include $(TOPDIR)/rules.mk
PKG_NAME:=hostapd
-PKG_RELEASE:=3
+PKG_RELEASE:=1
PKG_SOURCE_URL:=https://w1.fi/hostap.git
PKG_SOURCE_PROTO:=git
-PKG_SOURCE_DATE:=2024-09-15
-PKG_SOURCE_VERSION:=5ace39b0a4cdbe18ddbc4e18f80ee3876233c20b
-PKG_MIRROR_HASH:=43187d1ddd923970ef3821a0fe267880c2483f6f1a5acd0dd2d7906661ab1372
+PKG_SOURCE_DATE:=2025-02-09
+PKG_SOURCE_VERSION:=c8c7d56a3d3c4ca79bcbb6a87f372ce4bc2e9f11
+PKG_MIRROR_HASH:=fafdef456a545bd1de0cbd7b68b520e5be7e70ad1aab7ef051b1fc5ccaaa012a
PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
PKG_LICENSE:=BSD-3-Clause
CATEGORY:=Network
SUBMENU:=WirelessAPD
TITLE:=IEEE 802.1x Authenticator
- URL:=http://hostap.epitest.fi/
+ URL:=https://w1.fi/hostapd/
DEPENDS:=$(DRV_DEPENDS) +hostapd-common $(CORE_DEPENDS)
EXTRA_DEPENDS:=hostapd-common (=$(PKG_VERSION)-r$(PKG_RELEASE))
USERID:=network=101:network=101
DEPENDS:=$(DRV_DEPENDS) +hostapd-common $(CORE_DEPENDS)
EXTRA_DEPENDS:=hostapd-common (=$(PKG_VERSION)-r$(PKG_RELEASE))
USERID:=network=101:network=101
- URL:=http://hostap.epitest.fi/
+ URL:=https://w1.fi/
PROVIDES:=hostapd wpa-supplicant
CONFLICTS:=$(HOSTAPD_PROVIDERS) $(SUPPLICANT_PROVIDERS)
HOSTAPD_PROVIDERS+=$(1)
CATEGORY:=Network
SUBMENU:=WirelessAPD
TITLE:=WPA Supplicant
- URL:=http://hostap.epitest.fi/wpa_supplicant/
+ URL:=https://w1.fi/wpa_supplicant/
DEPENDS:=$(DRV_DEPENDS) +hostapd-common $(CORE_DEPENDS)
EXTRA_DEPENDS:=hostapd-common (=$(PKG_VERSION)-r$(PKG_RELEASE))
USERID:=network=101:network=101
CATEGORY:=Network
SUBMENU:=WirelessAPD
TITLE:=IEEE 802.1x Authenticator (utils)
- URL:=http://hostap.epitest.fi/
+ URL:=https://w1.fi/hostapd/
DEPENDS:=@$(subst $(space),||,$(foreach pkg,$(HOSTAPD_PROVIDERS),PACKAGE_$(pkg)))
VARIANT:=*
endef
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -2831,7 +2831,7 @@ static int drv_supports_vht(struct wpa_s
+@@ -2972,7 +2972,7 @@ static int drv_supports_vht(struct wpa_s
}
{
int i;
-@@ -2840,7 +2840,10 @@ static bool ibss_mesh_is_80mhz_avail(int
+@@ -2981,7 +2981,10 @@ static bool ibss_mesh_is_80mhz_avail(int
chan = hw_get_channel_chan(mode, i, NULL);
if (!chan ||
return false;
}
-@@ -2967,7 +2970,7 @@ static void ibss_mesh_select_40mhz(struc
+@@ -3108,7 +3111,7 @@ static void ibss_mesh_select_40mhz(struc
const struct wpa_ssid *ssid,
struct hostapd_hw_modes *mode,
struct hostapd_freq_params *freq,
int chan_idx;
struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
int i, res;
-@@ -2991,8 +2994,11 @@ static void ibss_mesh_select_40mhz(struc
+@@ -3132,8 +3135,11 @@ static void ibss_mesh_select_40mhz(struc
return;
/* Check primary channel flags */
#ifdef CONFIG_HT_OVERRIDES
if (ssid->disable_ht40)
-@@ -3018,8 +3024,11 @@ static void ibss_mesh_select_40mhz(struc
+@@ -3159,8 +3165,11 @@ static void ibss_mesh_select_40mhz(struc
return;
/* Check secondary channel flags */
if (ht40 == -1) {
if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
-@@ -3074,7 +3083,7 @@ static bool ibss_mesh_select_80_160mhz(s
+@@ -3236,7 +3245,7 @@ static bool ibss_mesh_select_80_160mhz(s
const struct wpa_ssid *ssid,
struct hostapd_hw_modes *mode,
struct hostapd_freq_params *freq,
static const int bw80[] = {
5180, 5260, 5500, 5580, 5660, 5745, 5825,
5955, 6035, 6115, 6195, 6275, 6355, 6435,
-@@ -3119,7 +3128,7 @@ static bool ibss_mesh_select_80_160mhz(s
+@@ -3286,7 +3295,7 @@ static bool ibss_mesh_select_80_160mhz(s
goto skip_80mhz;
/* Use 40 MHz if channel not usable */
goto skip_80mhz;
chwidth = CONF_OPER_CHWIDTH_80MHZ;
-@@ -3133,7 +3142,7 @@ static bool ibss_mesh_select_80_160mhz(s
+@@ -3300,7 +3309,7 @@ static bool ibss_mesh_select_80_160mhz(s
if ((mode->he_capab[ieee80211_mode].phy_cap[
HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] &
HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz &&
for (j = 0; j < ARRAY_SIZE(bw160); j++) {
if (freq->freq == bw160[j]) {
chwidth = CONF_OPER_CHWIDTH_160MHZ;
-@@ -3161,10 +3170,12 @@ static bool ibss_mesh_select_80_160mhz(s
+@@ -3317,9 +3326,9 @@ static bool ibss_mesh_select_80_160mhz(s
+ if ((mode->eht_capab[ieee80211_mode].phy_cap[
+ EHT_PHYCAP_320MHZ_IN_6GHZ_SUPPORT_IDX] &
+ EHT_PHYCAP_320MHZ_IN_6GHZ_SUPPORT_MASK) && is_6ghz &&
+- ibss_mesh_is_80mhz_avail(channel + 16, mode) &&
+- ibss_mesh_is_80mhz_avail(channel + 32, mode) &&
+- ibss_mesh_is_80mhz_avail(channel + 48, mode)) {
++ ibss_mesh_is_80mhz_avail(channel + 16, mode, dfs_enabled) &&
++ ibss_mesh_is_80mhz_avail(channel + 32, mode, dfs_enabled) &&
++ ibss_mesh_is_80mhz_avail(channel + 48, mode, dfs_enabled)) {
+ for (j = 0; j < ARRAY_SIZE(bw320); j += 2) {
+ if (freq->freq >= bw320[j] &&
+ freq->freq <= bw320[j + 1]) {
+@@ -3348,10 +3357,12 @@ static bool ibss_mesh_select_80_160mhz(s
if (!chan)
continue;
/* Found a suitable second segment for 80+80 */
chwidth = CONF_OPER_CHWIDTH_80P80MHZ;
-@@ -3219,6 +3230,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -3406,6 +3417,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
int obss_scan = 1;
u8 channel;
bool is_6ghz, is_24ghz;
freq->freq = ssid->frequency;
-@@ -3261,9 +3273,9 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -3448,9 +3460,9 @@ void ibss_mesh_setup_freq(struct wpa_sup
freq->channel = channel;
/* Setup higher BW only for 5 GHz */
if (mode->mode == HOSTAPD_MODE_IEEE80211A) {
chan_idx, num_available_chandefs);
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -11465,6 +11465,10 @@ static int nl80211_switch_channel(void *
+@@ -11656,6 +11656,10 @@ static int nl80211_switch_channel(void *
if (ret)
goto error;
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
-@@ -4784,6 +4784,13 @@ static int add_associated_sta(struct hos
+@@ -4894,6 +4894,13 @@ static int add_associated_sta(struct hos
* drivers to accept the STA parameter configuration. Since this is
* after a new FT-over-DS exchange, a new TK has been derived, so key
* reinstallation is not a concern for this case.
*/
wpa_printf(MSG_DEBUG, "Add associated STA " MACSTR
" (added_unassoc=%d auth_alg=%u ft_over_ds=%u reassoc=%d authorized=%d ft_tk=%d fils_tk=%d)",
-@@ -4797,7 +4804,8 @@ static int add_associated_sta(struct hos
+@@ -4907,7 +4914,8 @@ static int add_associated_sta(struct hos
(!(sta->flags & WLAN_STA_AUTHORIZED) ||
(reassoc && sta->ft_over_ds && sta->auth_alg == WLAN_AUTH_FT) ||
(!wpa_auth_sta_ft_tk_already_set(sta->wpa_sm) &&
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
-@@ -4055,6 +4055,8 @@ int hostapd_remove_iface(struct hapd_int
+@@ -4075,6 +4075,8 @@ int hostapd_remove_iface(struct hapd_int
void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta,
int reassoc)
{
if (hapd->tkip_countermeasures) {
hostapd_drv_sta_deauth(hapd, sta->addr,
WLAN_REASON_MICHAEL_MIC_FAILURE);
-@@ -4062,10 +4064,16 @@ void hostapd_new_assoc_sta(struct hostap
+@@ -4082,10 +4084,16 @@ void hostapd_new_assoc_sta(struct hostap
}
#ifdef CONFIG_IEEE80211BE
+ hostapd_prune_associations(hapd, sta->addr, mld_assoc_link_id);
ap_sta_clear_disconnect_timeouts(hapd, sta);
- sta->post_csa_sa_query = 0;
+ ap_sta_clear_assoc_timeout(hapd, sta);
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
-@@ -1485,9 +1485,6 @@ bool ap_sta_set_authorized_flag(struct h
+@@ -1552,9 +1552,6 @@ bool ap_sta_set_authorized_flag(struct h
mld_assoc_link_id = -2;
}
#endif /* CONFIG_IEEE80211BE */
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -2390,6 +2390,9 @@ struct wpa_driver_capa {
+@@ -2411,6 +2411,9 @@ struct wpa_driver_capa {
/** Maximum number of iterations in a single scan plan */
u32 max_sched_scan_plan_iterations;
--- a/src/drivers/driver_nl80211_capa.c
+++ b/src/drivers/driver_nl80211_capa.c
-@@ -976,6 +976,10 @@ static int wiphy_info_handler(struct nl_
+@@ -984,6 +984,10 @@ static int wiphy_info_handler(struct nl_
nla_get_u32(tb[NL80211_ATTR_MAX_SCAN_PLAN_ITERATIONS]);
}
+ if (params->extra_ies && drv->capa.max_scan_ie_len >= params->extra_ies_len) {
wpa_hexdump(MSG_MSGDUMP, "nl80211: Scan extra IEs",
params->extra_ies, params->extra_ies_len);
- if (nla_put(msg, NL80211_ATTR_IE, params->extra_ies_len,
+ if (params->extra_ies_len > drv->capa.max_probe_req_ie_len)
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
-@@ -485,7 +485,7 @@ void hostapd_free_hapd_data(struct hosta
+@@ -489,7 +489,7 @@ void hostapd_free_hapd_data(struct hosta
struct hapd_interfaces *ifaces = hapd->iface->interfaces;
size_t i;
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
-@@ -757,6 +757,40 @@ endif
+@@ -759,6 +759,40 @@ endif
CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\"
endif
ifeq ($(CONFIG_TLS), gnutls)
ifndef CONFIG_CRYPTO
# default to libgcrypt
-@@ -936,9 +970,11 @@ endif
+@@ -938,9 +972,11 @@ endif
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef NEED_AES_EAX
AESOBJS += ../src/crypto/aes-eax.o
NEED_AES_CTR=y
-@@ -948,38 +984,48 @@ AESOBJS += ../src/crypto/aes-siv.o
+@@ -950,38 +986,48 @@ AESOBJS += ../src/crypto/aes-siv.o
NEED_AES_CTR=y
endif
ifdef NEED_AES_CTR
ifdef NEED_AES_DEC
ifdef CONFIG_INTERNAL_AES
AESOBJS += ../src/crypto/aes-internal-dec.o
-@@ -994,12 +1040,16 @@ ifneq ($(CONFIG_TLS), openssl)
+@@ -996,12 +1042,16 @@ ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef CONFIG_INTERNAL_SHA1
SHA1OBJS += ../src/crypto/sha1-internal.o
ifdef NEED_FIPS186_2_PRF
-@@ -1008,16 +1058,22 @@ endif
+@@ -1010,16 +1060,22 @@ endif
endif
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef NEED_SHA1
OBJS += $(SHA1OBJS)
-@@ -1027,11 +1083,13 @@ ifneq ($(CONFIG_TLS), openssl)
+@@ -1029,11 +1085,13 @@ ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef NEED_MD5
ifdef CONFIG_INTERNAL_MD5
-@@ -1070,56 +1128,81 @@ ifneq ($(CONFIG_TLS), openssl)
+@@ -1083,56 +1141,81 @@ ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef CONFIG_INTERNAL_SHA384
CFLAGS += -DCONFIG_INTERNAL_SHA384
-@@ -1164,11 +1247,13 @@ HOBJS += $(SHA1OBJS)
+@@ -1177,11 +1260,13 @@ HOBJS += $(SHA1OBJS)
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef CONFIG_RADIUS_SERVER
CFLAGS += -DRADIUS_SERVER
-@@ -1342,7 +1427,9 @@ NOBJS += ../src/utils/trace.o
+@@ -1355,7 +1440,9 @@ NOBJS += ../src/utils/trace.o
endif
HOBJS += hlr_auc_gw.o ../src/utils/common.o ../src/utils/wpa_debug.o ../src/utils/os_$(CONFIG_OS).o ../src/utils/wpabuf.o ../src/crypto/milenage.o
ifdef CONFIG_INTERNAL_AES
HOBJS += ../src/crypto/aes-internal.o
HOBJS += ../src/crypto/aes-internal-enc.o
-@@ -1365,13 +1452,17 @@ SOBJS += ../src/common/sae.o
