On Tue, Mar 28, 2017 at 11:22:17PM -0500, bg2...@jamesjerkinscomputer.com wrote:
> I follow i386 stable and after applying the WPA1/WPA2 MITM fix to 6.0 (#018)
> I can no longer obtain an IP address via dhclient when WPA2 is in use. This
> happens with both PSK and enterprise modes (via wpa_supplicant). Wireless
> (iwi0) connections without encryption work fine.
>
> I tried the 03/25/17 snapshot and that does not resolve the issue.
>
> I reversed patch #018 and and built a stable kernel and that does resolve the
> issue.
>
> With the iwi debug flag enabled I see the expected rssi lines and then the 4
> handshake messages without patch #018. These messages are then followed by
> normal dhclient success.
>
> Mar 28 22:14:51 /bsd: iwi0: begin active scan
> Mar 28 22:14:51 /bsd: iwi0: received probe_resp from 00:0f:66:b0:d9:dc rssi
> 66 mode auto
> Mar 28 22:14:51 /bsd: iwi0: received beacon from 00:0f:66:b0:d9:dc rssi 60
> mode auto
> Mar 28 22:14:51 /bsd: iwi0: received probe_resp from 00:0f:66:b0:d9:dc rssi
> 63 mode auto
> Mar 28 22:14:51 /bsd: iwi0: received beacon from 2c:59:e5:f4:57:e3 rssi 44
> mode auto
> Mar 28 22:14:52 /bsd: iwi0: received probe_resp from 44:94:fc:78:a4:40 rssi
> 56 mode auto
> Mar 28 22:14:52 /bsd: iwi0: received probe_resp from 2c:59:e5:f4:57:e3 rssi
> 47 mode auto
> Mar 28 22:14:52 /bsd: iwi0: received beacon from 2c:59:e5:f4:57:e3 rssi 47
> mode auto
> Mar 28 22:14:52 /bsd: iwi0: received probe_resp from 44:94:fc:78:a4:40 rssi
> 54 mode auto
> Mar 28 22:14:52 /bsd: iwi0: received probe_resp from 7c:bf:b1:77:40:30 rssi
> 37 mode auto
> Mar 28 22:14:52 /bsd: iwi0: received probe_resp from 7c:bf:b1:77:40:30 rssi
> 38 mode auto
> Mar 28 22:14:52 /bsd: iwi0: received probe_resp from 7c:bf:b1:77:40:30 rssi
> 37 mode auto
> Mar 28 22:14:52 /bsd: iwi0: received probe_resp from 7c:bf:b1:77:40:30 rssi
> 38 mode auto
> Mar 28 22:14:52 /bsd: iwi0: end active scan
> Mar 28 22:14:52 /bsd: iwi0: received msg 1/4 of the 4-way handshake from
> 00:0f:66:b0:d9:dc
> Mar 28 22:14:52 /bsd: iwi0: sending msg 2/4 of the 4-way handshake to
> 00:0f:66:b0:d9:dc
> Mar 28 22:14:52 /bsd: iwi0: received msg 3/4 of the 4-way handshake from
> 00:0f:66:b0:d9:dc
> Mar 28 22:14:52 /bsd: iwi0: sending msg 4/4 of the 4-way handshake to
> 00:0f:66:b0:d9:dc
>
> With patch #018 applied or with 3/25 snapshot, active scanning occurs and
> ends, but no RSNA handshake happens. Therefore, dhclient does not succeed.
iwi(4) is being stupid and does not forward state changes to the
net80211 stack. It is a wonder this driver even works at all.
This diff is untested. I have a iwi(4) minipci card but will need to
make some rearrangements to plug it.
Can you please test this ASAP? The 6.1 release deadline is very close.
Index: if_iwi.c
===================================================================
RCS file: /cvs/src/sys/dev/pci/if_iwi.c,v
retrieving revision 1.135
diff -u -p -r1.135 if_iwi.c
--- if_iwi.c 8 Mar 2017 12:02:41 -0000 1.135
+++ if_iwi.c 29 Mar 2017 08:47:03 -0000
@@ -733,7 +733,8 @@ iwi_newstate(struct ieee80211com *ic, en
switch (nstate) {
case IEEE80211_S_SCAN:
iwi_scan(sc);
- break;
+ ic->ic_state = nstate;
+ return 0;
case IEEE80211_S_AUTH:
iwi_auth_and_assoc(sc);
@@ -767,8 +768,7 @@ iwi_newstate(struct ieee80211com *ic, en
break;
}
- ic->ic_state = nstate;
- return 0;
+ return sc->sc_newstate(ic, nstate, arg);
}
/*
