Bug in WPA2 EAP

victorclaessen
Posts: 12
Joined: Mon Aug 14, 2017 8:08 pm

Re: Bug in WPA2 EAP

Postby victorclaessen » Fri Jun 29, 2018 2:06 pm

At the request (https://github.com/esp8266/Arduino/pull/4853#issuecomment-401187904) of d-a-v, I updated my arduino esp8266 repo to his pull request and re-ran my code. Now the error message is different "there is no poison after the block", which is interesting but I do not yet know what it means. See below for esp8266 debug output:

Code: Select all

ets Jan  8 2013,rst cause:2, boot mode:(3,7)

load 0x4010f000, len 1384, room 16
tail 8
chksum 0x2d
csum 0x2d
v00000000
~ld

SDK:3.0.0-dev(c0f7b44)/Core:win-2.5.0-dev/lwIP:2.0.3(STABLE-2_0_3_RELEASE/glue:arduino-2.4.1-13-g163bb82)/BearSSL:94e9704
WPA2 ENTERPRISE VERSION: [v2.0] enable
scandone

Waiting for connection and IP Address from DHCP
wifi evt: 8
wifi evt: 2
.scandone
state: 0 -> 2 (b0)
state: 2 -> 3 (0)
state: 3 -> 5 (10)
add 0
aid 1
cnt
EAP-MSCHAPV2: RX identifier 3 mschapv2_id 3
EAP-MSCHAPV2: Generate Challenge Response
EAP-MSCHAPV2: RX identifier 4 mschapv2_id 3
there is no poison after the block. Expected poison address: 0x41491208, actual data: 0x0e 0x00 0x00 0x00
block start: 3fff10bc

Panic C:\Program Files (x86)\Arduino\hardware\esp8266com\esp8266\cores\esp8266\umm_malloc\umm_malloc.c:861 check_poison_block

ctx: sys
sp: 3fffec50 end: 3fffffb0 offset: 01b0

>>>stack>>>

victorclaessen
Posts: 12
Joined: Mon Aug 14, 2017 8:08 pm

Re: Bug in WPA2 EAP

Postby victorclaessen » Fri Jun 29, 2018 2:35 pm

To rule out device failure I took a completely new esp8266 module (Witty Cloud board) from its protective packaging, and uploaded the same code to it. I selected 'erase all flash contents' as an arduino upload option. Same result:

Code: Select all

SDK:3.0.0-dev(c0f7b44)/Core:win-2.5.0-dev/lwIP:2.0.3(STABLE-2_0_3_RELEASE/glue:arduino-2.4.1-13-g163bb82)/BearSSL:94e9704
WPA2 ENTERPRISE VERSION: [v2.0] enable
scandone

Waiting for connection and IP Address from DHCP
wifi evt: 8
wifi evt: 2
.scandone
state: 0 -> 2 (b0)
state: 2 -> 3 (0)
state: 3 -> 5 (10)
add 0
aid 1
cnt
EAP-MSCHAPV2: RX identifier 3 mschapv2_id 3
EAP-MSCHAPV2: Generate Challenge Response
EAP-MSCHAPV2: RX identifier 4 mschapv2_id 3
there is no poison after the block. Expected poison address: 0x414910d8, actual data: 0x0e 0x00 0x00 0x00
block start: 3fff0f8c

Panic C:\Program Files (x86)\Arduino\hardware\esp8266com\esp8266\cores\esp8266\umm_malloc\umm_malloc.c:861 check_poison_block

