<html>
<head>
<meta http-equiv="content-type" content="text/html;
charset=windows-1252">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hey folks,<br>
<br>
since my gentoo box updated to wpa_supplicant 2.4-r1 I'm
encountering problems with WPA2-Enterprise networks.<br>
Well, first i ignored it because I thought it's my own incompetence.
But then after some days my friends using Arch also updated to
2.4-r1 and they encountered the exact same problems.<br>
So I did some investigations.<br>
<br>
tl;dr: Downgrading to wpa_supplicant 2.2/2.3 fixes the problem, the
problem exists since wpa_supplicant 2.4-r1<br>
<br>
---<br>
<br>
Reconstruction:<br>
<br>
After connecting to a WPA2-Enterprise network (wpa_supplicant
2.4-r1, PEAP/MSCHAPv2) I got the following messages in my journal
(suspicious line highlighted):<br>
<blockquote>[snip]<br>
Apr 27 13:45:49 lefay wpa_supplicant[638]: wlp3s0:
CTRL-EVENT-EAP-PEER-ALT depth=0 DNS:freeradius2.othr.de<br>
Apr 27 13:45:49 lefay wpa_supplicant[638]: EAP-MSCHAPV2:
Authentication succeeded<br>
Apr 27 13:45:49 lefay kernel: wlp3s0: Limiting TX power to 17 dBm
as advertised by 54:78:1a:20:ff:4f<br>
Apr 27 13:45:49 lefay wpa_supplicant[638]: EAP-TLV: TLV Result -
Success - EAP-TLV/Phase2 Completed<br>
Apr 27 13:45:49 lefay wpa_supplicant[638]: wlp3s0:
CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully<br>
<b>Apr 27 13:45:49 lefay wpa_supplicant[638]: nl80211: Unexpected
encryption algorithm 5</b><br>
Apr 27 13:45:49 lefay NetworkManager[545]: <info> (wlp3s0):
supplicant interface state: associated -> 4-way handshake<br>
Apr 27 13:46:11 lefay NetworkManager[545]: <warn> (wlp3s0):
Activation: (wifi) association took too long<br>
Apr 27 13:46:11 lefay NetworkManager[545]: <info> (wlp3s0):
device state change: config -> need-auth (reason 'none') [50 60
0]<br>
Apr 27 13:46:11 lefay NetworkManager[545]: <warn> (wlp3s0):
Activation: (wifi) asking for new secrets<br>
[snip]<br>
</blockquote>
After downgrading to wpa_supplicant 2.2 and connecting to the same
network, the log of looked slightly different:<br>
<blockquote>[snip]<br>
Apr 27 14:34:34 lefay kernel: wlp3s0: authenticate with
54:78:1a:20:ff:40<br>
Apr 27 14:34:34 lefay kernel: wlp3s0: send auth to
54:78:1a:20:ff:40 (try 1/3)<br>
Apr 27 14:34:34 lefay NetworkManager[564]: <info> (wlp3s0):
supplicant interface state: disconnected -> authenticating<br>
Apr 27 14:34:34 lefay kernel: wlp3s0: send auth to
54:78:1a:20:ff:40 (try 2/3)<br>
<b>Apr 27 14:34:34 lefay kernel: wlp3s0: authenticated</b><br>
Apr 27 14:34:34 lefay kernel: wlp3s0: associate with
54:78:1a:20:ff:40 (try 1/3)<br>
Apr 27 14:34:34 lefay kernel: wlp3s0: RX AssocResp from
54:78:1a:20:ff:40 (capab=0x431 status=0 aid=69)<br>
Apr 27 14:34:34 lefay NetworkManager[564]: <info> (wlp3s0):
supplicant interface state: authenticating -> associating<br>
Apr 27 14:34:34 lefay kernel: wlp3s0: associated<br>
[snip]<br>
<br>
</blockquote>
So 2.4-r1 seems to use a 4 way handshake, 2.2 uses a three way
handshake? Why did it change?<br>
