# wpa_supplicant boot error - FreeBSD 8.0-RELEASE i386



## BitUnique (Feb 18, 2010)

I'm getting some errors when i boot my machine related to wpa_supplicant, seems like it's not able to associate with my AP automatically. I'm connecting to a WPA AP using a pass phrase

Error at boot


```
Feb 18 07:32:11 pandora kernel: /etc/rc.d/wpa_supplicant: WARNING: /etc/wpa_supplicant.conf is not readable.
Feb 18 07:32:11 pandora kernel: /etc/rc.d/wpa_supplicant: WARNING: failed precmd routine for wpa_supplicant
Feb 18 07:32:11 pandora kernel: ifconfig: 
Feb 18 07:32:11 pandora kernel: create: bad value
```

/etc/rc.conf


```
wlans_iwn0="wlan0"
ifconfig_wlan0="ssid xxxx WPA DHCP"
```

/boot/load.conf


```
legal.intel_iwn.license_ack=1
if_iwn_load="YES"
if_iwnfw_load="YES"
wlan_wep_load="YES"
wlan_ccmp_load="YES"
wlan_tkip_load="YES"
```

etc/wpa_supplicant.conf


```
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel

network={
        ssid="xxxx"
        proto=RSN WPA
        key_mgmt=WPA-PSK
        pairwise=CCMP TKIP
        group=CCMP TKIP
        psk="xxxx"
}
```

I have searched around a lot, and haven't quiet found a solution to my problem. 

Also, i would like to add that when i do run wpa_supplicant manually, my connection to the AP is stable, but i seem to get a lot of packet loss and timeouts. 


```
pandora# wpa_supplicant -D bsd -i wlan0 -c /etc/wpa_supplpicant.conf
CTRL-EVENT-SCAN-RESULTS 
Trying to associate with xx:xx:xx:xx:xx:xx (SSID='xxxx' freq=2462 MHz)
Associated with xx:xx:xx:xx:xx:xx
WPA: Key negotiation completed with xx:xx:xx:xx:xx:xx [PTK=TKIP GTK=TKIP]
CTRL-EVENT-CONNECTED - Connection to xx:xx:xx:xx:xx:xx completed (auth) [id=0 id_str=]
```

Any help appreciated
Bit


----------



## bschmidt (Feb 18, 2010)

BitUnique said:
			
		

> /etc/rc.conf
> 
> 
> ```
> ...



You can drop the "ssid XXXX " part there.



			
				BitUnique said:
			
		

> /boot/load.conf



This is loader.conf isn't it?



			
				BitUnique said:
			
		

> etc/wpa_supplicant.conf
> 
> 
> ```
> ...



Can you also post `# ls -l /etc/wpa_supplicant.conf`?



			
				BitUnique said:
			
		

> Also, i would like to add that when i do run wpa_supplicant manually, my connection to the AP is stable, but i seem to get a lot of packet loss and timeouts.



This can have several reasons.. before getting deeper into that, did you try the driver from stable/8 oder head? Also, TKIP has known issues in 8.0-RELEASE (fixed in head), you might want to use CCMP and RSN only, as in:


```
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel

network={
        ssid="xxxx"
        proto=RSN
        key_mgmt=WPA-PSK
        pairwise=CCMP
        group=CCMP
        psk="xxxx"
}
```


----------



## BitUnique (Feb 18, 2010)

> This is loader.conf isn't it?



Yes, my bad. Sorry



> Can you also post `# ls -l /etc/wpa_supplicant.conf`?




```
-rw-r--r--  1 bitunique  bitunique  222 Feb 18 07:59 /etc/wpa_supplpicant.conf
```



> This can have several reasons.. before getting deeper into that, did you try the driver from stable/8 oder head? Also, TKIP has known issues in 8.0-RELEASE (fixed in head)



Not sure how to update drivers/modules. I haven't gotten that far in the handbook yet.


----------



## bschmidt (Feb 18, 2010)

BitUnique said:
			
		

> ```
> -rw-r--r--  1 bitunique  bitunique  222 Feb 18 07:59 /etc/wpa_supplpicant.conf
> ```



I don't know whether the file owner makes a difference, though, changing it to root:wheel for a test won't hurt.



			
				BitUnique said:
			
		

> Not sure how to update drivers/modules. I haven't gotten that far in the handbook yet.



Try switching to CCMP first, it might solve your issue regarding stability.


----------



## BitUnique (Feb 18, 2010)

bschmidt said:
			
		

> I don't know whether the file owner makes a difference, though, changing it to root:wheel for a test won't hurt.


Indeed, that did it  It didn't occur to me that the file had to be root:wheel even tho that is completely logical heh. 



> Try switching to CCMP first, it might solve your issue regarding stability.



CCMP only does not work, completely unable to associate. I'm forced to use TKIP it seems.


----------



## BitUnique (Feb 18, 2010)

Just did a dmesg |grep iwn to check things out, and i got the following


```
wlan0: ieee80211_vap_detach: STA parent iwn0
iwn0: need multicast update callback
```

That might be related to the instability?


----------



## bschmidt (Feb 18, 2010)

BitUnique said:
			
		

> Just did a dmesg |grep iwn to check things out, and i got the following
> 
> 
> ```
> ...



Nope, that is just a warning about a missing driver callback, this is fixed with the newer driver.

As I said, TKIP has a known issue with rekeying. You can fix that by either changing the "Group Key Interval Update", in case your AP provides such a setting, or by building your own kernel with the fix applied. Read this starting with post #229.