ctx: sys
sp: 3fffec50 end: 3fffffb0 offset: 01b0

>>>stack>>>

Decoding 67 results
0x40204af6: printf at /Users/igrokhotkov/e/newlib-xtensa/xtensa-lx106-elf/newlib/libc/stdio/../../../.././newlib/libc/stdio/printf.c line 61
0x40244394: sleep_reset_analog_rtcreg_8266 at ?? line ?
0x401004db: check_poison at C:\Program Files (x86)\Arduino\hardware\esp8266com\esp8266\cores\esp8266\umm_malloc/umm_malloc.c line 861
:  (inlined by) check_poison_block at C:\Program Files (x86)\Arduino\hardware\esp8266com\esp8266\cores\esp8266\umm_malloc/umm_malloc.c line 851
0x4010020c: _umm_free at C:\Program Files (x86)\Arduino\hardware\esp8266com\esp8266\cores\esp8266\umm_malloc/umm_malloc.c line 1295
0x4010020c: _umm_free at C:\Program Files (x86)\Arduino\hardware\esp8266com\esp8266\cores\esp8266\umm_malloc/umm_malloc.c line 1295
0x4010053a: get_unpoisoned at C:\Program Files (x86)\Arduino\hardware\esp8266com\esp8266\cores\esp8266\umm_malloc/umm_malloc.c line 946
0x401009dc: free at C:\Program Files (x86)\Arduino\hardware\esp8266com\esp8266\cores\esp8266\umm_malloc/umm_malloc.c line 1742
0x4022d8e0: _base64_decode at ?? line ?
0x40106944: vPortFree at C:\Program Files (x86)\Arduino\hardware\esp8266com\esp8266\cores\esp8266/heap.c line 59
0x4022581a: wpa2_sm_rx_eapol at ?? line ?
0x4022582e: wpa2_sm_rx_eapol at ?? line ?
0x40225869: wpa2_sm_rx_eapol at ?? line ?
0x40225434: wpa2_sm_rx_eapol at ?? line ?
0x4021cccd: sta_input at ?? line ?
0x40230d43: pp_tx_idle_timeout at ?? line ?
0x40230603: ppPeocessRxPktHdr at ?? line ?
0x40104740: call_user_start_local at ?? line ?
0x40104746: call_user_start_local at ?? line ?
0x4010000d: call_user_start at ?? line ?
0x40100a84: cont_ret at C:\Program Files (x86)\Arduino\hardware\esp8266com\esp8266\cores\esp8266/cont.S line 142
0x40100a31: cont_continue at C:\Program Files (x86)\Arduino\hardware\esp8266com\esp8266\cores\esp8266/cont.S line 51
0x40101232: pp_post at ?? line ?
0x40104620: lmacTxFrame at ?? line ?
0x4010383f: lmacRecycleMPDU at ?? line ?
0x40103ca2: lmacRecycleMPDU at ?? line ?
0x40103786: lmacProcessTxSuccess at ?? line ?
0x401025fb: wDev_ProcessFiq at ?? line ?
0x401022f8: wDev_ProcessFiq at ?? line ?
0x40100439: check_poison_block at C:\Program Files (x86)\Arduino\hardware\esp8266com\esp8266\cores\esp8266\umm_malloc/umm_malloc.c line 842
0x40104f19: ets_timer_disarm at ?? line ?
0x40245d80: sleep_reset_analog_rtcreg_8266 at ?? line ?
0x40240000: phy_gpio_cfg at ?? line ?
0x40241c31: ram_set_txbb_atten at ?? line ?
0x4023e77a: tx_atten_set_interp at ?? line ?
0x40231763: pp_attach at ?? line ?
0x402317b2: pp_attach at ?? line ?
0x4010137b: ppCalFrameTimes at ?? line ?
0x4023086b: ppTxPkt at ?? line ?
0x40219d6b: ieee80211_send_probereq at ?? line ?
0x4021ddd4: cnx_start_handoff_cb at ?? line ?
0x4021bb93: scan_remove_probe_ssid at ?? line ?
0x4021b764: scan_start at ?? line ?
0x4021ddd4: cnx_start_handoff_cb at ?? line ?
0x4010505c: ets_timer_arm_new at ?? line ?
0x4021d76b: chm_start_op at ?? line ?
0x4021ddd4: cnx_start_handoff_cb at ?? line ?
0x4021ddd4: cnx_start_handoff_cb at ?? line ?
0x4021d6e0: chm_start_op at ?? line ?
0x4021b754: scan_start at ?? line ?
0x4021b728: scan_start at ?? line ?
0x4021b6f3: scan_start at ?? line ?
0x4021bca4: scan_remove_probe_ssid at ?? line ?
0x4010505c: ets_timer_arm_new at ?? line ?
0x40203398: esp_yield at C:\Program Files (x86)\Arduino\hardware\esp8266com\esp8266\cores\esp8266/core_esp8266_main.cpp line 91
0x402014e7: delay at C:\Program Files (x86)\Arduino\hardware\esp8266com\esp8266\cores\esp8266/core_esp8266_wiring.c line 51
0x40202716: setup at C:\Users\claessen\Documents\Arduino\wpa2/wpa2.ino line 45

