.c:538: warning: unused variable `mlme' driver_madwifi.c: At top level: driver_madwifi.c:550: error: `IEEE80211_ADDR_LEN' undeclared here (not in a function) driver_madwifi.c: In function `madwifi_process_wpa_ie': driver_madwifi.c:573: error: storage size of `ie' isn't known driver_madwifi.c:580: error: `IEEE80211_ADDR_LEN' undeclared (first use in this function) driver_madwifi.c:581: error: `IEEE80211_IOCTL_GETWPAIE' undeclared (first use in this function) driver_madwifi.c:573: warning: unused variable `ie' driver_madwifi.c: At top level: driver_madwifi.c:610: error: `IEEE80211_ADDR_LEN' undeclared here (not in a function) driver_madwifi.c: In function `madwifi_wireless_event_wireless': driver_madwifi.c:702: error: incompatible type for argument 2 of `madwifi_del_sta' driver_madwifi.c:705: error: incompatible type for argument 2 of `madwifi_new_sta' make: *** [driver_madwifi.o] Error 1 Thanks all for you time. Jerryf From gonzalo.diethelm at diethelm.org Thu Mar 31 13:04:42 2005 From: gonzalo.diethelm at diethelm.org (Gonzalo Diethelm) Date: Thu, 31 Mar 2005 14:04:42 -0400 Subject: Compiling hostapd problems In-Reply-To: <20050331175901.65DD8134290@mail.iocaine.com> References: <20050331175901.65DD8134290@mail.iocaine.com> Message-ID: <1112292282.3989.1.camel@laptop-gonzo> On Thu, 2005-03-31 at 11:54 -0600, mrcool at stupidgamerz.com wrote: > gcc -MMD -O2 -Wall -g -DHOSTAPD_DUMP_STATE -I. -I../driver/modules -I../utils > -I../wpa_supplicant -I../home/files/2.4.25/bsd/madwifi > -DCONFIG_DRIVER_MADWIFI -c -o driver_conf.o driver_conf.c I believe your problem is "-I../home/files/.../madwifi"; get rid of the leading ".." there. Regards. -- Gonzalo Diethelm gonzalo.diethelm at aditiva.com From cathyliu at surfcommunications.com Tue Mar 29 07:00:03 2005 From: cathyliu at surfcommunications.com (cathylilu) Date: Tue, 29 Mar 2005 20:00:03 +0800 Subject: Wpa_supplicant can not send associattion request Message-ID: <20050329120018.65374394024@mail.aphelions.com> Dear All, I have some problems with wpa_supplicant v0.2.5+prism54. Prism54 do not support WPA. So I modify the prism54 based on initial patches from Jouni Malinen jkmaline at cc.hut.fi Wpa_supplicant can not send ASSOC Req to the AP. Wpa_supplicant has following actions 1. Scan 2. Get_scan_result 3. Set_wpa_ie, Set_freq, Set_ssid, Set_bssid After Set_bssid, Wpa_supplicant can not trigger the dirver to send "ASSCOReq" See below wpa_supplicant.conf and debug message log Any comment for me, I will very appreciate. Thanks in advance. CathyLiu Here is my wpa_supplicant.conf ########################################################################### ctrl_interface=/var/run/wpa_supplicant eapol_version=1 # Only WPA-PSK is used. Any valid cipher combination is accepted. network={ ssid="SURFAP1" proto=WPA key_mgmt=WPA-PSK pairwise=CCMP TKIP group=CCMP TKIP WEP104 WEP40 #psk="secretpassphrase" psk=125e8baeb8b8581f8834b9b4fef8379719d417dc9506fb06872f61774615d947 } ############################################################################ ######## Here is my debug message log ./wpa_supplicant -c ./wpa_supplicant.conf -i eth0 -dd Configuration file './wpa_supplicant.conf' -> '/test/./wpa_supplicant.conf' Reading configuration file '/test/./wpa_supplicant.conf' ctrl_interface='/var/run/wpa_supplicant' eapol_version=1 Line: 57 - start of a new network block SSID - hexdump_ascii(len=7): 53 55 52 46 41 50 31 SURFAP1 proto: 0x1 key_mgmt: 0x2 pairwise: 0x18 group: 0x1e PSK - hexdump(len=32): 12 5e 8b ae b8 b8 58 1f 88 34 b9 b4 fe f8 37 97 19 d4 17 dc 95 06 fb 06 87 2f 61 77 46 15 d9 47 Priority group 0 id=0 ssid='SURFAP1' EAPOL: SUPP_PAE entering state DISCONNECTED EAPOL: KEY_RX entering state O_KEY_RECEIVE EAPOL: SUPP_BE entering state INITIALIZE EAP: EAeth0: Enabling WPA P entering state DISABLED EAPOL: External notification - portEneth0: Enabling WPA Successfully.... abled=0 EAPOL: External notification - portValid=0 Successfuly to init eanbale wpa Enter Here IW_IS_SET(cmd) wpa_driver_prism54_set_key: alg=none key_idx=0 set_tx=0 seq_leEnter Here IW_IS_S ET(cmd) n=0 key_len=0 successfuly to set encryption. wpa_driver_prism5Enter Here IW_IS_SET(cmd) 4_set_key: alg=none key_idx=1 