WEP Problems

From: Wayne Mitchell (wayne_at_its.noneofyour.info)
Date: 2002-08-17 11:23:08 UTC

Next message: Forrest English: "problems with a rangelan ds"
Previous message: Nayak, Ramakrishna: "RE: IEEE 802.1X EAP/TLS authentication with open source tools"
Next in thread: Jouni Malinen: "Re: WEP Problems"
Reply: Jouni Malinen: "Re: WEP Problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Mail actions: [ respond to this message ] [ mail a new topic ]

Hi,

I am having some problems with WEP on the hostAP driver and hope that someone can help.

My internet gateway/firewall machine runs Linux with a DWL-520 PCI (Prism2.5) adapter with firmware: PRI=1.1.0, STA=1.4.9 and the latest CVS snapshot of hostap driver. My main computer ('client' to the gateway) runs a dual boot setup with Win2k and Linux also with a DWL-520 PCI adapter with the same firmware. With WEP disabled everything runs perfectly! But I am getting some strange results with 40 bit WEP encryption enabled:

Case 1: Gateway machine in Master mode, client machine running Win2k in Infrastructure mode:
From the client I can ping the gateway, ping external internet sites, ssh into the gateway without any problems but cannot access any Internet web sites. I see some communication when using 'tcpdump -i wlan0' (ie DNS lookup seems to work) and initial request is sent to the web server but not much else (but I'm not experienced enough to fully interpret the data that tcpdump shows). In this case WEP encryption/decryption is handled by hostap driver on the gateway machine (both host_encrypt and host_decrypt are 1).

Case 2: Gateway machine in Master mode, client machine running Linux in Managed mode:
No problems accessing anything at all. Again, host_decrypt and host_encrypt are 1 in the gateway machine but are both 0 on the Linux client machine indicating that WEP is handled by the cards firmware. However, after a varying amount of time I get a kernel oops: 'Unable to handle kernel paging request...Aiee, killing interupt handler'. I have included the error message and output of ksymoops in the attachment but I am relatively new to Linux so I am not sure if this information is completely accurate.

Case 3: Gateway machine in Ad-hoc mode, client machine running Win2k in Ad-hoc mode:
Initially the same results as Case 1. But setting host_encrypt and host_decrypt to 0 on the gateway machine gives me access to everything again.

So it appears that when the gateway is in HostAP mode, WEP does not work with Win2k but does work with Linux (if only for a short time). Also, when the gateway is in Ad-hoc mode, WEP works with both Linux and Win2k when the encryption/decryption is handled by the firmware of the card and not the driver.

I have also quickly tried the official release (Prism2-2002-05-19) and 40 bit WEP seems to work OK for the limited time that I tested it.

Thanks.

Wayne

its:~# Unable to handle kernel paging request at virtual address 8b8306ad printing eip:
c0206ede
*pde = 00000000
Oops: 0002
CPU: 0
EIP: 0010:[<c0206ede>] Not tainted EFLAGS: 00010282
eax: c02078ac ebx: c3944220 ecx: c3944220 edx: 8b83069d esi: c02afae0 edi: 0000e329 ebp: c02af9e0 esp: c02b5f00 ds: 0018 es: 0018 ss: 0018
Process swapper (pid: 0, stackpage=c02b5000) Stack: c0207034 c3944220 c02af9e0 c0206f64 00000000 c02ee5c0 00000003 c02afa68

       c011bca2 c02af9e0 00000000 c02ee5a0 00000000 c02ee5c0 c02b5f94 c011bd1b
       c010ab5b c0118ed2 c0118e10 00000000 00000001 c02ee5c0 fffffffe c0118c3a

Call Trace: [<c0207034>] [<c0206f64>] [<c011bca2>] [<c011bd1b>] [<c010ab5b>]

   [<c0118ed2>] [<c0118e10>] [<c0118c3a>] [<c0108112>] [<c0105360>] [<c0105360>]
   [<c0109f08>] [<c0105360>] [<c0105360>] [<c0105383>] [<c01053e9>] [<c0105000>]
   [<c0105027>]

