Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 29 Jul 2013 16:03:53 +0200
From:      Lars Engels <lars.engels@0x20.net>
To:        =?utf-8?Q?Jean-S=C3=A9bastien_P=C3=A9dron?= <jean-sebastien.pedron@dumbbell.fr>
Cc:        Adrian Chadd <adrian@freebsd.org>, freebsd-current@freebsd.org, rpaulo@freebsd.org, wireless@freebsd.org
Subject:   Re: 802.1X: dhclient started before the auth. process ends
Message-ID:  <20130729140353.GA41336@e-new.0x20.net>
In-Reply-To: <51F6758C.9020004@dumbbell.fr>
References:  <51F26CEB.9010200@dumbbell.fr> <20130729095946.GK59101@e-new.0x20.net> <CAJ-Vmo=yw-jL%2BT2QUfiOfx8oGZweNt%2BgWFBaVriVPtWsrVCEiA@mail.gmail.com> <51F6758C.9020004@dumbbell.fr>

next in thread | previous in thread | raw e-mail | index | archive | help

--7AUc2qLy4jB3hD7Z
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Jul 29, 2013 at 04:00:44PM +0200, Jean-S=C3=A9bastien P=C3=A9dron w=
rote:
> On 29.07.2013 15:34, Adrian Chadd wrote:
> > I think you were lucky.
>=20
> I think you're right.
>=20
> It works perfectly on FreeBSD 9.1, because wpa_supplicant finishes the
> auth process really quickly, ie. before dhclient receives an answer from
> dhcpd from the unauthenticated network:
>=20
> Jul 29 15:39:46 - kernel: bge0: link state changed to UP
> Jul 29 15:39:46 - dhclient[46150]: DHCPREQUEST on bge0 to
> 255.255.255.255 port 67
> Jul 29 15:39:47 - wpa_supplicant[46119]: CTRL-EVENT-EAP-STARTED EAP
> authentication started
> ...
> Jul 29 15:39:47 - wpa_supplicant[46119]: CTRL-EVENT-EAP-SUCCESS EAP
> authentication completed successfully
> Jul 29 15:39:48 - dhclient[46150]: DHCPREQUEST on bge0 to
> 255.255.255.255 port 67
> Jul 29 15:39:48 - dhclient[46150]: DHCPACK from 192.168.200.224
> Jul 29 15:39:48 - dhclient: New IP Address (bge0): 192.168.200.91
> Jul 29 15:39:48 - dhclient: New Subnet Mask (bge0): 255.255.255.0
> Jul 29 15:39:48 - dhclient: New Broadcast Address (bge0): 192.168.200.255
> Jul 29 15:39:48 - dhclient: New Routers (bge0): 192.168.200.254
>=20
> On -CURRENT, wpa_supplicant is started more than 10 seconds after the
> interface is UP and dhclient sent its request
> (http://pastebin.com/ZHcbHLQZ). Therefore, a lease from the
> unauthenticated network arrives first. It was working with a previous
> -CURRENT (buildworld from around April if memory serves).

AFAIK rpaulo@ imported a new version of wpa_supplicant into -CURRENT.

>=20
> > dhclient shouldn't start running until wpa_supplicant has completed
> > authentication.
>=20
> Damn, I always thought it worked this way on FreeBSD and happily laughed
> at "Linux co-workers" who use some kind of rc.local script to work
> around this issue :-) In fact, we're all in the same boat!
>=20
> I may take a look at the issue. I guess the place to fix this is in the
> rc scripts. Does someone have a hint?


--7AUc2qLy4jB3hD7Z
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (FreeBSD)

iEYEARECAAYFAlH2dkkACgkQKc512sD3afiqNACgq5VtL40z42riSk2sRqiQcUUM
ZaMAn0Kp/AjCdzt87VnxC3Z50eba9Ph8
=s152
-----END PGP SIGNATURE-----

--7AUc2qLy4jB3hD7Z--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130729140353.GA41336>