+@@ -1378,18 +1465,24 @@ SOBJS += ../src/common/sae.o
SOBJS += ../src/common/sae_pk.o
SOBJS += ../src/common/dragonfly.o
SOBJS += $(AESOBJS)
+ifneq ($(CONFIG_TLS), mbedtls)
+ SOBJS += ../src/crypto/sha384.o
+ SOBJS += ../src/crypto/sha512.o
SOBJS += ../src/crypto/sha256-prf.o
SOBJS += ../src/crypto/sha384-prf.o
SOBJS += ../src/crypto/sha512-prf.o
SOBJS += ../src/crypto/sha384-kdf.o
SOBJS += ../src/crypto/sha512-kdf.o
+endif
+ SOBJS += ../src/common/wpa_common.o
+ SOBJS += ../src/crypto/random.o
++ifneq ($(CONFIG_TLS), mbedtls)
+ SOBJS += ../src/crypto/sha1-prf.o
++endif
+ SOBJS += ../src/utils/eloop.o
_OBJS_VAR := NOBJS
- include ../src/objs.mk
--- a/hostapd/defconfig
+++ b/hostapd/defconfig
@@ -6,9 +6,21 @@
CONFIG_SIM_SIMULATOR=y
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
-@@ -1230,6 +1230,29 @@ endif
+@@ -1232,6 +1232,29 @@ endif
CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\"
endif
ifeq ($(CONFIG_TLS), gnutls)
ifndef CONFIG_CRYPTO
# default to libgcrypt
-@@ -1422,9 +1445,11 @@ endif
+@@ -1424,9 +1447,11 @@ endif
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef CONFIG_OPENSSL_INTERNAL_AES_WRAP
# Seems to be needed at least with BoringSSL
NEED_INTERNAL_AES_WRAP=y
-@@ -1438,9 +1463,11 @@ endif
+@@ -1440,9 +1465,11 @@ endif
ifdef NEED_INTERNAL_AES_WRAP
ifneq ($(CONFIG_TLS), linux)
ifdef NEED_AES_EAX
AESOBJS += ../src/crypto/aes-eax.o
NEED_AES_CTR=y
-@@ -1450,35 +1477,45 @@ AESOBJS += ../src/crypto/aes-siv.o
+@@ -1452,35 +1479,45 @@ AESOBJS += ../src/crypto/aes-siv.o
NEED_AES_CTR=y
endif
ifdef NEED_AES_CTR
ifdef NEED_AES_ENC
ifdef CONFIG_INTERNAL_AES
AESOBJS += ../src/crypto/aes-internal-enc.o
-@@ -1493,12 +1530,16 @@ ifneq ($(CONFIG_TLS), openssl)
+@@ -1495,12 +1532,16 @@ ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef CONFIG_INTERNAL_SHA1
SHA1OBJS += ../src/crypto/sha1-internal.o
ifdef NEED_FIPS186_2_PRF
-@@ -1510,29 +1551,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2
+@@ -1512,29 +1553,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2
else
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef NEED_MD5
ifdef CONFIG_INTERNAL_MD5
MD5OBJS += ../src/crypto/md5-internal.o
-@@ -1587,12 +1636,17 @@ ifneq ($(CONFIG_TLS), openssl)
+@@ -1589,12 +1638,17 @@ ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef CONFIG_INTERNAL_SHA256
SHA256OBJS += ../src/crypto/sha256-internal.o
endif
-@@ -1605,50 +1659,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512
+@@ -1607,50 +1661,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512
SHA256OBJS += ../src/crypto/sha512-internal.o
endif
ifdef NEED_TLS_PRF_SHA256
ifdef NEED_ASN1
OBJS += ../src/tls/asn1.o
-@@ -1823,10 +1895,12 @@ ifdef CONFIG_FIPS
+@@ -1825,10 +1897,12 @@ ifdef CONFIG_FIPS
CFLAGS += -DCONFIG_FIPS
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
-@@ -771,10 +771,6 @@ endif
+@@ -773,10 +773,6 @@ endif
OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
HOBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
SOBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
-@@ -1241,10 +1241,6 @@ endif
+@@ -1243,10 +1243,6 @@ endif
OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
OBJS_p += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
OBJS_priv += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
-@@ -708,6 +708,7 @@ CFLAGS += -DCONFIG_TLSV12
+@@ -709,6 +709,7 @@ CFLAGS += -DCONFIG_TLSV12
endif
ifeq ($(CONFIG_TLS), wolfssl)
+CFLAGS += -DCONFIG_TLS_WOLFSSL
+ CFLAGS += -DCRYPTO_RSA_OAEP_SHA256
CONFIG_CRYPTO=wolfssl
ifdef TLS_FUNCS
- OBJS += ../src/crypto/tls_wolfssl.o
-@@ -728,6 +729,7 @@ endif
+@@ -730,6 +731,7 @@ endif
endif
ifeq ($(CONFIG_TLS), openssl)
CFLAGS += -DCRYPTO_RSA_OAEP_SHA256
CONFIG_CRYPTO=openssl
ifdef TLS_FUNCS
-@@ -758,6 +760,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF
+@@ -760,6 +762,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF
endif
ifeq ($(CONFIG_TLS), mbedtls)
ifndef CONFIG_CRYPTO
CONFIG_CRYPTO=mbedtls
endif
-@@ -788,6 +791,7 @@ endif
+@@ -790,6 +793,7 @@ endif
endif
ifeq ($(CONFIG_TLS), gnutls)
ifndef CONFIG_CRYPTO
# default to libgcrypt
CONFIG_CRYPTO=gnutls
-@@ -818,6 +822,7 @@ endif
+@@ -820,6 +824,7 @@ endif
endif
ifeq ($(CONFIG_TLS), internal)
ifndef CONFIG_CRYPTO
CONFIG_CRYPTO=internal
endif
-@@ -896,6 +901,7 @@ endif
+@@ -898,6 +903,7 @@ endif
endif
ifeq ($(CONFIG_TLS), linux)
tls = dev.request("GET tls_library")
+ if tls.startswith("mbed TLS"):
+ raise HwsimSkip("TLS v1.3 not supported")
- ok = ['run=OpenSSL 1.1.1', 'run=OpenSSL 3.0', 'run=OpenSSL 3.1',
- 'run=OpenSSL 3.2', 'run=OpenSSL 3.3', 'wolfSSL']
+ ok = ['run=OpenSSL 1.1.1', 'run=OpenSSL 3.', 'wolfSSL']
for s in ok:
-@@ -122,11 +161,15 @@ def check_pkcs12_support(dev):
+ if s in tls:
+@@ -121,11 +160,15 @@ def check_pkcs12_support(dev):
# raise HwsimSkip("PKCS#12 not supported with this TLS library: " + tls)
if tls.startswith("wolfSSL"):
raise HwsimSkip("PKCS#12 not supported with this TLS library: " + tls)
def check_ec_support(dev):
tls = dev.request("GET tls_library")
-@@ -1741,7 +1784,7 @@ def test_ap_wpa2_eap_ttls_pap_subject_ma
+@@ -1740,7 +1783,7 @@ def test_ap_wpa2_eap_ttls_pap_subject_ma
eap_connect(dev[0], hapd, "TTLS", "pap user",
anonymous_identity="ttls", password="password",
ca_cert="auth_serv/ca.pem", phase2="auth=PAP",
altsubject_match="EMAIL:noone@example.com;DNS:server.w1.fi;URI:http://example.com/")
eap_reauth(dev[0], "TTLS")
-@@ -2976,6 +3019,7 @@ def test_ap_wpa2_eap_tls_neg_domain_matc
+@@ -2975,6 +3018,7 @@ def test_ap_wpa2_eap_tls_neg_domain_matc
def test_ap_wpa2_eap_tls_neg_subject_match(dev, apdev):
"""WPA2-Enterprise negative test - subject mismatch"""
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
hostapd.add_ap(apdev[0], params)
dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS",
-@@ -3036,6 +3080,7 @@ def test_ap_wpa2_eap_tls_neg_subject_mat
+@@ -3035,6 +3079,7 @@ def test_ap_wpa2_eap_tls_neg_subject_mat
def test_ap_wpa2_eap_tls_neg_altsubject_match(dev, apdev):
"""WPA2-Enterprise negative test - altsubject mismatch"""
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
hostapd.add_ap(apdev[0], params)
-@@ -3582,7 +3627,7 @@ def test_ap_wpa2_eap_ikev2_oom(dev, apde
+@@ -3581,7 +3626,7 @@ def test_ap_wpa2_eap_ikev2_oom(dev, apde
dev[0].request("REMOVE_NETWORK all")
tls = dev[0].request("GET tls_library")
tests = [(1, "os_get_random;dh_init")]
else:
tests = [(1, "crypto_dh_init;dh_init")]
-@@ -4896,7 +4941,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
+@@ -4901,7 +4946,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
params["private_key"] = "auth_serv/iCA-server/server.key"
hostapd.add_ap(apdev[0], params)
tls = dev[0].request("GET tls_library")
ca_cert = "auth_serv/iCA-user/ca-and-root.pem"
client_cert = "auth_serv/iCA-user/user_and_ica.pem"
else:
-@@ -4962,6 +5007,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
+@@ -4967,6 +5012,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
run_ap_wpa2_eap_tls_intermediate_ca_ocsp(dev, apdev, params, "-sha1")
def run_ap_wpa2_eap_tls_intermediate_ca_ocsp(dev, apdev, params, md):
params = int_eap_server_params()
params["ca_cert"] = "auth_serv/iCA-server/ca-and-root.pem"
params["server_cert"] = "auth_serv/iCA-server/server.pem"
-@@ -4971,7 +5017,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_
+@@ -4976,7 +5022,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_
try:
hostapd.add_ap(apdev[0], params)
tls = dev[0].request("GET tls_library")
ca_cert = "auth_serv/iCA-user/ca-and-root.pem"
client_cert = "auth_serv/iCA-user/user_and_ica.pem"
else:
-@@ -5007,7 +5053,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_
+@@ -5012,7 +5058,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_
try:
hostapd.add_ap(apdev[0], params)
tls = dev[0].request("GET tls_library")
ca_cert = "auth_serv/iCA-user/ca-and-root.pem"
client_cert = "auth_serv/iCA-user/user_and_ica.pem"
else:
-@@ -5057,7 +5103,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
+@@ -5062,7 +5108,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
try:
hostapd.add_ap(apdev[0], params)
tls = dev[0].request("GET tls_library")
ca_cert = "auth_serv/iCA-user/ca-and-root.pem"
client_cert = "auth_serv/iCA-user/user_and_ica.pem"
else:
-@@ -5124,7 +5170,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
+@@ -5129,7 +5175,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
hostapd.add_ap(apdev[0], params)
tls = dev[0].request("GET tls_library")
ca_cert = "auth_serv/iCA-user/ca-and-root.pem"
client_cert = "auth_serv/iCA-user/user_and_ica.pem"
else:
-@@ -5382,6 +5428,7 @@ def test_ap_wpa2_eap_ttls_server_cert_ek
+@@ -5387,6 +5433,7 @@ def test_ap_wpa2_eap_ttls_server_cert_ek
def test_ap_wpa2_eap_ttls_server_pkcs12(dev, apdev):
"""WPA2-Enterprise using EAP-TTLS and server PKCS#12 file"""
skip_with_fips(dev[0])
params = int_eap_server_params()
del params["server_cert"]
-@@ -5394,6 +5441,7 @@ def test_ap_wpa2_eap_ttls_server_pkcs12(
+@@ -5399,6 +5446,7 @@ def test_ap_wpa2_eap_ttls_server_pkcs12(
def test_ap_wpa2_eap_ttls_server_pkcs12_extra(dev, apdev):
"""EAP-TTLS and server PKCS#12 file with extra certs"""
skip_with_fips(dev[0])
params = int_eap_server_params()
del params["server_cert"]
-@@ -5416,6 +5464,7 @@ def test_ap_wpa2_eap_ttls_dh_params_serv
+@@ -5421,6 +5469,7 @@ def test_ap_wpa2_eap_ttls_dh_params_serv
def test_ap_wpa2_eap_ttls_dh_params_dsa_server(dev, apdev):
"""WPA2-Enterprise using EAP-TTLS and alternative server dhparams (DSA)"""
params = int_eap_server_params()
params["dh_file"] = "auth_serv/dsaparam.pem"
hapd = hostapd.add_ap(apdev[0], params)
-@@ -5727,8 +5776,8 @@ def test_ap_wpa2_eap_non_ascii_identity2
+@@ -5732,8 +5781,8 @@ def test_ap_wpa2_eap_non_ascii_identity2
def test_openssl_cipher_suite_config_wpas(dev, apdev):
"""OpenSSL cipher suite configuration on wpa_supplicant"""
tls = dev[0].request("GET tls_library")
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
hapd = hostapd.add_ap(apdev[0], params)
eap_connect(dev[0], hapd, "TTLS", "pap user",
-@@ -5754,14 +5803,14 @@ def test_openssl_cipher_suite_config_wpa
+@@ -5759,14 +5808,14 @@ def test_openssl_cipher_suite_config_wpa
def test_openssl_cipher_suite_config_hapd(dev, apdev):
"""OpenSSL cipher suite configuration on hostapd"""
tls = dev[0].request("GET tls_library")
eap_connect(dev[0], hapd, "TTLS", "pap user",