Code: 89 42 10 8b 12 85 d2 75 f1 c3 8b 4c 24 04 8b 41 60 8b 51 30 <0>Kernel panic: Aiee, killing interrupt handler! In interrupt handler - not syncing

ksymoops 2.4.5 on i686 2.4.18. Options used

     -V (default)
     -k /proc/ksyms (default)
     -l /proc/modules (default)
     -o /lib/modules/2.4.18/ (default)
     -m /boot/System.map-2.4.18 (specified)

its:~# Unable to handle kernel paging request at virtual address 8b8306ad c0206ede
*pde = 00000000
Oops: 0002
CPU: 0
EIP: 0010:[<c0206ede>] Not tainted Using defaults from ksymoops -t elf32-i386 -a i386 EFLAGS: 00010282
eax: c02078ac ebx: c3944220 ecx: c3944220 edx: 8b83069d esi: c02afae0 edi: 0000e329 ebp: c02af9e0 esp: c02b5f00 ds: 0018 es: 0018 ss: 0018
Process swapper (pid: 0, stackpage=c02b5000) Stack: c0207034 c3944220 c02af9e0 c0206f64 00000000 c02ee5c0 00000003 c02afa68

       c011bca2 c02af9e0 00000000 c02ee5a0 00000000 c02ee5c0 c02b5f94 c011bd1b
       c010ab5b c0118ed2 c0118e10 00000000 00000001 c02ee5c0 fffffffe c0118c3a

Call Trace: [<c0207034>] [<c0206f64>] [<c011bca2>] [<c011bd1b>] [<c010ab5b>]

   [<c0118ed2>] [<c0118e10>] [<c0118c3a>] [<c0108112>] [<c0105360>] [<c0105360>]
   [<c0109f08>] [<c0105360>] [<c0105360>] [<c0105383>] [<c01053e9>] [<c0105000>]
   [<c0105027>]

Code: 89 42 10 8b 12 85 d2 75 f1 c3 8b 4c 24 04 8b 41 60 8b 51 30

>>EIP; c0206ede <neigh_suspect+1a/24> <=====

>>eax; c02078ac <neigh_resolve_output+0/18c>
>>ebx; c3944220 <_end+3628bc4/44f09a4>
>>ecx; c3944220 <_end+3628bc4/44f09a4>
>>edx; 8b83069d Before first symbol
>>esi; c02afae0 <arp_tbl+100/1b8>
>>edi; 0000e329 Before first symbol
>>ebp; c02af9e0 <arp_tbl+0/1b8>
>>esp; c02b5f00 <init_task_union+1f00/2000>

Trace; c0207034 <neigh_periodic_timer+d0/100>
Trace; c0206f64 <neigh_periodic_timer+0/100>
Trace; c011bca2 <timer_bh+222/25c>
Trace; c011bd1b <do_timer+3f/6c>
Trace; c010ab5b <timer_interrupt+5f/dc>
Trace; c0118ed2 <bh_action+1a/40>
Trace; c0118e10 <tasklet_hi_action+44/64>
Trace; c0118c3a <do_softirq+5a/a4>
Trace; c0108112 <do_IRQ+96/a8>
Trace; c0105360 <default_idle+0/28>
Trace; c0105360 <default_idle+0/28>
Trace; c0109f08 <call_do_IRQ+5/d>
Trace; c0105360 <default_idle+0/28>
Trace; c0105360 <default_idle+0/28>
Trace; c0105383 <default_idle+23/28>
Trace; c01053e9 <cpu_idle+41/54>
Trace; c0105000 <_stext+0/0>
Trace; c0105027 <rest_init+27/28>

Code; c0206ede <neigh_suspect+1a/24>
00000000 <_EIP>:
Code; c0206ede <neigh_suspect+1a/24> <=====

   0:   89 42 10                  mov    %eax,0x10(%edx)   <=====
Code;  c0206ee1 <neigh_suspect+1d/24>
   3:   8b 12                     mov    (%edx),%edx
Code;  c0206ee3 <neigh_suspect+1f/24>
   5:   85 d2                     test   %edx,%edx
Code;  c0206ee5 <neigh_suspect+21/24>
   7:   75 f1                     jne    fffffffa <_EIP+0xfffffffa> c0206ed8 <neigh_suspect+14/24>
Code;  c0206ee7 <neigh_suspect+23/24>
   9:   c3                        ret    
Code;  c0206ee8 <neigh_connect+0/28>
   a:   8b 4c 24 04               mov    0x4(%esp,1),%ecx
Code;  c0206eec <neigh_connect+4/28>
   e:   8b 41 60                  mov    0x60(%ecx),%eax
Code;  c0206eef <neigh_connect+7/28>
  11:   8b 51 30                  mov    0x30(%ecx),%edx

<0>Kernel panic: Aiee, killing interrupt handler!

Next message: Forrest English: "problems with a rangelan ds"
Previous message: Nayak, Ramakrishna: "RE: IEEE 802.1X EAP/TLS authentication with open source tools"
Next in thread: Jouni Malinen: "Re: WEP Problems"
Reply: Jouni Malinen: "Re: WEP Problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2.1.4.