Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WPA2 enterprise auth - is there support for TLSv1.2 #8638

Closed
6 tasks done
aheinzel opened this issue Jul 15, 2022 · 2 comments
Closed
6 tasks done

WPA2 enterprise auth - is there support for TLSv1.2 #8638

aheinzel opened this issue Jul 15, 2022 · 2 comments

Comments

@aheinzel
Copy link

Basic Infos

  • This issue complies with the issue POLICY doc.
  • I have read the documentation at readthedocs and the issue is not addressed there.
  • I have tested that the issue is present in current master branch (aka latest git).
  • I have searched the issue tracker for a similar issue.
  • If there is a stack dump, I have decoded it.
  • I have filled out all fields below.

Platform

  • Hardware: [ESP-12]
  • Core Version: [a2982f9]
  • Development Env: [Arduino IDE]
  • Operating System: [Ubuntu]

Settings in IDE

  • Module: [Nodemcu]
  • Flash Mode: [dout]
  • Flash Size: [1MB]
  • lwip Variant: [v2 Lower Memory]
  • Reset Method: [nodemcu]
  • Flash Frequency: [26Mhz]
  • CPU Frequency: [80Mhz]
  • Upload Using: [SERIAL]
  • Upload Speed: [115200]

Problem Description

Using latest version from git (a2982f9) with nonos-sdk pre 3 ESP8266 can successfully connect to WPA2 enterprise using EAP-PEAP as long as the access point supports TLSv1.1. When, however, the access point requires TLSv1.2 it appears as ESP8266 is still trying to use TLSv1.1 and thus connection establishment fails during EAP phase. Is there support for TLSv1.2 for WPA2 enterprise authentication and how can it be enabled?

MCVE Sketch

#include  <ESP8266WiFi.h>

extern "C" {
#include "wpa2_enterprise.h"
}

char ssid[] = "WLAN1";
char username[] = "test1";
char identity[] = "test1";
char password[] = "secretpass1";

void setup() {
  Serial.begin(115200);
  Serial.printf("SDK version: %s\n", system_get_sdk_version());
  Serial.printf("free heap: %d\n", ESP.getFreeHeap());

  WiFi.mode(WIFI_STA);
  wifi_set_opmode(STATION_MODE);

  struct station_config wifi_config;
  memset(&wifi_config, 0, sizeof(wifi_config));
  strcpy((char*)wifi_config.ssid, ssid);
  strcpy((char*)wifi_config.password, password);

  wifi_station_set_config(&wifi_config);
 
  //clear enterprise
  wifi_station_clear_cert_key();
  wifi_station_clear_enterprise_ca_cert();
  wifi_station_clear_enterprise_identity();
  wifi_station_clear_enterprise_username();
  wifi_station_clear_enterprise_password();
  wifi_station_clear_enterprise_new_password();

  //setup enterprise auth
  wifi_station_set_wpa2_enterprise_auth(1);
  wifi_station_set_enterprise_identity((uint8*)identity, strlen(identity));
  wifi_station_set_enterprise_username((uint8*)username, strlen(username));
  wifi_station_set_enterprise_password((uint8*)password, strlen(password));
  wifi_station_set_enterprise_new_password((uint8*)password, strlen(password));

  //connect
  wifi_station_connect();
  int waitCnt = 0;
  while (WiFi.status() != WL_CONNECTED) {
    ++waitCnt;
    if(waitCnt % 5 == 0){
      Serial.print("_");
    }else{
      Serial.print(".");  
    }
    
    delay(1000);
  }

  Serial.println("WiFi connected");
  Serial.print("IP address: ");
  Serial.println(WiFi.localIP());
}

unsigned int msgCnt = 0;
unsigned int last = millis();
void loop() {
  WiFiClient client;
  IPAddress remote(192, 168, 3, 1);
  if(last + 2000 < millis()){
    last = millis();
    Serial.printf("WiFi status: %d \n", WiFi.status());
    Serial.println("connecting");
    if (client.connect(remote, 2000)) {
      ++msgCnt;
      Serial.println("connected");
      client.printf("this is message nr: %d\n", msgCnt);
      Serial.println("written");
      client.stop();
      Serial.println("stopped");
    }
  }
}

Debug Messages

with TLSv1.1 supported by the AP

ESP8266 with WIFI debug enabled:

.scandone
state: 0 -> 2 (b0)
state: 2 -> 3 (0)
state: 3 -> 5 (10)
add 0
aid 1
cnt 
.EAP-PEAP: received 53 bytes encrypted data for Phase 2
EAP-PEAP: received Phase 2: code=1 identifier=22 length=5
EAP-PEAP: Phase 2 Request: type=1
_EAP-PEAP: received 85 bytes encrypted data for Phase 2
EAP-PEAP: received Phase 2: code=1 identifier=23 length=33
EAP-PEAP: Phase 2 Request: type=26
EAP-PEAP: Selected Phase 2 EAP vendor 0 method 26
EAP-MSCHAPV2: RX identifier 23 mschapv2_id 23
EAP-MSCHAPV2: Generate Challenge Response
.EAP-PEAP: received 101 bytes encrypted data for Phase 2
EAP-PEAP: received Phase 2: code=1 identifier=24 length=56
EAP-PEAP: Phase 2 Request: type=26
EAP-MSCHAPV2: RX identifier 24 mschapv2_id 23
.EAP-PEAP: received 53 bytes encrypted data for Phase 2
EAP-PEAP: received Phase 2: code=3 identifier=25 length=4
EAP-PEAP: Phase 2 Success
.
connected with WLAN1, channel 6
dhcp client start...
wifi evt: 0
ip:192.168.3.10,mask:255.255.255.0,gw:192.168.3.1
wifi evt: 3
WiFi connected
IP address: 192.168.3.10
WiFi status: 3 
connecting
connected
written
stopped
hostapd debug log 
EAP: Server state machine created
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state IDLE
IEEE 802.1X: ac:0b:fb:d8:03:46 CTRL_DIR entering state FORCE_BOTH
wlan0: STA ac:0b:fb:d8:03:46 WPA: start authentication
WPA: ac:0b:fb:d8:03:46 WPA_PTK entering state INITIALIZE
wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=0 addr=0x55816b1f60 key_idx=0 set_tx=1 seq_len=0 key_len=0
   addr=ac:0b:fb:d8:03:46
nl80211: set_key failed; err=-22 Invalid argument)
RSN: PTK removal from the driver failed
WPA: ac:0b:fb:d8:03:46 WPA_PTK_GROUP entering state IDLE
WPA: ac:0b:fb:d8:03:46 WPA_PTK entering state AUTHENTICATION
WPA: ac:0b:fb:d8:03:46 WPA_PTK entering state AUTHENTICATION2
WPA: Re-initialize GMK/Counter on first station
Get randomness: len=32 entropy=1
GMK - hexdump(len=32): c5 f2 ed 92 96 7c 34 b2 c2 1c d7 33 a8 a3 70 30 be 4f 90 4e be 39 8e 51 f6 97 55 02 95 34 5b 27
Get randomness: len=32 entropy=0
Key Counter - hexdump(len=32): f9 52 01 42 64 e5 c1 60 e7 53 7b 2c 48 ef 34 80 92 2b b2 c1 5f e3 42 83 e4 fd f0 d7 5d a4 ed 5f
Get randomness: len=16 entropy=0
GTK - hexdump(len=16): 47 61 fc 36 29 e9 87 40 cc 99 cc 0f 28 b1 ec f4
wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=3 addr=0x556af35f50 key_idx=1 set_tx=1 seq_len=0 key_len=16
nl80211: KEY_DATA - hexdump(len=16): 47 61 fc 36 29 e9 87 40 cc 99 cc 0f 28 b1 ec f4
   broadcast key
Get randomness: len=32 entropy=0
WPA: Assign ANonce - hexdump(len=32): 34 b3 0b 79 ee b7 0d f1 33 0c 64 65 43 de f2 55 bd 65 b3 7d 4c d8 e3 50 81 8e 17 8e 83 02 2c e3
wlan0: hostapd_new_assoc_sta: reschedule ap_handle_timer timeout for ac:0b:fb:d8:03:46 (300 seconds - ap_max_inactivity)
IEEE 802.1X: ac:0b:fb:d8:03:46 AUTH_PAE entering state DISCONNECTED
nl80211: Set STA flags - ifname=wlan0 addr=ac:0b:fb:d8:03:46 total_flags=0x60 flags_or=0x0 flags_and=0xfffffffe authorized=0
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: unauthorizing port
IEEE 802.1X: ac:0b:fb:d8:03:46 AUTH_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
wlan0: CTRL-EVENT-EAP-STARTED ac:0b:fb:d8:03:46
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: no identity known yet -> CONTINUE
EAP: EAP entering state PROPOSE_METHOD
EAP: getNextMethod: vendor 0 type 1
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 103
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: ac:0b:fb:d8:03:46 AUTH_PAE entering state CONNECTING
IEEE 802.1X: ac:0b:fb:d8:03:46 AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state REQUEST
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: Sending EAP Packet (identifier 103)
wlan0: Event EAPOL_RX (23) received
IEEE 802.1X: 4 bytes from ac:0b:fb:d8:03:46
   IEEE 802.1X: version=1 type=1 length=0
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: received EAPOL-Start from STA
