Re: wpabuf overflow with WPS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello


On 28/04/16 19:06, Jouni Malinen wrote:

On Thu, Apr 28, 2016 at 01:31:05PM +0200, Xue Liu wrote:

I have removed the patch and generate a new hostapd program. Then I
run the program with -d option, and there is no wpabuf overflow, but
my Nexus 9 still can not make a connection with Clearfog board via
WPS. Since the debug info is quite a lot. I put them in the
attachment. Thank you.

Thanks. This looks like something completely different. The client
device does not seem to even try to associate with the AP. It does go
through Authentication frame exchange, but then nothing.. The debug
patch should have no impact on this type of functionality, so it is a
bit difficult to say what caused this.


root@OpenWrt:~# hostapd -d hostapd.cfg

Or are you maybe running this over a slow serial port connection? If so,
there will likely be a significant extra latency on operations and it
would be better to direct the output to a file with something like

hostapd -dd hostapd.cfg > /tmp/hostapd.log


Yes. I am running hostapd over a serial port connection.
I did another test last few days and I found the problem is not in the hostapd but in wps_supplicant. During the connection via WPS, the wps_supplicant has "Segmentation fault". I run wpa_supplicant with "/usr/sbin/wpa_supplicant -dd -P /var/run/wpa_supplicant-wlan0.pid -D nl80211 -i wlan0 -c wpa_supplicant-wlan0.conf -C /var/run/wpa_supplicant".
In addition I compile the wpad with TARGET_CFLAGS += -ggdb3. I run "gdb /usr/sbin/wpa_supplicant" and then "run -dd -P /var/run/wpa_supplicant-wlan0.pid -D nl80211 -i wlan0 -c wpa_supplicant-wlan0.conf -C /var/run/wpa_supplicant“. When segmentation fault appears after "WPS: Generate new DH keys", I run "bt".
In the attachment you can find the wpa_supplicant_gdb.log file and wps_supplicant-wlan0.conf file. It seems that there is no useful backtrace info.
I would like also to say that in the OpenWRT I use wpad package to replace wpa_supplicant and hostapd. I am a newbie of it, and I don't know what is the differences. 

