From owner-freebsd-current@FreeBSD.ORG Wed Nov 25 02:35:35 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 767A01065670 for ; Wed, 25 Nov 2009 02:35:35 +0000 (UTC) (envelope-from russell.yount@gmail.com) Received: from mail-vw0-f173.google.com (mail-vw0-f173.google.com [209.85.212.173]) by mx1.freebsd.org (Postfix) with ESMTP id 1EFE98FC1A for ; Wed, 25 Nov 2009 02:35:34 +0000 (UTC) Received: by vws3 with SMTP id 3so2041306vws.3 for ; Tue, 24 Nov 2009 18:35:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:cc:content-type; bh=DZgrZ7CfuvbbEs+qd3eilZN3429pK0BZ55c1/sDroHg=; b=Kv4gpv90rV3RYB8EUkpZ7E9UhLQ3rPNm5+jxGC8xocv3c4DOnGNfwC8oI0yvzZJfjW wT6jHcdo/lWUXVrMB6qqPqPcyOpEwu6mbJX2+xPNv2r5Yme5rf5e1ZjTPmp7gRCTIaL9 0NMmgGJEO0vSNaExs12aO8+yDW7AHgKKqIRYk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:cc:content-type; b=IYu/Y5kFuA7PvLIIN9NpXqOaZmmjzmA/XOrydH5MYd3BvP8og/KuqBNAaLKQeZbTVK eTLsRlaPV1CrQ1yw/pDLZbrz/nyMfTel0O4dsDThOJmuIk31vVSkTL85jDeSs75DS52T FWQMwLMaAvoMI6E9VefHDlXCmFJeWv0/FR7FY= MIME-Version: 1.0 Received: by 10.220.122.94 with SMTP id k30mr8501492vcr.72.1259115175690; Tue, 24 Nov 2009 18:12:55 -0800 (PST) Date: Tue, 24 Nov 2009 21:12:55 -0500 Message-ID: From: Russell Yount To: freebsd-current@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Russell Yount Subject: Hostap configuration problems, is this a bug? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Nov 2009 02:35:35 -0000 I have been trying setup an access point using FreeBSD 8.0-RC3 using a configuration similar to one I have working on FreeBSD 7.2. I have tried 8.0-RC3 with both 5004MP Atheros 4G/CM9 and NL-5354MP+Aries2 mini-PCI radios on different Soekris boxes with the same results. My windows XP laptop fails to authenticate to 8.0-RC3 using client side certificates. If I leave the access point open without hostapd authentication the laptop can connect and communicate over the link fine. Attached is the hopefully useful configuration and debug information of the laptop trying to authenticate. Have I missed somthing that changed in 8.0 or is this a bug? Any help would be appreciated. ------ In /etc/rc.conf wlans_ath0="wlan1" create_args_wlan1="wlanmode hostap" ifconfig_wlan1="ssid wireless1 mode 11a channel 60 up" cloned_interfaces="vlan1 vlan4 bridge1" ifconfig_sis0="up" ifconfig_vlan1=" vlan 11 vlandev sis0" ifconfig_vlan4="192.168.4.100/24 vlan 4 vlandev sis0" ifconfig_bridge1="addm vlan1 -autoedge vlan1 -autoptp vlan1 \ addm wlan1 edge wlan1 -autoedge wlan1 -autoptp wlan1 up" ------ In /etc/hostapd.conf interface=wlan1 driver=bsd logger_syslog=-1 logger_syslog_level=0 logger_stdout=-1 logger_stdout_level=2 dump_file=/tmp/hostapd.dump ctrl_interface=/var/run/hostapd ctrl_interface_group=0 ssid=wireless1 hw_mode=a channel=60 beacon_int=100 dtim_period=2 max_num_sta=255 rts_threshold=2347 fragm_threshold=2346 macaddr_acl=0 auth_algs=1 ignore_broadcast_ssid=0 wme_enabled=0 ieee8021x=1 eapol_version=2 eapol_key_index_workaround=0 own_ip_addr=192.168.4.100 nas_identifier=s0-wireless1 auth_server_addr=192.168.30.76 auth_server_port=1822 auth_server_shared_secret=XXXXX wpa=3 wpa_key_mgmt=WPA-EAP wpa_pairwise=CCMP wpa_strict_rekey=0 ------ >From /var/log/daemon 18:16:28 s0 hostapd: wlan1: STA 0:1:2:3:4:5 IEEE 802.11: associated 18:16:28 s0 hostapd: wlan1: STA 0:1:2:3:4:5 WPA: event 1 notification 18:16:28 s0 hostapd: wlan1: STA 0:1:2:3:4:5 IEEE 802.1X: start authentication 18:16:28 s0 hostapd: wlan1: STA 0:1:2:3:4:5 WPA: start authentication 18:16:28 s0 hostapd: wlan1: STA 0:1:2:3:4:5 IEEE 802.1X: unauthorizing port 18:16:32 s0 