anonymous_identity="ttls", password="password",
ca_cert="auth_serv/ca.pem", phase2="auth=PAP")
-@@ -6207,13 +6256,17 @@ def test_ap_wpa2_eap_tls_versions(dev, a
- check_tls_ver(dev[0], hapd,
- "tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=1",
- "TLSv1.2")
+@@ -6209,13 +6258,17 @@ def test_ap_wpa2_eap_tls_versions(dev, a
+ if tls.startswith("wolfSSL"):
+ check_tls_ver(dev[0], hapd,
+ "tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=1", "TLSv1.2")
- elif tls.startswith("internal"):
+ elif tls.startswith("internal") or tls.startswith("mbed TLS"):
check_tls_ver(dev[0], hapd,
+ "tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=0 tls_disable_tlsv1_2=1", "TLSv1.1")
+ check_tls_ver(dev[2], hapd,
+ "tls_disable_tlsv1_0=0 tls_disable_tlsv1_1=1 tls_disable_tlsv1_2=1", "TLSv1")
- if "run=OpenSSL 1.1.1" in tls or "run=OpenSSL 3." in tls:
+ if "run=OpenSSL 1.1.1" in tls or "run=OpenSSL 3." in tls or \
+ tls.startswith("wolfSSL"):
check_tls_ver(dev[0], hapd,
- "tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=1 tls_disable_tlsv1_2=1 tls_disable_tlsv1_3=0", "TLSv1.3")
-@@ -6235,6 +6288,11 @@ def test_ap_wpa2_eap_tls_versions_server
+@@ -6238,6 +6291,11 @@ def test_ap_wpa2_eap_tls_versions_server
tests = [("TLSv1", "[ENABLE-TLSv1.0][DISABLE-TLSv1.1][DISABLE-TLSv1.2][DISABLE-TLSv1.3]"),
("TLSv1.1", "[ENABLE-TLSv1.0][ENABLE-TLSv1.1][DISABLE-TLSv1.2][DISABLE-TLSv1.3]"),
("TLSv1.2", "[ENABLE-TLSv1.0][ENABLE-TLSv1.1][ENABLE-TLSv1.2][DISABLE-TLSv1.3]")]
for exp, flags in tests:
hapd.disable()
hapd.set("tls_flags", flags)
-@@ -7305,6 +7363,7 @@ def test_ap_wpa2_eap_assoc_rsn(dev, apde
+@@ -7318,6 +7376,7 @@ def test_ap_wpa2_eap_assoc_rsn(dev, apde
def test_eap_tls_ext_cert_check(dev, apdev):
"""EAP-TLS and external server certification validation"""
# With internal server certificate chain validation
id = dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TLS",
identity="tls user",
ca_cert="auth_serv/ca.pem",
-@@ -7317,6 +7376,7 @@ def test_eap_tls_ext_cert_check(dev, apd
+@@ -7330,6 +7389,7 @@ def test_eap_tls_ext_cert_check(dev, apd
def test_eap_ttls_ext_cert_check(dev, apdev):
"""EAP-TTLS and external server certification validation"""
# Without internal server certificate chain validation
id = dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS",
identity="pap user", anonymous_identity="ttls",
password="password", phase2="auth=PAP",
-@@ -7327,6 +7387,7 @@ def test_eap_ttls_ext_cert_check(dev, ap
+@@ -7340,6 +7400,7 @@ def test_eap_ttls_ext_cert_check(dev, ap
def test_eap_peap_ext_cert_check(dev, apdev):
"""EAP-PEAP and external server certification validation"""
# With internal server certificate chain validation
id = dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="PEAP",
identity="user", anonymous_identity="peap",
ca_cert="auth_serv/ca.pem",
-@@ -7337,6 +7398,7 @@ def test_eap_peap_ext_cert_check(dev, ap
+@@ -7350,6 +7411,7 @@ def test_eap_peap_ext_cert_check(dev, ap
def test_eap_fast_ext_cert_check(dev, apdev):
"""EAP-FAST and external server certification validation"""
check_eap_capa(dev[0], "FAST")
# With internal server certificate chain validation
dev[0].request("SET blob fast_pac_auth_ext ")
-@@ -7351,10 +7413,6 @@ def test_eap_fast_ext_cert_check(dev, ap
+@@ -7364,10 +7426,6 @@ def test_eap_fast_ext_cert_check(dev, ap
run_ext_cert_check(dev, apdev, id)
def run_ext_cert_check(dev, apdev, net_id):
--- a/tests/hwsim/test_ap_ft.py
+++ b/tests/hwsim/test_ap_ft.py
-@@ -2494,11 +2494,11 @@ def test_ap_ft_ap_oom5(dev, apdev):
+@@ -2543,11 +2543,11 @@ def test_ap_ft_ap_oom5(dev, apdev):
# This will fail to roam
dev[0].roam(bssid1, check_bssid=False)
phase2="auth=MSCHAPV2")
- erp_test(dev[0], hapd, eap="TEAP", identity="erp-teap@example.com",
- password="password", ca_cert="auth_serv/ca.pem",
-- phase2="auth=MSCHAPV2", pac_file="blob://teap_pac")
+- phase2="auth=MSCHAPV2")
+ if check_eap_capa(dev[0], "TEAP"):
+ erp_test(dev[0], hapd, eap="TEAP", identity="erp-teap@example.com",
+ password="password", ca_cert="auth_serv/ca.pem",
-+ phase2="auth=MSCHAPV2", pac_file="blob://teap_pac")
++ phase2="auth=MSCHAPV2")
erp_test(dev[0], hapd, eap="PSK", identity="erp-psk@example.com",
password_hex="0123456789abcdef0123456789abcdef")
if "PWD" in eap_methods:
dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS",
--- a/tests/hwsim/test_fils.py
+++ b/tests/hwsim/test_fils.py
-@@ -1477,6 +1477,10 @@ def check_ec_group(dev, group):
+@@ -1493,6 +1493,10 @@ def check_ec_group(dev, group):
tls = dev.request("GET tls_library")
if tls.startswith("wolfSSL"):
return
heavy_groups = [14, 15, 16]
suitable_groups = [15, 16, 17, 18, 19, 20, 21]
groups = [str(g) for g in sae_groups]
-@@ -2232,6 +2237,8 @@ def run_sae_pwe_group(dev, apdev, group)
+@@ -2248,6 +2253,8 @@ def run_sae_pwe_group(dev, apdev, group)
logger.info("Add Brainpool EC groups since OpenSSL is new enough")
elif tls.startswith("wolfSSL"):
logger.info("Make sure Brainpool EC groups were enabled when compiling wolfSSL")
res = dev[0].request(cmd)
--- a/tests/hwsim/utils.py
+++ b/tests/hwsim/utils.py
-@@ -145,7 +145,13 @@ def check_imsi_privacy_support(dev):
-
- def check_tls_tod(dev):
+@@ -151,7 +151,8 @@ def check_tls_tod(dev):
tls = dev.request("GET tls_library")
-- if not tls.startswith("OpenSSL") and not tls.startswith("internal"):
-+ if tls.startswith("OpenSSL"):
-+ return
-+ elif tls.startswith("internal"):
-+ return
-+ elif tls.startswith("mbed TLS"):
-+ return
-+ else:
+ if not tls.startswith("OpenSSL") and \
+ not tls.startswith("wolfSSL") and \
+- not tls.startswith("internal"):
++ not tls.startswith("internal") and \
++ not tls.startswith("mbed TLS"):
raise HwsimSkip("TLS TOD-TOFU/STRICT not supported with this TLS library: " + tls)
def vht_supported():
if (need_more_data) {
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
-@@ -1189,6 +1189,7 @@ TLS_FUNCS=y
+@@ -1190,6 +1190,7 @@ TLS_FUNCS=y
endif
ifeq ($(CONFIG_TLS), wolfssl)
+CFLAGS += -DCONFIG_TLS_WOLFSSL
+ CFLAGS += -DCRYPTO_RSA_OAEP_SHA256
ifdef TLS_FUNCS
CFLAGS += -DWOLFSSL_DER_LOAD
- OBJS += ../src/crypto/tls_wolfssl.o
-@@ -1204,6 +1205,7 @@ LIBS_p += -lwolfssl -lm
+@@ -1206,6 +1207,7 @@ LIBS_p += -lwolfssl -lm
endif
ifeq ($(CONFIG_TLS), openssl)
CFLAGS += -DCRYPTO_RSA_OAEP_SHA256
ifdef TLS_FUNCS
CFLAGS += -DEAP_TLS_OPENSSL
-@@ -1231,6 +1233,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF
+@@ -1233,6 +1235,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF
endif
ifeq ($(CONFIG_TLS), mbedtls)
ifndef CONFIG_CRYPTO
CONFIG_CRYPTO=mbedtls
endif
-@@ -1250,6 +1253,7 @@ endif
+@@ -1252,6 +1255,7 @@ endif
endif
ifeq ($(CONFIG_TLS), gnutls)
ifndef CONFIG_CRYPTO
# default to libgcrypt
CONFIG_CRYPTO=gnutls
-@@ -1280,6 +1284,7 @@ endif
+@@ -1282,6 +1286,7 @@ endif
endif
ifeq ($(CONFIG_TLS), internal)
ifndef CONFIG_CRYPTO
CONFIG_CRYPTO=internal
endif
-@@ -1360,6 +1365,7 @@ endif
+@@ -1362,6 +1367,7 @@ endif
endif
ifeq ($(CONFIG_TLS), linux)
wpa_printf(MSG_DEBUG, "DPP: Generating a keypair");
--- a/src/common/sae.c
+++ b/src/common/sae.c
-@@ -1279,6 +1279,13 @@ void sae_deinit_pt(struct sae_pt *pt)
+@@ -1284,6 +1284,13 @@ void sae_deinit_pt(struct sae_pt *pt)
static int sae_derive_commit_element_ecc(struct sae_data *sae,
struct crypto_bignum *mask)
{
* Convert 80+80 MHz channel width to new style as interop
--- a/src/common/hw_features_common.c
+++ b/src/common/hw_features_common.c
-@@ -898,6 +898,7 @@ int ieee80211ac_cap_check(u32 hw, u32 co
+@@ -923,6 +923,7 @@ int ieee80211ac_cap_check(u32 hw, u32 co
VHT_CAP_CHECK(VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB);
VHT_CAP_CHECK(VHT_CAP_RX_ANTENNA_PATTERN);
VHT_CAP_CHECK(VHT_CAP_TX_ANTENNA_PATTERN);
#undef VHT_CAP_CHECK_MAX
--- a/src/common/ieee802_11_defs.h
+++ b/src/common/ieee802_11_defs.h
-@@ -1401,6 +1401,8 @@ struct ieee80211_ampe_ie {
+@@ -1420,6 +1420,8 @@ struct ieee80211_ampe_ie {
#define VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB ((u32) BIT(26) | BIT(27))
#define VHT_CAP_RX_ANTENNA_PATTERN ((u32) BIT(28))
#define VHT_CAP_TX_ANTENNA_PATTERN ((u32) BIT(29))
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
-@@ -2420,7 +2420,11 @@ static int hostapd_owe_iface_iter(struct
+@@ -2441,7 +2441,11 @@ static int hostapd_owe_iface_iter(struct
if (!bss->conf->ssid.ssid_set || !bss->conf->ssid.ssid_len ||
is_zero_ether_addr(bss->own_addr))
continue;
os_memcpy(hapd->conf->owe_transition_bssid, bss->own_addr,
ETH_ALEN);
os_memcpy(hapd->conf->owe_transition_ssid,
-@@ -2437,10 +2441,6 @@ static int hostapd_owe_iface_iter(struct
+@@ -2458,10 +2462,6 @@ static int hostapd_owe_iface_iter(struct
int hostapd_owe_trans_get_info(struct hostapd_data *hapd)
{
OBJS += ../src/ap/vlan_init.o
OBJS += ../src/ap/vlan_ifconfig.o
OBJS += ../src/ap/vlan.o
-@@ -359,10 +361,14 @@ CFLAGS += -DCONFIG_MBO
+@@ -360,10 +362,14 @@ CFLAGS += -DCONFIG_MBO
OBJS += ../src/ap/mbo_ap.o
endif
LIBS += $(DRV_AP_LIBS)
ifdef CONFIG_L2_PACKET
-@@ -1393,6 +1399,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR)
+@@ -1406,6 +1412,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR)
_OBJS_VAR := OBJS
include ../src/objs.mk
hostapd: $(OBJS)
$(Q)$(CC) $(LDFLAGS) -o hostapd $(OBJS) $(LIBS)
@$(E) " LD " $@
-@@ -1473,6 +1485,12 @@ include ../src/objs.mk
+@@ -1494,6 +1506,12 @@ include ../src/objs.mk
_OBJS_VAR := SOBJS
include ../src/objs.mk
@$(E) " LD " $@
--- a/hostapd/main.c
+++ b/hostapd/main.c
-@@ -696,6 +696,11 @@ fail:
+@@ -737,6 +737,11 @@ fail:
return -1;
}
#ifdef CONFIG_WPS
static int gen_uuid(const char *txt_addr)
-@@ -817,6 +822,8 @@ int main(int argc, char *argv[])
+@@ -858,6 +863,8 @@ int main(int argc, char *argv[])
return -1;
#endif /* CONFIG_DPP */
if (c < 0)
--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
-@@ -2520,8 +2520,8 @@ static void hostapd_mld_iface_disable(st
+@@ -2537,8 +2537,8 @@ static void hostapd_mld_iface_disable(st
#endif /* CONFIG_IEEE80211BE */
{
struct hostapd_data *hapd = ctx;
struct sta_info *sta;
-@@ -2879,7 +2879,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -2896,7 +2896,7 @@ void wpa_supplicant_event(void *ctx, enu
}
struct hapd_interfaces *interfaces = ctx;
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -6974,8 +6974,8 @@ union wpa_event_data {
+@@ -7072,8 +7072,8 @@ union wpa_event_data {
* Driver wrapper code should call this function whenever an event is received
* from the driver.