Regards,

Xue Liu

wpa_supplicant v2.6-devel
Successfully initialized wpa_supplicant
Initializing interface 'wlan0' conf 'wpa_supplicant-wlan0.conf' driver 'nl80211' ctrl_interface '/var/run/wpa_supplicant' bridge 'N/A'
Configuration file 'wpa_supplicant-wlan0.conf' -> '/root/wpa_supplicant-wlan0.conf'
Reading configuration file '/root/wpa_supplicant-wlan0.conf'
country='DE'
update_config=1
Line: 5 - start of a new network block
scan_ssid=1 (0x1)
ssid - hexdump_ascii(len=6):
     59 75 6e 2d 41 50                                 Yun-AP          
key_mgmt: 0x2
PSK (ASCII passphrase) - hexdump_ascii(len=8): [REMOVED]
proto: 0x2
BSSID - hexdump(len=6): 90 a2 da f0 11 7e
PSK (from passphrase) - hexdump(len=32): [REMOVED]
Priority group 0
   id=0 ssid='Yun-AP'
nl80211: Supported cipher 00-0f-ac:1
nl80211: Supported cipher 00-0f-ac:5
nl80211: Supported cipher 00-0f-ac:2
nl80211: Supported cipher 00-0f-ac:4
nl80211: Supported cipher 00-0f-ac:6
nl80211: Using driver-based off-channel TX
nl80211: interface wlan0 in phy phy0
nl80211: Set mode ifindex 26 iftype 2 (STATION)
nl80211: Subscribe to mgmt frames with non-AP handle 0xb6f7eb30
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0xb6f7eb30 match=0801
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0xb6f7eb30 match=06
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0xb6f7eb30 match=0a07
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0xb6f7eb30 match=0a11
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0xb6f7eb30 match=1101
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0xb6f7eb30 match=1102
nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0xb6f7eb30 match=0505
netlink: Operstate: ifindex=26 linkmode=1 (userspace-control), operstate=5 (IF_OPER_DORMANT)
nl80211: driver param='(null)'
Add interface wlan0 to a new radio phy0
nl80211: Regulatory information - country=DE (DFS-ETSI)
nl80211: 2400-2483 @ 40 MHz 20 mBm
nl80211: 5150-5250 @ 80 MHz 20 mBm (no outdoor)
nl80211: 5250-5350 @ 80 MHz 20 mBm (no outdoor) (DFS)
nl80211: 5470-5725 @ 160 MHz 27 mBm (DFS)
nl80211: 57000-66000 @ 2160 MHz 40 mBm
nl80211: Added 802.11b mode based on 802.11g information
wlan0: Own MAC address: 04:f0:21:1c:99:d9
wpa_driver_nl80211_set_key: ifindex=26 (wlan0) alg=0 addr=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=26 (wlan0) alg=0 addr=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=26 (wlan0) alg=0 addr=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=26 (wlan0) alg=0 addr=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=26 (wlan0) alg=0 addr=0 key_idx=4 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=26 (wlan0) alg=0 addr=0 key_idx=5 set_tx=0 seq_len=0 key_len=0
wlan0: RSN: flushing PMKID list in the driver
nl80211: Flush PMKIDs
wlan0: Setting scan request: 0.100000 sec
wlan0: WPS: UUID based on MAC address: 37edfd51-f9c2-5b59-96c5-788117303577
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: Supplicant port status: Unauthorized
nl80211: Skip set_supp_port(unauthorized) while not associated
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
