Hostapd EAP-TLS with rt2x00
tn2h
tn2h at free.fr
Mon Apr 23 17:36:11 EDT 2007
Hi,
I try to do WPA2-RSN , EAP-TLS using hostapd et rt2x00 driver.
WPA-PSK work fine but EAP-TLS :( ....
I use hostapd-0.6-2007-03-25 and rt2x00-cvs-2007041515
debian Etch kernel 2.6.18-4
The supplicant is Windows XP
If you have any Idea ?
thx
Here my configration file
hostapd.conf :
interface=wlan0
driver=devicescape
logger_syslog=-1
logger_syslog_level=2
logger_stdout=-1
logger_stdout_level=2
debug=4
dump_file=/tmp/hostapd.dump
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0
ssid=test
country_code=FR
hw_mode=g
channel=11
beacon_int=100
dtim_period=2
max_num_sta=255
rts_threshold=2347
fragm_threshold=2346
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wme_enabled=1
wme_ac_bk_cwmin=4
wme_ac_bk_cwmax=10
wme_ac_bk_aifs=7
wme_ac_bk_txop_limit=0
wme_ac_bk_acm=0
wme_ac_be_aifs=3
wme_ac_be_cwmin=4
wme_ac_be_cwmax=10
wme_ac_be_txop_limit=0
wme_ac_be_acm=0
wme_ac_vi_aifs=2
wme_ac_vi_cwmin=3
wme_ac_vi_cwmax=4
wme_ac_vi_txop_limit=94
wme_ac_vi_acm=0
wme_ac_vo_aifs=2
wme_ac_vo_cwmin=2
wme_ac_vo_cwmax=3
wme_ac_vo_txop_limit=47
wme_ac_vo_acm=0
ieee8021x=1
eapol_version=2
eapol_key_index_workaround=7
eap_server=1
eap_user_file=/etc/hostapd/eap_user
ca_cert=/etc/hostapd/CA/cacert.pem
server_cert=/etc/hostapd/srv_cert.pem
private_key_passwd=yoplaboum
own_ip_addr=127.0.0.1
wpa=1
wpa_key_mgmt=WPA-EAP
wpa_pairwise=TKIP CCMP
the eap_user :
# Wildcard for all other identities
#* PEAP,TTLS,TLS,SIM,AKA
* TLS
and the log :
Configuration file: /etc/hostapd/hostapd.conf
ctrl_interface_group=0
eapol_version=2
TLS: Trusted root certificate(s) loaded
Opening raw packet socket for ifindex 10
BSS count 1, BSSID mask ff:ff:ff:ff:ff:ff (0 bits)
SIOCGIWRANGE: WE(compiled)=20 WE(source)=14 enc_capa=0x0
RATE[0] rate=10 flags=0x152
RATE[1] rate=20 flags=0x156
RATE[2] rate=55 flags=0x156
RATE[3] rate=110 flags=0x156
RATE[4] rate=60 flags=0x131
RATE[5] rate=90 flags=0x31
RATE[6] rate=120 flags=0x131
RATE[7] rate=180 flags=0x31
RATE[8] rate=240 flags=0x131
RATE[9] rate=360 flags=0x31
RATE[10] rate=480 flags=0x31
RATE[11] rate=540 flags=0x31
Could not set passive scanning: Unknown error 4294967295
Flushing old station entries
Deauthenticate all stations
Mode: IEEE 802.11g Channel: 11 Frequency: 2462 MHz
Using interface wlan0 with hwaddr 00:19:db:0b:44:6f and ssid 'test'
WPA: group state machine entering state GTK_INIT (VLAN-ID 0)
GMK - hexdump(len=32): [REMOVED]
GTK - hexdump(len=32): [REMOVED]
WPA: group state machine entering state SETKEYSDONE (VLAN-ID 0)
wlan0: Setup of interface done.
