我是靠谱客的博主 清秀大米,最近开发中收集的这篇文章主要介绍EAP-TLS认证过程,觉得挺不错的,现在分享给大家,希望可以做个参考。

概述

EAP-TLS认证过程如下: 
1)客户端发出EAP-start消息请求认证; 
2)AP发出请求帧,要求客户端输入用户名; 
3)客户机响应请求,将用户名信息通过数据帧发送至AP; 
4)AP将客户端传来的信息重新封装成RADIUSAccessRequest包发送给服务器; 
5)RADIUS服务器验证用户名合法后向客户端发送数字 证书
6)客户端通过数字证书验证服务器的身份; 
7)客户端向服务器发送自己的数字证书; 
8)服务器通过数字证书验证客户端的身份,至此完成相互认证; 
9)在相互认证的过程中,客户端和服务器获得主会话密钥; 
10)认证成功,RADIUS服务器向AP发送RADIUSACCEPT消息,其中包含密钥信息; 
11)AP向客户端转发EAPSuccess消息,认证成功 

虽然EAP-TLS的安全核心是验证数字证书,但是在此之前仍然需要client提供identity以供验证身份的合法性才会开始证书的双向验证,所以需要先在UI上输入identity(username).

EAP-SIM的连接不需要安装证书,identity是以SIM卡的IMEI


EAP

受保护的可扩展的身份验证协议 (PEAP) 是可扩展的身份验证协议 (EAP) 家族的一个新成员。PEAP 使用传输级别安全性 (TLS)在正在验证的 PEAP 客户端(例如无线计算机)和 PEAP 身份验证器(例如 Internet 验证服务 (IAS) 或远程验证拨号用户服务 (RADIUS) 服务器)之间创建加密通道。PEAP 不指定验证方法,但是会为其他 EAP 验证协议提供额外的安全性,例如 EAP-MSCHAPv2 协议,该协议可以通过 PEAP 提供的 TLS 加密通道得以实现。PEAP 用作 802.11 无线客户端计算机的身份验证方法,


整个 EAP 通信,包括 EAP 协商在内,都通过 TLS 通道进行。IAS 服务器对用户和客户端计算机进行身份验证,具体方法由 EAP 类型决定,在 PEAP 内部选择使用(EAP-TLS 或 EAP-MS-CHAPv2)。访问点只会在无线客户端和 RADIUS 服务器之间转发消息,由于不是 TLS 终结点,访问点(或者对它们进行监视的人)无法对这些消息进行解密。

可以在两种 EAP 类型中选择一种与 PEAP 共同使用:EAP-MS-CHAPv2 或 EAP-TLS。EAP-MS-CHAPv2使用凭据(用户名和密码)进行用户身份验证,使用服务器计算机证书存储中的证书进行服务器验证。EAP-TLS使用安装在客户端计算机或智能卡中的证书进行用户和客户端计算机验证,使用服务器计算机证书存储中的证书进行服务器验证。

带 EAP-MS-CHAPv2 (PEAP-EAP-MS-CHAPv2) 的 PEAP 比 EAP-TLS 更易于部署,因为用户身份验证是使用基于密码的凭据(用户名和密码)来完成的,而不是使用证书或智能卡 -- 只有 IAS 或 RADIUS 服务器需要有证书。另外,服务器证书可以由客户端计算机所信任的公共证书颁发机构 (CA) 颁发(即,公用的 CA 证书已经存在于客户端计算机证书存储中的“受信根证书颁发机构”文件夹内)。在这种情况下,服务器证书不会被下载和添加到客户端受信任的根证书存储中,用户也不会被提示来决定是否信任服务器。
PEAP-EAP-MS-CHAPv2 可以提供比 MS-CHAPv2 更高的安全性,它使用相互身份验证,防止未经授权的服务器协商最不安全的身份验证方法,提供 TLS 生成的密钥。PEAP-EAP-MS-CHAPv2 要求客户端信任服务器提供的证书。