Using existing control interface directory.
ctrl_iface bind(PF_UNIX) failed: Address in use
ctrl_iface exists, but does not allow connections - assuming it was leftover from forced program termination
Successfully replaced leftover ctrl_iface socket '/var/run/wpa_supplicant/wlan0'
wlan0: Added interface wlan0
wlan0: State: DISCONNECTED -> DISCONNECTED
nl80211: Set wlan0 operstate 0->0 (DORMANT)
netlink: Operstate: ifindex=26 linkmode=-1 (no change), operstate=5 (IF_OPER_DORMANT)
wlan0: State: DISCONNECTED -> SCANNING
Scan SSID - hexdump_ascii(len=6):
     59 75 6e 2d 41 50                                 Yun-AP          
wlan0: Starting AP scan for wildcard SSID
wlan0: Add radio work 'scan'@0xb6f4f950
wlan0: First radio work item in the queue - schedule start immediately
wlan0: Starting radio work 'scan'@0xb6f4f950 after 0.000035 second wait
wlan0: nl80211: scan request
nl80211: Scan SSID - hexdump_ascii(len=6):
     59 75 6e 2d 41 50                                 Yun-AP          
nl80211: Scan SSID - hexdump_ascii(len=0): [NULL]
nl80211: Scan extra IEs - hexdump(len=10): 7f 08 04 00 00 00 00 00 00 40
Scan requested (ret=0) - scan timeout 10 seconds
nl80211: Event message available
nl80211: Drv Event 33 (NL80211_CMD_TRIGGER_SCAN) received for wlan0
wlan0: nl80211: Scan trigger
wlan0: Event SCAN_STARTED (47) received
wlan0: Own scan request started a scan in 0.000057 seconds
EAPOL: disable timer tick
CTRL_IFACE monitor attached /tmp/wpa_ctrl_13936-20\x00
CTRL-DEBUG: ctrl_sock-sendto: sock=11 sndbuf=56623104 outq=0 send_len=3
RTM_NEWLINK: ifi_index=26 ifname=wlan0 wext ifi_family=0 ifi_flags=0x1003 ([UP])
nl80211: Event message available
nl80211: Drv Event 34 (NL80211_CMD_NEW_SCAN_RESULTS) received for wlan0
wlan0: nl80211: New scan results available
nl80211: Scan probed for SSID 'Yun-AP'
nl80211: Scan probed for SSID ''
nl80211: Scan included frequencies: 2412 2417 2422 2427 2432 2437 2442 2447 2452 2457 2462 2467 2472 5180 5200 5220 5240 5260 5280 5300 5320 5500 5520 5540 5560 5580 5600 5620 5640 5660 5680 5700
wlan0: Event SCAN_RESULTS (3) received
wlan0: Scan completed in 3.102200 seconds
nl80211: Received scan results (2 BSSes)
wlan0: BSS: Start scan result update 1
wlan0: BSS: Add new id 0 BSSID 04:f0:21:1c:99:da SSID 'OpenWrt-AC-WPS' freq 5560
CTRL-DEBUG: ctrl_sock-sendmsg: sock=11 sndbuf=56623104 outq=0 send_len=40
CTRL_IFACE monitor sent successfully to /tmp/wpa_ctrl_13936-20\x00
wlan0: BSS: Add new id 1 BSSID 90:a2:da:f0:11:7e SSID 'Yun-AP' freq 2437
CTRL-DEBUG: ctrl_sock-sendmsg: sock=11 sndbuf=56623104 outq=0 send_len=40
CTRL_IFACE monitor sent successfully to /tmp/wpa_ctrl_13936-20\x00
BSS: last_scan_res_used=2/32
wlan0: New scan results available (own=1 ext=0)
CTRL-DEBUG: ctrl_sock-sendmsg: sock=11 sndbuf=56623104 outq=0 send_len=24
CTRL_IFACE monitor sent successfully to /tmp/wpa_ctrl_13936-20\x00
CTRL-DEBUG: ctrl_sock-sendmsg: sock=11 sndbuf=56623104 outq=0 send_len=17
CTRL_IFACE monitor sent successfully to /tmp/wpa_ctrl_13936-20\x00
WPS: AP 04:f0:21:1c:99:da type 0 added