wlan0: STA ac:0b:fb:d8:03:46 WPA: event 5 notification
WPA: ac:0b:fb:d8:03:46 WPA_PTK entering state AUTHENTICATION2
Get randomness: len=32 entropy=0
WPA: Assign ANonce - hexdump(len=32): 5e ca df a2 05 b0 df 77 ee 63 8f 9f f1 bb 95 43 87 2a ad 56 67 17 d2 b5 75 8f 04 d0 81 c1 8b 58
IEEE 802.1X: ac:0b:fb:d8:03:46 AUTH_PAE entering state ABORTING
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state INITIALIZE
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: aborting authentication
IEEE 802.1X: ac:0b:fb:d8:03:46 AUTH_PAE entering state RESTART
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state IDLE
EAP: EAP entering state INITIALIZE
wlan0: CTRL-EVENT-EAP-STARTED ac:0b:fb:d8:03:46
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: no identity known yet -> CONTINUE
EAP: EAP entering state PROPOSE_METHOD
EAP: getNextMethod: vendor 0 type 1
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 198
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: ac:0b:fb:d8:03:46 AUTH_PAE entering state CONNECTING
IEEE 802.1X: ac:0b:fb:d8:03:46 AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state REQUEST
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: Sending EAP Packet (identifier 198)
wlan0: Event EAPOL_RX (23) received
IEEE 802.1X: 14 bytes from ac:0b:fb:d8:03:46
   IEEE 802.1X: version=1 type=0 length=10
EAP: code=2 identifier=103 length=10
 (response)
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: received EAP packet (code=2 id=103 len=10) from STA: EAP Response-Identity (1)
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 rxInitiate=0 respId=103 respMethod=1 respVendor=0 respVendorMethod=0
EAP: RECEIVED->DISCARD: rxResp=1 respId=103 currentId=198 respMethod=1 currentMethod=1
EAP: EAP entering state DISCARD
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state IGNORE
wlan0: Event EAPOL_RX (23) received
IEEE 802.1X: 14 bytes from ac:0b:fb:d8:03:46
   IEEE 802.1X: version=1 type=0 length=10
EAP: code=2 identifier=198 length=10
 (response)
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: received EAP packet (code=2 id=198 len=10) from STA: EAP Response-Identity (1)
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 rxInitiate=0 respId=198 respMethod=1 respVendor=0 respVendorMethod=0
EAP: EAP entering state INTEGRITY_CHECK
EAP: EAP entering state METHOD_RESPONSE
EAP-Identity: Peer identity - hexdump_ascii(len=5):
     74 65 73 74 31                                    test1           
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: another method available -> CONTINUE
EAP: EAP entering state PROPOSE_METHOD
EAP: getNextMethod: vendor 0 type 25
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 199
EAP-PEAP: START -> PHASE1
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state REQUEST
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: Sending EAP Packet (identifier 199)
wlan0: Event EAPOL_RX (23) received
IEEE 802.1X: 72 bytes from ac:0b:fb:d8:03:46
   IEEE 802.1X: version=1 type=0 length=68
EAP: code=2 identifier=199 length=68
 (response)
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: received EAP packet (code=2 id=199 len=68) from STA: EAP Response-PEAP (25)
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 rxInitiate=0 respId=199 respMethod=25 respVendor=0 respVendorMethod=0
EAP: EAP entering state INTEGRITY_CHECK
EAP: EAP entering state METHOD_RESPONSE
SSL: Received packet(len=68) - Flags 0x01
SSL: Received data - hexdump(len=62): 16 03 02 00 39 01 00 00 35 03 02 40 10 0c f6 0c a2 2f 2a a5 23 2c 68 54 b8 8f 0c f9 46 cd 9d b8 20 20 86 79 cd 77 23 79 7f 74 68 00 00 0e 00 3d 00 35 00 3c 00 2f 00 0a 00 05 00 04 01 00
SSL: Received packet: Flags 0x1 Message Length 0
SSL: (where=0x10 ret=0x1)
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:before SSL initialization
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 02 00 39
