Hi Daniel, On 10/05/2020 12:53, Daniel Golle wrote: > Hi Antonio, > > I've been trying to get this running two days now, with OpenWrt 19.07 > as well as OpenWrt master snapshot on two ath79 devices. > unencrypted mesh always works. > wpad-mesh-openssl works with SAE. > wpad-mesh-wolfssl doesn't work: > wpa_supplicant[1407]: wlan1-mesh: MESH-SAE-AUTH-FAILURE addr=04:18:d6:xx:xx:xx > > Which hardware have you tried this with? (as you said it worked fine for > you) Any other patches or tricks?
I have been using wpad-mesh-wolfssl successfully on ath9k (QCA9531) and ath10k (IPQ4019). My openwrt is a bit stuck in the past: I am using 8baadecb1647a125f5d8f9eaf521c1468543133a with: * wolfssl bumped to 3.14.4. * hostapd Makefile patched to use wolfssl My hostapd is on fa617ee6a0b2d39e6372c93ef9437caa3bd9065a plus the following: * the patch I sent * two or three more patches that are already merged in the hostapd revision you are using in openwrt master. I haven't tried to get this going on openwrt master though. Cheers, > > > Cheers > > > Daniel > > > On Tue, Apr 28, 2020 at 12:06:58PM +0200, Antonio Quartulli wrote: >> Backport patch from hostapd.git master that fixes copy/paste error in >> crypto_bignum_sub() in crypto_wolfssl.c. >> >> This missing fix was discovered while testing SAE over a mesh interface. >> >> With this fix applied and wolfssl >3.14.4 mesh+SAE works fine with >> wpad-mesh-wolfssl. >> >> Cc: Sean Parkinson <[email protected]> >> Signed-off-by: Antonio Quartulli <[email protected]> >> --- >> >> This patch is based on master, but should also be applied to >> openwrt-19.07 and openwrt-18.06 >> >> >> .../900-wolfssl-fix-crypto_bignum_sum.patch | 31 +++++++++++++++++++ >> 1 file changed, 31 insertions(+) >> create mode 100644 >> package/network/services/hostapd/patches/900-wolfssl-fix-crypto_bignum_sum.patch >> >> diff --git >> a/package/network/services/hostapd/patches/900-wolfssl-fix-crypto_bignum_sum.patch >> >> b/package/network/services/hostapd/patches/900-wolfssl-fix-crypto_bignum_sum.patch >> new file mode 100644 >> index 0000000000..d88baa109a >> --- /dev/null >> +++ >> b/package/network/services/hostapd/patches/900-wolfssl-fix-crypto_bignum_sum.patch >> @@ -0,0 +1,31 @@ >> +From 1766e608ba1114220f3b3598e77aa53b50c38a6e Mon Sep 17 00:00:00 2001 >> +From: Jouni Malinen <[email protected]> >> +Date: Mon, 14 Oct 2019 19:27:47 +0300 >> +Subject: [PATCH] wolfSSL: Fix crypto_bignum_sub() >> + >> +The initial crypto wrapper implementation for wolfSSL seems to have >> +included a copy-paste error in crypto_bignum_sub() implementation that >> +was identical to crypto_bignum_add() while mp_sub() should have been >> +used instead of mp_add(). >> + >> +Signed-off-by: Jouni Malinen <[email protected]> >> +--- >> + src/crypto/crypto_wolfssl.c | 2 +- >> + 1 file changed, 1 insertion(+), 1 deletion(-) >> + >> +diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c >> +index e9894b335..3069b4a7a 100644 >> +--- a/src/crypto/crypto_wolfssl.c >> ++++ b/src/crypto/crypto_wolfssl.c >> +@@ -1171,7 +1171,7 @@ int crypto_bignum_sub(const struct crypto_bignum *a, >> + if (TEST_FAIL()) >> + return -1; >> + >> +- return mp_add((mp_int *) a, (mp_int *) b, >> ++ return mp_sub((mp_int *) a, (mp_int *) b, >> + (mp_int *) r) == MP_OKAY ? 0 : -1; >> + } >> + >> +-- >> +2.26.2 >> + >> -- >> 2.26.2 >> >> >> _______________________________________________ >> openwrt-devel mailing list >> [email protected] >> https://lists.openwrt.org/mailman/listinfo/openwrt-devel > -- Antonio Quartulli _______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
