Authentication with iOS 9.3.1 causes invalid MIC in msg 2/4 of 4-Way Handshake

jgornick commented 8 years ago

OS: raspbian (Kernel 4.1.17) hostapd: 2.5 Adapter: 20f4:648b TRENDnet TEW-648UBM 802.11n 150Mbps Micro Wireless N Adapter [Realtek RTL8188CUS]

I've run into a issue where my iOS devices are unable to authenticate when using the rtl871xdrv hostapd driver. If I use a different interface that uses the nl80211 hostapd driver, authentication succeeds with the same hostapd configuration. I can however successfully authenticate with my MacBook when using the rtl871xdrv driver.

hostapd/wlan0.conf

ctrl_interface=/var/run/hostapd.wlan0
ctrl_interface_group=netdev

interface=wlan0
driver=rtl871xdrv
hw_mode=g
channel=1

ssid=MySSID
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
wpa_passphrase=mypassphrase
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP

Authentication logs:

May 12 13:19:08 hostapd[10797]: +rtl871x_get_sta_wpaie, a4:b8:05:c4:f9:44 is sta's address
May 12 13:19:08 hostapd[10797]: wlan0: Event ASSOC (0) received
May 12 13:19:08 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 IEEE 802.11: associated
May 12 13:19:08 hostapd[10797]: STA included RSN IE in (Re)AssocReq
May 12 13:19:08 hostapd[10797]: New STA
May 12 13:19:08 hostapd[10797]: ap_sta_add: register ap_handle_timer timeout for a4:b8:05:c4:f9:44 (300 seconds - ap_max_inactivity)
May 12 13:19:08 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: event 1 notification
May 12 13:19:08 hostapd[10797]: rtl871x_set_key_ops
May 12 13:19:08 hostapd[10797]: IEEE 802.1X: Ignore STA - 802.1X not enabled or forced for WPS
May 12 13:19:08 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: start authentication
May 12 13:19:09 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK entering state INITIALIZE
May 12 13:19:09 hostapd[10797]: rtl871x_set_key_ops
May 12 13:19:09 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 IEEE 802.1X: unauthorizing port
May 12 13:19:09 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK_GROUP entering state IDLE
May 12 13:19:09 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK entering state AUTHENTICATION
May 12 13:19:09 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK entering state AUTHENTICATION2
May 12 13:19:09 hostapd[10797]: WPA: Re-initialize GMK/Counter on first station
May 12 13:19:09 hostapd[10797]: GMK - hexdump(len=32): [REMOVED]
May 12 13:19:09 hostapd[10797]: Key Counter - hexdump(len=32): [REMOVED]
May 12 13:19:09 hostapd[10797]: GTK - hexdump(len=16): [REMOVED]
May 12 13:19:09 hostapd[10797]: rtl871x_set_key_ops
May 12 13:19:09 hostapd[10797]: WPA: Assign ANonce - hexdump(len=32): 5c 39 72 b6 50 8d 92 25 23 b5 e1 49 9e 65 bb 3f 28 d6 cd a0 33 81 77 a1 ab 3a cb 5a ae 7f 3c 80
May 12 13:19:09 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK entering state INITPSK
May 12 13:19:09 hostapd[10797]: Searching a PSK for a4:b8:05:c4:f9:44 prev_psk=(nil)
May 12 13:19:09 hostapd[10797]: Searching a PSK for a4:b8:05:c4:f9:44 prev_psk=(nil)
May 12 13:19:09 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK entering state PTKSTART
May 12 13:19:09 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: sending 1/4 msg of 4-Way Handshake
May 12 13:19:09 hostapd[10797]: WPA: Send EAPOL(version=2 secure=0 mic=0 ack=1 install=0 pairwise=1 kde_len=0 keyidx=0 encr=0)