<<<stack<<<



(The attempt from the previous post used a of Wemos D1 mini v3 board.)

avc
Posts: 8
Joined: Wed Sep 21, 2016 10:12 am

Re: Bug in WPA2 EAP

Postby avc » Sun Jul 01, 2018 3:16 am

@victorclaessen I was going through the espressif repo, and I noticed a more files which were updated along the wpa2 stuff. some on lwip, some in /include folders. Now, When @ESP_Faye asked to try out the latest sdk, I would be surprised he would say so without having someone (he himself or someone in his team) test it out and made sure it is working atleast on their network. Which makes me think: Is it possible that it is not just the 2 lib files, and the wpa2_enterprise.h (which was not updated in this go) that needs to be added for this to work?

avc
Posts: 8
Joined: Wed Sep 21, 2016 10:12 am

Re: Bug in WPA2 EAP

Postby avc » Mon Jul 23, 2018 11:16 pm

@ESP_Deng Xin @ESP_Faye @ESP_igrr We have been trying to get this going with the latest release but it seems there are still issues with getting the IP. Can you please look at all the related discussion too at https://github.com/esp8266/Arduino/pull/4853

In my latest attempt, the Radius Server does accept the request and seems to successfully authenticate (atleast it looks like from the Radius server logs), but the ESP cannot complete the process.

Code: Select all

SDK:3.0.0-dev(c0f7b44)/Core:win-2.5.0-dev/lwIP:2.0.3(STABLE-2_0_3_RELEASE/glue:arduino-2.4.1-13-g163bb82)/BearSSL:6d1cefc
WPA2 ENTERPRISE VERSION: [v2.0] enable
scandone

Waiting for connection and IP Address from DHCP
wifi evt: 8
wifi evt: 2
.scandone
state: 0 -> 2 (b0)
state: 2 -> 3 (0)
state: 3 -> 5 (10)
add 0
aid 1
cnt
Method private structure allocated failure
EAP-MSCHAPV2: RX identifier 4 mschapv2_id 4
EAP-MSCHAPV2: Generate Challenge Response
EAP-MSCHAPV2: RX identifier 5 mschapv2_id 4
..state: 5 -> 2 (6c0)
rm 0
wifi evt: 1
STA disconnect: 6
reconnect

Any help would be much appreciated.

avc
Posts: 8
Joined: Wed Sep 21, 2016 10:12 am

Re: Bug in WPA2 EAP

Postby avc » Mon Aug 06, 2018 1:56 am

@ESP_Faye @ESP_wujiangang @ESP_Deng Xin Please address this issue. The issue seems to be not fixed. See full discussion on https://github.com/esp8266/Arduino/pull/4853. We tried both Arduino and native sdk, both showing similar errors.

akouz
Posts: 27
Joined: Tue May 10, 2016 1:10 pm

Re: Bug in WPA2 EAP

Postby akouz » Fri Aug 10, 2018 10:41 pm

The problem was not resolved for one year. It is pity. But at least SiLabs offer modules capable to handle WPA2 Enterprise.

avc
Posts: 8
Joined: Wed Sep 21, 2016 10:12 am

Re: Bug in WPA2 EAP

Postby avc » Sat Aug 11, 2018 12:13 am

I hope we are close. xcguang from Espressif promised to look into this and get back with an update soon. :)

Albertrer
Posts: 5
Joined: Fri Jul 06, 2018 11:40 am
Location: Zambia
Contact:

View first unread post

Postby Albertrer » Sun Sep 16, 2018 1:02 pm

Where am i looking for it? We cant see a View first unread post. Got it. Its very good. What was there before? A&M

Who is online

Users browsing this forum: No registered users and 0 guests