Skip to content

Secure mesh wpa_supplicant tests

Jump to bottom Edit New page
Jason Mobarak edited this page Mar 28, 2014 · 8 revisions

Prerequisites

  1. Three ath9k_htc devices (we're using TP-LINK TL-WN721N)
  2. A recent kernel (version 3.12 was used in this tests)
  3. A hub for the 3 ath9k_htc devices

Build wpa_supplicant

$ cp tests/hwsim/example-wpa_supplicant.config wpa_supplicant/.config
$ cd wpa_supplicant
$ make

Setup mesh.conf for wpa_supplicant config

Add the following to a file mesh.conf

ctrl_interface=DIR=/tmp/wifi GROUP=jam
update_config=1
user_mpm=1
network={
    ssid="meshmesh"
    psk="superscretsssshh"
    mode=5
    frequency=2412
    disabled=1
    key_mgmt=SAE
}

Load ath9k_htc with 'nohwcrypt' option

# ... bring down any phys using ath9k_htc
$ sudo rmmod ath9k_htc
$ sudo modprobe ath9k_htc nohwcrypt=1
$ sudo cat /sys/module/ath9k_htc/parameters/nohwcrypt 
1

Create monitor interface

On a device that isn't going to be part of the mesh network, create a monitor interface:

sudo iw phy6 interface add mon0 type monitor
sudo iw dev wlanX del # delete any other interface on the PHY so the channel can be set
sudo ip link set mon0 up
sudo iw dev mon0 set channel 1

Launch Wireshark and start a capture: $ wireshark -imon0 -k

Create network namespaces

Since we're doing this all on the same machine, we need to create some network namespace so that we can actually send data over the air. Without this, we'll get false positives-- showing data flowing between interfaces, when in fact it's only flowing through the loopback.

$ sudo ip netns add one
$ sudo ip netns add two

In different terminals, launch a couple shells, these will be used to check connectivity (with ping) later:

$ sudo ip netns exec one $SHELL
$ sudo ip netns exec two $SHELL # Do this in a different terminal

In each of the terminals, record the PID of shell:

$ echo $BASHPID # netns 'one' PID -> 6899
$ echo $BASHPID # netns 'two' PID -> 6630

Then (in a shell that's not part of a namespace), we move the interfaces in the mesh to their own net namespace:

$ iw dev
phy#7
	Interface wlan5
		ifindex 12
		type mesh point
phy#5
	Interface wlan3
		ifindex 13
		type mesh point
$ sudo iw phy7 set netns 6899 # This is the phy for wlan5, the PID for netns 'one'
$ sudo iw phy5 set netns 6630 # This is the phy for wlan3, the PID for netns 'two'

Launch wpa_supplicant

In yet another shell, do the following to launch wpa_supplicant:

$ sudo ip netns exec one gdb -ex run --args ./wpa_supplicant -iwlan5 -c $PWD/mesh.conf -Dnl80211 -dd

In another shell, launch another wpa_supplicant:

$ sudo ip netns exec two gdb -ex run --args ./wpa_supplicant -iwlan3 -c $PWD/mesh.conf -Dnl80211 -dd

Connect to wpa_supplicant with wpa_cli

Launch wpa_cli to initiate a mesh connection (in the shell connected to netns 'one'):

$ sudo ./wpa_cli -p /tmp/wifi/ -i wlan5
> set_network 0 no_auto_peer 1
OK
> mesh_group_add 0
OK

Next (in the shell associated with netns 'two'):

$ sudo ./wpa_cli -p /tmp/wifi/ -i wlan3
> mesh_group_add 0
OK

The follow output show be visible:

<3>joining mesh meshmesh
<3>CTRL-EVENT-CONNECTED - Connection to 00:00:00:00:00:00 completed [id=0 id_str=]
<3>MESH-GROUP-STARTED ssid="meshmesh" id=0
<3>new peer notification for f8:d1:11:65:9f:37
<3>will not initiate new peer link with f8:d1:11:65:9f:37 because of no_auto_peer
<3>mesh plink with f8:d1:11:65:9f:37 established

<3>MESH-PEER-CONNECTED f8:d1:11:65:9f:37

And:

<3>joining mesh meshmesh
<3>CTRL-EVENT-CONNECTED - Connection to 00:00:00:00:00:00 completed [id=0 id_str=]
<3>MESH-GROUP-STARTED ssid="meshmesh" id=0
<3>new peer notification for 00:27:19:f2:61:e8
<3>mesh plink with 00:27:19:f2:61:e8 established

<3>MESH-PEER-CONNECTED 00:27:19:f2:61:e8

Test connectivity

Once the devices have peered, test connectivity with ping (in the shell associate with netns 'one'):

$ sudo ifconfig wlan5 10.99.99.1
$ ping 10.99.99.2

In the shell associate with netns 'two':

$ sudo ifconfig wlan3 10.99.99.2
$ ping 10.99.99.1

If everything works there should success reported from ping:

$ ping 10.99.99.1
PING 10.99.99.1 (10.99.99.1) 56(84) bytes of data.
64 bytes from 10.99.99.1: icmp_req=1 ttl=64 time=73.8 ms
64 bytes from 10.99.99.1: icmp_req=2 ttl=64 time=1.03 ms
64 bytes from 10.99.99.1: icmp_req=3 ttl=64 time=7.68 ms
64 bytes from 10.99.99.1: icmp_req=4 ttl=64 time=5.61 ms

$ ping 10.99.99.2
PING 10.99.99.2 (10.99.99.2) 56(84) bytes of data.
64 bytes from 10.99.99.2: icmp_req=1 ttl=64 time=31.7 ms
64 bytes from 10.99.99.2: icmp_req=2 ttl=64 time=40.6 ms
64 bytes from 10.99.99.2: icmp_req=3 ttl=64 time=57.2 ms
64 bytes from 10.99.99.2: icmp_req=4 ttl=64 time=2.53 ms

Example capture

A capture file of a secure mesh peering, with an exchange of some encrypted data.

Add a custom footer
Add a custom sidebar
Clone this wiki locally