On Sat, 22 Jan 2005, Sam Leffler wrote: > Bryan Bunch wrote: >> I'm trying to connect to a Linksys WRT54G. I have tested the card on >> the computer when booting up in XP and it connects fine via WPA. I >> also tested the card in CURRENT with WPA disabled and the card >> connected fine. > > There's nothing useful in the log you included. You can get the reason code > sent by the ap by enabling association debugging in the 802.11 layer. I > usually do this with the 80211debug program found in > /usr/src/tools/tools/ath. Something like > > 80211debug +assoc+auth > > should suffice. Messages go to the console. > > I've seen postings in various forums that this AP has issues with certain > firmware revs; you might check if your firmware is up to date. > > Past the above a packet trace is needed. Hi Bunch, According to WPA for 802.11i, section 2.2.2: The only unencrypted data packets allowed are unicast 802.1X data packets and unencrypted 802.1X data packets are only allowed when there is no Pairwise key between the station and AP otherwise unencrypted data packets must be discarded. I guess that's why your station being deauthenticated right after seeing "Group rekeying completed with..." since WPA requires station sending group EAPOL key in encrypted form once the pairwise key is available and installed. In my testing environment, -CURRENT if_ath + wpa_supplicant 0.3.0 always being kicked out by Buffalo AirStation G54 AP(firmware 2.20) after station completed the group key handshake; however, the same station/software configuration works flawlessly(read: only one 4-way handshake + 2 way group key exchange) with another Orinoco AP(which allows station to reply the last EAPOL successful message in plaintext). The attached patch works on my box. Would you please give it a try? -- Cheers, Tai-hwa Liang --- /sys/net80211/ieee80211_output.c.old Tue Jan 25 09:22:56 2005 +++ /sys/net80211/ieee80211_output.c Thu Feb 3 10:07:55 2005 _at__at_ -563,7 +563,7 _at__at_ */ if (eh.ether_type != htons(ETHERTYPE_PAE) || ((ic->ic_flags & IEEE80211_F_WPA) && - !KEY_UNDEFINED(ni->ni_ucastkey))) { + !KEY_UNDEFINED(*key))) { wh->i_fc[1] |= IEEE80211_FC1_WEP; /* XXX do fragmentation */ if (!ieee80211_crypto_enmic(ic, key, m)) {Received on Thu Feb 03 2005 - 02:28:01 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:27 UTC