wpa_supplicant mesh issue

Francesco Zanella francesco.zanella at inthegra.it
Fri Oct 16 05:50:12 EDT 2015 

Hi all,
I'm trying to use wpa_supplicant 2.4 to set up a secure mesh network.
I use:
- IMX6 based board;
- Kernel 3.0.35;
- backports-4.2-rc1-1;
- wireless 5GHz net iface mounting Atheros AR9280.

I successfully set up an open mesh using this conf file:

*********** wpa_supplicant_AS.conf *********

ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=adm

# mpm on userspace
user_mpm=1

p2p_listen_reg_class=115
p2p_listen_channel=36
p2p_oper_reg_class=115
p2p_oper_channel=48

# open mesh network
network={
         ssid="AS_m"
         mode=5
         frequency=5765
         key_mgmt=NONE
}
*********************************************
(I had to add p2p options, else I got error "P2P: Failed to select 
random social channel as listen channel" because working on 5GHz).

and running:
wpa_supplicant -d -D nl80211 -i wlan0 -c /etc/wpa_supplicant_AS.conf -B

I can see "mesh plink: ESTAB" in iw wlan0 station dump and I can ping 
each other my 2 nodes.

But when trying to use SAE with this conf file:

*********** wpa_supplicant_AS.conf *********

ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=adm

# mpm on userspace
user_mpm=1

p2p_listen_reg_class=115
p2p_listen_channel=36
p2p_oper_reg_class=115
p2p_oper_channel=48

# open mesh network
network={
         ssid="AS_m"
         mode=5
         frequency=5765
         key_mgmt=SAE
         psk="test"
}
*********************************************

it doesn't work, "mesh plink: LISTEN" and after some time BLOCKED ...

Logs show 2 errors:
-nl80211: Station flush failed: ret=-22 (Invalid argument)
-nl80211: Beacon set failed: -95 (Operation not supported)
but they are present also in case of no SAE, so I think they are not the 
cause of the issue.

After initialization logs show:

***********************
nl80211: Drv Event 72 (NL80211_CMD_NEW_PEER_CANDIDATE) received for wlan0
nl80211: New peer candidate04:f0:21:17:ff:f5
wlan0: Event NEW_PEER_CANDIDATE (49) received
wlan0: new peer notification for 04:f0:21:17:ff:f5
   New STA
ap_sta_add: register ap_handle_timer timeout for 04:f0:21:17:ff:f5 (300 
seconds - ap_max_inactivity)
HT: STA 04:f0:21:17:ff:f5 HT Capabilities Info: 0x11ce
update_sta_ht STA 04:f0:21:17:ff:f5 - no greenfield, num of non-gf 
stations 1
hostapd_ht_operation_update current operation mode=0x0
hostapd_ht_operation_update new operation mode=0x4 changes=1
nl80211: Set beacon (beacon_set=0)
nl80211: Beacon head - hexdump(len=51): 80 00 00 00 ff ff ff ff ff ff 04 
f0 21 10 0f 63 04 f0 21 10 09
nl80211: Beacon tail - hexdump(len=74): 30 14 01 00 00 0f ac 04 01 00 00 
0f ac 04 01 00 00 0f ac 08 00
nl80211: ifindex=4
nl80211: beacon_int=100
nl80211: dtim_period=2
nl80211: ssid - hexdump_ascii(len=0):
   * beacon_int=100
nl80211: hidden SSID not in use
nl80211: privacy=1
nl80211: auth_algs=0x3
nl80211: wpa_version=0x3
nl80211: key_mgmt_suites=0x400
nl80211: pairwise_ciphers=0x8
nl80211: group_cipher=0x8
nl80211: SMPS mode - off
nl80211: Beacon set failed: -95 (Operation not supported)
Failed to set beacon parameters
nl80211: Add STA 04:f0:21:17:ff:f5
   * supported rates - hexdump(len=8): 8c 12 98 24 b0 48 60 6c
   * capability=0x0
   * ht_capabilities - hexdump(len=26): ce 11 1b ff ff 00 00 00 00 00 00 
00 00 00 00 01 00 00 00 00 000
   * aid=1 (TDLS workaround)
   * listen_interval=100
   * flags set=0x18 mask=0x38
   * qosinfo=0x0

wlan0: SME: Selected SAE group 19
SAE: password - hexdump_ascii(len=8): [REMOVED]
SAE: PWE derivation - addr1=04:f0:21:10:0f:63 addr2=04:f0:21:17:ff:f5
SAE: counter = 1
SAE: pwd-seed - hexdump(len=32): [REMOVED]
SAE: pwd-value - hexdump(len=32): [REMOVED]
SAE: PWE found
SAE: Use this PWE
SAE: counter = 2
SAE: pwd-seed - hexdump(len=32): [REMOVED]
SAE: pwd-value - hexdump(len=32): [REMOVED]
SAE: PWE found
SAE: Ignore this PWE (one was already selected)
SAE: counter = 3
SAE: pwd-seed - hexdump(len=32): [REMOVED]
SAE: pwd-value - hexdump(len=32): [REMOVED]
SAE: PWE found
SAE: Ignore this PWE (one was already selected)
wlan0: AUTH: started authentication with SAE peer: 04:f0:21:17:ff:f5
wlan0: State: SCANNING -> AUTHENTICATING
SAE: own commit-scalar - hexdump(len=32): 94 8e 86 6b 43 de 13 07 e1 50 
bb 02 5b 8e 7c f3 30 51 ed 9a6
SAE: own commit-element(x) - hexdump(len=32): 76 9b d3 2e 77 5d b8 89 fb 
7f 28 ad 0c fc b1 17 92 a5 da
SAE: own commit-element(y) - hexdump(len=32): 71 f2 bf 4e 1a 80 30 4e 15 
e9 e2 5e 67 54 b9 f0 4c 9b 2d
authentication reply: STA=04:f0:21:17:ff:f5 auth_alg=3 
auth_transaction=1 resp=0 (IE len=98)
nl80211: send_mlme - da= 04:f0:21:17:ff:f5 noack=0 freq=0 no_cck=0 
offchanok=0 wait_time=0 fc=0xb0 (W7
nl80211: send_mlme -> send_frame
nl80211: send_frame - Use bss->freq=5765
nl80211: send_frame(freq=5765 bss->freq=5765) -> send_monitor
nl80211: No monitor socket available for nl80211_send_monitor
send_auth_reply: send
nl80211: Drv Event 19 (NL80211_CMD_NEW_STATION) received for wlan0
nl80211: New station 04:f0:21:17:ff:f5


SAE: own commit-scalar - hexdump(len=32): 94 8e 86 6b 43 de 13 07 e1 50 
bb 02 5b 8e 7c f3 30 51 ed 9a6
SAE: own commit-element(x) - hexdump(len=32): 76 9b d3 2e 77 5d b8 89 fb 
7f 28 ad 0c fc b1 17 92 a5 da
SAE: own commit-element(y) - hexdump(len=32): 71 f2 bf 4e 1a 80 30 4e 15 
e9 e2 5e 67 54 b9 f0 4c 9b 2d
authentication reply: STA=04:f0:21:17:ff:f5 auth_alg=3 
auth_transaction=1 resp=0 (IE len=98)
nl80211: send_mlme - da= 04:f0:21:17:ff:f5 noack=0 freq=0 no_cck=0 
offchanok=0 wait_time=0 fc=0xb0 (W7
nl80211: send_mlme -> send_frame
nl80211: send_frame - Use bss->freq=5765
nl80211: send_frame(freq=5765 bss->freq=5765) -> send_monitor
nl80211: No monitor socket available for nl80211_send_monitor
**********************

and after that it repeats the last part some times and then after some 
seconds:

**********************
random: Got 3/3 bytes from /dev/random
AUTH: Re-authenticate with 04:f0:21:17:ff:f5 (attempt 0)
wlan0: MESH-SAE-AUTH-FAILURE addr=04:f0:21:17:ff:f5
**********************

and then repeats all from "wlan0: SME: Selected SAE group 19"

It tries 3 attempts and finally:

**********************
AUTH: Re-authenticate with 04:f0:21:17:ff:f5 (attempt 3)
wlan0: MESH-SAE-AUTH-FAILURE addr=04:f0:21:17:ff:f5
wlan0: MPM set 04:f0:21:17:ff:f5 into BLOCKED
nl80211: Set STA 04:f0:21:17:ff:f5
   * flags set=0x0 mask=0x0
wlan0: MESH-SAE-AUTH-BLOCKED addr=04:f0:21:17:ff:f5 duration=60
***********************


Could someone help me to understand and solve the issue?
I can provide the full logs if you need.

Thank you in advance,

Francesco

More information about the HostAP mailing list