cozybit / authsae Goto Github PK

I opened this new ticket, which is probably a duplicate of #23. But the log of that ticket is a bit confusing...

When I have a network with quite a few nodes (15 or so), with some congestion (nearby test networks on same channel), I have the some nodes that log the "confirm did not verify!" over and over.

Fri Jun 3 10:32:52 2016 confirm did not verify
Fri Jun 3 10:32:52 2016 confirm did not verify!
Fri Jun 3 10:32:52 2016 confirm did not verify!
Fri Jun 3 10:32:53 2016 confirm did not verify!
Fri Jun 3 10:32:53 2016 confirm did not verify!
Fri Jun 3 10:32:53 2016 confirm did not verify!
Fri Jun 3 10:32:54 2016 confirm did not verify!
Fri Jun 3 10:32:54 2016 confirm did not verify!
Fri Jun 3 10:32:54 2016 confirm did not verify!
Fri Jun 3 10:32:54 2016 confirm did not verify!
Fri Jun 3 10:32:54 2016 confirm did not verify!
Fri Jun 3 10:32:55 2016 confirm did not verify!
Fri Jun 3 10:32:55 2016 confirm did not verify!
Fri Jun 3 10:32:55 2016 confirm did not verify!
Fri Jun 3 10:32:56 2016 confirm did not verify!
Fri Jun 3 10:32:56 2016 confirm did not verify!
Fri Jun 3 10:32:56 2016 confirm did not verify!
Fri Jun 3 10:32:56 2016 confirm did not verify!

With debug 15 and newline when idle:
3jun.txt

I restarted with debug=15 on all nodes, now it runs fine.
I'll restart some nodes and see what will happen.

While debugging #22 and #23 I experienced a memory leak.
Patch on meshd-nl80211.c function install_key (#22, provided by Bob) didn't help.

root@AHR-175-090:# ps -up $(pidof /usr/local/bin/meshd-nl80211)
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 26553 0.1 0.0 4812 3332 ? S 14:01 0:00 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root@AHR-175-090:# while true ; do ps -up $(pidof /usr/local/bin/meshd-nl80211) | grep -v RSS ; sleep 10 ; done
root 26553 0.2 0.0 4812 3332 ? S 14:01 0:00 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.0 4812 3332 ? S 14:01 0:00 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.0 4812 3332 ? S 14:01 0:00 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.0 4920 3460 ? S 14:01 0:00 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.0 4920 3460 ? S 14:01 0:00 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.0 4920 3460 ? S 14:01 0:00 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.0 4920 3460 ? S 14:01 0:00 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.0 4920 3460 ? S 14:01 0:00 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.0 4920 3460 ? S 14:01 0:00 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.0 4920 3460 ? S 14:01 0:00 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.0 4920 3460 ? S 14:01 0:00 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.0 4920 3460 ? S 14:01 0:00 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.0 4920 3460 ? S 14:01 0:00 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.1 5040 3572 ? S 14:01 0:00 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.1 5040 3572 ? S 14:01 0:00 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.1 5040 3572 ? S 14:01 0:00 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.1 5040 3572 ? S 14:01 0:00 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.1 5040 3572 ? S 14:01 0:01 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.1 5040 3572 ? S 14:01 0:01 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.1 5040 3572 ? S 14:01 0:01 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.1 5040 3572 ? S 14:01 0:01 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.1 5160 3692 ? S 14:01 0:01 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.1 5160 3692 ? S 14:01 0:01 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg
root 26553 0.2 0.1 5160 3692 ? S 14:01 0:01 /usr/local/bin/meshd-nl80211 -c /usr/local/etc/authsae.cfg

For unknown reasons the authenticated peering in the lab does not work. Tested with powersave kernel and iw and once with vanilla.

lacks VHT80 support. any reason beyond it just missing? otherwise i'll try adding it maybe.