*/
/**
* wpa_supplicant_event_global - Report a driver event for wpa_supplicant
-@@ -6987,7 +6987,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -7085,7 +7085,7 @@ void wpa_supplicant_event(void *ctx, enu
* Same as wpa_supplicant_event(), but we search for the interface in
* wpa_global.
*/
include ../src/build.rules
ifdef CONFIG_BUILD_PASN_SO
-@@ -389,7 +390,9 @@ endif
+@@ -390,7 +391,9 @@ endif
ifdef CONFIG_IBSS_RSN
NEED_RSN_AUTHENTICATOR=y
CFLAGS += -DCONFIG_IBSS_RSN
OBJS += ibss_rsn.o
endif
-@@ -981,6 +984,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS
+@@ -982,6 +985,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS
CFLAGS += -DCONFIG_DYNAMIC_EAP_METHODS
LIBS += -ldl -rdynamic
endif
endif
ifdef CONFIG_AP
-@@ -988,9 +995,11 @@ NEED_EAP_COMMON=y
+@@ -989,9 +996,11 @@ NEED_EAP_COMMON=y
NEED_RSN_AUTHENTICATOR=y
CFLAGS += -DCONFIG_AP
OBJS += ap.o
OBJS += ../src/ap/hostapd.o
OBJS += ../src/ap/wpa_auth_glue.o
OBJS += ../src/ap/utils.o
-@@ -1081,6 +1090,12 @@ endif
+@@ -1082,6 +1091,12 @@ endif
ifdef CONFIG_HS20
OBJS += ../src/ap/hs20.o
endif
endif
ifdef CONFIG_MBO
-@@ -1090,7 +1105,9 @@ NEED_GAS=y
+@@ -1091,7 +1106,9 @@ NEED_GAS=y
endif
ifdef NEED_RSN_AUTHENTICATOR
NEED_AES_WRAP=y
OBJS += ../src/ap/wpa_auth.o
OBJS += ../src/ap/wpa_auth_ie.o
-@@ -2080,6 +2097,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
+@@ -2082,6 +2099,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
_OBJS_VAR := OBJS
include ../src/objs.mk
wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
$(Q)$(LDO) $(LDFLAGS) -o wpa_supplicant $(OBJS) $(LIBS) $(EXTRALIBS)
@$(E) " LD " $@
-@@ -2212,6 +2235,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK)
+@@ -2214,6 +2237,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK)
$(Q)sed -e 's|\@BINDIR\@|$(BINDIR)|g' $< >$@
@$(E) " sed" $<
os_memset(&eapol_test, 0, sizeof(eapol_test));
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
-@@ -6131,8 +6131,8 @@ static int wpas_pasn_auth(struct wpa_sup
+@@ -6170,8 +6170,8 @@ static int wpas_pasn_auth(struct wpa_sup
#endif /* CONFIG_PASN */
{
struct wpa_supplicant *wpa_s = ctx;
int resched;
-@@ -7084,7 +7084,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -7134,7 +7134,7 @@ void wpa_supplicant_event(void *ctx, enu
}
os_memset(&global, 0, sizeof(global));
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -7787,7 +7787,6 @@ struct wpa_interface * wpa_supplicant_ma
+@@ -8062,7 +8062,6 @@ struct wpa_interface * wpa_supplicant_ma
return NULL;
}
/**
* wpa_supplicant_match_existing - Match existing interfaces
* @global: Pointer to global data from wpa_supplicant_init()
-@@ -7822,6 +7821,11 @@ static int wpa_supplicant_match_existing
+@@ -8097,6 +8096,11 @@ static int wpa_supplicant_match_existing
#endif /* CONFIG_MATCH_IFACE */
/**
* wpa_supplicant_add_iface - Add a new network interface
-@@ -8078,6 +8082,8 @@ struct wpa_global * wpa_supplicant_init(
+@@ -8353,6 +8357,8 @@ struct wpa_global * wpa_supplicant_init(
#ifndef CONFIG_NO_WPA_MSG
wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
#endif /* CONFIG_NO_WPA_MSG */
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
-@@ -1406,7 +1406,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS)
+@@ -1419,7 +1419,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS)
@$(AR) cr $@ hostapd_multi.o $(OBJS)
hostapd: $(OBJS)
@$(E) " LD " $@
ifdef CONFIG_WPA_TRACE
-@@ -1417,7 +1417,7 @@ _OBJS_VAR := OBJS_c
+@@ -1430,7 +1430,7 @@ _OBJS_VAR := OBJS_c
include ../src/objs.mk
hostapd_cli: $(OBJS_c)
NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS)
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
-@@ -2104,31 +2104,31 @@ wpa_supplicant_multi.a: .config $(BCHECK
+@@ -2106,31 +2106,31 @@ wpa_supplicant_multi.a: .config $(BCHECK
@$(AR) cr $@ wpa_supplicant_multi.o $(OBJS)
wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
-@@ -13292,7 +13292,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -13566,7 +13566,7 @@ char * wpa_supplicant_ctrl_iface_process
if (wpas_ctrl_iface_coloc_intf_report(wpa_s, buf + 18))
reply_len = -1;
#endif /* CONFIG_WNM */
} else if (os_strncmp(buf, "DISASSOC_IMMINENT ", 18) == 0) {
if (ap_ctrl_iface_disassoc_imminent(wpa_s, buf + 18))
reply_len = -1;
-@@ -13302,7 +13302,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -13576,7 +13576,7 @@ char * wpa_supplicant_ctrl_iface_process
} else if (os_strncmp(buf, "BSS_TM_REQ ", 11) == 0) {
if (ap_ctrl_iface_bss_tm_req(wpa_s, buf + 11))
reply_len = -1;
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
-@@ -49,10 +49,6 @@
+@@ -50,10 +50,6 @@
#define WLAN_STA_PENDING_DEAUTH_CB BIT(30)
#define WLAN_STA_NONERP BIT(31)
struct hapd_global {
void **drv_priv;
-@@ -825,7 +825,7 @@ int main(int argc, char *argv[])
+@@ -866,7 +866,7 @@ int main(int argc, char *argv[])
wpa_supplicant_event = hostapd_wpa_event;
wpa_supplicant_event_global = hostapd_wpa_event_global;
for (;;) {
if (c < 0)
break;
switch (c) {
-@@ -862,6 +862,8 @@ int main(int argc, char *argv[])
+@@ -903,6 +903,8 @@ int main(int argc, char *argv[])
break;
#endif /* CONFIG_DEBUG_LINUX_TRACING */
case 'v':
else
--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
-@@ -4057,6 +4057,7 @@ static int hostapd_ctrl_iface_receive_pr
+@@ -4087,6 +4087,7 @@ static int hostapd_ctrl_iface_receive_pr
reply_size);
} else if (os_strcmp(buf, "STATUS-DRIVER") == 0) {
reply_len = hostapd_drv_status(hapd, reply, reply_size);
} else if (os_strcmp(buf, "MIB") == 0) {
reply_len = ieee802_11_get_mib(hapd, reply, reply_size);
if (reply_len >= 0) {
-@@ -4098,6 +4099,7 @@ static int hostapd_ctrl_iface_receive_pr
+@@ -4128,6 +4129,7 @@ static int hostapd_ctrl_iface_receive_pr
} else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply,
reply_size);
static int hostapd_ctrl_iface_sta_mib(struct hostapd_data *hapd,
struct sta_info *sta,
char *buf, size_t buflen)
-@@ -562,6 +562,7 @@ int hostapd_ctrl_iface_sta_next(struct h
+@@ -571,6 +571,7 @@ int hostapd_ctrl_iface_sta_next(struct h
return hostapd_ctrl_iface_sta_mib(hapd, sta->next, buf, buflen);
}
#ifdef CONFIG_P2P_MANAGER
static int p2p_manager_disconnect(struct hostapd_data *hapd, u16 stype,
-@@ -1016,12 +1017,12 @@ int hostapd_ctrl_iface_status(struct hos
+@@ -1043,12 +1044,12 @@ int hostapd_ctrl_iface_status(struct hos
return len;
len += ret;
}
if (os_snprintf_error(buflen - len, ret))
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
-@@ -2869,6 +2869,7 @@ static const char * bool_txt(bool val)
+@@ -2867,6 +2867,7 @@ static const char * bool_txt(bool val)
return val ? "TRUE" : "FALSE";
}
int ieee802_1x_get_mib(struct hostapd_data *hapd, char *buf, size_t buflen)
{
-@@ -3055,6 +3056,7 @@ int ieee802_1x_get_mib_sta(struct hostap
+@@ -3053,6 +3054,7 @@ int ieee802_1x_get_mib_sta(struct hostap
return len;
}
static void ieee802_1x_wnm_notif_send(void *eloop_ctx, void *timeout_ctx)
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
-@@ -6141,6 +6141,7 @@ static const char * wpa_bool_txt(int val
+@@ -6178,6 +6178,7 @@ static const char * wpa_bool_txt(int val
return val ? "TRUE" : "FALSE";
}
#define RSN_SUITE "%02x-%02x-%02x-%d"
#define RSN_SUITE_ARG(s) \
-@@ -6293,7 +6294,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
+@@ -6330,7 +6331,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
return len;
}
{
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
-@@ -4155,6 +4155,8 @@ static u32 wpa_key_mgmt_suite(struct wpa
+@@ -4195,6 +4195,8 @@ static u32 wpa_key_mgmt_suite(struct wpa
}
#define RSN_SUITE "%02x-%02x-%02x-%d"
#define RSN_SUITE_ARG(s) \
((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff
-@@ -4236,6 +4238,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch
+@@ -4276,6 +4278,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch
return (int) len;
}
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
-@@ -1039,6 +1039,9 @@ ifdef CONFIG_FILS
+@@ -1040,6 +1040,9 @@ ifdef CONFIG_FILS
OBJS += ../src/ap/fils_hlp.o
endif
ifdef CONFIG_CTRL_IFACE
--- a/wpa_supplicant/ap.c
+++ b/wpa_supplicant/ap.c
-@@ -1520,7 +1520,7 @@ int wpas_ap_wps_nfc_report_handover(stru
+@@ -1523,7 +1523,7 @@ int wpas_ap_wps_nfc_report_handover(stru
