ODP: ODP: ODP: ODP: ODP: Ampak AP6356S with WPA3
Hi Beniamino, you were right. I'm getting: capa.key_mgmt: 0f6f, (sae: 0) Which is strange because i'm having sae support in the driver. Maybe there is some missing piece of code in wpa_supplicant? BR Piotr Od: Beniamino Galvani Wysłane: czwartek, 7 października 2021 07:21 Do: Piotr Lobacz DW: Alan Tu <8li...@gmail.com>; networkmanager-list@gnome.org Temat: Re: ODP: ODP: ODP: ODP: Ampak AP6356S with WPA3 [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png]<https://www.softgent.com> Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 674406, NIP: 9581679801, REGON: 367090912 www.softgent.com<https://www.softgent.com> Sąd Rejonowy Gdańsk-Północ w Gdańsku, VII Wydział Gospodarczy Krajowego Rejestru Sądowego KRS 674406, Kapitał zakładowy: 25 000,00 zł wpłacony w całości. Jesteśmy uczestnikiem Programu RZETELNA Firma Sprawdź naszą rzetelność na https://www.rzetelnafirma.pl/F5IA32UW ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: ODP: ODP: ODP: ODP: Ampak AP6356S with WPA3
On Mon, Oct 04, 2021 at 09:36:29PM +, Piotr Lobacz wrote: > Hi Beniamino, > i have added printf's in this patched file for wpa_supplicant like that: > > --- a/wpa_supplicant/dbus/dbus_new_handlers.c 2021-10-04 22:50:45.114545070 > +0200 > +++ b/wpa_supplicant/dbus/dbus_new_handlers.c 2021-10-04 22:54:14.478466782 > +0200 > @@ -2790,10 +2790,18 @@ > goto nomem; > #endif /* CONFIG_WPS */ > > + printf("before if capa.key_mgmt SAE !!!\n"); > #ifdef CONFIG_SAE > if ((capa.key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_SAE) && > !wpa_dbus_dict_string_array_add_element(_array, "sae")) > + { > + printf("got into if statement !\n"); > goto nomem; > + } > + else > + { > + printf("got into else statement !!!\n"); > + } > #endif /* CONFIG_SAE */ > > if (!wpa_dbus_dict_end_string_array(_dict, Hi, probably capa.key_mgmt doesn't contain WPA_DRIVER_CAPA_KEY_MGMT_SAE. It's probably shown somewhere in supplicant logs, but to be sure can you please check with: --- a/wpa_supplicant/dbus/dbus_new_handlers.c +++ b/wpa_supplicant/dbus/dbus_new_handlers.c @@ -2880,6 +2880,8 @@ dbus_bool_t wpas_dbus_getter_capabilities( #endif /* CONFIG_WPS */ #ifdef CONFIG_SAE + printf("capa.key_mgmt: %08x, (sae: %d)\n", capa.key_mgmt, + !!(capa.key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_SAE)); if ((capa.key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_SAE) && !wpa_dbus_dict_string_array_add_element(_array, "sae")) goto nomem; Beniamino signature.asc Description: PGP signature ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
ODP: ODP: ODP: ODP: Ampak AP6356S with WPA3
Hi Beniamino, i have added printf's in this patched file for wpa_supplicant like that: --- a/wpa_supplicant/dbus/dbus_new_handlers.c 2021-10-04 22:50:45.114545070 +0200 +++ b/wpa_supplicant/dbus/dbus_new_handlers.c 2021-10-04 22:54:14.478466782 +0200 @@ -2790,10 +2790,18 @@ goto nomem; #endif /* CONFIG_WPS */ + printf("before if capa.key_mgmt SAE !!!\n"); #ifdef CONFIG_SAE if ((capa.key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_SAE) && !wpa_dbus_dict_string_array_add_element(_array, "sae")) + { + printf("got into if statement !\n"); goto nomem; + } + else + { + printf("got into else statement !!!\n"); + } #endif /* CONFIG_SAE */ if (!wpa_dbus_dict_end_string_array(_dict, and in journal i see: Jul 20 12:44:33 firefly-rk3399 systemd[1]: Started WPA supplicant. Jul 20 12:45:34 firefly-rk3399 wpa_supplicant[271]: before if capa.key_mgmt SAE !!! Jul 20 12:45:34 firefly-rk3399 wpa_supplicant[271]: got into else statement !!! Jul 20 12:45:34 firefly-rk3399 wpa_supplicant[271]: before if capa.key_mgmt SAE !!! Jul 20 12:45:34 firefly-rk3399 wpa_supplicant[271]: got into else statement !!! Jul 20 12:45:37 firefly-rk3399 wpa_supplicant[271]: before if capa.key_mgmt SAE !!! Jul 20 12:45:37 firefly-rk3399 wpa_supplicant[271]: got into else statement !!! Jul 20 12:45:37 firefly-rk3399 wpa_supplicant[271]: before if capa.key_mgmt SAE !!! Jul 20 12:45:37 firefly-rk3399 wpa_supplicant[271]: got into else statement !!! Which i suspect is good because i'm not going into the nomem error. Still this just doesn't explain why i am not having SAE support in NM capabilities. BR Piotr Od: Piotr Lobacz Wysłane: poniedziałek, 4 października 2021 15:00 Do: Beniamino Galvani DW: Alan Tu <8li...