GTK rekey problem

Miles mileshwu at yahoo.com
Tue Mar 18 13:02:54 EDT 2008


I'm using 0.4.8, kind of outdate.
For problem 1, I agree Uri explaination, deauth to an already deauthenticated station will cause gNoStations goes to -1.
Problem 2:
1. If client went away 1 minute ago, and come back now when rekey is happenning.

2. hostapd will set gsm->state as REKEYNEGOTIATING, then client rejoin again and reset timer but not gsm->state.

3. From now on, hostapd ask this client to send GTK1 but state is wrong, G1 never get send out.

4. gNoStations is 1 always and rekey won't be successful

We should clean WPA state machine whatever reauth or not.

Miles


Jouni Malinen <j at w1.fi> wrote: On Sun, Mar 16, 2008 at 12:56:30PM -0700, Miles wrote:

> I found GNoStations some time is not syncronized with hapd->num_sta, then it can be -1.
> Do you know what scenarios can make it happen?

Which version of hostapd are you using? This should be fixed in 0.5.10
which replaces GNoStations with a more robust mechanism.

> Also, if client doesn't send deauth and come back within age out time, it will jump to  AUTHENTICATION2 directly and GTK state machine doens't get re-initialized, it will cause problem.

Could you please be more specific on what kind of problems you are
seeing? Debug log from hostapd showing this could also be helpful.

-- 
Jouni Malinen                                            PGP id EFC895FA
_______________________________________________
HostAP mailing list
HostAP at lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/hostap


       
---------------------------------
Never miss a thing.   Make Yahoo your homepage.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20080318/9a122ab0/attachment.htm 


More information about the HostAP mailing list