madwifi and wpa-psk problem

Jouni Malinen jkmaline at
Sun May 8 18:47:58 EDT 2005

On Sun, May 08, 2005 at 12:21:28PM -0700, Jouni Malinen wrote:

> As far as wpa_supplicant is concerned, the WPA-PSK key handshakes are
> indeed completed successfully. However, the AP does not seem to be
> receiving the final message (group key msg 2/2) and it will retry the
> group key handshake by sending msg 1/2 number of times. Eventually, it
> will time out and send a deauthentication frame (with reason "Group key
> update timeout" in the kismet log you sent).

I was able to reproduce this problem and the reason for WPA group
handshake not completing was indeed in EAPOL frames not being encrypted
correctly. Some of the ioctl call reordering in wpa_supplicant v0.4.0
must have confused the madwifi driver enough to make it believe it was
not using WPA and consequently, it sent out unencrypted Group Key
messages. This is now fixed in development branch in wpa_supplicant CVS;
the stable branch (0.3.x) versions did not have this problem.

Jouni Malinen                                            PGP id EFC895FA

More information about the HostAP mailing list