Date: Mon, 29 Jul 2013 16:02:55 +0200 From: Lars Engels <lars.engels@0x20.net> To: =?utf-8?Q?Jean-S=C3=A9bastien_P=C3=A9dron?= <jean-sebastien.pedron@dumbbell.fr> Cc: Adrian Chadd <adrian@freebsd.org>, freebsd-current@freebsd.org, wireless@freebsd.org Subject: Re: 802.1X: dhclient started before the auth. process ends Message-ID: <20130729140255.GU59101@e-new.0x20.net> In-Reply-To: <51F6758C.9020004@dumbbell.fr> References: <51F26CEB.9010200@dumbbell.fr> <20130729095946.GK59101@e-new.0x20.net> <CAJ-Vmo=yw-jL%2BT2QUfiOfx8oGZweNt%2BgWFBaVriVPtWsrVCEiA@mail.gmail.com> <51F6758C.9020004@dumbbell.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
--Mo5R/H9UGRM/aoK7 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jul 29, 2013 at 04:00:44PM +0200, Jean-S=C3=A9bastien P=C3=A9dron w= rote: > On 29.07.2013 15:34, Adrian Chadd wrote: > > I think you were lucky. >=20 > I think you're right. >=20 > It works perfectly on FreeBSD 9.1, because wpa_supplicant finishes the > auth process really quickly, ie. before dhclient receives an answer from > dhcpd from the unauthenticated network: >=20 > Jul 29 15:39:46 - kernel: bge0: link state changed to UP > Jul 29 15:39:46 - dhclient[46150]: DHCPREQUEST on bge0 to > 255.255.255.255 port 67 > Jul 29 15:39:47 - wpa_supplicant[46119]: CTRL-EVENT-EAP-STARTED EAP > authentication started > ... > Jul 29 15:39:47 - wpa_supplicant[46119]: CTRL-EVENT-EAP-SUCCESS EAP > authentication completed successfully > Jul 29 15:39:48 - dhclient[46150]: DHCPREQUEST on bge0 to > 255.255.255.255 port 67 > Jul 29 15:39:48 - dhclient[46150]: DHCPACK from 192.168.200.224 > Jul 29 15:39:48 - dhclient: New IP Address (bge0): 192.168.200.91 > Jul 29 15:39:48 - dhclient: New Subnet Mask (bge0): 255.255.255.0 > Jul 29 15:39:48 - dhclient: New Broadcast Address (bge0): 192.168.200.255 > Jul 29 15:39:48 - dhclient: New Routers (bge0): 192.168.200.254 >=20 > On -CURRENT, wpa_supplicant is started more than 10 seconds after the > interface is UP and dhclient sent its request > (http://pastebin.com/ZHcbHLQZ). Therefore, a lease from the > unauthenticated network arrives first. It was working with a previous > -CURRENT (buildworld from around April if memory serves). AFAIK rui@ imported a new version of wpa_supplicant into -CURRENT. >=20 > > dhclient shouldn't start running until wpa_supplicant has completed > > authentication. >=20 > Damn, I always thought it worked this way on FreeBSD and happily laughed > at "Linux co-workers" who use some kind of rc.local script to work > around this issue :-) In fact, we're all in the same boat! >=20 > I may take a look at the issue. I guess the place to fix this is in the > rc scripts. Does someone have a hint? --Mo5R/H9UGRM/aoK7 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (FreeBSD) iEYEARECAAYFAlH2dg8ACgkQKc512sD3afgKUACghtVeVOeb7B+fa5Ay5yN7MMwz mU0AnjK4O/S6KMKDYVX36bDw/rlr4Szo =9NQr -----END PGP SIGNATURE----- --Mo5R/H9UGRM/aoK7--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130729140255.GU59101>