----------



## BitUnique (Feb 18, 2010)

Thanks for your support on this? I'll get cracking on building my own kernel


----------



## bschmidt (Feb 18, 2010)

BitUnique said:
			
		

> Thanks for your support on this? I'll get cracking on building my own kernel



You're welcome and good luck


----------



## BitUnique (Feb 18, 2010)

Alright, its been a little while now since i patched my kernel and rebuilt my driver. And it's definately better. 

But its still not completely stable.

dmesg | grep iwn


```
iwn0: <Intel(R) PRO/Wireless 4965BGN> mem 0xf3100000-0xf3101fff irq 17 at device 0.0 on pci6
iwn0: Reg Domain: MoW2, address 00:13:e8:95:f8:8b
iwn0: [ITHREAD]
iwn0: 11a rates: 6Mbps 9Mbps 12Mbps 18Mbps 24Mbps 36Mbps 48Mbps 54Mbps
iwn0: 11b rates: 1Mbps 2Mbps 5.5Mbps 11Mbps
iwn0: 11g rates: 1Mbps 2Mbps 5.5Mbps 11Mbps 6Mbps 9Mbps 12Mbps 18Mbps 24Mbps 36Mbps 48Mbps 54Mbps
iwn0: 11na MCS: 15Mbps 30Mbps 45Mbps 60Mbps 90Mbps 120Mbps 135Mbps 150Mbps 30Mbps 60Mbps 90Mbps 120Mbps 180Mbps 240Mbps 270Mbps 300Mbps
iwn0: 11ng MCS: 15Mbps 30Mbps 45Mbps 60Mbps 90Mbps 120Mbps 135Mbps 150Mbps 30Mbps 60Mbps 90Mbps 120Mbps 180Mbps 240Mbps 270Mbps 300Mbps
iwn0: need multicast update callback
iwn0: need multicast update callback
iwn0: need multicast update callback
```

Also found this;


```
gnome-keyring-daemon[1211]: couldn't allocate secure memory to keep passwords and or keys from being written to the disk
```
To rebuild the driver i cd'd in to /usr/src/sys/modules/iwn and did 
	
	



```
make clean && make
```
 after patching the kernel. Followed by a reboot. I'm not sure if this was the correct way of doing it or not.


----------



## bschmidt (Feb 18, 2010)

BitUnique said:
			
		

> To rebuild the driver i cd'd in to /usr/src/sys/modules/iwn and did
> 
> 
> 
> ...



You rebuild the driver, that is right. Though, the fix is for net80211 which is provided by the "wlan" module. The GENERIC kernel configuration does include wlan directly so just rebuilding the driver/wlan module isn't enough, you must rebuild the whole kernel.


```
# cd /usr/src
# make buildkernel
# make installkernel
# reboot
```


----------



## BitUnique (Feb 18, 2010)

bschmidt said:
			
		

> You rebuild the driver, that is right. Though, the fix is for net80211 which is provided by the "wlan" module. The GENERIC kernel configuration does include wlan directly so just rebuilding the driver/wlan module isn't enough, you must rebuild the whole kernel.
> 
> 
> ```
> ...




Yes i did all the steps. 

I patched the kernel, rebuilt it, and reinstalled it. then rebuilt the driver/moduled, then i rebooted. Every thing works a lot better. But i still get some hangups now and then.


----------



## bschmidt (Feb 18, 2010)

BitUnique said:
			
		

> Yes i did all the steps.
> 
> I patched the kernel, rebuilt it, and reinstalled it. then rebuilt the driver/moduled, then i rebooted. Every thing works a lot better. But i still get some hangups now and then.



Might be indeed related to driver itself then. In case you are curious you can try the new driver. Installation instructions


----------



## BitUnique (Feb 18, 2010)

bschmidt said:
			
		

> Might be indeed related to driver itself then. In case you are curious you can try the new driver. Installation instructions



Ok, i updated the driver. Rebooted, and saw no more error messages, all is well i thought. Then i realised that wpa_supplicant couldnt associate with the AP, it keep failing for some reason, and i cant see any error at all. 

Tried dhclient wlan0 

```
no link..........giving up.
```

wpa_supplicant can see the AP, just not accociate, it times out every time.


----------



## bschmidt (Feb 18, 2010)

uhmm.. that's weird. That shouldn't happen. Can you enable debugging with `# wlandebug +scan +assoc +state` and post the output? You might also want to run wpa_supplicant manually with `# wpa_supplicant -Dbsd -iwlan0 -c/etc/wpa_supplicant.conf -ddts`.

If we can't figure out what's wrong, you can get the old driver back with

```
# cd /usr/src/sys/modules/iwn
# make
# make install
# cd /usr/src/sys/modules/iwnfw
# make
# make install
```


----------



## BitUnique (Feb 18, 2010)

Alright, i reverted back. here are some debugging from the driver that failed. 
That's the only relevant part i could see


```
Feb 18 18:20:06 pandora kernel: wlan0: [00:21:96:13:a4:08] ieee80211_scan_assoc_fail: reason 1
Feb 18 18:20:06 pandora kernel: wlan0: [00:21:96:13:a4:08] sta_assoc_fail: reason 1 fails 15
wpa_supplicant[320]: failed to disable wpa in the driver
wlan0: ieee80211_new_state_locked:pending scan -> AUTH transission lost
```

Aswell as


----------

