driver_nl80211 broken again

driver_nl80211 broken again

[Maxim Levitsky]

First connection works fine, but all following connections hang
wpa_supplicant hard, and more than that, this is first time,
NetworkManager confused that much that it refuses flat to connect to my
network, even if I  reload the wireless stack.

Only way to connect again, is to reload wireless stack, restart
wpa_supplicant, and restart NM, and this helps, only for one more shot.

My network is WPA2 protected, I use iwl3945, this is quite recent
regression (of course I use tip of wireless-testing)

Best regards,
	Maxim Levitsky

Re: driver_nl80211 broken again

[Johannes Berg]

[-- Attachment #1: Type: text/plain, Size: 643 bytes --]

On Mon, 2009-08-24 at 15:32 +0300, Maxim Levitsky wrote:
> First connection works fine, but all following connections hang
> wpa_supplicant hard, and more than that, this is first time,
> NetworkManager confused that much that it refuses flat to connect to my
> network, even if I  reload the wireless stack.
> 
> Only way to connect again, is to reload wireless stack, restart
> wpa_supplicant, and restart NM, and this helps, only for one more shot.
> 
> My network is WPA2 protected, I use iwl3945, this is quite recent
> regression (of course I use tip of wireless-testing)

Need more info, works ok here (hwsim).

johannes

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 801 bytes --]

Re: driver_nl80211 broken again

[Maxim Levitsky]

On Mon, 2009-08-24 at 16:08 +0200, Johannes Berg wrote:
> On Mon, 2009-08-24 at 15:32 +0300, Maxim Levitsky wrote:
> > First connection works fine, but all following connections hang
> > wpa_supplicant hard, and more than that, this is first time,
> > NetworkManager confused that much that it refuses flat to connect to my
> > network, even if I  reload the wireless stack.
> > 
> > Only way to connect again, is to reload wireless stack, restart
> > wpa_supplicant, and restart NM, and this helps, only for one more shot.
> > 
> > My network is WPA2 protected, I use iwl3945, this is quite recent
> > regression (of course I use tip of wireless-testing)
> 
> Need more info, works ok here (hwsim).
> 
> johannes

This is typical output of iwconfig, after failure
(and I know that this output means trouble):


wlan0     IEEE 802.11bg  Mode:Managed  Access Point: Not-Associated   
          Tx-Power=15 dBm   
          Retry  long limit:7   RTS thr:off   Fragment thr:off
          Power Management:on
          
Best regards,
	Maxim Levitsky


PS: This is wpa_supplicant log:

