Native WiFi Connection to EAP Network

Technical Support
, , , ,
1

Hello all,

This is a follow-up to my question “Connecting to EAP WiFi network”. I managed to connect successfully using the built-in network configuration window of the OS and with Connection Manager active (as suggested by sahil.tx in that thread). However, what we really need is a solution for Native WiFi and that requires Connection Manager to be disabled.

I copied the Configuration Profile XML file (from when I got a successful connection above) and used this as parameter for WlanSetProfile. I then copied the code from GetEapUserCredProfileXml() in \WINCE700\public\wceshellfe\oak\CtlPnl2\XmlCpls\WiFi\wifinetworklist.cpp to generate the EapUser XML profile.

So now I have a configuration profile with a “ConfigBlob” (instead of “Config”) node and a user profile with a “CredentialsBlob” (instead of “Credentials”) node. Using those profiles, WlanSetProfile() and WlanSetProfileEapXmlUserData() return without errors.

However, I still could not get a successful connection after calling WlanConnect(). I registered for Wlan notifications and I got the ff:

wlan_notification_acm_profile_change
wlan_notification_acm_scan_complete
wlan_notification_acm_network_available
wlan_notification_acm_connection_start
wlan_notification_msm_associated
wlan_notification_msm_authenticating
OneXNotificationTypeResultUpdate
  ONEX_RESULT_UPDATE_DATA.oneXStatus.authStatus : OneXAuthInProgress
  ONEX_RESULT_UPDATE_DATA.oneXStatus.dwError : 0 [0x00000000]
  ONEX_RESULT_UPDATE_DATA.oneXStatus.dwReason : ONEX_REASON_CODE_SUCCESS
  ONEX_RESULT_UPDATE_DATA.BackendSupport : OneXEapMethodBackendSupportUnknown
  ONEX_RESULT_UPDATE_DATA.fBackendEngaged : FALSE
  ONEX_RESULT_UPDATE_DATA.fOneXAuthParams : [0x00000000]
  ONEX_RESULT_UPDATE_DATA.fEapError : [0x00000000]
OneXNotificationTypeResultUpdate
  ONEX_RESULT_UPDATE_DATA.oneXStatus.authStatus : OneXAuthFailure
  ONEX_RESULT_UPDATE_DATA.oneXStatus.dwError : 2147500037 [0x80004005]
  ONEX_RESULT_UPDATE_DATA.oneXStatus.dwReason : ONEX_EAP_FAILURE_RECEIVED
  ONEX_RESULT_UPDATE_DATA.BackendSupport : OneXEapMethodBackendSupportUnknown
  ONEX_RESULT_UPDATE_DATA.fBackendEngaged : FALSE
  ONEX_RESULT_UPDATE_DATA.fOneXAuthParams : [0x00000001]
  ONEX_RESULT_UPDATE_DATA.authParams.dwSize : 292 [0x00000124]
  ONEX_RESULT_UPDATE_DATA.authParams.dwOffset : 40 [0x00000028]
       ONEX_AUTH_PARAMS.fUpdatePending :  FALSE
       ONEX_AUTH_PARAMS.oneXConnProfile.dwVersion :  1 [0x00000001]
       ONEX_AUTH_PARAMS.oneXConnProfile.dwTotalLen :  192 [0x000000C0]
           ONEX_AUTH_PARAMS.oneXConnProfile.fOneXSupplicantFlags :  FALSE
