WPA-EAP network stops working after random interval

George B. list1 at gir.me.uk
Mon Dec 5 16:48:25 EST 2011


Hello,

I believe I have also hit the issue described here (not sure how to 
properly reply to an archived message):

http://lists.shmoo.com/pipermail/hostap/2011-November/024771.html

Debian (Sid)
Linux 3.1.0-1-amd64
wpasupplicant	0.7.3-5
firmware-iwlwifi	0.34

0c:00.0 Network controller: Intel Corporation WiFi Link 5100
          Subsystem: Intel Corporation WiFi Link 5100 AGN

Upstream router is an old 3Com Office Connect that has been working 
perfectly for about 3 years.

I have only noticed the problem in the last few weeks, which makes me 
suspect that some recent update (kernel, or driver, or something else) 
broke something, but I wanted to run the data past you guys first.

I am able to reproduce the issue - it takes about 5-10 minutes to hit. 
Running "reassoc" from wpa_cli also resolves the issue for me until next 
time (thanks Håvard!)

Setup:
---
ap_scan=1
ctrl_interface=/var/run/wpa_supplicant
network={
         ssid=...
         scan_ssid=0
         proto=WPA RSN
         key_mgmt=WPA-PSK
         pairwise=CCMP TKIP
         group=CCMP TKIP
         psk=...
}

wpa_supplicant -i wlan0 -c wpa_supplicant.conf -D wext -ddd

pump -i wlan0

ping 8.8.8.8 (until no reply)

wpa_cli (to monitor)
---

The patter is always the following message seen twice (in wpa_cli, with 
some time in between):
---
<2>WPA: Group rekeying completed with 00:1e:c1:a2:70:50 [GTK=TKIP]
<2>WPA: Group rekeying completed with 00:1e:c1:a2:70:50 [GTK=TKIP]
---

After the first time everything works, after the second time 
connectivity is lost (traces will eventually show ARP packets being sent 
out by my laptop into the ether).