sudo wpa_supplicant -ddd -u
Providing DBus service 'fi.epitest.hostap.WPASupplicant'.
Initializing interface 'wlan0' conf 'N/A' driver 'nl80211' ctrl_interface 'N/A' bridge 'N/A'
nl80211: Operstate: linkmode=1, operstate=5
Own MAC address: 00:1b:77:f1:7c:29
nl_set_encr: ifindex=5 alg=0 addr=0x451355 key_idx=0 set_tx=0 seq_len=0 key_len=0
nl80211: set_key failed; err=-67 Link has been severed)
nl_set_encr: ifindex=5 alg=0 addr=0x451355 key_idx=1 set_tx=0 seq_len=0 key_len=0
nl80211: set_key failed; err=-67 Link has been severed)
nl_set_encr: ifindex=5 alg=0 addr=0x451355 key_idx=2 set_tx=0 seq_len=0 key_len=0
nl80211: set_key failed; err=-67 Link has been severed)
nl_set_encr: ifindex=5 alg=0 addr=0x451355 key_idx=3 set_tx=0 seq_len=0 key_len=0
nl80211: set_key failed; err=-67 Link has been severed)
RSN: flushing PMKID list in the driver
Setting scan request: 0 sec 100000 usec
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: Supplicant port status: Unauthorized
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: Supplicant port status: Unauthorized
EAPOL: Supplicant port status: Unauthorized
Added interface wlan0
Setting scan request: 0 sec 0 usec
Setting scan request: 0 sec 0 usec
Trying to get current scan results first without requesting a new scan to speed up initial association
Received scan results (0 BSSes)
Cached scan results are empty - not posting
No suitable AP found.
Setting scan request: 0 sec 0 usec
State: DISCONNECTED -> SCANNING
Starting AP scan for wildcard SSID
Scan requested (ret=0) - scan timeout 10 seconds
EAPOL: disable timer tick
EAPOL: Supplicant port status: Unauthorized
nl80211: Event message available
nl80211: New scan results available
Received scan results (9 BSSes)
CTRL-EVENT-SCAN-RESULTS 
No suitable AP found.
Setting scan request: 5 sec 0 usec
RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
No keys have been configured - skip key clearing
State: SCANNING -> DISCONNECTED
wpa_driver_nl80211_set_operstate: operstate 0->0 (DORMANT)
nl80211: Operstate: linkmode=-1, operstate=5
EAPOL: External notification - portEnabled=0
EAPOL: Supplicant port status: Unauthorized
EAPOL: External notification - portValid=0
EAPOL: Supplicant port status: Unauthorized
key_mgmt: 0x2
scan_ssid=1 (0x1)
PSK (ASCII passphrase) - hexdump_ascii(len=15): [REMOVED]
ssid - hexdump_ascii(len=6):
     31 32 33 34 35 36                                 <SSID>          
PSK (from passphrase) - hexdump(len=32): [REMOVED]
Not rescheduling scan to ensure that specific SSID scans occur
State: DISCONNECTED -> SCANNING
Scan SSID - hexdump_ascii(len=6):
     31 32 33 34 35 36                                 <SSID>          
Starting AP scan for wildcard SSID
Scan requested (ret=0) - scan timeout 30 seconds
nl80211: Event message available
nl80211: New scan results available
Received scan results (10 BSSes)
CTRL-EVENT-SCAN-RESULTS 
Selecting BSS from priority group 0
Try to find WPA-enabled AP
0: <BSSID> ssid='<SSID>' wpa_ie_len=0 rsn_ie_len=20 caps=0x411
   selected based on RSN IE
   selected WPA AP <BSSID> ssid='<SSID>'
Automatic auth_alg selection: 0x1
RSN: using IEEE 802.11i/D9.0
WPA: Selected cipher suites: group 16 pairwise 16 key_mgmt 2 proto 2
WPA: clearing AP WPA IE
WPA: set AP RSN IE - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 0c 00
WPA: using GTK CCMP
WPA: using PTK CCMP
WPA: using KEY_MGMT WPA-PSK
WPA: Set own WPA IE default - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00
Cancelling scan request
Trying to authenticate with <BSSID> (SSID='<SSID>' freq=2412 MHz)
No keys have been configured - skip key clearing
State: SCANNING -> AUTHENTICATING
EAPOL: External notification - EAP success=0
EAPOL: Supplicant port status: Unauthorized
EAPOL: External notification - EAP fail=0
EAPOL: Supplicant port status: Unauthorized
EAPOL: External notification - portControl=Auto
EAPOL: Supplicant port status: Unauthorized
nl80211: Authenticate (ifindex=5)
  * bssid=<BSSID>
  * freq=2412
  * SSID - hexdump_ascii(len=6):
     31 32 33 34 35 36                                 <SSID>          
  * IEs - hexdump(len=0): [NULL]
  * Auth Type 0
nl80211: Authentication request send successfully
RSN: Ignored PMKID candidate without preauth flag
RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
nl80211: Event message available
nl80211: MLME event 37
nl80211: MLME event frame - hexdump(len=41): b0 00 3a 01 00 1b 77 f1 7c 29 00 1b 9e d8 77 02 00 1b 9e d8 77 02 40 1d 00 00 02 00 00 00 dd 09 00 10 18 02 01 f0 00 00 00
SME: Authentication response: peer=<BSSID> auth_type=0 status_code=0
SME: Authentication response IEs - hexdump(len=11): dd 09 00 10 18 02 01 f0 00 00 00
Trying to associate with <BSSID> (SSID='<SSID>' freq=2412 MHz)
State: AUTHENTICATING -> ASSOCIATING
wpa_driver_nl80211_set_operstate: operstate 0->0 (DORMANT)
nl80211: Operstate: linkmode=-1, operstate=5
nl80211: Associate (ifindex=5)
  * bssid=<BSSID>
  * freq=2412
  * SSID - hexdump_ascii(len=6):
     31 32 33 34 35 36                                 <SSID>          
  * IEs - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00
nl80211: Association request send successfully
nl80211: Event message available
nl80211: MLME event 38
nl80211: MLME event frame - hexdump(len=83): 10 00 3a 01 00 1b 77 f1 7c 29 00 1b 9e d8 77 02 00 1b 9e d8 77 02 50 1d 11 04 00 00 02 c0 01 08 82 84 8b 96 24 30 48 6c 32 04 0c 12 18 60 dd 09 00 10 18 02 01 f0 00 00 00 dd 18 00 50 f2 02 01 01 80 00 03 a4 00 00 27 a4 00 00 42 43 5e 00 62 32 2f 00
Association info event
resp_ies - hexdump(len=53): 01 08 82 84 8b 96 24 30 48 6c 32 04 0c 12 18 60 dd 09 00 10 18 02 01 f0 00 00 00 dd 18 00 50 f2 02 01 01 80 00 03 a4 00 00 27 a4 00 00 42 43 5e 00 62 32 2f 00
State: ASSOCIATING -> ASSOCIATED
wpa_driver_nl80211_set_operstate: operstate 0->0 (DORMANT)
nl80211: Operstate: linkmode=-1, operstate=5
Associated to a new BSS: BSSID=<BSSID>
No keys have been configured - skip key clearing
Associated with <BSSID>
WPA: Association event - clear replay counter
WPA: Clear old PTK
EAPOL: External notification - portEnabled=0
EAPOL: Supplicant port status: Unauthorized
EAPOL: External notification - portValid=0
EAPOL: Supplicant port status: Unauthorized
EAPOL: External notification - EAP success=0
EAPOL: Supplicant port status: Unauthorized
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: enable timer tick
EAPOL: SUPP_BE entering state IDLE
Setting authentication timeout: 10 sec 0 usec
Cancelling scan request
RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
RX EAPOL from <BSSID>
RX EAPOL - hexdump(len=121): 02 03 00 75 02 00 8a 00 10 00 00 00 00 00 00 00 11 9d cd cc d2 b9 eb 29 ea c0 da 67 a1 7d ab 13 79 07 46 27 ce 70 06 00 98 e9 d9 15 e4 a2 41 b2 d3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 16 dd 14 00 0f ac 04 df d4 f3 46 61 e6 31 96 a0 f2 46 5f 59 18 f4 8d
Setting authentication timeout: 10 sec 0 usec
IEEE 802.1X RX: version=2 type=3 length=117
  EAPOL-Key type=2
  key_info 0x8a (ver=2 keyidx=0 rsvd=0 Pairwise Ack)
  key_length=16 key_data_length=22
  replay_counter - hexdump(len=8): 00 00 00 00 00 00 00 11
  key_nonce - hexdump(len=32): 9d cd cc d2 b9 eb 29 ea c0 da 67 a1 7d ab 13 79 07 46 27 ce 70 06 00 98 e9 d9 15 e4 a2 41 b2 d3
  key_iv - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  key_rsc - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_mic - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
WPA: RX EAPOL-Key - hexdump(len=121): 02 03 00 75 02 00 8a 00 10 00 00 00 00 00 00 00 11 9d cd cc d2 b9 eb 29 ea c0 da 67 a1 7d ab 13 79 07 46 27 ce 70 06 00 98 e9 d9 15 e4 a2 41 b2 d3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 16 dd 14 00 0f ac 04 df d4 f3 46 61 e6 31 96 a0 f2 46 5f 59 18 f4 8d
State: ASSOCIATED -> 4WAY_HANDSHAKE
WPA: RX message 1 of 4-Way Handshake from <BSSID> (ver=2)
RSN: msg 1/4 key data - hexdump(len=22): dd 14 00 0f ac 04 df d4 f3 46 61 e6 31 96 a0 f2 46 5f 59 18 f4 8d
RSN: PMKID from Authenticator - hexdump(len=16): df d4 f3 46 61 e6 31 96 a0 f2 46 5f 59 18 f4 8d
RSN: no matching PMKID found
WPA: Renewed SNonce - hexdump(len=32): 72 df d1 36 e0 74 e3 19 c3 06 bf 6f 43 6e 58 f9 60 7c d6 bc 6b 71 17 12 1c ae 47 12 11 4f 00 bf
WPA: PTK derivation - A1=00:1b:77:f1:7c:29 A2=<BSSID>
WPA: PMK - hexdump(len=32): [REMOVED]
WPA: PTK - hexdump(len=48): [REMOVED]
WPA: WPA IE for msg 2/4 - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00
WPA: Sending EAPOL-Key 2/4
WPA: TX EAPOL-Key - hexdump(len=121): 01 03 00 75 02 01 0a 00 00 00 00 00 00 00 00 00 11 72 df d1 36 e0 74 e3 19 c3 06 bf 6f 43 6e 58 f9 60 7c d6 bc 6b 71 17 12 1c ae 47 12 11 4f 00 bf 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 45 a5 28 88 2d a0 ff 00 ce 3a 48 00 6b 6b fc de 00 16 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00
RX EAPOL from <BSSID>
RX EAPOL - hexdump(len=121): 02 03 00 75 02 00 8a 00 10 00 00 00 00 00 00 00 12 9d cd cc d2 b9 eb 29 ea c0 da 67 a1 7d ab 13 79 07 46 27 ce 70 06 00 98 e9 d9 15 e4 a2 41 b2 d3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 16 dd 14 00 0f ac 04 df d4 f3 46 61 e6 31 96 a0 f2 46 5f 59 18 f4 8d
IEEE 802.1X RX: version=2 type=3 length=117
  EAPOL-Key type=2
  key_info 0x8a (ver=2 keyidx=0 rsvd=0 Pairwise Ack)
  key_length=16 key_data_length=22
  replay_counter - hexdump(len=8): 00 00 00 00 00 00 00 12
  key_nonce - hexdump(len=32): 9d cd cc d2 b9 eb 29 ea c0 da 67 a1 7d ab 13 79 07 46 27 ce 70 06 00 98 e9 d9 15 e4 a2 41 b2 d3
  key_iv - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  key_rsc - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_mic - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
WPA: RX EAPOL-Key - hexdump(len=121): 02 03 00 75 02 00 8a 00 10 00 00 00 00 00 00 00 12 9d cd cc d2 b9 eb 29 ea c0 da 67 a1 7d ab 13 79 07 46 27 ce 70 06 00 98 e9 d9 15 e4 a2 41 b2 d3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 16 dd 14 00 0f ac 04 df d4 f3 46 61 e6 31 96 a0 f2 46 5f 59 18 f4 8d
State: 4WAY_HANDSHAKE -> 4WAY_HANDSHAKE
WPA: RX message 1 of 4-Way Handshake from <BSSID> (ver=2)
RSN: msg 1/4 key data - hexdump(len=22): dd 14 00 0f ac 04 df d4 f3 46 61 e6 31 96 a0 f2 46 5f 59 18 f4 8d
RSN: PMKID from Authenticator - hexdump(len=16): df d4 f3 46 61 e6 31 96 a0 f2 46 5f 59 18 f4 8d
