One more thing, setting the logging level to trace in NetworkManager causes
also problems with the connection... , but i have seen one difference in
establishing the connection using Edit a connection and Activate a
connection. The difference was in config, when i was using Edit... from nmtui
there was no auth_alg parameter. In other case it was and it was assigned to
OPEN.
BR
Piotr
________________________________
Od: Piotr Lobacz <piotr.lob...@softgent.com>
Wysłane: niedziela, 3 października 2021 00:50
Do: Alan Tu <8li...@gmail.com>
DW: networkmanager-list@gnome.org <networkmanager-list@gnome.org>
Temat: ODP: Ampak AP6356S with WPA3
Hi Alan,
thx for quick reply. In fact i have made some few more tests and it occurs that
there is something wrong with auth_type detection. When i'm adding the
connection manualy in nmtui and setting the Security parameter to WPA3 Personal
for AP with only WPA3 support the connection is being established with no
problem. Problem occurs when i'm trying to establish connection chosing the AP
from the list in nmtui. Now i don't know if AP possible auth types are being
being detected by NM, driver or wpa_supplicant. But this is the appropriate
problem of this issue - authentication type detection is broken... If someone
could point me on the right direction together we could solve the issue.
BR
Piotr Łobacz
________________________________
Od: Alan Tu <8li...@gmail.com>
Wysłane: niedziela, 3 października 2021 00:05
Do: Piotr Lobacz <piotr.lob...@softgent.com>
DW: networkmanager-list@gnome.org <networkmanager-list@gnome.org>
Temat: Re: Ampak AP6356S with WPA3
Piotr, I don't have experience with your specific problem, but I had a tricky
NM and wpasupplicant issue. I had to turn on debug and logging for both. This
is how I did it on my Debian system, instructions will have to be adapted to
other distributions but this could provide a guide to you.
This is how to turn on full logging for NetworkManager and wpa_supplicant, at
least under current versions of Debian.
(a) Set the logging level to trace in NetworkManager. Add this stanza to
/etc/NetworkManager/NetworkManager.conf:
[logging]
level=trace
(b) Turn on debug level logging in wpa_supplicant. Edit
/lib/systemd/system/wpa_supplicant.service:
Edit the command line in the ExecStart option to add -ddd as an argument.
(c) Tell journald not to filter messages. Edit /etc/systemd/journald.conf:
Set RateLimitBurst=0
Restart everything for the nm, wpasupplicant and journald changes to take
affect.
After collecting the logs for analysis, revert all these changes for normal
operation.
Sent from my iPhone
On Oct 2, 2021, at 12:44, Piotr Lobacz <piotr.lob...@softgent.com> wrote:
Ok i have sucessfully found, why this problem occurs. When you look at these
two log files you will find that when DEAUTH_LEAVING error occurs on
wpa_supplicant with NM case, because of wrong AUTH_TYPE being set. For SAE it
should be set to value 4, just like it is in
wpa_supplicant-2.9/src/drivers/nl80211_copy.h enum nl80211_auth_type as
NL80211_AUTHTYPE_SAE, but for some reason it is NL80211_AUTHTYPE_OPEN_SYSTEM
and because of this i am unable to establish a connection.
I think that something is wrong in NM, but currently i don't know even where to
look....
BR
Piotr Łobacz
________________________________
Od: Piotr Lobacz
Wysłane: sobota, 2 października 2021 03:48
Do: networkmanager-list@gnome.org <networkmanager-list@gnome.org>
Temat: Ampak AP6356S with WPA3
Hi all,
I am using firefly-rk3399 board with Ampak AP6356S wifi chip. The kernel is
mainline 5.4.18 release with patches from cypress/infineon for wpa3 feature.
I'm running on buildroot 2018.08 mainline release with systemd-249.1,
wpa-supplicant-2.9 and network-manager-1.32.2. The problem i have observed
using NM is that if i have mi AP set to WPA2/WPA3 the connection is being
established by default using WPA2 not WPA3 encryption scheme. If add by myself
a WPA3 connection to given ssid it doesn't connect, just keep asking me for
network password. Connection to network with WPA3 works after first connection
with the usage of WPA2. Than i can even modify my AP to be only WPA3 and
connection is being established.
If i try to establish the connection straightforward to WPA3 i'm getting a
request to deauthenticate which looks like this:
....
Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: nl80211: Connect request
send successfully
Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: wlan0: Setting
authentication timeout: 10 sec 0 usec
Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: EAPOL: External
notification - EAP success=0
Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: EAPOL: External
notification - EAP fail=0
Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: EAPOL: External
notification - portControl=Auto
Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus:
flush_object_timeout_handler: Timeout - sending changed properties of object
/fi/w1/wpa_supplicant1/Interfaces/0
Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus:
flush_object_timeout_handler: Timeout - sending changed properties of object
/fi/w1/wpa_supplicant1/Interfaces/0/BSSs/0
Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus:
flush_object_timeout_handler: Timeout - sending changed properties of object
/fi/w1/wpa_supplicant1/Interfaces/0/BSSs/1
Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus:
flush_object_timeout_handler: Timeout - sending changed properties of object
/fi/w1/wpa_supplicant1/Interfaces/0/BSSs/7
Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus:
flush_object_timeout_handler: Timeout - sending changed properties of object
/fi/w1/wpa_supplicant1/Interfaces/0/BSSs/2
Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus:
flush_object_timeout_handler: Timeout - sending changed properties of object
/fi/w1/wpa_supplicant1/Interfaces/0/BSSs/3
Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus:
flush_object_timeout_handler: Timeout - sending changed properties of object
/fi/w1/wpa_supplicant1/Interfaces/0/BSSs/8
Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus:
flush_object_timeout_handler: Timeout - sending changed properties of object
/fi/w1/wpa_supplicant1/Interfaces/0/BSSs/4
Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: dbus:
fi.w1.wpa_supplicant1.Interface.Disconnect
(/fi/w1/wpa_supplicant1/Interfaces/0) []
Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: wlan0: Cancelling scan
request
Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: wlan0: Request to
deauthenticate - bssid=00:00:00:00:00:00 pending_bssid=c0:c9:e3:3b:64:e2
reason=3 (DEAUTH_LEAVING) state=ASSOCIATING
Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]:
wpa_driver_nl80211_disconnect(reason_code=3)
Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: nl80211: Ignored event 127
(NL80211_CMD_EXTERNAL_AUTH) for foreign interface (ifindex 3 wdev 0x0)
Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: nl80211: Drv Event 127
(NL80211_CMD_EXTERNAL_AUTH) received for wlan0
Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: wlan0: nl80211: Ignored
unknown event (cmd=127)
Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: wlan0: Event DEAUTH (11)
received
Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: wlan0: Deauthentication
notification
Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: wlan0: * reason 3
(DEAUTH_LEAVING) locally_generated=1
Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: Deauthentication frame
IE(s) - hexdump(len=0): [NULL]
Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: wlan0:
CTRL-EVENT-DISCONNECTED bssid=c0:c9:e3:3b:64:e2 reason=3 locally_generated=1
...
Btw. if i'm using wpa_supplicant without the usage of NM and systemd just
simply by making my wpa_supplicant.conf file:
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
eapol_version=1
ap_scan=1
fast_reauth=1
country=PL
pmf=1
network={
ssid="OpenWrt"
proto=RSN
key_mgmt=SAE
sae_password="12345678"
}
and running it by command:
wpa_supplicant -c wpa_supplicant.conf -dd -i wlan0 &
I can see that connection is being established without any issue what you can
see in the attached file wpa_supplicant-without-nm-logfile.txt. I'm also
attaching a logfile from wpa_supplicant if connection is being performed with
NM - wpa_supplicant-with-nm-logfile.txt. The difference between these two files
is after EAPOL: External notification - portControl=Auto call. With the usage
of NM a dbus flush_object_timeout_handler with Timeout is being called which i
suspect breakes the authentication and DEAUTH_LEAVING is returned.
Now the question is, what what can cause this situation?
BR
Piotr Łobacz
[https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png]<https://www.softgent.com>
Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND
KRS: 0000674406, NIP: 9581679801, REGON: 367090912
www.softgent.com<https://www.softgent.com>
Sąd Rejonowy Gdańsk-Północ w Gdańsku, VII Wydział Gospodarczy Krajowego
Rejestru Sądowego
KRS 0000674406, Kapitał zakładowy: 25 000,00 zł wpłacony w całości.
Jesteśmy uczestnikiem Programu
RZETELNA Firma
Sprawdź naszą rzetelność na
https://www.rzetelnafirma.pl/F5IA32UW
_______________________________________________
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list
_______________________________________________
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list