set_tx=0 seq_len=0 key_len=0 succEnter Here IW_IS_SET(cmd) essfuly to set encryption. wpa_driver_prism54_set_key: alg=noneEnter Here IW_IS_SET(cmd) key_idx=2 set_tx=0 seq_len=0 key_len=0 successfuly to set encryption. wpa_driver_prism54_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0 successfuly to set encryption. wpa_driver_prism54_set_countermeasures - not yet implemented wpa_driver_prism54_set_drop_unencrypted eth0 wpa_driver_prism54_set_drop_unencrypted: enabled=1 blen=48 Successfuly to set_drop_unencrypted Setting scan request: 0 sec 100000 usec Starting AP scan (broadcast SSID) Wireless event: cmd=0x8c02 len=67 Custom wireless event: 'Received a probe from client to 00:12:9E:FF:99:1C (00)' Wireless event: cmd=0x8c02 len=76 Custom wireless event: 'Authenticate request (ex) to 00:12:9E:FF:99:1C : ACCEPT ED (00)' EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Wireless event: cmd=0x8c02 len=67 Custom wireless event: 'Received a probe from client to 00:12:9E:FF:99:1C (00)' Wireless event: cmd=0x8c02 len=74 Custom wireless event: 'Received a beacon from an unkown AP to 00:12:9E:FF:F0:06 (00)' Wireless event: cmd=0x8c02 len=67 Custom wireless event: 'Received a probe from client to 00:12:9E:FF:99:1C (00)' EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Scan timeout - try to get results Scan results: 9 Selecting BSS from priority group 0 0: 00:a0:c5:99:09:76 ssid='SURFAP1' wpa_ie_len=24 rsn_ie_len=0 Trying to associate with 00:a0:c5:99:09:76 (SSID='SURFAP1'freq=2462 MHz) Cancelling scan request WPA: using IEEE 802.11i/D3.0 WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02 wpa_driver_prism54_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0 successfuly to set encryption. wpa_driver_prism54_set_key: algnone key_idx=1 set_tx=0 seq_len=0 key_len=0 successfuly to set encryption. wpa_driver_prism54_set_key: alg=none key_idx=2 set_ASSOCIATE_NO_Error.... tx=0 seq_len=0 key_len=0 successfuly to set encryption. wpa_driver_prism54_set_key: alg=none key_idx=3 set_tx=0 seq_len=0 key_len=0 successfuly to set encryption. wpa_driver_prism54_set_key: alg=none key_idx=0 set_tx=0 seq_len=0 key_len=0 successfuly to set encryption. wpa_driver_prism54_set_drop_unencrypted eth0 wpa_driver_prism54_set_drop_unencrypted: enabled=1 Successfuly to set_drop_unencrypted Setting authentication timeout: 5 sec 0 usec EAPOL: External notification - EAP success=0 EAPOL: External notification - EAP fail=0 EAPOL: External notification - portControl=Auto Wireless event: cmd=0x8c02 len=74 Custom wireless event: 'Received a beacon from an unkown AP to 00:12:9E:FF:99:1C (00)' Wireless event: cmd=0x8c02 len=74 Custom wireless event: 'Received a beacon from an unkown AP to 00:12:9E:FF:99:3A (00)' Wireless event: cmd=0x8c02 len=67 Custom wireless event: 'Received a probe from client to 00:12:9E:FF:99:1C (00)' Wireless event: cmd=0x8c02 len=74 Custom wireless event: 'Received a beacon from an unkown AP to 00:A0:C5:99:09:76 (00)' Wireless event: cmd=0x8c02 len=76 Custom wireless event: 'Authenticate request (ex) to 00:12:9E:FF:99:1C : ACCEPT ED (00)' Wireless event: cmd=0x8b04 len=12 Wireless event: cmd=0x8b1a len=20 Wireless event: cmd=0x8c02 len=67 Custom wireless event: 'Received a probe from client to 00:A0:C5:99:09:76 (00)' Wireless event: cmd=0x8c02 len=67 Custom wireless event: 'Received a probe from client to 00:A0:C5:99:09:76 (00)' EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Wireless event: cmd=0x8c02 len=67 Custom wireless event: 'Received a probe from client to 00:A0:C5:99:09:76 (00)' Wireless event: cmd=0x8c02 len=67 Custom wireless event: 'Received a probe from client to 00:A0:C5:99:09:76 (00)' Wireless event: cmd=0x8c02 len=67 Custom wireless event: 'Received a probe from client to 00:A0:C5:99:09:76 (00)' EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Wireless event: cmd=0x8c02 len=76 Custom wireless event: 'Authenticate request (ex) to 00:A0:C5:99:09:76 : ACCEPT ED (00)' EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Wireless event: cmd=0x8c02 len=67 Custom wireless event: 'Received a probe from client to 00:A0:C5:99:09:76 (00)' Wireless event: cmd=0x8c02 len=74 Custom wireless event: 'Received