RSN: no matching PMKID found
WPA: PTK derivation - A1=00:1b:77:f1:7c:29 A2=<BSSID>
WPA: PMK - hexdump(len=32): [REMOVED]
WPA: PTK - hexdump(len=48): [REMOVED]
WPA: WPA IE for msg 2/4 - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00
WPA: Sending EAPOL-Key 2/4
WPA: TX EAPOL-Key - hexdump(len=121): 01 03 00 75 02 01 0a 00 00 00 00 00 00 00 00 00 12 72 df d1 36 e0 74 e3 19 c3 06 bf 6f 43 6e 58 f9 60 7c d6 bc 6b 71 17 12 1c ae 47 12 11 4f 00 bf 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6f d3 5c 1e ba 58 76 34 f1 21 8f 01 52 ca 70 c0 00 16 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00
RX EAPOL from <BSSID>
RX EAPOL - hexdump(len=155): 02 03 00 97 02 13 ca 00 10 00 00 00 00 00 00 00 13 9d cd cc d2 b9 eb 29 ea c0 da 67 a1 7d ab 13 79 07 46 27 ce 70 06 00 98 e9 d9 15 e4 a2 41 b2 d3 07 46 27 ce 70 06 00 98 e9 d9 15 e4 a2 41 b2 d4 1f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1a ef fb 38 19 68 f7 76 fd 5e e5 0b 1d a5 29 7b 00 38 7f 12 e3 d2 69 1b 60 31 a0 cf 8d 8c 3b 11 8f e4 9e 0f c8 6e 68 b9 e1 05 43 e3 39 fe d4 0f a3 da b3 09 59 bb 8f 38 b2 d3 d4 5e 1f e9 b8 b4 d1 2a e2 b3 3c 94 ee 27 d2 97
IEEE 802.1X RX: version=2 type=3 length=151
  EAPOL-Key type=2
  key_info 0x13ca (ver=2 keyidx=0 rsvd=0 Pairwise Install Ack MIC Secure Encr)
  key_length=16 key_data_length=56
  replay_counter - hexdump(len=8): 00 00 00 00 00 00 00 13
  key_nonce - hexdump(len=32): 9d cd cc d2 b9 eb 29 ea c0 da 67 a1 7d ab 13 79 07 46 27 ce 70 06 00 98 e9 d9 15 e4 a2 41 b2 d3
  key_iv - hexdump(len=16): 07 46 27 ce 70 06 00 98 e9 d9 15 e4 a2 41 b2 d4
  key_rsc - hexdump(len=8): 1f 00 00 00 00 00 00 00
  key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_mic - hexdump(len=16): 1a ef fb 38 19 68 f7 76 fd 5e e5 0b 1d a5 29 7b
WPA: RX EAPOL-Key - hexdump(len=155): 02 03 00 97 02 13 ca 00 10 00 00 00 00 00 00 00 13 9d cd cc d2 b9 eb 29 ea c0 da 67 a1 7d ab 13 79 07 46 27 ce 70 06 00 98 e9 d9 15 e4 a2 41 b2 d3 07 46 27 ce 70 06 00 98 e9 d9 15 e4 a2 41 b2 d4 1f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1a ef fb 38 19 68 f7 76 fd 5e e5 0b 1d a5 29 7b 00 38 7f 12 e3 d2 69 1b 60 31 a0 cf 8d 8c 3b 11 8f e4 9e 0f c8 6e 68 b9 e1 05 43 e3 39 fe d4 0f a3 da b3 09 59 bb 8f 38 b2 d3 d4 5e 1f e9 b8 b4 d1 2a e2 b3 3c 94 ee 27 d2 97
RSN: encrypted key data - hexdump(len=56): 7f 12 e3 d2 69 1b 60 31 a0 cf 8d 8c 3b 11 8f e4 9e 0f c8 6e 68 b9 e1 05 43 e3 39 fe d4 0f a3 da b3 09 59 bb 8f 38 b2 d3 d4 5e 1f e9 b8 b4 d1 2a e2 b3 3c 94 ee 27 d2 97
WPA: decrypted EAPOL-Key key data - hexdump(len=48): [REMOVED]
State: 4WAY_HANDSHAKE -> 4WAY_HANDSHAKE
WPA: RX message 3 of 4-Way Handshake from <BSSID> (ver=2)
WPA: IE KeyData - hexdump(len=48): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 0c 00 dd 16 00 0f ac 01 01 00 c5 27 25 bf 6e 60 1f 97 76 9e 6a 1b a4 76 73 6a dd 00
WPA: Sending EAPOL-Key 4/4
WPA: TX EAPOL-Key - hexdump(len=99): 01 03 00 5f 02 03 0a 00 00 00 00 00 00 00 00 00 13 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a7 23 5f 5a ac 1f 73 28 6c 75 44 eb c4 f7 e7 93 00 00
WPA: Installing PTK to the driver.
nl_set_encr: ifindex=5 alg=3 addr=0x6a48b8 key_idx=0 set_tx=1 seq_len=6 key_len=16
   addr=<BSSID>
EAPOL: External notification - portValid=1
State: 4WAY_HANDSHAKE -> GROUP_HANDSHAKE
RSN: received GTK in pairwise handshake - hexdump(len=18): [REMOVED]
WPA: Group Key - hexdump(len=16): [REMOVED]
WPA: Installing GTK to the driver (keyidx=1 tx=0 len=16).
WPA: RSC - hexdump(len=6): 1f 00 00 00 00 00
nl_set_encr: ifindex=5 alg=3 addr=0x451355 key_idx=1 set_tx=0 seq_len=6 key_len=16
WPA: Key negotiation completed with <BSSID> [PTK=CCMP GTK=CCMP]
Cancelling authentication timeout
State: GROUP_HANDSHAKE -> COMPLETED
CTRL-EVENT-CONNECTED - Connection to <BSSID> completed (auth) [id=0 id_str=]
wpa_driver_nl80211_set_operstate: operstate 0->1 (UP)
nl80211: Operstate: linkmode=-1, operstate=6
EAPOL: External notification - portValid=1
EAPOL: External notification - EAP success=1
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state SUCCESS
EAP: EAP entering state DISABLED
EAPOL: SUPP_PAE entering state AUTHENTICATED
EAPOL: Supplicant port status: Authorized
EAPOL: SUPP_BE entering state IDLE
EAPOL authentication completed successfully
RTM_NEWLINK: operstate=1 ifi_flags=0x11043 ([UP][RUNNING][LOWER_UP])
RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
EAPOL: startWhen --> 0
EAPOL: disable timer tick
Setting scan request: 0 sec 0 usec
Scan SSID - hexdump_ascii(len=6):
     31 32 33 34 35 36                                 <SSID>          
Starting AP scan for wildcard SSID
Scan requested (ret=0) - scan timeout 30 seconds
nl80211: Event message available
nl80211: New scan results available
Received scan results (9 BSSes)
CTRL-EVENT-SCAN-RESULTS 
Selecting BSS from priority group 0
Try to find WPA-enabled AP
0: <BSSID> ssid='<SSID>' wpa_ie_len=0 rsn_ie_len=20 caps=0x411
   selected based on RSN IE
   selected WPA AP <BSSID> ssid='<SSID>'
Already associated with the selected AP.
RTM_NEWLINK: operstate=1 ifi_flags=0x11043 ([UP][RUNNING][LOWER_UP])
RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
wpa_driver_nl80211_disassociate
nl_set_encr: ifindex=5 alg=0 addr=0x451355 key_idx=0 set_tx=0 seq_len=0 key_len=0
nl80211: set_key failed; err=-67 Link has been severed)
nl_set_encr: ifindex=5 alg=0 addr=0x451355 key_idx=1 set_tx=0 seq_len=0 key_len=0
nl80211: set_key failed; err=-67 Link has been severed)
nl_set_encr: ifindex=5 alg=0 addr=0x451355 key_idx=2 set_tx=0 seq_len=0 key_len=0
nl80211: set_key failed; err=-67 Link has been severed)
nl_set_encr: ifindex=5 alg=0 addr=0x451355 key_idx=3 set_tx=0 seq_len=0 key_len=0
nl80211: set_key failed; err=-67 Link has been severed)
nl_set_encr: ifindex=5 alg=0 addr=0x6a2dd8 key_idx=0 set_tx=0 seq_len=0 key_len=0
   addr=<BSSID>
nl80211: set_key failed; err=-67 Link has been severed)
State: COMPLETED -> DISCONNECTED
wpa_driver_nl80211_set_operstate: operstate 1->0 (DORMANT)
nl80211: Operstate: linkmode=-1, operstate=5
EAPOL: External notification - portEnabled=0
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: Supplicant port status: Unauthorized
EAPOL: SUPP_BE entering state INITIALIZE
EAPOL: Supplicant port status: Unauthorized
EAPOL: External notification - portValid=0
EAPOL: Supplicant port status: Unauthorized
EAPOL: External notification - EAP success=0
EAPOL: Supplicant port status: Unauthorized
No keys have been configured - skip key clearing
State: DISCONNECTED -> DISCONNECTED
wpa_driver_nl80211_set_operstate: operstate 0->0 (DORMANT)
nl80211: Operstate: linkmode=-1, operstate=5
EAPOL: External notification - portEnabled=0
EAPOL: Supplicant port status: Unauthorized
EAPOL: External notification - portValid=0
EAPOL: Supplicant port status: Unauthorized
EAPOL: External notification - EAP success=0
EAPOL: Supplicant port status: Unauthorized
RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
key_mgmt: 0x2
scan_ssid=1 (0x1)
PSK (ASCII passphrase) - hexdump_ascii(len=15): [REMOVED]
ssid - hexdump_ascii(len=6):
     31 32 33 34 35 36                                 <SSID>          
PSK (from passphrase) - hexdump(len=32): [REMOVED]
Setting scan request: 0 sec 0 usec
State: DISCONNECTED -> SCANNING
Scan SSID - hexdump_ascii(len=6):
     31 32 33 34 35 36                                 <SSID>          
Starting AP scan for wildcard SSID
Scan requested (ret=0) - scan timeout 30 seconds
RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
RTM_NEWLINK: operstate=0 ifi_flags=0x1043 ([UP][RUNNING])
RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
Setting scan request: 0 sec 0 usec
Scan SSID - hexdump_ascii(len=6):
     31 32 33 34 35 36                                 <SSID>          
Starting AP scan for wildcard SSID
nl80211: Scan trigger failed: ret=-16 (Device or resource busy)
Failed to initiate AP scan.
Setting scan request: 10 sec 0 usec
No keys have been configured - skip key clearing
State: SCANNING -> DISCONNECTED
wpa_driver_nl80211_set_operstate: operstate 0->0 (DORMANT)
nl80211: Operstate: linkmode=-1, operstate=5
EAPOL: External notification - portEnabled=0
EAPOL: Supplicant port status: Unauthorized
EAPOL: External notification - portValid=0
EAPOL: Supplicant port status: Unauthorized
EAPOL: External notification - EAP success=0
EAPOL: Supplicant port status: Unauthorized
No keys have been configured - skip key clearing
State: DISCONNECTED -> DISCONNECTED
wpa_driver_nl80211_set_operstate: operstate 0->0 (DORMANT)
nl80211: Operstate: linkmode=-1, operstate=5
EAPOL: External notification - portEnabled=0
EAPOL: Supplicant port status: Unauthorized
EAPOL: External notification - portValid=0
EAPOL: Supplicant port status: Unauthorized
EAPOL: External notification - EAP success=0
EAPOL: Supplicant port status: Unauthorized
No keys have been configured - skip key clearing
State: DISCONNECTED -> DISCONNECTED
wpa_driver_nl80211_set_operstate: operstate 0->0 (DORMANT)
nl80211: Operstate: linkmode=-1, operstate=5
EAPOL: External notification - portEnabled=0
EAPOL: Supplicant port status: Unauthorized
EAPOL: External notification - portValid=0
EAPOL: Supplicant port status: Unauthorized
EAPOL: External notification - EAP success=0
EAPOL: Supplicant port status: Unauthorized
Scan timeout - try to get results
Received scan results (1 BSSes)
CTRL-EVENT-SCAN-RESULTS 
Setting scan request: 0 sec 0 usec
State: DISCONNECTED -> SCANNING
Starting AP scan for wildcard SSID
nl80211: Scan trigger failed: ret=-16 (Device or resource busy)
Failed to initiate AP scan.
Setting scan request: 10 sec 0 usec
Setting scan request: 0 sec 0 usec
Starting AP scan for wildcard SSID
nl80211: Scan trigger failed: ret=-16 (Device or resource busy)
Failed to initiate AP scan.
Setting scan request: 10 sec 0 usec
Setting scan request: 0 sec 0 usec
Starting AP scan for wildcard SSID
nl80211: Scan trigger failed: ret=-16 (Device or resource busy)
Failed to initiate AP scan.
Setting scan request: 10 sec 0 usec
Setting scan request: 0 sec 0 usec
Starting AP scan for wildcard SSID
nl80211: Scan trigger failed: ret=-16 (Device or resource busy)
Failed to initiate AP scan.
Setting scan request: 10 sec 0 usec