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:before SSL initialization
OpenSSL: RX ver=0x304 content_type=22 (handshake/client hello)
OpenSSL: Message - hexdump(len=57): 01 00 00 35 03 02 40 10 0c f6 0c a2 2f 2a a5 23 2c 68 54 b8 8f 0c f9 46 cd 9d b8 20 20 86 79 cd 77 23 79 7f 74 68 00 00 0e 00 3d 00 35 00 3c 00 2f 00 0a 00 05 00 04 01 00
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:SSLv3/TLS read client hello
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 02 00 2a
OpenSSL: TX ver=0x302 content_type=22 (handshake/server hello)
OpenSSL: Message - hexdump(len=42): 02 00 00 26 03 02 2d 62 b7 9b cf 5c a9 c3 1c c9 38 9c f3 46 53 d5 24 19 50 af f1 9b d4 18 44 4f 57 4e 47 52 44 00 00 00 35 00
OpenSSL: Server selected cipher suite 0x35
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:SSLv3/TLS write server hello
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 02 09 03
OpenSSL: TX ver=0x302 content_type=22 (handshake/certificate)
OpenSSL: Message - hexdump(len=2307): 0b 00 08 ff 00 08 fc 00 03 f8 30 82 03 f4 30 82 02 dc a0 03 02 01 02 02 01 01 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 32 32 30 37 31 33 31 34 32 32 30 34 5a 17 0d 32 32 30 39 31 31 31 34 32 32 30 34 5a 30 7c 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 23 30 21 06 03 55 04 03 0c 1a 45 78 61 6d 70 6c 65 20 53 65 72 76 65 72 20 43 65 72 74 69 66 69 63 61 74 65 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 bf 38 e2 78 43 ae 62 98 31 6b e5 3f 97 3e e9 c5 12 3c 94 7e f1 aa 7a b7 92 a6 24 3a 0c 32 66 a3 e1 1c 67 09 4e fd 15 71 ef 0c 1a 28 ba c7 14 e9 22 9c 42 58 c5 96 8e 61 a0 69 6e de 3f eb e2 cd dc cc a0 36 65 84 60 34 d7 04 52 c5 64 2d 70 fb df 66 98 8a 86 80 f7 e9 82 07 b0 f9 0e eb 3b b2 dc b8 ff bb 33 4e df 0a 62 a3 e8 fe a2 31 ba 25 fd 1e ef fc 9f 1d c8 f5 5f a7 af 57 67 ae 89 40 84 72 15 5e d0 5c 63 b7 cd c9 ec 1b 91 a0 33 ad db ea d5 93 26 64 85 98 f9 ef c7 d6 6d ff 88 c8 ab 6b cd 29 1d df 78 3e 6b 62 1d 78 d2 3a 3e 2e ac fa e1 da e5 67 7b d8 e1 5f 11 a6 1d f3 c3 bd 77 38 18 6d ba e3 45 cc 21 12 84 d7 8f b8 02 c6 f7 60 03 b2 53 21 90 b7 94 37 9d 4f f0 76 89 5c d0 e2 ba f2 37 e0 1e c3 71 1b a5 64 23 83 15 73 35 00 7d 37 d6 29 e0 9f 94 19 c8 73 f2 a3 75 ed 02 03 01 00 01 a3 69 30 67 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 30 36 06 03 55 1d 1f 04 2f 30 2d 30 2b a0 29 a0 27 86 25 68 74 74 70 3a 2f 2f 77 77 77 2e 65 78 61 6d 70 6c 65 2e 63 6f 6d 2f 65 78 61 6d 70 6c 65 5f 63 61 2e 63 72 6c 30 18 06 03 55 1d 20 04 11 30 0f 30 0d 06 0b 2b 06 01 04 01 82 be 68 01 03 02 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 9b 52 4a 2d 49 ae ba c5 43 d7 a4 6b 6b 97 24 f4 b7 44 20 b1 f4 db 27 72 c2 20 b8 15 92 05 f5 b9 1a 7b 84 a0 9b 20 8e f9 8f 63 a5 30 cf 95 4a 1a e2 92 ea 9e 24 a9 c8 90 6d 9f b8 d8 11 89 9c 1b 0a 57 3a 01 de dd 0c 6c 1f d8 2e 67 8a aa de c4 c6 0f df 8e 07 29 55 a9 0a 59 de 03 da 79 a3 fd 49 60 1c a4 51 86 aa 7e 3e a1 79 30 8b 1b 1a 87 3f 26 02 8f eb 9c 67 a1 d3 e2 66 e3 d0 22 03 78 e6 03 09 7d 65 ec e7 f9 00 66 8e 74 07 df 1e a5 8a cf 24 0e 70 69 23 11 1c cb 86 42 d9 0b 93 61 ed b5 bd 4d 52 c0 f0 c7 e9 98 7a 36 52 76 cf e5 63 a7 62 2f d6 e3 ed be e0 62 d2 54 f7 9b 9f 7c 4d 54 f1 a9 bb 0f 14 23 0d 9b 4b 5e 93 c8 d0 58 c9 dd 19 8e 07 33 35 91 e4 83 03 ba 36 87 0f ab 31 71 62 a8 cf 46 54 28 34 e5 45 45 c2 4a df 1e 45 55 47 a9 9d 95 77 95 97 eb 03 05 4f 02 64 ae 00 04 fe 30 82 04 fa 30 82 03 e2 a0 03 02 01 02 02 14 25 1a 93 65 79 97 bb f1 6c c8 b1 8c 05 6e 72 d8 c8 5b 40 ce 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 32 32 30 37 31 33 31 34 32 32 30 34 5a 17 0d 32 32 30 39 31 31 31 34 32 32 30 34 5a 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 cc 03 3c 7d a8 67 1c 1a 75 a0 c0 ae 32 07 42 62 2c b9 8e c9 06 72 07 61 9c 78 e4 06 ec d0 db 57 0c 00 7a db 9d c9 ed 24 50 de c1 cc d0 1a 4d a7 9a 86 67 6f 29 21 d0 04 f6 ad 2e e7 e8 a4 8a 08 5f 14 77 e9 3c b1 86 8c 19 5f bb 60 56 d2 af 78 d5 84 e2 d6 d2 a6 3a d2 2e