Fwd: wpa_supplicant not perform 4way handshake while using wpa-psk security

Vasanth Ragavendran ragavendra.2007 at gmail.com
Wed Feb 1 00:16:42 EST 2012 

>AP to start 4-way handshake - no such frame is visible in the debug log

>you sent.


Thank you so much for your reply Jouni. Yes it wasn't performing a
4-way handshake.


>Could you please start by running the test without using the bridge
>interface? I.e., remove ath0 from any bridge and remove that -b
>parameter.


I followed your suggestion and i've removed the wireless driver from
the bridge as well as from the commandfor starting the supplicant, it
was able to associate and the 4-way and group handshake are complete.
  And the client and the AP are associated. However, I'm not able to
ping between them! :( Neither am i able to ping the end pc's connected
to the wireless devices. The connection setup is as follows.

pc1 --- client --- ap --- pc2

The link betn pc and the wireless devices are thru ethernet. How could
this happen? Further, I am using ap and sta in wds mode. Where the mac
address againt the "Access Point" is the mac address of the Ap which
I'm connecting it to. However I even tried with an older version of
wpa_supplicant and hostapd 0.5.9. Using that version, I'm able to
associate and ping even if the wireless device(ath0) is bridged. What
could be causing it to happen this way?! Thanks again for your help.
Awaiting your early response. Attached please find the log of the
successfully completed handshake, but unable to ping the ap from the
client or ping the client from the ap.


