(PEAP) problem introduced in wpa_supplicant 0.5.1

Charles Bovy charles.bovy at gmail.com
Mon Feb 20 11:11:15 EST 2006


Hi all,

My situation:
* madwifi-ng (latest revision)
* wpa_supplicant 0.5.0
* PEAP (WPAv2)
* Cisco AP and Cisco ACS

After an upgrade to wpa_supplicant 0.5.1, a problem occurs. Phase 2 of the 
EAP-PEAP doesn't success anymore. I read that some of the EAP functions has 
changed in the new version 0.5.1.

Some debugging info:

wpa_supplicant 0.5.0:

1140175926.746713: EAP-PEAP: received 37 bytes encrypted data for Phase 2
1140175926.746735: EAP-PEAP: Decrypted Phase 2 EAP - hexdump(len=5): 01 ee 00 
05 06
1140175926.746741: EAP-PEAP: received Phase 2: code=1 identifier=238 length=5
1140175926.746746: EAP-PEAP: Phase 2 Request: type=6
1140175926.746750: EAP-PEAP: Phase 2 Request: Nak type=6
1140175926.746754: EAP-PEAP: Allowed Phase2 EAP types - hexdump(len=1): 1a
1140175926.746758: EAP-PEAP: Encrypting Phase 2 data - hexdump(len=6): 
[REMOVED]
1140175926.746781: EAP: method process -> ignore=FALSE methodState=MAY_CONT 
decision=FAIL
1140175926.746799: EAP: EAP entering state SEND_RESPONSE
1140175926.746804: EAP: EAP entering state IDLE
1140175926.746808: EAPOL: SUPP_BE entering state RESPONSE
1140175926.746812: EAPOL: txSuppRsp
1140175926.746816: TX EAPOL - hexdump(len=84): 01 00 00 50 02 ee 00 50 19 01 17 
03 01 00 20 6f 85 9e 04 f2 58 88 c9 6f 2a 16 b8 b7 f8 0f 7d 30 bd 4a eb 74 97 
2d 97 c3 56 ba 2a 4e f6 48 ad 17 03 01 00 20 8e c6 46 91 45 f2 1e 1a a1 c0 b9 
fa 3e 57 13 36 14 5f fc c0 d2 c9 e9 6a f4 e5 73 fd d8 32 33 20
1140175926.746881: EAPOL: SUPP_BE entering state RECEIVE
1140175926.754582: RX EAPOL from 00:13:60:53:bc:90
1140175926.754587: RX EAPOL - hexdump(len=79): 01 00 00 4b 01 ef 00 4b 19 01 17 
03 01 00 40 57 97 00 62 47 00 89 7c 70 6c 93 ad b2 e8 84 5e 2e fe 36 2e 01 99 
00 ee b0 ae 91 04 50 44 b8 7c bc 1e 84 49 d0 3f e6 34 9a dc ae 49 d5 b7 6f fc 
53 00 4b 12 6b 0d 25 f6 18 87 58 5d 89 86 40 fa
1140175926.754614: EAPOL: Received EAP-Packet frame
1140175926.754618: EAPOL: SUPP_BE entering state REQUEST
1140175926.754622: EAPOL: getSuppRsp
1140175926.754626: EAP: EAP entering state RECEIVED
1140175926.754631: EAP: Received EAP-Request method=25 id=239
1140175926.754635: EAP: EAP entering state METHOD
1140175926.754640: SSL: Received packet(len=75) - Flags 0x01
1140175926.754644: EAP-PEAP: received 69 bytes encrypted data for Phase 2
1140175926.754662: EAP-PEAP: Decrypted Phase 2 EAP - hexdump(len=39): 01 ef 00 
27 1a 01 ef 00 22 10 7e d3 69 9b 4c 46 5c cb ea 04 d8 b3 a6 55 39 e1 4e 4c 4d 
54 52 2d 57 49 41 53 30 34 38
1140175926.754677: EAP-PEAP: received Phase 2: code=1 identifier=239 length=39
1140175926.754681: EAP-PEAP: Phase 2 Request: type=26
1140175926.754685: EAP-PEAP: Selected Phase 2 EAP method 26
1140175926.754697: EAP-MSCHAPV2: Password not configured

and then I enter my password using wpa_gui.


wpa_supplicant 0.5.1:

1140175889.075183: EAP-PEAP: received 37 bytes encrypted data for Phase 2
1140175889.075199: EAP-PEAP: Decrypted Phase 2 EAP - hexdump(len=5): 01 eb 00 
05 06
1140175889.075205: EAP-PEAP: received Phase 2: code=1 identifier=235 length=5
1140175889.075209: EAP-PEAP: Phase 2 Request: type=6
1140175889.075213: EAP-PEAP: Phase 2 Request: Nak type=6
1140175889.075217: EAP-PEAP: Allowed Phase2 EAP types - hexdump(len=8): 00 00 
00 00 1a 00 00 00
1140175889.075224: EAP-PEAP: Encrypting Phase 2 data - hexdump(len=6): 
[REMOVED]
1140175889.075246: EAP: method process -> ignore=FALSE methodState=MAY_CONT 
decision=FAIL
1140175889.075251: EAP: EAP entering state SEND_RESPONSE
1140175889.075255: EAP: EAP entering state IDLE
1140175889.075259: EAPOL: SUPP_BE entering state RESPONSE
1140175889.075263: EAPOL: txSuppRsp
1140175889.075267: TX EAPOL - hexdump(len=84): 01 00 00 50 02 eb 00 50 19 01 17 
03 01 00 20 2d 60 c5 3b cd 4f 58 e0 52 d2 dc 8e 0e cd 22 a4 5f 60 bd db 55 2e 
18 e6 37 d3 7c 83 91 fc a0 2a 17 03 01 00 20 2e 63 c4 8b 44 c5 7f 8a b5 50 26 
73 18 17 1d cf ac 65 04 95 ad 06 19 a1 ab d9 6e a8 b7 81 cf 27
1140175889.075297: EAPOL: SUPP_BE entering state RECEIVE
1140175889.089877: RX EAPOL from 00:13:60:53:bc:90
1140175889.089883: RX EAPOL - hexdump(len=46): 01 00 00 04 04 eb 00 04 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00
1140175889.089900: EAPOL: Received EAP-Packet frame
1140175889.089904: EAPOL: SUPP_BE entering state REQUEST
1140175889.089908: EAPOL: getSuppRsp
1140175889.089912: EAP: EAP entering state RECEIVED
1140175889.089916: EAP: Received EAP-Failure
1140175889.089920: EAP: EAP entering state FAILURE
1140175889.089927: CTRL-EVENT-EAP-FAILURE EAP authentication failed
1140175889.089932: CTRL_IFACE monitor send - hexdump(len=23): 2f 74 6d 70 2f 77 
70 61 5f 63 74 72 6c 5f 37 38 30 30 2d 31 00 65 e9
1140175889.089957: EAPOL: SUPP_PAE entering state HELD
1140175889.089961: EAPOL: SUPP_BE entering state RECEIVE
1140175889.089965: EAPOL: SUPP_BE entering state FAIL
1140175889.089969: EAPOL: SUPP_BE entering state IDLE

and then a new scan is initiated.

The difference I noticed, is: EAP-PEAP: Allowed Phase2 EAP types - 
hexdump(len=8): 00 00 00 00 1a 00 00 00

So, leading zero's maybe let the EAP detection fail in wpa_supplicant 0.5.1.

Do you need more debugging or is this sufficient?

Thanks in advance.

-- 
With Regards,

Charles Bovy E-mail: Charles at bovy.nl



More information about the HostAP mailing list