d4 75 0e 2c d4 bf 17 c4 f6 6e e4 f6 7b e5 4f ed 32 ec d7 72 7c 8b 15 79 d1 71 f0 35 86 ae 23 e8 ea a8 e4 35 73 38 ad 6c 60 d1 04 75 e8 5c ca 6e 06 f6 2c a0 93 7e 5f 7f 05 9f 9a c6 a4 8f 53 cd 63 30 f3 98 99 16 61 bb 58 6f 50 39 05 d5 ce ab 23 26 81 31 a8 32 ae 9a 89 71 60 84 dc 63 17 3e 70 c7 07 d0 21 a7 22 89 95 c1 df d3 b5 46 e7 57 13 ab dc 58 4e 33 17 04 a3 77 34 fd 6b 20 fc a0 c4 f1 ee 57 2e e0 aa e5 3d 53 2d 77 d0 3f 44 40 d3 d7 93 0b 93 4b 88 9e 4e 76 d0 e0 ca ac ec 83 64 69 ba 14 95 91 c7 02 03 01 00 01 a3 82 01 42 30 82 01 3e 30 1d 06 03 55 1d 0e 04 16 04 14 1e 84 b6 bf e8 0b 95 33 71 08 f3 7a 8b 34 7a 44 b1 70 c4 1c 30 81 d3 06 03 55 1d 23 04 81 cb 30 81 c8 80 14 1e 84 b6 bf e8 0b 95 33 71 08 f3 7a 8b 34 7a 44 b1 70 c4 1c a1 81 99 a4 81 96 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 82 14 25 1a 93 65 79 97 bb f1 6c c8 b1 8c 05 6e 72 d8 c8 5b 40 ce 30 0f 06 03 55 1d 13 01 01 ff 04 05 30 03 01 01 ff 30 36 06 03 55 1d 1f 04 2f 30 2d 30 2b a0 29 a0 27 86 25 68 74 74 70 3a 2f 2f 77 77 77 2e 65 78 61 6d 70 6c 65 2e 6f 72 67 2f 65 78 61 6d 70 6c 65 5f 63 61 2e 63 72 6c 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 a2 65 ea 56 cb 1d 5e fc bc 78 a7 15 8e b3 e3 70 78 c5 71 24 6d 3f d4 5b bb 77 aa a9 3f 6b e2 d0 17 bd c5 8e f2 40 5f d4 29 b7 a1 3d c6 38 ea 01 13 02 93 01 fe 5e fd 5e db 35 61 75 d6 35 38 d7 28 9e 6e b7 f2 d7 ac 52 b4 0d ad 82 11 65 1e e3 8c bb a5 f6 dc 40 df a1 69 af cb 66 e0 1f da c9 ba 4a 62 a4 88 c4 83 be d6 fa aa 53 f8 36 b1 08 2d 30 0b 52 3e 5a 73 34 ee 3e ce d1 c4 c6 7d 42 0c 1c 73 57 28 54 49 44 06 7c 10 26 2f 2b 98 ad fc ea 8c 1b d9 d7 67 e4 80 3b 3e 1a da a3 73 58 26 2d da b6 27 c3 5d 16 09 b6 8a bf a3 a9 10 5e 71 43 12 ad 77 63 9b c3 8f ac 38 c5 a9 7b 39 12 a5 18 bb de 2c ba 19 53 12 72 89 48 1f 55 51 f3 68 a7 11 7f 86 84 e4 81 ad 76 1b d8 7a f3 40 01 a6 53 d9 ff 1c 54 c3 0f c4 75 19 ce 99 c8 2d 73 b0 5e 13 3c 60 b2 fb 83 0a 18 07 c1 56 d0 ed 43
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:SSLv3/TLS write certificate
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 02 00 04
OpenSSL: TX ver=0x302 content_type=22 (handshake/server hello done)
OpenSSL: Message - hexdump(len=4): 0e 00 00 00
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:SSLv3/TLS write server done
SSL: (where=0x2002 ret=0xffffffff)
SSL: SSL_accept:error in SSLv3/TLS write server done
SSL: SSL_connect - want more data
SSL: 2368 bytes pending from ssl_out
SSL: Using TLS version TLSv1.1
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 200
SSL: Generating Request
SSL: Sending out 1393 bytes (975 more to send)
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state REQUEST
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: Sending EAP Packet (identifier 200)
wlan0: Event EAPOL_RX (23) received
IEEE 802.1X: 10 bytes from ac:0b:fb:d8:03:46
   IEEE 802.1X: version=1 type=0 length=6
EAP: code=2 identifier=200 length=6
 (response)
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: received EAP packet (code=2 id=200 len=6) from STA: EAP Response-PEAP (25)
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 rxInitiate=0 respId=200 respMethod=25 respVendor=0 respVendorMethod=0
EAP: EAP entering state INTEGRITY_CHECK
EAP: EAP entering state METHOD_RESPONSE
SSL: Received packet(len=6) - Flags 0x01
SSL: Received data - hexdump(len=0):
SSL: Received packet: Flags 0x1 Message Length 0
SSL: Fragment acknowledged
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 201
SSL: Generating Request
SSL: Sending out 975 bytes (message sent completely)
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state REQUEST
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: Sending EAP Packet (identifier 201)
wlan0: Event EAPOL_RX (23) received
IEEE 802.1X: 352 bytes from ac:0b:fb:d8:03:46
   IEEE 802.1X: version=1 type=0 length=348
EAP: code=2 identifier=201 length=348
 (response)