WPS: AP 90:a2:da:f0:11:7e type 0 added
WPS: AP[0] 04:f0:21:1c:99:da type=0 tries=0 last_attempt=-1 sec ago blacklist=0
WPS: AP[1] 90:a2:da:f0:11:7e type=0 tries=0 last_attempt=-1 sec ago blacklist=0
wlan0: Radio work 'scan'@0xb6f4f950 done in 3.103078 seconds
wlan0: radio_work_free('scan'@0xb6f4f950: num_active_works --> 0
wlan0: Selecting BSS from priority group 0
wlan0: 0: 04:f0:21:1c:99:da ssid='OpenWrt-AC-WPS' wpa_ie_len=0 rsn_ie_len=20 caps=0x131 level=-53 freq=5560  wps
wlan0:    skip - SSID mismatch
wlan0: 1: 90:a2:da:f0:11:7e ssid='Yun-AP' wpa_ie_len=0 rsn_ie_len=20 caps=0x431 level=-62 freq=2437  wps
wlan0:    selected based on RSN IE
wlan0:    selected BSS 90:a2:da:f0:11:7e ssid='Yun-AP'
wlan0: Considering connect request: reassociate: 0  selected: 90:a2:da:f0:11:7e  bssid: 00:00:00:00:00:00  pending: 00:00:00:00:00:00  wpa_state: SCANNING  ssid=0xb6f7e7f0  current_ssid=0
wlan0: Request association with 90:a2:da:f0:11:7e
wlan0: Add radio work 'sme-connect'@0xb6f4f920
wlan0: First radio work item in the queue - schedule start immediately
wlan0: Starting radio work 'sme-connect'@0xb6f4f920 after 0.000024 second wait
wlan0: Automatic auth_alg selection: 0x1
RSN: PMKSA cache search - network_ctx=0 try_opportunistic=0
RSN: Search for BSSID 90:a2:da:f0:11:7e
RSN: No PMKSA cache entry found
wlan0: RSN: using IEEE 802.11i/D9.0
wlan0: WPA: Selected cipher suites: group 16 pairwise 16 key_mgmt 2 proto 2
wlan0: WPA: Selected mgmt group cipher 32
wlan0: WPA: clearing AP WPA IE
WPA: set AP RSN IE - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 0c 00
wlan0: WPA: using GTK CCMP
wlan0: WPA: using PTK CCMP
wlan0: WPA: using KEY_MGMT WPA-PSK
wlan0: WPA: not using MGMT group cipher
WPA: Set own WPA IE default - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00
FT: Stored MDIE and FTIE from (Re)Association Response - hexdump(len=0):
RRM: Determining whether RRM can be used - device support: 0x0
RRM: No RRM in network
wlan0: Cancelling scan request
wlan0: SME: Trying to authenticate with 90:a2:da:f0:11:7e (SSID='Yun-AP' freq=2437 MHz)
CTRL-DEBUG: ctrl_sock-sendmsg: sock=11 sndbuf=56623104 outq=0 send_len=80
CTRL_IFACE monitor sent successfully to /tmp/wpa_ctrl_13936-20\x00
wlan0: State: SCANNING -> AUTHENTICATING
EAPOL: External notification - EAP success=0
EAPOL: External notification - EAP fail=0
EAPOL: External notification - portControl=Auto
nl80211: Authenticate (ifindex=26)
  * bssid=90:a2:da:f0:11:7e
  * freq=2437
  * SSID - hexdump_ascii(len=6):
     59 75 6e 2d 41 50                                 Yun-AP          
  * IEs - hexdump(len=0): [NULL]
  * Auth Type 0
nl80211: Authentication request send successfully
nl80211: Event message available
nl80211: Drv Event 19 (NL80211_CMD_NEW_STATION) received for wlan0
nl80211: New station 90:a2:da:f0:11:7e
nl80211: Event message available
nl80211: Drv Event 37 (NL80211_CMD_AUTHENTICATE) received for wlan0
nl80211: MLME event 37 (NL80211_CMD_AUTHENTICATE) on wlan0(04:f0:21:1c:99:d9) A1=04:f0:21:1c:99:d9 A2=90:a2:da:f0:11:7e
