wpa_cli roam

Patrick Herrmann Patrick.Herrmann at rwth-aachen.de
Tue Feb 14 12:29:24 EST 2012


We use voayage linux with kernel 2.6.38.2 
(uname -a complete output:
Linux meshrouter7 2.6.38.2-32bit #1 PREEMPT Fri Nov 11 11:24:58 UTC 2011 i586 GNU/Linux)

APs wireless card: Atheros AR5008 Wireless Cards (loaded modules athk9, ath9k_hw,mac80211,cfg80211,ath9k_common,ath).

Supplicant wireless card: Broadcom BCM43224 802.11a/b/g/n (driver brcmsmac).

Used drive in hostapd and wpa_supplicant: nl80211.

But I wonder why roam sometimes works using the cached PMK.

Do you need more information?

Thank you,
Patrick

Am 02/14/12, schrieb Dan Williams  <dcbw at redhat.com>:

> On Tue, 2012-02-14 at 14:03 +0100, Patrick Herrmann wrote:
> > Hello,
> > 
> > I have some trouble using "wpa_cli roam <bssid>" command. I use EAP-TTLS (PAP) to authenticate supplicants.
> > 
> > I let wpa_supplicant (using nl80211 driver) connect to AP1 (also nl80211 driver). Afterwards I use "wpa_cli roam" to connect to AP2. Both APs and the supplicant cache the PMKs as expected (verfied via wpa_cli pmksa).
> 
> What kernel version are you using, and what wifi hardware do you have?
> Successful WPA Enterprise roaming depends quite a bit on the kernel and
> drivers too.
> 
> Dan
> 
> > Now I initiate the handover from AP2 back to AP1. The lookup of the PMKID succeeds as can be seen in the debug output below. But the nl80211 driver fails sometimes "nl80211: MLME command failed ret=-2 (No such file or directory)":
> > ----------------
> > RSN: PMKID - hexdump(len=16): b8 ac 09 8e 2a 61 e8 0a 36 d7 e3 ba 47 4d 26 65
> > RSN: Trying to use cached PMKSA
> > RSN: using IEEE 802.11i/D9.0
> > WPA: Selected cipher suites: group 16 pairwise 16 key_mgmt 1 proto 2
> > WPA: clearing AP WPA IE
> > WPA: set AP RSN IE - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 01 0c 00
> > WPA: using GTK CCMP
> > WPA: using PTK CCMP
> > WPA: using KEY_MGMT 802.1X
> > WPA: Set own WPA IE default - hexdump(len=40): 30 26 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 01 00 00 01 00 b8 ac 09 8e 2a 61 e8 0a 36 d7 e3 ba 47 4d 26 65
> > Cancelling scan request
> > Trying to authenticate with 00:1f:f3:c0:89:0f (SSID='itsecmeshclient' freq=5300 MHz)
> > wpa_driver_nl80211_set_key: ifindex=3 alg=0 addr=0x44e669 key_idx=0 set_tx=0 seq_len=0 key_len=0
> > wpa_driver_nl80211_set_key: ifindex=3 alg=0 addr=0x44e669 key_idx=1 set_tx=0 seq_len=0 key_len=0
> > wpa_driver_nl80211_set_key: ifindex=3 alg=0 addr=0x44e669 key_idx=2 set_tx=0 seq_len=0 key_len=0
> > wpa_driver_nl80211_set_key: ifindex=3 alg=0 addr=0x44e669 key_idx=3 set_tx=0 seq_len=0 key_len=0
> > wpa_driver_nl80211_set_key: ifindex=3 alg=0 addr=0x1d409d0 key_idx=0 set_tx=0 seq_len=0 key_len=0
> >    addr=00:1f:f3:c0:89:0f
> > State: COMPLETED -> AUTHENTICATING
> > EAPOL: External notification - EAP success=0
> > EAPOL: External notification - EAP fail=0
> > EAPOL: External notification - portControl=Auto
> > nl80211: Authenticate (ifindex=3)
