Greetings,<div><span><br></span></div><div><span>I'm porting hostapd to my project. I have made WPA/WPA2-PSK worked, as I was thinking my work was about to well done, I encountered a </span><span style="line-height:18px">weird</span><span> problem. </span></div>
<div><br></div><div>When I use EAP-PEAP mode, radius phase message exchange has succeeded, at then PMK should have been generated, it starts to 4-way handshake.</div><div><br></div><div>In my first test, I used my MacBook Pro as STA, and the whole process well done.</div>
<div><br></div><div>Then I used my Nexus S Android phone, 4-way handshake could finish, because STA didn't send 2/4 msg to authenticator.</div><div><br></div><div>Next I used my IBM T60 notebook with WinXp, 4-way could also succeed.</div>
<div><br></div><div>At last I tried iPad with iOS5, same as the Android phone.</div><div><br></div><div>At failure case, after hostapd send 1/4 msg to STA, instead of respond with 2/4 msg, STA send a Start msg to hostapd, log of hostapd is as below:</div>
<div><br></div><div>EAP: EAP entering state SUCCESS2</div><div>IEEE 802.1X: 00:1f:3b:3b:9e:19 BE_AUTH entering state SUCCESS</div><div>eth0: STA 00:1f:3b:3b:9e:19 IEEE 802.1X: Sending EAP Packet (identifier 113)</div><div>
TX EAPOL - hexdump(len=22): 00 1f 3b 3b 9e 19 04 7d 7b 0c f6 a7 88 8e 02 00 00 04 03 71 00 04</div><div>IEEE 802.1X: 00:1f:3b:3b:9e:19 BE_AUTH entering state IDLE</div><div>WPA: 00:1f:3b:3b:9e:19 WPA_PTK entering state INITPMK</div>
<div>WPA: PMK from EAPOL state machine (len=64)</div><div>PMK - hexdump(len=32): a4 d5 96 f8 98 b5 dc f2 c3 2b c3 78 c8 0e 29 75 2b 5d 93 bf 5d 2a 15 09 c0 5d f0 5e 06 80 81 92</div><div>WPA: 00:1f:3b:3b:9e:19 WPA_PTK entering state PTKSTART</div>
<div><b>eth0: STA 00:1f:3b:3b:9e:19 WPA: sending 1/4 msg of 4-Way Handshake</b></div><div>WPA: Send EAPOL(version=2 secure=0 mic=0 ack=1 install=0 pairwise=8 kde_len=22 keyidx=0 encr=0)</div><div>######## called in __wpa_send_eapol</div>
<div>TX EAPOL - hexdump(len=135): 00 1f 3b 3b 9e 19 04 7d 7b 0c f6 a7 88 8e 02 03 00 75 02 00 8a 00 10 00 00 00 00 00 00 00 01 55 b3 30 87 69 53 f6 03 cd 4e f9 3a 5f 6c 02 2f 97 6c ae 9b e9 0b b6 3e 59 4e 72 54 6d 82 00 90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 16 dd 14 00 0f ac 04 49 51 72 da 1a 5b 4b b8 5b cd 80 94 26 c3 44 ea</div>
<div><b>IEEE 802.1X: 46 bytes from 00:1f:3b:3b:9e:19</b></div><div><b> IEEE 802.1X: version=1 type=1 length=0</b></div><div><b> ignoring 42 extra octets after IEEE 802.1X packet</b></div><div><b>eth0: STA 00:1f:3b:3b:9e:19 IEEE 802.1X: received EAPOL-Start from STA</b></div>
<div>eth0: STA 00:1f:3b:3b:9e:19 WPA: event 5 notification</div><div>WPA: 00:1f:3b:3b:9e:19 WPA_PTK entering state AUTHENTICATION2</div><div><div><div class="gmail_quote"><div> </div><div>I have wiress frame captures by OmniPeek for both success and failure cases. I compared EAP frames, I couldn't find significant difference. </div>
<div>Anyone idea on how to analysis/debug the problem would be greatly appreciated! Thanks in advance!</div><div><br></div><div>Evan</div></div><br></div></div>