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: received EAP packet (code=2 id=201 len=348) from STA: EAP Response-PEAP (25)
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 rxInitiate=0 respId=201 respMethod=25 respVendor=0 respVendorMethod=0
EAP: EAP entering state INTEGRITY_CHECK
EAP: EAP entering state METHOD_RESPONSE
SSL: Received packet(len=348) - Flags 0x01
SSL: Received data - hexdump(len=342): 16 03 02 01 06 10 00 01 02 01 00 22 76 1a d4 95 27 b8 6a 81 bb 4e f8 5e 4a 78 7e eb d7 32 01 0e f9 77 8f cf ab ca db 89 db 16 8c 81 0c b9 c5 1b 17 24 ef 3f 04 d2 55 2b 0d a1 e0 89 af c9 f2 3e 44 03 d0 96 7a 1b 22 ce f8 74 92 08 b4 16 8a c1 22 b1 51 fb 93 b2 2d 1d 2d ce c7 57 6c 2f 6e 28 59 18 de f7 c0 20 04 dd 75 10 6d ca d5 5e 70 dd 6d e2 76 96 e5 77 84 5d 43 00 38 ab 72 f4 f5 4d e5 27 fc 88 0c 88 fe 7f a6 3d 00 af 8d 91 4c c8 3e 61 32 44 c8 6d c2 76 8a a2 65 83 ce 26 03 66 ed e7 61 f9 ed 7c 3c a7 a1 e4 c1 3a 64 92 06 a2 0e 6e 18 06 83 a2 f5 b6 8d cd 55 e6 96 67 2b cc bf 12 fc 97 d2 41 0c cd d2 27 f4 16 85 93 a6 11 0c f2 3e 53 89 d4 52 e7 f8 83 df be 3b 01 99 0f db d2 ec 8d c7 62 40 f5 5c 2b 87 da a6 50 17 d6 3d 02 e1 d5 aa 2a 50 58 35 0e 91 b3 ae 5c aa 0b 9d 23 4b be ab 72 ca d8 b1 22 c7 14 03 02 00 01 01 16 03 02 00 40 b5 6d cf b6 93 11 83 b7 ae 1d 77 da 07 c5 f2 4a 90 9d 36 5f 00 a9 cf d3 8a d4 c3 10 05 1f 65 d2 5d 0f 0b 7f 09 9c 82 96 97 69 54 b9 5a a9 c6 7d ab bd 08 7a 5e bc 05 6b e1 36 e1 c9 4e 4c b3 64
SSL: Received packet: Flags 0x1 Message Length 0
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 02 01 06
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:SSLv3/TLS write server done
OpenSSL: RX ver=0x302 content_type=22 (handshake/client key exchange)
OpenSSL: Message - hexdump(len=262): 10 00 01 02 01 00 22 76 1a d4 95 27 b8 6a 81 bb 4e f8 5e 4a 78 7e eb d7 32 01 0e f9 77 8f cf ab ca db 89 db 16 8c 81 0c b9 c5 1b 17 24 ef 3f 04 d2 55 2b 0d a1 e0 89 af c9 f2 3e 44 03 d0 96 7a 1b 22 ce f8 74 92 08 b4 16 8a c1 22 b1 51 fb 93 b2 2d 1d 2d ce c7 57 6c 2f 6e 28 59 18 de f7 c0 20 04 dd 75 10 6d ca d5 5e 70 dd 6d e2 76 96 e5 77 84 5d 43 00 38 ab 72 f4 f5 4d e5 27 fc 88 0c 88 fe 7f a6 3d 00 af 8d 91 4c c8 3e 61 32 44 c8 6d c2 76 8a a2 65 83 ce 26 03 66 ed e7 61 f9 ed 7c 3c a7 a1 e4 c1 3a 64 92 06 a2 0e 6e 18 06 83 a2 f5 b6 8d cd 55 e6 96 67 2b cc bf 12 fc 97 d2 41 0c cd d2 27 f4 16 85 93 a6 11 0c f2 3e 53 89 d4 52 e7 f8 83 df be 3b 01 99 0f db d2 ec 8d c7 62 40 f5 5c 2b 87 da a6 50 17 d6 3d 02 e1 d5 aa 2a 50 58 35 0e 91 b3 ae 5c aa 0b 9d 23 4b be ab 72 ca d8 b1 22 c7
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 14 03 02 00 01
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:SSLv3/TLS read client key exchange
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 02 00 40
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:SSLv3/TLS read change cipher spec
OpenSSL: RX ver=0x302 content_type=22 (handshake/finished)
OpenSSL: Message - hexdump(len=16): 14 00 00 0c 01 91 8b 46 ef 54 45 0f f8 8c 88 6d
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:SSLv3/TLS read finished
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 14 03 02 00 01
OpenSSL: TX ver=0x302 content_type=20 (change cipher spec/)
OpenSSL: Message - hexdump(len=1): 01
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:SSLv3/TLS write change cipher spec
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 02 00 40
OpenSSL: TX ver=0x302 content_type=22 (handshake/finished)
OpenSSL: Message - hexdump(len=16): 14 00 00 0c 44 9c 31 1c 0b 1c 41 47 59 43 55 1d
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:SSLv3/TLS write finished
SSL: (where=0x20 ret=0x1)
SSL: (where=0x2002 ret=0x1)
SSL: 75 bytes pending from ssl_out
OpenSSL: Handshake finished - resumed=0
OpenSSL: Shared ciphers: AES256-SHA256:AES256-SHA:AES128-SHA256:AES128-SHA
SSL: Using TLS version TLSv1.1
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 202
EAP-PEAP: Phase1 done, starting Phase2