Thanks and Regards
R.Vasanth Ragavendran.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20120201/31907909/attachment.htm 
-------------- next part --------------
<<stripped the starting stuffs as my mail was bouncing due to size limit>>
ath0: State: 4WAY_HANDSHAKE -> GROUP_HANDSHAKE
EAPOL: startWhen --> 0
EAPOL: disable timer tick
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: enable timer tick
EAPOL: txStart
WPA: drop TX EAPOL in non-IEEE 802.1X mode (type=1 len=0)
athrosx: Received 123 bytes from l2_packet (mode=0)
ath0: RX EAPOL from 00:03:7f:42:07:c9
RX EAPOL - hexdump(len=123): 02 03 00 77 fe 01 ca 00 10 00 00 00 00 00 00 00 05 0a d5 33 b1 6b 48 64 c8 94 4e 6d 47 ec 61 e5 e8 6d 4d 75 b1 ee d2 f3 2c cd 42 52 69 0c 7f 29 f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 28 db 5f fd 84 1c 7d 0d 84 dc d9 48 fa 8b e3 39 00 18 dd 16 00 50 f2 01 01 00 00 50 f2 04 01 00 00 50 f2 04 01 00 00 50 f2 02
ath0: IEEE 802.1X RX: version=2 type=3 length=119
ath0:   EAPOL-Key type=254
ath0:   key_info 0x1ca (ver=2 keyidx=0 rsvd=0 Pairwise Install Ack MIC)
ath0:   key_length=16 key_data_length=24
  replay_counter - hexdump(len=8): 00 00 00 00 00 00 00 05
  key_nonce - hexdump(len=32): 0a d5 33 b1 6b 48 64 c8 94 4e 6d 47 ec 61 e5 e8 6d 4d 75 b1 ee d2 f3 2c cd 42 52 69 0c 7f 29 f0
  key_iv - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  key_rsc - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_mic - hexdump(len=16): 28 db 5f fd 84 1c 7d 0d 84 dc d9 48 fa 8b e3 39
WPA: RX EAPOL-Key - hexdump(len=123): 02 03 00 77 fe 01 ca 00 10 00 00 00 00 00 00 00 05 0a d5 33 b1 6b 48 64 c8 94 4e 6d 47 ec 61 e5 e8 6d 4d 75 b1 ee d2 f3 2c cd 42 52 69 0c 7f 29 f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 28 db 5f fd 84 1c 7d 0d 84 dc d9 48 fa 8b e3 39 00 18 dd 16 00 50 f2 01 01 00 00 50 f2 04 01 00 00 50 f2 04 01 00 00 50 f2 02
ath0: State: GROUP_HANDSHAKE -> 4WAY_HANDSHAKE
ath0: WPA: RX message 3 of 4-Way Handshake from 00:03:7f:42:07:c9 (ver=2)
WPA: IE KeyData - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 04 01 00 00 50 f2 04 01 00 00 50 f2 02
WPA: WPA IE in EAPOL-Key - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 04 01 00 00 50 f2 04 01 00 00 50 f2 02
ath0: WPA: Sending EAPOL-Key 4/4
WPA: KCK - hexdump(len=16): [REMOVED]
WPA: Derived Key MIC - hexdump(len=16): 79 f7 28 c8 39 b1 d1 4e 48 d3 02 6c c5 c9 58 16
WPA: TX EAPOL-Key - hexdump(len=99): 01 03 00 5f fe 01 0a 00 10 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 79 f7 28 c8 39 b1 d1 4e 48 d3 02 6c c5 c9 58 16 00 00
ath0: WPA: Installing PTK to the driver
WPA: RSC - hexdump(len=6): 00 00 00 00 00 00
driver_atheros_set_key: ifname=ath0, alg=CCMP key_idx=0 set_tx=1 seq_len=6 key_len=16
athr: addr = 00:03:7f:42:07:c9
 set IEEE80211_PARAM_UCASTCIPHER=3
athr: Set cipher type=8 suite=3
athr: cipher=3
set80211param_ifname: ifname=ath0 subioctl=8 (UCASTCIPHER) arg=3
addr = 00:03:7f:42:07:c9
ath0: State: 4WAY_HANDSHAKE -> GROUP_HANDSHAKE
athrosx: Received 123 bytes from l2_packet (mode=0)
ath0: RX EAPOL from 00:03:7f:42:07:c9
RX EAPOL - hexdump(len=123): 02 03 00 77 fe 03 a2 00 10 00 00 00 00 00 00 00 06 0a d5 33 b1 6b 48 64 c8 94 4e 6d 47 ec 61 e5 e8 6d 4d 75 b1 ee d2 f3 2c cd 42 52 69 0c 7f 29 ef 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ee f4 eb e9 68 2b f7 68 1d 72 f6 8b 21 9a b8 51 00 18 0c 03 02 f0 7d 89 b7 7e 58 4f 68 60 3a 38 ff 32 35 73 8e 99 ba 75 f7 36
ath0: IEEE 802.1X RX: version=2 type=3 length=119
ath0:   EAPOL-Key type=254
ath0:   key_info 0x3a2 (ver=2 keyidx=2 rsvd=0 Group Ack MIC Secure)
ath0:   key_length=16 key_data_length=24
  replay_counter - hexdump(len=8): 00 00 00 00 00 00 00 06
  key_nonce - hexdump(len=32): 0a d5 33 b1 6b 48 64 c8 94 4e 6d 47 ec 61 e5 e8 6d 4d 75 b1 ee d2 f3 2c cd 42 52 69 0c 7f 29 ef
  key_iv - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  key_rsc - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_mic - hexdump(len=16): ee f4 eb e9 68 2b f7 68 1d 72 f6 8b 21 9a b8 51
WPA: RX EAPOL-Key - hexdump(len=123): 02 03 00 77 fe 03 a2 00 10 00 00 00 00 00 00 00 06 0a d5 33 b1 6b 48 64 c8 94 4e 6d 47 ec 61 e5 e8 6d 4d 75 b1 ee d2 f3 2c cd 42 52 69 0c 7f 29 ef 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ee f4 eb e9 68 2b f7 68 1d 72 f6 8b 21 9a b8 51 00 18 0c 03 02 f0 7d 89 b7 7e 58 4f 68 60 3a 38 ff 32 35 73 8e 99 ba 75 f7 36
ath0: WPA: RX message 1 of Group Key Handshake from 00:03:7f:42:07:c9 (ver=2)
ath0: State: GROUP_HANDSHAKE -> GROUP_HANDSHAKE
WPA: Group Key - hexdump(len=16): [REMOVED]
ath0: WPA: Installing GTK to the driver (keyidx=2 tx=0 len=16)
