Hi,
I have the same / similar problem. Wpa_supplicant without password/SAE works
but when I use a SAE and a PW I cannot ping my nodes anymore.
>> psk="test"
I had to use a password with at least 8 chars.
In both cases I see the nodes in my station dump:
NONE:
Station e8:94:f6:09:7e:7e (on mesh)
inactive time: 30 ms
rx bytes: 2663
rx packets: 58
tx bytes: 845
tx packets: 9
tx retries: 0
tx failed: 0
signal: -35 [-35] dBm
signal avg: -37 [-37] dBm
Toffset: 83832280 us
tx bitrate: 54.0 MBit/s
rx bitrate: 54.0 MBit/s
mesh llid: 0
mesh plid: 0
mesh plink: ESTAB
mesh local PS mode: ACTIVE
mesh peer PS mode: ACTIVE
mesh non-peer PS mode: ACTIVE
authorized: yes
authenticated: yes
preamble: long
WMM/WME: yes
MFP: no
TDLS peer: no
SAE:
Station e8:94:f6:09:7e:7e (on mesh)
inactive time: 430 ms
rx bytes: 112353
rx packets: 2147
tx bytes: 1434
tx packets: 15
tx retries: 0
tx failed: 0
signal: -38 [-38] dBm
signal avg: -39 [-39] dBm
Toffset: 7226586 us
tx bitrate: 54.0 MBit/s
rx bitrate: 54.0 MBit/s
mesh llid: 0
mesh plid: 0
mesh plink: ESTAB
mesh local PS mode: ACTIVE
mesh peer PS mode: ACTIVE
mesh non-peer PS mode: ACTIVE
authorized: yes
authenticated: yes
preamble: long
WMM/WME: yes
MFP: yes
TDLS peer: no
But I cannot ping the nodes when I use SAE.
My setup:
* BeagleBone black running Debian (Linux arm 4.2.0-rc6-bone2)
* TL-WN722N Wi-Fi sticks (Atheros HTC9k)
* WPA_supplicant from cozybit repo (51dc99ba38510381b10e1ed56a2cb8ac7ef5814d)
Would be great if you can give me a hint...
Best regards,
Marco
>-----Ursprüngliche Nachricht-----
>Von: Devel [mailto:[email protected]] Im Auftrag von
>Thomas Pedersen via Devel
>Gesendet: Donnerstag, 07. April 2016 20:16
>An: [email protected]
>Cc: Thomas Pedersen; [email protected]
>Betreff: Re: wpa_supplicant mesh issue
>
>+ o11s list, so I didn't trim anything. Small observation below.
>
>On Fri, Oct 16, 2015, at 02:50, Francesco Zanella wrote:
>> Hi all,
>> I'm trying to use wpa_supplicant 2.4 to set up a secure mesh network.
>> I use:
>> - IMX6 based board;
>> - Kernel 3.0.35;
>> - backports-4.2-rc1-1;
>> - wireless 5GHz net iface mounting Atheros AR9280.
>>
>> I successfully set up an open mesh using this conf file:
>>
>> *********** wpa_supplicant_AS.conf *********
>>
>> ctrl_interface=/var/run/wpa_supplicant
>> ctrl_interface_group=adm
>>
>> # mpm on userspace
>> user_mpm=1
>>
>> p2p_listen_reg_class=115
>> p2p_listen_channel=36
>> p2p_oper_reg_class=115
>> p2p_oper_channel=48
>>
>> # open mesh network
>> network={
>> ssid="AS_m"
>> mode=5
>> frequency=5765
>> key_mgmt=NONE
>> }
>> *********************************************
>> (I had to add p2p options, else I got error "P2P: Failed to select
>> random social channel as listen channel" because working on 5GHz).
>>
>> and running:
>> wpa_supplicant -d -D nl80211 -i wlan0 -c /etc/wpa_supplicant_AS.conf
>> -B
>>
>> I can see "mesh plink: ESTAB" in iw wlan0 station dump and I can ping
>> each other my 2 nodes.
