[PATCH v2 02/15] mesh: factor out rsn initialization

Peter Oh peter.oh at bowerswilkins.com
Thu Apr 12 19:32:26 PDT 2018 

Hi Daniel,


I prefer you rebase your change after the series applied if you don't mind.

But it could take time until it gets checked in since it's not a small 
change.

Hence you may send your change separately and if your patch is merged 
before the series, then I'll rebase my patchset.


Thanks,

Peter


On 04/12/2018 04:00 PM, Daniel Golle wrote:
> Hi Peter,
> Hi Jouni,
> Hi Masashi,
>
> while testing I realized that in order to get mesh-mode work with only
> sae_password set, I needed to make changes as shown below. It's not a
> bug introduced by your code because you only refactored it. Should it
> be fixed before or after your series was applied?
>
> On Thu, Apr 12, 2018 at 02:48:59AM -0700, peter.oh at bowerswilkins.com wrote:
>> From: Peter Oh <peter.oh at bowerswilkins.com>
>>
>> RSN initialization can be used in different phases
>> if mesh initialization and mesh join don't happen
>> in sequence such as DFS CAC is done in between,
>> hence factor it out to help convering the case.
>>
>> Signed-off-by: Peter Oh <peter.oh at bowerswilkins.com>
>> ---
>>   wpa_supplicant/mesh.c | 73 +++++++++++++++++++++++++++++++--------------------
>>   wpa_supplicant/mesh.h |  1 +
>>   2 files changed, 45 insertions(+), 29 deletions(-)
>>
>> diff --git a/wpa_supplicant/mesh.c b/wpa_supplicant/mesh.c
>> index f2f417dca..8e0d5ebff 100644
>> --- a/wpa_supplicant/mesh.c
>> +++ b/wpa_supplicant/mesh.c
>> @@ -147,6 +147,48 @@ static void wpas_mesh_copy_groups(struct hostapd_data *bss,
>>   			  groups_size);
>>   }
>>   
>> +int wpas_mesh_init_rsn(struct wpa_supplicant *wpa_s)
>> +{
>> +	struct hostapd_iface *ifmsh = wpa_s->ifmsh;
>> +	struct mesh_conf *mconf = wpa_s->ifmsh->mconf;
>> +	struct wpa_ssid *ssid = wpa_s->current_ssid;
>> +	struct hostapd_data *bss = ifmsh->bss[0];
>> +	static int default_groups[] = { 19, 20, 21, 25, 26, -1 };
>> +	size_t len;
>> +
>> +	if (mconf->security != MESH_CONF_SEC_NONE) {
>> +		if (ssid->passphrase == NULL) {
> sae_password has to be handled here...
>
>> +			wpa_printf(MSG_ERROR,
>> +				   "mesh: Passphrase for SAE not configured");
>> +			return -1;
>> +		}
>> +
>> +		bss->conf->wpa = ssid->proto;
>> +		bss->conf->wpa_key_mgmt = ssid->key_mgmt;
>> +
>> +		if (wpa_s->conf->sae_groups &&
>> +		    wpa_s->conf->sae_groups[0] > 0) {
>> +			wpas_mesh_copy_groups(bss, wpa_s);
>> +		} else {
>> +			bss->conf->sae_groups =
>> +				os_memdup(default_groups,
>> +					  sizeof(default_groups));
>> +			if (!bss->conf->sae_groups)
>> +				return -1;
>> +		}
>> +
>> +		len = os_strlen(ssid->passphrase);
> and here
>
>> +		bss->conf->ssid.wpa_passphrase =
>> +			dup_binstr(ssid->passphrase, len);
> as well.
>
>
>> +
>> +		wpa_s->mesh_rsn = mesh_rsn_auth_init(wpa_s, mconf);
>> +		if (!wpa_s->mesh_rsn)
>> +			return -1;
>> +	}
>> +
>> +	return 0;
>> +}
>> +
> Hence, once your series is applied, I reckon we should add this on top:
>
>  From 30c1693f42326d4f927e76120492bc9593b8f739 Mon Sep 17 00:00:00 2001
> From: Daniel Golle <daniel at makrotopia.org>
> Date: Fri, 13 Apr 2018 00:42:10 +0200
> Subject: [PATCH] mesh: properly handle sae_password
>
> The recently introduced sae_password parameter is only handled properly
> in wpa_supplicant/sme.c while wpa_supplicant/mesh.c assumed that
> ssid->passphrase exclusively holds the secret.
> Import the logic from sme.c to mesh.c to allow having only sae_password
> set which otherwise throws this error:
> AP-ENABLED
> mesh: Passphrase for SAE not configured
> Init RSN failed. Deinit mesh...
> wlan1: interface state ENABLED->DISABLED
> AP-DISABLED
> Segmentation fault
>
> Signed-off-by: Daniel Golle <daniel at makrotopia.org>
> ---
>   wpa_supplicant/mesh.c | 10 +++++++---
>   1 file changed, 7 insertions(+), 3 deletions(-)
>
> diff --git a/wpa_supplicant/mesh.c b/wpa_supplicant/mesh.c
> index 22dec4822..0bf87245d 100644
> --- a/wpa_supplicant/mesh.c
> +++ b/wpa_supplicant/mesh.c
> @@ -154,10 +154,14 @@ int wpas_mesh_init_rsn(struct wpa_supplicant *wpa_s)
>   	struct wpa_ssid *ssid = wpa_s->current_ssid;
>   	struct hostapd_data *bss = ifmsh->bss[0];
>   	static int default_groups[] = { 19, 20, 21, 25, 26, -1 };
> +	const char *password;
>   	size_t len;
>   
>   	if (mconf->security != MESH_CONF_SEC_NONE) {
> -		if (ssid->passphrase == NULL) {
> +		password = ssid->sae_password;
> +		if (!password)
> +			password = ssid->passphrase;
> +		if (!password) {
>   			wpa_printf(MSG_ERROR,
>   				   "mesh: Passphrase for SAE not configured");
>   			return -1;
> @@ -177,9 +181,9 @@ int wpas_mesh_init_rsn(struct wpa_supplicant *wpa_s)
>   				return -1;
>   		}
>   
> -		len = os_strlen(ssid->passphrase);
> +		len = os_strlen(password);
>   		bss->conf->ssid.wpa_passphrase =
> -			dup_binstr(ssid->passphrase, len);
> +			dup_binstr(password, len);
>   
>   		wpa_s->mesh_rsn = mesh_rsn_auth_init(wpa_s, mconf);
>   		if (!wpa_s->mesh_rsn)

More information about the Hostap mailing list