Re: TR: Clear data transit during WPA negociation in case of reassociation

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Johannes Berg <johannes@sipsolutions.net>
To: Cedric Debarge <cedric.debarge@acksys.fr>
Cc: linux-wireless@vger.kernel.org
Subject: Re: TR: Clear data transit during WPA negociation in case of reassociation
Date: Tue, 23 Oct 2012 14:43:58 +0200	[thread overview]
Message-ID: <1350996238.10322.7.camel@jlt4.sipsolutions.net> (raw)
In-Reply-To: <773DB8A82AB6A046AE0195C68612A31901411778@sbs2003.acksys.local> (sfid-20121018_094934_139014_F8666167)

On Thu, 2012-10-18 at 09:30 +0200, Cedric Debarge wrote:
> Hi all,
> 
> 	I am not sure if this is the right place to post my question. Please forgive me if not.
> 
> 	I am experimenting roaming between two APs with wpa_supplicant (WPA2 + EAP-TLS).
> 	When WPA_Supplicant come back from an AP for which it has already cached the key, I saw that during WPA2 4 Handshake (in case of reassociation), data are sent through wpa_supplicant unencrypted.
> 
> 	As soon as the WPA2 successfully ends its negotiation, the data are sent encrypted back.
> 
> 	I attached to this email a Wireshark capture of the wireless transaction. Before this capture the frames were correctly encrypted. 
> 	You can see the start of the WPA2 4 Handshake protocol at packet number 10.
> 	During this 4 Handshake protocol you could see unencrypted iperf (UDP 5001) packets N°12/17/18/22/24.. until packet 55. 
> 	4 Handshake protocol ends at packet 49.
> 
> 	Can you give me some clue how to work it out ?

Can you show the wpa_supplicant debug log for this?

johannes

next prev parent reply	other threads:[~2012-10-23 12:43 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-10-18  7:30 TR: Clear data transit during WPA negociation in case of reassociation Cedric Debarge
2012-10-23 12:43 ` Johannes Berg [this message]
2012-10-25 13:42   ` Cédric Debarge - ACKSYS
2012-10-25 14:48     ` Johannes Berg
2012-10-25 14:51     ` Jouni Malinen
2012-10-26  9:12       ` Cédric Debarge - ACKSYS

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1350996238.10322.7.camel@jlt4.sipsolutions.net \
    --to=johannes@sipsolutions.net \
    --cc=cedric.debarge@acksys.fr \
    --cc=linux-wireless@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.