#endif /* CONFIG_WPS */
char *buf, size_t buflen)
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
-@@ -2355,7 +2355,7 @@ static int wpa_supplicant_ctrl_iface_sta
+@@ -2357,7 +2357,7 @@ static int wpa_supplicant_ctrl_iface_sta
pos += ret;
}
if (wpa_s->ap_iface) {
pos += ap_ctrl_iface_wpa_get_status(wpa_s, pos,
end - pos,
-@@ -12620,6 +12620,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -12876,6 +12876,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_len = -1;
} else if (os_strncmp(buf, "NOTE ", 5) == 0) {
wpa_printf(MSG_INFO, "NOTE: %s", buf + 5);
} else if (os_strcmp(buf, "MIB") == 0) {
reply_len = wpa_sm_get_mib(wpa_s->wpa, reply, reply_size);
if (reply_len >= 0) {
-@@ -12632,6 +12633,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -12888,6 +12889,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_size - reply_len);
#endif /* CONFIG_MACSEC */
}
} else if (os_strncmp(buf, "STATUS", 6) == 0) {
reply_len = wpa_supplicant_ctrl_iface_status(
wpa_s, buf + 6, reply, reply_size);
-@@ -13120,6 +13122,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -13394,6 +13396,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_len = wpa_supplicant_ctrl_iface_bss(
wpa_s, buf + 4, reply, reply_size);
#ifdef CONFIG_AP
} else if (os_strcmp(buf, "STA-FIRST") == 0) {
reply_len = ap_ctrl_iface_sta_first(wpa_s, reply, reply_size);
} else if (os_strncmp(buf, "STA ", 4) == 0) {
-@@ -13128,12 +13131,15 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -13402,12 +13405,15 @@ char * wpa_supplicant_ctrl_iface_process
} else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
reply_len = ap_ctrl_iface_sta_next(wpa_s, buf + 9, reply,
reply_size);
} else if (os_strcmp(buf, "ht_capab") == 0) {
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
-@@ -1122,6 +1122,8 @@ struct hostapd_config {
+@@ -1125,6 +1125,8 @@ struct hostapd_config {
int ht_op_mode_fixed;
u16 ht_capab;
int no_pri_sec_switch;
--- a/src/ap/hw_features.c
+++ b/src/ap/hw_features.c
-@@ -573,7 +573,8 @@ static int ieee80211n_check_40mhz(struct
+@@ -567,7 +567,8 @@ static int ieee80211n_check_40mhz(struct
int ret;
/* Check that HT40 is used and PRI / SEC switch is allowed */
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
-@@ -2639,6 +2639,7 @@ static const struct parse_data ssid_fiel
+@@ -2668,6 +2668,7 @@ static const struct parse_data ssid_fiel
#else /* CONFIG_MESH */
{ INT_RANGE(mode, 0, 4) },
#endif /* CONFIG_MESH */
{ STR(id_str) },
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
-@@ -775,6 +775,7 @@ static void wpa_config_write_network(FIL
+@@ -867,6 +867,7 @@ static void wpa_config_write_network(FIL
#endif /* IEEE8021X_EAPOL */
INT(mode);
INT(no_auto_peer);
+ INT(noscan);
- INT(mesh_fwding);
+ INT_DEF(mesh_fwding, DEFAULT_MESH_FWDING);
INT(frequency);
INT(enable_edmg);
--- a/wpa_supplicant/config_ssid.h
+++ b/wpa_supplicant/config_ssid.h
-@@ -1035,6 +1035,8 @@ struct wpa_ssid {
+@@ -1063,6 +1063,8 @@ struct wpa_ssid {
*/
int no_auto_peer;
*
--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
-@@ -506,6 +506,8 @@ static int wpa_supplicant_mesh_init(stru
+@@ -509,6 +509,8 @@ static int wpa_supplicant_mesh_init(stru
frequency);
goto out_free;
}
/*
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -2903,7 +2903,7 @@ static bool ibss_mesh_can_use_vht(struct
+@@ -3044,7 +3044,7 @@ static bool ibss_mesh_can_use_vht(struct
const struct wpa_ssid *ssid,
struct hostapd_hw_modes *mode)
{
return false;
if (!drv_supports_vht(wpa_s, ssid))
-@@ -2976,7 +2976,7 @@ static void ibss_mesh_select_40mhz(struc
+@@ -3117,7 +3117,7 @@ static void ibss_mesh_select_40mhz(struc
int i, res;
unsigned int j;
static const int ht40plus[] = {
149, 157, 165, 173, 184, 192
};
int ht40 = -1;
-@@ -3227,7 +3227,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -3414,7 +3414,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
enum hostapd_hw_mode hw_mode;
struct hostapd_hw_modes *mode = NULL;
u8 channel;
bool is_6ghz, is_24ghz;
bool dfs_enabled = wpa_s->conf->country[0] && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR);
-@@ -3271,6 +3271,8 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -3458,6 +3458,8 @@ void ibss_mesh_setup_freq(struct wpa_sup
freq->he_enabled = ibss_mesh_can_use_he(wpa_s, ssid, mode,
ieee80211_mode);
freq->channel = channel;
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -6073,7 +6073,7 @@ wpa_supplicant_alloc(struct wpa_supplica
+@@ -6342,7 +6342,7 @@ wpa_supplicant_alloc(struct wpa_supplica
if (wpa_s == NULL)
return NULL;
wpa_s->scan_req = INITIAL_SCAN_REQ;
+++ /dev/null
-From ee68734929edb30f90a95bc3150038333b345476 Mon Sep 17 00:00:00 2001
-From: Felix Fietkau <nbd@openwrt.org>
-Date: Sun, 30 Jun 2013 21:01:13 +0000
-Subject: [PATCH] nl80211_fix_set_freq.patch
-
---- a/src/drivers/driver_nl80211.c
-+++ b/src/drivers/driver_nl80211.c
-@@ -5512,7 +5512,7 @@ static int nl80211_set_channel(struct i8
- freq->he_enabled, freq->eht_enabled, freq->bandwidth,
- freq->center_freq1, freq->center_freq2);
-
-- msg = nl80211_drv_msg(drv, 0, set_chan ? NL80211_CMD_SET_CHANNEL :
-+ msg = nl80211_bss_msg(bss, 0, set_chan ? NL80211_CMD_SET_CHANNEL :
- NL80211_CMD_SET_WIPHY);
- if (!msg || nl80211_put_freq_params(msg, freq) < 0) {
- nlmsg_free(msg);
--- a/wpa_supplicant/ap.c
+++ b/wpa_supplicant/ap.c
-@@ -1846,17 +1846,37 @@ int ap_switch_channel(struct wpa_supplic
+@@ -1849,17 +1849,37 @@ int ap_switch_channel(struct wpa_supplic
#ifdef CONFIG_CTRL_IFACE
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -6253,8 +6253,7 @@ static void nl80211_teardown_ap(struct i
+@@ -6381,8 +6381,7 @@ static void nl80211_teardown_ap(struct i
nl80211_mgmt_unsubscribe(bss, "AP teardown");
nl80211_put_wiphy_data_ap(bss);
char *buf;
--- a/src/utils/wpa_debug.h
+++ b/src/utils/wpa_debug.h
-@@ -51,6 +51,17 @@ void wpa_debug_close_file(void);
+@@ -52,6 +52,17 @@ void wpa_debug_close_file(void);
void wpa_debug_setup_stdout(void);
void wpa_debug_stop_log(void);
/**
* wpa_debug_printf_timestamp - Print timestamp for debug output
*
-@@ -71,9 +82,15 @@ void wpa_debug_print_timestamp(void);
+@@ -72,9 +83,15 @@ void wpa_debug_print_timestamp(void);
*
* Note: New line '\n' is added to the end of the text when printing to stdout.
*/
/**
* wpa_hexdump - conditional hex dump
* @level: priority level (MSG_*) of the message
-@@ -85,7 +102,13 @@ PRINTF_FORMAT(2, 3);
+@@ -86,7 +103,13 @@ PRINTF_FORMAT(2, 3);
* output may be directed to stdout, stderr, and/or syslog based on
* configuration. The contents of buf is printed out has hex dump.
*/
static inline void wpa_hexdump_buf(int level, const char *title,
const struct wpabuf *buf)
-@@ -107,7 +130,13 @@ static inline void wpa_hexdump_buf(int l
+@@ -108,7 +131,13 @@ static inline void wpa_hexdump_buf(int l
* like wpa_hexdump(), but by default, does not include secret keys (passwords,
* etc.) in debug output.
*/
static inline void wpa_hexdump_buf_key(int level, const char *title,
const struct wpabuf *buf)
-@@ -129,8 +158,14 @@ static inline void wpa_hexdump_buf_key(i
+@@ -130,8 +159,14 @@ static inline void wpa_hexdump_buf_key(i
* the hex numbers and ASCII characters (for printable range) are shown. 16
* bytes per line will be shown.
*/
/**
* wpa_hexdump_ascii_key - conditional hex dump, hide keys
-@@ -146,8 +181,14 @@ void wpa_hexdump_ascii(int level, const
+@@ -147,8 +182,14 @@ void wpa_hexdump_ascii(int level, const
* bytes per line will be shown. This works like wpa_hexdump_ascii(), but by
* default, does not include secret keys (passwords, etc.) in debug output.
*/
/*
* wpa_dbg() behaves like wpa_msg(), but it can be removed from build to reduce
-@@ -184,7 +225,12 @@ void wpa_hexdump_ascii_key(int level, co
+@@ -185,7 +226,12 @@ void wpa_hexdump_ascii_key(int level, co
*
* Note: New line '\n' is added to the end of the text when printing to stdout.
*/
/**
* wpa_msg_ctrl - Conditional printf for ctrl_iface monitors
-@@ -198,8 +244,13 @@ void wpa_msg(void *ctx, int level, const
+@@ -199,8 +245,13 @@ void wpa_msg(void *ctx, int level, const
* attached ctrl_iface monitors. In other words, it can be used for frequent
* events that do not need to be sent to syslog.
