no more gtk rekeying after local deauth request (hostapd-wpa_supplicant)

thomas schorpp t.schorpp at gmx.de
Fri Nov 4 10:08:09 EST 2005


thomas schorpp wrote:
> Jouni Malinen wrote:
> 
>>On Wed, Aug 31, 2005 at 11:54:17PM +0200, thomas schorpp wrote:
>>
>>
>>
>>>strange: if a linux wpasuppl. rsn client joins the net no more group key
>>>handshakes with this xp client with latest hostapd...?
>>>-> maybe security issue / policy violation
>>
> 
> hi,
> 
> got a brand new d-link dwl-g650 c2 and
> 
> see it again, this time in latest(? ive seen no checkins for a week so
> far) hostapd+wpasupplicant cvs on 2.6.14 with madwifi cvs (which still
> has the acpi suspend/resume issue in ath-*.ko and wlan-ccmp.ko,
> requiring module removal in acpi script before sleep and ifupdown
> explicitly) :
> 
> Nov  4 00:34:19 tom3 hostapd: ath0: STA 00:0f:3d:af:91:99 WPA: group key
> handshake completed (RSN)
> Nov  4 00:34:55 tom3 hostapd: ath0: STA 00:0f:3d:af:91:99 IEEE 802.1X:
> authenticated
> Nov  4 00:34:58 tom3 hostapd: ath0: STA 00:0f:3d:af:91:99 IEEE 802.11:
> deauthenticated due to local deauth request
> 
> ? its not gmk-rekey, occours 1 per h.
> 
> Nov  4 00:34:58 tom3 hostapd: ath0: STA 00:0f:3d:af:91:99 IEEE 802.11:
> deassociated
> Nov  4 00:34:59 tom3 hostapd: ath0: STA 00:0f:3d:af:91:99 IEEE 802.11:
> associated
> Nov  4 00:35:00 tom3 hostapd: ath0: STA 00:0f:3d:af:91:99 WPA: pairwise
> key handshake completed (RSN)
> Nov  4 00:35:00 tom3 hostapd: ath0: STA 00:0f:3d:af:91:99 IEEE 802.1X:
> authenticated
> 
> -no more gtk rekeying until wpasupplicant restart.
> 
> Nov  4 01:13:46 tom3 hostapd: ath0: STA 00:0f:3d:af:91:99 IEEE 802.11:
> deassociated
> Nov  4 01:13:54 tom3 hostapd: ath0: STA 00:0f:3d:af:91:99 IEEE 802.11:
> associated
> Nov  4 01:13:54 tom3 hostapd: ath0: STA 00:0f:3d:af:91:99 WPA: pairwise
> key handshake completed (RSN)
> Nov  4 01:13:54 tom3 hostapd: ath0: STA 00:0f:3d:af:91:99 IEEE 802.1X:
> authenticated
> Nov  4 01:18:47 tom3 hostapd: ath0: STA 00:0f:3d:af:91:99 WPA: group key
> handshake completed (RSN)
> ...
> 
> 
>>Can you provide a debug log from hostapd showing this kind of behavior
>>(with some additional comments on where you would have expected to see
>>group key handshake)?
>>
> 
> 
> ok. i do it next, this is a security issue. windows+mac rsn clients not
>  involved and rekeying normal with hostapd.
> 

hm. with both started in debug mode, this issue does NOT occur.

debug log says local deauth request with wireless-event 5.

maybe a debug "if{}else" is buggy in the code or the last old code cvs madwifi driver. 

a pity i cant test with the new madwifi-ng code, 
it crashes with reproducible kernel-panic on wpasupplicant startup scanning for the ap in irq handler 
on debian 2.6.14-1-686 (2) kernel image at ath_send_start or ath_send_end. hardware independent.

...

testing madwifi-ng right now, after cold boot the kernel panic does not occur 
but wpasupplicant fails on scan init with somemissing ioctl.

trying compile it against madwifi-ng fails in function set80211priv, if.h redefinitions, 
ieee80211_ioctl_chanlist undeclared, latest debian linux-kernel-headers package too old, 2.6.13-rc..  




More information about the HostAP mailing list