So I recompiled wpa_supplicant 2.4-r1 with debugging symbols and
started analyzing.<br>
<br>
The suspicious line "<b>nl80211: Unexpected encryption algorithm 5</b>"
is thrown in driver_nl80211.c line 2399. It is a switch-case on the
algorithm for WPA_ALG_PMK, which is ... not supported?<br>
Hum?<br>
<br>
This is the problematic case:<br>
<blockquote>switch (alg) {<br>
[snip]<br>
case WPA_ALG_NONE:<br>
case WPA_ALG_PMK:<br>
<b>wpa_printf(MSG_ERROR, "nl80211: Unexpected encryption
algorithm %d", alg);</b><br>
return 0;<br>
}<br>
[snip]<br>
</blockquote>
And here's a backtrace of the problematic point (2.4-r1)<br>
<blockquote>#1 0x00000000004ba377 in wpa_driver_nl80211_set_key
(ifname=0x19df57c "wlp3s0", bss=0x19e0690, alg=WPA_ALG_PMK,
addr=0x0, key_idx=0, set_tx=0, seq=0x0, seq_len=0, key=0x19e0a00
"[snip] ", key_len=32)<br>
at ../src/drivers/driver_nl80211.c:2532<br>
#2 0x00000000004c5652 in driver_nl80211_set_key (ifname=0x19df57c
"wlp3s0", priv=0x19e0690, alg=WPA_ALG_PMK, addr=0x0, key_idx=0,
set_tx=0, seq=0x0, seq_len=0, key=0x19e0a00 "[snip]", key_len=32)<br>
at ../src/drivers/driver_nl80211.c:7233<br>
#3 0x00000000004a62cc in wpa_drv_set_key (wpa_s=0x19df530,
alg=WPA_ALG_PMK, addr=0x0, key_idx=0, set_tx=0, seq=0x0,
seq_len=0, key=0x19e0a00 "[snip] ", key_len=32) at driver_i.h:156<br>
#4 0x00000000004a7f9c in wpa_supplicant_key_mgmt_set_pmk
(ctx=0x19df530, pmk=0x19e0a00 "[snip] ", pmk_len=32) at
wpas_glue.c:1011<br>
#5 0x0000000000423114 in wpa_sm_key_mgmt_set_pmk (sm=0x19e0a00,
pmk=0x19e0a00 "[snip]", pmk_len=32) at ../src/rsn_supp/wpa_i.h:349<br>
#6 0x000000000042370d in wpa_supplicant_key_mgmt_set_pmk
(sm=0x19e0a00) at ../src/rsn_supp/wpa.c:165<br>
#7 0x0000000000423a73 in wpa_supplicant_get_pmk (sm=0x19e0a00,
src_addr=0x7ffd28bc1aec "Tx\032 \377@", pmkid=0x1a06b09 "[snip]")
at ../src/rsn_supp/wpa.c:234<br>
#8 0x000000000042449b in wpa_supplicant_process_1_of_4
(sm=0x19e0a00, src_addr=0x7ffd28bc1aec "Tx\032 \377@",
key=0x1a06aa4, ver=2, key_data=0x1a06b03 "\335\024",
key_data_len=22) at ../src/rsn_supp/wpa.c:459<br>
#9 0x0000000000428aca in wpa_sm_rx_eapol (sm=0x19e0a00,
src_addr=0x7ffd28bc1aec "Tx\032 \377@", buf=0x7ffd28bc1b20
"\002\003", len=121) at ../src/rsn_supp/wpa.c:1965<br>
#10 0x0000000000499ecd in wpa_supplicant_rx_eapol (ctx=0x19df530,
src_addr=0x7ffd28bc1aec "Tx\032 \377@", buf=0x7ffd28bc1b20
"\002\003", len=121) at wpa_supplicant.c:3091<br>
#11 0x00000000004d69ab in l2_packet_receive (sock=12,
eloop_ctx=0x19e1010, sock_ctx=0x0) at
../src/l2_packet/l2_packet_linux.c:176<br>
#12 0x000000000041bc6a in eloop_sock_table_dispatch
(table=0x72a988 <eloop+8>, fds=0x19df320) at
../src/utils/eloop.c:502<br>
#13 0x000000000041ca68 in eloop_run () at
../src/utils/eloop.c:1007<br>
#14 0x000000000049caca in wpa_supplicant_run (global=0x19db690) at
wpa_supplicant.c:4646<br>
#15 0x00000000004adba0 in main (argc=2, argv=0x7ffd28bc26c8) at
main.c:333<br>
</blockquote>
Anyone any suggestions?<br>
<br>
Thanks for any help.<br>
<br>
Cheers<br>
Ralf<br>
</body>
</html>