*/
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -1004,6 +1004,9 @@ struct wpa_driver_associate_params {
+@@ -1012,6 +1012,9 @@ struct wpa_driver_associate_params {
* responsible for selecting with which BSS to associate. */
const u8 *bssid;
#include "config.h"
-@@ -2421,6 +2422,97 @@ static char * wpa_config_write_mac_value
+@@ -2449,6 +2450,97 @@ static char * wpa_config_write_mac_value
#endif /* NO_CONFIG_WRITE */
/* Helper macros for network block parser */
#ifdef OFFSET
-@@ -2713,6 +2805,8 @@ static const struct parse_data ssid_fiel
+@@ -2744,6 +2836,8 @@ static const struct parse_data ssid_fiel
{ INT(ap_max_inactivity) },
{ INT(dtim_period) },
{ INT(beacon_int) },
{ INT_RANGE(macsec_integ_only, 0, 1) },
--- a/wpa_supplicant/config_ssid.h
+++ b/wpa_supplicant/config_ssid.h
-@@ -879,6 +879,9 @@ struct wpa_ssid {
+@@ -907,6 +907,9 @@ struct wpa_ssid {
*/
void *parent_cred;
* macsec_policy - Determines the policy for MACsec secure session
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -4435,6 +4435,12 @@ static void wpas_start_assoc_cb(struct w
+@@ -4635,6 +4635,12 @@ static void wpas_start_assoc_cb(struct w
params.beacon_int = ssid->beacon_int;
else
params.beacon_int = wpa_s->conf->beacon_int;
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -1920,6 +1920,7 @@ struct wpa_driver_mesh_join_params {
+@@ -1932,6 +1932,7 @@ struct wpa_driver_mesh_join_params {
#define WPA_DRIVER_MESH_FLAG_AMPE 0x00000008
unsigned int flags;
bool handle_dfs;
struct wpa_driver_set_key_params {
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -12142,6 +12142,18 @@ static int nl80211_put_mesh_id(struct nl
+@@ -12333,6 +12333,18 @@ static int nl80211_put_mesh_id(struct nl
}
static int nl80211_put_mesh_config(struct nl_msg *msg,
struct wpa_driver_mesh_bss_params *params)
{
-@@ -12203,6 +12215,7 @@ static int nl80211_join_mesh(struct i802
+@@ -12394,6 +12406,7 @@ static int nl80211_join_mesh(struct i802
nl80211_put_basic_rates(msg, params->basic_rates) ||
nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) ||
nl80211_put_beacon_int(msg, params->beacon_int) ||
--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
-@@ -632,6 +632,7 @@ int wpa_supplicant_join_mesh(struct wpa_
+@@ -636,6 +636,7 @@ int wpa_supplicant_join_mesh(struct wpa_
params->meshid = ssid->ssid;
params->meshid_len = ssid->ssid_len;
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -3234,6 +3234,10 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -3421,6 +3421,10 @@ void ibss_mesh_setup_freq(struct wpa_sup
freq->freq = ssid->frequency;
}
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
-@@ -1418,6 +1418,12 @@ void handle_probe_req(struct hostapd_dat
+@@ -1437,6 +1437,12 @@ void handle_probe_req(struct hostapd_dat
int mld_id;
u16 links;
#endif /* CONFIG_IEEE80211BE */
if (hapd->iconf->rssi_ignore_probe_request && ssi_signal &&
ssi_signal < hapd->iconf->rssi_ignore_probe_request)
-@@ -1604,6 +1610,12 @@ void handle_probe_req(struct hostapd_dat
+@@ -1623,6 +1629,12 @@ void handle_probe_req(struct hostapd_dat
}
#endif /* CONFIG_P2P */
#ifdef CONFIG_P2P
if (elems.p2p) {
wpabuf_free(sta->p2p_ie);
-@@ -1369,6 +1379,7 @@ void hostapd_event_ch_switch(struct host
+@@ -1385,6 +1395,7 @@ void hostapd_event_ch_switch(struct host
wpa_msg(hapd->msg_ctx, MSG_INFO, AP_CSA_FINISHED
"freq=%d dfs=%d", freq, is_dfs);
if (is_dfs0 > 0 &&
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
-@@ -475,6 +475,7 @@ void hostapd_free_hapd_data(struct hosta
+@@ -479,6 +479,7 @@ void hostapd_free_hapd_data(struct hosta
hapd->beacon_set_done = 0;
wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface);
accounting_deinit(hapd);
hostapd_deinit_wpa(hapd);
vlan_deinit(hapd);
-@@ -1316,6 +1317,8 @@ static int hostapd_start_beacon(struct h
+@@ -1324,6 +1325,8 @@ static int hostapd_start_beacon(struct h
if (hapd->driver && hapd->driver->set_operstate)
hapd->driver->set_operstate(hapd->drv_priv, 1);
return 0;
}
-@@ -2525,6 +2528,7 @@ static int hostapd_setup_interface_compl
+@@ -2546,6 +2549,7 @@ static int hostapd_setup_interface_compl
if (err)
goto fail;
wpa_printf(MSG_DEBUG, "Completing interface initialization");
if (iface->freq) {
#ifdef NEED_AP_MLME
-@@ -2750,6 +2754,7 @@ dfs_offload:
+@@ -2771,6 +2775,7 @@ dfs_offload:
fail:
wpa_printf(MSG_ERROR, "Interface initialization failed");
if (iface->is_no_ir) {
hostapd_set_state(iface, HAPD_IFACE_NO_IR);
-@@ -3478,6 +3483,7 @@ void hostapd_interface_deinit_free(struc
+@@ -3501,6 +3506,7 @@ void hostapd_interface_deinit_free(struc
(unsigned int) iface->conf->num_bss);
driver = iface->bss[0]->driver;
drv_priv = iface->bss[0]->drv_priv;
struct hostapd_iface * hostapd_alloc_iface(void);
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
-@@ -2897,7 +2897,7 @@ static void handle_auth(struct hostapd_d
+@@ -2941,7 +2941,7 @@ static void handle_auth(struct hostapd_d
u16 auth_alg, auth_transaction, status_code;
u16 resp = WLAN_STATUS_SUCCESS;
struct sta_info *sta = NULL;
u16 fc;
const u8 *challenge = NULL;
u8 resp_ies[2 + WLAN_AUTH_CHALLENGE_LEN];
-@@ -2908,6 +2908,11 @@ static void handle_auth(struct hostapd_d
+@@ -2952,6 +2952,11 @@ static void handle_auth(struct hostapd_d
#ifdef CONFIG_IEEE80211BE
bool mld_sta = false;
#endif /* CONFIG_IEEE80211BE */
if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) {
wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)",
-@@ -3104,6 +3109,13 @@ static void handle_auth(struct hostapd_d
+@@ -3148,6 +3153,13 @@ static void handle_auth(struct hostapd_d
resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
goto fail;
}
if (res == HOSTAPD_ACL_PENDING)
return;
-@@ -5367,7 +5379,7 @@ static void handle_assoc(struct hostapd_
+@@ -5477,7 +5489,7 @@ static void handle_assoc(struct hostapd_
int resp = WLAN_STATUS_SUCCESS;
u16 reply_res = WLAN_STATUS_UNSPECIFIED_FAILURE;
const u8 *pos;
struct sta_info *sta;
u8 *tmp = NULL;
#ifdef CONFIG_FILS
-@@ -5609,6 +5621,11 @@ static void handle_assoc(struct hostapd_
+@@ -5719,6 +5731,11 @@ static void handle_assoc(struct hostapd_
left = res;
}
#endif /* CONFIG_FILS */
/* followed by SSID and Supported rates; and HT capabilities if 802.11n
* is used */
-@@ -5711,6 +5728,13 @@ static void handle_assoc(struct hostapd_
+@@ -5826,6 +5843,13 @@ static void handle_assoc(struct hostapd_
if (set_beacon)
ieee802_11_update_beacons(hapd->iface);
fail:
/*
-@@ -5940,6 +5964,7 @@ static void handle_disassoc(struct hosta
+@@ -6055,6 +6079,7 @@ static void handle_disassoc(struct hosta
(unsigned long) len);
return;
}
sta = ap_get_sta(hapd, mgmt->sa);
if (!sta) {
-@@ -5971,6 +5996,8 @@ static void handle_deauth(struct hostapd
+@@ -6086,6 +6111,8 @@ static void handle_deauth(struct hostapd
/* Clear the PTKSA cache entries for PASN */
ptksa_cache_flush(hapd->ptksa, mgmt->sa, WPA_CIPHER_NONE);
wpa_printf(MSG_DEBUG, "RRM action %u is not supported",
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
-@@ -542,6 +542,7 @@ void ap_handle_timer(void *eloop_ctx, vo
+@@ -543,6 +543,7 @@ void ap_handle_timer(void *eloop_ctx, vo
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_INFO, "deauthenticated due to "
"local deauth request");
ap_free_sta(hapd, sta);
return;
}
-@@ -699,6 +700,7 @@ skip_poll:
+@@ -700,6 +701,7 @@ skip_poll:
mlme_deauthenticate_indication(
hapd, sta,
WLAN_REASON_PREV_AUTH_NOT_VALID);
ap_free_sta(hapd, sta);
break;
}
-@@ -1521,15 +1523,28 @@ void ap_sta_set_authorized_event(struct
+@@ -1588,15 +1590,28 @@ void ap_sta_set_authorized_event(struct
os_snprintf(buf, sizeof(buf), MACSTR, MAC2STR(sta->addr));
if (authorized) {
#ifdef CONFIG_P2P
if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) {
os_snprintf(ip_addr, sizeof(ip_addr),
-@@ -1540,6 +1555,13 @@ void ap_sta_set_authorized_event(struct
+@@ -1607,6 +1622,13 @@ void ap_sta_set_authorized_event(struct
}
#endif /* CONFIG_P2P */
keyid = ap_sta_wpa_get_keyid(hapd, sta);
if (keyid) {
os_snprintf(keyid_buf, sizeof(keyid_buf),
-@@ -1558,17 +1580,19 @@ void ap_sta_set_authorized_event(struct
+@@ -1625,17 +1647,19 @@ void ap_sta_set_authorized_event(struct
dpp_pkhash, SHA256_MAC_LEN);
}
hapd->msg_ctx_parent != hapd->msg_ctx)
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
-@@ -304,6 +304,7 @@ struct sta_info {
+@@ -305,6 +305,7 @@ struct sta_info {
#endif /* CONFIG_TESTING_OPTIONS */
#ifdef CONFIG_AIRTIME_POLICY
unsigned int airtime_weight;
}
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
-@@ -328,6 +328,7 @@ static void hostapd_wpa_auth_psk_failure
+@@ -331,6 +331,7 @@ static void hostapd_wpa_auth_psk_failure
struct hostapd_data *hapd = ctx;
wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_POSSIBLE_PSK_MISMATCH MACSTR,
MAC2STR(addr));
ifdef CONFIG_CODE_COVERAGE
CFLAGS += -O0 -fprofile-arcs -ftest-coverage -U_FORTIFY_SOURCE
LIBS += -lgcov
-@@ -1043,6 +1050,9 @@ ifdef CONFIG_CTRL_IFACE_MIB
+@@ -1044,6 +1051,9 @@ ifdef CONFIG_CTRL_IFACE_MIB
CFLAGS += -DCONFIG_CTRL_IFACE_MIB
endif
OBJS += ../src/ap/ctrl_iface_ap.o
break;
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -7920,6 +7920,8 @@ struct wpa_supplicant * wpa_supplicant_a
+@@ -8195,6 +8195,8 @@ struct wpa_supplicant * wpa_supplicant_a
}
#endif /* CONFIG_P2P */
return wpa_s;
}
-@@ -7946,6 +7948,8 @@ int wpa_supplicant_remove_iface(struct w
+@@ -8221,6 +8223,8 @@ int wpa_supplicant_remove_iface(struct w
struct wpa_supplicant *parent = wpa_s->parent;
#endif /* CONFIG_MESH */
/* Remove interface from the global list of interfaces */
prev = global->ifaces;
if (prev == wpa_s) {
-@@ -8292,8 +8296,12 @@ int wpa_supplicant_run(struct wpa_global
+@@ -8567,8 +8571,12 @@ int wpa_supplicant_run(struct wpa_global
eloop_register_signal_terminate(wpa_supplicant_terminate, global);
eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
};
-@@ -693,6 +696,7 @@ struct wpa_supplicant {
+@@ -705,6 +708,7 @@ struct wpa_supplicant {
unsigned char own_addr[ETH_ALEN];
unsigned char perm_addr[ETH_ALEN];
char ifname[100];
ifdef CONFIG_CODE_COVERAGE
--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
-@@ -5998,6 +5998,7 @@ try_again:
+@@ -6031,6 +6031,7 @@ try_again:
return -1;
}
wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
return 0;
-@@ -6099,6 +6100,7 @@ fail:
+@@ -6132,6 +6133,7 @@ fail:
os_free(fname);
interface->global_ctrl_sock = s;
--- a/hostapd/main.c
+++ b/hostapd/main.c
-@@ -1033,6 +1033,7 @@ int main(int argc, char *argv[])
+@@ -1074,6 +1074,7 @@ int main(int argc, char *argv[])
}
hostapd_global_ctrl_iface_init(&interfaces);
if (hostapd_global_run(&interfaces, daemonize, pid_file)) {
wpa_printf(MSG_ERROR, "Failed to start eloop");
-@@ -1042,6 +1043,7 @@ int main(int argc, char *argv[])
+@@ -1083,6 +1084,7 @@ int main(int argc, char *argv[])
ret = 0;
out:
for (i = 0; i < interfaces.count; i++) {
--- a/src/ap/ap_drv_ops.h
+++ b/src/ap/ap_drv_ops.h
-@@ -409,6 +409,23 @@ static inline int hostapd_drv_stop_ap(st
+@@ -410,6 +410,23 @@ static inline int hostapd_drv_stop_ap(st
return hapd->driver->stop_ap(hapd->drv_priv, link_id);
}
{
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
-@@ -255,6 +255,8 @@ int hostapd_reload_config(struct hostapd
+@@ -259,6 +259,8 @@ int hostapd_reload_config(struct hostapd
struct hostapd_config *newconf, *oldconf;
size_t j;
if (iface->config_fname == NULL) {
/* Only in-memory config in use - assume it has been updated */
hostapd_clear_old(iface);
-@@ -475,6 +477,7 @@ void hostapd_free_hapd_data(struct hosta
+@@ -479,6 +481,7 @@ void hostapd_free_hapd_data(struct hosta
hapd->beacon_set_done = 0;
wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface);
hostapd_ubus_free_bss(hapd);
accounting_deinit(hapd);
hostapd_deinit_wpa(hapd);
-@@ -729,6 +732,7 @@ void hostapd_cleanup_iface_partial(struc
+@@ -737,6 +740,7 @@ void hostapd_cleanup_iface_partial(struc
static void hostapd_cleanup_iface(struct hostapd_iface *iface)
{
wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface);
eloop_cancel_timeout(hostapd_interface_setup_failure_handler, iface,
NULL);
-@@ -1318,6 +1322,7 @@ static int hostapd_start_beacon(struct h
+@@ -1326,6 +1330,7 @@ static int hostapd_start_beacon(struct h
hapd->driver->set_operstate(hapd->drv_priv, 1);
hostapd_ubus_add_bss(hapd);
return 0;
}
-@@ -1393,8 +1398,7 @@ static int hostapd_bss_radius_init(struc
+@@ -1401,8 +1406,7 @@ static int hostapd_bss_radius_init(struc
* initialized. Most of the modules that are initialized here will be
* deinitialized in hostapd_cleanup().
