MLME-REPLAYFAILURE.indication problem

Marcus Schmitz schmidtbaer at hotmail.com
Thu Jun 29 13:07:36 EDT 2006


Hello,

I am having some trouble to establish a WPA-PSK connection using 
wpa_supplicant. Yet I am not sure if it is a SW problem or HW related 
(although it works under Window$).

HW setup:
- TP-Link PCMCIA card (AR5005g = AR2413 chipset)
- AP: D-Link DWL-900AP+ (Firmware 3.07)

SW setup:
- Linux kernel 2.6.17.1 + madwifi driver  (tried 0.9.1 and svn r1648)
- wpa_supplicant 0.4.9 and 0.5.4

wpa_supplicant.conf:
network={
	ssid="schmidtbaer"
	key_mgmt=WPA-PSK
	proto=WPA
	pairwise=TKIP
	group=TKIP
	psk="mypasswd"
}

Whenever I started wpa_supplicant (no matter if -Dwext or -Dmadwifi, no 
matter which driver version or wpa_supplicant version), I get the following 
debug information:

--------------------------------------------
Initializing interface 'ath0' conf '/etc/wpa_supplicant.conf' driver 'wext' 
ctrl_interface 'N/A' bridge 'N/A'
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
ap_scan=1
Line: 9 - start of a new network block
ssid - hexdump_ascii(len=11):
     73 63 68 6d 69 64 74 62 61 65 72                  schmidtbaer
scan_ssid=1 (0x1)
key_mgmt: 0x2
proto: 0x1
PSK (ASCII passphrase) - hexdump_ascii(len=9): [REMOVED]
pairwise: 0x18
group: 0x18
PSK (from passphrase) - hexdump(len=32): [REMOVED]
Priority group 0
   id=0 ssid='schmidtbaer'
Initializing interface (2) 'ath0'
SIOCGIWRANGE: WE(compiled)=20 WE(source)=13 enc_capa=0xf
  capabilities: key_mgmt 0xf enc 0xf
WEXT: Operstate: linkmode=1, operstate=5
Own MAC address: 00:14:78:73:9b:ff
wpa_driver_wext_set_wpa
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_countermeasures
wpa_driver_wext_set_drop_unencrypted
Setting scan request: 0 sec 100000 usec
Added interface ath0
Wireless event: cmd=0x8b06 len=8
Ignore event for foreign ifindex 7
RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
State: DISCONNECTED -> SCANNING
Starting AP scan (specific SSID)
Scan SSID - hexdump_ascii(len=11):
     73 63 68 6d 69 64 74 62 61 65 72                  schmidtbaer
Trying to get current scan results first without requesting a new scan to 
speed up initial association
Received 0 bytes of scan results (0 BSSes)
Scan results: 0
Selecting BSS from priority group 0
No suitable AP found.
Setting scan request: 0 sec 0 usec
Starting AP scan (broadcast SSID)
Wireless event: cmd=0x8b19 len=8
Received 991 bytes of scan results (5 BSSes)
Scan results: 5
Selecting BSS from priority group 0
0: 00:40:05:31:d9:33 ssid='schmidtbaer' wpa_ie_len=26 rsn_ie_len=0 caps=0x11
   selected based on WPA IE
Trying to associate with 00:40:05:31:d9:33 (SSID='schmidtbaer' freq=2427 
MHz)
Cancelling scan request
WPA: clearing own WPA/RSN IE
Automatic auth_alg selection: 0x1
WPA: using IEEE 802.11i/D3.0
WPA: Selected cipher suites: group 8 pairwise 8 key_mgmt 2
WPA: set AP WPA IE - hexdump(len=26): dd 18 00 50 f2 01 01 00 00 50 f2 02 01 
00 00 50 f2 02 01 00 00 50 f2 02 00 00
WPA: clearing AP RSN IE
WPA: using GTK TKIP
WPA: using PTK TKIP
WPA: using KEY_MGMT WPA-PSK