May 12 13:19:09 hostapd[10797]: WPA: Replay Counter - hexdump(len=8): 00 00 00 00 00 00 00 01
May 12 13:19:09 hostapd[10797]: +rtl871x_send_eapol
May 12 13:19:09 hostapd[10797]: WPA: Use EAPOL-Key timeout of 1000 ms (retry counter 1)
May 12 13:19:09 hostapd[10797]: hostapd_new_assoc_sta: reschedule ap_handle_timer timeout for a4:b8:05:c4:f9:44 (300 seconds - ap_max_inactivity)
May 12 13:19:09 hostapd[10797]: VLAN: RTM_NEWLINK: ifi_index=446 ifname=wlan0 ifi_family=0 ifi_flags=0x11043 ([UP][RUNNING][LOWER_UP])
May 12 13:19:09 hostapd[10797]: VLAN: vlan_newlink(wlan0)
May 12 13:19:09 hostapd[10797]: l2_packet_receive: src=a4:b8:05:c4:f9:44 len=135
May 12 13:19:09 hostapd[10797]: wlan0: Event EAPOL_RX (24) received
May 12 13:19:09 hostapd[10797]: IEEE 802.1X: 121 bytes from a4:b8:05:c4:f9:44
May 12 13:19:09 hostapd[10797]: IEEE 802.1X: version=2 type=3 length=117
May 12 13:19:09 hostapd[10797]: WPA: Received EAPOL-Key from a4:b8:05:c4:f9:44 key_info=0x10a type=2 key_data_length=22
May 12 13:19:09 hostapd[10797]: WPA: Received Key Nonce - hexdump(len=32): 74 5e d1 79 8b ca 2f 29 86 b0 1a c1 29 f0 a7 c0 c1 f8 f8 1f 3f 07 03 e2 1f 13 7c 4c 1d 9b 76 6e
May 12 13:19:09 hostapd[10797]: WPA: Received Replay Counter - hexdump(len=8): 00 00 00 00 00 00 00 01
May 12 13:19:09 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: received EAPOL-Key frame (2/4 Pairwise)
May 12 13:19:09 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK entering state PTKCALCNEGOTIATING
May 12 13:19:09 hostapd[10797]: Searching a PSK for a4:b8:05:c4:f9:44 prev_psk=(nil)
May 12 13:19:09 hostapd[10797]: WPA: PTK derivation - A1=d8:eb:97:2f:cf:5d A2=a4:b8:05:c4:f9:44
May 12 13:19:09 hostapd[10797]: WPA: Nonce1 - hexdump(len=32): 5c 39 72 b6 50 8d 92 25 23 b5 e1 49 9e 65 bb 3f 28 d6 cd a0 33 81 77 a1 ab 3a cb 5a ae 7f 3c 80
May 12 13:19:09 hostapd[10797]: WPA: Nonce2 - hexdump(len=32): 74 5e d1 79 8b ca 2f 29 86 b0 1a c1 29 f0 a7 c0 c1 f8 f8 1f 3f 07 03 e2 1f 13 7c 4c 1d 9b 76 6e
May 12 13:19:09 hostapd[10797]: WPA: PMK - hexdump(len=32): [REMOVED]
May 12 13:19:09 hostapd[10797]: WPA: PTK - hexdump(len=48): [REMOVED]
May 12 13:19:09 hostapd[10797]: WPA: KCK - hexdump(len=16): [REMOVED]
May 12 13:19:09 hostapd[10797]: WPA: KEK - hexdump(len=16): [REMOVED]
May 12 13:19:09 hostapd[10797]: WPA: TK - hexdump(len=16): [REMOVED]
May 12 13:19:09 hostapd[10797]: Searching a PSK for a4:b8:05:c4:f9:44 prev_psk=0x1afcbd0
May 12 13:19:09 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: invalid MIC in msg 2/4 of 4-Way Handshake
May 12 13:19:09 hostapd[10797]: wlan0: AP-STA-POSSIBLE-PSK-MISMATCH a4:b8:05:c4:f9:44
May 12 13:19:09 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: EAPOL-Key timeout
May 12 13:19:09 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK entering state PTKSTART
May 12 13:19:09 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: sending 1/4 msg of 4-Way Handshake
May 12 13:19:09 hostapd[10797]: WPA: Send EAPOL(version=2 secure=0 mic=0 ack=1 install=0 pairwise=1 kde_len=0 keyidx=0 encr=0)
May 12 13:19:09 hostapd[10797]: WPA: Replay Counter - hexdump(len=8): 00 00 00 00 00 00 00 02
May 12 13:19:10 hostapd[10797]: +rtl871x_send_eapol
May 12 13:19:10 hostapd[10797]: WPA: Use EAPOL-Key timeout of 1000 ms (retry counter 2)
May 12 13:19:10 hostapd[10797]: l2_packet_receive: src=a4:b8:05:c4:f9:44 len=135
May 12 13:19:10 hostapd[10797]: wlan0: Event EAPOL_RX (24) received