WPA: RSC - hexdump(len=6): 00 00 00 00 00 00
driver_atheros_set_key: ifname=ath0, alg=CCMP key_idx=2 set_tx=0 seq_len=6 key_len=16
athr: addr = ff:ff:ff:ff:ff:ff
athr: TX GTK: set IEEE80211_PARAM_MCASTCIPHER=3
athr: Set cipher type=5 suite=3
athr: cipher=3
set80211param_ifname: ifname=ath0 subioctl=5 (MCASTCIPHER) arg=3
athr: addr = ff:ff:ff:ff:ff:ff
ath0: WPA: Sending EAPOL-Key 2/2
WPA: KCK - hexdump(len=16): [REMOVED]
WPA: Derived Key MIC - hexdump(len=16): dc 69 47 72 07 61 50 7e b4 ee 5d e2 73 e7 5e 24
WPA: TX EAPOL-Key - hexdump(len=99): 01 03 00 5f fe 03 22 00 10 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 dc 69 47 72 07 61 50 7e b4 ee 5d e2 73 e7 5e 24 00 00
ath0: WPA: Key negotiation completed with 00:03:7f:42:07:c9 [PTK=CCMP GTK=CCMP]
ath0: Cancelling authentication timeout
ath0: State: GROUP_HANDSHAKE -> COMPLETED
ath0: CTRL-EVENT-CONNECTED - Connection to 00:03:7f:42:07:c9 completed (auth) [id=0 id_str=]
driver_atheros_set_operstate: operstate 0->1 (UP)
netlink: Operstate: linkmode=-1, operstate=6
EAPOL: External notification - portValid=1
EAPOL: External notification - EAP success=1
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state SUCCESS
EAP: EAP entering state DISABLED
EAPOL: SUPP_PAE entering state AUTHENTICATED
EAPOL: Supplicant port status: Authorized
EAPOL: SUPP_BE entering state IDLE
EAPOL authentication completed successfully
RTM_NEWLINK: operstate=1 ifi_flags=0x11043 ([UP][RUNNING][LOWER_UP])
RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added
ath0: Event 5 received on interface ath0
athrosx: Received 123 bytes from l2_packet (mode=0)
ath0: RX EAPOL from 00:03:7f:42:07:c9
RX EAPOL - hexdump(len=123): 02 03 00 77 fe 03 a2 00 10 00 00 00 00 00 00 00 07 0a d5 33 b1 6b 48 64 c8 94 4e 6d 47 ec 61 e5 e8 6d 4d 75 b1 ee d2 f3 2c cd 42 52 69 0c 7f 29 ef 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 39 95 24 ee 51 e5 2a 1a e5 f4 ee 68 0a 54 11 a5 00 18 0c 03 02 f0 7d 89 b7 7e 58 4f 68 60 3a 38 ff 32 35 73 8e 99 ba 75 f7 36
ath0: IEEE 802.1X RX: version=2 type=3 length=119
ath0:   EAPOL-Key type=254
ath0:   key_info 0x3a2 (ver=2 keyidx=2 rsvd=0 Group Ack MIC Secure)
ath0:   key_length=16 key_data_length=24
  replay_counter - hexdump(len=8): 00 00 00 00 00 00 00 07
  key_nonce - hexdump(len=32): 0a d5 33 b1 6b 48 64 c8 94 4e 6d 47 ec 61 e5 e8 6d 4d 75 b1 ee d2 f3 2c cd 42 52 69 0c 7f 29 ef
  key_iv - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  key_rsc - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_mic - hexdump(len=16): 39 95 24 ee 51 e5 2a 1a e5 f4 ee 68 0a 54 11 a5
WPA: RX EAPOL-Key - hexdump(len=123): 02 03 00 77 fe 03 a2 00 10 00 00 00 00 00 00 00 07 0a d5 33 b1 6b 48 64 c8 94 4e 6d 47 ec 61 e5 e8 6d 4d 75 b1 ee d2 f3 2c cd 42 52 69 0c 7f 29 ef 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 39 95 24 ee 51 e5 2a 1a e5 f4 ee 68 0a 54 11 a5 00 18 0c 03 02 f0 7d 89 b7 7e 58 4f 68 60 3a 38 ff 32 35 73 8e 99 ba 75 f7 36
ath0: WPA: RX message 1 of Group Key Handshake from 00:03:7f:42:07:c9 (ver=2)
ath0: State: COMPLETED -> GROUP_HANDSHAKE
WPA: Group Key - hexdump(len=16): [REMOVED]
ath0: WPA: Installing GTK to the driver (keyidx=2 tx=0 len=16)
WPA: RSC - hexdump(len=6): 00 00 00 00 00 00
driver_atheros_set_key: ifname=ath0, alg=CCMP key_idx=2 set_tx=0 seq_len=6 key_len=16
athr: addr = ff:ff:ff:ff:ff:ff
athr: TX GTK: set IEEE80211_PARAM_MCASTCIPHER=3
athr: Set cipher type=5 suite=3
athr: cipher=3
set80211param_ifname: ifname=ath0 subioctl=5 (MCASTCIPHER) arg=3
athr: addr = ff:ff:ff:ff:ff:ff
ath0: WPA: Sending EAPOL-Key 2/2
WPA: KCK - hexdump(len=16): [REMOVED]
WPA: Derived Key MIC - hexdump(len=16): 05 da 5e f8 f5 60 c1 e8 18 1a dd cd f9 47 c5 f6
WPA: TX EAPOL-Key - hexdump(len=99): 01 03 00 5f fe 03 22 00 10 00 00 00 00 00 00 00 07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 da 5e f8 f5 60 c1 e8 18 1a dd cd f9 47 c5 f6 00 00
ath0: WPA: Group rekeying completed with 00:03:7f:42:07:c9 [GTK=CCMP]
ath0: Cancelling authentication timeout
ath0: State: GROUP_HANDSHAKE -> COMPLETED

~ # iwconfig

ath0      IEEE 802.11na  ESSID:"wireless_vap_333"
          Mode:Managed  Frequency:5.785 GHz  Access Point: 00:03:7F:42:07:C9
          Bit Rate:300 Mb/s   Tx-Power=20 dBm
          RTS thr:off   Fragment thr:off
          Power Management:off
          Link Quality=94/94  Signal level=-23 dBm  Noise level=-95 dBm
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:0  Invalid misc:0   Missed beacon:0

~ # EAPOL: startWhen --> 0
EAPOL: disable timer tick

More information about the HostAP mailing list