From owner-freebsd-wireless@FreeBSD.ORG  Wed Jan 21 20:09:33 2015
Return-Path: <owner-freebsd-wireless@FreeBSD.ORG>
Delivered-To: freebsd-wireless@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 0B864F14;
 Wed, 21 Jan 2015 20:09:33 +0000 (UTC)
Received: from mail-wi0-x22a.google.com (mail-wi0-x22a.google.com
 [IPv6:2a00:1450:400c:c05::22a])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 8EDB47F5;
 Wed, 21 Jan 2015 20:09:32 +0000 (UTC)
Received: by mail-wi0-f170.google.com with SMTP id em10so17472240wid.1;
 Wed, 21 Jan 2015 12:09:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:sender:in-reply-to:references:from:date:message-id
 :subject:to:cc:content-type;
 bh=rJ4dGerfi++8V2EIQdeuKLXUMrz3br+erdfGhPbM8Ew=;
 b=eKsDi9FkWFZ/VXuLHj2QoCYHnlm419FH3YL4mrDUjg26CEqEuEN7FZCdb4GfvdiSEm
 PqWQ1ZNVYz+n+lGqMwm76S3N66n22QsMC1hkioorVN1Qw4JvOYL6hEVwI+urvIKFtPT0
 Q+XFLL5iW4qw1SJgn5ABf+mmCHDeLPQTl1yHkIPtGuk91TXsbaRX4mCvOPCJDT9elq+l
 z5+tg1XMIUc8OZ82baWARkP9+wVaCFn3dd+EF0WUsHJf0WOdiIT16+qJGG8v/S1miuJb
 MdB8D9rZb+3PEiUNXOGkG/OT2P/aDraSjTiDWnmwYEzLUYiDt8318NDQApheJyzU01sy
 XOwQ==
X-Received: by 10.181.12.7 with SMTP id em7mr22366650wid.35.1421870971106;
 Wed, 21 Jan 2015 12:09:31 -0800 (PST)
MIME-Version: 1.0
Sender: cochard@gmail.com
Received: by 10.194.61.98 with HTTP; Wed, 21 Jan 2015 12:09:10 -0800 (PST)
In-Reply-To: <CA+q+TcoBmSnQd1qEq74QZoEGfvQmkKEzyc5Ym12XC9XabqV-Kg@mail.gmail.com>
References: <CA+q+Tcp5Yp0ia0oWdyTxv2ThswU9cWHcyBi1pEMvPXOpEP76dg@mail.gmail.com>
 <CAJ-Vmo==p-o7DUCsi0Wh9LRizmrHdrvC+x70D1kT+Yw2v=jR=A@mail.gmail.com>
 <CA+q+TcoBmSnQd1qEq74QZoEGfvQmkKEzyc5Ym12XC9XabqV-Kg@mail.gmail.com>
From: =?ISO-8859-1?Q?Olivier_Cochard=2DLabb=E9?= <olivier@cochard.me>
Date: Wed, 21 Jan 2015 21:09:10 +0100
X-Google-Sender-Auth: 5oTpqLk5NH8lnO8iMA3IkDJsjIQ
Message-ID: <CA+q+TcpdwmRHemEjQxO9FMGa8fkiYQ1_no08ktf_7v8diqwUDA@mail.gmail.com>
Subject: Re: Fragmented EAP ACK problem on -current
To: Adrian Chadd <adrian@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1
X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1
Cc: "freebsd-wireless@freebsd.org" <freebsd-wireless@freebsd.org>
X-BeenThere: freebsd-wireless@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: "Discussions of 802.11 stack,
 tools device driver development." <freebsd-wireless.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-wireless>, 
 <mailto:freebsd-wireless-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-wireless/>
List-Post: <mailto:freebsd-wireless@freebsd.org>
List-Help: <mailto:freebsd-wireless-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-wireless>, 
 <mailto:freebsd-wireless-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Jan 2015 20:09:33 -0000

The problem was identified and have nothing to do with the wireless stack.
The author of hostapd found the problem: The RADIUS UDP packet containing
the client certificate is a very big packet, and was fragmented between the
Authenticator and Authentication server. The first (big) UDP packet never
reach to join the Authentication server (OpenVPN tunnel between)... This is
why the authentication server never ACK, then Authenticator never transfer
the ACK to the client.

Sorry for the noise.