Re: driver_nl80211 broken again

[Johannes Berg]

[-- Attachment #1: Type: text/plain, Size: 396 bytes --]

On Mon, 2009-08-24 at 23:06 +0300, Maxim Levitsky wrote:

> This is typical output of iwconfig, after failure
> (and I know that this output means trouble):

Hmm, thanks for the info and especially the log. Unfortunately, I can't
reproduce this at all.

Can you run wpa_supplicant with timing info (add -t to the command line)
and at the same time run "iw event -t" please?

johannes

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 801 bytes --]

Re: driver_nl80211 broken again

[Maxim Levitsky]

On Mon, 2009-08-24 at 22:58 +0200, Johannes Berg wrote:
> On Mon, 2009-08-24 at 23:06 +0300, Maxim Levitsky wrote:
> 
> > This is typical output of iwconfig, after failure
> > (and I know that this output means trouble):
> 
> Hmm, thanks for the info and especially the log. Unfortunately, I can't
> reproduce this at all.
> 
> Can you run wpa_supplicant with timing info (add -t to the command line)
> and at the same time run "iw event -t" please?
> 
> johannes

I have finally got to the bottom of this, ad it doesn't look good.
There are two bugs that overlap:


1 - when connecting again to the access point (same or another), 
wpa_supplicant does the following:

deassoc
auth
assoc

So it assumes that deassoc command disconnects completely, but it not
longer true.
Yet, I have tried to make its dissassoc function do both, but it failed.
I used following patch:


diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index c68dd82..50afeeb 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -1278,8 +1278,10 @@ void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
        if (!is_zero_ether_addr(wpa_s->bssid)) {
                if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
                        ieee80211_sta_disassociate(wpa_s, reason_code);
-               else
+               else {
                        wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
+                       wpa_drv_deauthenticate(wpa_s, wpa_s->bssid, reason_code);
+               }
                addr = wpa_s->bssid;
        }
        wpa_clear_keys(wpa_s, addr);


I got this.


EAPOL: startWhen --> 0
EAPOL: disable timer tick
wpa_driver_nl80211_disassociate
wpa_driver_nl80211_deauthenticate
nl80211: MLME command failed: ret=-67 (Link has been severed)



However, this "hack", did the trick:

diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 97a278a..60c4355 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -2561,7 +2561,7 @@ int ieee80211_mgd_disassoc(struct ieee80211_sub_if_data *sdata,
                return -ENOLINK;
        }
 
-       ieee80211_set_disassoc(sdata, false);
+       ieee80211_set_disassoc(sdata, true);
 
        mutex_unlock(&ifmgd->mtx);
 
diff --git a/net/wireless/mlme.c b/net/wireless/mlme.c
index 79d2eec..fec34a7 100644
--- a/net/wireless/mlme.c
+++ b/net/wireless/mlme.c
@@ -222,7 +222,7 @@ static void __cfg80211_send_disassoc(struct net_device *dev,
                for (i = 0; i < MAX_AUTH_BSSES; i++) {
                        if (wdev->authtry_bsses[i] || wdev->auth_bsses[i])
                                continue;
-                       wdev->auth_bsses[i] = wdev->current_bss;
+                       /*wdev->auth_bsses[i] = wdev->current_bss;*/
                        wdev->current_bss = NULL;
                        done = true;
                        cfg80211_sme_disassoc(dev, i);


With this ugly hack, everything works just fine. 
-----------------------------------------------------------------------------------------------
2 - independent of the above, the ieee80211_set_disassoc
doesn't work right if deauth==false.


If it is, then a work item is added to station work thread, and it is
never removed:

	} else {
		struct ieee80211_mgd_work *wk = ifmgd->old_associate_work;

		wk->state = IEEE80211_MGD_STATE_IDLE;
		list_add(&wk->list, &ifmgd->work_list);
	}


iee80211_sta_work just ignores the IEEE80211_MGD_STATE_IDLE, thus it
work item remains forever.

This breaks scanning, since __ieee80211_start_scan will refuses to run
until, ifmgd->work_list is empty.



Best regards,
	Maxim Levitsky

Re: driver_nl80211 broken again

[Johannes Berg]

[-- Attachment #1: Type: text/plain, Size: 241 bytes --]

Hi Maxim,

Thanks for the analysis! I won't have time to look this weekend, and I'm
not sure I will early next week, and certainly not until the week after
then, but I'll leave your mail marked unread and will look later.

johannes


[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 801 bytes --]

Re: driver_nl80211 broken again

[Johannes Berg]

[-- Attachment #1: Type: text/plain, Size: 2682 bytes --]

On Sat, 2009-09-05 at 05:08 +0300, Maxim Levitsky wrote:

> 1 - when connecting again to the access point (same or another), 
> wpa_supplicant does the following:
> 
> deassoc
> auth
> assoc
> 
> So it assumes that deassoc command disconnects completely, but it not
> longer true.
> Yet, I have tried to make its dissassoc function do both, but it failed.
> I used following patch:
> 
> 
> diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
> index c68dd82..50afeeb 100644
> --- a/wpa_supplicant/wpa_supplicant.c
> +++ b/wpa_supplicant/wpa_supplicant.c
> @@ -1278,8 +1278,10 @@ void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
>         if (!is_zero_ether_addr(wpa_s->bssid)) {
>                 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
>                         ieee80211_sta_disassociate(wpa_s, reason_code);
> -               else
> +               else {
>                         wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
> +                       wpa_drv_deauthenticate(wpa_s, wpa_s->bssid, reason_code);
> +               }
>                 addr = wpa_s->bssid;
>         }
>         wpa_clear_keys(wpa_s, addr);

Right, this is a known problem. I still think it should be handled in
wpa_s, but I'm not sure whether that patch should have worked or not.

> EAPOL: startWhen --> 0
> EAPOL: disable timer tick
> wpa_driver_nl80211_disassociate
> wpa_driver_nl80211_deauthenticate
> nl80211: MLME command failed: ret=-67 (Link has been severed)

Ok so it was called, but got -ENOLINK? That's rather odd. But I suspect
that it had already internally cleared the BSSID, so that it was asking
to deauth from 00:...:00 -- could you check that?

