OpenWrt 22.03 mesh not encrypted

bluewavenet · September 22, 2022, 3:25pm

I agree yes it is conceivable and indeed such worries date back to OpenWrt 18.06. Hence the additional test to set encryption on one node to none and see if it still connects, or even better, use a different key.

I have not recently looked at packets on air but have in the past. Nothing leads me to believe there is actually no encryption particularly as all versions of OpenWrt from 19.07.0 onwards can join the same mesh. As for a 21.02 "jumping" all by itself to unencrypted just because ... I'm not sure what because.....

dzenc · September 28, 2022, 7:09pm

This is a bug. I am seeing the same behavior. The ticket is here if you want to track it: https://github.com/openwrt/openwrt/issues/10687

wolf2351 · September 29, 2022, 9:48am

iw dev mesh scan returns:

BSS c0:c9:e3:e6:16:3d(on mesh)
	last seen: 1391773.136s [boottime]
	TSF: 1389612288059 usec (16d, 02:00:12)
	freq: 5180
	beacon interval: 100 TUs
	capability: (0x0010)
	signal: -56.00 dBm
	last seen: 10 ms ago
	SSID: 
	RSN:	 * Version: 1
		 * Group cipher: CCMP
		 * Pairwise ciphers: CCMP
		 * Authentication suites: SAE
		 * Capabilities: 1-PTKSA-RC 1-GTKSA-RC (0x0000)
	HT capabilities:
		Capabilities: 0x19ef
			RX LDPC
			HT20/HT40
			SM Power Save disabled
			RX HT20 SGI
			RX HT40 SGI
			TX STBC
			RX STBC 1-stream
			Max AMSDU length: 7935 bytes
			DSSS/CCK HT40
		Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
		Minimum RX AMPDU time spacing: 8 usec (0x06)
		HT TX/RX MCS rate indexes supported: 0-23
	HT operation:
		 * primary channel: 36
		 * secondary channel offset: above
		 * STA channel width: any
	MESH ID: rsb_mesh
	VHT capabilities:
		VHT Capabilities (0x338001b2):
			Max MPDU length: 11454
			Supported Channel Width: neither 160 nor 80+80
			RX LDPC
			short GI (80 MHz)
			TX STBC
			RX antenna pattern consistency
			TX antenna pattern consistency
		VHT RX MCS set:
			1 streams: MCS 0-9
			2 streams: MCS 0-9
			3 streams: MCS 0-9
			4 streams: not supported
			5 streams: not supported
			6 streams: not supported
			7 streams: not supported
			8 streams: not supported
		VHT RX highest supported: 0 Mbps
		VHT TX MCS set:
			1 streams: MCS 0-9
			2 streams: MCS 0-9
			3 streams: MCS 0-9
			4 streams: not supported
			5 streams: not supported
			6 streams: not supported
			7 streams: not supported
			8 streams: not supported
		VHT TX highest supported: 0 Mbps
	VHT operation:
		 * channel width: 1 (80 MHz)
		 * center freq segment 1: 42
		 * center freq segment 2: 0
		 * VHT basic MCS set: 0xffff

Changing the password on one router while using encrypted connection does not connect to secondary router (I would not draw the conclustion that this indicates an encrypted channel).

Seen as this is rated a bug now, I presume that this will be handled accordingly and we will get an update soon

darkspot · September 29, 2022, 10:01am

already posted in #11

McGiverGim · December 17, 2022, 8:16am

I can confirm that latest master code fixes this issue. Thanks to the developers!

system · January 5, 2023, 1:53pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.