*/
{
struct hostapd_bss_config *conf = hapd->conf;
u8 ssid[SSID_MAX_LEN + 1];
-@@ -1510,6 +1514,8 @@ setup_mld:
+@@ -1518,6 +1522,8 @@ setup_mld:
}
#endif /* CONFIG_IEEE80211BE */
if (conf->wmm_enabled < 0)
conf->wmm_enabled = hapd->iconf->ieee80211n |
hapd->iconf->ieee80211ax;
-@@ -2487,7 +2493,7 @@ static int hostapd_owe_iface_iter2(struc
+@@ -2508,7 +2514,7 @@ static int hostapd_owe_iface_iter2(struc
#endif /* CONFIG_OWE */
{
#ifdef CONFIG_OWE
/* Check whether the enabled BSS can complete OWE transition mode
-@@ -2954,7 +2960,7 @@ hostapd_alloc_bss_data(struct hostapd_if
+@@ -2975,7 +2981,7 @@ hostapd_alloc_bss_data(struct hostapd_if
}
{
if (!hapd)
return;
-@@ -4015,7 +4021,8 @@ int hostapd_remove_iface(struct hapd_int
+@@ -4035,7 +4041,8 @@ int hostapd_remove_iface(struct hapd_int
hapd_iface = interfaces->iface[i];
if (hapd_iface == NULL)
return -1;
const char *config_fname, int debug);
+int hostapd_setup_bss(struct hostapd_data *hapd, int first, bool start_beacon);
+void hostapd_bss_deinit(struct hostapd_data *hapd);
+ void hostapd_bss_setup_multi_link(struct hostapd_data *hapd,
+ struct hapd_interfaces *interfaces);
void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta,
- int reassoc);
- void hostapd_interface_deinit_free(struct hostapd_iface *iface);
-@@ -815,6 +824,7 @@ hostapd_switch_channel_fallback(struct h
+@@ -817,6 +826,7 @@ hostapd_switch_channel_fallback(struct h
void hostapd_cleanup_cs_params(struct hostapd_data *hapd);
void hostapd_periodic_iface(struct hostapd_iface *iface);
int hostapd_owe_trans_get_info(struct hostapd_data *hapd);
void hostapd_switch_color(struct hostapd_data *hapd, u64 bitmap);
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -3928,6 +3928,25 @@ struct wpa_driver_ops {
+@@ -4003,6 +4003,25 @@ struct wpa_driver_ops {
const char *ifname);
/**
* set_sta_vlan - Bind a station into a specific interface (AP only)
* @priv: Private driver interface data
* @ifname: Interface (main or virtual BSS or VLAN)
-@@ -6720,6 +6739,7 @@ union wpa_event_data {
+@@ -6818,6 +6837,7 @@ union wpa_event_data {
/**
* struct ch_switch
* @freq: Frequency of new channel in MHz
* @ht_enabled: Whether this is an HT channel
* @ch_offset: Secondary channel offset
-@@ -6730,6 +6750,7 @@ union wpa_event_data {
+@@ -6828,6 +6848,7 @@ union wpa_event_data {
* @punct_bitmap: Puncturing bitmap
*/
struct ch_switch {
static struct nl_sock * nl_create_handle(struct nl_cb *cb, const char *dbg)
{
-@@ -431,6 +441,11 @@ static int no_seq_check(struct nl_msg *m
+@@ -437,6 +447,11 @@ static int no_seq_check(struct nl_msg *m
return NL_OK;
}
static void nl80211_nlmsg_clear(struct nl_msg *msg)
{
-@@ -504,6 +519,8 @@ int send_and_recv(struct nl80211_global
+@@ -511,6 +526,8 @@ int send_and_recv_glb(struct nl80211_glo
if (!msg)
return -ENOMEM;
err.err = -ENOMEM;
s_nl_cb = nl_socket_get_cb(nl_handle);
-@@ -538,6 +555,7 @@ int send_and_recv(struct nl80211_global
- err.orig_msg = msg;
+@@ -546,6 +563,7 @@ int send_and_recv_glb(struct nl80211_glo
err.err_info = err_info;
+ err.drv = drv;
+ nl_cb_set(cb, NL_CB_MSG_IN, NL_CB_CUSTOM, debug_handler, NULL);
nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err.err);
if (ack_handler_custom) {
-@@ -941,6 +959,7 @@ nl80211_get_wiphy_data_ap(struct i802_bs
+@@ -949,6 +967,7 @@ nl80211_get_wiphy_data_ap(struct i802_bs
os_free(w);
return NULL;
}
nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
no_seq_check, NULL);
nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
-@@ -1355,7 +1374,7 @@ static void wpa_driver_nl80211_event_rtm
+@@ -1364,7 +1383,7 @@ static void wpa_driver_nl80211_event_rtm
}
wpa_printf(MSG_DEBUG, "nl80211: Interface down (%s/%s)",
namebuf, ifname);
wpa_printf(MSG_DEBUG,
"nl80211: Not the main interface (%s) - do not indicate interface down",
drv->first_bss->ifname);
-@@ -1391,7 +1410,7 @@ static void wpa_driver_nl80211_event_rtm
+@@ -1400,7 +1419,7 @@ static void wpa_driver_nl80211_event_rtm
}
wpa_printf(MSG_DEBUG, "nl80211: Interface up (%s/%s)",
namebuf, ifname);
wpa_printf(MSG_DEBUG,
"nl80211: Not the main interface (%s) - do not indicate interface up",
drv->first_bss->ifname);
-@@ -2037,6 +2056,7 @@ static int wpa_driver_nl80211_init_nl_gl
+@@ -2046,6 +2065,7 @@ static int wpa_driver_nl80211_init_nl_gl
genl_family_put(family);
nl_cache_free(cache);
nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
no_seq_check, NULL);
nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
-@@ -2207,6 +2227,7 @@ static int nl80211_init_bss(struct i802_
+@@ -2216,6 +2236,7 @@ static int nl80211_init_bss(struct i802_
if (!bss->nl_cb)
return -1;
nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
no_seq_check, NULL);
nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
-@@ -8704,6 +8725,7 @@ static void *i802_init(struct hostapd_da
+@@ -8844,6 +8865,7 @@ static void *i802_init(struct hostapd_da
char master_ifname[IFNAMSIZ];
int ifindex, br_ifindex = 0;
int br_added = 0;
bss = wpa_driver_nl80211_drv_init(hapd, params->ifname,
params->global_priv, 1,
-@@ -8763,21 +8785,17 @@ static void *i802_init(struct hostapd_da
+@@ -8904,21 +8926,17 @@ static void *i802_init(struct hostapd_da
(params->num_bridge == 0 || !params->bridge[0]))
add_ifidx(drv, br_ifindex, drv->ifindex);
}
if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) {
-@@ -9146,6 +9164,50 @@ static int wpa_driver_nl80211_if_remove(
+@@ -9287,6 +9305,50 @@ static int wpa_driver_nl80211_if_remove(
return 0;
}
static int cookie_handler(struct nl_msg *msg, void *arg)
{
-@@ -10962,6 +11024,37 @@ static bool nl80211_is_drv_shared(void *
+@@ -11150,6 +11212,37 @@ static bool nl80211_is_drv_shared(void *
#endif /* CONFIG_IEEE80211BE */
static int driver_nl80211_send_mlme(void *priv, const u8 *data,
size_t data_len, int noack,
unsigned int freq,
-@@ -14510,6 +14603,8 @@ const struct wpa_driver_ops wpa_driver_n
+@@ -14874,6 +14967,8 @@ const struct wpa_driver_ops wpa_driver_n
.set_acl = wpa_driver_nl80211_set_acl,
.if_add = wpa_driver_nl80211_if_add,
.if_remove = driver_nl80211_if_remove,
.sta_add = wpa_driver_nl80211_sta_add,
--- a/src/drivers/driver_nl80211_event.c
+++ b/src/drivers/driver_nl80211_event.c
-@@ -1197,6 +1197,7 @@ static void mlme_event_ch_switch(struct
+@@ -1199,6 +1199,7 @@ static void mlme_event_ch_switch(struct
struct nlattr *bw, struct nlattr *cf1,
struct nlattr *cf2,
struct nlattr *punct_bitmap,
int finished)
{
struct i802_bss *bss;
-@@ -1260,6 +1261,8 @@ static void mlme_event_ch_switch(struct
+@@ -1262,6 +1263,8 @@ static void mlme_event_ch_switch(struct
data.ch_switch.cf1 = nla_get_u32(cf1);
if (cf2)
data.ch_switch.cf2 = nla_get_u32(cf2);
if (link) {
data.ch_switch.link_id = nla_get_u8(link);
-@@ -4054,6 +4057,7 @@ static void do_process_drv_event(struct
+@@ -4114,6 +4117,7 @@ static void do_process_drv_event(struct
tb[NL80211_ATTR_CENTER_FREQ1],
tb[NL80211_ATTR_CENTER_FREQ2],
tb[NL80211_ATTR_PUNCT_BITMAP],
0);
break;
case NL80211_CMD_CH_SWITCH_NOTIFY:
-@@ -4066,6 +4070,7 @@ static void do_process_drv_event(struct
+@@ -4126,6 +4130,7 @@ static void do_process_drv_event(struct
tb[NL80211_ATTR_CENTER_FREQ1],
tb[NL80211_ATTR_CENTER_FREQ2],
tb[NL80211_ATTR_PUNCT_BITMAP],
endif
ifdef CONFIG_CODE_COVERAGE
-@@ -1053,6 +1065,9 @@ OBJS += ../src/ap/ctrl_iface_ap.o
+@@ -1054,6 +1066,9 @@ OBJS += ../src/ap/ctrl_iface_ap.o
ifdef CONFIG_UBUS
OBJS += ../src/ap/ubus.o
endif
CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
-@@ -6167,6 +6167,7 @@ void supplicant_event(void *ctx, enum wp
+@@ -6206,6 +6206,7 @@ void supplicant_event(void *ctx, enum wp
event_to_string(event), event);
#endif /* CONFIG_NO_STDOUT_DEBUG */
#ifdef CONFIG_FST
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -1151,6 +1151,7 @@ void wpa_supplicant_set_state(struct wpa
+@@ -1256,6 +1256,7 @@ void wpa_supplicant_set_state(struct wpa
sme_sched_obss_scan(wpa_s, 0);
}
wpa_s->wpa_state = state;
#ifdef CONFIG_BGSCAN
if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid)
-@@ -7921,6 +7922,7 @@ struct wpa_supplicant * wpa_supplicant_a
+@@ -8196,6 +8197,7 @@ struct wpa_supplicant * wpa_supplicant_a
#endif /* CONFIG_P2P */
wpas_ubus_add_bss(wpa_s);
return wpa_s;
}
-@@ -7948,6 +7950,7 @@ int wpa_supplicant_remove_iface(struct w
+@@ -8223,6 +8225,7 @@ int wpa_supplicant_remove_iface(struct w
struct wpa_supplicant *parent = wpa_s->parent;
#endif /* CONFIG_MESH */
wpas_ubus_free_bss(wpa_s);
/* Remove interface from the global list of interfaces */
-@@ -8258,6 +8261,7 @@ struct wpa_global * wpa_supplicant_init(
+@@ -8533,6 +8536,7 @@ struct wpa_global * wpa_supplicant_init(
eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
wpas_periodic, global, NULL);
return global;
}
-@@ -8296,12 +8300,8 @@ int wpa_supplicant_run(struct wpa_global
+@@ -8571,12 +8575,8 @@ int wpa_supplicant_run(struct wpa_global
eloop_register_signal_terminate(wpa_supplicant_terminate, global);
eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
return 0;
}
-@@ -8334,6 +8334,8 @@ void wpa_supplicant_deinit(struct wpa_gl
+@@ -8609,6 +8609,8 @@ void wpa_supplicant_deinit(struct wpa_gl
wpas_notify_supplicant_deinitialized(global);
extern const char *const wpa_supplicant_version;
extern const char *const wpa_supplicant_license;
-@@ -697,6 +698,7 @@ struct wpa_supplicant {
+@@ -709,6 +710,7 @@ struct wpa_supplicant {
unsigned char perm_addr[ETH_ALEN];
char ifname[100];
struct wpas_ubus_bss ubus;
}
+use_sta_psk:
- if (!password && sta) {
+ if (!password && sta && !rx_id) {
for (psk = sta->psk; psk; psk = psk->next) {
- if (psk->is_passphrase) {
- password = psk->passphrase;
}
}
-@@ -3229,6 +3252,12 @@ static void handle_auth(struct hostapd_d
+@@ -3273,6 +3296,12 @@ static void handle_auth(struct hostapd_d
goto fail;
}
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
-@@ -474,6 +474,11 @@ void ap_free_sta(struct hostapd_data *ha
+@@ -475,6 +475,11 @@ void ap_free_sta(struct hostapd_data *ha
forced_memzero(sta->last_tk, WPA_TK_MAX_LEN);
#endif /* CONFIG_TESTING_OPTIONS */
os_free(sta);
}
-@@ -1507,6 +1512,8 @@ void ap_sta_set_authorized_event(struct
+@@ -1574,6 +1579,8 @@ void ap_sta_set_authorized_event(struct
#endif /* CONFIG_P2P */
const u8 *ip_ptr = NULL;
if (sta->p2p_ie != NULL &&
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
-@@ -180,6 +180,9 @@ struct sta_info {
+@@ -181,6 +181,9 @@ struct sta_info {
int vlan_id_bound; /* updated by ap_sta_bind_vlan() */
/* PSKs from RADIUS authentication server */
struct hostapd_sta_wpa_psk_short *psk;
char *radius_cui; /* Chargeable-User-Identity from RADIUS */
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
-@@ -400,6 +400,7 @@ static const u8 * hostapd_wpa_auth_get_p
+@@ -403,6 +403,7 @@ static const u8 * hostapd_wpa_auth_get_p
struct sta_info *sta = ap_get_sta(hapd, addr);
const u8 *psk;
if (vlan_id)
*vlan_id = 0;
if (psk_len)
-@@ -446,13 +447,16 @@ static const u8 * hostapd_wpa_auth_get_p
+@@ -449,13 +450,16 @@ static const u8 * hostapd_wpa_auth_get_p
* returned psk which should not be returned again.