> >   * bssid=00:1f:f3:c0:89:0f
> >   * freq=5300
> >   * SSID - hexdump_ascii(len=15):
> >      69 74 73 65 63 6d 65 73 68 63 6c 69 65 6e 74      itsecmeshclient 
> >   * IEs - hexdump(len=0): [NULL]
> >   * Auth Type 0
> > nl80211: MLME command failed: ret=-2 (No such file or directory)
> > Authentication request to the driver failed
> > Setting scan request: 1 sec 0 usec
> > ----------------
> > 
> > But sometimes it works as expected (debug output):
> > ----------------
> > RSN: PMKID - hexdump(len=16): 79 94 7a 39 a2 56 23 f1 73 bd d5 da 01 09 c6 9c
> > RSN: Trying to use cached PMKSA
> > RSN: using IEEE 802.11i/D9.0
> > WPA: Selected cipher suites: group 16 pairwise 16 key_mgmt 1 proto 2
> > WPA: clearing AP WPA IE
> > WPA: set AP RSN IE - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 01 0c 00
> > WPA: using GTK CCMP
> > WPA: using PTK CCMP
> > WPA: using KEY_MGMT 802.1X
> > WPA: Set own WPA IE default - hexdump(len=40): 30 26 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 01 00 00 01 00 79 94 7a 39 a2 56 23 f1 73 bd d5 da 01 09 c6 9c
> > Cancelling scan request
> > Trying to authenticate with 00:19:e3:fb:eb:35 (SSID='itsecmeshclient' freq=5260 MHz)
> > wpa_driver_nl80211_set_key: ifindex=3 alg=0 addr=0x44e669 key_idx=0 set_tx=0 seq_len=0 key_len=0
> > wpa_driver_nl80211_set_key: ifindex=3 alg=0 addr=0x44e669 key_idx=1 set_tx=0 seq_len=0 key_len=0
> > wpa_driver_nl80211_set_key: ifindex=3 alg=0 addr=0x44e669 key_idx=2 set_tx=0 seq_len=0 key_len=0
> > wpa_driver_nl80211_set_key: ifindex=3 alg=0 addr=0x44e669 key_idx=3 set_tx=0 seq_len=0 key_len=0
> > wpa_driver_nl80211_set_key: ifindex=3 alg=0 addr=0x1d258a0 key_idx=0 set_tx=0 seq_len=0 key_len=0
> >    addr=00:19:e3:fb:eb:35
> > State: COMPLETED -> AUTHENTICATING
> > EAPOL: External notification - EAP success=0
> > EAPOL: External notification - EAP fail=0
> > EAPOL: External notification - portControl=Auto
> > nl80211: Authenticate (ifindex=3)
> >   * bssid=00:19:e3:fb:eb:35
> >   * freq=5260
> >   * SSID - hexdump_ascii(len=15):
> >      69 74 73 65 63 6d 65 73 68 63 6c 69 65 6e 74      itsecmeshclient 
> >   * IEs - hexdump(len=0): [NULL]
> >   * Auth Type 0
> > nl80211: Authentication request send successfully
> > nl80211: Event message available
> > nl80211: MLME event 37
> > ----------------
> > 
> > I also took a look at the APs debug output. The PMK is looked up correctly and no full EAP authentication is executed (i.e. the cached PMK is used for the 4-way-handshake).
> > 
> > I checked the sources. The error message is produced by the call of "send_and_recv_msgs(drv, msg, NULL, NULL);" in "wpa_driver_nl80211_authenticate" and thereofre I am stuck at the moment.
> > 
> > Does anyone know why nl80211 sometimes fails?
> > 
> > Thank you in advance,
> > Patrick Herrmann
> > _______________________________________________
> > HostAP mailing list
> > HostAP at lists.shmoo.com
> > http://lists.shmoo.com/mailman/listinfo/hostap


More information about the HostAP mailing list