On a 4-node network, I see some nodes with large heap memory allocation.
In this case, 2 nodes with > 50MB an two nodes with <300kB.
On nodes with large heap, I see error message "confirm did not verify!"

root@R-042:~# cat /proc/$(pidof meshd-nl80211)/smaps | grep -A 15 heap
08060000-0b566000 rwxp 00000000 00:00 0 [heap]
Size: 54296 kB
Rss: 54252 kB
Pss: 54252 kB
Shared_Clean: 0 kB
Shared_Dirty: 0 kB
Private_Clean: 0 kB
Private_Dirty: 54252 kB
Referenced: 54252 kB
Anonymous: 54252 kB
AnonHugePages: 0 kB
Swap: 0 kB
KernelPageSize: 4 kB
MMUPageSize: 4 kB
Locked: 0 kB
VmFlags: rd wr ex mr mw me ac

root@R-090:~# cat /proc/$(pidof meshd-nl80211)/smaps | grep -A 15 heap
08060000-0b2e7000 rwxp 00000000 00:00 0 [heap]
Size: 51740 kB
Rss: 51700 kB
Pss: 51700 kB
Shared_Clean: 0 kB
Shared_Dirty: 0 kB
Private_Clean: 0 kB
Private_Dirty: 51700 kB
Referenced: 51700 kB
Anonymous: 51700 kB
AnonHugePages: 0 kB
Swap: 0 kB
KernelPageSize: 4 kB
MMUPageSize: 4 kB
Locked: 0 kB
VmFlags: rd wr ex mr mw me ac

root@R-046:~# cat /proc/$(pidof meshd-nl80211)/smaps | grep -A 15 heap
08060000-08081000 rwxp 00000000 00:00 0 [heap]
Size: 132 kB
Rss: 108 kB
Pss: 108 kB
Shared_Clean: 0 kB
Shared_Dirty: 0 kB
Private_Clean: 0 kB
Private_Dirty: 108 kB
Referenced: 108 kB
Anonymous: 108 kB
AnonHugePages: 0 kB
Swap: 0 kB
KernelPageSize: 4 kB
MMUPageSize: 4 kB
Locked: 0 kB
VmFlags: rd wr ex mr mw me ac

root@R-173:~# cat /proc/$(pidof meshd-nl80211)/smaps | grep -A 15 heap
08060000-080a1000 rwxp 00000000 00:00 0 [heap]
Size: 260 kB
Rss: 140 kB
Pss: 140 kB
Shared_Clean: 0 kB
Shared_Dirty: 0 kB
Private_Clean: 0 kB
Private_Dirty: 140 kB
Referenced: 140 kB
Anonymous: 140 kB
AnonHugePages: 0 kB
Swap: 0 kB
KernelPageSize: 4 kB
MMUPageSize: 4 kB
Locked: 0 kB
VmFlags: rd wr ex mr mw me ac

On the nodes with large heap, I see the following errors:

Thu Dec 17 19:03:39 2015 confirm did not verify!
Thu Dec 17 19:03:39 2015 confirm did not verify!
Thu Dec 17 19:03:39 2015 confirm did not verify!
Thu Dec 17 19:03:39 2015 confirm did not verify!
Thu Dec 17 19:03:40 2015 confirm did not verify!
Thu Dec 17 19:03:40 2015 confirm did not verify!
Thu Dec 17 19:03:40 2015 confirm did not verify!
Thu Dec 17 19:03:40 2015 confirm did not verify!
Thu Dec 17 19:03:40 2015 confirm did not verify!
Thu Dec 17 19:03:41 2015 confirm did not verify!
Thu Dec 17 19:03:41 2015 confirm did not verify!
Thu Dec 17 19:03:41 2015 confirm did not verify!
Thu Dec 17 19:03:41 2015 confirm did not verify!
Thu Dec 17 19:03:41 2015 confirm did not verify!
Thu Dec 17 19:03:42 2015 confirm did not verify!
Thu Dec 17 19:03:42 2015 confirm did not verify!
Thu Dec 17 19:03:42 2015 confirm did not verify!
Thu Dec 17 19:03:42 2015 confirm did not verify!
Thu Dec 17 19:03:42 2015 confirm did not verify!

In a somewhat larger network, lots of "correct token received" errors are logged. This seems to me that there is no problem. Maybe change debug level to SAE_DEBUG_STATE_MACHINE instead of SAE_DEBUG_ERR?

