WPA2-PSK Test Fail ( 3/4 msg of 4-Way Handshake )

김종욱 jukim at mercurykr.com
Wed Mar 23 21:15:25 EST 2005 

Above "WPA2-PSK and madwifi Fail [  3/4 msg of 4-Way Handshake ]" mail is a fault.
Sorry.
----
Hi
I used to hostapd ( 0.3.7) and madwifi driver for WPA2-PSK  authentication.
Supplicant is "Intel Proset/wireless 9.0 driver.
But WPA2-PSK Test is Fail ( WPA-PSK Test is Success ).
Fail Point is "3/4 msg of 4-Way Handshake" 

Hostapd send 3/4 msg  and receive a disassociation message.
why WPA-PSK2 test is fail ?

please send a solution  for me!
 
-enviroment-
AP wireless : AR5213
CPU = IXP425
OS = linux2.4.24
hostapd = 0.3.7
wlan driver = madwifi 
AP mode : master
ssid : rush
supplicant : intel 2200BG ( driver version : 9.0.1.9 )
 
- hostapd.conf-
logger_syslog=-1
logger_syslog_level=2
logger_stdout=-1
logger_stdout_level=2
debug=0
dump_file=/tmp/hostapd.dump
ssid=rush
eap_message=hello
wep_key_len_broadcast=13
wep_key_len_unicast=13
wep_rekey_period=300
eapol_key_index_workaround=0
wpa=2
wpa_passphrase=xxxxxxxxxx
wpa_key_mgmt=WPA-PSK WPA-EAP
wpa_pairwise=TKIP
wpa_group_rekey=600
wpa_gmk_rekey=86400
 
 - Test Log -
root at TEST-R:~# insmod ./ath_hal.o
Using ./ath_hal.o
ath_hal: 0.9.14.9 (AR5210, AR5211, AR5212, RF5111, RF5112, RF2413, REGOPS_FUNC)
root at TEST-R:~# insmod ./wlan.o
wlan: 0.8.4.5 (EXPERIMENTAL)
~# insmod ./wlan_tkip.o
~# insmod ./wlan_acl.o
~# insmod ./wlan_xauth.o
~# insmod ./ath_rate_onoe.o
~# insmod ./ath_pci.o
Using ./ath_pci.o
ath_pci: 0.9.4.12 (EXPERIMENTAL)
ath0: 11a rates: 6Mbps 9Mbps 12Mbps 18Mbps 24Mbps 36Mbps 48Mbps 54Mbps
ath0: 11b rates: 1Mbps 2Mbps 5.5Mbps 11Mbps
ath0: 11g rates: 1Mbps 2Mbps 5.5Mbps 11Mbps 6Mbps 9Mbps 12Mbps 18Mbps 24Mbps 36Mbps 48Mbps 54Mbps
ath0: mac 5.9 phy 4.3 radio 3.6
ath0: 802.11 address: 00:02:78:42:73:1f
ath0: Use hw queue 0 for WME_AC_BE traffic
ath0: Use hw queue 1 for WME_AC_BK traffic
ath0: Use hw queue 2 for WME_AC_VI traffic
ath0: Use hw queue 3 for WME_AC_VO traffic
ath0: Atheros 5212: mem=0x4bff0000, irq=19

