From: Kalle Valo <kvalo@kernel.org>
To: "Sperling, Tobias" <Tobias.Sperling@Softing.com>
Cc: "linux-wireless@vger.kernel.org" <linux-wireless@vger.kernel.org>,
"Le Suire, Michael" <Michael.Suire@Softing.com>,
"pkshih@realtek.com" <pkshih@realtek.com>,
"johannes@sipsolutions.net" <johannes@sipsolutions.net>
Subject: Re: wifi: mac80211: unencrypted message in 4-way handshake
Date: Mon, 10 Jun 2024 20:39:24 +0300 [thread overview]
Message-ID: <87le3clmsz.fsf@kernel.org> (raw)
In-Reply-To: <BE1P281MB2420DA2C6AFF94E525306302EFC62@BE1P281MB2420.DEUP281.PROD.OUTLOOK.COM> (Tobias Sperling's message of "Mon, 10 Jun 2024 13:50:53 +0000")
"Sperling, Tobias" <Tobias.Sperling@Softing.com> writes:
> Hello,
>
> recently we moved from a 4.9 kernel to 5.4 kernel and observed the
> following issue. To rule out that the issue was already fixed we then
> tried it with a 6.6 kernel and observed the same issue there, too. To
> sum it up, the following issue can be observed with kernel 5.4 and 6.6
> but not with 4.9.
>
> We are using a Cisco AP with EWC (C9210) and EAP-PEAP as
> authentication method. Additionally, a session timeout is configured
> in the AP (300 s) after which a rekeying is taking place. So every 5
> minutes a new four-way handshake is taking place which usually is
> completely encrypted. However, while sniffing with an external device
> we saw that the fourth packet of the four-way handshake is send
> unencrypted by our clients, when it comes to EAP-PEAP. The first three
> packets are encrypted as expected. In case of the Cisco AP the attempt
> is then rejected with a 4WAY_HANDSHAKE_TIMEOUT leading to a completely
> new authentication.
>
> On our clients we are using wpa_supplicant 2.10 with the same config
> on all kernels and therefore would rule out an issue in the
> supplicant, as it is working with the same supplicant in kernel 4.9.
> As driver we are using ath9k for QCA2066 (starting at kernel 4.9) and
QCA2066 with ath9k? ath9k is a driver for 802.11n hardware and QCA2066
is 802.11ax generation, how would that work?
--
https://patchwork.kernel.org/project/linux-wireless/list/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
next prev parent reply other threads:[~2024-06-10 17:39 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <BE1P281MB24208AB02DAEACAE9AF4B5C5EFC62@BE1P281MB2420.DEUP281.PROD.OUTLOOK.COM>
2024-06-10 13:50 ` wifi: mac80211: unencrypted message in 4-way handshake Sperling, Tobias
2024-06-10 17:39 ` Kalle Valo [this message]
2024-06-11 7:55 ` Sperling, Tobias
2024-06-11 11:18 ` Johannes Berg
2024-06-11 12:36 ` Sperling, Tobias
2024-06-11 12:58 ` Johannes Berg
2024-06-18 13:56 ` Sperling, Tobias
2024-06-18 14:34 ` Johannes Berg
2024-06-18 14:39 ` Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87le3clmsz.fsf@kernel.org \
--to=kvalo@kernel.org \
--cc=Michael.Suire@Softing.com \
--cc=Tobias.Sperling@Softing.com \
--cc=johannes@sipsolutions.net \
--cc=linux-wireless@vger.kernel.org \
--cc=pkshih@realtek.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.