Hi Antonio, I've been trying to get this running two days now, with OpenWrt 19.07 as well as OpenWrt master snapshot on two ath79 devices. unencrypted mesh always works. wpad-mesh-openssl works with SAE. wpad-mesh-wolfssl doesn't work: wpa_supplicant[1407]: wlan1-mesh: MESH-SAE-AUTH-FAILURE addr=04:18:d6:xx:xx:xx
Which hardware have you tried this with? (as you said it worked fine for you) Any other patches or tricks? Cheers Daniel On Tue, Apr 28, 2020 at 12:06:58PM +0200, Antonio Quartulli wrote: > Backport patch from hostapd.git master that fixes copy/paste error in > crypto_bignum_sub() in crypto_wolfssl.c. > > This missing fix was discovered while testing SAE over a mesh interface. > > With this fix applied and wolfssl >3.14.4 mesh+SAE works fine with > wpad-mesh-wolfssl. > > Cc: Sean Parkinson <s...@wolfssl.com> > Signed-off-by: Antonio Quartulli <a...@unstable.cc> > --- > > This patch is based on master, but should also be applied to > openwrt-19.07 and openwrt-18.06 > > > .../900-wolfssl-fix-crypto_bignum_sum.patch | 31 +++++++++++++++++++ > 1 file changed, 31 insertions(+) > create mode 100644 > package/network/services/hostapd/patches/900-wolfssl-fix-crypto_bignum_sum.patch > > diff --git > a/package/network/services/hostapd/patches/900-wolfssl-fix-crypto_bignum_sum.patch > > b/package/network/services/hostapd/patches/900-wolfssl-fix-crypto_bignum_sum.patch > new file mode 100644 > index 0000000000..d88baa109a > --- /dev/null > +++ > b/package/network/services/hostapd/patches/900-wolfssl-fix-crypto_bignum_sum.patch > @@ -0,0 +1,31 @@ > +From 1766e608ba1114220f3b3598e77aa53b50c38a6e Mon Sep 17 00:00:00 2001 > +From: Jouni Malinen <jo...@codeaurora.org> > +Date: Mon, 14 Oct 2019 19:27:47 +0300 > +Subject: [PATCH] wolfSSL: Fix crypto_bignum_sub() > + > +The initial crypto wrapper implementation for wolfSSL seems to have > +included a copy-paste error in crypto_bignum_sub() implementation that > +was identical to crypto_bignum_add() while mp_sub() should have been > +used instead of mp_add(). > + > +Signed-off-by: Jouni Malinen <jo...@codeaurora.org> > +--- > + src/crypto/crypto_wolfssl.c | 2 +- > + 1 file changed, 1 insertion(+), 1 deletion(-) > + > +diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c > +index e9894b335..3069b4a7a 100644 > +--- a/src/crypto/crypto_wolfssl.c > ++++ b/src/crypto/crypto_wolfssl.c > +@@ -1171,7 +1171,7 @@ int crypto_bignum_sub(const struct crypto_bignum *a, > + if (TEST_FAIL()) > + return -1; > + > +- return mp_add((mp_int *) a, (mp_int *) b, > ++ return mp_sub((mp_int *) a, (mp_int *) b, > + (mp_int *) r) == MP_OKAY ? 0 : -1; > + } > + > +-- > +2.26.2 > + > -- > 2.26.2 > > > _______________________________________________ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/mailman/listinfo/openwrt-devel _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
