Date: Mon, 29 Jul 2013 16:00:44 +0200 From: =?ISO-8859-1?Q?Jean-S=E9bastien_P=E9dron?= <jean-sebastien.pedron@dumbbell.fr> To: Adrian Chadd <adrian@freebsd.org> Cc: freebsd-current@freebsd.org, wireless@freebsd.org Subject: Re: 802.1X: dhclient started before the auth. process ends Message-ID: <51F6758C.9020004@dumbbell.fr> In-Reply-To: <CAJ-Vmo=yw-jL%2BT2QUfiOfx8oGZweNt%2BgWFBaVriVPtWsrVCEiA@mail.gmail.com> References: <51F26CEB.9010200@dumbbell.fr> <20130729095946.GK59101@e-new.0x20.net> <CAJ-Vmo=yw-jL%2BT2QUfiOfx8oGZweNt%2BgWFBaVriVPtWsrVCEiA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) ------enig2DFSSGAASRDLLUSXNPUME Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 29.07.2013 15:34, Adrian Chadd wrote: > I think you were lucky. I think you're right. It works perfectly on FreeBSD 9.1, because wpa_supplicant finishes the auth process really quickly, ie. before dhclient receives an answer from dhcpd from the unauthenticated network: Jul 29 15:39:46 - kernel: bge0: link state changed to UP Jul 29 15:39:46 - dhclient[46150]: DHCPREQUEST on bge0 to 255.255.255.255 port 67 Jul 29 15:39:47 - wpa_supplicant[46119]: CTRL-EVENT-EAP-STARTED EAP authentication started =2E.. Jul 29 15:39:47 - wpa_supplicant[46119]: CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully Jul 29 15:39:48 - dhclient[46150]: DHCPREQUEST on bge0 to 255.255.255.255 port 67 Jul 29 15:39:48 - dhclient[46150]: DHCPACK from 192.168.200.224 Jul 29 15:39:48 - dhclient: New IP Address (bge0): 192.168.200.91 Jul 29 15:39:48 - dhclient: New Subnet Mask (bge0): 255.255.255.0 Jul 29 15:39:48 - dhclient: New Broadcast Address (bge0): 192.168.200.255= Jul 29 15:39:48 - dhclient: New Routers (bge0): 192.168.200.254 On -CURRENT, wpa_supplicant is started more than 10 seconds after the interface is UP and dhclient sent its request (http://pastebin.com/ZHcbHLQZ). Therefore, a lease from the unauthenticated network arrives first. It was working with a previous -CURRENT (buildworld from around April if memory serves). > dhclient shouldn't start running until wpa_supplicant has completed > authentication. Damn, I always thought it worked this way on FreeBSD and happily laughed at "Linux co-workers" who use some kind of rc.local script to work around this issue :-) In fact, we're all in the same boat! I may take a look at the issue. I guess the place to fix this is in the rc scripts. Does someone have a hint? --=20 Jean-S=E9bastien P=E9dron ------enig2DFSSGAASRDLLUSXNPUME Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlH2dZAACgkQa+xGJsFYOlOJ2wCgw5haBHblo8F7a4axlOiRGP8p TFkAoLaxVfQsplwokPuRGMHLgEAXk+n1 =FEy8 -----END PGP SIGNATURE----- ------enig2DFSSGAASRDLLUSXNPUME--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?51F6758C.9020004>