nl80211: MLME event frame - hexdump(len=30): b0 00 3a 01 04 f0 21 1c 99 d9 90 a2 da f0 11 7e 90 a2 da f0 11 7e 60 dc 00 00 02 00 00 00
nl80211: Authenticate event
wlan0: Event AUTH (11) received
wlan0: SME: Authentication response: peer=90:a2:da:f0:11:7e auth_type=0 auth_transaction=2 status_code=0
SME: Authentication response IEs - hexdump(len=0): [NULL]
wlan0: Trying to associate with 90:a2:da:f0:11:7e (SSID='Yun-AP' freq=2437 MHz)
CTRL-DEBUG: ctrl_sock-sendmsg: sock=11 sndbuf=56623104 outq=0 send_len=72
CTRL_IFACE monitor sent successfully to /tmp/wpa_ctrl_13936-20\x00
wlan0: State: AUTHENTICATING -> ASSOCIATING
nl80211: Set wlan0 operstate 0->0 (DORMANT)
netlink: Operstate: ifindex=26 linkmode=-1 (no change), operstate=5 (IF_OPER_DORMANT)
WPA: set own WPA/RSN IE - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00
nl80211: Associate (ifindex=26)
  * bssid=90:a2:da:f0:11:7e
  * freq=2437
  * SSID - hexdump_ascii(len=6):
     59 75 6e 2d 41 50                                 Yun-AP          
  * IEs - hexdump(len=32): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00 7f 08 04 00 00 00 00 00 00 40
  * WPA Versions 0x2
  * pairwise=0xfac04
  * group=0xfac04
  * akm=0xfac02
nl80211: Association request send successfully
l2_packet_receive: src=90:a2:da:f0:11:7e len=99
wlan0: RX EAPOL from 90:a2:da:f0:11:7e
RX EAPOL - hexdump(len=99): 02 03 00 5f 02 00 8a 00 10 00 00 00 00 00 00 00 01 63 46 7c 11 fb 79 9f 70 1c 16 d0 4d 36 69 a6 00 21 2d 35 10 fa 0e e7 59 a0 ec 08 65 26 82 6f d5 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
wlan0: Not associated - Delay processing of received EAPOL frame (state=ASSOCIATING bssid=00:00:00:00:00:00)
RTM_NEWLINK: ifi_index=26 ifname=wlan0 operstate=5 linkmode=1 ifi_family=0 ifi_flags=0x11003 ([UP][LOWER_UP])
RTM_NEWLINK: ifi_index=26 ifname=wlan0 wext ifi_family=0 ifi_flags=0x11003 ([UP][LOWER_UP])
RTM_NEWLINK: ifi_index=26 ifname=wlan0 wext ifi_family=0 ifi_flags=0x11003 ([UP][LOWER_UP])
nl80211: Event message available
nl80211: Drv Event 38 (NL80211_CMD_ASSOCIATE) received for wlan0
nl80211: MLME event 38 (NL80211_CMD_ASSOCIATE) on wlan0(04:f0:21:1c:99:d9) A1=04:f0:21:1c:99:d9 A2=90:a2:da:f0:11:7e
nl80211: MLME event frame - hexdump(len=134): 10 00 3a 01 04 f0 21 1c 99 d9 90 a2 da f0 11 7e 90 a2 da f0 11 7e 70 dc 31 04 00 00 04 c0 01 08 82 84 8b 96 0c 12 18 24 32 04 30 48 60 6c 2d 1a 6e 11 1b ff 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 3d 16 06 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7f 08 00 00 00 00 00 00 00 40 dd 18 00 50 f2 02 01 01 80 00 03 a4 00 00 27 a4 00 00 42 43 5e 00 62 32 2f 00
nl80211: Associate event
wlan0: Event ASSOC (0) received
wlan0: Association info event
resp_ies - hexdump(len=104): 01 08 82 84 8b 96 0c 12 18 24 32 04 30 48 60 6c 2d 1a 6e 11 1b ff 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 3d 16 06 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7f 08 00 00 00 00 00 00 00 40 dd 18 00 50 f2 02 01 01 80 00 03 a4 00 00 27 a4 00 00 42 43 5e 00 62 32 2f 00
wlan0: freq=2437 MHz
FT: Stored MDIE and FTIE from (Re)Association Response - hexdump(len=0):