> 2 - independent of the above, the ieee80211_set_disassoc
> doesn't work right if deauth==false.
> 
> 
> If it is, then a work item is added to station work thread, and it is
> never removed:
> 
> 	} else {
> 		struct ieee80211_mgd_work *wk = ifmgd->old_associate_work;
> 
> 		wk->state = IEEE80211_MGD_STATE_IDLE;
> 		list_add(&wk->list, &ifmgd->work_list);
> 	}
> 
> 
> iee80211_sta_work just ignores the IEEE80211_MGD_STATE_IDLE, thus it
> work item remains forever.
> 
> This breaks scanning, since __ieee80211_start_scan will refuses to run
> until, ifmgd->work_list is empty.

That's intentional, that work item represents the authentication state
we still have -- the required cleanup should be done by cfg80211 or
wpa_supplicant.

Can you try to figure out what the parameters are that
wpa_drv_deauthenticate() is sending to the kernel, and why it's getting
-ENOLINK?

johannes


[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 801 bytes --]

Re: driver_nl80211 broken again

[Maxim Levitsky]

On Tue, 2009-09-08 at 17:29 +0200, Johannes Berg wrote: 
> On Sat, 2009-09-05 at 05:08 +0300, Maxim Levitsky wrote:
> 
> > 1 - when connecting again to the access point (same or another), 
> > wpa_supplicant does the following:
> > 
> > deassoc
> > auth
> > assoc
> > 
> > So it assumes that deassoc command disconnects completely, but it not
> > longer true.
> > Yet, I have tried to make its dissassoc function do both, but it failed.
> > I used following patch:
> > 
> > 
> > diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
> > index c68dd82..50afeeb 100644
> > --- a/wpa_supplicant/wpa_supplicant.c
> > +++ b/wpa_supplicant/wpa_supplicant.c
> > @@ -1278,8 +1278,10 @@ void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
> >         if (!is_zero_ether_addr(wpa_s->bssid)) {
> >                 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
> >                         ieee80211_sta_disassociate(wpa_s, reason_code);
> > -               else
> > +               else {
> >                         wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
> > +                       wpa_drv_deauthenticate(wpa_s, wpa_s->bssid, reason_code);
> > +               }
> >                 addr = wpa_s->bssid;
> >         }
> >         wpa_clear_keys(wpa_s, addr);
> 
> Right, this is a known problem. I still think it should be handled in
> wpa_s, but I'm not sure whether that patch should have worked or not.
> 
> > EAPOL: startWhen --> 0
> > EAPOL: disable timer tick
> > wpa_driver_nl80211_disassociate
> > wpa_driver_nl80211_deauthenticate
> > nl80211: MLME command failed: ret=-67 (Link has been severed)
> 
> Ok so it was called, but got -ENOLINK? That's rather odd. But I suspect
> that it had already internally cleared the BSSID, so that it was asking
> to deauth from 00:...:00 -- could you check that?

I figure that out, but the wpa_drv_disassociate and
wpa_drv_deauthenticate are direct wrappers over nl80211 calls.


> 
> > 2 - independent of the above, the ieee80211_set_disassoc
> > doesn't work right if deauth==false.
> > 
> > 
> > If it is, then a work item is added to station work thread, and it is
> > never removed:
> > 
> > 	} else {
> > 		struct ieee80211_mgd_work *wk = ifmgd->old_associate_work;
> > 
> > 		wk->state = IEEE80211_MGD_STATE_IDLE;
> > 		list_add(&wk->list, &ifmgd->work_list);
> > 	}
> > 
> > 
> > iee80211_sta_work just ignores the IEEE80211_MGD_STATE_IDLE, thus it
> > work item remains forever.
> > 
> > This breaks scanning, since __ieee80211_start_scan will refuses to run
> > until, ifmgd->work_list is empty.
> 
> That's intentional, that work item represents the authentication state
> we still have -- the required cleanup should be done by cfg80211 or
> wpa_supplicant.

But isn't it too much?
This means, the wpa_supplicant can lock the device.



> 
> Can you try to figure out what the parameters are that
> wpa_drv_deauthenticate() is sending to the kernel, and why it's getting
> -ENOLINK?

Sure!
Very soon will do


Best regards,
Maxim Levitsky

Re: driver_nl80211 broken again

[Maxim Levitsky]

> 
> Sure!
> Very soon will do
> 

So I didn't do the testing that soon...
Got swamped by many bugs present in ubuntu 9.10.

Now I have attempted same patch on top of wpa_supplicant, and it works.

diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index 37a1927..a0098b9 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -1302,8 +1302,10 @@ void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
        if (!is_zero_ether_addr(wpa_s->bssid)) {
                if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
                        ieee80211_sta_disassociate(wpa_s, reason_code);
-               else
+               else {
                        wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
+                       wpa_drv_deauthenticate(wpa_s, wpa_s->bssid, reason_code);
+               }
                addr = wpa_s->bssid;
        }
        wpa_clear_keys(wpa_s, addr);



Would that be enough, or this is too hacky, and we need to audit each callsite of wpa_supplicant_disassociate
and see if we need to send deauth frame too?


Best regards,
	Maxim Levitsky

Re: driver_nl80211 broken again

[Jouni Malinen]

On Wed, Sep 30, 2009 at 03:19:28AM +0200, Maxim Levitsky wrote:

> So I didn't do the testing that soon...
> Got swamped by many bugs present in ubuntu 9.10.
> 
> Now I have attempted same patch on top of wpa_supplicant, and it works.

