hostapd: RSN 4-way handshake issue with Cisco WET200 client

Helmut Schaa helmut.schaa at googlemail.com
Tue Jan 17 07:08:36 EST 2012


On Mon, Jan 16, 2012 at 2:19 PM, Helmut Schaa
<helmut.schaa at googlemail.com> wrote:
> I've got a strange problem with a Cisco WET200 wireless bridge connecting
> to a hostapd AP. The AP is configured as WPA2-CCMP and the 4-way HS
> looks like this:
>
> 1of4: KeyDescriptor=2 (RSN)
> 2of4: KeyDescriptor=2 (RSN)
> 3of4: KeyDescriptor=2 (RSN)
> 4of4: KeyDescriptor=254 (WPA) ???
>
> Afterwards hostapd retries 3of4 but 4of4 always looks the same (I can also
> provide a capture if anyone is interested).
>
> So, in short, this specific client switches the eapol key descriptor field to
> 254 after 3of4 was successfully received and hence 4of4 is ignored by
> hostapd due to this code in ap/wpa_auth.c:
>
>        if (sm->wpa == WPA_VERSION_WPA2) {
>                if (key->type != EAPOL_KEY_TYPE_RSN) {
>                        wpa_printf(MSG_DEBUG, "Ignore EAPOL-Key with "
>                                   "unexpected type %d in RSN mode",
>                                   key->type);
>                        return;
>                }
>        } else {
>                if (key->type != EAPOL_KEY_TYPE_WPA) {
>                        wpa_printf(MSG_DEBUG, "Ignore EAPOL-Key with "
>                                   "unexpected type %d in WPA mode",
>                                   key->type);
>                        return;
>                }
>        }
>
> Of course this appears to be a pure client issue but other APs accept that
> strange 4of4 message.
>
> Jouni, would it be ok to relax the constraints a bit and allow a WPA
> descriptor type to be used also for WPA2?

Btw. a similar workaround was part of OpenWrt for some time.

Felix, do you remeber by any chance why you removed
570-eapol_key_type.patch in [1] again?

Thanks,
Helmut

[1] https://dev.openwrt.org/changeset/28142


More information about the HostAP mailing list