[wpa_supplicant/WPA] request for clarification

Holger Schurig holgerschurig at gmail.com
Mon Jul 19 09:21:36 EDT 2010 

> I'm using the wpa_supplicant 0.6.10, the source code cross compiled
> from Debian sources. 

cross-compiled sounds like your on some embedded device. Which WLAN driver do 
you use, which CPU type?

I'm asking this because it might be the case that your WLAN driver isn't 
totally little-endian/big-endian clean. Proper source annotation and "sparse" 
can help you in discovering this kind of errors.

> One is the "blacklist". Please consider the following snippet:
> 
> 1279286521.334725: Authentication with c0:3f:0e:49:6a:ca timed out.
> 1279286521.334790: CTRL_IFACE monitor send - hexdump(len=21): 2f 74 6d
> 70 2f 77 70 61 5f 63 74 72 6c 5f 32 39 32 36 2d 31 00
> 1279286521.334926: CTRL_IFACE monitor[0]: 111 - Connection refused
> 1279286521.334984: Added BSSID c0:3f:0e:49:6a:ca into blacklist
> 1279286521.335034: wpa_driver_wext_disassociate
> 1279286521.497794: No keys have been configured - skip key clearing
> 1279286521.497841: State: 4WAY_HANDSHAKE -> DISCONNECTED
> 
> I can understand that the authentication has timed out.

Can you *really* understand why it times out?  I can't. If you have one client 
and only one AP, then it shouldn't time out.

You can shed more light into this issue if you take a third computer, put it 
on the channel of the AP and monitor all packets via wireshark.

I see that you still use WEXT (side note: it's outdated, don't make new 
development with  WEXT technology, use NL80211 instead). So it might even be 
the case that you have a WLAN card where the card itself does the association 
part of 802.11. You could even have something like a lost interrupt.



> But from the other hand I don't know why the connection is refused

Some upper layer assumes that a timed out association (client sent the 802.11 
association request packet, but did not receive the 802.11 association 
response packet) equals to a "connection refused" error. That's a follow-up 
error. The first error is more important here.


> and then wpa_supplicant is putting the AP to the "blacklist". 

wpa_supplicant tried to associate to this AP. But this AP didn't answer. So 
for now, wpa_supplicant assumes that this AP is broken. Therefore the AP ends 
up on the blacklist. This makes sure that on the next try (if you have more 
than one AP), it won't be tried again, but a another one instead.

> I'm using 4WAY_HANDSHAKE EAP authentication.

This is here irrelevant, as 802.11 association request / association response 
and 802.11 authentication request / authentication response must happen before 
that. Only then can the 4-way handshake start.


> 1279286521.499053: BSSID 00:00:00:00:00:00 blacklist count incremented
> to 2 
> 1279286521.499108: CTRL-EVENT-DISCONNECTED - Disconnect event - remove
> keys 

That's quite wacky. Maybe your driver sends strange WEXT events.

What does "iwevent" say during this?

Maybe you need to call "iwevent" with some arguments to see all the gory 
details, I forgot as I abandoned iwconfig and other WEXT friends nine months 
ago.


-- 
Homepage: http://www.holgerschurig.de

More information about the HostAP mailing list