May 12 13:19:10 hostapd[10797]: IEEE 802.1X: 121 bytes from a4:b8:05:c4:f9:44
May 12 13:19:10 hostapd[10797]: IEEE 802.1X: version=2 type=3 length=117
May 12 13:19:10 hostapd[10797]: WPA: Received EAPOL-Key from a4:b8:05:c4:f9:44 key_info=0x10a type=2 key_data_length=22
May 12 13:19:10 hostapd[10797]: WPA: Received Key Nonce - hexdump(len=32): e8 68 bc b9 f2 e5 97 2c 5c b0 e5 87 69 e2 b0 e8 3c 5e 1d 0a 8b d5 5e ab 7a ae 2a 88 aa 20 51 03
May 12 13:19:10 hostapd[10797]: WPA: Received Replay Counter - hexdump(len=8): 00 00 00 00 00 00 00 02
May 12 13:19:10 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: received EAPOL-Key frame (2/4 Pairwise)
May 12 13:19:10 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK entering state PTKCALCNEGOTIATING
May 12 13:19:10 hostapd[10797]: Searching a PSK for a4:b8:05:c4:f9:44 prev_psk=(nil)
May 12 13:19:10 hostapd[10797]: WPA: PTK derivation - A1=d8:eb:97:2f:cf:5d A2=a4:b8:05:c4:f9:44
May 12 13:19:10 hostapd[10797]: WPA: Nonce1 - hexdump(len=32): 5c 39 72 b6 50 8d 92 25 23 b5 e1 49 9e 65 bb 3f 28 d6 cd a0 33 81 77 a1 ab 3a cb 5a ae 7f 3c 80
May 12 13:19:10 hostapd[10797]: WPA: Nonce2 - hexdump(len=32): e8 68 bc b9 f2 e5 97 2c 5c b0 e5 87 69 e2 b0 e8 3c 5e 1d 0a 8b d5 5e ab 7a ae 2a 88 aa 20 51 03
May 12 13:19:10 hostapd[10797]: WPA: PMK - hexdump(len=32): [REMOVED]
May 12 13:19:10 hostapd[10797]: WPA: PTK - hexdump(len=48): [REMOVED]
May 12 13:19:10 hostapd[10797]: WPA: KCK - hexdump(len=16): [REMOVED]
May 12 13:19:10 hostapd[10797]: WPA: KEK - hexdump(len=16): [REMOVED]
May 12 13:19:10 hostapd[10797]: WPA: TK - hexdump(len=16): [REMOVED]
May 12 13:19:10 hostapd[10797]: Searching a PSK for a4:b8:05:c4:f9:44 prev_psk=0x1afcbd0
May 12 13:19:10 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: invalid MIC in msg 2/4 of 4-Way Handshake
May 12 13:19:10 hostapd[10797]: wlan0: AP-STA-POSSIBLE-PSK-MISMATCH a4:b8:05:c4:f9:44
May 12 13:19:10 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: EAPOL-Key timeout
May 12 13:19:10 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK entering state PTKSTART
May 12 13:19:10 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: sending 1/4 msg of 4-Way Handshake
May 12 13:19:10 hostapd[10797]: WPA: Send EAPOL(version=2 secure=0 mic=0 ack=1 install=0 pairwise=1 kde_len=0 keyidx=0 encr=0)
May 12 13:19:10 hostapd[10797]: WPA: Replay Counter - hexdump(len=8): 00 00 00 00 00 00 00 03
May 12 13:19:10 hostapd[10797]: +rtl871x_send_eapol
May 12 13:19:10 hostapd[10797]: WPA: Use EAPOL-Key timeout of 1000 ms (retry counter 3)
May 12 13:19:11 hostapd[10797]: l2_packet_receive: src=a4:b8:05:c4:f9:44 len=135
May 12 13:19:11 hostapd[10797]: wlan0: Event EAPOL_RX (24) received
May 12 13:19:11 hostapd[10797]: IEEE 802.1X: 121 bytes from a4:b8:05:c4:f9:44
May 12 13:19:11 hostapd[10797]: IEEE 802.1X: version=2 type=3 length=117
May 12 13:19:11 hostapd[10797]: WPA: Received EAPOL-Key from a4:b8:05:c4:f9:44 key_info=0x10a type=2 key_data_length=22
May 12 13:19:11 hostapd[10797]: WPA: Received Key Nonce - hexdump(len=32): 68 ca a3 29 73 5b 65 25 94 97 a4 b9 da 34 68 d2 46 92 e5 b4 2d a4 49 6f b4 80 d2 03 90 19 bf 99
May 12 13:19:11 hostapd[10797]: WPA: Received Replay Counter - hexdump(len=8): 00 00 00 00 00 00 00 03
May 12 13:19:11 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: received EAPOL-Key frame (2/4 Pairwise)