WPA: Set own WPA IE default - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 
f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02
No keys have been configured - skip key clearing
wpa_driver_wext_set_drop_unencrypted
State: SCANNING -> ASSOCIATING
WEXT: Operstate: linkmode=-1, operstate=5
wpa_driver_wext_associate
Association request to the driver failed
Setting authentication timeout: 5 sec 0 usec
Wireless event: cmd=0x8b06 len=8
Wireless event: cmd=0x8b04 len=12
Wireless event: cmd=0x8b1a len=20
Wireless event: cmd=0x8b15 len=20
Wireless event: new AP: 00:40:05:31:d9:33
State: ASSOCIATING -> ASSOCIATED
WEXT: Operstate: linkmode=-1, operstate=5
Associated to a new BSS: BSSID=00:40:05:31:d9:33
No keys have been configured - skip key clearing
Associated with 00:40:05:31:d9:33
WPA: Association event - clear replay counter
Setting authentication timeout: 10 sec 0 usec
RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
RX EAPOL from 00:40:05:31:d9:33
RX EAPOL - hexdump(len=99): 01 03 00 5f fe 00 89 00 20 00 00 00 00 00 00 00 
01 fb 14 e4 b9 b4 99 37 8e a0 bf 77 72 6f c5 36 86 43 65 ca 2c 55 42 51 92 
23 72 01 3a 25 12 ca 82 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00
Setting authentication timeout: 10 sec 0 usec
IEEE 802.1X RX: version=1 type=3 length=95
  EAPOL-Key type=254
  key_info 0x89 (ver=1 keyidx=0 rsvd=0 Pairwise Ack)
  key_length=32 key_data_length=0
  replay_counter - hexdump(len=8): 00 00 00 00 00 00 00 01
  key_nonce - hexdump(len=32): fb 14 e4 b9 b4 99 37 8e a0 bf 77 72 6f c5 36 
86 43 65 ca 2c 55 42 51 92 23 72 01 3a 25 12 ca 82
  key_iv - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  key_rsc - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_mic - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
WPA: RX EAPOL-Key - hexdump(len=99): 01 03 00 5f fe 00 89 00 20 00 00 00 00 
00 00 00 01 fb 14 e4 b9 b4 99 37 8e a0 bf 77 72 6f c5 36 86 43 65 ca 2c 55 
42 51 92 23 72 01 3a 25 12 ca 82 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00
State: ASSOCIATED -> 4WAY_HANDSHAKE
WPA: RX message 1 of 4-Way Handshake from 00:40:05:31:d9:33 (ver=1)
WPA: Renewed SNonce - hexdump(len=32): 85 90 e2 c4 95 af 4f bb e4 8f fc 00 
ae dc 40 76 a7 f5 de 0e 78 02 05 70 2a 1d 27 69 ae dd a9 73
WPA: PMK - hexdump(len=32): [REMOVED]
WPA: PTK - hexdump(len=64): [REMOVED]
WPA: WPA IE for msg 2/4 - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 
02 01 00 00 50 f2 02 01 00 00 50 f2 02
WPA: Sending EAPOL-Key 2/4
WPA: TX EAPOL-Key - hexdump(len=123): 01 03 00 77 fe 01 09 00 20 00 00 00 00 
00 00 00 01 85 90 e2 c4 95 af 4f bb e4 8f fc 00 ae dc 40 76 a7 f5 de 0e 78 
02 05 70 2a 1d 27 69 ae dd a9 73 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d7 6e 49 6e b2 98 5c 
2c 53 b0 bd 2f 59 92 05 f9 00 18 dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 
00 50 f2 02 01 00 00 50 f2 02
RX EAPOL from 00:40:05:31:d9:33
RX EAPOL - hexdump(len=125): 01 03 00 79 fe 01 c9 00 20 00 00 00 00 00 00 00 
02 fb 14 e4 b9 b4 99 37 8e a0 bf 77 72 6f c5 36 86 43 65 ca 2c 55 42 51 92 
23 72 01 3a 25 12 ca 82 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 79 86 b0 6d 46 b7 20 a7 be b7 