@gmail.com>; networkmanager-list@gnome.org Temat: ODP: ODP: ODP: ODP: Ampak AP6356S with WPA3 Ok, i have verified it and still no luck, it is still giving me back the array i have pasted before... BR Piotr Od: Piotr Lobacz Wysłane: poniedziałek, 4 października 2021 14:08 Do: Beniamino Galvani DW: Alan Tu <8li...@gmail.com>; networkmanager-list@gnome.org Temat: ODP: ODP: ODP: ODP: Ampak AP6356S with WPA3 Hi Again, My fault i have pasted it wrongly i'm sorry that i do not try few more times and i'm writting to all of you at once... Ok the array does not have sae; "KeyMgmt" : { "type" : "as", "data" : [ "none", "ieee8021x", "wpa-eap", "wpa-ft-eap", "wpa-eap-sha256", "wpa-psk", "wpa-ft-psk", "wpa-psk-sha256", "wps" ] }, I need to check than this patch again. BR Piotr ________________ Od: Piotr Lobacz Wysłane: poniedziałek, 4 października 2021 13:46 Do: Beniamino Galvani DW: Alan Tu <8li...@gmail.com>; networkmanager-list@gnome.org Temat: ODP: ODP: ODP: ODP: Ampak AP6356S with WPA3 Hi Beniamino, first i'd like to apologize for misrepresenting your name, second how to determine the actual index in /1 and third i have copied the command you gave me and i get an error: Too few arguments. BR Piotr ____________________ Od: Beniamino Galvani Wysłane: poniedziałek, 4 października 2021 10:51 Do: Piotr Lobacz DW: Alan Tu <8li...@gmail.com>; networkmanager-list@gnome.org Temat: Re: ODP: ODP: ODP: Ampak AP6356S with WPA3 [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png]<https://www.softgent.com> Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 674406, NIP: 9581679801, REGON: 367090912 www.softgent.com<https://www.softgent.com> Sąd Rejonowy Gdańsk-Północ w Gdańsku, VII Wydział Gospodarczy Krajowego Rejestru Sądowego KRS 674406, Kapitał zakładowy: 25 000,00 zł wpłacony w całości. Jesteśmy uczestnikiem Programu RZETELNA Firma Sprawdź naszą rzetelność na https://www.rzetelnafirma.pl/F5IA32UW ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
ODP: ODP: ODP: ODP: Ampak AP6356S with WPA3
Ok, i have verified it and still no luck, it is still giving me back the array i have pasted before... BR Piotr Od: Piotr Lobacz Wysłane: poniedziałek, 4 października 2021 14:08 Do: Beniamino Galvani DW: Alan Tu <8li...@gmail.com>; networkmanager-list@gnome.org Temat: ODP: ODP: ODP: ODP: Ampak AP6356S with WPA3 Hi Again, My fault i have pasted it wrongly i'm sorry that i do not try few more times and i'm writting to all of you at once... Ok the array does not have sae; "KeyMgmt" : { "type" : "as", "data" : [ "none", "ieee8021x", "wpa-eap", "wpa-ft-eap", "wpa-eap-sha256", "wpa-psk", "wpa-ft-psk", "wpa-psk-sha256", "wps" ] }, I need to check than this patch again. BR Piotr Od: Piotr Lobacz Wysłane: poniedziałek, 4 października 2021 13:46 Do: Beniamino Galvani DW: Alan Tu <8li...@gmail.com>; networkmanager-list@gnome.org Temat: ODP: ODP: ODP: ODP: Ampak AP6356S with WPA3 Hi Beniamino, first i'd like to apologize for misrepresenting your name, second how to determine the actual index in /1 and third i have copied the command you gave me and i get an error: Too few arguments. BR Piotr Od: Beniamino Galvani Wysłane: poniedziałek, 4 października 2021 10:51 Do: Piotr Lobacz DW: Alan Tu <8li...@gmail.com>; networkmanager-list@gnome.org Temat: Re: ODP: ODP: ODP: Ampak AP6356S with WPA3 [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png]<https://www.softgent.com> Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 674406, NIP: 9581679801, REGON: 367090912 www.softgent.com<https://www.softgent.com> Sąd Rejonowy Gdańsk-Północ w Gdańsku, VII Wydział Gospodarczy Krajowego Rejestru Sądowego KRS 674406, Kapitał zakładowy: 25 000,00 zł wpłacony w całości. Jesteśmy uczestnikiem Programu RZETELNA Firma Sprawdź naszą rzetelność na https://www.rzetelnafirma.pl/F5IA32UW ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
ODP: ODP: ODP: ODP: Ampak AP6356S with WPA3