May 12 13:19:11 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK entering state PTKCALCNEGOTIATING
May 12 13:19:11 hostapd[10797]: Searching a PSK for a4:b8:05:c4:f9:44 prev_psk=(nil)
May 12 13:19:11 hostapd[10797]: WPA: PTK derivation - A1=d8:eb:97:2f:cf:5d A2=a4:b8:05:c4:f9:44
May 12 13:19:11 hostapd[10797]: WPA: Nonce1 - hexdump(len=32): 5c 39 72 b6 50 8d 92 25 23 b5 e1 49 9e 65 bb 3f 28 d6 cd a0 33 81 77 a1 ab 3a cb 5a ae 7f 3c 80
May 12 13:19:11 hostapd[10797]: WPA: Nonce2 - hexdump(len=32): 68 ca a3 29 73 5b 65 25 94 97 a4 b9 da 34 68 d2 46 92 e5 b4 2d a4 49 6f b4 80 d2 03 90 19 bf 99
May 12 13:19:11 hostapd[10797]: WPA: PMK - hexdump(len=32): [REMOVED]
May 12 13:19:11 hostapd[10797]: WPA: PTK - hexdump(len=48): [REMOVED]
May 12 13:19:11 hostapd[10797]: WPA: KCK - hexdump(len=16): [REMOVED]
May 12 13:19:11 hostapd[10797]: WPA: KEK - hexdump(len=16): [REMOVED]
May 12 13:19:11 hostapd[10797]: WPA: TK - hexdump(len=16): [REMOVED]
May 12 13:19:11 hostapd[10797]: Searching a PSK for a4:b8:05:c4:f9:44 prev_psk=0x1afcbd0
May 12 13:19:11 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: invalid MIC in msg 2/4 of 4-Way Handshake
May 12 13:19:11 hostapd[10797]: wlan0: AP-STA-POSSIBLE-PSK-MISMATCH a4:b8:05:c4:f9:44
May 12 13:19:11 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: EAPOL-Key timeout
May 12 13:19:11 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK entering state PTKSTART
May 12 13:19:11 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: sending 1/4 msg of 4-Way Handshake
May 12 13:19:11 hostapd[10797]: WPA: Send EAPOL(version=2 secure=0 mic=0 ack=1 install=0 pairwise=1 kde_len=0 keyidx=0 encr=0)
May 12 13:19:11 hostapd[10797]: WPA: Replay Counter - hexdump(len=8): 00 00 00 00 00 00 00 04
May 12 13:19:11 hostapd[10797]: +rtl871x_send_eapol
May 12 13:19:11 hostapd[10797]: WPA: Use EAPOL-Key timeout of 1000 ms (retry counter 4)
May 12 13:19:12 hostapd[10797]: l2_packet_receive: src=a4:b8:05:c4:f9:44 len=135
May 12 13:19:12 hostapd[10797]: wlan0: Event EAPOL_RX (24) received
May 12 13:19:12 hostapd[10797]: IEEE 802.1X: 121 bytes from a4:b8:05:c4:f9:44
May 12 13:19:12 hostapd[10797]: IEEE 802.1X: version=2 type=3 length=117
May 12 13:19:12 hostapd[10797]: WPA: Received EAPOL-Key from a4:b8:05:c4:f9:44 key_info=0x10a type=2 key_data_length=22
May 12 13:19:12 hostapd[10797]: WPA: Received Key Nonce - hexdump(len=32): f3 21 99 0e 64 39 21 ca 78 d7 c6 bc e5 0d d7 97 a1 a1 f2 f1 34 3a a1 d1 87 45 3a 2d 17 4a 45 ab
May 12 13:19:12 hostapd[10797]: WPA: Received Replay Counter - hexdump(len=8): 00 00 00 00 00 00 00 04
May 12 13:19:12 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: received EAPOL-Key frame (2/4 Pairwise)
May 12 13:19:12 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK entering state PTKCALCNEGOTIATING
May 12 13:19:12 hostapd[10797]: Searching a PSK for a4:b8:05:c4:f9:44 prev_psk=(nil)
May 12 13:19:12 hostapd[10797]: WPA: PTK derivation - A1=d8:eb:97:2f:cf:5d A2=a4:b8:05:c4:f9:44
May 12 13:19:12 hostapd[10797]: WPA: Nonce1 - hexdump(len=32): 5c 39 72 b6 50 8d 92 25 23 b5 e1 49 9e 65 bb 3f 28 d6 cd a0 33 81 77 a1 ab 3a cb 5a ae 7f 3c 80
May 12 13:19:12 hostapd[10797]: WPA: Nonce2 - hexdump(len=32): f3 21 99 0e 64 39 21 ca 78 d7 c6 bc e5 0d d7 97 a1 a1 f2 f1 34 3a a1 d1 87 45 3a 2d 17 4a 45 ab
May 12 13:19:12 hostapd[10797]: WPA: PMK - hexdump(len=32): [REMOVED]