Line 14704: 02-10 15:35:36.011  6385  6385 D wpa_supplicant: EAPOL: SUPP_PAE entering state DISCONNECTED
Line 14705: 02-10 15:35:36.012  6385  6385 D wpa_supplicant: EAPOL: Supplicant port status: Unauthorized
Line 14706: 02-10 15:35:36.012  6385  6385 D wpa_supplicant: EAPOL: KEY_RX entering state NO_KEY_RECEIVE
Line 14707: 02-10 15:35:36.012  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state INITIALIZE
Line 14708: 02-10 15:35:36.012  6385  6385 D wpa_supplicant: EAP: EAP entering state DISABLED
Line 14709: 02-10 15:35:36.012  6385  6385 D wpa_supplicant: EAPOL: Supplicant port status: Unauthorized
Line 14710: 02-10 15:35:36.013  6385  6385 D wpa_supplicant: EAPOL: Supplicant port status: Unauthorized
Line 14861: 02-10 15:35:36.160  6385  6385 D wpa_supplicant: EAPOL: SUPP_PAE entering state DISCONNECTED
Line 14862: 02-10 15:35:36.160  6385  6385 D wpa_supplicant: EAPOL: Supplicant port status: Unauthorized
Line 14863: 02-10 15:35:36.161  6385  6385 D wpa_supplicant: EAPOL: KEY_RX entering state NO_KEY_RECEIVE
Line 14864: 02-10 15:35:36.161  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state INITIALIZE
Line 14865: 02-10 15:35:36.161  6385  6385 D wpa_supplicant: EAP: EAP entering state DISABLED
Line 14866: 02-10 15:35:36.161  6385  6385 D wpa_supplicant: EAPOL: Supplicant port status: Unauthorized
Line 14867: 02-10 15:35:36.162  6385  6385 D wpa_supplicant: EAPOL: Supplicant port status: Unauthorized
Line 16680: 02-10 15:35:36.941  6385  6385 D wpa_supplicant: EAPOL: External notification - EAP success=0
Line 16681: 02-10 15:35:36.941  6385  6385 D wpa_supplicant: EAPOL: Supplicant port status: Unauthorized
Line 16682: 02-10 15:35:36.942  6385  6385 D wpa_supplicant: EAPOL: External notification - EAP fail=0
Line 16683: 02-10 15:35:36.942  6385  6385 D wpa_supplicant: EAPOL: Supplicant port status: Unauthorized
Line 16684: 02-10 15:35:36.942  6385  6385 D wpa_supplicant: EAPOL: External notification - portControl=Auto
Line 16685: 02-10 15:35:36.942  6385  6385 D wpa_supplicant: EAPOL: Supplicant port status: Unauthorized
Line 16979: 02-10 15:35:36.991  6385  6385 D wpa_supplicant: EAPOL: External notification - portEnabled=0
Line 16980: 02-10 15:35:36.991  6385  6385 D wpa_supplicant: EAPOL: Supplicant port status: Unauthorized
Line 16987: 02-10 15:35:36.991  6385  6385 D wpa_supplicant: EAPOL: External notification - portValid=0
Line 16988: 02-10 15:35:36.991  6385  6385 D wpa_supplicant: EAPOL: Supplicant port status: Unauthorized
Line 16989: 02-10 15:35:36.992  6385  6385 D wpa_supplicant: EAPOL: External notification - portEnabled=1
Line 16990: 02-10 15:35:36.992  6385  6385 D wpa_supplicant: EAPOL: SUPP_PAE entering state CONNECTING
Line 16992: 02-10 15:35:36.992  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state IDLE
Line 16993: 02-10 15:35:36.992  6385  6385 D wpa_supplicant: EAP: EAP entering state INITIALIZE
Line 16994: 02-10 15:35:36.992  6385  6385 D wpa_supplicant: EAP: EAP entering state IDLE
Line 17009: 02-10 15:35:36.994  6385  6385 D wpa_supplicant: EAPOL: Received EAP-Packet frame
Line 17010: 02-10 15:35:36.994  6385  6385 D wpa_supplicant: EAPOL: SUPP_PAE entering state RESTART
Line 17011: 02-10 15:35:36.994  6385  6385 D wpa_supplicant: EAP: EAP entering state INITIALIZE
Line 17012: 02-10 15:35:36.994  6385  6385 D wpa_supplicant: EAP: EAP entering state IDLE
Line 17013: 02-10 15:35:36.995  6385  6385 D wpa_supplicant: EAPOL: SUPP_PAE entering state AUTHENTICATING