wlan0: State: ASSOCIATING -> ASSOCIATED
nl80211: Set wlan0 operstate 0->0 (DORMANT)
netlink: Operstate: ifindex=26 linkmode=-1 (no change), operstate=5 (IF_OPER_DORMANT)
wlan0: Associated to a new BSS: BSSID=90:a2:da:f0:11:7e
wlan0: Associated with 90:a2:da:f0:11:7e
CTRL-DEBUG: ctrl_sock-sendmsg: sock=11 sndbuf=56623104 outq=0 send_len=33
CTRL_IFACE monitor sent successfully to /tmp/wpa_ctrl_13936-20\x00
wlan0: WPA: Association event - clear replay counter
wlan0: WPA: Clear old PTK
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
EAPOL: External notification - EAP success=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: enable timer tick
EAPOL: SUPP_BE entering state IDLE
wlan0: Setting authentication timeout: 10 sec 0 usec
wlan0: Cancelling scan request
wlan0: Process pending EAPOL frame that was received just before association notification
wlan0: RX EAPOL from 90:a2:da:f0:11:7e
RX EAPOL - hexdump(len=99): 02 03 00 5f 02 00 8a 00 10 00 00 00 00 00 00 00 01 63 46 7c 11 fb 79 9f 70 1c 16 d0 4d 36 69 a6 00 21 2d 35 10 fa 0e e7 59 a0 ec 08 65 26 82 6f d5 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
wlan0: Setting authentication timeout: 10 sec 0 usec
wlan0: IEEE 802.1X RX: version=2 type=3 length=95
WPA: RX EAPOL-Key - hexdump(len=99): 02 03 00 5f 02 00 8a 00 10 00 00 00 00 00 00 00 01 63 46 7c 11 fb 79 9f 70 1c 16 d0 4d 36 69 a6 00 21 2d 35 10 fa 0e e7 59 a0 ec 08 65 26 82 6f d5 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
wlan0:   EAPOL-Key type=2
wlan0:   key_info 0x8a (ver=2 keyidx=0 rsvd=0 Pairwise Ack)
wlan0:   key_length=16 key_data_length=0
  replay_counter - hexdump(len=8): 00 00 00 00 00 00 00 01
  key_nonce - hexdump(len=32): 63 46 7c 11 fb 79 9f 70 1c 16 d0 4d 36 69 a6 00 21 2d 35 10 fa 0e e7 59 a0 ec 08 65 26 82 6f d5
  key_iv - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  key_rsc - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_mic - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
wlan0: State: ASSOCIATED -> 4WAY_HANDSHAKE
wlan0: WPA: RX message 1 of 4-Way Handshake from 90:a2:da:f0:11:7e (ver=2)
RSN: msg 1/4 key data - hexdump(len=0):
WPA: Renewed SNonce - hexdump(len=32): e7 2b d9 7b 59 8f 6e 95 3d 26 8f 7a 3c 02 0f e5 f7 d0 fc 98 aa 95 59 06 4b d3 99 f8 ba 70 d3 1d
WPA: PTK derivation - A1=04:f0:21:1c:99:d9 A2=90:a2:da:f0:11:7e
WPA: Nonce1 - hexdump(len=32): e7 2b d9 7b 59 8f 6e 95 3d 26 8f 7a 3c 02 0f e5 f7 d0 fc 98 aa 95 59 06 4b d3 99 f8 ba 70 d3 1d
WPA: Nonce2 - hexdump(len=32): 63 46 7c 11 fb 79 9f 70 1c 16 d0 4d 36 69 a6 00 21 2d 35 10 fa 0e e7 59 a0 ec 08 65 26 82 6f d5
WPA: PMK - hexdump(len=32): [REMOVED]
WPA: PTK - hexdump(len=48): [REMOVED]
WPA: KCK - hexdump(len=16): [REMOVED]
WPA: KEK - hexdump(len=16): [REMOVED]
WPA: TK - hexdump(len=16): [REMOVED]
WPA: WPA IE for msg 2/4 - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00
WPA: Replay Counter - hexdump(len=8): 00 00 00 00 00 00 00 01
wlan0: WPA: Sending EAPOL-Key 2/4
WPA: KCK - hexdump(len=16): [REMOVED]
WPA: Derived Key MIC - hexdump(len=16): 73 62 3b 25 25 ac 0c 38 35 e8 b2 81 db e7 5b c6