a beacon from an unkown AP to 00:12:9E:FF:99:3B (00)' EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Wireless event: cmd=0x8c02 len=67 Custom wireless event: 'Received a probe from client to 00:A0:C5:99:09:76 (00)' Wireless event: cmd=0x8c02 len=76 Custom wireless event: 'Authenticate request (ex) to 00:A0:C5:99:09:76 : ACCEPT ED (00)' EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Wireless event: cmd=0x8c02 len=74 Custom wireless event: 'Received a beacon from an unkown AP to 00:12:9E:FF:F0:06 (00)' Wireless event: cmd=0x8c02 len=74 Custom wireless event: 'Received a beacon from an unkown AP to 00:12:9E:F0:00:0A (00)' Authentication with 00:00:00:00:00:00 timed out. Setting scan request: 0 sec 0 usec Starting AP scan (broadcast SSID) Wireless event: cmd=0x8c02 len=74 Custom wireless event: 'Received a beacon from an unkown AP to 00:12:9E:FF:99:3A (00)' EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Wireless event: cmd=0x8c02 len=74 Custom wireless event: 'Received a beacon from an unkown AP to 00:12:9E:FF:99:1C (00)' Wireless event: cmd=0x8c02 len=67 Custom wireless event: 'Received a probe from client to 00:A0:C5:99:09:76 (00)' Wireless event: cmd=0x8c02 len=74 Custom wireless event: 'Received a beacon from an unkown AP to 00:12:9E:F0:00:1D (00)' Wireless event: cmd=0x8c02 len=67 Custom wireless event: 'Received a probe from client to 00:A0:C5:99:09:76 (00)' EAPOL: Port Timers tick - authWhile=0 heldWhile=0 startWhen=0 idleWhile=0 Wireless event: cmd=0x8c02 len=67 Custom wireless event: 'Received a probe from client to 00:A0:C5:99:09:76 (00)' Wireless event: cmd=0x8c02 len=67 Custom wireless event: 'Received a probe from client to 00:A0:C5:99:09:76 (00)' Wireless event: cmd=0x8c02 len=76 Custom wireless event: 'Authenticate request (ex) to 00:A0:C5:99:09:76 : ACCEPT ED (00)' ############################################################################ ################## -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/hostap/attachments/20050329/e392a5c3/attachment.htm From jkmaline at cc.hut.fi Thu Mar 31 22:46:36 2005 From: jkmaline at cc.hut.fi (Jouni Malinen) Date: Thu, 31 Mar 2005 19:46:36 -0800 Subject: Building with EAP-FAST support In-Reply-To: <1112282284.7378.2.camel@doit-l52125> References: <1112237615.6339.7.camel@doit-l52125> <20050331031745.GA8180@jm.kir.nu> <1112282284.7378.2.camel@doit-l52125> Message-ID: <20050401034636.GC8180@jm.kir.nu> On Thu, Mar 31, 2005 at 10:18:04AM -0500, Joe Harnish wrote: > Do you happen to know if this patch (or something similar) is going to > be added to openssl? I would not expect this patch to go into openssl since the changes have not been cleaned up in any way and the TLS modification are not really correct. I have not heard of anyone else working on this area, so I don't know whether something else would be added any time soon. openssl mailing list could be more useful place for asking this. -- Jouni Malinen PGP id EFC895FA From fromkth+hostap at fastmail.fm Thu Mar 3 07:47:33 2005 From: fromkth+hostap at fastmail.fm (Ajeet Nankani) Date: Thu, 03 Mar 2005 12:47:33 -0000 Subject: PMKSA-cache and inclusion of PMKID(s) in Re-Association frame In-Reply-To: <20050303043639.GM8756@jm.kir.nu> References: <42233A4C.9040903@fastmail.fm> <20050303043639.GM8756@jm.kir.nu> Message-ID: <4226E0CF.60200@fastmail.fm> Jouni Malinen wrote: > On Mon, Feb 28, 2005 at 04:35:40PM +0100, Ajeet Nankani wrote: > > >>When STA has around say 10 or more PMKSAs in its cache, and when STA >>roams to other AP with which STA has a PMKSA in its cache, then how do >>the STA selects which PMKID(s) to send in Re-Association Frame? > > > That is implementation specific. In case of the current wpa_supplicant, > there will be only one PMKID in the (re)association frame. However, if > the driver is generating WPA/RSN IEs, it may decide to use more than one > PMKID. > But how wpa_supplicant selects PMKID from its cache to be sent in (re)association frame? I guess wpa_supplicant would search its PMKSA cache, and based on the MAC address of the AP to which it is being attached with, it would select first matched PMKID from its cache and sends it in (re)assosciation frame. -ajeet.