Depends on your definition of working, I'd guess.. ;-)

> @@ -1302,8 +1302,10 @@ void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
>                         wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
> +                       wpa_drv_deauthenticate(wpa_s, wpa_s->bssid, reason_code);

To me, this looks broken. When wpa_supplicant requests a
disassociastion, it is _only_ asking for disassociation, not
deauthentication. cfg80211/mac80211 may not currently handle that, but
as far as I can tell, it sounds like an issue there and not in
wpa_supplicant. Johannes may disagree with this, though.

> Would that be enough, or this is too hacky, and we need to audit each callsite of wpa_supplicant_disassociate
> and see if we need to send deauth frame too?

I don't think either of those options would be acceptable for
wpa_supplicant and the correct fix is to make cfg80211/mac80211 be able
to handle authentication to a STA that is already authenticated. If
that is not acceptable, this hack needs to be hidden in driver_nl80211.c
instead of polluting core wpa_supplicant code which is supposed to be
driver independent. In other words, make driver_nl80211.c deauth if auth
fails and then try auth again. I don't really like that much, but if
this needs to be worked around in wpa_supplicant, that is the most
likely place where such a change could be considered.

-- 
Jouni Malinen                                            PGP id EFC895FA

Re: driver_nl80211 broken again

[Johannes Berg]

[-- Attachment #1: Type: text/plain, Size: 1593 bytes --]

On Thu, 2009-10-01 at 01:13 +0300, Jouni Malinen wrote:

> > @@ -1302,8 +1302,10 @@ void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
> >                         wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
> > +                       wpa_drv_deauthenticate(wpa_s, wpa_s->bssid, reason_code);
> 
> To me, this looks broken. When wpa_supplicant requests a
> disassociastion, it is _only_ asking for disassociation, not
> deauthentication. cfg80211/mac80211 may not currently handle that, but
> as far as I can tell, it sounds like an issue there and not in
> wpa_supplicant. Johannes may disagree with this, though.

cfg80211/mac80211 _do_ handle that. If you ask for disassociation, it
stays authenticated, and later expects you to still remember that and
refuses authentication since you're already authenticated.

> I don't think either of those options would be acceptable for
> wpa_supplicant and the correct fix is to make cfg80211/mac80211 be able
> to handle authentication to a STA that is already authenticated. If
> that is not acceptable, this hack needs to be hidden in driver_nl80211.c
> instead of polluting core wpa_supplicant code which is supposed to be
> driver independent. In other words, make driver_nl80211.c deauth if auth
> fails and then try auth again. I don't really like that much, but if
> this needs to be worked around in wpa_supplicant, that is the most
> likely place where such a change could be considered.

I still don't see how it makes sense to authenticate while still being
authenticated.

johannes

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 801 bytes --]

Re: driver_nl80211 broken again

[Trepak Vilmos]

Johannes Berg wrote:
> On Thu, 2009-10-01 at 01:13 +0300, Jouni Malinen wrote:
>> To me, this looks broken. When wpa_supplicant requests a
>> disassociastion, it is _only_ asking for disassociation, not
>> deauthentication. cfg80211/mac80211 may not currently handle that, but
>> as far as I can tell, it sounds like an issue there and not in
>> wpa_supplicant. Johannes may disagree with this, though.
>
> cfg80211/mac80211 _do_ handle that. If you ask for disassociation, it
> stays authenticated, and later expects you to still remember that and
> refuses authentication since you're already authenticated.
>
>> I don't think either of those options would be acceptable for
>> wpa_supplicant and the correct fix is to make cfg80211/mac80211 be able
>> to handle authentication to a STA that is already authenticated. If
>> that is not acceptable, this hack needs to be hidden in driver_nl80211.c
>> instead of polluting core wpa_supplicant code which is supposed to be
>> driver independent. In other words, make driver_nl80211.c deauth if auth
>> fails and then try auth again. I don't really like that much, but if
>> this needs to be worked around in wpa_supplicant, that is the most
>> likely place where such a change could be considered.
>
> I still don't see how it makes sense to authenticate while still being
> authenticated.

The client might have lost state info (rebooted, etc.). Let it redo the
auth if it wants to, deauth if it fails.
~will~

Re: driver_nl80211 broken again

[Johannes Berg]

[-- Attachment #1: Type: text/plain, Size: 1687 bytes --]

On Fri, 2009-10-02 at 23:31 +0200, Trepak Vilmos wrote:
> Johannes Berg wrote:
> > On Thu, 2009-10-01 at 01:13 +0300, Jouni Malinen wrote:
> >> To me, this looks broken. When wpa_supplicant requests a
> >> disassociastion, it is _only_ asking for disassociation, not
> >> deauthentication. cfg80211/mac80211 may not currently handle that, but
> >> as far as I can tell, it sounds like an issue there and not in
> >> wpa_supplicant. Johannes may disagree with this, though.
> >
> > cfg80211/mac80211 _do_ handle that. If you ask for disassociation, it
> > stays authenticated, and later expects you to still remember that and
> > refuses authentication since you're already authenticated.
> >
> >> I don't think either of those options would be acceptable for
> >> wpa_supplicant and the correct fix is to make cfg80211/mac80211 be able
> >> to handle authentication to a STA that is already authenticated. If
> >> that is not acceptable, this hack needs to be hidden in driver_nl80211.c
> >> instead of polluting core wpa_supplicant code which is supposed to be
> >> driver independent. In other words, make driver_nl80211.c deauth if auth
> >> fails and then try auth again. I don't really like that much, but if
> >> this needs to be worked around in wpa_supplicant, that is the most
> >> likely place where such a change could be considered.
> >
> > I still don't see how it makes sense to authenticate while still being
> > authenticated.
> 
> The client might have lost state info (rebooted, etc.). Let it redo the
> auth if it wants to, deauth if it fails.

In case you haven't noticed, we're talking about the client
(wpa_supplicant) :)

johannes

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 801 bytes --]