Authsae doesn't work for me in the 5GHz frequency. I get the following nlerror at startup:

joining mesh samplemesh on freq 5180, mode 3
nlerror, cmd 68, seq 1493191664: Invalid argument

I don't find any error in the code, and the nlerror doesn't tell me much. It looks like the payload data is coming from struct genlmsghdr *gnlh = nlmsg_data(&err->msg);

In unencrypted mesh, the 5GHz channels work just fine with HT20, HT40- and HT40+ enabled.
Encrypted mesh with 2.4GHz also works just fine.

Used Chipset: RT5370 and RT5572, nohwcrypt flag set to 1, Kernel 4.9
Any ideas?

rssi_threshold config does effective without authsae.
but with authsae it does not effective.
anyone solved this issue?

I get this error when I join the mesh with the second node:

Unexpected error -22 (expected -17)

I guess this is a NLE_MSGTYPE_NOSUPPORT from libnl? How can I find out what the msgtype is that is not supported?

I also see this error:

joining mesh MESH2 on freq 2462, mode 0
nlerror, cmd 0, seq 1461249716: Invalid argument

The nodes see each other in "iw mesh0 station dump", but they can't communicate over IP (no ping, Destination Host Unreachable) and "iw mesh0 mpath dump" ouputs zero MAC address as next hop:

DEST ADDR         NEXT HOP          IFACE   SN  METRIC  QLEN    EXPTIME     DTIM    DRET    FLAGS
7c:dd:90:XX:XX:XX 00:00:00:00:00:00 mesh0   0   0   0   0   1600    4   0x0

I tried on Arch Linux and Ubuntu Linux.

Any ideas? Is authsae ready to be used for 802.11s encryption at all under Linux? I know the readme says it isn't, but the readme also hasn't been updated for years, so I though I'd give it a try...

I have run into a few strncpy warnings that prevents compilation when -Werror is being used and I am preparing a PR. However I am not sure if it's still actively maitained

Im trying to get VHT on Authsae (Latest Version Downloaded 12-7-18) with no luck, maybe someone could assist.
I have 2 Atheros QCA988x 802.11ac Wireless Network Adapters, one in each computer.
I'm running Kernel 4.19.0-wt from wireless-testing.
I have the latest ath10k firmware from Kvalo git

Radios show up properly
startup is same as before
iw dev mesh0 set freq 5180 80 5210
then start mesh

authsae.conf is pretty straight forward.

authsae:
{
sae:
{
debug = 480;
password = "SuperSecretPassw0rd";
group = [19, 26, 21, 25, 20];
blacklist = 5;
thresh = 5;
lifetime = 3600;
};
meshd:
{
meshid = "MESH0LVL";
interface = "mesh0";
band = "11a";
channel = 36;
htmode = "VHT80";
mcast-rate = 12;
};
};

Radio shows 80MHz is working properly - iw dev mesh0 info
Interface mesh0
ifindex 12
wdev 0x2
addr 00:30:1a:4e:3d:af
type mesh point
wiphy 0
channel 36 (5180 MHz), width: 80 MHz, center1: 5210 MHz
txpower 10.00 dBm
multicast TXQ:
qsz-byt qsz-pkt flows drops marks overlmt hashcol tx-bytes tx-packets
124 1 144239 0 0 0 0 19450068 284665

But as you see below the iw dev mesh0 station dump shows HT40
Station 00:30:1a:4e:2a:01 (on mesh0)
inactive time: 181 ms
rx bytes: 410098580
rx packets: 538216
tx bytes: 397003042
tx packets: 345115
tx retries: 0
tx failed: 4
rx drop misc: 131712
signal: -52 [-63, -63, -57] dBm
signal avg: -53 [-62, -62, -56] dBm
Toffset: 18446744073680841152 us
tx bitrate: 243.0 MBit/s MCS 20 40MHz
rx bitrate: 360.0 MBit/s MCS 21 40MHz short GI
rx duration: 0 us
mesh llid: 0
mesh plid: 0
mesh plink: ESTAB
mesh local PS mode: ACTIVE
mesh peer PS mode: ACTIVE
mesh non-peer PS mode: ACTIVE
authorized: yes
authenticated: yes
associated: yes
preamble: long
WMM/WME: yes
MFP: yes
TDLS peer: no
DTIM period: 2
beacon interval:1000
connected time: 30486 seconds

Throughput with iperf3 is an average of 275 Mbps
Any help on getting VHT working would be appreciated.