Wireless event: cmd=0x8b04 len=12
Wireless event: cmd=0x8b1a len=12
Received 123 bytes management frame
dump: 80 21 10 01 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
00 0f a0 00 00 00 07 00 00 00 0b
00 00 00 00 00 00 00 00 ff ff ff ff 00 00 00 03 00 00 00 55 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
00 40 00 00 00 ff ff ff ff ff ff 00 18 de d7 c5 c1 ff ff ff ff ff ff d0
ff 00 04 74 65 73 74 01 08 02 0
4 0b 16 0c 12 18 24 32 04 30 48 60 6c dd 07 00 03 47 01 02 01 01
MGMT
mgmt::probe_req
unknown vendor specific information element ignored (vendor OUI 00:03:47
len=7)
STA 00:18:de:d7:c5:c1 sent probe request for our SSID
Received 119 bytes management frame
dump: 80 21 10 01 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
00 0f a0 00 00 00 07 00 00 00 0b
00 00 00 00 00 00 00 00 ff ff ff ff 00 00 00 03 00 00 00 55 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
00 40 00 00 00 ff ff ff ff ff ff 00 18 de d7 c5 c1 ff ff ff ff ff ff d0
ff 00 00 01 08 02 04 0b 16 0c 1
2 18 24 32 04 30 48 60 6c dd 07 00 03 47 01 02 01 01
MGMT
mgmt::probe_req
unknown vendor specific information element ignored (vendor OUI 00:03:47
len=7)
STA 00:18:de:d7:c5:c1 sent probe request for broadcast SSID
Received 98 bytes management frame
dump: 80 21 10 01 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
00 3e 81 00 00 00 07 00 00 00 0b
00 00 00 0a 00 00 00 00 ff ff ff ff 00 00 00 03 00 00 00 55 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
00 b0 00 2c 00 00 19 db 0b 44 6f 00 18 de d7 c5 c1 00 19 db 0b 44 6f d0
ff 00 00 01 00 00 00
MGMT
mgmt::auth
authentication: STA=00:18:de:d7:c5:c1 auth_alg=0 auth_transaction=1
status_code=0 wep=0
New STA
wlan0: STA 00:18:de:d7:c5:c1 IEEE 802.11: authentication OK (open system)
wlan0: STA 00:18:de:d7:c5:c1 MLME:
MLME-AUTHENTICATE.indication(00:18:de:d7:c5:c1, OPEN_SYSTEM)
wlan0: STA 00:18:de:d7:c5:c1 MLME:
MLME-DELETEKEYS.request(00:18:de:d7:c5:c1)
authentication reply: STA=00:18:de:d7:c5:c1 auth_alg=0
auth_transaction=2 resp=0 (IE len=0)
Received 98 bytes management frame
dump: 80 21 10 01 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
01 b0 00 3a 01 00 18 de d7 c5 c1 00 19 db 0b 44 6f 00 19 db 0b 44 6f 00
00 00 00 02 00 00 00
MGMT (TX callback) ACK
mgmt::auth cb
wlan0: STA 00:18:de:d7:c5:c1 IEEE 802.11: authenticated
Received 153 bytes management frame
dump: 80 21 10 01 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
00 4e 21 00 00 00 07 00 00 00 0b
00 00 00 0a 00 00 00 00 ff ff ff ff 00 00 00 03 00 00 00 56 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
00 00 00 2c 00 00 19 db 0b 44 6f 00 18 de d7 c5 c1 00 19 db 0b 44 6f e0
ff 11 04 0a 00 00 04 74 65 73 7
4 01 08 82 84 8b 96 0c 12 18 24 32 04 30 48 60 6c dd 07 00 50 f2 02 00
01 00 dd 18 00 50 f2 01 01 00 00
50 f2 02 01 00 00 50 f2 04 01 00 00 50 f2 01 3c 00
MGMT
mgmt::assoc_req
association request: STA=00:18:de:d7:c5:c1 capab_info=0x411
listen_interval=10
WME IE - hexdump(len=7): 00 50 f2 02 00 01 00
Validating WME IE: OUI 00:50:f2 OUI type 2 OUI sub-type 0 version 1
new AID 1
