> > Hello, > > > > recently we moved from a 4.9 kernel to 5.4 kernel and observed the > > following issue. To rule out that the issue was already fixed we then > > tried it with a 6.6 kernel and observed the same issue there, too. To > > sum it up, the following issue can be observed with kernel 5.4 and 6.6 > > but not with 4.9. > > > > We are using a Cisco AP with EWC (C9210) and EAP-PEAP as > > authentication method. Additionally, a session timeout is configured > > in the AP (300 s) after which a rekeying is taking place. So every 5 > > minutes a new four-way handshake is taking place which usually is > > completely encrypted. However, while sniffing with an external device > > we saw that the fourth packet of the four-way handshake is send > > unencrypted by our clients, when it comes to EAP-PEAP. The first three > > packets are encrypted as expected. In case of the Cisco AP the attempt > > is then rejected with a 4WAY_HANDSHAKE_TIMEOUT leading to a > completely > > new authentication. > > > > On our clients we are using wpa_supplicant 2.10 with the same config > > on all kernels and therefore would rule out an issue in the > > supplicant, as it is working with the same supplicant in kernel 4.9. > > As driver we are using ath9k for QCA2066 (starting at kernel 4.9) and > > QCA2066 with ath9k? ath9k is a driver for 802.11n hardware and QCA2066 > is 802.11ax generation, how would that work? Right, somehow I collected the wrong info for the ath9k driven device. Sorry about that. It's an AR958x adapter for the ath9k driver.