Hi Again, My fault i have pasted it wrongly i'm sorry that i do not try few more times and i'm writting to all of you at once... Ok the array does not have sae; "KeyMgmt" : { "type" : "as", "data" : [ "none", "ieee8021x", "wpa-eap", "wpa-ft-eap", "wpa-eap-sha256", "wpa-psk", "wpa-ft-psk", "wpa-psk-sha256", "wps" ] }, I need to check than this patch again. BR Piotr Od: Piotr Lobacz Wysłane: poniedziałek, 4 października 2021 13:46 Do: Beniamino Galvani DW: Alan Tu <8li...@gmail.com>; networkmanager-list@gnome.org Temat: ODP: ODP: ODP: ODP: Ampak AP6356S with WPA3 Hi Beniamino, first i'd like to apologize for misrepresenting your name, second how to determine the actual index in /1 and third i have copied the command you gave me and i get an error: Too few arguments. BR Piotr Od: Beniamino Galvani Wysłane: poniedziałek, 4 października 2021 10:51 Do: Piotr Lobacz DW: Alan Tu <8li...@gmail.com>; networkmanager-list@gnome.org Temat: Re: ODP: ODP: ODP: Ampak AP6356S with WPA3 [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png]<https://www.softgent.com> Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 674406, NIP: 9581679801, REGON: 367090912 www.softgent.com<https://www.softgent.com> Sąd Rejonowy Gdańsk-Północ w Gdańsku, VII Wydział Gospodarczy Krajowego Rejestru Sądowego KRS 674406, Kapitał zakładowy: 25 000,00 zł wpłacony w całości. Jesteśmy uczestnikiem Programu RZETELNA Firma Sprawdź naszą rzetelność na https://www.rzetelnafirma.pl/F5IA32UW ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
ODP: ODP: ODP: ODP: Ampak AP6356S with WPA3
Hi Beniamino, first i'd like to apologize for misrepresenting your name, second how to determine the actual index in /1 and third i have copied the command you gave me and i get an error: Too few arguments. BR Piotr Od: Beniamino Galvani Wysłane: poniedziałek, 4 października 2021 10:51 Do: Piotr Lobacz DW: Alan Tu <8li...@gmail.com>; networkmanager-list@gnome.org Temat: Re: ODP: ODP: ODP: Ampak AP6356S with WPA3 [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png]<https://www.softgent.com> Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 674406, NIP: 9581679801, REGON: 367090912 www.softgent.com<https://www.softgent.com> Sąd Rejonowy Gdańsk-Północ w Gdańsku, VII Wydział Gospodarczy Krajowego Rejestru Sądowego KRS 674406, Kapitał zakładowy: 25 000,00 zł wpłacony w całości. Jesteśmy uczestnikiem Programu RZETELNA Firma Sprawdź naszą rzetelność na https://www.rzetelnafirma.pl/F5IA32UW ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: ODP: ODP: ODP: Ampak AP6356S with WPA3
On Mon, Oct 04, 2021 at 08:44:43AM +, Piotr Lobacz wrote: > Hi Benjamino, > after adding patch to wpa_supplicant, unfortunatelly i'm still getting: > > Config: added 'key_mgmt' value 'WPA-PSK WPA-PSK-SHA256 FT-PSK' > > on Hotspot creation. Hi, what's the output of this command? busctl -j get-property fi.w1.wpa_supplicant1 /fi/w1/wpa_supplicant1/Interfaces/1 fi.w1.wpa_supplicant1.Interface Capabilities (replace /1 with the actual index on D-Bus of the interface, if necessary). You should see "sae" in the "KeyMgmt" array. If not, either the patch is not working or the driver is not properly exporting the capability. Beniamino signature.asc Description: PGP signature ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
ODP: ODP: ODP: Ampak AP6356S with WPA3
Hi Benjamino, after adding patch to wpa_supplicant, unfortunatelly i'm still getting: Config: added 'key_mgmt' value 'WPA-PSK WPA-PSK-SHA256 FT-PSK' on Hotspot creation. BR Piotr Łobacz Od: Beniamino Galvani Wysłane: poniedziałek, 4 października 2021 09:38 Do: Piotr Lobacz DW: Alan Tu <8li...@gmail.com>; networkmanager-list@gnome.org Temat: Re: ODP: ODP: Ampak AP6356S with WPA3 [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png]<https://www.softgent.com> Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 674406, NIP: 9581679801, REGON: 367090912 www.softgent.com<https://www.softgent.com> Sąd Rejonowy Gdańsk-Północ w Gdańsku, VII Wydział Gospodarczy Krajowego Rejestru Sądowego KRS 674406, Kapitał zakładowy: 25 000,00 zł wpłacony w całości. Jesteśmy uczestnikiem Programu RZETELNA Firma Sprawdź naszą rzetelność na https://www.rzetelnafirma.pl/F5IA32UW ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: ODP: ODP: Ampak AP6356S with WPA3
On Sun, Oct 03, 2021 at 10:04:24PM +, Piotr Lobacz wrote: > Hi again Beniamino, > this problem also exsists on Hotspot... and I'm afraid that it hasn't been > solved in there yet... If hotspot is being created like this: > > nmcli dev wifi hotspot ifname wlan0_ap ssid test password "test1234" > > the default security is set to WPA2 and if i switch it to WPA3 then my client > device is being rejected because of: > > ieee80211 phy0: brcmf_cfg80211_external_auth: External authentication failed: > status=1 > > I'm pretty sure that this is the same error as previous one. Hi Piotr, since [1], NetworkManager also enables WPA3 (SAE) when the connection is configured with key_mgmt=wpa-psk (both in STA and AP mode). When adding SAE to the key_mgmt list, NM needs first to know if wpa_supplicant supports it, otherwise wpa_supplicant would fail to start. NM looks at the "Capabilities" D-Bus property of the Interface object to detect SAE support [2]. wpa_supplicant started to export the value in [3], which is not in the 2.9 release. I think what's happening is that NM passes a configuration to wpa_supplicant without SAE because the supplicant doesn't export the capability. Can you please try with that wpa_supplicant commit? With the commit applied you should see in NM logs something similar to: Config: added 'key_mgmt' value 'WPA-PSK WPA-PSK-SHA256 FT-PSK SAE FT-SAE' ^^ Beniamino [1] https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/f5d78c2d289c9e4a4c247d2520c7c3e2baf537c8 [2] https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/f7f4db156ffdd0792dbfcddde3ba60a7ee561dcc [3] https://w1.fi/cgit/hostap/commit/?id=7a9c36722511ce4df88b76cceceb241d6c6a151e signature.asc Description: PGP signature ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
ODP: ODP: Ampak AP6356S with WPA3
Hi again Beniamino, this problem also exsists on Hotspot... and I'm afraid that it hasn't been solved in there yet... If hotspot is being created like this: nmcli dev wifi hotspot ifname wlan0_ap ssid test password "test1234" the default security is set to WPA2 and if i switch it to WPA3 then my client device is being rejected because of: ieee80211 phy0: brcmf_cfg80211_external_auth: External authentication failed: status=1 I'm pretty sure that this is the same error as previous one. BR Piotr Łobacz Od: Piotr Lobacz Wysłane: niedziela, 3 października 2021 17:15 Do: Beniamino Galvani DW: Alan Tu <8li...@gmail.com>; networkmanager-list@gnome.org Temat: ODP: ODP: Ampak AP6356S with WPA3 Hi Beniamino again, i have found out that there is new release branch 1.33 so switched to 1.33.3. I confirm that all is working now correctly:] Big thanks for help in solving the issue. BR Piotr Od: Piotr Lobacz Wysłane: niedziela, 3 października 2021 16:39 Do: Beniamino Galvani DW: Alan Tu <8li...@gmail.com>; networkmanager-list@gnome.org Temat: ODP: ODP: Ampak AP6356S with WPA3 Hi Beniamino, i have switched from 1.32.2 to 1.32.12 and still got this issue. Could you point in which version it has been fixed? BR Piotr Od: Beniamino Galvani Wysłano: Niedziela, 03 Październik 2021 13:09 Do: Piotr Lobacz DW: Alan Tu; networkmanager-list@gnome.org Temat: Re: ODP: Ampak AP6356S with WPA3 On Sat, Oct 02, 2021 at 11:20:19PM +, Piotr Lobacz wrote: > One more thing, setting the logging level to trace in NetworkManager causes > also problems with the connection... , but i have seen one difference in > establishing the connection using Edit a connection and Activate a > connection. The difference was in config, when i was using Edit... from > nmtui there was no auth_alg parameter. In other case it was and it was > assigned to OPEN. Hi, this problem should be fixed by commit https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/109d561bed8341b36111e527185513dafd856c0d Beniamino [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png]<https://www.softgent.com> Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 674406, NIP: 9581679801, REGON: 367090912 www.softgent.com<https://www.softgent.com> Sąd Rejonowy Gdańsk-Północ w Gdańsku, VII Wydział Gospodarczy Krajowego Rejestru Sądowego KRS 674406, Kapitał zakładowy: 25 000,00 zł wpłacony w całości. Jesteśmy uczestnikiem Programu RZETELNA Firma Sprawdź naszą rzetelność na https://www.rzetelnafirma.pl/F5IA32UW ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
ODP: ODP: Ampak AP6356S with WPA3
Hi Beniamino again, i have found out that there is new release branch 1.33 so switched to 1.33.3. I confirm that all is working now correctly:] Big thanks for help in solving the issue. BR Piotr Od: Piotr Lobacz Wysłane: niedziela, 3 października 2021 16:39 Do: Beniamino Galvani DW: Alan Tu <8li...@gmail.com>; networkmanager-list@gnome.org Temat: ODP: ODP: Ampak AP6356S with WPA3 Hi Beniamino, i have switched from 1.32.2 to 1.32.12 and still got this issue. Could you point in which version it has been fixed? BR Piotr Od: Beniamino Galvani Wysłano: Niedziela, 03 Październik 2021 13:09 Do: Piotr Lobacz DW: Alan Tu; networkmanager-list@gnome.org Temat: Re: ODP: Ampak AP6356S with WPA3 On Sat, Oct 02, 2021 at 11:20:19PM +, Piotr Lobacz wrote: > One more thing, setting the logging level to trace in NetworkManager causes > also problems with the connection... , but i have seen one difference in > establishing the connection using Edit a connection and Activate a > connection. The difference was in config, when i was using Edit... from > nmtui there was no auth_alg parameter. In other case it was and it was > assigned to OPEN. Hi, this problem should be fixed by commit https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/109d561bed8341b36111e527185513dafd856c0d Beniamino [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png]<https://www.softgent.com> Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 674406, NIP: 9581679801, REGON: 367090912 www.softgent.com<https://www.softgent.com> Sąd Rejonowy Gdańsk-Północ w Gdańsku, VII Wydział Gospodarczy Krajowego Rejestru Sądowego KRS 674406, Kapitał zakładowy: 25 000,00 zł wpłacony w całości. Jesteśmy uczestnikiem Programu RZETELNA Firma Sprawdź naszą rzetelność na https://www.rzetelnafirma.pl/F5IA32UW ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
ODP: ODP: Ampak AP6356S with WPA3
Hi Beniamino, i have switched from 1.32.2 to 1.32.12 and still got this issue. Could you point in which version it has been fixed? BR Piotr Od: Beniamino Galvani Wysłano: Niedziela, 03 Październik 2021 13:09 Do: Piotr Lobacz DW: Alan Tu; networkmanager-list@gnome.org Temat: Re: ODP: Ampak AP6356S with WPA3 On Sat, Oct 02, 2021 at 11:20:19PM +, Piotr Lobacz wrote: > One more thing, setting the logging level to trace in NetworkManager causes > also problems with the connection... , but i have seen one difference in > establishing the connection using Edit a connection and Activate a > connection. The difference was in config, when i was using Edit... from > nmtui there was no auth_alg parameter. In other case it was and it was > assigned to OPEN. Hi, this problem should be fixed by commit https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/109d561bed8341b36111e527185513dafd856c0d Beniamino [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png]<https://www.softgent.com> Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 674406, NIP: 9581679801, REGON: 367090912 www.softgent.com<https://www.softgent.com> Sąd Rejonowy Gdańsk-Północ w Gdańsku, VII Wydział Gospodarczy Krajowego Rejestru Sądowego KRS 674406, Kapitał zakładowy: 25 000,00 zł wpłacony w całości. Jesteśmy uczestnikiem Programu RZETELNA Firma Sprawdź naszą rzetelność na https://www.rzetelnafirma.pl/F5IA32UW ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: ODP: Ampak AP6356S with WPA3
On Sat, Oct 02, 2021 at 11:20:19PM +, Piotr Lobacz wrote: > One more thing, setting the logging level to trace in NetworkManager causes > also problems with the connection... , but i have seen one difference in > establishing the connection using Edit a connection and Activate a > connection. The difference was in config, when i was using Edit... from > nmtui there was no auth_alg parameter. In other case it was and it was > assigned to OPEN. Hi, this problem should be fixed by commit https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/109d561bed8341b36111e527185513dafd856c0d Beniamino signature.asc Description: PGP signature ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
ODP: Ampak AP6356S with WPA3