wlan0: STA 00:18:de:d7:c5:c1 IEEE 802.11: association OK (aid 1)
Received 140 bytes management frame
dump: 80 21 10 01 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
01 10 00 3a 01 00 18 de d7 c5 c1 00 19 db 0b 44 6f 00 19 db 0b 44 6f 00
00 11 04 00 00 01 c0 01 08 82 8
4 8b 96 0c 12 18 24 32 04 30 48 60 6c dd 18 00 50 f2 02 01 01 00 00 03
a4 00 00 27 a4 00 00 42 43 5e 00
62 32 2f 00
MGMT (TX callback) ACK
mgmt::assoc_resp cb
wlan0: STA 00:18:de:d7:c5:c1 IEEE 802.11: associated (aid 1, accounting
session 462D1E53-00000000)
wlan0: STA 00:18:de:d7:c5:c1 MLME:
MLME-ASSOCIATE.indication(00:18:de:d7:c5:c1)
wlan0: STA 00:18:de:d7:c5:c1 MLME:
MLME-DELETEKEYS.request(00:18:de:d7:c5:c1)
wlan0: STA 00:18:de:d7:c5:c1 WPA: event 1 notification
wlan0: STA 00:18:de:d7:c5:c1 IEEE 802.1X: start authentication
EAP: Server state machine created
IEEE 802.1X: 00:18:de:d7:c5:c1 AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:18:de:d7:c5:c1 BE_AUTH entering state INITIALIZE
IEEE 802.1X: 00:18:de:d7:c5:c1 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:18:de:d7:c5:c1 AUTH_KEY_TX entering state NO_KEY_TRANSMIT
IEEE 802.1X: 00:18:de:d7:c5:c1 KEY_RX entering state NO_KEY_RECEIVE
IEEE 802.1X: 00:18:de:d7:c5:c1 CTRL_DIR entering state IN_OR_BOTH
IEEE 802.1X: 00:18:de:d7:c5:c1 AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:18:de:d7:c5:c1 BE_AUTH entering state IDLE
IEEE 802.1X: 00:18:de:d7:c5:c1 KEY_RX entering state NO_KEY_RECEIVE
IEEE 802.1X: 00:18:de:d7:c5:c1 CTRL_DIR entering state FORCE_BOTH
IEEE 802.1X: 00:18:de:d7:c5:c1 AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:18:de:d7:c5:c1 KEY_RX entering state NO_KEY_RECEIVE
wlan0: STA 00:18:de:d7:c5:c1 WPA: start authentication
WPA: 00:18:de:d7:c5:c1 WPA_PTK entering state INITIALIZE
WPA: 00:18:de:d7:c5:c1 WPA_PTK_GROUP entering state IDLE
WPA: 00:18:de:d7:c5:c1 WPA_PTK entering state AUTHENTICATION
WPA: 00:18:de:d7:c5:c1 WPA_PTK entering state AUTHENTICATION2
IEEE 802.1X: 00:18:de:d7:c5:c1 AUTH_PAE entering state DISCONNECTED
wlan0: STA 00:18:de:d7:c5:c1 IEEE 802.1X: unauthorizing port
IEEE 802.1X: 00:18:de:d7:c5:c1 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:18:de:d7:c5:c1 AUTH_PAE entering state RESTART
IEEE 802.1X: Integrated EAP server in use - do not generate
EAP-Request/Identity
IEEE 802.1X: 00:18:de:d7:c5:c1 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:18:de:d7:c5:c1 REAUTH_TIMER entering state INITIALIZE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: no identity known yet -> CONTINUE
EAP: EAP entering state PROPOSE_METHOD
EAP: getNextMethod: vendor 0 type 1
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 103
EAP: EAP entering state SEND_REQUEST
EAP: eapReqData -> EAPOL - hexdump(len=5): 01 67 00 05 01
EAP: EAP entering state IDLE
IEEE 802.1X: 00:18:de:d7:c5:c1 AUTH_PAE entering state CONNECTING
IEEE 802.1X: 00:18:de:d7:c5:c1 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:18:de:d7:c5:c1 AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: 00:18:de:d7:c5:c1 BE_AUTH entering state REQUEST
