sudden disconnect after successfull reauth

Supplicantuser mysupplicant at justmail.de
Fri Jun 11 14:27:19 EDT 2010


Hello!

I'm using wpa_supplicant 0.6.10 (or 0.6.9) with WPA2-tls (WPA2
enterprise) against freeradius.

0.6.10 is linked against openssl1, 0.6.9 against openssl0_9_8k (openSuSE
11.2).

Hardware: RaLink RT2561/RT61 rev B 802.11g

The AP is placed directly (2 m) besides the client (nothing between them
and no other wlan disturbs the receipt).

Ndiswrapper is used as driver (the OS-driver is
uselessly).


wpa_supplicant is configured like this:

network {
	ssid="somewlan"
	proto=RSN
	key_mgmt=WPA-EAP
	pairwise=CCMP
	group=CCMP
	eap=TLS

	proactive_key_caching=1

	identity="someone at any.domain.org"
	ca_cert=/etc/my.ca
	client_cert="/etc/clnt.crt"
	private_key="/etc/clnt.key"
	private_key_passwd="something"
}


Freeradius is configured to use caching (= session resumption).

The initial login and the reauth with the session-resumption are working
fine and fast.

After the rekeying-timoeut (set at the AP) came up, the reauthentication
took place successfully. Sometimes the wlan connection isn't stopped
after the reauth, as shown in the following example:

1276200200.285049: CTRL-EVENT-EAP-SUCCESS EAP authentication completed
successfully
1276200200.285061: EAPOL: SUPP_PAE entering state AUTHENTICATED
1276200200.285071: EAPOL: Supplicant port status: Authorized
1276200200.285081: EAPOL: SUPP_BE entering state RECEIVE
1276200200.285091: EAPOL: SUPP_BE entering state SUCCESS
1276200200.285100: EAPOL: SUPP_BE entering state IDLE
1276200200.285110: EAPOL authentication completed successfully
...
1276200200.298815: WPA: Key negotiation completed with 00:25:9c:8e:fa:3f
[PTK=CCMP GTK=CCMP]
1276200200.298830: Cancelling authentication timeout
1276200200.298841: State: GROUP_HANDSHAKE -> COMPLETED
1276200200.298852: EAPOL: External notification - portValid=1
1276200200.298880: RTM_NEWLINK: operstate=1 ifi_flags=0x11043
([UP][RUNNING][LOWER_UP])
1276200200.298894: RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
1276200200.298907: Wireless event: cmd=0x8c09 len=32
1276200200.298918: PMKID candidate wireless event: flags=0x0 index=0
bssid=....
1276200200.298929: RSN: PMKID candidate event - bssid=.... index=0 preauth=0
1276200200.298942: RSN: Ignored PMKID candidate without preauth flag
1276200203.203233: EAPOL: startWhen --> 0
1276200230.229858: EAPOL: authWhile --> 0
1276200260.258725: EAPOL: idleWhile --> 0
1276200260.258805: EAPOL: disable timer tick


But often, the reauthentication is completed successfully as above, but
directly after the reauthentication, the connection is stopped (and
started sometime later (1 s ... 180 s) again).
This is shown here:

1276199589.694055: CTRL-EVENT-EAP-SUCCESS EAP authentication completed
successfully
1276199589.694068: EAPOL: SUPP_PAE entering state AUTHENTICATED
1276199589.694078: EAPOL: Supplicant port status: Authorized
1276199589.694088: EAPOL: SUPP_BE entering state RECEIVE
1276199589.694098: EAPOL: SUPP_BE entering state SUCCESS
1276199589.694108: EAPOL: SUPP_BE entering state IDLE
1276199589.694118: EAPOL authentication completed successfully
....
1276199589.707920: WPA: Key negotiation completed with 00:25:9c:8e:fa:3f
[PTK=CCMP GTK=CCMP]
1276199589.707934: Cancelling authentication timeout
1276199589.707945: State: GROUP_HANDSHAKE -> COMPLETED
1276199589.707956: EAPOL: External notification - portValid=1
1276199589.708010: RTM_NEWLINK: operstate=1 ifi_flags=0x11043
([UP][RUNNING][LOWER_UP])
1276199589.708025: RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
1276199589.708039: Wireless event: cmd=0x8c09 len=32
1276199589.708051: PMKID candidate wireless event: flags=0x0 index=0
bssid=00:25:9c:8e:fa:3f
1276199589.708063: RSN: PMKID candidate event - bssid=00:25:9c:8e:fa:3f
index=0 preauth=0
1276199589.708075: RSN: Ignored PMKID candidate without preauth flag


Until this point, it's exactly the same as above without a stop-start of
the connection. But it went on like this:


1276199592.738951: RTM_NEWLINK: operstate=1 ifi_flags=0x1043 ([UP][RUNNING])
1276199592.739047: RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
1276199592.739062: Wireless event: cmd=0x8b15 len=20
1276199592.739073: Wireless event: new AP: 00:00:00:00:00:00
1276199592.739101: Setting scan request: 0 sec 100000 usec
1276199592.739118: Added BSSID ......... into blacklist
1276199592.739132: CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys


Why is the connection stoped here? It's been working fine and the
reauthentication with the radius server was ended successfully. I can
see no reason to stop the connection.
Now, the wlan is rescaned and a new authentication is started, which can
take time ... .
I think, there is a problem how to manage the hardware correctly:


1276199592.739144: wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0
seq_len=0 key_len=0
1276199592.739267: Driver did not support SIOCSIWENCODEEXT
1276199592.739279: wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0
seq_len=0 key_len=0
1276199592.739316: Driver did not support SIOCSIWENCODEEXT
1276199592.739328: wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0
seq_len=0 key_len=0
1276199592.739364: Driver did not support SIOCSIWENCODEEXT
1276199592.739384: wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0
seq_len=0 key_len=0
1276199592.739399: wpa_driver_wext_set_key: alg=0 key_idx=4 set_tx=0
seq_len=0 key_len=0
1276199592.739434: Driver did not support SIOCSIWENCODEEXT
1276199592.739446: wpa_driver_wext_set_key: alg=0 key_idx=5 set_tx=0
seq_len=0 key_len=0
1276199592.739480: Driver did not support SIOCSIWENCODEEXT
1276199592.739492: wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0
seq_len=0 key_len=0
1276199592.739509: State: COMPLETED -> DISCONNECTED
			  ^^^^^^^^^^^^^^^^^^^^^^^^^
1276199592.739523: wpa_driver_wext_set_operstate: operstate 1->0 (DORMANT)
1276199592.739535: netlink: Operstate: linkmode=-1, operstate=5
1276199592.739561: EAPOL: External notification - portEnabled=0
1276199592.739573: EAPOL: SUPP_PAE entering state DISCONNECTED
1276199592.739584: EAPOL: Supplicant port status: Unauthorized
1276199592.739593: EAPOL: SUPP_BE entering state INITIALIZE
1276199592.739606: EAP: EAP entering state DISABLED
1276199592.739616: EAPOL: Supplicant port status: Unauthorized
1276199592.739626: EAPOL: External notification - portValid=0
1276199592.739636: EAPOL: Supplicant port status: Unauthorized
1276199592.739649: RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
1276199592.739661: RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
1276199592.839271: State: DISCONNECTED -> SCANNING
....


Does anybody know the reason for the sudden disconnect? Is there a way
to prevent this unnecessarily disconnect? Maybe a patch?


Kind regards,
Supplicantuser


More information about the HostAP mailing list