WPA: TX EAPOL-Key - hexdump(len=121): 01 03 00 75 02 01 0a 00 00 00 00 00 00 00 00 00 01 e7 2b d9 7b 59 8f 6e 95 3d 26 8f 7a 3c 02 0f e5 f7 d0 fc 98 aa 95 59 06 4b d3 99 f8 ba 70 d3 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 73 62 3b 25 25 ac 0c 38 35 e8 b2 81 db e7 5b c6 00 16 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00
WMM AC: AC mandatory: AC_BE=0 AC_BK=0 AC_VI=0 AC_VO=0
WMM AC: U-APSD queues=0x0
WMM AC: Valid WMM association, WMM AC is enabled
wlan0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
CTRL-DEBUG: ctrl_sock-sendmsg: sock=11 sndbuf=56623104 outq=448 send_len=40
CTRL_IFACE monitor sent successfully to /tmp/wpa_ctrl_13936-20\x00
nl80211: Event message available
nl80211: Drv Event 46 (NL80211_CMD_CONNECT) received for wlan0
nl80211: Ignore connect event (cmd=46) when using userspace SME
l2_packet_receive: src=90:a2:da:f0:11:7e len=155
wlan0: RX EAPOL from 90:a2:da:f0:11:7e
RX EAPOL - hexdump(len=155): 02 03 00 97 02 13 ca 00 10 00 00 00 00 00 00 00 02 63 46 7c 11 fb 79 9f 70 1c 16 d0 4d 36 69 a6 00 21 2d 35 10 fa 0e e7 59 a0 ec 08 65 26 82 6f d5 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c9 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9f 69 3d 10 2b 84 d9 d4 7f c4 c9 c8 1a c4 8a 74 00 38 ef 52 8c 7f f8 1c 0c 38 a8 69 45 bd 56 8b cf a9 d6 56 c1 bd 5c db 0d 3a be 77 bc 7c f7 84 84 50 21 66 46 b3 85 57 be c4 af 59 21 6d 1e f7 c4 f5 14 42 67 14 f9 53 04 fd
wlan0: IEEE 802.1X RX: version=2 type=3 length=151
WPA: RX EAPOL-Key - hexdump(len=155): 02 03 00 97 02 13 ca 00 10 00 00 00 00 00 00 00 02 63 46 7c 11 fb 79 9f 70 1c 16 d0 4d 36 69 a6 00 21 2d 35 10 fa 0e e7 59 a0 ec 08 65 26 82 6f d5 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c9 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9f 69 3d 10 2b 84 d9 d4 7f c4 c9 c8 1a c4 8a 74 00 38 ef 52 8c 7f f8 1c 0c 38 a8 69 45 bd 56 8b cf a9 d6 56 c1 bd 5c db 0d 3a be 77 bc 7c f7 84 84 50 21 66 46 b3 85 57 be c4 af 59 21 6d 1e f7 c4 f5 14 42 67 14 f9 53 04 fd
wlan0:   EAPOL-Key type=2
wlan0:   key_info 0x13ca (ver=2 keyidx=0 rsvd=0 Pairwise Install Ack MIC Secure Encr)
wlan0:   key_length=16 key_data_length=56
  replay_counter - hexdump(len=8): 00 00 00 00 00 00 00 02
  key_nonce - hexdump(len=32): 63 46 7c 11 fb 79 9f 70 1c 16 d0 4d 36 69 a6 00 21 2d 35 10 fa 0e e7 59 a0 ec 08 65 26 82 6f d5
  key_iv - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  key_rsc - hexdump(len=8): c9 01 00 00 00 00 00 00
  key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00
  key_mic - hexdump(len=16): 9f 69 3d 10 2b 84 d9 d4 7f c4 c9 c8 1a c4 8a 74
RSN: encrypted key data - hexdump(len=56): ef 52 8c 7f f8 1c 0c 38 a8 69 45 bd 56 8b cf a9 d6 56 c1 bd 5c db 0d 3a be 77 bc 7c f7 84 84 50 21 66 46 b3 85 57 be c4 af 59 21 6d 1e f7 c4 f5 14 42 67 14 f9 53 04 fd
WPA: decrypted EAPOL-Key key data - hexdump(len=48): [REMOVED]
wlan0: State: 4WAY_HANDSHAKE -> 4WAY_HANDSHAKE
wlan0: WPA: RX message 3 of 4-Way Handshake from 90:a2:da:f0:11:7e (ver=2)
WPA: IE KeyData - hexdump(len=48): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 0c 00 dd 16 00 0f ac 01 01 00 69 05 93 15 01 f3 b0 3a 7e b2 36 fd 1e cc 6a f6 dd 00