wlan0: STA 00:18:de:d7:c5:c1 IEEE 802.1X: Sending EAP Packet (identifier
103)
IEEE 802.1X: 00:18:de:d7:c5:c1 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:18:de:d7:c5:c1 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:18:de:d7:c5:c1 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:18:de:d7:c5:c1 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:18:de:d7:c5:c1 REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:18:de:d7:c5:c1 REAUTH_TIMER entering state INITIALIZE
Received 109 bytes management frame
dump: 80 21 10 01 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
01 08 02 2c 00 00 18 de d7 c5 c1 00 19 db 0b 44 6f 00 19 db 0b 44 6f 00
00 aa aa 03 00 00 00 88 8e 02 0
0 00 05 01 67 00 05 01
DATA (TX callback) ACK
IEEE 802.1X: 00:18:de:d7:c5:c1 TX status - version=2 type=0 length=5 - ack=1
Received 123 bytes management frame
dump: 80 21 10 01 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
03 7a ae 00 00 00 07 00 00 00 0b
00 00 00 00 00 00 00 00 ff ff ff ff 00 00 00 03 00 00 00 55 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
00 40 00 00 00 ff ff ff ff ff ff 00 18 de d7 c5 c1 ff ff ff ff ff ff 00
00 00 04 74 65 73 74 01 08 02 0
4 0b 16 0c 12 18 24 32 04 30 48 60 6c dd 07 00 03 47 01 02 01 01
MGMT
mgmt::probe_req
unknown vendor specific information element ignored (vendor OUI 00:03:47
len=7)
STA 00:18:de:d7:c5:c1 sent probe request for our SSID
Received 94 bytes management frame
dump: 80 21 10 01 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
0d bb d8 00 00 00 07 00 00 00 0b
00 00 00 0a 00 00 00 00 ff ff ff ff 00 00 00 03 00 00 00 57 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
00 c0 00 2c 00 00 19 db 0b 44 6f 00 18 de d7 c5 c1 00 19 db 0b 44 6f 10
00 01 00
MGMT
mgmt::deauth
deauthentication: STA=00:18:de:d7:c5:c1 reason_code=1
wlan0: STA 00:18:de:d7:c5:c1 WPA: event 3 notification
WPA: 00:18:de:d7:c5:c1 WPA_PTK entering state DISCONNECTED
WPA: 00:18:de:d7:c5:c1 WPA_PTK entering state INITIALIZE
wlan0: STA 00:18:de:d7:c5:c1 IEEE 802.11: deauthenticated
wlan0: STA 00:18:de:d7:c5:c1 MLME:
MLME-DEAUTHENTICATE.indication(00:18:de:d7:c5:c1, 1)
wlan0: STA 00:18:de:d7:c5:c1 MLME:
MLME-DELETEKEYS.request(00:18:de:d7:c5:c1)
EAP: Server state machine removed
Received 123 bytes management frame
dump: 80 21 10 01 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
5a 37 31 00 00 00 07 00 00 00 0b
00 00 00 00 00 00 00 00 ff ff ff ff 00 00 00 03 00 00 00 56 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
00 40 00 00 00 ff ff ff ff ff ff 00 18 de d7 c5 c1 ff ff ff ff ff ff 20
00 00 04 74 65 73 74 01 08 02 0
4 0b 16 0c 12 18 24 32 04 30 48 60 6c dd 07 00 03 47 01 02 01 01
MGMT
mgmt::probe_req
unknown vendor specific information element ignored (vendor OUI 00:03:47
len=7)
STA 00:18:de:d7:c5:c1 sent probe request for our SSID
Received 119 bytes management frame
dump: 80 21 10 01 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
5a 37 31 00 00 00 07 00 00 00 0b
00 00 00 00 00 00 00 00 ff ff ff ff 00 00 00 03 00 00 00 56 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