Line 17014: 02-10 15:35:36.995  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state REQUEST
Line 17015: 02-10 15:35:36.995  6385  6385 D wpa_supplicant: EAPOL: getSuppRsp
Line 17016: 02-10 15:35:36.995  6385  6385 D wpa_supplicant: EAP: EAP entering state RECEIVED
Line 17017: 02-10 15:35:36.995  6385  6385 D wpa_supplicant: EAP: Received EAP-Request id=1 method=1 vendor=0 vendorMethod=0
Line 17018: 02-10 15:35:36.995  6385  6385 D wpa_supplicant: EAP: EAP entering state IDENTITY
Line 17022: 02-10 15:35:36.995  6385  6385 D wpa_supplicant: EAP: EAP-Request Identity data - hexdump(len=49): 00 6e 65 74 77 6f 72 6b 69 64 3d 6c 65 6e 6f 76 6f 2d 52 44 2c 6e 61 73 69 64 3d 43 4e 58 4d 57 ...
Line 17023: 02-10 15:35:36.995  6385  6385 D wpa_supplicant: EAP: using real identity - hexdump(len=5): 6c 75 6d 79 31
Line 17024: 02-10 15:35:36.995  6385  6385 D wpa_supplicant: EAP: EAP entering state SEND_RESPONSE
Line 17025: 02-10 15:35:36.995  6385  6385 D wpa_supplicant: EAP: EAP entering state IDLE
Line 17026: 02-10 15:35:36.995  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RESPONSE
Line 17027: 02-10 15:35:36.995  6385  6385 D wpa_supplicant: EAPOL: txSuppRsp
Line 17032: 02-10 15:35:37.002  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RECEIVE
Line 17042: 02-10 15:35:37.014  6385  6385 D wpa_supplicant: EAPOL: startWhen --> 0
Line 17056: 02-10 15:35:37.025  6385  6385 D wpa_supplicant: EAPOL: Received EAP-Packet frame
Line 17057: 02-10 15:35:37.025  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state REQUEST
Line 17058: 02-10 15:35:37.025  6385  6385 D wpa_supplicant: EAPOL: getSuppRsp
Line 17059: 02-10 15:35:37.025  6385  6385 D wpa_supplicant: EAP: EAP entering state RECEIVED
Line 17060: 02-10 15:35:37.025  6385  6385 D wpa_supplicant: EAP: Received EAP-Request id=89 method=25 vendor=0 vendorMethod=0
Line 17061: 02-10 15:35:37.025  6385  6385 D wpa_supplicant: EAP: EAP entering state GET_METHOD
Line 17065: 02-10 15:35:37.025  6385  6385 D wpa_supplicant: EAP:Status notification: accept proposed method (param=PEAP)
Line 17066: 02-10 15:35:37.025  6385  6385 D wpa_supplicant: EAP: Initialize selected EAP method: vendor 0 method 25 (PEAP)
Line 17073: 02-10 15:35:37.026  6385  6385 D wpa_supplicant: EAP: EAP entering state METHOD
Line 17075: 02-10 15:35:37.026  6385  6385 D wpa_supplicant: EAP-PEAP: Start (server ver=1, own ver=1)
Line 17076: 02-10 15:35:37.026  6385  6385 D wpa_supplicant: EAP-PEAP: Using PEAP version 1
Line 17089: 02-10 15:35:37.027  6385  6385 D wpa_supplicant: EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
Line 17090: 02-10 15:35:37.027  6385  6385 D wpa_supplicant: EAP: EAP entering state SEND_RESPONSE
Line 17091: 02-10 15:35:37.027  6385  6385 D wpa_supplicant: EAP: EAP entering state IDLE
Line 17092: 02-10 15:35:37.027  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RESPONSE
Line 17093: 02-10 15:35:37.027  6385  6385 D wpa_supplicant: EAPOL: txSuppRsp
Line 17097: 02-10 15:35:37.028  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RECEIVE
Line 17158: 02-10 15:35:37.080  6385  6385 D wpa_supplicant: EAPOL: Received EAP-Packet frame
Line 17159: 02-10 15:35:37.080  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state REQUEST
Line 17160: 02-10 15:35:37.080  6385  6385 D wpa_supplicant: EAPOL: getSuppRsp
Line 17161: 02-10 15:35:37.080  6385  6385 D wpa_supplicant: EAP: EAP entering state RECEIVED
Line 17162: 02-10 15:35:37.080  6385  6385 D wpa_supplicant: EAP: Received EAP-Request id=90 method=25 vendor=0 vendorMethod=0
Line 17163: 02-10 15:35:37.080  6385  6385 D wpa_supplicant: EAP: EAP entering state METHOD
Line 17168: 02-10 15:35:37.080  6385  6385 D wpa_supplicant: EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
Line 17169: 02-10 15:35:37.080  6385  6385 D wpa_supplicant: EAP: EAP entering state SEND_RESPONSE
Line 17170: 02-10 15:35:37.080  6385  6385 D wpa_supplicant: EAP: EAP entering state IDLE
Line 17171: 02-10 15:35:37.080  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RESPONSE
Line 17172: 02-10 15:35:37.080  6385  6385 D wpa_supplicant: EAPOL: txSuppRsp
Line 17174: 02-10 15:35:37.081  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RECEIVE
Line 17186: 02-10 15:35:37.105  6385  6385 D wpa_supplicant: EAPOL: Received EAP-Packet frame
Line 17187: 02-10 15:35:37.105  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state REQUEST
Line 17188: 02-10 15:35:37.105  6385  6385 D wpa_supplicant: EAPOL: getSuppRsp
Line 17189: 02-10 15:35:37.105  6385  6385 D wpa_supplicant: EAP: EAP entering state RECEIVED
Line 17190: 02-10 15:35:37.105  6385  6385 D wpa_supplicant: EAP: Received EAP-Request id=91 method=25 vendor=0 vendorMethod=0
Line 17191: 02-10 15:35:37.105  6385  6385 D wpa_supplicant: EAP: EAP entering state METHOD
Line 17199: 02-10 15:35:37.106  6385  6385 D wpa_supplicant: EAP: Status notification: remote certificate verification (param=success)
Line 17205: 02-10 15:35:37.107  6385  6385 D wpa_supplicant: EAP: Status notification: remote certificate verification (param=success)
Line 17210: 02-10 15:35:37.107  6385  6385 D wpa_supplicant: EAP: Status notification: remote certificate verification (param=success)
Line 17228: 02-10 15:35:37.110  6385  6385 D wpa_supplicant: EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
Line 17229: 02-10 15:35:37.110  6385  6385 D wpa_supplicant: EAP: EAP entering state SEND_RESPONSE
Line 17230: 02-10 15:35:37.110  6385  6385 D wpa_supplicant: EAP: EAP entering state IDLE
Line 17231: 02-10 15:35:37.110  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RESPONSE
Line 17232: 02-10 15:35:37.110  6385  6385 D wpa_supplicant: EAPOL: txSuppRsp
Line 17235: 02-10 15:35:37.111  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RECEIVE
Line 17283: 02-10 15:35:37.140  6385  6385 D wpa_supplicant: EAPOL: Received EAP-Packet frame
Line 17284: 02-10 15:35:37.140  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state REQUEST
Line 17285: 02-10 15:35:37.140  6385  6385 D wpa_supplicant: EAPOL: getSuppRsp
Line 17286: 02-10 15:35:37.141  6385  6385 D wpa_supplicant: EAP: EAP entering state RECEIVED
Line 17287: 02-10 15:35:37.141  6385  6385 D wpa_supplicant: EAP: Received EAP-Request id=92 method=25 vendor=0 vendorMethod=0
Line 17288: 02-10 15:35:37.141  6385  6385 D wpa_supplicant: EAP: EAP entering state METHOD
Line 17297: 02-10 15:35:37.141  6385  6385 D wpa_supplicant: EAP-PEAP: TLS done, proceed to Phase 2
Line 17298: 02-10 15:35:37.141  6385  6385 D wpa_supplicant: EAP-PEAP: using label 'client EAP encryption' in key derivation
Line 17301: 02-10 15:35:37.142  6385  6385 D wpa_supplicant: EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
Line 17302: 02-10 15:35:37.142  6385  6385 D wpa_supplicant: EAP: EAP entering state SEND_RESPONSE
Line 17303: 02-10 15:35:37.142  6385  6385 D wpa_supplicant: EAP: EAP entering state IDLE
Line 17304: 02-10 15:35:37.142  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RESPONSE
Line 17305: 02-10 15:35:37.142  6385  6385 D wpa_supplicant: EAPOL: txSuppRsp
Line 17310: 02-10 15:35:37.145  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RECEIVE
Line 17362: 02-10 15:35:37.163  6385  6385 D wpa_supplicant: EAPOL: disable timer tick
Line 17363: 02-10 15:35:37.163  6385  6385 D wpa_supplicant: EAPOL: Supplicant port status: Unauthorized
Line 17370: 02-10 15:35:37.165  6385  6385 D wpa_supplicant: EAPOL: Received EAP-Packet frame
Line 17371: 02-10 15:35:37.165  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state REQUEST
Line 17372: 02-10 15:35:37.165  6385  6385 D wpa_supplicant: EAPOL: getSuppRsp
Line 17373: 02-10 15:35:37.165  6385  6385 D wpa_supplicant: EAP: EAP entering state RECEIVED
Line 17374: 02-10 15:35:37.165  6385  6385 D wpa_supplicant: EAP: Received EAP-Request id=93 method=25 vendor=0 vendorMethod=0
Line 17375: 02-10 15:35:37.165  6385  6385 D wpa_supplicant: EAP: EAP entering state METHOD
Line 17377: 02-10 15:35:37.166  6385  6385 D wpa_supplicant: EAP-PEAP: received 37 bytes encrypted data for Phase 2
Line 17378: 02-10 15:35:37.166  6385  6385 D wpa_supplicant: EAP-PEAP: Decrypted Phase 2 EAP
Line 17380: 02-10 15:35:37.166  6385  6385 D wpa_supplicant: EAP-PEAP: received Phase 2: code=1 identifier=93 length=5
Line 17381: 02-10 15:35:37.166  6385  6385 D wpa_supplicant: EAP-PEAP: Phase 2 Request: type=1
Line 17382: 02-10 15:35:37.166  6385  6385 D wpa_supplicant: EAP: using real identity - hexdump(len=5): 6c 75 6d 79 31
Line 17384: 02-10 15:35:37.166  6385  6385 D wpa_supplicant: EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
Line 17385: 02-10 15:35:37.166  6385  6385 D wpa_supplicant: EAP: EAP entering state SEND_RESPONSE
Line 17386: 02-10 15:35:37.166  6385  6385 D wpa_supplicant: EAP: EAP entering state IDLE
Line 17387: 02-10 15:35:37.166  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RESPONSE
Line 17388: 02-10 15:35:37.166  6385  6385 D wpa_supplicant: EAPOL: txSuppRsp
Line 17392: 02-10 15:35:37.167  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RECEIVE
Line 17421: 02-10 15:35:37.193  6385  6385 D wpa_supplicant: EAPOL: Received EAP-Packet frame
Line 17422: 02-10 15:35:37.193  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state REQUEST
Line 17423: 02-10 15:35:37.193  6385  6385 D wpa_supplicant: EAPOL: getSuppRsp
Line 17424: 02-10 15:35:37.193  6385  6385 D wpa_supplicant: EAP: EAP entering state RECEIVED
Line 17425: 02-10 15:35:37.193  6385  6385 D wpa_supplicant: EAP: Received EAP-Request id=94 method=25 vendor=0 vendorMethod=0
Line 17426: 02-10 15:35:37.193  6385  6385 D wpa_supplicant: EAP: EAP entering state METHOD
Line 17429: 02-10 15:35:37.193  6385  6385 D wpa_supplicant: EAP-PEAP: received 69 bytes encrypted data for Phase 2
Line 17431: 02-10 15:35:37.193  6385  6385 D wpa_supplicant: EAP-PEAP: Decrypted Phase 2 EAP
Line 17433: 02-10 15:35:37.193  6385  6385 D wpa_supplicant: EAP-PEAP: received Phase 2: code=1 identifier=94 length=40
Line 17434: 02-10 15:35:37.193  6385  6385 D wpa_supplicant: EAP-PEAP: Phase 2 Request: type=26
Line 17436: 02-10 15:35:37.193  6385  6385 D wpa_supplicant:EAP-PEAP: Selected Phase 2 EAP vendor 0 method 26
Line 17437: 02-10 15:35:37.193  6385  6385 D wpa_supplicant:EAP-MSCHAPV2: RX identifier 94 mschapv2_id 94
Line 17438: 02-10 15:35:37.193  6385  6385 D wpa_supplicant: EAP-MSCHAPV2: Received challenge
Line 17439: 02-10 15:35:37.193  6385  6385 D wpa_supplicant: EAP-MSCHAPV2: Authentication Servername - hexdump(len=14): 43 4e 53 5a 41 43 53 31 31 32 31 2d 30 31
Line 17442: 02-10 15:35:37.193  6385  6385 D wpa_supplicant: EAP-MSCHAPV2: Generating Challenge Response
Line 17457: 02-10 15:35:37.197  6385  6385 D wpa_supplicant: EAP-MSCHAPV2: TX identifier 94 mschapv2_id 94 (response)
Line 17459: 02-10 15:35:37.198  6385  6385 D wpa_supplicant: EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
Line 17460: 02-10 15:35:37.198  6385  6385 D wpa_supplicant: EAP: EAP entering state SEND_RESPONSE
Line 17461: 02-10 15:35:37.198  6385  6385 D wpa_supplicant: EAP: EAP entering state IDLE
Line 17462: 02-10 15:35:37.198  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RESPONSE
Line 17463: 02-10 15:35:37.198  6385  6385 D wpa_supplicant: EAPOL: txSuppRsp
Line 17465: 02-10 15:35:37.199  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RECEIVE
Line 17536: 02-10 15:35:37.282  6385  6385 D wpa_supplicant: EAPOL: Received EAP-Packet frame
Line 17537: 02-10 15:35:37.282  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state REQUEST
Line 17538: 02-10 15:35:37.282  6385  6385 D wpa_supplicant: EAPOL: getSuppRsp
Line 17539: 02-10 15:35:37.282  6385  6385 D wpa_supplicant: EAP: EAP entering state RECEIVED
Line 17540: 02-10 15:35:37.282  6385  6385 D wpa_supplicant: EAP: Received EAP-Request id=95 method=25 vendor=0 vendorMethod=0
Line 17541: 02-10 15:35:37.282  6385  6385 D wpa_supplicant: EAP: EAP entering state METHOD
Line 17543: 02-10 15:35:37.282  6385  6385 D wpa_supplicant: EAP-PEAP: received 85 bytes encrypted data for Phase 2
Line 17544: 02-10 15:35:37.282  6385  6385 D wpa_supplicant: EAP-PEAP: Decrypted Phase 2 EAP
Line 17546: 02-10 15:35:37.282  6385  6385 D wpa_supplicant: EAP-PEAP: received Phase 2: code=1 identifier=95 length=51
Line 17547: 02-10 15:35:37.282  6385  6385 D wpa_supplicant: EAP-PEAP: Phase 2 Request: type=26
Line 17548: 02-10 15:35:37.282  6385  6385 D wpa_supplicant: EAP-MSCHAPV2: RX identifier 95 mschapv2_id 94
Line 17549: 02-10 15:35:37.282  6385  6385 D wpa_supplicant: EAP-MSCHAPV2: Received success
Line 17550: 02-10 15:35:37.283  6385  6385 D wpa_supplicant: EAP-MSCHAPV2: Success message - hexdump(len=0):
Line 17551: 02-10 15:35:37.283  6385  6385 I wpa_supplicant: EAP-MSCHAPV2: Authentication succeeded
Line 17553: 02-10 15:35:37.283  6385  6385 D wpa_supplicant: EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
Line 17554: 02-10 15:35:37.283  6385  6385 D wpa_supplicant: EAP: EAP entering state SEND_RESPONSE
Line 17555: 02-10 15:35:37.283  6385  6385 D wpa_supplicant: EAP: EAP entering state IDLE
Line 17556: 02-10 15:35:37.283  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RESPONSE
Line 17557: 02-10 15:35:37.283  6385  6385 D wpa_supplicant: EAPOL: txSuppRsp
Line 17561: 02-10 15:35:37.284  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RECEIVE
Line 17574: 02-10 15:35:37.303  6385  6385 D wpa_supplicant: EAPOL: Received EAP-Packet frame
Line 17575: 02-10 15:35:37.303  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state REQUEST
Line 17576: 02-10 15:35:37.303  6385  6385 D wpa_supplicant: EAPOL: getSuppRsp
Line 17577: 02-10 15:35:37.303  6385  6385 D wpa_supplicant: EAP: EAP entering state RECEIVED
Line 17578: 02-10 15:35:37.303  6385  6385 D wpa_supplicant: EAP: Received EAP-Request id=96 method=25 vendor=0 vendorMethod=0
Line 17579: 02-10 15:35:37.303  6385  6385 D wpa_supplicant: EAP: EAP entering state METHOD
Line 17581: 02-10 15:35:37.303  6385  6385 D wpa_supplicant: EAP-PEAP: received 37 bytes encrypted data for Phase 2
Line 17582: 02-10 15:35:37.304  6385  6385 D wpa_supplicant: EAP-PEAP: Decrypted Phase 2 EAP
Line 17584: 02-10 15:35:37.304  6385  6385 D wpa_supplicant: EAP-PEAP: received Phase 2: code=3 identifier=95 length=4
Line 17585: 02-10 15:35:37.304  6385  6385 D wpa_supplicant: EAP-PEAP: Phase 2 Success
Line 17586: 02-10 15:35:37.304  6385  6385 D wpa_supplicant: EAP-PEAP: Version 1 - EAP-Success within TLS tunnel - authentication completed
Line 17587: 02-10 15:35:37.304  6385  6385 D wpa_supplicant: EAP-PEAP: Use TLS ACK to finish authentication
Line 17589: 02-10 15:35:37.304  6385  6385 D wpa_supplicant: EAP: method process -> ignore=FALSE methodState=DONE decision=UNCOND_SUCC
Line 17590: 02-10 15:35:37.304  6385  6385 D wpa_supplicant: EAP: EAP entering state SEND_RESPONSE
Line 17591: 02-10 15:35:37.304  6385  6385 D wpa_supplicant: EAP: EAP entering state IDLE
Line 17592: 02-10 15:35:37.304  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RESPONSE
Line 17593: 02-10 15:35:37.304  6385  6385 D wpa_supplicant: EAPOL: txSuppRsp
Line 17595: 02-10 15:35:37.305  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RECEIVE
Line 17610: 02-10 15:35:37.327  6385  6385 D wpa_supplicant: EAPOL: Received EAP-Packet frame
Line 17611: 02-10 15:35:37.327  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state REQUEST
Line 17612: 02-10 15:35:37.327  6385  6385 D wpa_supplicant: EAPOL: getSuppRsp
Line 17613: 02-10 15:35:37.327  6385  6385 D wpa_supplicant: EAP: EAP entering state RECEIVED
Line 17614: 02-10 15:35:37.327  6385  6385 D wpa_supplicant: EAP: Received EAP-Success
Line 17615: 02-10 15:35:37.327  6385  6385 D wpa_supplicant: EAP: Status notification: completion (param=success)
Line 17616: 02-10 15:35:37.327  6385  6385 D wpa_supplicant: EAP: EAP entering state SUCCESS
Line 17621: 02-10 15:35:37.327  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state RECEIVE
Line 17622: 02-10 15:35:37.327  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state SUCCESS
Line 17623: 02-10 15:35:37.327  6385  6385 D wpa_supplicant: EAPOL: SUPP_BE entering state IDLE
Line 17625: 02-10 15:35:37.327  6385  6385 D wpa_supplicant: EAPOL: Ignoring WPA EAPOL-Key frame in EAPOL state machines
Line 17655: 02-10 15:35:37.328  6385  6385 D wpa_supplicant: EAPOL: Successfully fetched key (len=32)
Line 17694: 02-10 15:35:37.340  6385  6385 D wpa_supplicant: EAPOL: Ignoring WPA EAPOL-Key frame in EAPOL state machines
Line 17728: 02-10 15:35:37.347  6385  6385 D wpa_supplicant: EAPOL: External notification - portValid=1
Line 17729: 02-10 15:35:37.347  6385  6385 D wpa_supplicant: EAPOL: SUPP_PAE entering state AUTHENTICATED
Line 17730: 02-10 15:35:37.347  6385  6385 D wpa_supplicant: EAPOL: Supplicant port status: Authorized
Line 17731: 02-10 15:35:37.347  6385  6385 D wpa_supplicant: EAPOL authentication completed successfully
Line 17779: 02-10 15:35:37.357  6385  6385 D wpa_supplicant: EAPOL: External notification - portValid=1

最后

以上就是清秀大米为你收集整理的EAP-TLS认证过程的全部内容,希望文章能够帮你解决EAP-TLS认证过程所遇到的程序开发问题。

如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。

本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
点赞(59)

评论列表共有 0 条评论

立即
投稿
返回
顶部