           ONEX_AUTH_PARAMS.oneXConnProfile.fsupplicantMode :  FALSE
           ONEX_AUTH_PARAMS.oneXConnProfile.fauthMode :  TRUE
           ONEX_AUTH_PARAMS.oneXConnProfile.fHeldPeriod :  FALSE
           ONEX_AUTH_PARAMS.oneXConnProfile.fAuthPeriod :  FALSE
           ONEX_AUTH_PARAMS.oneXConnProfile.fStartPeriod :  FALSE
           ONEX_AUTH_PARAMS.oneXConnProfile.fMaxStart :  FALSE
           ONEX_AUTH_PARAMS.oneXConnProfile.fMaxAuthFailures :  FALSE
           ONEX_AUTH_PARAMS.oneXConnProfile.fNetworkAuthTimeout :  FALSE
           ONEX_AUTH_PARAMS.oneXConnProfile.fAllowLogonDialogs :  FALSE
           ONEX_AUTH_PARAMS.oneXConnProfile.fNetworkAuthWithUITimeout :  FALSE
           ONEX_AUTH_PARAMS.oneXConnProfile.fUserBasedVLan :  FALSE
           ONEX_AUTH_PARAMS.oneXConnProfile.dwOneXSupplicantFlags :  0 [0x00000000]
           ONEX_AUTH_PARAMS.oneXConnProfile.supplicantMode :  UNKNOWN
           ONEX_AUTH_PARAMS.oneXConnProfile.authMode :  OneXAuthModeUserOnly
           ONEX_AUTH_PARAMS.oneXConnProfile.dwHeldPeriod :  4294967295 [0xFFFFFFFF]
           ONEX_AUTH_PARAMS.oneXConnProfile.dwAuthPeriod :  4294967295 [0xFFFFFFFF]
           ONEX_AUTH_PARAMS.oneXConnProfile.dwStartPeriod :  4294967295 [0xFFFFFFFF]
           ONEX_AUTH_PARAMS.oneXConnProfile.dwMaxStart :  4294967295 [0xFFFFFFFF]
           ONEX_AUTH_PARAMS.oneXConnProfile.dwMaxAuthFailures :  4294967295 [0xFFFFFFFF]
           ONEX_AUTH_PARAMS.oneXConnProfile.dwNetworkAuthTimeout :  0 [0x00000000]
           ONEX_AUTH_PARAMS.oneXConnProfile.dwNetworkAuthWithUITimeout :  0 [0x00000000]
           ONEX_AUTH_PARAMS.oneXConnProfile.bAllowLogonDialogs :  FALSE
           ONEX_AUTH_PARAMS.oneXConnProfile.bUserBasedVLan :  FALSE
       ONEX_AUTH_PARAMS.authIdentity : OneXAuthIdentityUser
       ONEX_AUTH_PARAMS.dwQuarantineState : ISOLATION_STATE_UNKNOWN
       ONEX_AUTH_PARAMS.fSessionId : TRUE
       ONEX_AUTH_PARAMS.fhUserToken : TRUE
       ONEX_AUTH_PARAMS.fOnexUserProfile : TRUE
       ONEX_AUTH_PARAMS.fIdentity : FALSE
       ONEX_AUTH_PARAMS.fUserName : TRUE
       ONEX_AUTH_PARAMS.fDomain : TRUE
       ONEX_AUTH_PARAMS.dwSessionId : 0 [0x00000000]
       ONEX_AUTH_PARAMS.hUserToken : 0 [0x00000000]
       ONEX_AUTH_PARAMS.Identity : INVALID
       ONEX_AUTH_PARAMS.UserName : WmUser
       ONEX_AUTH_PARAMS.Domain : WmDomain
   ONEX_RESULT_UPDATE_DATA.fEapError : [0x00000000]
wlan_notification_msm_disconnected
wlan_notification_acm_connection_attempt_fail
wlan_notification_acm_connection_complete
wlan_notification_acm_scan_complete
wlan_notification_acm_network_available
wlan_notification_acm_scan_complete
wlan_notification_acm_network_available