>>
>> But when trying to use SAE with this conf file:
>>
>> *********** wpa_supplicant_AS.conf *********
>>
>> ctrl_interface=/var/run/wpa_supplicant
>> ctrl_interface_group=adm
>>
>> # mpm on userspace
>> user_mpm=1
>>
>> p2p_listen_reg_class=115
>> p2p_listen_channel=36
>> p2p_oper_reg_class=115
>> p2p_oper_channel=48
>>
>> # open mesh network
>> network={
>> ssid="AS_m"
>> mode=5
>> frequency=5765
>> key_mgmt=SAE
>> psk="test"
>> }
>> *********************************************
>>
>> it doesn't work, "mesh plink: LISTEN" and after some time BLOCKED ...
>>
>> Logs show 2 errors:
>> -nl80211: Station flush failed: ret=-22 (Invalid argument)
>> -nl80211: Beacon set failed: -95 (Operation not supported) but they
>> are present also in case of no SAE, so I think they are not the cause
>> of the issue.
>>
>> After initialization logs show:
>>
>> ***********************
>> nl80211: Drv Event 72 (NL80211_CMD_NEW_PEER_CANDIDATE) received for
>> wlan0
>> nl80211: New peer candidate04:f0:21:17:ff:f5
>> wlan0: Event NEW_PEER_CANDIDATE (49) received
>> wlan0: new peer notification for 04:f0:21:17:ff:f5
>> New STA
>> ap_sta_add: register ap_handle_timer timeout for 04:f0:21:17:ff:f5
>> (300 seconds - ap_max_inactivity)
>> HT: STA 04:f0:21:17:ff:f5 HT Capabilities Info: 0x11ce update_sta_ht
>> STA 04:f0:21:17:ff:f5 - no greenfield, num of non-gf stations 1
>> hostapd_ht_operation_update current operation mode=0x0
>> hostapd_ht_operation_update new operation mode=0x4 changes=1
>> nl80211: Set beacon (beacon_set=0)
>> nl80211: Beacon head - hexdump(len=51): 80 00 00 00 ff ff ff ff ff ff
>> 04
>> f0 21 10 0f 63 04 f0 21 10 09
>> nl80211: Beacon tail - hexdump(len=74): 30 14 01 00 00 0f ac 04 01 00
>> 00 0f ac 04 01 00 00 0f ac 08 00
>> nl80211: ifindex=4
>> nl80211: beacon_int=100
>> nl80211: dtim_period=2
>> nl80211: ssid - hexdump_ascii(len=0):
>> * beacon_int=100
>> nl80211: hidden SSID not in use
>> nl80211: privacy=1
>> nl80211: auth_algs=0x3
>> nl80211: wpa_version=0x3
>> nl80211: key_mgmt_suites=0x400
>> nl80211: pairwise_ciphers=0x8
>> nl80211: group_cipher=0x8
>> nl80211: SMPS mode - off
>> nl80211: Beacon set failed: -95 (Operation not supported) Failed to
>> set beacon parameters
>> nl80211: Add STA 04:f0:21:17:ff:f5
>> * supported rates - hexdump(len=8): 8c 12 98 24 b0 48 60 6c
>> * capability=0x0
>> * ht_capabilities - hexdump(len=26): ce 11 1b ff ff 00 00 00 00 00
>> 00
>> 00 00 00 00 01 00 00 00 00 000
>> * aid=1 (TDLS workaround)
>> * listen_interval=100
>> * flags set=0x18 mask=0x38
>> * qosinfo=0x0
>>
>> wlan0: SME: Selected SAE group 19
>> SAE: password - hexdump_ascii(len=8): [REMOVED]
>> SAE: PWE derivation - addr1=04:f0:21:10:0f:63 addr2=04:f0:21:17:ff:f5
>> SAE: counter = 1
>> SAE: pwd-seed - hexdump(len=32): [REMOVED]
>> SAE: pwd-value - hexdump(len=32): [REMOVED]
>> SAE: PWE found
>> SAE: Use this PWE
>> SAE: counter = 2
>> SAE: pwd-seed - hexdump(len=32): [REMOVED]
>> SAE: pwd-value - hexdump(len=32): [REMOVED]
>> SAE: PWE found
>> SAE: Ignore this PWE (one was already selected)
>> SAE: counter = 3
>> SAE: pwd-seed - hexdump(len=32): [REMOVED]
>> SAE: pwd-value - hexdump(len=32): [REMOVED]
>> SAE: PWE found
>> SAE: Ignore this PWE (one was already selected)
