deauthen after reauthen via radius

Xu Alex newcalex2010 at gmail.com
Fri Apr 29 02:49:52 EDT 2011


Hi all,
This may be an old trouble, because I googled it and found someone else had
met this one even with the newest wpa_supplicant & hostapd(I use 0.5.9 in my
test).The AP & CPE both use the same board with Atheros chips(AR9283, use
madwifi as driver).I set the AP & CPE both in WPA + RADIUS(the EAP method is
PEAP, and WPA2 have this problem too) mode and the reauthentication time is
100s(of couse u can set a less one to find it soon).

hostapd config file :
---------------------------------------------------
ieee8021x=1
eapol_key_index_workaround=0
own_ip_addr=192.168.1.2
wpa=1
wpa_parwise=TKIP
ssid=test
wpa_key_mgmt=WPA-EAP
auth_server_addr=192.168.1.22
auth_server_port=1812
auth_server_shared_secret=testtest
eap_reauth_period=100
wpa_group_rekey=0
--------------------------------------------------
wpa_supplicant config file:
----------------------------------------------------
network={
        ssid="test"
        proto=WPA
        key_mgmt=WPA-EAP
        pairwise=TKIP
        group=TKIP
        eap=PEAP
        identity="test"
        password="test"
        phase1="peaplabel=0"
        phase2="auth=MSCHAPV2"
}
----------------------------------------------------
The trouble is that when CPE need to reauthen, sometimes AP may send
deauthen frame to CPE.I checked my debug log finding out that sometimes AP
couldn't get the correct fourth handshake packet of 4 way handshake, so AP
decide to deauthen the CPE, but what shot me is that I can sniffer the
fourth packet in the air(judge from their packet length though I didn't know
anything about the TKIP data).
So here is the question, whether the CPE/wpa_supplicant send a wrong fourth
handshake packet or the AP(madwifi) decode the packet incorrectly coused
this problem. I can comfirm that the 4th handshake packet is correct before
sending to the l2 layer and the key matched with the AP's before sending.
If this problem had been solved in the newest version , please give me a
hand and show me howto, thanks a lot.
PS: this problem is unpredictable, it means u may wait 10 or more than 30
minutes to find it.
Yours,
C.Alex
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20110429/2fbf7247/attachment.htm 


More information about the HostAP mailing list