0f 58 4e 21 1c 8a 00 1a dd 18 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 f2 
02 01 00 00 50 f2 02 00 00
IEEE 802.1X RX: version=1 type=3 length=121
  EAPOL-Key type=254
  key_info 0x1c9 (ver=1 keyidx=0 rsvd=0 Pairwise Install Ack MIC)
  key_length=32 key_data_length=26
  replay_counter - hexdump(len=8): 00 00 00 00 00 00 00 02
  key_nonce - hexdump(len=32): fb 14 e4 b9 b4 99 37 8e a0 bf 77 72 6f c5 36 
86 43 65 ca 2c 55 42 51 92 23 72 01 3a 25 12 ca 82
  key_iv - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  key_rsc - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_mic - hexdump(len=16): 79 86 b0 6d 46 b7 20 a7 be b7 0f 58 4e 21 1c 8a
WPA: RX EAPOL-Key - hexdump(len=125): 01 03 00 79 fe 01 c9 00 20 00 00 00 00 
00 00 00 02 fb 14 e4 b9 b4 99 37 8e a0 bf 77 72 6f c5 36 86 43 65 ca 2c 55 
42 51 92 23 72 01 3a 25 12 ca 82 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 79 86 b0 6d 46 b7 20 
a7 be b7 0f 58 4e 21 1c 8a 00 1a dd 18 00 50 f2 01 01 00 00 50 f2 02 01 00 
00 50 f2 02 01 00 00 50 f2 02 00 00
State: 4WAY_HANDSHAKE -> 4WAY_HANDSHAKE
WPA: RX message 3 of 4-Way Handshake from 00:40:05:31:d9:33 (ver=1)
WPA: IE KeyData - hexdump(len=26): dd 18 00 50 f2 01 01 00 00 50 f2 02 01 00 
00 50 f2 02 01 00 00 50 f2 02 00 00
WPA: Sending EAPOL-Key 4/4
WPA: TX EAPOL-Key - hexdump(len=99): 01 03 00 5f fe 01 09 00 20 00 00 00 00 
00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6a 9e 98 f7 2b 7a 70 
1d 85 fd b1 b8 cc 19 c6 1a 00 00
WPA: Installing PTK to the driver.
WPA: RSC - hexdump(len=6): 00 00 00 00 00 00
wpa_driver_wext_set_key: alg=2 key_idx=0 set_tx=1 seq_len=6 key_len=32
State: 4WAY_HANDSHAKE -> GROUP_HANDSHAKE
Wireless event: cmd=0x8c02 len=77
Custom wireless event: 'MLME-REPLAYFAILURE.indication(keyid=4 unicast 
addr=00:14:78:73:9b:ff)'
Authentication with 00:40:05:31:d9:33 timed out.
Added BSSID 00:40:05:31:d9:33 into blacklist
State: GROUP_HANDSHAKE -> DISCONNECTED
WEXT: Operstate: linkmode=-1, operstate=5
wpa_driver_wext_disassociate
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
Setting scan request: 0 sec 0 usec
State: DISCONNECTED -> SCANNING
Starting AP scan (specific SSID)
Scan SSID - hexdump_ascii(len=11):
     73 63 68 6d 69 64 74 62 61 65 72                  schmidtbaer
Wireless event: cmd=0x8b15 len=20
Wireless event: new AP: 00:00:00:00:00:00
BSSID 00:40:05:31:d9:33 blacklist count incremented to 2
State: SCANNING -> DISCONNECTED
----------------------------------------------

The problem seems to be that during the group handshake a time out occures:
---
MLME-REPLAYFAILURE.indication(keyid=4 unicast addr=00:14:78:73:9b:ff)'
Authentication with 00:40:05:31:d9:33 timed out.
---


I also tried WEP, which worked on the spot.

Any suggestion would be appreciated!

Many thanks in advance
Marcus

_________________________________________________________________
Don't just search. Find. Check out the new MSN Search! 
http://search.msn.click-url.com/go/onm00200636ave/direct/01/




More information about the HostAP mailing list