>> wlan0: AUTH: started authentication with SAE peer: 04:f0:21:17:ff:f5
>> wlan0: State: SCANNING -> AUTHENTICATING
>> SAE: own commit-scalar - hexdump(len=32): 94 8e 86 6b 43 de 13 07 e1
>> 50 bb 02 5b 8e 7c f3 30 51 ed 9a6
>> SAE: own commit-element(x) - hexdump(len=32): 76 9b d3 2e 77 5d b8 89
>> fb 7f 28 ad 0c fc b1 17 92 a5 da
>> SAE: own commit-element(y) - hexdump(len=32): 71 f2 bf 4e 1a 80 30 4e
>> 15
>> e9 e2 5e 67 54 b9 f0 4c 9b 2d
>> authentication reply: STA=04:f0:21:17:ff:f5 auth_alg=3
>> auth_transaction=1 resp=0 (IE len=98)
>> nl80211: send_mlme - da= 04:f0:21:17:ff:f5 noack=0 freq=0 no_cck=0
>> offchanok=0 wait_time=0 fc=0xb0 (W7
>> nl80211: send_mlme -> send_frame
>> nl80211: send_frame - Use bss->freq=5765
>> nl80211: send_frame(freq=5765 bss->freq=5765) -> send_monitor
>> nl80211: No monitor socket available for nl80211_send_monitor
>> send_auth_reply: send
>> nl80211: Drv Event 19 (NL80211_CMD_NEW_STATION) received for wlan0
>> nl80211: New station 04:f0:21:17:ff:f5
>>
>>
>> SAE: own commit-scalar - hexdump(len=32): 94 8e 86 6b 43 de 13 07 e1
>> 50 bb 02 5b 8e 7c f3 30 51 ed 9a6
>> SAE: own commit-element(x) - hexdump(len=32): 76 9b d3 2e 77 5d b8 89
>> fb 7f 28 ad 0c fc b1 17 92 a5 da
>> SAE: own commit-element(y) - hexdump(len=32): 71 f2 bf 4e 1a 80 30 4e
>> 15
>> e9 e2 5e 67 54 b9 f0 4c 9b 2d
>> authentication reply: STA=04:f0:21:17:ff:f5 auth_alg=3
>> auth_transaction=1 resp=0 (IE len=98)
>> nl80211: send_mlme - da= 04:f0:21:17:ff:f5 noack=0 freq=0 no_cck=0
>> offchanok=0 wait_time=0 fc=0xb0 (W7
>> nl80211: send_mlme -> send_frame
>> nl80211: send_frame - Use bss->freq=5765
>> nl80211: send_frame(freq=5765 bss->freq=5765) -> send_monitor
>> nl80211: No monitor socket available for nl80211_send_monitor
>> **********************
>
>Looks like drv->use_monitor is set here, which doesn't seem right. It errors
>out anyway? Do you have use_monitor=1 in your wpa_supplicant.conf?
>
>> and after that it repeats the last part some times and then after some
>> seconds:
>>
>> **********************
>> random: Got 3/3 bytes from /dev/random
>> AUTH: Re-authenticate with 04:f0:21:17:ff:f5 (attempt 0)
>> wlan0: MESH-SAE-AUTH-FAILURE addr=04:f0:21:17:ff:f5
>> **********************
>>
>> and then repeats all from "wlan0: SME: Selected SAE group 19"
>>
>> It tries 3 attempts and finally:
>>
>> **********************
>> AUTH: Re-authenticate with 04:f0:21:17:ff:f5 (attempt 3)
>> wlan0: MESH-SAE-AUTH-FAILURE addr=04:f0:21:17:ff:f5
>> wlan0: MPM set 04:f0:21:17:ff:f5 into BLOCKED
>> nl80211: Set STA 04:f0:21:17:ff:f5
>> * flags set=0x0 mask=0x0
>> wlan0: MESH-SAE-AUTH-BLOCKED addr=04:f0:21:17:ff:f5 duration=60
>> ***********************
>>
>>
>> Could someone help me to understand and solve the issue?
>> I can provide the full logs if you need.
>>
>> Thank you in advance,
>>
>> Francesco
>> _______________________________________________
>> HostAP mailing list
>> [email protected]
>> http://lists.shmoo.com/mailman/listinfo/hostap
>
>
>--
>thomas
>_______________________________________________
>Devel mailing list
>[email protected]
>http://lists.open80211s.org/mailman/listinfo/devel
_______________________________________________
Devel mailing list
[email protected]
http://lists.open80211s.org/mailman/listinfo/devel