AP requiring TLSv1.2

ESP8266 with WIFI debug enabled

.scandone
state: 0 -> 2 (b0)
state: 2 -> 3 (0)
state: 3 -> 5 (10)
add 0
aid 1
cnt 
state: 5 -> 2 (17c0)
rm 0
wifi evt: 1
STA disconnect: 23
.reconnect
state: 2 -> 0 (0)
_scandone
state: 0 -> 2 (b0)
state: 2 -> 3 (0)
state: 3 -> 5 (10)
add 0
aid 1
cnt 
state: 5 -> 2 (17c0)
rm 0
wifi evt: 1
STA disconnect: 23
hostapd debug log 
EAP: Server state machine created
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state IDLE
IEEE 802.1X: ac:0b:fb:d8:03:46 CTRL_DIR entering state FORCE_BOTH
wlan0: STA ac:0b:fb:d8:03:46 WPA: start authentication
WPA: ac:0b:fb:d8:03:46 WPA_PTK entering state INITIALIZE
wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=0 addr=0x556c2aff10 key_idx=0 set_tx=1 seq_len=0 key_len=0
   addr=ac:0b:fb:d8:03:46
nl80211: set_key failed; err=-22 Invalid argument)
RSN: PTK removal from the driver failed
WPA: ac:0b:fb:d8:03:46 WPA_PTK_GROUP entering state IDLE
WPA: ac:0b:fb:d8:03:46 WPA_PTK entering state AUTHENTICATION
WPA: ac:0b:fb:d8:03:46 WPA_PTK entering state AUTHENTICATION2
WPA: Re-initialize GMK/Counter on first station
Get randomness: len=32 entropy=1
GMK - hexdump(len=32): 54 3d ae 26 80 e2 4e 2a 65 0b 47 3b 7d d3 aa 44 17 6f e7 9e 7c 69 b4 a9 bc 01 ce 9d 00 ab a5 5e
Get randomness: len=32 entropy=0
Key Counter - hexdump(len=32): 2f 6a 92 e7 a1 d5 1d 8c 4b a5 c2 22 6d 74 d8 c7 62 ec ed da 49 bc 78 90 96 f0 8c 6f 2e 4f af 6f
Get randomness: len=16 entropy=0
GTK - hexdump(len=16): f1 a3 b2 ff 4e da ea 23 5e 78 a2 85 7f be 75 90
wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=3 addr=0x5568ce5f50 key_idx=1 set_tx=1 seq_len=0 key_len=16
nl80211: KEY_DATA - hexdump(len=16): f1 a3 b2 ff 4e da ea 23 5e 78 a2 85 7f be 75 90
   broadcast key
Get randomness: len=32 entropy=0
WPA: Assign ANonce - hexdump(len=32): 63 f3 a6 ca dd 8c 5f aa e5 3c a7 0a e2 5a b6 b9 38 fe 53 04 de dc 64 ee ee 45 6c f9 24 63 f5 3a
wlan0: hostapd_new_assoc_sta: reschedule ap_handle_timer timeout for ac:0b:fb:d8:03:46 (300 seconds - ap_max_inactivity)
IEEE 802.1X: ac:0b:fb:d8:03:46 AUTH_PAE entering state DISCONNECTED
nl80211: Set STA flags - ifname=wlan0 addr=ac:0b:fb:d8:03:46 total_flags=0x60 flags_or=0x0 flags_and=0xfffffffe authorized=0
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: unauthorizing port
IEEE 802.1X: ac:0b:fb:d8:03:46 AUTH_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
wlan0: CTRL-EVENT-EAP-STARTED ac:0b:fb:d8:03:46
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: no identity known yet -> CONTINUE
EAP: EAP entering state PROPOSE_METHOD
EAP: getNextMethod: vendor 0 type 1
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 103
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: ac:0b:fb:d8:03:46 AUTH_PAE entering state CONNECTING
IEEE 802.1X: ac:0b:fb:d8:03:46 AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state REQUEST
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: Sending EAP Packet (identifier 103)
wlan0: Event EAPOL_RX (23) received
IEEE 802.1X: 4 bytes from ac:0b:fb:d8:03:46
   IEEE 802.1X: version=1 type=1 length=0
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: received EAPOL-Start from STA
wlan0: STA ac:0b:fb:d8:03:46 WPA: event 5 notification
WPA: ac:0b:fb:d8:03:46 WPA_PTK entering state AUTHENTICATION2
Get randomness: len=32 entropy=0
WPA: Assign ANonce - hexdump(len=32): 32 2e 97 14 9b b0 87 d7 bd d2 16 08 36 6f 28 13 94 66 71 a2 c0 54 b7 85 e6 80 7a fc c6 39 96 70
IEEE 802.1X: ac:0b:fb:d8:03:46 AUTH_PAE entering state ABORTING
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state INITIALIZE
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: aborting authentication
IEEE 802.1X: ac:0b:fb:d8:03:46 AUTH_PAE entering state RESTART
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state IDLE
EAP: EAP entering state INITIALIZE
wlan0: CTRL-EVENT-EAP-STARTED ac:0b:fb:d8:03:46
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: no identity known yet -> CONTINUE
EAP: EAP entering state PROPOSE_METHOD
EAP: getNextMethod: vendor 0 type 1
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 198
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: ac:0b:fb:d8:03:46 AUTH_PAE entering state CONNECTING
IEEE 802.1X: ac:0b:fb:d8:03:46 AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state REQUEST
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: Sending EAP Packet (identifier 198)
wlan0: Event EAPOL_RX (23) received
IEEE 802.1X: 14 bytes from ac:0b:fb:d8:03:46
   IEEE 802.1X: version=1 type=0 length=10
EAP: code=2 identifier=103 length=10
 (response)
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: received EAP packet (code=2 id=103 len=10) from STA: EAP Response-Identity (1)
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 rxInitiate=0 respId=103 respMethod=1 respVendor=0 respVendorMethod=0
EAP: RECEIVED->DISCARD: rxResp=1 respId=103 currentId=198 respMethod=1 currentMethod=1
EAP: EAP entering state DISCARD
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state IGNORE
