Association fails on WPA-EAP (TKIP) network

Larry Finger Larry.Finger at lwfinger.net
Tue Jun 13 18:06:16 EDT 2006


Andrew Barr wrote:
> Setting scan request: 0 sec 0 usec
> State: DISCONNECTED -> SCANNING
> Starting AP scan (broadcast SSID)
> Wireless event: cmd=0x8b19 len=8
> Received 179 bytes of scan results (1 BSSes)
> Scan results: 1
> Selecting BSS from priority group 0
> 0: 00:c0:49:ec:6f:82 ssid='oakcourt' wpa_ie_len=24 rsn_ie_len=0 caps=0x11
>    selected based on WPA IE
> Trying to associate with 00:c0:49:ec:6f:82 (SSID='oakcourt' freq=2412 MHz)
> Cancelling scan request
> WPA: clearing own WPA/RSN IE
> Automatic auth_alg selection: 0x1
> WPA: using IEEE 802.11i/D3.0
> WPA: Selected cipher suites: group 8 pairwise 8 key_mgmt 1
> WPA: set AP WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 
> 00 00 50 f2 02 01 00 00 50 f2 01
> WPA: clearing AP RSN IE
> WPA: using GTK TKIP
> WPA: using PTK TKIP
> WPA: using KEY_MGMT 802.1X
> WPA: Set own WPA IE default - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 
> f2 02 01 00 00 50 f2 02 01 00 00 50 f2 01
> No keys have been configured - skip key clearing
> wpa_driver_wext_set_drop_unencrypted
> State: SCANNING -> ASSOCIATING
> wpa_driver_wext_associate
> Setting authentication timeout: 10 sec 0 usec
> EAPOL: External notification - portControl=Auto
> Wireless event: cmd=0x8b06 len=8
> Wireless event: cmd=0x8b04 len=12
> Wireless event: cmd=0x8b1a len=17
> Authentication with 00:00:00:00:00:00 timed out.
> BSSID 00:00:00:00:00:00 blacklist count incremented to 2
> State: ASSOCIATING -> DISCONNECTED
> No keys have been configured - skip key clearing
> EAPOL: External notification - portEnabled=0
> EAPOL: External notification - portValid=0
> Setting scan request: 0 sec 0 usec
> State: DISCONNECTED -> SCANNING
> Starting AP scan (broadcast SSID)
> Wireless event: cmd=0x8b19 len=8
> Received 179 bytes of scan results (1 BSSes)
> Scan results: 1
> Selecting BSS from priority group 0
> 0: 00:c0:49:ec:6f:82 ssid='oakcourt' wpa_ie_len=24 rsn_ie_len=0 caps=0x11
>    selected based on WPA IE
> Trying to associate with 00:c0:49:ec:6f:82 (SSID='oakcourt' freq=2412 MHz)
> Cancelling scan request
> WPA: clearing own WPA/RSN IE
> Automatic auth_alg selection: 0x1
> WPA: using IEEE 802.11i/D3.0
> WPA: Selected cipher suites: group 8 pairwise 8 key_mgmt 1
> WPA: set AP WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 
> 00 00 50 f2 02 01 00 00 50 f2 01
> WPA: clearing AP RSN IE
> WPA: using GTK TKIP
> WPA: using PTK TKIP
> WPA: using KEY_MGMT 802.1X
> WPA: Set own WPA IE default - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 
> f2 02 01 00 00 50 f2 02 01 00 00 50 f2 01
> No keys have been configured - skip key clearing
> wpa_driver_wext_set_drop_unencrypted
> State: SCANNING -> ASSOCIATING
> wpa_driver_wext_associate
> Setting authentication timeout: 10 sec 0 usec
> EAPOL: External notification - portControl=Auto
> Wireless event: cmd=0x8b06 len=8
> Wireless event: cmd=0x8b04 len=12
> Wireless event: cmd=0x8b1a len=17
> Authentication with 00:00:00:00:00:00 timed out.
> BSSID 00:00:00:00:00:00 blacklist count incremented to 3
> State: ASSOCIATING -> DISCONNECTED
> No keys have been configured - skip key clearing
> EAPOL: External notification - portEnabled=0
> EAPOL: External notification - portValid=0
> Setting scan request: 0 sec 0 usec
> State: DISCONNECTED -> SCANNING
> Starting AP scan (broadcast SSID)
> Wireless event: cmd=0x8b19 len=8
> Received 179 bytes of scan results (1 BSSes)
> Scan results: 1
> Selecting BSS from priority group 0
> 0: 00:c0:49:ec:6f:82 ssid='oakcourt' wpa_ie_len=24 rsn_ie_len=0 caps=0x11
>    selected based on WPA IE
> Trying to associate with 00:c0:49:ec:6f:82 (SSID='oakcourt' freq=2412 MHz)
> Cancelling scan request
> WPA: clearing own WPA/RSN IE
> Automatic auth_alg selection: 0x1
> WPA: using IEEE 802.11i/D3.0
> WPA: Selected cipher suites: group 8 pairwise 8 key_mgmt 1
> WPA: set AP WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 02 01 
> 00 00 50 f2 02 01 00 00 50 f2 01
> WPA: clearing AP RSN IE
> WPA: using GTK TKIP
> WPA: using PTK TKIP
> WPA: using KEY_MGMT 802.1X
> WPA: Set own WPA IE default - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 
> f2 02 01 00 00 50 f2 02 01 00 00 50 f2 01
> No keys have been configured - skip key clearing
> wpa_driver_wext_set_drop_unencrypted
> State: SCANNING -> ASSOCIATING
> wpa_driver_wext_associate
> Setting authentication timeout: 10 sec 0 usec
> EAPOL: External notification - portControl=Auto
> Wireless event: cmd=0x8b06 len=8
> Wireless event: cmd=0x8b04 len=12
> Wireless event: cmd=0x8b1a len=17
> CTRL-EVENT-TERMINATING - signal 2 received
> Removing interface wlan0
> State: ASSOCIATING -> DISCONNECTED
> No keys have been configured - skip key clearing
> EAPOL: External notification - portEnabled=0
> EAPOL: External notification - portValid=0
> wpa_driver_wext_set_wpa
> wpa_driver_wext_set_drop_unencrypted
> wpa_driver_wext_set_countermeasures
> No keys have been configured - skip key clearing
> Removed BSSID 00:00:00:00:00:00 from blacklist (clear)
> Cancelling scan request
> root at poodle:~# cat /etc/wpa_supplicant.conf
> ctrl_interface=/var/run/wpa_supplicant
> ap_scan=1
> 

This kind of looping looks like what I had with bcm43xx-softmac trying to connect with a Linksys 
WRT54G V5 router. Check the ethereal dump of the association response packet. In my case, the 
association was rejected because the STA did not support short preambles. This response is clearly a 
bug in the Linksys firmware and has been reported to them. It is possible that other AP codes have 
the same or similar bugs.

Larry



More information about the HostAP mailing list