Fred

There are errors while linking, initially reported in the Arch Linux AUR package page:

[...]
[100%] Linking C executable meshd-nl80211
cd /tmp/authsae-git/src/authsae/linux && /usr/bin/cmake -E cmake_link_script CMakeFiles/meshd-nl80211.dir/link.txt --verbose=1
/usr/bin/cc -g0 -march=x86-64 -mtune=native -O3 -pipe -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -fomit-frame-pointer -fPIC -Wall  -O3 -DNDEBUG -Wl,-O1,--sort-common,--as-needed,-z,relro,--hash-style=gnu -rdynamic CMakeFiles/meshd-nl80211.dir/meshd-nl80211.c.o CMakeFiles/meshd-nl80211.dir/nl.c.o CMakeFiles/meshd-nl80211.dir/watch_ips.c.o CMakeFiles/meshd-nl80211.dir/service.c.o -o meshd-nl80211   -L/tmp/authsae-git/src/authsae  -Wl,-rpath,/tmp/authsae-git/src/authsae: -lconfig -lcrypto -lnl-3 -lnl-genl-3 -lnl-3 -lpthread ../libsae.a -lrt -lnl-genl-3 -lpthread -lrt -lconfig -lcrypto 
/usr/bin/ld: ../libsae.a(sae.c.o):/tmp/authsae-git/src/authsae/peer_lists.h:9: multiple definition of `peers'; ../libsae.a(ampe.c.o):/tmp/authsae-git/src/authsae/peer_lists.h:9: first defined here
/usr/bin/ld: ../libsae.a(sae.c.o):/tmp/authsae-git/src/authsae/peer_lists.h:8: multiple definition of `blacklist'; ../libsae.a(ampe.c.o):/tmp/authsae-git/src/authsae/peer_lists.h:8: first defined here
/usr/bin/ld: ../libsae.a(peers.c.o):/tmp/authsae-git/src/authsae/peer_lists.h:9: multiple definition of `peers'; ../libsae.a(ampe.c.o):/tmp/authsae-git/src/authsae/peer_lists.h:9: first defined here
/usr/bin/ld: ../libsae.a(peers.c.o):/tmp/authsae-git/src/authsae/peer_lists.h:8: multiple definition of `blacklist'; ../libsae.a(ampe.c.o):/tmp/authsae-git/src/authsae/peer_lists.h:8: first defined here
collect2: error: ld returned 1 exit status
make[2]: *** [linux/CMakeFiles/meshd-nl80211.dir/build.make:151: linux/meshd-nl80211] Error 1
make[2]: Leaving directory '/tmp/authsae-git/src/authsae'
make[1]: *** [CMakeFiles/Makefile2:131: linux/CMakeFiles/meshd-nl80211.dir/all] Error 2
make[1]: Leaving directory '/tmp/authsae-git/src/authsae'
make: *** [Makefile:139: all] Error 2

Build is carried out with

sed -e 's|\-Werror||' -i CMakeLists.txt
cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE=Release -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_LINUX_TARGETS=ON .
sed -i 's|/usr/etc/|/etc|' cmake_install.cmake
make

The removal of -Werror is needed, otherwise it would already bail out earlier with