00 40 00 00 00 ff ff ff ff ff ff 00 18 de d7 c5 c1 ff ff ff ff ff ff 20
00 00 00 01 08 02 04 0b 16 0c 1
2 18 24 32 04 30 48 60 6c dd 07 00 03 47 01 02 01 01
MGMT
mgmt::probe_req
unknown vendor specific information element ignored (vendor OUI 00:03:47
len=7)
STA 00:18:de:d7:c5:c1 sent probe request for broadcast SSID
Received 98 bytes management frame
dump: 80 21 10 01 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
5a 56 72 00 00 00 07 00 00 00 0b
00 00 00 0a 00 00 00 00 ff ff ff ff 00 00 00 03 00 00 00 57 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
00 b0 00 2c 00 00 19 db 0b 44 6f 00 18 de d7 c5 c1 00 19 db 0b 44 6f 20
00 00 00 01 00 00 00
MGMT
mgmt::auth
authentication: STA=00:18:de:d7:c5:c1 auth_alg=0 auth_transaction=1
status_code=0 wep=0
New STA
wlan0: STA 00:18:de:d7:c5:c1 IEEE 802.11: authentication OK (open system)
wlan0: STA 00:18:de:d7:c5:c1 MLME:
MLME-AUTHENTICATE.indication(00:18:de:d7:c5:c1, OPEN_SYSTEM)
wlan0: STA 00:18:de:d7:c5:c1 MLME:
MLME-DELETEKEYS.request(00:18:de:d7:c5:c1)
authentication reply: STA=00:18:de:d7:c5:c1 auth_alg=0
auth_transaction=2 resp=0 (IE len=0)
Received 98 bytes management frame
dump: 80 21 10 01 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
01 b0 00 3a 01 00 18 de d7 c5 c1 00 19 db 0b 44 6f 00 19 db 0b 44 6f 00
00 00 00 02 00 00 00
MGMT (TX callback) ACK
mgmt::auth cb
wlan0: STA 00:18:de:d7:c5:c1 IEEE 802.11: authenticated
Received 153 bytes management frame
dump: 80 21 10 01 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
5a 66 12 00 00 00 07 00 00 00 0b
00 00 00 0a 00 00 00 00 ff ff ff ff 00 00 00 03 00 00 00 57 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
00 00 00 2c 00 00 19 db 0b 44 6f 00 18 de d7 c5 c1 00 19 db 0b 44 6f 30
00 11 04 0a 00 00 04 74 65 73 7
4 01 08 82 84 8b 96 0c 12 18 24 32 04 30 48 60 6c dd 07 00 50 f2 02 00
01 00 dd 18 00 50 f2 01 01 00 00
50 f2 02 01 00 00 50 f2 04 01 00 00 50 f2 01 3c 00
MGMT
mgmt::assoc_req
association request: STA=00:18:de:d7:c5:c1 capab_info=0x411
listen_interval=10
WME IE - hexdump(len=7): 00 50 f2 02 00 01 00
Validating WME IE: OUI 00:50:f2 OUI type 2 OUI sub-type 0 version 1
new AID 1
wlan0: STA 00:18:de:d7:c5:c1 IEEE 802.11: association OK (aid 1)
Received 140 bytes management frame
dump: 80 21 10 01 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
01 10 00 3a 01 00 18 de d7 c5 c1 00 19 db 0b 44 6f 00 19 db 0b 44 6f 00
00 11 04 00 00 01 c0 01 08 82 8
4 8b 96 0c 12 18 24 32 04 30 48 60 6c dd 18 00 50 f2 02 01 01 00 00 03
a4 00 00 27 a4 00 00 42 43 5e 00
62 32 2f 00
MGMT (TX callback) ACK
mgmt::assoc_resp cb
wlan0: STA 00:18:de:d7:c5:c1 IEEE 802.11: associated (aid 1, accounting
session 462D1E53-00000001)
wlan0: STA 00:18:de:d7:c5:c1 MLME:
MLME-ASSOCIATE.indication(00:18:de:d7:c5:c1)
wlan0: STA 00:18:de:d7:c5:c1 MLME:
MLME-DELETEKEYS.request(00:18:de:d7:c5:c1)
wlan0: STA 00:18:de:d7:c5:c1 WPA: event 1 notification
wlan0: STA 00:18:de:d7:c5:c1 IEEE 802.1X: start authentication
EAP: Server state machine created
More information about the HostAP
mailing list