hello
Recently, I checked that the Station (wpa_suplicant) connected to the
Synology WiFi Router with WPA-Enterprise is disconnected and
reconnected every 60 minutes.
As a result of the analysis of this phenomenon, it was confirmed that
there was a problem in 4way-HS in the reauthentication process by
receiving the Request identity message from the Router (AP).
(No Session timeout setting in radius)
* During the 4way-HS process, 4way-HS-1/4 ~ 3/4 are encrypted and MSG
is transmitted and received normally.
I've seen 4way-HS-4/4 transmit unencrypted (I think this is a bug).
Discard unencrypted 4way-HS-4/4 MSG and retry 4way-HS-3/4 to AP. Then,
the AP sends disassociate with authentication timeout to disconnect
the station.
Below is a similar case and test environment, and the simplest
reproducible test is case 3.
Is this a bug?
<Test Bed>
================================================================================
<Station>
RaspberryPi 3
WLAN: Netgear WNA1100 USB
Version : Supplicant 2.10
<AP>
Synology MR2200AC
================================================================================
CASE1: WPA2-Enterprise: Synology Router AP MR2200AC
================================================================================
wpa_cli flush
wpa_cli log_level debug
wpa_cli sta_autoconnect 0
wpa_cli add_network
wpa_cli set_network 1 ssid "Synology_MR2200AC_2.4G_ENT"
wpa_cli set_network 1 proto RSN WPA
wpa_cli set_network 1 pairwise CCMP TKIP
wpa_cli set_network 1 key_mgmt WPA-EAP
wpa_cli set_network 1 eap TTLS PEAP
wpa_cli set_network 1 phase2 "auth=MSCHAPV2 GTC"
wpa_cli set_network 1 identity "test"
wpa_cli set_network 1 password "1@34Qwer"
wpa_cli select_network 1
After 60 minutes of WiFi connection, reauth is performed by receiving
Request Identity from AP.
AP ==> STA RX: Request Identity (EAP)
...
Request, Protected EAP (EAP-PEAP)
AP <== STA TX: PTK Key Request (EAPOL)
AP ==> STA RX: 4way-HS-1/4
AP <== STA TX: 4way-HS-2/4
AP ==> STA RX: 4way-HS-3/4
STA: PTK install OK(update)
STA: GTK not reinstall (KRACK patch)
AP <== STA TX: 4way-HS-4/4
AP ==> STA RX: 4way-HS-3/4 (Retry)
AP ==> STA RX: 4way-HS-3/4 (Retry)
AP ==> STA RX: Disassociate
STA: Disconnected
CASE2: PTK rekey
================================================================================
WPA2-PSK CCMP
<WPA-PSK>
wpa_cli flush
wpa_cli log_level debug
wpa_cli sta_autoconnect 0
wpa_cli add_network
wpa_cli set_network 0 ssid \"WPA_PTK_KEY_TEST\"
wpa_cli set_network 0 proto RSN
wpa_cli set_network 0 pairwise CCMP
wpa_cli set_network 0 key_mgmt WPA-PSK
wpa_cli set_network 0 psk \"12345678\"
wpa_cli set_network 0 wpa_ptk_rekey 60
wpa_cli select_network 0
1 minute after connection, the connection is disconnected in the PTK
rekey process by sending a Key Request (EAPOL) from the station.
: When sta_autoconnect 1 is set, disconnect and reconnect.
AP <== STA TX: PTK Key Request (EAPOL)
AP ==> STA RX: 4way-HS-1/4
AP <== STA TX: 4way-HS-2/4
AP ==> STA RX: 4way-HS-3/4
STA: PTK install OK(update)
STA: GTK not reinstall (KRACK patch)
AP <== STA TX: 4way-HS-4/4
AP ==> STA RX: 4way-HS-3/4 (Retry)
AP ==> STA RX: 4way-HS-3/4 (Retry)
AP ==> STA RX: Disassociate
STA: Disconnected
CASE3:
================================================================================
<WPA-PSK>
wpa_cli flush
wpa_cli log_level debug
wpa_cli sta_autoconnect 0
wpa_cli add_network
wpa_cli set_network 0 ssid \"WPA_PTK_KEY_TEST\"
wpa_cli set_network 0 proto RSN
wpa_cli set_network 0 pairwise CCMP
wpa_cli set_network 0 key_mgmt WPA-PSK
wpa_cli set_network 0 psk \"12345678\"
wpa_cli set_network 0 wpa_ptk_rekey 0
wpa_cli select_network 0
* Execute reauth request command after connection is complete
wpa_cli reauthenticate
thanks, cheers and best regards
: mun-chang jung
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