WPA: RSN IE in EAPOL-Key - hexdump(len=22): 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 0c 00
WPA: GTK in EAPOL-Key - hexdump(len=24): [REMOVED]
wlan0: WPA: Sending EAPOL-Key 4/4
WPA: KCK - hexdump(len=16): [REMOVED]
WPA: Derived Key MIC - hexdump(len=16): 72 d2 cc 02 8c e9 a2 69 22 86 39 88 a9 a3 c1 6a
WPA: TX EAPOL-Key - hexdump(len=99): 01 03 00 5f 02 03 0a 00 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 72 d2 cc 02 8c e9 a2 69 22 86 39 88 a9 a3 c1 6a 00 00
wlan0: WPA: Installing PTK to the driver
wpa_driver_nl80211_set_key: ifindex=26 (wlan0) alg=3 addr=0xb6f7ee40 key_idx=0 set_tx=1 seq_len=6 key_len=16
nl80211: KEY_DATA - hexdump(len=16): [REMOVED]
nl80211: KEY_SEQ - hexdump(len=6): 00 00 00 00 00 00
   addr=90:a2:da:f0:11:7e
EAPOL: External notification - portValid=1
wlan0: State: 4WAY_HANDSHAKE -> GROUP_HANDSHAKE
RSN: received GTK in pairwise handshake - hexdump(len=18): [REMOVED]
WPA: Group Key - hexdump(len=16): [REMOVED]
wlan0: WPA: Installing GTK to the driver (keyidx=1 tx=0 len=16)
WPA: RSC - hexdump(len=6): c9 01 00 00 00 00
wpa_driver_nl80211_set_key: ifindex=26 (wlan0) alg=3 addr=0xe93e8 key_idx=1 set_tx=0 seq_len=6 key_len=16
nl80211: KEY_DATA - hexdump(len=16): [REMOVED]
nl80211: KEY_SEQ - hexdump(len=6): c9 01 00 00 00 00
   broadcast key
wlan0: WPA: Key negotiation completed with 90:a2:da:f0:11:7e [PTK=CCMP GTK=CCMP]
CTRL-DEBUG: ctrl_sock-sendmsg: sock=11 sndbuf=56623104 outq=0 send_len=73
CTRL_IFACE monitor sent successfully to /tmp/wpa_ctrl_13936-20\x00
wlan0: Cancelling authentication timeout
wlan0: State: GROUP_HANDSHAKE -> COMPLETED
wlan0: Radio work 'sme-connect'@0xb6f4f920 done in 0.057697 seconds
wlan0: radio_work_free('sme-connect'@0xb6f4f920: num_active_works --> 0
wlan0: CTRL-EVENT-CONNECTED - Connection to 90:a2:da:f0:11:7e completed [id=0 id_str=]
CTRL-DEBUG: ctrl_sock-sendmsg: sock=11 sndbuf=56623104 outq=704 send_len=79
CTRL_IFACE monitor sent successfully to /tmp/wpa_ctrl_13936-20\x00
nl80211: Set wlan0 operstate 0->1 (UP)
netlink: Operstate: ifindex=26 linkmode=-1 (no change), operstate=6 (IF_OPER_UP)
EAPOL: External notification - portValid=1
EAPOL: External notification - EAP success=1
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state SUCCESS
EAP: EAP entering state DISABLED
EAPOL: SUPP_PAE entering state AUTHENTICATED
EAPOL: Supplicant port status: Authorized
nl80211: Set supplicant port authorized for 90:a2:da:f0:11:7e
EAPOL: SUPP_BE entering state IDLE
EAPOL authentication completed - result=SUCCESS
nl80211: Set rekey offload
nl80211: Driver does not support rekey offload
RTM_NEWLINK: ifi_index=26 ifname=wlan0 operstate=6 linkmode=1 ifi_family=0 ifi_flags=0x11043 ([UP][RUNNING][LOWER_UP])
EAPOL: startWhen --> 0
EAPOL: disable timer tick

country=DE

update_config=1

network={
        scan_ssid=1
        ssid="Yun-AP"
        key_mgmt=WPA-PSK
        psk="12345678"
        proto=RSN
        bssid=90:A2:DA:F0:11:7E
}


_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux