PKG_SOURCE_URL:=http://w1.fi/hostap.git
PKG_SOURCE_PROTO:=git
-PKG_SOURCE_DATE:=2019-04-21
-PKG_SOURCE_VERSION:=63962824309bb428e5f73d9caae08fcb949fbe36
-PKG_MIRROR_HASH:=b31e09b22284785f84ee4d2dfc2b8fa94cad5d7375d957bf2862a50cb5bc1475
+PKG_SOURCE_DATE:=2019-08-08
+PKG_SOURCE_VERSION:=ca8c2bd28ad53f431d6ee60ef754e98cfdb4c17b
+PKG_MIRROR_HASH:=9d9f1c60afa5324ee17219bd3ec61c1a6fa4043b4187da9bb44e59025d3ed31d
PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
PKG_LICENSE:=BSD-3-Clause
#CONFIG_EAP_GPSK_SHA256=y
# EAP-FAST for the integrated EAP server
-# Note: If OpenSSL is used as the TLS library, OpenSSL 1.0 or newer is needed
-# for EAP-FAST support. Older OpenSSL releases would need to be patched, e.g.,
-# with openssl-0.9.8x-tls-extensions.patch, to add the needed functions.
#CONFIG_EAP_FAST=y
+# EAP-TEAP for the integrated EAP server
+# Note: The current EAP-TEAP implementation is experimental and should not be
+# enabled for production use. The IETF RFC 7170 that defines EAP-TEAP has number
+# of conflicting statements and missing details and the implementation has
+# vendor specific workarounds for those and as such, may not interoperate with
+# any other implementation. This should not be used for anything else than
+# experimentation and interoperability testing until those issues has been
+# resolved.
+#CONFIG_EAP_TEAP=y
+
# Wi-Fi Protected Setup (WPS)
#CONFIG_WPS=y
# Enable UPnP support for external WPS Registrars
# Experimental implementation of draft-harkins-owe-07.txt
#CONFIG_OWE=y
+# Airtime policy support
+#CONFIG_AIRTIME_POLICY=y
+
# Override default value for the wpa_disable_eapol_key_retries configuration
# parameter. See that parameter in hostapd.conf for more details.
#CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1
#CONFIG_EAP_GPSK_SHA256=y
# EAP-FAST for the integrated EAP server
-# Note: If OpenSSL is used as the TLS library, OpenSSL 1.0 or newer is needed
-# for EAP-FAST support. Older OpenSSL releases would need to be patched, e.g.,
-# with openssl-0.9.8x-tls-extensions.patch, to add the needed functions.
CONFIG_EAP_FAST=y
+# EAP-TEAP for the integrated EAP server
+# Note: The current EAP-TEAP implementation is experimental and should not be
+# enabled for production use. The IETF RFC 7170 that defines EAP-TEAP has number
+# of conflicting statements and missing details and the implementation has
+# vendor specific workarounds for those and as such, may not interoperate with
+# any other implementation. This should not be used for anything else than
+# experimentation and interoperability testing until those issues has been
+# resolved.
+#CONFIG_EAP_TEAP=y
+
# Wi-Fi Protected Setup (WPS)
CONFIG_WPS=y
# Enable UPnP support for external WPS Registrars
# Experimental implementation of draft-harkins-owe-07.txt
#CONFIG_OWE=y
+# Airtime policy support
+#CONFIG_AIRTIME_POLICY=y
+
# Override default value for the wpa_disable_eapol_key_retries configuration
# parameter. See that parameter in hostapd.conf for more details.
#CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1
#CONFIG_EAP_GPSK_SHA256=y
# EAP-FAST for the integrated EAP server
-# Note: If OpenSSL is used as the TLS library, OpenSSL 1.0 or newer is needed
-# for EAP-FAST support. Older OpenSSL releases would need to be patched, e.g.,
-# with openssl-0.9.8x-tls-extensions.patch, to add the needed functions.
#CONFIG_EAP_FAST=y
+# EAP-TEAP for the integrated EAP server
+# Note: The current EAP-TEAP implementation is experimental and should not be
+# enabled for production use. The IETF RFC 7170 that defines EAP-TEAP has number
+# of conflicting statements and missing details and the implementation has
+# vendor specific workarounds for those and as such, may not interoperate with
+# any other implementation. This should not be used for anything else than
+# experimentation and interoperability testing until those issues has been
+# resolved.
+#CONFIG_EAP_TEAP=y
+
# Wi-Fi Protected Setup (WPS)
#CONFIG_WPS=y
# Enable UPnP support for external WPS Registrars
# Experimental implementation of draft-harkins-owe-07.txt
#CONFIG_OWE=y
+# Airtime policy support
+#CONFIG_AIRTIME_POLICY=y
+
# Override default value for the wpa_disable_eapol_key_retries configuration
# parameter. See that parameter in hostapd.conf for more details.
#CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1
# EAP-FAST
#CONFIG_EAP_FAST=y
+# EAP-TEAP
+# Note: The current EAP-TEAP implementation is experimental and should not be
+# enabled for production use. The IETF RFC 7170 that defines EAP-TEAP has number
+# of conflicting statements and missing details and the implementation has
+# vendor specific workarounds for those and as such, may not interoperate with
+# any other implementation. This should not be used for anything else than
+# experimentation and interoperability testing until those issues has been
+# resolved.
+#CONFIG_EAP_TEAP=y
+
# EAP-GTC
#CONFIG_EAP_GTC=y
# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used)
#CONFIG_EAP_SIM=y
+# Enable SIM simulator (Milenage) for EAP-SIM
+#CONFIG_SIM_SIMULATOR=y
+
# EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
#CONFIG_EAP_PSK=y
# EAP-FAST
CONFIG_EAP_FAST=y
+# EAP-TEAP
+# Note: The current EAP-TEAP implementation is experimental and should not be
+# enabled for production use. The IETF RFC 7170 that defines EAP-TEAP has number
+# of conflicting statements and missing details and the implementation has
+# vendor specific workarounds for those and as such, may not interoperate with
+# any other implementation. This should not be used for anything else than
+# experimentation and interoperability testing until those issues has been
+# resolved.
+#CONFIG_EAP_TEAP=y
+
# EAP-GTC
CONFIG_EAP_GTC=y
# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used)
#CONFIG_EAP_SIM=y
+# Enable SIM simulator (Milenage) for EAP-SIM
+#CONFIG_SIM_SIMULATOR=y
+
# EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
#CONFIG_EAP_PSK=y
# EAP-FAST
#CONFIG_EAP_FAST=y
+# EAP-TEAP
+# Note: The current EAP-TEAP implementation is experimental and should not be
+# enabled for production use. The IETF RFC 7170 that defines EAP-TEAP has number
+# of conflicting statements and missing details and the implementation has
+# vendor specific workarounds for those and as such, may not interoperate with
+# any other implementation. This should not be used for anything else than
+# experimentation and interoperability testing until those issues has been
+# resolved.
+#CONFIG_EAP_TEAP=y
+
# EAP-GTC
#CONFIG_EAP_GTC=y
# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used)
#CONFIG_EAP_SIM=y
+# Enable SIM simulator (Milenage) for EAP-SIM
+#CONFIG_SIM_SIMULATOR=y
+
# EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
#CONFIG_EAP_PSK=y
# EAP-FAST
CONFIG_EAP_FAST=y
+# EAP-TEAP
+# Note: The current EAP-TEAP implementation is experimental and should not be
+# enabled for production use. The IETF RFC 7170 that defines EAP-TEAP has number
+# of conflicting statements and missing details and the implementation has
+# vendor specific workarounds for those and as such, may not interoperate with
+# any other implementation. This should not be used for anything else than
+# experimentation and interoperability testing until those issues has been
+# resolved.
+#CONFIG_EAP_TEAP=y
+
# EAP-GTC
CONFIG_EAP_GTC=y
# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used)
#CONFIG_EAP_SIM=y
+# Enable SIM simulator (Milenage) for EAP-SIM
+#CONFIG_SIM_SIMULATOR=y
+
# EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
#CONFIG_EAP_PSK=y
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
-@@ -414,6 +414,8 @@ static void hostapd_free_hapd_data(struc
+@@ -423,6 +423,8 @@ static void hostapd_free_hapd_data(struc
#ifdef CONFIG_MESH
wpabuf_free(hapd->mesh_pending_auth);
hapd->mesh_pending_auth = NULL;
#endif /* CONFIG_MESH */
hostapd_clean_rrm(hapd);
-@@ -1980,6 +1982,13 @@ dfs_offload:
+@@ -2049,6 +2051,13 @@ dfs_offload:
if (hapd->setup_complete_cb)
hapd->setup_complete_cb(hapd->setup_complete_cb_ctx);
wpa_printf(MSG_DEBUG, "%s: Setup of interface done.",
iface->bss[0]->conf->iface);
if (iface->interfaces && iface->interfaces->terminate_on_error > 0)
-@@ -2123,7 +2132,7 @@ int hostapd_setup_interface(struct hosta
+@@ -2192,7 +2201,7 @@ int hostapd_setup_interface(struct hosta
ret = setup_interface(iface);
if (ret) {
wpa_printf(MSG_ERROR, "%s: Unable to setup interface.",
}
if (ifmsh->mconf->security != MESH_CONF_SEC_NONE &&
-@@ -208,7 +209,7 @@ static int wpas_mesh_complete(struct wpa
- wpa_printf(MSG_ERROR,
+@@ -209,7 +210,7 @@ static int wpas_mesh_complete(struct wpa
"mesh: RSN initialization failed - deinit mesh");
wpa_supplicant_mesh_deinit(wpa_s);
+ wpa_drv_leave_mesh(wpa_s);
- return -1;
+ return;
}
if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) {
-@@ -234,8 +235,6 @@ static int wpas_mesh_complete(struct wpa
+@@ -235,8 +236,6 @@ static int wpas_mesh_complete(struct wpa
if (!ret)
wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
}
-@@ -262,6 +261,7 @@ static int wpa_supplicant_mesh_init(stru
+@@ -263,6 +262,7 @@ static int wpa_supplicant_mesh_init(stru
if (!ifmsh)
return -ENOMEM;
ifmsh->drv_flags = wpa_s->drv_flags;
ifmsh->num_bss = 1;
ifmsh->bss = os_calloc(wpa_s->ifmsh->num_bss,
-@@ -279,6 +279,8 @@ static int wpa_supplicant_mesh_init(stru
+@@ -280,6 +280,8 @@ static int wpa_supplicant_mesh_init(stru
bss->drv_priv = wpa_s->drv_priv;
bss->iface = ifmsh;
bss->mesh_sta_free_cb = mesh_mpm_free_sta;
frequency = ssid->frequency;
if (frequency != freq->freq &&
frequency == freq->freq + freq->sec_channel_offset * 20) {
-@@ -517,7 +519,6 @@ int wpa_supplicant_join_mesh(struct wpa_
+@@ -521,7 +523,6 @@ int wpa_supplicant_join_mesh(struct wpa_
goto out;
}
--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
-@@ -286,6 +286,7 @@ static int wpa_supplicant_mesh_init(stru
+@@ -287,6 +287,7 @@ static int wpa_supplicant_mesh_init(stru
frequency == freq->freq + freq->sec_channel_offset * 20) {
wpa_printf(MSG_DEBUG, "mesh: pri/sec channels switched");
frequency = freq->freq;
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -1436,6 +1436,7 @@ struct wpa_driver_mesh_join_params {
+@@ -1477,6 +1477,7 @@ struct wpa_driver_mesh_join_params {
#define WPA_DRIVER_MESH_FLAG_SAE_AUTH 0x00000004
#define WPA_DRIVER_MESH_FLAG_AMPE 0x00000008
unsigned int flags;
/**
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -9544,6 +9544,9 @@ static int nl80211_join_mesh(struct i802
+@@ -9624,6 +9624,9 @@ static int nl80211_join_mesh(struct i802
wpa_printf(MSG_DEBUG, " * flags=%08X", params->flags);
goto fail;
--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
-@@ -308,6 +308,7 @@ static int wpa_supplicant_mesh_init(stru
+@@ -309,6 +309,7 @@ static int wpa_supplicant_mesh_init(stru
conf->country[0] = wpa_s->conf->country[0];
conf->country[1] = wpa_s->conf->country[1];
conf->country[2] = ' ';
--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
-@@ -248,7 +248,7 @@ static int wpa_supplicant_mesh_init(stru
+@@ -249,7 +249,7 @@ static int wpa_supplicant_mesh_init(stru
struct mesh_conf *mconf;
int basic_rates_erp[] = { 10, 20, 55, 60, 110, 120, 240, -1 };
int rate_len;
if (!wpa_s->conf->user_mpm) {
/* not much for us to do here */
-@@ -385,6 +385,13 @@ static int wpa_supplicant_mesh_init(stru
+@@ -386,6 +386,13 @@ static int wpa_supplicant_mesh_init(stru
conf->basic_rates[rate_len] = -1;
}
if (wpa_drv_init_mesh(wpa_s)) {
wpa_msg(wpa_s, MSG_ERROR, "Failed to init mesh in driver");
return -1;
-@@ -396,8 +403,6 @@ static int wpa_supplicant_mesh_init(stru
+@@ -397,8 +404,6 @@ static int wpa_supplicant_mesh_init(stru
return -1;
}
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -2148,6 +2148,8 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2153,6 +2153,8 @@ void ibss_mesh_setup_freq(struct wpa_sup
struct hostapd_freq_params vht_freq;
int chwidth, seg0, seg1;
u32 vht_caps = 0;
freq->freq = ssid->frequency;
-@@ -2224,8 +2226,11 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2232,8 +2234,11 @@ void ibss_mesh_setup_freq(struct wpa_sup
return;
/* Check primary channel flags */
freq->channel = pri_chan->chan;
-@@ -2256,8 +2261,11 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2264,8 +2269,11 @@ void ibss_mesh_setup_freq(struct wpa_sup
return;
/* Check secondary channel flags */
if (ht40 == -1) {
if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
-@@ -2348,8 +2356,11 @@ skip_ht40:
+@@ -2356,8 +2364,11 @@ skip_ht40:
return;
/* Back to HT configuration if channel not usable */
+ return;
}
- chwidth = VHT_CHANWIDTH_80MHZ;
-@@ -2369,10 +2380,11 @@ skip_ht40:
+ chwidth = CHANWIDTH_80MHZ;
+@@ -2377,10 +2388,11 @@ skip_ht40:
if (!chan)
continue;
+ continue;
/* Found a suitable second segment for 80+80 */
- chwidth = VHT_CHANWIDTH_80P80MHZ;
+ chwidth = CHANWIDTH_80P80MHZ;
--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
-@@ -385,6 +385,7 @@ static int wpa_supplicant_mesh_init(stru
+@@ -386,6 +386,7 @@ static int wpa_supplicant_mesh_init(stru
conf->basic_rates[rate_len] = -1;
}
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -7411,6 +7411,10 @@ static int wpa_driver_nl80211_send_actio
+@@ -7462,6 +7462,10 @@ static int wpa_driver_nl80211_send_actio
int ret = -1;
u8 *buf;
struct ieee80211_hdr *hdr;
wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, "
"freq=%u MHz wait=%d ms no_cck=%d)",
-@@ -7435,6 +7439,21 @@ static int wpa_driver_nl80211_send_actio
+@@ -7486,6 +7490,21 @@ static int wpa_driver_nl80211_send_actio
os_memset(bss->rand_addr, 0, ETH_ALEN);
}
if (is_ap_interface(drv->nlmode) &&
(!(drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) ||
(int) freq == bss->freq || drv->device_ap_sme ||
-@@ -7446,7 +7465,7 @@ static int wpa_driver_nl80211_send_actio
+@@ -7497,7 +7516,7 @@ static int wpa_driver_nl80211_send_actio
ret = nl80211_send_frame_cmd(bss, freq, wait_time, buf,
24 + data_len,
&drv->send_action_cookie,
#include "ap/sta_info.h"
#include "ap/hostapd.h"
#include "ap/ieee802_11.h"
-@@ -204,6 +205,30 @@ static void wpas_mesh_complete_cb(void *
+@@ -204,6 +205,32 @@ static void wpas_mesh_complete_cb(void *
return;
}
+ ifmsh->conf->channel,
+ ifmsh->conf->ieee80211n,
+ ifmsh->conf->ieee80211ac,
++ ifmsh->conf->ieee80211ax,
+ ifmsh->conf->secondary_channel,
-+ ifmsh->conf->vht_oper_chwidth,
-+ ifmsh->conf->vht_oper_centr_freq_seg0_idx,
-+ ifmsh->conf->vht_oper_centr_freq_seg1_idx,
-+ ifmsh->conf->vht_capab)) {
++ hostapd_get_oper_chwidth(ifmsh->conf),
++ hostapd_get_oper_centr_freq_seg0_idx(ifmsh->conf),
++ hostapd_get_oper_centr_freq_seg1_idx(ifmsh->conf),
++ ifmsh->current_mode->vht_capab,
++ &ifmsh->current_mode->he_capab[IEEE80211_MODE_AP])) {
+ wpa_printf(MSG_ERROR, "Error updating mesh frequency params.");
+ wpa_supplicant_mesh_deinit(wpa_s);
+ return;
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
-@@ -50,6 +50,7 @@ struct mesh_conf {
+@@ -51,6 +51,7 @@ struct mesh_conf {
int dot11MeshRetryTimeout; /* msec */
int dot11MeshConfirmTimeout; /* msec */
int dot11MeshHoldingTimeout; /* msec */
};
#define MAX_STA_COUNT 2007
-@@ -645,6 +646,7 @@ struct hostapd_bss_config {
+@@ -666,6 +667,7 @@ struct hostapd_bss_config {
#define MESH_ENABLED BIT(0)
int mesh;
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -1409,6 +1409,7 @@ struct wpa_driver_mesh_bss_params {
+@@ -1450,6 +1450,7 @@ struct wpa_driver_mesh_bss_params {
#define WPA_DRIVER_MESH_CONF_FLAG_MAX_PEER_LINKS 0x00000004
#define WPA_DRIVER_MESH_CONF_FLAG_HT_OP_MODE 0x00000008
#define WPA_DRIVER_MESH_CONF_FLAG_RSSI_THRESHOLD 0x00000010
/*
* TODO: Other mesh configuration parameters would go here.
* See NL80211_MESHCONF_* for all the mesh config parameters.
-@@ -1418,6 +1419,7 @@ struct wpa_driver_mesh_bss_params {
+@@ -1459,6 +1460,7 @@ struct wpa_driver_mesh_bss_params {
int peer_link_timeout;
int max_peer_links;
int rssi_threshold;
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -9512,6 +9512,9 @@ static int nl80211_put_mesh_config(struc
+@@ -9592,6 +9592,9 @@ static int nl80211_put_mesh_config(struc
if (((params->flags & WPA_DRIVER_MESH_CONF_FLAG_AUTO_PLINKS) &&
nla_put_u8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS,
params->auto_plinks)) ||
{ INT_RANGE(mesh_rssi_threshold, -255, 1) },
#else /* CONFIG_MESH */
{ INT_RANGE(mode, 0, 4) },
-@@ -2868,6 +2869,7 @@ void wpa_config_set_network_defaults(str
+@@ -2869,6 +2870,7 @@ void wpa_config_set_network_defaults(str
ssid->dot11MeshRetryTimeout = DEFAULT_MESH_RETRY_TIMEOUT;
ssid->dot11MeshConfirmTimeout = DEFAULT_MESH_CONFIRM_TIMEOUT;
ssid->dot11MeshHoldingTimeout = DEFAULT_MESH_HOLDING_TIMEOUT;
ssid->mesh_rssi_threshold = DEFAULT_MESH_RSSI_THRESHOLD;
#endif /* CONFIG_MESH */
#ifdef CONFIG_HT_OVERRIDES
-@@ -4088,6 +4090,7 @@ struct wpa_config * wpa_config_alloc_emp
+@@ -4089,6 +4091,7 @@ struct wpa_config * wpa_config_alloc_emp
config->user_mpm = DEFAULT_USER_MPM;
config->max_peer_links = DEFAULT_MAX_PEER_LINKS;
config->mesh_max_inactivity = DEFAULT_MESH_MAX_INACTIVITY;
config->dot11RSNASAERetransPeriod =
DEFAULT_DOT11_RSNA_SAE_RETRANS_PERIOD;
config->fast_reauth = DEFAULT_FAST_REAUTH;
-@@ -4725,6 +4728,7 @@ static const struct global_parse_data gl
+@@ -4726,6 +4729,7 @@ static const struct global_parse_data gl
{ INT(user_mpm), 0 },
{ INT_RANGE(max_peer_links, 0, 255), 0 },
{ INT(mesh_max_inactivity), 0 },
/*
* The default dot11RSNASAERetransPeriod is defined as 40 ms in the standard,
* but use 1000 ms in practice to avoid issues on low power CPUs.
-@@ -1326,6 +1327,14 @@ struct wpa_config {
+@@ -1327,6 +1328,14 @@ struct wpa_config {
int mesh_max_inactivity;
/**
INT(frequency);
INT(fixed_freq);
#ifdef CONFIG_ACS
-@@ -1471,6 +1472,9 @@ static void wpa_config_write_global(FILE
+@@ -1472,6 +1473,9 @@ static void wpa_config_write_global(FILE
fprintf(f, "mesh_max_inactivity=%d\n",
config->mesh_max_inactivity);
fprintf(f, "dot11RSNASAERetransPeriod=%d\n",
--- a/wpa_supplicant/config_ssid.h
+++ b/wpa_supplicant/config_ssid.h
-@@ -514,6 +514,11 @@ struct wpa_ssid {
+@@ -516,6 +516,11 @@ struct wpa_ssid {
int dot11MeshConfirmTimeout; /* msec */
int dot11MeshHoldingTimeout; /* msec */
conf->dot11MeshMaxRetries = ssid->dot11MeshMaxRetries;
conf->dot11MeshRetryTimeout = ssid->dot11MeshRetryTimeout;
conf->dot11MeshConfirmTimeout = ssid->dot11MeshConfirmTimeout;
-@@ -325,6 +326,7 @@ static int wpa_supplicant_mesh_init(stru
+@@ -328,6 +329,7 @@ static int wpa_supplicant_mesh_init(stru
bss->conf->start_disabled = 1;
bss->conf->mesh = MESH_ENABLED;
bss->conf->ap_max_inactivity = wpa_s->conf->mesh_max_inactivity;
if (ieee80211_is_dfs(ssid->frequency, wpa_s->hw.modes,
wpa_s->hw.num_modes) && wpa_s->conf->country[0]) {
-@@ -543,6 +545,10 @@ int wpa_supplicant_join_mesh(struct wpa_
+@@ -549,6 +551,10 @@ int wpa_supplicant_join_mesh(struct wpa_
}
params->conf.peer_link_timeout = wpa_s->conf->mesh_max_inactivity;
if (wpa_supplicant_mesh_init(wpa_s, ssid, ¶ms->freq)) {
--- a/wpa_supplicant/mesh_mpm.c
+++ b/wpa_supplicant/mesh_mpm.c
-@@ -295,9 +295,9 @@ static void mesh_mpm_send_plink_action(s
+@@ -305,9 +305,9 @@ static void mesh_mpm_send_plink_action(s
info = (bss->num_plinks > 63 ? 63 : bss->num_plinks) << 1;
/* TODO: Add Connected to Mesh Gate/AS subfields */
wpabuf_put_u8(buf, info);
--- a/wpa_supplicant/mesh_mpm.c
+++ b/wpa_supplicant/mesh_mpm.c
-@@ -685,11 +685,12 @@ static struct sta_info * mesh_mpm_add_pe
+@@ -710,11 +710,12 @@ static struct sta_info * mesh_mpm_add_pe
}
sta = ap_get_sta(data, addr);
+++ /dev/null
-From e43f08991f00820c1f711ca254021d5f83b5cd7d Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <jouni@codeaurora.org>
-Date: Thu, 25 Apr 2019 18:52:34 +0300
-Subject: [PATCH 1/6] SAE: Use const_time_memcmp() for pwd_value >= prime
- comparison
-
-This reduces timing and memory access pattern differences for an
-operation that could depend on the used password.
-
-Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
-(cherry picked from commit 8e14b030e558d23f65d761895c07089404e61cf1)
----
- src/common/sae.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/src/common/sae.c
-+++ b/src/common/sae.c
-@@ -317,7 +317,7 @@ static int sae_test_pwd_seed_ecc(struct
- wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-value",
- pwd_value, sae->tmp->prime_len);
-
-- if (os_memcmp(pwd_value, prime, sae->tmp->prime_len) >= 0)
-+ if (const_time_memcmp(pwd_value, prime, sae->tmp->prime_len) >= 0)
- return 0;
-
- x_cand = crypto_bignum_init_set(pwd_value, sae->tmp->prime_len);
+++ /dev/null
-From 20d7bd83c43fb24c4cf84d3045254d3ee1957166 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <jouni@codeaurora.org>
-Date: Thu, 25 Apr 2019 19:07:05 +0300
-Subject: [PATCH 2/6] EAP-pwd: Use const_time_memcmp() for pwd_value >= prime
- comparison
-
-This reduces timing and memory access pattern differences for an
-operation that could depend on the used password.
-
-Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
-(cherry picked from commit 7958223fdcfe82479e6ed71019a84f6d4cbf799c)
----
- src/eap_common/eap_pwd_common.c | 13 ++++++++-----
- 1 file changed, 8 insertions(+), 5 deletions(-)
-
---- a/src/eap_common/eap_pwd_common.c
-+++ b/src/eap_common/eap_pwd_common.c
-@@ -144,6 +144,7 @@ int compute_password_element(EAP_PWD_gro
- u8 qnr_bin[MAX_ECC_PRIME_LEN];
- u8 qr_or_qnr_bin[MAX_ECC_PRIME_LEN];
- u8 x_bin[MAX_ECC_PRIME_LEN];
-+ u8 prime_bin[MAX_ECC_PRIME_LEN];
- struct crypto_bignum *tmp1 = NULL, *tmp2 = NULL, *pm1 = NULL;
- struct crypto_hash *hash;
- unsigned char pwe_digest[SHA256_MAC_LEN], *prfbuf = NULL, ctr;
-@@ -161,6 +162,11 @@ int compute_password_element(EAP_PWD_gro
- os_memset(x_bin, 0, sizeof(x_bin));
-
- prime = crypto_ec_get_prime(grp->group);
-+ primebitlen = crypto_ec_prime_len_bits(grp->group);
-+ primebytelen = crypto_ec_prime_len(grp->group);
-+ if (crypto_bignum_to_bin(prime, prime_bin, sizeof(prime_bin),
-+ primebytelen) < 0)
-+ return -1;
- grp->pwe = crypto_ec_point_init(grp->group);
- tmp1 = crypto_bignum_init();
- pm1 = crypto_bignum_init();
-@@ -170,8 +176,6 @@ int compute_password_element(EAP_PWD_gro
- goto fail;
- }
-
-- primebitlen = crypto_ec_prime_len_bits(grp->group);
-- primebytelen = crypto_ec_prime_len(grp->group);
- if ((prfbuf = os_malloc(primebytelen)) == NULL) {
- wpa_printf(MSG_INFO, "EAP-pwd: unable to malloc space for prf "
- "buffer");
-@@ -237,6 +241,8 @@ int compute_password_element(EAP_PWD_gro
- if (primebitlen % 8)
- buf_shift_right(prfbuf, primebytelen,
- 8 - primebitlen % 8);
-+ if (const_time_memcmp(prfbuf, prime_bin, primebytelen) >= 0)
-+ continue;
-
- crypto_bignum_deinit(x_candidate, 1);
- x_candidate = crypto_bignum_init_set(prfbuf, primebytelen);
-@@ -246,9 +252,6 @@ int compute_password_element(EAP_PWD_gro
- goto fail;
- }
-
-- if (crypto_bignum_cmp(x_candidate, prime) >= 0)
-- continue;
--
- wpa_hexdump_key(MSG_DEBUG, "EAP-pwd: x_candidate",
- prfbuf, primebytelen);
- const_time_select_bin(found, x_bin, prfbuf, primebytelen,
+++ /dev/null
-From ee34d8cfbd0fbf7ba7429531d4bee1c43b074d8b Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <jouni@codeaurora.org>
-Date: Thu, 25 Apr 2019 19:23:05 +0300
-Subject: [PATCH 3/6] OpenSSL: Use BN_bn2binpad() or BN_bn2bin_padded() if
- available
-
-This converts crypto_bignum_to_bin() to use the OpenSSL/BoringSSL
-functions BN_bn2binpad()/BN_bn2bin_padded(), when available, to avoid
-differences in runtime and memory access patterns depending on the
-leading bytes of the BIGNUM value.
-
-OpenSSL 1.0.2 and LibreSSL do not include such functions, so those cases
-are still using the previous implementation where the BN_num_bytes()
-call may result in different memory access pattern.
-
-Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
-(cherry picked from commit 1e237903f5b5d3117342daf006c5878cdb45e3d3)
----
- src/crypto/crypto_openssl.c | 16 ++++++++++++++++
- 1 file changed, 16 insertions(+)
-
---- a/src/crypto/crypto_openssl.c
-+++ b/src/crypto/crypto_openssl.c
-@@ -1295,7 +1295,13 @@ void crypto_bignum_deinit(struct crypto_
- int crypto_bignum_to_bin(const struct crypto_bignum *a,
- u8 *buf, size_t buflen, size_t padlen)
- {
-+#ifdef OPENSSL_IS_BORINGSSL
-+#else /* OPENSSL_IS_BORINGSSL */
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-+#else
- int num_bytes, offset;
-+#endif
-+#endif /* OPENSSL_IS_BORINGSSL */
-
- if (TEST_FAIL())
- return -1;
-@@ -1303,6 +1309,14 @@ int crypto_bignum_to_bin(const struct cr
- if (padlen > buflen)
- return -1;
-
-+#ifdef OPENSSL_IS_BORINGSSL
-+ if (BN_bn2bin_padded(buf, padlen, (const BIGNUM *) a) == 0)
-+ return -1;
-+ return padlen;
-+#else /* OPENSSL_IS_BORINGSSL */
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-+ return BN_bn2binpad((const BIGNUM *) a, buf, padlen);
-+#else
- num_bytes = BN_num_bytes((const BIGNUM *) a);
- if ((size_t) num_bytes > buflen)
- return -1;
-@@ -1315,6 +1329,8 @@ int crypto_bignum_to_bin(const struct cr
- BN_bn2bin((const BIGNUM *) a, buf + offset);
-
- return num_bytes + offset;
-+#endif
-+#endif /* OPENSSL_IS_BORINGSSL */
- }
-
-
+++ /dev/null
-From a25b48118d75f3c2d7cb1b2c3b4cffb13091a34c Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Mon, 24 Jun 2019 23:01:06 +0300
-Subject: [PATCH 4/6] SAE: Run through prf result processing even if it >=
- prime
-
-This reduces differences in timing and memory access within the
-hunting-and-pecking loop for ECC groups that have a prime that is not
-close to a power of two (e.g., Brainpool curves).
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
-(cherry picked from commit 147bf7b88a9c231322b5b574263071ca6dbb0503)
----
- src/common/sae.c | 15 ++++++++++++---
- 1 file changed, 12 insertions(+), 3 deletions(-)
-
---- a/src/common/sae.c
-+++ b/src/common/sae.c
-@@ -304,6 +304,8 @@ static int sae_test_pwd_seed_ecc(struct
- struct crypto_bignum *y_sqr, *x_cand;
- int res;
- size_t bits;
-+ int cmp_prime;
-+ unsigned int in_range;
-
- wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-seed", pwd_seed, SHA256_MAC_LEN);
-
-@@ -317,8 +319,13 @@ static int sae_test_pwd_seed_ecc(struct
- wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-value",
- pwd_value, sae->tmp->prime_len);
-
-- if (const_time_memcmp(pwd_value, prime, sae->tmp->prime_len) >= 0)
-- return 0;
-+ cmp_prime = const_time_memcmp(pwd_value, prime, sae->tmp->prime_len);
-+ /* Create a const_time mask for selection based on prf result
-+ * being smaller than prime. */
-+ in_range = const_time_fill_msb((unsigned int) cmp_prime);
-+ /* The algorithm description would skip the next steps if
-+ * cmp_prime >= 0 (reutnr 0 here), but go through them regardless to
-+ * minimize externally observable differences in behavior. */
-
- x_cand = crypto_bignum_init_set(pwd_value, sae->tmp->prime_len);
- if (!x_cand)
-@@ -330,7 +337,9 @@ static int sae_test_pwd_seed_ecc(struct
-
- res = is_quadratic_residue_blind(sae, prime, bits, qr, qnr, y_sqr);
- crypto_bignum_deinit(y_sqr, 1);
-- return res;
-+ if (res < 0)
-+ return res;
-+ return const_time_select_int(in_range, res, 0);
- }
-
-
+++ /dev/null
-From 00a6cc73da61b03c146b6c341d0d1e572bcef432 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Mon, 24 Jun 2019 23:02:51 +0300
-Subject: [PATCH 5/6] EAP-pwd: Run through prf result processing even if it >=
- prime
-
-This reduces differences in timing and memory access within the
-hunting-and-pecking loop for ECC groups that have a prime that is not
-close to a power of two (e.g., Brainpool curves).
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
-(cherry picked from commit cd803299ca485eb857e37c88f973fccfbb8600e5)
----
- src/eap_common/eap_pwd_common.c | 13 ++++++++++---
- 1 file changed, 10 insertions(+), 3 deletions(-)
-
---- a/src/eap_common/eap_pwd_common.c
-+++ b/src/eap_common/eap_pwd_common.c
-@@ -155,6 +155,8 @@ int compute_password_element(EAP_PWD_gro
- struct crypto_bignum *x_candidate = NULL;
- const struct crypto_bignum *prime;
- u8 mask, found_ctr = 0, is_odd = 0;
-+ int cmp_prime;
-+ unsigned int in_range;
-
- if (grp->pwe)
- return -1;
-@@ -241,8 +243,13 @@ int compute_password_element(EAP_PWD_gro
- if (primebitlen % 8)
- buf_shift_right(prfbuf, primebytelen,
- 8 - primebitlen % 8);
-- if (const_time_memcmp(prfbuf, prime_bin, primebytelen) >= 0)
-- continue;
-+ cmp_prime = const_time_memcmp(prfbuf, prime_bin, primebytelen);
-+ /* Create a const_time mask for selection based on prf result
-+ * being smaller than prime. */
-+ in_range = const_time_fill_msb((unsigned int) cmp_prime);
-+ /* The algorithm description would skip the next steps if
-+ * cmp_prime >= 0, but go through them regardless to minimize
-+ * externally observable differences in behavior. */
-
- crypto_bignum_deinit(x_candidate, 1);
- x_candidate = crypto_bignum_init_set(prfbuf, primebytelen);
-@@ -306,7 +313,7 @@ int compute_password_element(EAP_PWD_gro
- goto fail;
- mask = const_time_eq(res, check);
- found_ctr = const_time_select_u8(found, found_ctr, ctr);
-- found |= mask;
-+ found |= mask & in_range;
- }
- if (found == 0) {
- wpa_printf(MSG_INFO,
+++ /dev/null
-From 558518ed63202e5358116ab7e0afd5e85490f2ef Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Sat, 27 Jul 2019 23:19:17 +0300
-Subject: [PATCH 6/6] dragonfly: Disable use of groups using Brainpool curves
-
-Disable groups that use Brainpool curves for now since they leak more
-timing information due to the prime not being close to a power of two.
-This removes use of groups 28, 29, and 30 from SAE and EAP-pwd.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
-(cherry picked from commit 876c5eaa6dae1a87a17603fc489a44c29eedc2e3)
----
- src/common/sae.c | 6 ++++--
- src/eap_common/eap_pwd_common.c | 3 +--
- 2 files changed, 5 insertions(+), 4 deletions(-)
-
---- a/src/common/sae.c
-+++ b/src/common/sae.c
-@@ -28,9 +28,11 @@ static int sae_suitable_group(int group)
- * purposes: FFC groups whose prime is >= 3072 bits and ECC groups
- * defined over a prime field whose prime is >= 256 bits. Furthermore,
- * ECC groups defined over a characteristic 2 finite field and ECC
-- * groups with a co-factor greater than 1 are not suitable. */
-+ * groups with a co-factor greater than 1 are not suitable. Disable
-+ * groups that use Brainpool curves as well for now since they leak more
-+ * timing information due to the prime not being close to a power of
-+ * two. */
- return group == 19 || group == 20 || group == 21 ||
-- group == 28 || group == 29 || group == 30 ||
- group == 15 || group == 16 || group == 17 || group == 18;
- #endif /* CONFIG_TESTING_OPTIONS */
- }
---- a/src/eap_common/eap_pwd_common.c
-+++ b/src/eap_common/eap_pwd_common.c
-@@ -89,8 +89,7 @@ static int eap_pwd_suitable_group(u16 nu
- {
- /* Do not allow ECC groups with prime under 256 bits based on guidance
- * for the similar design in SAE. */
-- return num == 19 || num == 20 || num == 21 ||
-- num == 28 || num == 29 || num == 30;
-+ return num == 19 || num == 20 || num == 21;
- }
-
-
hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211,
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
-@@ -4463,6 +4463,18 @@ int ieee802_11_mgmt(struct hostapd_data
+@@ -4626,6 +4626,18 @@ int ieee802_11_mgmt(struct hostapd_data
fc = le_to_host16(mgmt->frame_control);
stype = WLAN_FC_GET_STYPE(fc);
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -296,9 +296,10 @@ void wpa_supplicant_cancel_auth_timeout(
+@@ -297,9 +297,10 @@ void wpa_supplicant_cancel_auth_timeout(
*/
void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
{
OBJS += ../src/ap/vlan_init.o
OBJS += ../src/ap/vlan_ifconfig.o
OBJS += ../src/ap/vlan.o
-@@ -360,10 +362,14 @@ CFLAGS += -DCONFIG_MBO
+@@ -366,10 +368,14 @@ CFLAGS += -DCONFIG_MBO
OBJS += ../src/ap/mbo_ap.o
endif
LIBS += $(DRV_AP_LIBS)
ifdef CONFIG_L2_PACKET
-@@ -1286,6 +1292,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR)
+@@ -1316,6 +1322,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR)
BCHECK=../src/drivers/build.hostapd
hostapd: $(BCHECK) $(OBJS)
$(Q)$(CC) $(LDFLAGS) -o hostapd $(OBJS) $(LIBS)
@$(E) " LD " $@
-@@ -1328,6 +1340,12 @@ ifeq ($(CONFIG_TLS), linux)
+@@ -1358,6 +1370,12 @@ ifeq ($(CONFIG_TLS), linux)
HOBJS += ../src/crypto/crypto_linux.o
endif
ifndef CONFIG_NO_GITVER
# Add VERSION_STR postfix for builds from a git repository
-@@ -362,7 +363,9 @@ endif
+@@ -363,7 +364,9 @@ endif
ifdef CONFIG_IBSS_RSN
NEED_RSN_AUTHENTICATOR=y
CFLAGS += -DCONFIG_IBSS_RSN
OBJS += ibss_rsn.o
endif
-@@ -870,6 +873,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS
+@@ -892,6 +895,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS
CFLAGS += -DCONFIG_DYNAMIC_EAP_METHODS
LIBS += -ldl -rdynamic
endif
endif
ifdef CONFIG_AP
-@@ -877,9 +884,11 @@ NEED_EAP_COMMON=y
+@@ -899,9 +906,11 @@ NEED_EAP_COMMON=y
NEED_RSN_AUTHENTICATOR=y
CFLAGS += -DCONFIG_AP
OBJS += ap.o
OBJS += ../src/ap/hostapd.o
OBJS += ../src/ap/wpa_auth_glue.o
OBJS += ../src/ap/utils.o
-@@ -961,6 +970,12 @@ endif
+@@ -983,6 +992,12 @@ endif
ifdef CONFIG_HS20
OBJS += ../src/ap/hs20.o
endif
endif
ifdef CONFIG_MBO
-@@ -969,7 +984,9 @@ CFLAGS += -DCONFIG_MBO
+@@ -991,7 +1006,9 @@ CFLAGS += -DCONFIG_MBO
endif
ifdef NEED_RSN_AUTHENTICATOR
NEED_AES_WRAP=y
OBJS += ../src/ap/wpa_auth.o
OBJS += ../src/ap/wpa_auth_ie.o
-@@ -1872,6 +1889,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
+@@ -1899,6 +1916,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
$(OBJS_c) $(OBJS_t) $(OBJS_t2) $(OBJS) $(BCHECK) $(EXTRA_progs): .config
wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
$(Q)$(LDO) $(LDFLAGS) -o wpa_supplicant $(OBJS) $(LIBS) $(EXTRALIBS)
@$(E) " LD " $@
-@@ -1972,6 +1995,12 @@ endif
+@@ -1999,6 +2022,12 @@ endif
$(Q)sed -e 's|\@BINDIR\@|$(BINDIR)|g' $< >$@
@$(E) " sed" $<
wpa_cli.exe: wpa_cli
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -5551,8 +5551,8 @@ union wpa_event_data {
+@@ -5657,8 +5657,8 @@ union wpa_event_data {
* Driver wrapper code should call this function whenever an event is received
* from the driver.
*/
/**
* wpa_supplicant_event_global - Report a driver event for wpa_supplicant
-@@ -5564,7 +5564,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -5670,7 +5670,7 @@ void wpa_supplicant_event(void *ctx, enu
* Same as wpa_supplicant_event(), but we search for the interface in
* wpa_global.
*/
/*
--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
-@@ -1581,8 +1581,8 @@ static void hostapd_event_wds_sta_interf
- }
+@@ -1669,8 +1669,8 @@ err:
+ #endif /* CONFIG_OWE */
-void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
{
struct hostapd_data *hapd = ctx;
#ifndef CONFIG_NO_STDOUT_DEBUG
-@@ -1816,7 +1816,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -1915,7 +1915,7 @@ void wpa_supplicant_event(void *ctx, enu
}
os_memset(&global, 0, sizeof(global));
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
-@@ -4176,8 +4176,8 @@ static void wpas_event_assoc_reject(stru
+@@ -4184,8 +4184,8 @@ static void wpas_event_assoc_reject(stru
}
{
struct wpa_supplicant *wpa_s = ctx;
int resched;
-@@ -4951,7 +4951,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -4967,7 +4967,7 @@ void wpa_supplicant_event(void *ctx, enu
}
struct wpa_supplicant *wpa_s;
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -6087,7 +6087,6 @@ struct wpa_interface * wpa_supplicant_ma
+@@ -6097,7 +6097,6 @@ struct wpa_interface * wpa_supplicant_ma
return NULL;
}
/**
* wpa_supplicant_match_existing - Match existing interfaces
* @global: Pointer to global data from wpa_supplicant_init()
-@@ -6124,6 +6123,11 @@ static int wpa_supplicant_match_existing
+@@ -6134,6 +6133,11 @@ static int wpa_supplicant_match_existing
#endif /* CONFIG_MATCH_IFACE */
/**
* wpa_supplicant_add_iface - Add a new network interface
-@@ -6380,6 +6384,8 @@ struct wpa_global * wpa_supplicant_init(
+@@ -6390,6 +6394,8 @@ struct wpa_global * wpa_supplicant_init(
#ifndef CONFIG_NO_WPA_MSG
wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
#endif /* CONFIG_NO_WPA_MSG */
#ifdef CONFIG_WPS
static int gen_uuid(const char *txt_addr)
-@@ -677,6 +682,8 @@ int main(int argc, char *argv[])
+@@ -682,6 +687,8 @@ int main(int argc, char *argv[])
return -1;
#endif /* CONFIG_DPP */
{
--- a/wpa_supplicant/eapol_test.c
+++ b/wpa_supplicant/eapol_test.c
-@@ -29,7 +29,12 @@
+@@ -30,7 +30,12 @@
#include "ctrl_iface.h"
#include "pcsc_funcs.h"
#include "wpas_glue.h"
const struct wpa_driver_ops *const wpa_drivers[] = { NULL };
-@@ -1296,6 +1301,10 @@ static void usage(void)
+@@ -1292,6 +1297,10 @@ static void usage(void)
"option several times.\n");
}
int main(int argc, char *argv[])
{
-@@ -1316,6 +1325,8 @@ int main(int argc, char *argv[])
+@@ -1312,6 +1321,8 @@ int main(int argc, char *argv[])
if (os_program_init())
return -1;
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -3390,6 +3390,10 @@ static int hostapd_config_fill(struct ho
+@@ -3411,6 +3411,10 @@ static int hostapd_config_fill(struct ho
bss->ieee80211w = 1;
#endif /* CONFIG_OCV */
#ifdef CONFIG_IEEE80211N
} else if (os_strcmp(buf, "ht_capab") == 0) {
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
-@@ -803,6 +803,8 @@ struct hostapd_config {
+@@ -934,6 +934,8 @@ struct hostapd_config {
int ht_op_mode_fixed;
u16 ht_capab;
INT(fixed_freq);
--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
-@@ -358,6 +358,8 @@ static int wpa_supplicant_mesh_init(stru
+@@ -361,6 +361,8 @@ static int wpa_supplicant_mesh_init(stru
frequency);
goto out_free;
}
if (conf->hw_mode == HOSTAPD_MODE_IEEE80211A && ssid->vht) {
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -2139,12 +2139,12 @@ void ibss_mesh_setup_freq(struct wpa_sup
- {
+@@ -2144,12 +2144,12 @@ void ibss_mesh_setup_freq(struct wpa_sup
+ int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
enum hostapd_hw_mode hw_mode;
struct hostapd_hw_modes *mode = NULL;
- int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
unsigned int j, k;
struct hostapd_freq_params vht_freq;
int chwidth, seg0, seg1;
-@@ -2214,7 +2214,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2222,7 +2222,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
return;
/* Setup higher BW only for 5 GHz */
for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
--- a/wpa_supplicant/config_ssid.h
+++ b/wpa_supplicant/config_ssid.h
-@@ -916,6 +916,8 @@ struct wpa_ssid {
+@@ -918,6 +918,8 @@ struct wpa_ssid {
*/
int no_auto_peer;
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -4465,7 +4465,7 @@ wpa_supplicant_alloc(struct wpa_supplica
+@@ -4475,7 +4475,7 @@ wpa_supplicant_alloc(struct wpa_supplica
if (wpa_s == NULL)
return NULL;
wpa_s->scan_req = INITIAL_SCAN_REQ;
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -4434,7 +4434,7 @@ static int nl80211_set_channel(struct i8
- freq->freq, freq->ht_enabled, freq->vht_enabled,
+@@ -4431,7 +4431,7 @@ static int nl80211_set_channel(struct i8
+ freq->freq, freq->ht_enabled, freq->vht_enabled, freq->he_enabled,
freq->bandwidth, freq->center_freq1, freq->center_freq2);
- msg = nl80211_drv_msg(drv, 0, set_chan ? NL80211_CMD_SET_CHANNEL :
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
-@@ -103,6 +103,25 @@ static void hostapd_reload_bss(struct ho
+@@ -108,6 +108,26 @@ static void hostapd_reload_bss(struct ho
#endif /* CONFIG_NO_RADIUS */
ssid = &hapd->conf->ssid;
+ hapd->iconf->channel,
+ hapd->iconf->ieee80211n,
+ hapd->iconf->ieee80211ac,
++ hapd->iconf->ieee80211ax,
+ hapd->iconf->secondary_channel,
-+ hapd->iconf->vht_oper_chwidth,
-+ hapd->iconf->vht_oper_centr_freq_seg0_idx,
-+ hapd->iconf->vht_oper_centr_freq_seg1_idx);
++ hostapd_get_oper_chwidth(hapd->iconf),
++ hostapd_get_oper_centr_freq_seg0_idx(hapd->iconf),
++ hostapd_get_oper_centr_freq_seg1_idx(hapd->iconf));
+
+ if (hapd->iface->current_mode) {
+ if (hostapd_prepare_rates(hapd->iface, hapd->iface->current_mode)) {
if (!ssid->wpa_psk_set && ssid->wpa_psk && !ssid->wpa_psk->next &&
ssid->wpa_passphrase_set && ssid->wpa_passphrase) {
/*
-@@ -200,6 +219,7 @@ int hostapd_reload_config(struct hostapd
+@@ -205,6 +225,7 @@ int hostapd_reload_config(struct hostapd
struct hostapd_data *hapd = iface->bss[0];
struct hostapd_config *newconf, *oldconf;
size_t j;
if (iface->config_fname == NULL) {
/* Only in-memory config in use - assume it has been updated */
-@@ -250,21 +270,20 @@ int hostapd_reload_config(struct hostapd
+@@ -255,24 +276,20 @@ int hostapd_reload_config(struct hostapd
}
iface->conf = newconf;
- hapd->iconf->ieee80211ac = oldconf->ieee80211ac;
- hapd->iconf->ht_capab = oldconf->ht_capab;
- hapd->iconf->vht_capab = oldconf->vht_capab;
-- hapd->iconf->vht_oper_chwidth = oldconf->vht_oper_chwidth;
-- hapd->iconf->vht_oper_centr_freq_seg0_idx =
-- oldconf->vht_oper_centr_freq_seg0_idx;
-- hapd->iconf->vht_oper_centr_freq_seg1_idx =
-- oldconf->vht_oper_centr_freq_seg1_idx;
+- hostapd_set_oper_chwidth(hapd->iconf,
+- hostapd_get_oper_chwidth(oldconf));
+- hostapd_set_oper_centr_freq_seg0_idx(
+- hapd->iconf,
+- hostapd_get_oper_centr_freq_seg0_idx(oldconf));
+- hostapd_set_oper_centr_freq_seg1_idx(
+- hapd->iconf,
+- hostapd_get_oper_centr_freq_seg1_idx(oldconf));
hapd->conf = newconf->bss[j];
hostapd_reload_bss(hapd);
}
--- a/wpa_supplicant/ap.c
+++ b/wpa_supplicant/ap.c
-@@ -1373,15 +1373,35 @@ int ap_switch_channel(struct wpa_supplic
+@@ -1378,15 +1378,35 @@ int ap_switch_channel(struct wpa_supplic
#ifdef CONFIG_CTRL_IFACE
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -2722,10 +2722,15 @@ static int wpa_driver_nl80211_del_beacon
+@@ -2721,10 +2721,15 @@ static int wpa_driver_nl80211_del_beacon
struct nl_msg *msg;
struct wpa_driver_nl80211_data *drv = bss->drv;
return send_and_recv_msgs(drv, msg, NULL, NULL);
}
-@@ -5036,7 +5041,7 @@ static void nl80211_teardown_ap(struct i
+@@ -5042,7 +5047,7 @@ static void nl80211_teardown_ap(struct i
nl80211_mgmt_unsubscribe(bss, "AP teardown");
nl80211_put_wiphy_data_ap(bss);
}
-@@ -7302,8 +7307,6 @@ static int wpa_driver_nl80211_if_remove(
+@@ -7353,8 +7358,6 @@ static int wpa_driver_nl80211_if_remove(
} else {
wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context");
nl80211_teardown_ap(bss);
nl80211_destroy_bss(bss);
if (!bss->added_if)
i802_set_iface_flags(bss, 0);
-@@ -7693,7 +7696,6 @@ static int wpa_driver_nl80211_deinit_ap(
+@@ -7744,7 +7747,6 @@ static int wpa_driver_nl80211_deinit_ap(
if (!is_ap_interface(drv->nlmode))
return -1;
wpa_driver_nl80211_del_beacon(bss);
/*
* If the P2P GO interface was dynamically added, then it is
-@@ -7713,7 +7715,6 @@ static int wpa_driver_nl80211_stop_ap(vo
+@@ -7764,7 +7766,6 @@ static int wpa_driver_nl80211_stop_ap(vo
if (!is_ap_interface(drv->nlmode))
return -1;
wpa_driver_nl80211_del_beacon(bss);
#ifdef CONFIG_IEEE80211W
#ifdef NEED_AP_MLME
-@@ -3172,6 +3229,8 @@ static int hostapd_ctrl_iface_receive_pr
+@@ -3195,6 +3252,8 @@ static int hostapd_ctrl_iface_receive_pr
} else if (os_strncmp(buf, "VENDOR ", 7) == 0) {
reply_len = hostapd_ctrl_iface_vendor(hapd, buf + 7, reply,
reply_size);
#ifdef RADIUS_SERVER
--- a/src/ap/ctrl_iface_ap.c
+++ b/src/ap/ctrl_iface_ap.c
-@@ -872,7 +872,13 @@ int hostapd_parse_csa_settings(const cha
+@@ -874,7 +874,13 @@ int hostapd_parse_csa_settings(const cha
int hostapd_ctrl_iface_stop_ap(struct hostapd_data *hapd)
{
break;
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -126,6 +126,55 @@ static void wpas_update_fils_connect_par
+@@ -127,6 +127,55 @@ static void wpas_update_fils_connect_par
#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
/* Configure default/group WEP keys for static WEP */
int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
{
-@@ -940,12 +989,16 @@ void wpa_supplicant_set_state(struct wpa
+@@ -941,12 +990,16 @@ void wpa_supplicant_set_state(struct wpa
sme_sched_obss_scan(wpa_s, 1);
wpa_s->new_connection = 1;
wpa_drv_set_operstate(wpa_s, 0);
#ifndef IEEE8021X_EAPOL
-@@ -2035,6 +2088,8 @@ void wpa_supplicant_associate(struct wpa
+@@ -2039,6 +2092,8 @@ void wpa_supplicant_associate(struct wpa
wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
ssid->id);
wpas_notify_mesh_group_started(wpa_s, ssid);
#else /* CONFIG_MESH */
wpa_msg(wpa_s, MSG_ERROR,
"mesh mode support not included in the build");
-@@ -5707,6 +5762,16 @@ static int wpa_supplicant_init_iface(str
+@@ -5717,6 +5772,16 @@ static int wpa_supplicant_init_iface(str
sizeof(wpa_s->bridge_ifname));
}
/* RSNA Supplicant Key Management - INITIALIZE */
eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
-@@ -6034,6 +6099,11 @@ static void wpa_supplicant_deinit_iface(
+@@ -6044,6 +6109,11 @@ static void wpa_supplicant_deinit_iface(
if (terminate)
wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
-@@ -2385,6 +2385,11 @@ static int hostapd_ctrl_iface_chan_switc
+@@ -2408,6 +2408,11 @@ static int hostapd_ctrl_iface_chan_switc
if (ret)
return ret;
/* Save CHAN_SWITCH VHT config */
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
-@@ -1397,11 +1397,6 @@ int ieee802_11_set_beacon(struct hostapd
+@@ -1403,11 +1403,6 @@ int ieee802_11_set_beacon(struct hostapd
struct wpabuf *beacon, *proberesp, *assocresp;
int res, ret = -1;
hapd->beacon_set_done = 1;
if (ieee802_11_build_ap_params(hapd, ¶ms) < 0)
---- a/src/drivers/driver.h
-+++ b/src/drivers/driver.h
-@@ -4544,6 +4544,13 @@ enum wpa_event_type {
- EVENT_CH_SWITCH,
-
- /**
-+ * EVENT_CH_SWITCH - AP or GO will switch channels soon
-+ *
-+ * Described in wpa_event_data.ch_switch
-+ * */
-+ EVENT_CH_SWITCH_STARTED,
-+
-+ /**
- * EVENT_WNM - Request WNM operation
- *
- * This event can be used to request a WNM operation to be performed.
-@@ -5381,6 +5388,7 @@ union wpa_event_data {
-
- /**
- * struct ch_switch
-+ * @count: countdown until channel switch
- * @freq: Frequency of new channel in MHz
- * @ht_enabled: Whether this is an HT channel
- * @ch_offset: Secondary channel offset
-@@ -5389,6 +5397,7 @@ union wpa_event_data {
- * @cf2: Center frequency 2
- */
- struct ch_switch {
-+ int count;
- int freq;
- int ht_enabled;
- int ch_offset;
---- a/src/drivers/driver_nl80211_event.c
-+++ b/src/drivers/driver_nl80211_event.c
-@@ -534,7 +534,8 @@ static int calculate_chan_offset(int wid
- static void mlme_event_ch_switch(struct wpa_driver_nl80211_data *drv,
- struct nlattr *ifindex, struct nlattr *freq,
- struct nlattr *type, struct nlattr *bw,
-- struct nlattr *cf1, struct nlattr *cf2)
-+ struct nlattr *cf1, struct nlattr *cf2,
-+ struct nlattr *count)
- {
- struct i802_bss *bss;
- union wpa_event_data data;
-@@ -592,11 +593,15 @@ static void mlme_event_ch_switch(struct
- data.ch_switch.cf1 = nla_get_u32(cf1);
- if (cf2)
- data.ch_switch.cf2 = nla_get_u32(cf2);
-+ if (count)
-+ data.ch_switch.count = nla_get_u32(count);
-
- bss->freq = data.ch_switch.freq;
- drv->assoc_freq = data.ch_switch.freq;
-
-- wpa_supplicant_event(bss->ctx, EVENT_CH_SWITCH, &data);
-+ wpa_supplicant_event(bss->ctx,
-+ count ? EVENT_CH_SWITCH_STARTED : EVENT_CH_SWITCH,
-+ &data);
- }
-
-
-@@ -2508,6 +2513,7 @@ static void do_process_drv_event(struct
- tb[NL80211_ATTR_PMK],
- tb[NL80211_ATTR_PMKID]);
- break;
-+ case NL80211_CMD_CH_SWITCH_STARTED_NOTIFY:
- case NL80211_CMD_CH_SWITCH_NOTIFY:
- mlme_event_ch_switch(drv,
- tb[NL80211_ATTR_IFINDEX],
-@@ -2515,7 +2521,8 @@ static void do_process_drv_event(struct
- tb[NL80211_ATTR_WIPHY_CHANNEL_TYPE],
- tb[NL80211_ATTR_CHANNEL_WIDTH],
- tb[NL80211_ATTR_CENTER_FREQ1],
-- tb[NL80211_ATTR_CENTER_FREQ2]);
-+ tb[NL80211_ATTR_CENTER_FREQ2],
-+ tb[NL80211_ATTR_CH_SWITCH_COUNT]);
- break;
- case NL80211_CMD_DISCONNECT:
- mlme_event_disconnect(drv, tb[NL80211_ATTR_REASON_CODE],
---- a/wpa_supplicant/events.c
-+++ b/wpa_supplicant/events.c
-@@ -4176,6 +4176,60 @@ static void wpas_event_assoc_reject(stru
- }
-
-
-+static void
-+supplicant_ch_switch_started(struct wpa_supplicant *wpa_s,
-+ union wpa_event_data *data)
-+{
-+ char buf[256];
-+ size_t len = sizeof(buf);
-+ char *cmd = NULL;
-+ int width = 20;
-+ int ret;
-+
-+ if (!wpa_s->hostapd)
-+ return;
-+
-+ wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CHANNEL_SWITCH
-+ "count=%d freq=%d ht_enabled=%d ch_offset=%d ch_width=%s cf1=%d cf2=%d",
-+ data->ch_switch.count,
-+ data->ch_switch.freq,
-+ data->ch_switch.ht_enabled,
-+ data->ch_switch.ch_offset,
-+ channel_width_to_string(data->ch_switch.ch_width),
-+ data->ch_switch.cf1,
-+ data->ch_switch.cf2);
-+
-+ switch (data->ch_switch.ch_width) {
-+ case CHAN_WIDTH_20_NOHT:
-+ case CHAN_WIDTH_20:
-+ width = 20;
-+ break;
-+ case CHAN_WIDTH_40:
-+ width = 40;
-+ break;
-+ case CHAN_WIDTH_80:
-+ width = 80;
-+ break;
-+ case CHAN_WIDTH_160:
-+ case CHAN_WIDTH_80P80:
-+ width = 160;
-+ break;
-+ }
-+
-+ asprintf(&cmd, "CHAN_SWITCH %d %d sec_channel_offset=%d center_freq1=%d center_freq2=%d, bandwidth=%d auto-ht\n",
-+ data->ch_switch.count - 1,
-+ data->ch_switch.freq,
-+ data->ch_switch.ch_offset,
-+ data->ch_switch.cf1,
-+ data->ch_switch.cf2,
-+ width);
-+ ret = wpa_ctrl_request(wpa_s->hostapd, cmd, os_strlen(cmd), buf, &len, NULL);
-+ free(cmd);
-+
-+ if (ret < 0)
-+ wpa_printf(MSG_ERROR, "\nFailed to reload hostapd AP interfaces\n");
-+}
-+
- void supplicant_event(void *ctx, enum wpa_event_type event,
- union wpa_event_data *data)
- {
-@@ -4461,6 +4515,10 @@ void supplicant_event(void *ctx, enum wp
- data->rx_from_unknown.wds);
- break;
- #endif /* CONFIG_AP */
-+ case EVENT_CH_SWITCH_STARTED:
-+ supplicant_ch_switch_started(wpa_s, data);
-+ break;
-+
- case EVENT_CH_SWITCH:
- if (!data || !wpa_s->current_ssid)
- break;
else
--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
-@@ -2997,6 +2997,7 @@ static int hostapd_ctrl_iface_receive_pr
+@@ -3020,6 +3020,7 @@ static int hostapd_ctrl_iface_receive_pr
reply_size);
} else if (os_strcmp(buf, "STATUS-DRIVER") == 0) {
reply_len = hostapd_drv_status(hapd, reply, reply_size);
} else if (os_strcmp(buf, "MIB") == 0) {
reply_len = ieee802_11_get_mib(hapd, reply, reply_size);
if (reply_len >= 0) {
-@@ -3038,6 +3039,7 @@ static int hostapd_ctrl_iface_receive_pr
+@@ -3061,6 +3062,7 @@ static int hostapd_ctrl_iface_receive_pr
} else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply,
reply_size);
reply_len = -1;
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
-@@ -935,6 +935,9 @@ ifdef CONFIG_FILS
+@@ -957,6 +957,9 @@ ifdef CONFIG_FILS
OBJS += ../src/ap/fils_hlp.o
endif
ifdef CONFIG_CTRL_IFACE
if (wpa_s->ap_iface) {
pos += ap_ctrl_iface_wpa_get_status(wpa_s, pos,
end - pos,
-@@ -9968,6 +9968,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -9962,6 +9962,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_len = -1;
} else if (os_strncmp(buf, "NOTE ", 5) == 0) {
wpa_printf(MSG_INFO, "NOTE: %s", buf + 5);
} else if (os_strcmp(buf, "MIB") == 0) {
reply_len = wpa_sm_get_mib(wpa_s->wpa, reply, reply_size);
if (reply_len >= 0) {
-@@ -9980,6 +9981,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -9974,6 +9975,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_size - reply_len);
#endif /* CONFIG_MACSEC */
}
} else if (os_strncmp(buf, "STATUS", 6) == 0) {
reply_len = wpa_supplicant_ctrl_iface_status(
wpa_s, buf + 6, reply, reply_size);
-@@ -10461,6 +10463,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -10458,6 +10460,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_len = wpa_supplicant_ctrl_iface_bss(
wpa_s, buf + 4, reply, reply_size);
#ifdef CONFIG_AP
} else if (os_strcmp(buf, "STA-FIRST") == 0) {
reply_len = ap_ctrl_iface_sta_first(wpa_s, reply, reply_size);
} else if (os_strncmp(buf, "STA ", 4) == 0) {
-@@ -10469,12 +10472,15 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -10466,12 +10469,15 @@ char * wpa_supplicant_ctrl_iface_process
} else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
reply_len = ap_ctrl_iface_sta_next(wpa_s, buf + 9, reply,
reply_size);
#ifdef CONFIG_P2P_MANAGER
static int p2p_manager_disconnect(struct hostapd_data *hapd, u16 stype,
-@@ -761,12 +763,12 @@ int hostapd_ctrl_iface_status(struct hos
+@@ -763,12 +765,12 @@ int hostapd_ctrl_iface_status(struct hos
return len;
len += ret;
}
if (os_snprintf_error(buflen - len, ret))
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
-@@ -2579,6 +2579,7 @@ static const char * bool_txt(Boolean val
+@@ -2706,6 +2706,7 @@ static const char * bool_txt(Boolean val
return val ? "TRUE" : "FALSE";
}
int ieee802_1x_get_mib(struct hostapd_data *hapd, char *buf, size_t buflen)
{
-@@ -2765,6 +2766,7 @@ int ieee802_1x_get_mib_sta(struct hostap
+@@ -2892,6 +2893,7 @@ int ieee802_1x_get_mib_sta(struct hostap
return len;
}
static void ieee802_1x_wnm_notif_send(void *eloop_ctx, void *timeout_ctx)
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
-@@ -4112,6 +4112,7 @@ static const char * wpa_bool_txt(int val
+@@ -4116,6 +4116,7 @@ static const char * wpa_bool_txt(int val
return val ? "TRUE" : "FALSE";
}
#define RSN_SUITE "%02x-%02x-%02x-%d"
#define RSN_SUITE_ARG(s) \
-@@ -4256,7 +4257,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
+@@ -4264,7 +4265,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
return len;
}
{
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
-@@ -2481,6 +2481,8 @@ static u32 wpa_key_mgmt_suite(struct wpa
+@@ -2502,6 +2502,8 @@ static u32 wpa_key_mgmt_suite(struct wpa
}
#define RSN_SUITE "%02x-%02x-%02x-%d"
#define RSN_SUITE_ARG(s) \
((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff
-@@ -2564,6 +2566,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch
+@@ -2585,6 +2587,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch
return (int) len;
}
--- a/wpa_supplicant/ap.c
+++ b/wpa_supplicant/ap.c
-@@ -1231,7 +1231,7 @@ int wpas_ap_wps_nfc_report_handover(stru
+@@ -1236,7 +1236,7 @@ int wpas_ap_wps_nfc_report_handover(stru
#endif /* CONFIG_WPS */
--- a/src/common/wpa_common.c
+++ b/src/common/wpa_common.c
-@@ -2079,6 +2079,31 @@ u32 wpa_akm_to_suite(int akm)
+@@ -2089,6 +2089,31 @@ u32 wpa_akm_to_suite(int akm)
}
int wpa_compare_rsn_ie(int ft_initial_assoc,
const u8 *ie1, size_t ie1len,
const u8 *ie2, size_t ie2len)
-@@ -2086,8 +2111,19 @@ int wpa_compare_rsn_ie(int ft_initial_as
+@@ -2096,8 +2121,19 @@ int wpa_compare_rsn_ie(int ft_initial_as
if (ie1 == NULL || ie2 == NULL)
return -1;
--- a/src/utils/wpa_debug.c
+++ b/src/utils/wpa_debug.c
-@@ -205,7 +205,7 @@ void wpa_debug_close_linux_tracing(void)
+@@ -206,7 +206,7 @@ void wpa_debug_close_linux_tracing(void)
*
* Note: New line '\n' is added to the end of the text when printing to stdout.
*/
{
va_list ap;
-@@ -252,8 +252,8 @@ void wpa_printf(int level, const char *f
+@@ -253,8 +253,8 @@ void wpa_printf(int level, const char *f
}
{
size_t i;
-@@ -379,20 +379,8 @@ static void _wpa_hexdump(int level, cons
+@@ -380,20 +380,8 @@ static void _wpa_hexdump(int level, cons
#endif /* CONFIG_ANDROID_LOG */
}
{
size_t i, llen;
const u8 *pos = buf;
-@@ -505,20 +493,6 @@ static void _wpa_hexdump_ascii(int level
+@@ -506,20 +494,6 @@ static void _wpa_hexdump_ascii(int level
}
#ifdef CONFIG_DEBUG_FILE
static char *last_path = NULL;
#endif /* CONFIG_DEBUG_FILE */
-@@ -634,7 +608,7 @@ void wpa_msg_register_ifname_cb(wpa_msg_
+@@ -635,7 +609,7 @@ void wpa_msg_register_ifname_cb(wpa_msg_
}
{
va_list ap;
char *buf;
-@@ -672,7 +646,7 @@ void wpa_msg(void *ctx, int level, const
+@@ -673,7 +647,7 @@ void wpa_msg(void *ctx, int level, const
}
#include "crypto/random.h"
#include "crypto/tls.h"
#include "common/version.h"
-@@ -685,7 +686,7 @@ int main(int argc, char *argv[])
+@@ -690,7 +691,7 @@ int main(int argc, char *argv[])
wpa_supplicant_event = hostapd_wpa_event;
wpa_supplicant_event_global = hostapd_wpa_event_global;
for (;;) {
if (c < 0)
break;
switch (c) {
-@@ -722,6 +723,8 @@ int main(int argc, char *argv[])
+@@ -727,6 +728,8 @@ int main(int argc, char *argv[])
break;
#endif /* CONFIG_DEBUG_LINUX_TRACING */
case 'v':
static int hostapd_cli_cmd_disassoc_imminent(struct wpa_ctrl *ctrl, int argc,
-@@ -1531,15 +1527,12 @@ static const struct hostapd_cli_cmd host
+@@ -1538,15 +1534,12 @@ static const struct hostapd_cli_cmd host
{ "disassociate", hostapd_cli_cmd_disassociate,
hostapd_complete_stations,
"<addr> = disassociate a station" },
{ "wps_pin", hostapd_cli_cmd_wps_pin, NULL,
"<uuid> <pin> [timeout] [addr] = add WPS Enrollee PIN" },
{ "wps_check_pin", hostapd_cli_cmd_wps_check_pin, NULL,
-@@ -1564,7 +1557,6 @@ static const struct hostapd_cli_cmd host
+@@ -1571,7 +1564,6 @@ static const struct hostapd_cli_cmd host
"<SSID> <auth> <encr> <key> = configure AP" },
{ "wps_get_status", hostapd_cli_cmd_wps_get_status, NULL,
"= show current WPS status" },
#include "common/defs.h"
#include "common/ieee802_11_defs.h"
#include "common/wpa_common.h"
-@@ -791,6 +792,9 @@ struct wpa_driver_associate_params {
+@@ -819,6 +820,9 @@ struct wpa_driver_associate_params {
* responsible for selecting with which BSS to associate. */
const u8 *bssid;
#define DEFAULT_EAP_WORKAROUND ((unsigned int) -1)
-@@ -788,6 +790,9 @@ struct wpa_ssid {
+@@ -790,6 +792,9 @@ struct wpa_ssid {
*/
void *parent_cred;
* macsec_policy - Determines the policy for MACsec secure session
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -3258,6 +3258,12 @@ static void wpas_start_assoc_cb(struct w
+@@ -3267,6 +3267,12 @@ static void wpas_start_assoc_cb(struct w
params.beacon_int = ssid->beacon_int;
else
params.beacon_int = wpa_s->conf->beacon_int;
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -5295,7 +5295,7 @@ static int wpa_driver_nl80211_ibss(struc
+@@ -5323,7 +5323,7 @@ static int wpa_driver_nl80211_ibss(struc
struct wpa_driver_associate_params *params)
{
struct nl_msg *msg;
int count = 0;
wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex);
-@@ -5322,6 +5322,37 @@ retry:
+@@ -5350,6 +5350,37 @@ retry:
nl80211_put_beacon_int(msg, params->beacon_int))
goto fail;
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -1443,6 +1443,7 @@ struct wpa_driver_mesh_join_params {
+@@ -1484,6 +1484,7 @@ struct wpa_driver_mesh_join_params {
#define WPA_DRIVER_MESH_FLAG_AMPE 0x00000008
unsigned int flags;
u8 handle_dfs;
/**
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -9532,6 +9532,18 @@ static int nl80211_put_mesh_id(struct nl
+@@ -9612,6 +9612,18 @@ static int nl80211_put_mesh_id(struct nl
}
static int nl80211_put_mesh_config(struct nl_msg *msg,
struct wpa_driver_mesh_bss_params *params)
{
-@@ -9593,6 +9605,7 @@ static int nl80211_join_mesh(struct i802
+@@ -9673,6 +9685,7 @@ static int nl80211_join_mesh(struct i802
nl80211_put_basic_rates(msg, params->basic_rates) ||
nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) ||
nl80211_put_beacon_int(msg, params->beacon_int) ||
--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
-@@ -491,6 +491,7 @@ int wpa_supplicant_join_mesh(struct wpa_
+@@ -494,6 +494,7 @@ int wpa_supplicant_join_mesh(struct wpa_
params->meshid = ssid->ssid;
params->meshid_len = ssid->ssid_len;
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -2212,11 +2212,13 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2217,11 +2217,13 @@ void ibss_mesh_setup_freq(struct wpa_sup
for (j = 0; j < wpa_s->last_scan_res_used; j++) {
struct wpa_bss *bss = wpa_s->last_scan_res[j];
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
-@@ -1302,14 +1302,14 @@ hostapd_multi.a: $(BCHECK) $(OBJS)
+@@ -1332,14 +1332,14 @@ hostapd_multi.a: $(BCHECK) $(OBJS)
@$(AR) cr $@ hostapd_multi.o $(OBJS)
hostapd: $(BCHECK) $(OBJS)
NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS)
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
-@@ -1905,23 +1905,23 @@ wpa_supplicant_multi.a: .config $(BCHECK
+@@ -1932,23 +1932,23 @@ wpa_supplicant_multi.a: .config $(BCHECK
@$(AR) cr $@ wpa_supplicant_multi.o $(OBJS)
wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
CFLAGS += -O0 -fprofile-arcs -ftest-coverage
--- a/src/ap/hostapd.h
+++ b/src/ap/hostapd.h
-@@ -13,6 +13,7 @@
+@@ -17,6 +17,7 @@
#include "utils/list.h"
#include "ap_config.h"
#include "drivers/driver.h"
#define OCE_STA_CFON_ENABLED(hapd) \
((hapd->conf->oce & OCE_STA_CFON) && \
-@@ -141,6 +142,7 @@ struct hostapd_data {
+@@ -145,6 +146,7 @@ struct hostapd_data {
struct hostapd_iface *iface;
struct hostapd_config *iconf;
struct hostapd_bss_config *conf;
unsigned int disabled:1;
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
-@@ -374,6 +374,7 @@ static void hostapd_free_hapd_data(struc
+@@ -380,6 +380,7 @@ static void hostapd_free_hapd_data(struc
hapd->beacon_set_done = 0;
wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface);
iapp_deinit(hapd->iapp);
hapd->iapp = NULL;
accounting_deinit(hapd);
-@@ -1314,6 +1315,8 @@ static int hostapd_setup_bss(struct host
+@@ -1377,6 +1378,8 @@ static int hostapd_setup_bss(struct host
if (hapd->driver && hapd->driver->set_operstate)
hapd->driver->set_operstate(hapd->drv_priv, 1);
return 0;
}
-@@ -1828,6 +1831,7 @@ static int hostapd_setup_interface_compl
+@@ -1891,6 +1894,7 @@ static int hostapd_setup_interface_compl
if (err)
goto fail;
wpa_printf(MSG_DEBUG, "Completing interface initialization");
if (iface->conf->channel) {
#ifdef NEED_AP_MLME
-@@ -2020,6 +2024,7 @@ dfs_offload:
+@@ -2087,6 +2091,7 @@ dfs_offload:
fail:
wpa_printf(MSG_ERROR, "Interface initialization failed");
hostapd_set_state(iface, HAPD_IFACE_DISABLED);
wpa_msg(hapd->msg_ctx, MSG_INFO, AP_EVENT_DISABLED);
#ifdef CONFIG_FST
-@@ -2489,6 +2494,7 @@ void hostapd_interface_deinit_free(struc
+@@ -2562,6 +2567,7 @@ void hostapd_interface_deinit_free(struc
(unsigned int) iface->conf->num_bss);
driver = iface->bss[0]->driver;
drv_priv = iface->bss[0]->drv_priv;
__func__, driver, drv_priv);
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
-@@ -2029,7 +2029,7 @@ static void handle_auth(struct hostapd_d
+@@ -2032,7 +2032,7 @@ static void handle_auth(struct hostapd_d
u16 auth_alg, auth_transaction, status_code;
u16 resp = WLAN_STATUS_SUCCESS;
struct sta_info *sta = NULL;
u16 fc;
const u8 *challenge = NULL;
u32 session_timeout, acct_interim_interval;
-@@ -2040,6 +2040,11 @@ static void handle_auth(struct hostapd_d
+@@ -2043,6 +2043,11 @@ static void handle_auth(struct hostapd_d
char *identity = NULL;
char *radius_cui = NULL;
u16 seq_ctrl;
if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) {
wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)",
-@@ -2201,6 +2206,13 @@ static void handle_auth(struct hostapd_d
+@@ -2204,6 +2209,13 @@ static void handle_auth(struct hostapd_d
resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
goto fail;
}
if (res == HOSTAPD_ACL_PENDING)
return;
-@@ -3699,7 +3711,7 @@ static void handle_assoc(struct hostapd_
+@@ -3862,7 +3874,7 @@ static void handle_assoc(struct hostapd_
u16 capab_info, listen_interval, seq_ctrl, fc;
u16 resp = WLAN_STATUS_SUCCESS, reply_res;
const u8 *pos;
struct sta_info *sta;
u8 *tmp = NULL;
struct hostapd_sta_wpa_psk_short *psk = NULL;
-@@ -3708,6 +3720,11 @@ static void handle_assoc(struct hostapd_
+@@ -3871,6 +3883,11 @@ static void handle_assoc(struct hostapd_
#ifdef CONFIG_FILS
int delay_assoc = 0;
#endif /* CONFIG_FILS */
if (len < IEEE80211_HDRLEN + (reassoc ? sizeof(mgmt->u.reassoc_req) :
sizeof(mgmt->u.assoc_req))) {
-@@ -3887,6 +3904,14 @@ static void handle_assoc(struct hostapd_
+@@ -4050,6 +4067,14 @@ static void handle_assoc(struct hostapd_
}
#endif /* CONFIG_MBO */
/*
* sta->capability is used in check_assoc_ies() for RRM enabled
* capability element.
-@@ -4114,6 +4139,7 @@ static void handle_disassoc(struct hosta
+@@ -4277,6 +4302,7 @@ static void handle_disassoc(struct hosta
wpa_printf(MSG_DEBUG, "disassocation: STA=" MACSTR " reason_code=%d",
MAC2STR(mgmt->sa),
le_to_host16(mgmt->u.disassoc.reason_code));
sta = ap_get_sta(hapd, mgmt->sa);
if (sta == NULL) {
-@@ -4179,6 +4205,8 @@ static void handle_deauth(struct hostapd
+@@ -4342,6 +4368,8 @@ static void handle_deauth(struct hostapd
" reason_code=%d",
MAC2STR(mgmt->sa), le_to_host16(mgmt->u.deauth.reason_code));
wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR " trying "
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
-@@ -744,6 +744,12 @@ void handle_probe_req(struct hostapd_dat
+@@ -746,6 +746,12 @@ void handle_probe_req(struct hostapd_dat
struct hostapd_sta_wpa_psk_short *psk = NULL;
char *identity = NULL;
char *radius_cui = NULL;
if (len < IEEE80211_HDRLEN)
return;
-@@ -921,6 +927,12 @@ void handle_probe_req(struct hostapd_dat
+@@ -923,6 +929,12 @@ void handle_probe_req(struct hostapd_dat
}
#endif /* CONFIG_P2P */
wpabuf_free(sta->p2p_ie);
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
-@@ -423,6 +423,7 @@ void ap_handle_timer(void *eloop_ctx, vo
+@@ -424,6 +424,7 @@ void ap_handle_timer(void *eloop_ctx, vo
HOSTAPD_LEVEL_INFO, "deauthenticated due to "
"local deauth request");
ap_free_sta(hapd, sta);
return;
}
-@@ -577,6 +578,7 @@ skip_poll:
+@@ -578,6 +579,7 @@ skip_poll:
hapd, sta,
WLAN_REASON_PREV_AUTH_NOT_VALID);
ap_free_sta(hapd, sta);
break;
}
}
-@@ -1273,6 +1275,7 @@ void ap_sta_set_authorized(struct hostap
+@@ -1284,6 +1286,7 @@ void ap_sta_set_authorized(struct hostap
buf, ip_addr, keyid_buf);
} else {
wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf);
hapd->msg_ctx_parent != hapd->msg_ctx)
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
-@@ -181,6 +181,7 @@ static void hostapd_wpa_auth_psk_failure
+@@ -185,6 +185,7 @@ static void hostapd_wpa_auth_psk_failure
struct hostapd_data *hapd = ctx;
wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_POSSIBLE_PSK_MISMATCH MACSTR,
MAC2STR(addr));
ifdef CONFIG_CODE_COVERAGE
CFLAGS += -O0 -fprofile-arcs -ftest-coverage
LIBS += -lgcov
-@@ -923,6 +929,9 @@ endif
+@@ -945,6 +951,9 @@ endif
ifdef CONFIG_IEEE80211AX
OBJS += ../src/ap/ieee802_11_he.o
endif
CFLAGS += -DCONFIG_WNM_AP
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -6288,6 +6288,8 @@ struct wpa_supplicant * wpa_supplicant_a
+@@ -6298,6 +6298,8 @@ struct wpa_supplicant * wpa_supplicant_a
}
#endif /* CONFIG_P2P */
return wpa_s;
}
-@@ -6314,6 +6316,8 @@ int wpa_supplicant_remove_iface(struct w
+@@ -6324,6 +6326,8 @@ int wpa_supplicant_remove_iface(struct w
struct wpa_supplicant *parent = wpa_s->parent;
#endif /* CONFIG_MESH */