It is worth noting that I get the same exact notification data even if I don’t call WlanSetProfileEapXmlUserData(). So it seems as if WlanSetProfileEapXmlUserData() didn’t do anything even though it returned a SUCCESS value.

I am not so sure what the actual configuration parameters are because the XML file I copied already has “ConfigBlob” instead of “Config” and I could not find any way to decode it. I am a bit confident that the User Profile fits the configuration, though, because I set the EapType to 25 (PEAP) and used the same credentials (username, password, no-domain) when generating the “CredentialsBlob” as when I connected manually (through the Network-configuration window).

Another thing worth noting is that on the RADIUS server, I don’t see any activity (I’m using FreeRADIUS.net with DEBUG mode) so the request is not reaching the server at all.

Am I missing a step? Is it possible to use purely Native WiFi calls to connect or is there a need to use other APIs (e.g. EapHost API)?

Under normal WIndows (Win7, Win10), I could successfully connect using the WlanSetProfile - WlanSetProfileEapXmlUserData() - WlanConnect() procedure.

2

Hi dennisL,

I will try it out at my end. Allow me some time.

Thanks

3

Hello sahil,

Thank you once again for taking the time to have a look at my problem. I would just like to add some information that might also help you with your trial.

I was checking the registry and I realized that there were no entries for EAP3SVC and EAPSVC in the [HKEY_LOCAL_MACHINE\Drivers\Active] section so I remembered that to enable Native Wifi, we had to disable ConnectionManager and we imported the ConnectionManagerRemove.reg from Setting up Wi-Fi Connectivity in Windows CE with Toradex Computer on Modules (COMs).

A portion of that reg file is as follows:

[HKEY_LOCAL_MACHINE\Drivers\BuiltIn\EAP3SVC]    
	"Order"=dword:8
    "UserProcGroup"=dword:2
    "Keep"=-
    "ServiceContext"=-	
    "FriendlyName"="EAP 3rd Party Host Service"
    "Flags"=-
    "AccountSid"=-
	
[HKEY_LOCAL_MACHINE\Drivers\BuiltIn\EAPSVC]
    "Order"=dword:9
    "UserProcGroup"=dword:2
    "Keep"=-
    "ServiceContext"=-
    "FriendlyName"="EAP Host Service"
    "Flags"=-
    "AccountSid"=-

I reset the registry and I removed the above lines from the reg file that I imported and now there are the entries in the [HKEY_LOCAL_MACHINE\Drivers\Active] section:

[HKEY_LOCAL_MACHINE\Drivers\Active\53]
"ReflectorHandle"=dword:02200103
"Hnd"=dword:bf205944
"Name"="EHS0:"
"Key"="Drivers\\BuiltIn\\EAPSVC"
"BusParent"=dword:b3836b14
"InterfaceType"=dword:00000000
"BusName"="BuiltInPhase1_0_23_0"

[HKEY_LOCAL_MACHINE\Drivers\Active\50]
"ReflectorHandle"=dword:006f010b
"Hnd"=dword:bf201b54
"Name"="ETS0:"
"Key"="Drivers\\BuiltIn\\EAP3SVC"
"BusParent"=dword:b3836b14
"InterfaceType"=dword:00000000
"BusName"="BuiltInPhase1_0_22_0"

But now, WlanConnect returns with ERROR_ACCESS_DENIED, as if ConnectionManager is still active.

Is it really necessary to disable EAPSVC and EAP3SVC in order to disable ConnectionManager? Does that mean that there is no way to connect to EAP-protected network with only Native WiFi calls?

  • dennisL

4

Hello sahil,

I have sorted it out: there was still something wrong with my registry settings. So what I did was instead of removing the registry lines to disable the EAPSVC and EAP3SVC, I set the registry entries to the values they have (the default values, I guess) when ConnectionManager is still active.

[HKEY_LOCAL_MACHINE\Drivers\BuiltIn\EAP3SVC]
"Order"=dword:fffffffe
"UserProcGroup"=dword:00000003
"Keep"=dword:00000001
"ServiceContext"=dword:00000000
"DisplayName"="EAP 3rd Party Host Service"
"Flags"=dword:00000010
"AccountSid"="SID_UDEVICE_TCB"
"Dll"="eap3svc.dll"
"Prefix"="ETS"
"Index"=dword:00000000
"Description"="EAP 3rd Party Host Service"
"Filter"="{28D1E69E-59EB-416a-96C4-D30FA2EAD0BD}"
"LoadAsync"=dword:00000001

[HKEY_LOCAL_MACHINE\Drivers\BuiltIn\EAPSVC]
"Order"=dword:fffffffe
"UserProcGroup"=dword:00000003
"Keep"=dword:00000001
"ServiceContext"=dword:00000000
"DisplayName"="EAP Host Service"
"Flags"=dword:00000010
"AccountSid"="SID_UDEVICE_TCB"
"Dll"="eapsvc.dll"
"Prefix"="EHS"
"Index"=dword:00000000
"Description"="EAP Host Service"
"Filter"="{28D1E69E-59EB-416a-96C4-D30FA2EAD0BD}"
"LoadAsync"=dword:00000001

After rebooting, the EAPSVC and EAP3SVC were in the HKEY_LOCAL_MACHINE\Drivers\Active section and finally I was able to connect to the Access Point (router).

But thank you very much for taking the time to look into my questions. Great support! Very much appreciated.

  • dennisL
5

Hi dennisL,

Great!
Nice to hear that your issue is solved now.
I appreciate your effort in solving the issue :slight_smile: