Hi Peter,
Hi Jouni,
Hi Masashi,
while testing I realized that in order to get mesh-mode work with only
sae_password set, I needed to make changes as shown below. It's not a
bug introduced by your code because you only refactored it. Should it
be fixed before or after your series was applied?
On Thu, Apr 12, 2018 at 02:48:59AM -0700, peter.oh@xxxxxxxxxxxxxxxxx wrote:
> From: Peter Oh <peter.oh@xxxxxxxxxxxxxxxxx>
>
> RSN initialization can be used in different phases
> if mesh initialization and mesh join don't happen
> in sequence such as DFS CAC is done in between,
> hence factor it out to help convering the case.
>
> Signed-off-by: Peter Oh <peter.oh@xxxxxxxxxxxxxxxxx>
> ---
> wpa_supplicant/mesh.c | 73 +++++++++++++++++++++++++++++++--------------------
> wpa_supplicant/mesh.h | 1 +
> 2 files changed, 45 insertions(+), 29 deletions(-)
>
> diff --git a/wpa_supplicant/mesh.c b/wpa_supplicant/mesh.c
> index f2f417dca..8e0d5ebff 100644
> --- a/wpa_supplicant/mesh.c
> +++ b/wpa_supplicant/mesh.c
> @@ -147,6 +147,48 @@ static void wpas_mesh_copy_groups(struct hostapd_data *bss,
> groups_size);
> }
>
> +int wpas_mesh_init_rsn(struct wpa_supplicant *wpa_s)
> +{
> + struct hostapd_iface *ifmsh = wpa_s->ifmsh;
> + struct mesh_conf *mconf = wpa_s->ifmsh->mconf;
> + struct wpa_ssid *ssid = wpa_s->current_ssid;
> + struct hostapd_data *bss = ifmsh->bss[0];
> + static int default_groups[] = { 19, 20, 21, 25, 26, -1 };
> + size_t len;
> +
> + if (mconf->security != MESH_CONF_SEC_NONE) {
> + if (ssid->passphrase == NULL) {
sae_password has to be handled here...
> + wpa_printf(MSG_ERROR,
> + "mesh: Passphrase for SAE not configured");
> + return -1;
> + }
> +
> + bss->conf->wpa = ssid->proto;
> + bss->conf->wpa_key_mgmt = ssid->key_mgmt;
> +
> + if (wpa_s->conf->sae_groups &&
> + wpa_s->conf->sae_groups[0] > 0) {
> + wpas_mesh_copy_groups(bss, wpa_s);
> + } else {
> + bss->conf->sae_groups =
> + os_memdup(default_groups,
> + sizeof(default_groups));
> + if (!bss->conf->sae_groups)
> + return -1;
> + }
> +
> + len = os_strlen(ssid->passphrase);
and here
> + bss->conf->ssid.wpa_passphrase =
> + dup_binstr(ssid->passphrase, len);
as well.
> +
> + wpa_s->mesh_rsn = mesh_rsn_auth_init(wpa_s, mconf);
> + if (!wpa_s->mesh_rsn)
> + return -1;
> + }
> +
> + return 0;
> +}
> +
Hence, once your series is applied, I reckon we should add this on top:
>From 30c1693f42326d4f927e76120492bc9593b8f739 Mon Sep 17 00:00:00 2001
From: Daniel Golle <daniel@xxxxxxxxxxxxxx>
Date: Fri, 13 Apr 2018 00:42:10 +0200
Subject: [PATCH] mesh: properly handle sae_password
The recently introduced sae_password parameter is only handled properly
in wpa_supplicant/sme.c while wpa_supplicant/mesh.c assumed that
ssid->passphrase exclusively holds the secret.
Import the logic from sme.c to mesh.c to allow having only sae_password
set which otherwise throws this error:
AP-ENABLED
mesh: Passphrase for SAE not configured
Init RSN failed. Deinit mesh...
wlan1: interface state ENABLED->DISABLED
AP-DISABLED
Segmentation fault
Signed-off-by: Daniel Golle <daniel@xxxxxxxxxxxxxx>
---
wpa_supplicant/mesh.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/wpa_supplicant/mesh.c b/wpa_supplicant/mesh.c
index 22dec4822..0bf87245d 100644
--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
@@ -154,10 +154,14 @@ int wpas_mesh_init_rsn(struct wpa_supplicant *wpa_s)
struct wpa_ssid *ssid = wpa_s->current_ssid;
struct hostapd_data *bss = ifmsh->bss[0];
static int default_groups[] = { 19, 20, 21, 25, 26, -1 };
+ const char *password;
size_t len;
if (mconf->security != MESH_CONF_SEC_NONE) {
- if (ssid->passphrase == NULL) {
+ password = ssid->sae_password;
+ if (!password)
+ password = ssid->passphrase;
+ if (!password) {
wpa_printf(MSG_ERROR,
"mesh: Passphrase for SAE not configured");
return -1;
@@ -177,9 +181,9 @@ int wpas_mesh_init_rsn(struct wpa_supplicant *wpa_s)
return -1;
}
- len = os_strlen(ssid->passphrase);
+ len = os_strlen(password);
bss->conf->ssid.wpa_passphrase =
- dup_binstr(ssid->passphrase, len);
+ dup_binstr(password, len);
wpa_s->mesh_rsn = mesh_rsn_auth_init(wpa_s, mconf);
if (!wpa_s->mesh_rsn)
--
2.17.0
Cheers
Daniel
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