wlan0: Event EAPOL_RX (23) received
IEEE 802.1X: 14 bytes from ac:0b:fb:d8:03:46
   IEEE 802.1X: version=1 type=0 length=10
EAP: code=2 identifier=198 length=10
 (response)
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: received EAP packet (code=2 id=198 len=10) from STA: EAP Response-Identity (1)
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 rxInitiate=0 respId=198 respMethod=1 respVendor=0 respVendorMethod=0
EAP: EAP entering state INTEGRITY_CHECK
EAP: EAP entering state METHOD_RESPONSE
EAP-Identity: Peer identity - hexdump_ascii(len=5):
     74 65 73 74 31                                    test1           
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: another method available -> CONTINUE
EAP: EAP entering state PROPOSE_METHOD
EAP: getNextMethod: vendor 0 type 25
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 199
EAP-PEAP: START -> PHASE1
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state REQUEST
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: Sending EAP Packet (identifier 199)
wlan0: Event EAPOL_RX (23) received
IEEE 802.1X: 72 bytes from ac:0b:fb:d8:03:46
   IEEE 802.1X: version=1 type=0 length=68
EAP: code=2 identifier=199 length=68
 (response)
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: received EAP packet (code=2 id=199 len=68) from STA: EAP Response-PEAP (25)
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 rxInitiate=0 respId=199 respMethod=25 respVendor=0 respVendorMethod=0
EAP: EAP entering state INTEGRITY_CHECK
EAP: EAP entering state METHOD_RESPONSE
SSL: Received packet(len=68) - Flags 0x01
SSL: Received data - hexdump(len=62): 16 03 02 00 39 01 00 00 35 03 02 40 10 0c f6 71 8c 7d 1f 78 d2 36 16 3c f0 c6 01 36 7b e1 ee 21 64 23 3f 07 a6 d6 ae aa 0c b2 2c 00 00 0e 00 3d 00 35 00 3c 00 2f 00 0a 00 05 00 04 01 00
SSL: Received packet: Flags 0x1 Message Length 0
SSL: (where=0x10 ret=0x1)
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:before SSL initialization
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 02 00 39
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:before SSL initialization
OpenSSL: RX ver=0x304 content_type=22 (handshake/client hello)
OpenSSL: Message - hexdump(len=57): 01 00 00 35 03 02 40 10 0c f6 71 8c 7d 1f 78 d2 36 16 3c f0 c6 01 36 7b e1 ee 21 64 23 3f 07 a6 d6 ae aa 0c b2 2c 00 00 0e 00 3d 00 35 00 3c 00 2f 00 0a 00 05 00 04 01 00
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 15 03 02 00 02
OpenSSL: TX ver=0x302 content_type=21 (alert/)
OpenSSL: Message - hexdump(len=2): 02 46
SSL: (where=0x4008 ret=0x246)
SSL: SSL3 alert: write (local SSL3 detected an error):fatal:protocol version
authsrv: local TLS alert: protocol version
SSL: (where=0x2002 ret=0xffffffff)
SSL: SSL_accept:error in error
OpenSSL: openssl_handshake - SSL_connect error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol
SSL: 7 bytes pending from ssl_out
SSL: Failed - tls_out available to report error
EAP-PEAP: PHASE1 -> FAILURE
EAP: Session-Id - hexdump(len=0): [NULL]
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: method failed -> FAILURE
EAP: EAP entering state FAILURE
EAP: Building EAP-Failure (id=199)
wlan0: CTRL-EVENT-EAP-FAILURE ac:0b:fb:d8:03:46
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state FAIL
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: Sending EAP Packet (identifier 199)
IEEE 802.1X: ac:0b:fb:d8:03:46 AUTH_PAE entering state HELD
nl80211: Set STA flags - ifname=wlan0 addr=ac:0b:fb:d8:03:46 total_flags=0x60 flags_or=0x0 flags_and=0xfffffffe authorized=0
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: unauthorizing port
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: authentication failed - EAP type: 0 (unknown)
wlan0: STA ac:0b:fb:d8:03:46 IEEE 802.1X: Supplicant used different EAP type: 25 (PEAP)
wlan0: IEEE 802.1X: Force disconnection of ac:0b:fb:d8:03:46 after EAP-Failure in 10 ms
IEEE 802.1X: ac:0b:fb:d8:03:46 BE_AUTH entering state IDLE
wlan0: IEEE 802.1X: Scheduled disconnection of ac:0b:fb:d8:03:46 after EAP-Failure
wlan0: ap_sta_disconnect STA ac:0b:fb:d8:03:46 reason=23
nl80211: sta_remove -> DEL_STATION wlan0 ac:0b:fb:d8:03:46 --> 0 (Success)
wlan0: STA ac:0b:fb:d8:03:46 WPA: event 3 notification
wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=0 addr=0x556c2aff10 key_idx=0 set_tx=1 seq_len=0 key_len=0
   addr=ac:0b:fb:d8:03:46
nl80211: set_key failed; err=-22 Invalid argument)
RSN: PTK removal from the driver failed
WPA: ac:0b:fb:d8:03:46 WPA_PTK entering state DISCONNECTED
@mcspr
Copy link
Collaborator

mcspr commented Jul 31, 2022

We depend on the SDK implementation of enterprise connection, so only if it supports then we could support it. You could check standalone SDK examples, though. (obviously, both are without Arduino / Wiring api or libs from our Core)

@mcspr
Copy link
Collaborator

mcspr commented Sep 12, 2022

Depends on #5790

@mcspr mcspr closed this as completed Sep 12, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mcspr @aheinzel