[...]
[ 27%] Building C object linux/CMakeFiles/mon.dir/__/common.c.o
cd /tmp/authsae-git/src/authsae/linux && /usr/bin/cc  -I/tmp/authsae-git/src/authsae -I/usr/include/libnl3 -g0 -march=x86-64 -mtune=native -O3 -pipe -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -fomit-frame-pointer -fPIC -Wall -Werror -O3 -DNDEBUG   -g -MD -MT linux/CMakeFiles/mon.dir/__/common.c.o -MF CMakeFiles/mon.dir/__/common.c.o.d -o CMakeFiles/mon.dir/__/common.c.o -c /tmp/authsae-git/src/authsae/common.c
In file included from /usr/include/string.h:519,
                 from /tmp/authsae-git/src/authsae/linux/mon.c:45:
In function ‘strncpy’,
    inlined from ‘add_interface’ at /tmp/authsae-git/src/authsae/linux/mon.c:172:3,
    inlined from ‘add_interface’ at /tmp/authsae-git/src/authsae/linux/mon.c:157:13:
/usr/include/bits/string_fortified.h:95:10: error: ‘__builtin___strncpy_chk’ output truncated before terminating nul copying as many bytes from a string as its length [-Werror=stringop-truncation]
   95 |   return __builtin___strncpy_chk (__dest, __src, __len,
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   96 |                                   __glibc_objsize (__dest));
      |                                   ~~~~~~~~~~~~~~~~~~~~~~~~~
/tmp/authsae-git/src/authsae/linux/mon.c: In function ‘add_interface’:
/tmp/authsae-git/src/authsae/linux/mon.c:172:3: note: length computed here
  172 |   strncpy(inf->ifname, ptr, strlen(ptr));
      |   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
make[2]: *** [linux/CMakeFiles/mon.dir/build.make:79: linux/CMakeFiles/mon.dir/mon.c.o] Error 1
make[2]: *** Waiting for unfinished jobs....
[...]

We had to back out these changes (go back to 813ec0e).

The network appears to come up but we can't get data over it, even pings do not work

Guys,

I've been testing an annoying bug I've been having on a mesh of (currently) 2 units for the past week or so, but I cannot seem to find what causes it.

It happens when I run an iperf test between the units. At or around the time the SAE lifetime expires, a rekey occurs, after which traffic between the units stops.
Sometimes a packet arrives about a key lifetime later, but it does not get stable anymore.

If I leave the link idle (no iperf test, just some pings), then this problem does not seem to occur.

Looking at the debug traces from meshd-nl80211I can find no fault. I also looked at the key material sent down to the ath9k driver (printk's in the kernel driver), but even reading back those registers does not indicate to me that there's a fault.

Both units use an ath9k Atheros card; One is an AzureWave AR5B95, the other is a Compex WLE200N2-23. I have also observed the problem on Compex WLE350NX cards, so I am guessing this is not hardware related.

I set up both units with the attached config below;
meshd.txt

The kernel I use 4.4.11, but I've seen the same problem with 3.10.49.
The compat-wireless 2016-01-10 driver set used by OpenWRT seems to have the same problem with the old 3.10.34 kernel I run on that system.

The iperf setup is (using 2.0.5):

• One system running iperf -s -u -p 6969 -i 5
• One system running iperf -c -u -p 6969 -i 5 -t 86400 -b 100M

I create the mesh interfaces by:

• iw phy phy0 interface add mesh0 type mp
• ifconfig mesh0 IP MASK up
• meshd-nl80211 -c meshd.txt -i mesh0

Right now the key lifetime is at 60 seconds for problem reproduction, but I have seen the same problem on a link with a key lifetime of 3600 seconds; the link then dies at that time.

Can anyone give me a couple of pointers where to look, or maybe help me out?

Regards,

Michel Stam

Hi there!

Looking at the FreeBSD 6.1 patch, this seems that not too much changed. Would you be interested in updating that portion? Sadly i come from Java-land, so my C skill is not high enough for kernel modules, otherwise i'd take a stab at it.

Thanks!

Hi

The title is 'Clone of http://sourceforge.net/projects/authsae. The repository in sourceforge is the "official" repository for authsae. This is just a conveniency clone. http://sourceforge.net/projects/authsae/'

As sourceforge CVS repo isn't up to date, maybe we can declare this git repo the official one (and kill the sourceforge one?)

Do you know if authsae daemon is concerned by this attack?

I have seen huge differences in memory consumption on different nodes.

During investigation, I see error messages (debug=1):

Thu Dec 17 16:24:20 2015 nlerror, cmd 19, seq 1450368158: File exists
Thu Dec 17 16:24:20 2015 nlerror, cmd 18, seq 1450368171: Invalid argument

I'll post results with higher debug level

At least about Linux support (in Restrictions header). Please update whole text.

Dear authsae team,

Hi! Could anybody kindly help provide more details about "Edit the Makefile to point $(LIBS) to OpenSSL and make" in ReadMe? Since I cannot find $(LIBS)....

I am not familiar with cmake, but to my understanding, what I need to do is link libcrypto and libconfig in authsae/CMakeLists.txt.. Is this right?

Any comments or examples is greatly appreciated~~

We're getting netlink errors:

Thu Dec  1 13:47:50 2016 meshd-nl80211 started
Thu Dec  1 13:47:50 2016 group 19 is configured, prime is 32 bytes
Thu Dec  1 13:47:50 2016 group 26 is configured, prime is 28 bytes
Thu Dec  1 13:47:50 2016 group 21 is configured, prime is 66 bytes
Thu Dec  1 13:47:50 2016 group 25 is configured, prime is 24 bytes
Thu Dec  1 13:47:50 2016 group 20 is configured, prime is 48 bytes
Thu Dec  1 13:47:50 2016 ----------
Thu Dec  1 13:47:50 2016 nlcfg rates hexdump
Thu Dec  1 13:47:50 2016 00000000  0a 00 14 00 37 00 6e 00 3c 00 5a 00 78 00 b4 00 
Thu Dec  1 13:47:50 2016 00000010  f0 00 68 01 e0 01 1c 02 
Thu Dec  1 13:47:50 2016 ----------
Thu Dec  1 13:47:50 2016 
Thu Dec  1 13:47:50 2016 ----------
Thu Dec  1 13:47:50 2016 Fixed Information Elements in this STA hexdump
Thu Dec  1 13:47:50 2016 00000000  01 08 82 84 8b 96 8c 12 98 24 32 04 b0 48 60 6c 
Thu Dec  1 13:47:50 2016 ----------
Thu Dec  1 13:47:50 2016 
Thu Dec  1 13:47:50 2016 meshd: Starting mesh with mesh id = feed149c4e0f7638e
Thu Dec  1 13:47:50 2016 ----------
Thu Dec  1 13:47:50 2016 basic rates: hexdump
Thu Dec  1 13:47:50 2016 00000000  82 84 8b 96 8c 98 b0 
Thu Dec  1 13:47:50 2016 ----------
Thu Dec  1 13:47:50 2016 
Thu Dec  1 13:47:50 2016 joining mesh feed149c4e0f7638e on freq 2462, mode 1
Thu Dec  1 13:47:50 2016 nlerror, cmd 68, seq 1480600077: Invalid argument

This causes the interface to NOT become running.
Everything falls over.
Rather blocking for us.

What about creating a dedicated licence file like LICENCE or COPYING?

And what type of licence is valid for authsae? BSD-3c? The wording of the the third term is a little bit different from the definition on opensource.org. See comments to my patch, that tries to add authsae to Buildroot.

Hello,
Currently I try to secure a mesh network with SAE. With the meshd-80211 is seems to getting up and running, although some issue araised.
One is a segmentation fault when trying to debug the crypto on verbose level. I checked also this setting on openwrt, and it has the same behaviour.

Segmentation fault when starting meshd-80122 in debug mode, level 0x10 (SAE_DEBUG_CRYPTO_VERB, from authsae/common.h).
After this error the meshd stops:
The syslog:
Dec 7 10:17:25 AHR-175-101 vmunix: [348301.778513] meshd-nl80211[23719]: segfault at 34f6cf74 ip b7440b3a sp bff20fec error 4 in libc-2.13.so[b73d1000+149000]

The config file for meshd-80211: ("/usr/local/etc/authsae.cfg" 23L, 359C)
/* this is a comment */
authsae:
{
sae:
{
debug = 16;
password = "12345678901234567890";
group = [19, 26, 21, 25, 20];
blacklist = 5;
thresh = 5;
lifetime = 3600;
};
meshd:
{
meshid = "owrt_mesh";
interface = "wlan0";
band = "11g";
channel = 11;
htmode = "none";
mcast-rate = 12;
};
};

Kernel info:
Uname -a:
Linux AHR-175-101 4.2.6-486 #1 SMP Sun Nov 29 19:47:56 CET 2015 i686 GNU/Linux

Source code:
Github ref: https://github.com/cozybit/authsae.git

Info on the OpenWRT distro can be provided if required.

Kind regards,
Jeffrey