Hello, guys! I copied my WiMAX_DB.bin and WiMAX_Def.bin from Windows XP and decoded them with iTool (http://forum.yotatester.ru/showpost.php?p=70773&postcount=1255). Just placing them as WiMAX_DB.xml and WiMAX_Def.xml in /var/lib/wimax/, I could begin an EAP-TTLS session with UQ WiMAX, which still always fails during authentication. After slight tackling the trace module told me that wimaxd tries not MSCHAPV2 but EAP in phase 2. There does exist an entry for UQ WiMAX which specifies EAP-TTLS and MSCHAPV2: > <EAP> > <x1> > <METHOD_TYPE>EAP_TTLS</METHOD_TYPE> > <VENDOR_ID>-1</VENDOR_ID> > <VENDOR_TYPE>-1</VENDOR_TYPE> > <USER_IDENTITY></USER_IDENTITY> > <PROVISIONED_PSEUDO_IDENTITY></PROVISIONED_PSEUDO_IDENTITY> > <PASSWORD></PASSWORD> > <REALM>so-net.ne.jp</REALM> > <USE_PRIVACY>True</USE_PRIVACY> > <ENCAPS>-1</ENCAPS> > <VFY_SERVER_REALM>False</VFY_SERVER_REALM> > <SERVER_REALMS> > <x1> > <SERVER_REALM>uqc.ne.jp </SERVER_REALM> > </x1> > <x2> > <SERVER_REALM>uqc.ne.jp </SERVER_REALM> > </x2> > </SERVER_REALMS> > <CERT> > <x1> > <CERT_TYPE>DEVICE</CERT_TYPE> > <SER_NUM></SER_NUM> > <ISSUER></ISSUER> > </x1> > <x2> > <CERT_TYPE>CA</CERT_TYPE> > <SER_NUM></SER_NUM> > <ISSUER></ISSUER> > </x2> > </CERT> > </x1> > <x2> > <METHOD_TYPE></METHOD_TYPE> > <VENDOR_ID>24757</VENDOR_ID> > <VENDOR_TYPE>1</VENDOR_TYPE> > <USER_IDENTITY>(removed)</USER_IDENTITY> > <PROVISIONED_PSEUDO_IDENTITY></PROVISIONED_PSEUDO_IDENTITY> > <PASSWORD Encrypted="True">(removed)</PASSWORD> > <REALM></REALM> > <USE_PRIVACY>False</USE_PRIVACY> > <ENCAPS>1</ENCAPS> > <VFY_SERVER_REALM>False</VFY_SERVER_REALM> > <SERVER_REALMS></SERVER_REALMS> > <CERT></CERT> > </x2> > </EAP> Changing wpa_debug_level in wpa_supplicant_0.7.3/src/utils/wpa_debug.c from MSG_INFO to MSG_MSGDUMP, the supplicant shows pretty messages: ># wimaxd -d -i wmx0 >Enter Command: >q - Quit AppSrv >t - Trace ReInit (ReLoads Registry Values) >u - uplink(Apdo uplink event >h - Help >d - Toggle driver messages to display - debug & internal only > > >AppSrv is ready ! >Act_FullRestart! >Act_DriverDeviceStatus - DRIVER_UP >EAP: EAP entering state IDLE >EAP: EAP entering state RECEIVED >EAP: Received EAP-Request id=9 method=1 vendor=0 vendorMethod=0 >EAP: EAP entering state IDENTITY >CTRL-EVENT-EAP-STARTED EAP authentication started >EAP: EAP-Request Identity data - hexdump_ascii(len=0): >EAP: using anonymous identity - hexdump_ascii(len=45): > 33 44 39 35 44 39 33 37 31 39 44 44 31 44 41 46 3D95D93719DD1DAF > 31 38 33 46 39 37 42 45 32 36 46 32 39 34 31 39 183F97BE26F29419 > 40 73 6f 2d 6e 65 74 2e 6e 65 2e 6a 70 @so-net.ne.jp >EAP: EAP entering state SEND_RESPONSE >EAP: EAP entering state IDLE >Sending EapResponse. Data size: 50 >EAP: EAP entering state RECEIVED >EAP: Received EAP-Request id=10 method=21 vendor=0 vendorMethod=0 >EAP: EAP entering state GET_METHOD >CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=21 >EAP: Initialize selected EAP method: vendor 0 method 21 (TTLS) >EAP-TTLS: Phase2 type: EAP >TLS: Phase2 EAP types - hexdump(len=72): 00 00 00 00 04 00 00 00 00 00 00 00 1a 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 11 00 00 00 00 00 00 00 2f 00 00 00 00 00 00 00 2e 00 00 00 00 00 00 00 30 00 00 00 00 00 00 00 33 00 00 00 >CTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selected >EAP: EAP entering state METHOD >SSL: Received packet(len=6) - Flags 0x20 >EAP-TTLS: Start (server ver=0, own ver=0) >TLS: using phase1 config options >EAP-TTLS: Start >SSL: 54 bytes left to be sent out (of total 54 bytes) >EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL >EAP: EAP entering state SEND_RESPONSE >EAP: EAP entering state IDLE >Sending EapResponse. Data size: 60 >EAP: EAP entering state RECEIVED >EAP: Received EAP-Request id=11 method=21 vendor=0 vendorMethod=0 >EAP: EAP entering state METHOD >SSL: Received packet(len=1020) - Flags 0xc0 >SSL: TLS Message Length: 1915 >SSL: Need 905 bytes more input data >SSL: Building ACK (type=21 id=11 ver=0) >EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL >EAP: EAP entering state SEND_RESPONSE >EAP: EAP entering state IDLE >Sending EapResponse. Data size: 6 >EAP: EAP entering state RECEIVED >EAP: Received EAP-Request id=12 method=21 vendor=0 vendorMethod=0 >EAP: EAP entering state METHOD >SSL: Received packet(len=911) - Flags 0x00 >SSL: 326 bytes left to be sent out (of total 326 bytes) >EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL >EAP: EAP entering state SEND_RESPONSE >EAP: EAP entering state IDLE >Sending EapResponse. Data size: 332 >EAP: EAP entering state RECEIVED >EAP: Received EAP-Request id=13 method=21 vendor=0 vendorMethod=0 >EAP: EAP entering state METHOD >SSL: Received packet(len=69) - Flags 0x80 >SSL: TLS Message Length: 59 >SSL: No data to be sent out >EAP-TTLS: TLS done, proceed to Phase 2 >EAP-TTLS: Derived key - hexdump(len=64): [REMOVED] >EAP-TTLS: received 0 bytes encrypted data for Phase 2 >EAP-TTLS: empty data in beginning of Phase 2 - use fake EAP-Request Identity >EAP-TTLS: Phase 2 EAP Request: type=1 >EAP: using real identity - hexdump_ascii(len=20): >(removed) >EAP-TTLS: AVP encapsulate EAP Response - hexdump(len=25): (removed) >EAP-TTLS: Phase 2 - request OK >EAP-TTLS: Encrypting Phase 2 data - hexdump(len=36): [REMOVED] >SSL: 69 bytes left to be sent out (of total 69 bytes) >EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL >EAP: EAP entering state SEND_RESPONSE >EAP: EAP entering state IDLE >Sending EapResponse. Data size: 75 >EAP: EAP entering state RECEIVED >EAP: Received EAP-Failure >EAP: EAP entering state FAILURE >CTRL-EVENT-EAP-FAILURE EAP authentication failed If the supplicant is forced to use MSCHAPV2, the messages seem more reasonable. Comparing USB packets with those generated by Windows supports this analysis. ># wimaxd -d -i wmx0 >Enter Command: >q - Quit AppSrv >t - Trace ReInit (ReLoads Registry Values) >u - uplink(Apdo uplink event >h - Help >d - Toggle driver messages to display - debug & internal only > > >AppSrv is ready ! >Act_FullRestart! >Act_DriverDeviceStatus - DRIVER_UP >EAP: EAP entering state IDLE >EAP: EAP entering state RECEIVED >EAP: Received EAP-Request id=244 method=1 vendor=0 vendorMethod=0 >EAP: EAP entering state IDENTITY >CTRL-EVENT-EAP-STARTED EAP authentication started >EAP: EAP-Request Identity data - hexdump_ascii(len=0): >EAP: using anonymous identity - hexdump_ascii(len=45): > 36 38 38 39 36 37 38 45 31 31 42 46 43 36 46 32 6889678E11BFC6F2 > 34 35 38 30 33 39 34 30 34 34 31 33 43 31 31 39 458039404413C119 > 40 73 6f 2d 6e 65 74 2e 6e 65 2e 6a 70 @so-net.ne.jp >EAP: EAP entering state SEND_RESPONSE >EAP: EAP entering state IDLE >Sending EapResponse. Data size: 50 >EAP: EAP entering state RECEIVED >EAP: Received EAP-Request id=245 method=21 vendor=0 vendorMethod=0 >EAP: EAP entering state GET_METHOD >CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=21 >EAP: Initialize selected EAP method: vendor 0 method 21 (TTLS) >EAP-TTLS: Phase2 type: MSCHAPV2 >CTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selected >EAP: EAP entering state METHOD >SSL: Received packet(len=6) - Flags 0x20 >EAP-TTLS: Start (server ver=0, own ver=0) >TLS: using phase1 config options >EAP-TTLS: Start >SSL: 54 bytes left to be sent out (of total 54 bytes) >EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL >EAP: EAP entering state SEND_RESPONSE >EAP: EAP entering state IDLE >Sending EapResponse. Data size: 60 >EAP: EAP entering state RECEIVED >EAP: Received EAP-Request id=246 method=21 vendor=0 vendorMethod=0 >EAP: EAP entering state METHOD >SSL: Received packet(len=1020) - Flags 0xc0 >SSL: TLS Message Length: 1915 >SSL: Need 905 bytes more input data >SSL: Building ACK (type=21 id=246 ver=0) >EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL >EAP: EAP entering state SEND_RESPONSE >EAP: EAP entering state IDLE >Sending EapResponse. Data size: 6 >EAP: EAP entering state RECEIVED >EAP: Received EAP-Request id=247 method=21 vendor=0 vendorMethod=0 >EAP: EAP entering state METHOD >SSL: Received packet(len=911) - Flags 0x00 >SSL: 326 bytes left to be sent out (of total 326 bytes) >EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL >EAP: EAP entering state SEND_RESPONSE >EAP: EAP entering state IDLE >Sending EapResponse. Data size: 332 >EAP: EAP entering state RECEIVED >EAP: Received EAP-Request id=248 method=21 vendor=0 vendorMethod=0 >EAP: EAP entering state METHOD >SSL: Received packet(len=69) - Flags 0x80 >SSL: TLS Message Length: 59 >SSL: No data to be sent out >EAP-TTLS: TLS done, proceed to Phase 2 >EAP-TTLS: Derived key - hexdump(len=64): [REMOVED] >EAP-TTLS: received 0 bytes encrypted data for Phase 2 >EAP-TTLS: empty data in beginning of Phase 2 - use fake EAP-Request Identity >EAP-TTLS: Phase 2 MSCHAPV2 Request >MSCHAPV2: Identity - hexdump_ascii(len=20): >(removed) >MSCHAPV2: Username - hexdump_ascii(len=20): >(removed) >MSCHAPV2: auth_challenge - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >MSCHAPV2: peer_challenge - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >MSCHAPV2: username - hexdump_ascii(len=20): >(removed) >MSCHAPV2: password - hexdump_ascii(len=5): [REMOVED] >MSCHAPV2: NT Response - hexdump(len=24): 7b cf 98 b6 28 77 56 56 15 20 ad 57 8b df f7 4c 99 80 4d 93 cf 1c 3f ee >MSCHAPV2: Auth Response - hexdump(len=20): 7a 81 a2 8a d1 12 9b 3b 45 ef aa ed 7e 18 3f 64 51 cf de 86 >MSCHAPV2: Master Key - hexdump(len=16): [REMOVED] >EAP-TTLS/MSCHAPV2: Derived response >*** glibc detected *** wimaxd: free(): invalid next size (fast): 0x09896278 *** At last, wimaxd suddenly aborts. This is another problem, which should be left for further enjoyment, I suppose. Am I proceeding toward right direction? I am a bit tired of swimming in the sea of cryptic L4, L5, NDnS and so on. I want some encouraging comment before I get totally drowned. Naoki Hamada nao at tom-yam.or.jp -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.linuxwimax.org/pipermail/wimax/attachments/20110105/1e317bc5/attachment.html>