~# iwconfig ath0 mode master
~# iwconfig ath0 essid rush
~# iwpriv ath0 mode 3
~# iwconfig ath0 channel 10
~# ifconfig ath0 10.10.1.254 netmask 255.255.255.0
~# ./hostapd -ddd ./hostapd.conf
Configuration file: ./hostapd.conf
madwifi_set_iface_flags: dev_up=0
Using interface ath0 with hwaddr 00:02:78:42:73:1f and ssid 'rush'
madwifi_set_ieee8021x: enabled=1
madwifi_configure_wpa: group key cipher=1
madwifi_configure_wpaipv6_add_addr: already assigned
: pairwise key ciphers=0x2
madwifi_configure_wpa: key management algorithms=0x3
madwifi_configure_wpa: rsn capabilities=0x0
madwifi_configure_wpa: enable WPA= 0x2
madwifi_set_iface_flags: dev_up=1
madwifi_del_key: addr=00:00:00:00:00:00 key_idx=0
madwifi_del_key: addr=00:00:00:00:00:00 key_idx=1
madwifi_del_key: addr=00:00:00:00:00:00 key_idx=2
madwifi_del_key: addr=00:00:00:00:00:00 key_idx=3
IEEE 802.1X: New default WEP key index 2
IEEE 802.1X: New default WEP key - hexdump(len=13): e3 2e 4e 4d 82 5f 13 f6 86 19 2d 0e 72
madwifi_set_key: alg=WEP addr=00:00:00:00:00:00 key_idx=2
madwifi_set_privacy: enabled=1
WPA: group state machine entering state GTK_INIT
GMK - hexdump(len=32): 5c 46 59 69 6d ab 14 cb 3b 46 42 f9 7b 72 ed 3a ad 64 bf c6 b8 de 76 d5 70 db 04 15 d6 4f a7 d7
GTK - hexdump(len=32): 76 a3 6a 60 8b 6c 95 1d ae 60 e3 d0 09 0c 81 75 61 03 4b 81 35 0d 8c a6 b3 6e 9f a4 05 92 71 41
WPA: group state machine entering state SETKEYSDONE
madwifi_set_key: alg=TKIP addr=00:00:00:00:00:00 key_idx=1
Flushing old station entries
Deauthenticate all stations
l2_packet_receive - recv: Network is down
Wireless event: cmd=0x8c03 len=20
ath0: STA 00:0e:35:82:60:e8 IEEE 802.11: associated
  New STA
ath0: STA 00:0e:35:82:60:e8 WPA: event 1 notification
ath0: STA 00:0e:35:82:60:e8 WPA: start authentication
WPA: 00:0e:35:82:60:e8 WPA_PTK entering state INITIALIZE
madwifi_del_key: addr=00:0e:35:82:60:e8 key_idx=0
ath0: STA 00:0e:35:82:60:e8 IEEE 802.1X: unauthorizing port
madwifi_set_sta_authorized: addr=00:0e:35:82:60:e8 authorized=0
WPA: 00:0e:35:82:60:e8 WPA_PTK_GROUP entering state IDLE
WPA: 00:0e:35:82:60:e8 WPA_PTK entering state AUTHENTICATION
WPA: 00:0e:35:82:60:e8 WPA_PTK entering state AUTHENTICATION2
WPA: 00:0e:35:82:60:e8 WPA_PTK entering state INITPSK
WPA: 00:0e:35:82:60:e8 WPA_PTK entering state PTKSTART
ath0: STA 00:0e:35:82:60:e8 WPA: sending 1/4 msg of 4-Way Handshake
TX EAPOL - hexdump(len=113): 
00 0e 35 82 60 e8 00 02 78 42 73 1f 88 8e 02 03 00 5f 02 00 89 00 20 00 00 00 00 00 00 00 01 77 
15 57 a7 d9 27 63 7d ef 81 42 54 a8 e6 59 6c 10 14 01 10 b6 1f 3f 55 34 39 69 2f 02 25 46 ce 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