One more thing, setting the logging level to trace in NetworkManager causes also problems with the connection... , but i have seen one difference in establishing the connection using Edit a connection and Activate a connection. The difference was in config, when i was using Edit... from nmtui there was no auth_alg parameter. In other case it was and it was assigned to OPEN. BR Piotr Od: Piotr Lobacz Wysłane: niedziela, 3 października 2021 00:50 Do: Alan Tu <8li...@gmail.com> DW: networkmanager-list@gnome.org Temat: ODP: Ampak AP6356S with WPA3 Hi Alan, thx for quick reply. In fact i have made some few more tests and it occurs that there is something wrong with auth_type detection. When i'm adding the connection manualy in nmtui and setting the Security parameter to WPA3 Personal for AP with only WPA3 support the connection is being established with no problem. Problem occurs when i'm trying to establish connection chosing the AP from the list in nmtui. Now i don't know if AP possible auth types are being being detected by NM, driver or wpa_supplicant. But this is the appropriate problem of this issue - authentication type detection is broken... If someone could point me on the right direction together we could solve the issue. BR Piotr Łobacz Od: Alan Tu <8li...@gmail.com> Wysłane: niedziela, 3 października 2021 00:05 Do: Piotr Lobacz DW: networkmanager-list@gnome.org Temat: Re: Ampak AP6356S with WPA3 Piotr, I don't have experience with your specific problem, but I had a tricky NM and wpasupplicant issue. I had to turn on debug and logging for both. This is how I did it on my Debian system, instructions will have to be adapted to other distributions but this could provide a guide to you. This is how to turn on full logging for NetworkManager and wpa_supplicant, at least under current versions of Debian. (a) Set the logging level to trace in NetworkManager. Add this stanza to /etc/NetworkManager/NetworkManager.conf: [logging] level=trace (b) Turn on debug level logging in wpa_supplicant. Edit /lib/systemd/system/wpa_supplicant.service: Edit the command line in the ExecStart option to add -ddd as an argument. (c) Tell journald not to filter messages. Edit /etc/systemd/journald.conf: Set RateLimitBurst=0 Restart everything for the nm, wpasupplicant and journald changes to take affect. After collecting the logs for analysis, revert all these changes for normal operation. Sent from my iPhone On Oct 2, 2021, at 12:44, Piotr Lobacz wrote: Ok i have sucessfully found, why this problem occurs. When you look at these two log files you will find that when DEAUTH_LEAVING error occurs on wpa_supplicant with NM case, because of wrong AUTH_TYPE being set. For SAE it should be set to value 4, just like it is in wpa_supplicant-2.9/src/drivers/nl80211_copy.h enum nl80211_auth_type as NL80211_AUTHTYPE_SAE, but for some reason it is NL80211_AUTHTYPE_OPEN_SYSTEM and because of this i am unable to establish a connection. I think that something is wrong in NM, but currently i don't know even where to look BR Piotr Łobacz Od: Piotr Lobacz Wysłane: sobota, 2 października 2021 03:48 Do: networkmanager-list@gnome.org Temat: Ampak AP6356S with WPA3 Hi all, I am using firefly-rk3399 board with Ampak AP6356S wifi chip. The kernel is mainline 5.4.18 release with patches from cypress/infineon for wpa3 feature. I'm running on buildroot 2018.08 mainline release with systemd-249.1, wpa-supplicant-2.9 and network-manager-1.32.2. The problem i have observed using NM is that if i have mi AP set to WPA2/WPA3 the connection is being established by default using WPA2 not WPA3 encryption scheme. If add by myself a WPA3 connection to given ssid it doesn't connect, just keep asking me for network password. Connection to network with WPA3 works after first connection with the usage of WPA2. Than i can even modify my AP to be only WPA3 and connection is being established. If i try to establish the connection straightforward to WPA3 i'm getting a request to deauthenticate which looks like this: Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: nl80211: Connect request send successfully Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: wlan0: Setting authentication timeout: 10 sec 0 usec Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: EAPOL: External notification - EAP success=0 Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: EAPOL: External notification - EAP fail=0 Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: EAPOL: External notification - portControl=Auto Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0 Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus: flush_object_timeout_handler: Timeout - sending change
ODP: Ampak AP6356S with WPA3
Hi Alan, thx for quick reply. In fact i have made some few more tests and it occurs that there is something wrong with auth_type detection. When i'm adding the connection manualy in nmtui and setting the Security parameter to WPA3 Personal for AP with only WPA3 support the connection is being established with no problem. Problem occurs when i'm trying to establish connection chosing the AP from the list in nmtui. Now i don't know if AP possible auth types are being being detected by NM, driver or wpa_supplicant. But this is the appropriate problem of this issue - authentication type detection is broken... If someone could point me on the right direction together we could solve the issue. BR Piotr Łobacz Od: Alan Tu <8li...@gmail.com> Wysłane: niedziela, 3 października 2021 00:05 Do: Piotr Lobacz DW: networkmanager-list@gnome.org Temat: Re: Ampak AP6356S with WPA3 Piotr, I don't have experience with your specific problem, but I had a tricky NM and wpasupplicant issue. I had to turn on debug and logging for both. This is how I did it on my Debian system, instructions will have to be adapted to other distributions but this could provide a guide to you. This is how to turn on full logging for NetworkManager and wpa_supplicant, at least under current versions of Debian. (a) Set the logging level to trace in NetworkManager. Add this stanza to /etc/NetworkManager/NetworkManager.conf: [logging] level=trace (b) Turn on debug level logging in wpa_supplicant. Edit /lib/systemd/system/wpa_supplicant.service: Edit the command line in the ExecStart option to add -ddd as an argument. (c) Tell journald not to filter messages. Edit /etc/systemd/journald.conf: Set RateLimitBurst=0 Restart everything for the nm, wpasupplicant and journald changes to take affect. After collecting the logs for analysis, revert all these changes for normal operation. Sent from my iPhone On Oct 2, 2021, at 12:44, Piotr Lobacz wrote: Ok i have sucessfully found, why this problem occurs. When you look at these two log files you will find that when DEAUTH_LEAVING error occurs on wpa_supplicant with NM case, because of wrong AUTH_TYPE being set. For SAE it should be set to value 4, just like it is in wpa_supplicant-2.9/src/drivers/nl80211_copy.h enum nl80211_auth_type as NL80211_AUTHTYPE_SAE, but for some reason it is NL80211_AUTHTYPE_OPEN_SYSTEM and because of this i am unable to establish a connection. I think that something is wrong in NM, but currently i don't know even where to look BR Piotr Łobacz Od: Piotr Lobacz Wysłane: sobota, 2 października 2021 03:48 Do: networkmanager-list@gnome.org Temat: Ampak AP6356S with WPA3 Hi all, I am using firefly-rk3399 board with Ampak AP6356S wifi chip. The kernel is mainline 5.4.18 release with patches from cypress/infineon for wpa3 feature. I'm running on buildroot 2018.08 mainline release with systemd-249.1, wpa-supplicant-2.9 and network-manager-1.32.2. The problem i have observed using NM is that if i have mi AP set to WPA2/WPA3 the connection is being established by default using WPA2 not WPA3 encryption scheme. If add by myself a WPA3 connection to given ssid it doesn't connect, just keep asking me for network password. Connection to network with WPA3 works after first connection with the usage of WPA2. Than i can even modify my AP to be only WPA3 and connection is being established. If i try to establish the connection straightforward to WPA3 i'm getting a request to deauthenticate which looks like this: Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: nl80211: Connect request send successfully Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: wlan0: Setting authentication timeout: 10 sec 0 usec Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: EAPOL: External notification - EAP success=0 Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: EAPOL: External notification - EAP fail=0 Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: EAPOL: External notification - portControl=Auto Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0 Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0/BSSs/0 Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0/BSSs/1 Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0/BSSs/7 Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0/BSSs/2 Oct
ODP: Ampak AP6356S with WPA3
Ok i have sucessfully found, why this problem occurs. When you look at these two log files you will find that when DEAUTH_LEAVING error occurs on wpa_supplicant with NM case, because of wrong AUTH_TYPE being set. For SAE it should be set to value 4, just like it is in wpa_supplicant-2.9/src/drivers/nl80211_copy.h enum nl80211_auth_type as NL80211_AUTHTYPE_SAE, but for some reason it is NL80211_AUTHTYPE_OPEN_SYSTEM and because of this i am unable to establish a connection. I think that something is wrong in NM, but currently i don't know even where to look BR Piotr Łobacz Od: Piotr Lobacz Wysłane: sobota, 2 października 2021 03:48 Do: networkmanager-list@gnome.org Temat: Ampak AP6356S with WPA3 Hi all, I am using firefly-rk3399 board with Ampak AP6356S wifi chip. The kernel is mainline 5.4.18 release with patches from cypress/infineon for wpa3 feature. I'm running on buildroot 2018.08 mainline release with systemd-249.1, wpa-supplicant-2.9 and network-manager-1.32.2. The problem i have observed using NM is that if i have mi AP set to WPA2/WPA3 the connection is being established by default using WPA2 not WPA3 encryption scheme. If add by myself a WPA3 connection to given ssid it doesn't connect, just keep asking me for network password. Connection to network with WPA3 works after first connection with the usage of WPA2. Than i can even modify my AP to be only WPA3 and connection is being established. If i try to establish the connection straightforward to WPA3 i'm getting a request to deauthenticate which looks like this: Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: nl80211: Connect request send successfully Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: wlan0: Setting authentication timeout: 10 sec 0 usec Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: EAPOL: External notification - EAP success=0 Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: EAPOL: External notification - EAP fail=0 Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: EAPOL: External notification - portControl=Auto Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0 Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0/BSSs/0 Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0/BSSs/1 Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0/BSSs/7 Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0/BSSs/2 Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0/BSSs/3 Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0/BSSs/8 Oct 02 01:05:07 firefly-rk3399 wpa_supplicant[586]: dbus: flush_object_timeout_handler: Timeout - sending changed properties of object /fi/w1/wpa_supplicant1/Interfaces/0/BSSs/4 Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: dbus: fi.w1.wpa_supplicant1.Interface.Disconnect (/fi/w1/wpa_supplicant1/Interfaces/0) [] Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: wlan0: Cancelling scan request Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: wlan0: Request to deauthenticate - bssid=00:00:00:00:00:00 pending_bssid=c0:c9:e3:3b:64:e2 reason=3 (DEAUTH_LEAVING) state=ASSOCIATING Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: wpa_driver_nl80211_disconnect(reason_code=3) Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: nl80211: Ignored event 127 (NL80211_CMD_EXTERNAL_AUTH) for foreign interface (ifindex 3 wdev 0x0) Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: nl80211: Drv Event 127 (NL80211_CMD_EXTERNAL_AUTH) received for wlan0 Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: wlan0: nl80211: Ignored unknown event (cmd=127) Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: wlan0: Event DEAUTH (11) received Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: wlan0: Deauthentication notification Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: wlan0: * reason 3 (DEAUTH_LEAVING) locally_generated=1 Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: Deauthentication frame IE(s) - hexdump(len=0): [NULL] Oct 02 01:05:09 firefly-rk3399 wpa_supplicant[586]: wlan0: CTRL-EVENT-DISCONNECTED bssid=c0:c9:e3:3b:64:e2 reason=3 locally_generated=1 ... Btw. if i'm using wpa_supplicant