This is the bit from the debug log at the time of the second message above:
---
RX ctrl_iface - hexdump_ascii(len=4):
       50 49 4e 47                                       PING
RX ctrl_iface - hexdump_ascii(len=4):
       50 49 4e 47                                       PING
RX EAPOL from 00:1e:c1:a2:70:50
RX EAPOL - hexdump(len=99): 01 03 00 5f fe 00 89 00 20 00 00 00 00 00 00 
01 ea 00 b8 ef 01 4a 65 0c 9e 7e 52 3a a8 dc f5 62 d1 50 e4 13 26 5e 0b 
58 90 35 a3 3d a9 0f 09 c2 a7 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00
IEEE 802.1X RX: version=1 type=3 length=95
    EAPOL-Key type=254
    key_info 0x89 (ver=1 keyidx=0 rsvd=0 Pairwise Ack)
    key_length=32 key_data_length=0
    replay_counter - hexdump(len=8): 00 00 00 00 00 00 01 ea
    key_nonce - hexdump(len=32): 00 b8 ef 01 4a 65 0c 9e 7e 52 3a a8 dc 
f5 62 d1 50 e4 13 26 5e 0b 58 90 35 a3 3d a9 0f 09 c2 a7
    key_iv - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00
    key_rsc - hexdump(len=8): 00 00 00 00 00 00 00 00
    key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00
    key_mic - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00
WPA: RX EAPOL-Key - hexdump(len=99): 01 03 00 5f fe 00 89 00 20 00 00 00 
00 00 00 01 ea 00 b8 ef 01 4a 65 0c 9e 7e 52 3a a8 dc f5 62 d1 50 e4 13 
26 5e 0b 58 90 35 a3 3d a9 0f 09 c2 a7 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
State: COMPLETED -> 4WAY_HANDSHAKE
WPA: RX message 1 of 4-Way Handshake from 00:1e:c1:a2:70:50 (ver=1)
WPA: PTK derivation - A1=00:22:fb:2b:05:0e A2=00:1e:c1:a2:70:50
WPA: PMK - hexdump(len=32): [REMOVED]
WPA: PTK - hexdump(len=64): [REMOVED]
WPA: WPA IE for msg 2/4 - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 
f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02
WPA: Sending EAPOL-Key 2/4
WPA: TX EAPOL-Key - hexdump(len=123): 01 03 00 77 fe 01 09 00 20 00 00 
00 00 00 00 01 ea 1a f9 5a ad 59 d1 38 02 11 e0 97 7b f8 e6 4e 17 55 47 
4b 7a 72 a6 b2 c5 fb 4b d2 cb b0 20 e1 4a 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ac 53 
9d e7 32 7b 8c 92 2e cf 3d 4a 89 d8 31 cd 00 18 dd 16 00 50 f2 01 01 00 
00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02
RX EAPOL from 00:1e:c1:a2:70:50
RX EAPOL - hexdump(len=123): 01 03 00 77 fe 01 c9 00 20 00 00 00 00 00 
00 01 eb 00 b8 ef 01 4a 65 0c 9e 7e 52 3a a8 dc f5 62 d1 50 e4 13 26 5e 
0b 58 90 35 a3 3d a9 0f 09 c2 a7 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a3 c8 94 47 7c 
ae a6 a5 ac 7e 7c f4 a5 55 a7 c8 00 18 dd 16 00 50 f2 01 01 00 00 50 f2 
02 01 00 00 50 f2 02 01 00 00 50 f2 02
IEEE 802.1X RX: version=1 type=3 length=119
    EAPOL-Key type=254
    key_info 0x1c9 (ver=1 keyidx=0 rsvd=0 Pairwise Install Ack MIC)
    key_length=32 key_data_length=24
    replay_counter - hexdump(len=8): 00 00 00 00 00 00 01 eb
    key_nonce - hexdump(len=32): 00 b8 ef 01 4a 65 0c 9e 7e 52 3a a8 dc 
f5 62 d1 50 e4 13 26 5e 0b 58 90 35 a3 3d a9 0f 09 c2 a7
    key_iv - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00
    key_rsc - hexdump(len=8): 00 00 00 00 00 00 00 00
    key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00
    key_mic - hexdump(len=16): a3 c8 94 47 7c ae a6 a5 ac 7e 7c f4 a5 55 
a7 c8
WPA: RX EAPOL-Key - hexdump(len=123): 01 03 00 77 fe 01 c9 00 20 00 00 
00 00 00 00 01 eb 00 b8 ef 01 4a 65 0c 9e 7e 52 3a a8 dc f5 62 d1 50 e4 
13 26 5e 0b 58 90 35 a3 3d a9 0f 09 c2 a7 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a3 c8 
94 47 7c ae a6 a5 ac 7e 7c f4 a5 55 a7 c8 00 18 dd 16 00 50 f2 01 01 00 
00 50 f2 02 01 00 00 50 f2 02 01 00 00 50 f2 02
WPA: Invalid EAPOL-Key MIC when using TPTK - ignoring TPTK
WPA: Invalid EAPOL-Key MIC - dropping packet
RX ctrl_iface - hexdump_ascii(len=4):
       50 49 4e 47                                       PING
RX ctrl_iface - hexdump_ascii(len=4):
       50 49 4e 47                                       PING
RX ctrl_iface - hexdump_ascii(len=4):
       50 49 4e 47                                       PING
RX EAPOL from 00:1e:c1:a2:70:50
RX EAPOL - hexdump(len=131): 01 03 00 7f fe 03 b1 00 20 00 00 00 00 00 
00 01 ed 00 b8 ef 01 4a 65 0c 9e 7e 52 3a a8 dc f5 62 d1 50 e4 13 26 5e 
0b 58 90 35 a3 3d a9 0f 09 c2 a9 d1 50 e4 13 26 5e 0b 58 90 35 a3 3d a9 
0f 09 c2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 86 8a 0f c0 d7 
7d ff 33 14 31 b8 da 7b c6 4e a5 00 20 42 42 4a 6c c2 3b 77 2f 78 b1 16 
77 57 47 06 cc b9 4a 2c 4b 05 99 f7 cf 10 9c b5 d1 93 e0 d1 a8
IEEE 802.1X RX: version=1 type=3 length=127
    EAPOL-Key type=254
    key_info 0x3b1 (ver=1 keyidx=3 rsvd=0 Group Ack MIC Secure)
    key_length=32 key_data_length=32
    replay_counter - hexdump(len=8): 00 00 00 00 00 00 01 ed
    key_nonce - hexdump(len=32): 00 b8 ef 01 4a 65 0c 9e 7e 52 3a a8 dc 
f5 62 d1 50 e4 13 26 5e 0b 58 90 35 a3 3d a9 0f 09 c2 a9
    key_iv - hexdump(len=16): d1 50 e4 13 26 5e 0b 58 90 35 a3 3d a9 0f 
09 c2
    key_rsc - hexdump(len=8): 00 00 00 00 00 00 00 00
    key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00
    key_mic - hexdump(len=16): 86 8a 0f c0 d7 7d ff 33 14 31 b8 da 7b c6 
4e a5
WPA: RX EAPOL-Key - hexdump(len=131): 01 03 00 7f fe 03 b1 00 20 00 00 
00 00 00 00 01 ed 00 b8 ef 01 4a 65 0c 9e 7e 52 3a a8 dc f5 62 d1 50 e4 
13 26 5e 0b 58 90 35 a3 3d a9 0f 09 c2 a9 d1 50 e4 13 26 5e 0b 58 90 35 
a3 3d a9 0f 09 c2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 86 8a 
0f c0 d7 7d ff 33 14 31 b8 da 7b c6 4e a5 00 20 42 42 4a 6c c2 3b 77 2f 
78 b1 16 77 57 47 06 cc b9 4a 2c 4b 05 99 f7 cf 10 9c b5 d1 93 e0 d1 a8
WPA: Invalid EAPOL-Key MIC when using TPTK - ignoring TPTK
WPA: RX message 1 of Group Key Handshake from 00:1e:c1:a2:70:50 (ver=1)
State: 4WAY_HANDSHAKE -> GROUP_HANDSHAKE
WPA: Group Key - hexdump(len=32): [REMOVED]
WPA: Installing GTK to the driver (keyidx=3 tx=0 len=32).
WPA: RSC - hexdump(len=6): 00 00 00 00 00 00
wpa_driver_wext_set_key: alg=2 key_idx=3 set_tx=0 seq_len=6 key_len=32
WPA: Sending EAPOL-Key 2/2
WPA: TX EAPOL-Key - hexdump(len=99): 01 03 00 5f fe 03 31 00 20 00 00 00 
00 00 00 01 ed 00 00 00 00 00 00 00 00 00 00 0
---

I attach an extract from the capture file:

.104 is my laptop
.101 is the 3Com router
:23:11 is another PC on the wireless network (Windows Vista which works 
just fine)

I also have an iPhone on the WLAN and it also works fine (not in the 
capture).

Apologies if the data is incomplete I have never spent any time digging 
around with Linux WPA stuff - always used Wicd to care of it for me - 
let me know what else I can send you.


Thanks,

George

-------------- next part --------------
A non-text attachment was scrubbed...
Name: wlan0-snip.cap
Type: application/cap
Size: 2629 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20111205/347b9555/attachment-0001.cap 


More information about the HostAP mailing list