May 12 13:19:12 hostapd[10797]: WPA: PTK - hexdump(len=48): [REMOVED]
May 12 13:19:12 hostapd[10797]: WPA: KCK - hexdump(len=16): [REMOVED]
May 12 13:19:12 hostapd[10797]: WPA: KEK - hexdump(len=16): [REMOVED]
May 12 13:19:12 hostapd[10797]: WPA: TK - hexdump(len=16): [REMOVED]
May 12 13:19:12 hostapd[10797]: Searching a PSK for a4:b8:05:c4:f9:44 prev_psk=0x1afcbd0
May 12 13:19:12 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: invalid MIC in msg 2/4 of 4-Way Handshake
May 12 13:19:12 hostapd[10797]: wlan0: AP-STA-POSSIBLE-PSK-MISMATCH a4:b8:05:c4:f9:44
May 12 13:19:12 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: EAPOL-Key timeout
May 12 13:19:12 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK entering state PTKSTART
May 12 13:19:12 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: PTKSTART: Retry limit 4 reached
May 12 13:19:12 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK entering state DISCONNECT
May 12 13:19:12 hostapd[10797]: wpa_sta_disconnect STA a4:b8:05:c4:f9:44
May 12 13:19:13 hostapd[10797]: hostapd_wpa_auth_disconnect: WPA authenticator requests disconnect: STA a4:b8:05:c4:f9:44 reason 2
May 12 13:19:13 hostapd[10797]: +rtl871x_sta_deauth_ops, a4:b8:05:c4:f9:44 is deauth, reason=2
May 12 13:19:13 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: event 3 notification
May 12 13:19:13 hostapd[10797]: rtl871x_set_key_ops
May 12 13:19:13 hostapd[10797]: ap_sta_disconnect: reschedule ap_handle_timer timeout for a4:b8:05:c4:f9:44 (5 seconds - AP_MAX_INACTIVITY_AFTER_DEAUTH)
May 12 13:19:13 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK entering state DISCONNECTED
May 12 13:19:13 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK entering state INITIALIZE
May 12 13:19:13 hostapd[10797]: rtl871x_set_key_ops
May 12 13:19:13 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 IEEE 802.1X: unauthorizing port
May 12 13:19:13 hostapd[10797]: Removing STA a4:b8:05:c4:f9:44 from kernel driver
May 12 13:19:13 hostapd[10797]: +rtl871x_sta_remove_ops, a4:b8:05:c4:f9:44 is sta address removed
May 12 13:19:13 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 MLME: MLME-DEAUTHENTICATE.indication(a4:b8:05:c4:f9:44, 2)
May 12 13:19:13 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 MLME: MLME-DELETEKEYS.request(a4:b8:05:c4:f9:44)
May 12 13:19:13 hostapd[10797]: rtl871x_set_key_ops
May 12 13:19:13 hostapd[10797]: wlan0: Event DISASSOC (1) received
May 12 13:19:13 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 IEEE 802.11: disassociated
May 12 13:19:13 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 WPA: event 2 notification
May 12 13:19:13 hostapd[10797]: rtl871x_set_key_ops
May 12 13:19:13 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK entering state DISCONNECTED
May 12 13:19:13 hostapd[10797]: WPA: a4:b8:05:c4:f9:44 WPA_PTK entering state INITIALIZE
May 12 13:19:13 hostapd[10797]: rtl871x_set_key_ops
May 12 13:19:13 hostapd[10797]: wlan0: STA a4:b8:05:c4:f9:44 IEEE 802.1X: unauthorizing port
May 12 13:19:13 hostapd[10797]: +rtl871x_sta_remove_ops, a4:b8:05:c4:f9:44 is sta address removed
May 12 13:19:13 hostapd[10797]: ap_free_sta: cancel ap_handle_timer for a4:b8:05:c4:f9:44
May 12 13:19:13 hostapd[10797]: VLAN: RTM_NEWLINK: ifi_index=446 ifname=wlan0 ifi_family=0 ifi_flags=0x11043 ([UP][RUNNING][LOWER_UP])
May 12 13:19:13 hostapd[10797]: VLAN: vlan_newlink(wlan0)