ath0: STA 00:0e:35:82:60:e8 WPA: EAPOL-Key timeout
WPA: 00:0e:35:82:60:e8 WPA_PTK entering state PTKSTART
ath0: STA 00:0e:35:82:60:e8 WPA: sending 1/4 msg of 4-Way Handshake
TX EAPOL - hexdump(len=113): 
00 0e 35 82 60 e8 00 02 78 42 73 1f 88 8e 02 03 00 5f 02 00 89 00 20 00 00 00 00 00 00 00 02 77 
15 57 a7 d9 27 63 7d ef 81 42 54 a8 e6 59 6c 10 14 01 10 b6 1f 3f 55 34 39 69 2f 02 25 46 ce 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
IEEE 802.1X: 121 bytes from 00:0e:35:82:60:e8
   IEEE 802.1X: version=1 type=3 length=117
ath0: STA 00:0e:35:82:60:e8 WPA: received EAPOL-Key frame (2/4 Pairwise)
WPA: 00:0e:35:82:60:e8 WPA_PTK entering state PTKCALCNEGOTIATING
PMK - hexdump(len=32): 5d 70 45 ab 0a f6 47 d2 76 5c b3 74 9f 7e 2a ae 94 78 b2 fa 04 da 87 5d f2 d6 85 64 c3 0d bc 82
PTK - hexdump(len=64): 89 76 9f ec b6 46 99 01 91 88 18 58 a2 9f fe 20 37 14 ec 30 af 6c aa 57 62 45 ae 24 93 5f 11 89 46
                                       5d 00 08 7f 16 3a e9 8d a7 3a 36 f0 82 09 27 4f 04 cb 2a 11 d9 ff 98 55 fa e1 e4 40 25 5e 1f
WPA: 00:0e:35:82:60:e8 WPA_PTK entering state PTKCALCNEGOTIATING2
WPA: 00:0e:35:82:60:e8 WPA_PTK entering state PTKINITNEGOTIATING
madwifi_get_seqnum: addr=00:00:00:00:00:00 idx=1
ath0: STA 00:0e:35:82:60:e8 WPA: sending 3/4 msg of 4-Way Handshake
Plaintext EAPOL-Key Key Data - hexdump(len=66): 
30 18 01 00 00 0f ac 02 01 00 00 0f ac 02 02 00 00 0f ac 01 00 0f ac 02 00 00 dd 26 00 0f ac 01
01 00 76 a3 6a 60 8b 6c 95 1d ae 60 e3 d0 09 0c 81 75 61 03 4b 81 35 0d 8c a6 b3 6e 9f a4 05 92
71 41
TX EAPOL - hexdump(len=179): 
00 0e 35 82 60 e8 00 02 78 42 73 1f 88 8e 02 03 00 a1 02 13 c9 00 20 00 00 00 00 00 00 00 03 77 
15 57 a7 d9 27 63 7d ef 81 42 54 a8 e6 59 6c 10 14 01 10 b6 1f 3f 55 34 39 69 2f 02 25 46 ce 10 
14 01 10 b6 1f 3f 55 34 39 69 2f 02 25 46 cf 00 00 00 00 00 00 00 03 00 00 00 00 00 00 00 00 65 
14 69 b1 fc a4 f2 d0 bf d5 43 02 a9 5c e9 11 00 42 6b 11 94 5e f8 82 8f 18 58 74 ce e4 67 13 d5 
5e 44 e0 b1 cf b6 df ea d3 04 92 bd 37 ba fe ee 61 9a 9a 94 90 4f 18 7b c7 fa 74 72 d3 f5 28 a9 
a4 e3 c2 a8 ee af 81 32 aa 1e 49 1f 71 60 c5 19 ef ab 09
Wireless event: cmd=0x8c04 len=20
ath0: STA 00:0e:35:82:60:e8 IEEE 802.11: deassociated
ath0: STA 00:0e:35:82:60:e8 WPA: event 2 notification
madwifi_del_key: addr=00:0e:35:82:60:e8 key_idx=0
WPA: 00:0e:35:82:60:e8 WPA_PTK entering state DISCONNECTED
WPA: 00:0e:35:82:60:e8 WPA_PTK entering state INITIALIZE
madwifi_del_key: addr=00:0e:35:82:60:e8 key_idx=0
ath0: STA 00:0e:35:82:60:e8 IEEE 802.1X: unauthorizing port
madwifi_set_sta_authorized: addr=00:0e:35:82:60:e8 authorized=0
 
... repeating....

More information about the HostAP mailing list