hostapd and GTK handshake?

Jouni Malinen jkmaline at cc.hut.fi
Tue Feb 7 22:00:18 EST 2006


On Tue, Feb 07, 2006 at 03:43:25PM -0500, Andrea G Forte wrote:

> I have noticed a few things while working on EAP-TSL with hostapd, 
> wpa_supplicant (both using hostap driver) and external RADIUS server.
> One is that if I look at the trace of the message exchange, after the 
> EAP Success frame, at the end of the authentication process, I see four 
> EAPOL key frames (and then encrypted data). Now, these last four frames 
> should be for the PTK. What I do not see are the EAPOL frames for the 
> GTK which should be right after the ones for PTK. On the hostapd output, 
> however, it says GROUP_HANDSHAKE --> COMPLETED which makes me think that 
> everything worked just fine, but then, where are the EAPOL frames for this?

Group Key handshake is using encrypted frames and like you noticed, WPA2
does not use Group Key handshake at the initial authentication.

> On a more silly matter, after the authentication has completed 
> successfully on the output of hostapd I see:
> EAPOL: startWhen --> 0
> 
> and after some time:
> EAPOL: authWhile --> 0
> EAPOL: idleWhile --> 0
> 
> What is their meaning?

These are just debug output notifying that EAPOL counters reached zero.
These counters are used to determine timing for certain operations.

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the HostAP mailing list