hostapd: wlan1: STA 0:1:2:3:4:5 IEEE 802.1X: received EAPOL-Start from STA 18:16:32 s0 hostapd: wlan1: STA 0:1:2:3:4:5 WPA: event 5 notification 18:17:22 s0 hostapd: wlan1: STA 0:1:2:3:4:5 IEEE 802.1X: received EAPOL-Start from STA 18:17:22 s0 hostapd: wlan1: STA 0:1:2:3:4:5 WPA: event 5 notification 18:18:12 s0 hostapd: wlan1: STA 0:1:2:3:4:5 IEEE 802.1X: received EAPOL-Start from STA 18:18:12 s0 hostapd: wlan1: STA 0:1:2:3:4:5 WPA: event 5 notification 18:19:02 s0 hostapd: wlan1: STA 0:1:2:3:4:5 IEEE 802.1X: received EAPOL-Logoff from STA 18:19:02 s0 hostapd: wlan1: STA 0:1:2:3:4:5 IEEE 802.1X: unauthorizing port 18:19:59 s0 hostapd: wlan1: STA 0:1:2:3:4:5 IEEE 802.11: deassociated 18:19:59 s0 hostapd: wlan1: STA 0:1:2:3:4:5 WPA: event 2 notification ------ >From /var/log/kern (during boot) 18:49:20 s0 kernel: wlan: mac acl policy registered 18:49:20 s0 kernel: ath0: mem 0xa0000000-0xa000ffff irq 10 at device 16.0 on pci0 18:49:20 s0 kernel: ath0: [ITHREAD] 18:49:20 s0 kernel: ath0: AR5212 mac 5.9 RF5112 phy 4.3 18:49:20 s0 kernel: wlan1: Ethernet address: 00:02:6f:02:02:02 >From /var/log/kern (wlandebug -i wlan1 +crypto+node+assoc+auth+state+wpa+acl+wme) 18:16:28 s0 kernel: wlan1: ieee80211_ref_node (ieee80211_send_proberesp:2391) 0xc1331000<00:02:6f:42:1c:c8> refcnt 5 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] recv auth frame with algorithm 0 seq 1 18:16:28 s0 kernel: wlan1: ieee80211_alloc_node 0xc1345000<0:1:2:3:4:5> in station table 18:16:28 s0 kernel: wlan1: ieee80211_ref_node (ieee80211_send_mgmt:1876) 0xc1345000<0:1:2:3:4:5> refcnt 2 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] station authenticated (open) 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] recv deauth (reason 1) 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] station with aid 0 leaves 18:16:28 s0 kernel: wlan1: node_reclaim: remove 0xc1345000<0:1:2:3:4:5> from station table, refcnt 2 18:16:28 s0 kernel: wlan1: ieee80211_ref_node (ieee80211_send_proberesp:2391) 0xc1331000<00:02:6f:42:1c:c8> refcnt 6 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] recv auth frame with algorithm 0 seq 1 18:16:28 s0 kernel: wlan1: ieee80211_alloc_node 0xc1348000<0:1:2:3:4:5> in station table 18:16:28 s0 kernel: wlan1: ieee80211_ref_node (ieee80211_send_mgmt:1876) 0xc1348000<0:1:2:3:4:5> refcnt 2 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] station authenticated (open) 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] RSN ie: mc 3/0 uc 3/0 key 1 caps 0x3c 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] station associated at aid 1: short preamble, short slot time, QoS 18:16:28 s0 kernel: wlan1: ieee80211_ref_node (ieee80211_send_mgmt:1876) 0xc1348000<0:1:2:3:4:5> refcnt 4 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] node join 18:16:28 s0 kernel: wlan1: [0:1:2:3:4:5] station unauthorize via MLME 18:19:02 s0 kernel: wlan1: [0:1:2:3:4:5] station unauthorize via MLME 18:19:56 s0 kernel: wlan1: ieee80211_ref_node (ieee80211_send_proberesp:2391) 0xc1331000<00:02:6f:42:1c:c8> refcnt 5 18:19:56 s0 kernel: wlan1: ieee80211_ref_node (ieee80211_send_proberesp:2391) 0xc1331000<00:02:6f:42:1c:c8> refcnt 6 18:19:56 s0 kernel: wlan1: ieee80211_ref_node (ieee80211_send_proberesp:2391) 0xc1331000<00:02:6f:42:1c:c8> refcnt 7 18:19:59 s0 kernel: wlan1: [0:1:2:3:4:5] recv deauth (reason 1) 18:19:59 s0 kernel: wlan1: [0:1:2:3:4:5] station with aid 1 leaves 18:19:59 s0 kernel: wlan1: [0:1:2:3:4:5] node leave 18:19:59 s0 kernel: wlan1: node_reclaim: remove 0xc1348000<0:1:2:3:4:5> from station table, refcnt 1 ------ ]