jgornick commented 8 years ago

@pritambaral Any chance you've had some time to think about this issue? Thanks!

pritambaral commented 8 years ago

Sorry. This is not a codebase I can support. I didn't write it. (Nor do I any longer have any hardware that can make use of it. Also, don't have an iPhone.)

In the README, I mention that none of the code is created by me. The code is from Realtek, modified slightly to build against newer hostapd releases.

I left your issue up so that other users of this code may be able to help you out.

jgornick commented 8 years ago

I apologize for not seeing that in the README. Thank you for the quick response!

I'm currently trying to build a hostapd 2.4 version and see if the issue exists there.

Thanks again!

pritambaral commented 8 years ago

Have you tried the latest linux kernel? The mainline drivers may have gotten better; last I checked, AP mode was kinda working.

Of course, the mainline driver does not need this codebase. It uses the kernel's standard mac80211 interface, so it should work with nl80211

jgornick commented 8 years ago

That's my next step, but because I'm setting this up on a Raspberry Pi (raspbian), they default to using the non-mac80211 driver by default. I would just need to rebuild the kernel with the mac80211 driver instead.

pritambaral commented 8 years ago

I don't think the non-mac80211 driver is shipped in raspbian, is it? Perhaps you installed it from somewhere like dz0ny/rt8192cu

If an out-of-tree driver is what provides the non-mac80211 driver, then uninstalling (or even rmmod-ing or modprobe -r-ing) it should allow using the in-tree driver.

jgornick commented 8 years ago

By default it ships with the 8192cu driver. For reference, here's an issue for moving this driver forward to the mac80211 version https://github.com/raspberrypi/linux/pull/1468

pritambaral commented 8 years ago

Ooh, didn't know that. Bold move, but I guess good on raspbian guys for shipping it by default.

jgornick commented 8 years ago

It also looks like they are adding cfg80211 support to the 8192cu driver https://github.com/raspberrypi/linux/pull/1489/files

pritambaral commented 8 years ago

Hmm, that would be cool (but also redundant, perhaps, since the converse is being done with the in-kernel drivers).

jgornick commented 8 years ago

I believe this issue was self-inflicted with some other configuration in my environment.

I had an if-pre-up script that was updating the wireless interface MAC address via ip link set dev "$IFACE" address .... I was doing this because when I have a wireless interface that supports multiple SSIDs (using the mac80211 driver), you need to set the MAC address so it allows hostapd to create the other virtual interfaces with the next available MAC.

Once I removed the ip link set... command, I was able to successfully authenticate and connect via an iOS device. With that being said, this was probably causing an issue because hostapd was getting 2 different MAC addresses for the interface, one at the physical layer and another via the ip layer. At least that's what I think was happening 😄

Closing the issue because it's not related to this project.

Thanks!

pritambaral / hostapd-rtl871xdrv

Authentication with iOS 9.3.1 causes invalid MIC in msg 2/4 of 4-Way Handshake #15