* logic list (all hostapd_get_psk; all sta->psk)
*/
if (pos->is_passphrase) {
if (pbkdf2_sha1(pos->passphrase,
hapd->conf->ssid.ssid,
-@@ -469,6 +473,8 @@ static const u8 * hostapd_wpa_auth_get_p
+@@ -472,6 +476,8 @@ static const u8 * hostapd_wpa_auth_get_p
break;
}
}
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -5207,7 +5207,12 @@ struct hostapd_config * hostapd_config_r
+@@ -5223,7 +5223,12 @@ struct hostapd_config * hostapd_config_r
int errors = 0;
size_t i;
"for reading.", fname);
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
-@@ -326,8 +326,13 @@ struct wpa_config * wpa_config_read(cons
- while (cred_tail && cred_tail->next)
- cred_tail = cred_tail->next;
+@@ -390,8 +390,13 @@ struct wpa_config * wpa_config_read(cons
+ while (identity_tail && identity_tail->next)
+ identity_tail = identity_tail->next;
+ if (!strncmp(name, "data:", 5)) {
+ f = fmemopen((void *)(name + 5), strlen(name + 5), "r");
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -3646,6 +3646,8 @@ static int hostapd_config_fill(struct ho
+@@ -3644,6 +3644,8 @@ static int hostapd_config_fill(struct ho
#ifndef CONFIG_NO_VLAN
} else if (os_strcmp(buf, "dynamic_vlan") == 0) {
bss->ssid.dynamic_vlan = atoi(pos);
} else if (os_strcmp(buf, "vlan_bridge") == 0) {
--- a/src/ap/ap_drv_ops.c
+++ b/src/ap/ap_drv_ops.c
-@@ -390,8 +390,6 @@ int hostapd_set_wds_sta(struct hostapd_d
+@@ -394,8 +394,6 @@ int hostapd_set_wds_sta(struct hostapd_d
return -1;
if (hapd->conf->wds_bridge[0])
bridge = hapd->conf->wds_bridge;
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -3090,6 +3090,14 @@ static int hostapd_config_fill(struct ho
+@@ -3088,6 +3088,14 @@ static int hostapd_config_fill(struct ho
line, bss->max_num_sta, MAX_STA_COUNT);
return 1;
}
} else if (os_strcmp(buf, "extended_key_id") == 0) {
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
-@@ -1086,6 +1086,8 @@ struct hostapd_config {
+@@ -1089,6 +1089,8 @@ struct hostapd_config {
unsigned int track_sta_max_num;
unsigned int track_sta_max_age;
* ' ' (ascii 32): all environments
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
-@@ -1634,7 +1634,7 @@ void handle_probe_req(struct hostapd_dat
+@@ -1653,7 +1653,7 @@ void handle_probe_req(struct hostapd_dat
if (hapd->conf->no_probe_resp_if_max_sta &&
is_multicast_ether_addr(mgmt->da) &&
is_multicast_ether_addr(mgmt->bssid) &&
" since no room for additional STA",
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
-@@ -247,6 +247,29 @@ static int hostapd_iface_conf_changed(st
+@@ -251,6 +251,29 @@ static int hostapd_iface_conf_changed(st
return 0;
}
{
--- a/src/ap/hostapd.h
+++ b/src/ap/hostapd.h
-@@ -826,6 +826,7 @@ void hostapd_periodic_iface(struct hosta
+@@ -828,6 +828,7 @@ void hostapd_periodic_iface(struct hosta
int hostapd_owe_trans_get_info(struct hostapd_data *hapd);
void hostapd_owe_update_trans(struct hostapd_iface *iface);;
void hostapd_ocv_check_csa_sa_query(void *eloop_ctx, void *timeout_ctx);
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -3287,6 +3287,8 @@ static int hostapd_config_fill(struct ho
+@@ -3285,6 +3285,8 @@ static int hostapd_config_fill(struct ho
wpa_printf(MSG_INFO,
"Line %d: Obsolete peerkey parameter ignored", line);
#ifdef CONFIG_IEEE80211R_AP
int bridge_hairpin; /* hairpin_mode on bridge members */
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
-@@ -1821,8 +1821,12 @@ int hostapd_setup_wpa(struct hostapd_dat
+@@ -1825,8 +1825,12 @@ int hostapd_setup_wpa(struct hostapd_dat
wpa_key_mgmt_ft(hapd->conf->wpa_key_mgmt)) {
const char *ft_iface;
int bridge_hairpin; /* hairpin_mode on bridge members */
--- a/src/ap/ap_drv_ops.h
+++ b/src/ap/ap_drv_ops.h
-@@ -376,12 +376,12 @@ static inline int hostapd_drv_br_port_se
+@@ -377,12 +377,12 @@ static inline int hostapd_drv_br_port_se
static inline int hostapd_drv_br_set_net_param(struct hostapd_data *hapd,
enum drv_br_net_param param,
hapd->x_snoop_initialized = false;
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -4350,7 +4350,7 @@ struct wpa_driver_ops {
+@@ -4429,7 +4429,7 @@ struct wpa_driver_ops {
* Returns: 0 on success, negative (<0) on failure
*/
int (*br_set_net_param)(void *priv, enum drv_br_net_param param,
* get_wowlan - Get wake-on-wireless status
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -12662,7 +12662,7 @@ static const char * drv_br_net_param_str
+@@ -12853,7 +12853,7 @@ static const char * drv_br_net_param_str
static int wpa_driver_br_set_net_param(void *priv, enum drv_br_net_param param,
{
struct i802_bss *bss = priv;
char path[128];
-@@ -12688,8 +12688,11 @@ static int wpa_driver_br_set_net_param(v
+@@ -12879,8 +12879,11 @@ static int wpa_driver_br_set_net_param(v
return -EINVAL;
}
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -2865,6 +2865,8 @@ static int hostapd_config_fill(struct ho
+@@ -2863,6 +2863,8 @@ static int hostapd_config_fill(struct ho
} else if (os_strcmp(buf, "iapp_interface") == 0) {
wpa_printf(MSG_INFO, "DEPRECATED: iapp_interface not used");
#endif /* CONFIG_IAPP */
int radius_require_message_authenticator;
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
-@@ -600,6 +600,10 @@ int add_common_radius_attr(struct hostap
+@@ -598,6 +598,10 @@ int add_common_radius_attr(struct hostap
struct hostapd_radius_attr *attr;
int len;
* radius_client_send - Send a RADIUS request
* @radius: RADIUS client context from radius_client_init()
* @msg: RADIUS message to be sent
-@@ -1711,6 +1737,10 @@ radius_change_server(struct radius_clien
+@@ -1714,6 +1740,10 @@ radius_change_server(struct radius_clien
wpa_printf(MSG_DEBUG, "RADIUS local address: %s:%u",
inet_ntoa(claddr.sin_addr),
ntohs(claddr.sin_port));
}
break;
#ifdef CONFIG_IPV6
-@@ -1722,6 +1752,10 @@ radius_change_server(struct radius_clien
+@@ -1725,6 +1755,10 @@ radius_change_server(struct radius_clien
inet_ntop(AF_INET6, &claddr6.sin6_addr,
abuf, sizeof(abuf)),
ntohs(claddr6.sin6_port));
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
-@@ -1379,6 +1379,7 @@ static int hostapd_bss_radius_init(struc
+@@ -1387,6 +1387,7 @@ static int hostapd_bss_radius_init(struc
os_memset(&das_conf, 0, sizeof(das_conf));
das_conf.port = conf->radius_das_port;
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
-@@ -1477,7 +1477,7 @@ void handle_probe_req(struct hostapd_dat
+@@ -1496,7 +1496,7 @@ void handle_probe_req(struct hostapd_dat
* is less likely to see them (Probe Request frame sent on a
* neighboring, but partially overlapping, channel).
*/
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
-@@ -2035,6 +2035,25 @@ static int ieee802_1x_update_vlan(struct
+@@ -2033,6 +2033,25 @@ static int ieee802_1x_update_vlan(struct
}
#endif /* CONFIG_NO_VLAN */
/**
* ieee802_1x_receive_auth - Process RADIUS frames from Authentication Server
-@@ -2151,6 +2170,7 @@ ieee802_1x_receive_auth(struct radius_ms
+@@ -2149,6 +2168,7 @@ ieee802_1x_receive_auth(struct radius_ms
ieee802_1x_check_hs20(hapd, sta, msg,
session_timeout_set ?
(int) session_timeout : -1);
sm->eap_if->aaaFail = true;
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
-@@ -94,6 +94,7 @@ struct sta_info {
+@@ -95,6 +95,7 @@ struct sta_info {
u8 supported_rates[WLAN_SUPP_RATES_MAX];
int supported_rates_len;
u8 qosinfo; /* Valid when WLAN_STA_WMM is set */
#ifndef CONFIG_NO_HOSTAPD_LOGGER
static void hostapd_logger_cb(void *ctx, const u8 *addr, unsigned int module,
-@@ -793,6 +794,11 @@ int main(int argc, char *argv[])
+@@ -834,6 +835,11 @@ int main(int argc, char *argv[])
if (os_program_init())
return -1;
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
-@@ -1416,6 +1416,11 @@ ifdef CONFIG_NO_TKIP
+@@ -1429,6 +1429,11 @@ ifdef CONFIG_NO_TKIP
CFLAGS += -DCONFIG_NO_TKIP
endif
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -5200,6 +5200,15 @@ static int hostapd_config_fill(struct ho
+@@ -5216,6 +5216,15 @@ static int hostapd_config_fill(struct ho
bss->mld_indicate_disabled = atoi(pos);
#endif /* CONFIG_TESTING_OPTIONS */
#endif /* CONFIG_IEEE80211BE */
"Line %d: unknown configuration item '%s'",
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
-@@ -999,6 +999,35 @@ struct hostapd_bss_config {
- bool mld_indicate_disabled;
- #endif /* CONFIG_TESTING_OPTIONS */
- #endif /* CONFIG_IEEE80211BE */
+@@ -1002,6 +1002,35 @@ struct hostapd_bss_config {
+ int mbssid_index;
+
+ bool spp_amsdu;
+
+#ifdef CONFIG_APUP
+ /**
/**
--- a/src/ap/ap_drv_ops.c
+++ b/src/ap/ap_drv_ops.c
-@@ -385,13 +385,39 @@ int hostapd_set_wds_sta(struct hostapd_d
+@@ -389,13 +389,39 @@ int hostapd_set_wds_sta(struct hostapd_d
const u8 *addr, int aid, int val)
{
const char *bridge = NULL;
int hostapd_sta_add(struct hostapd_data *hapd,
--- /dev/null
+++ b/src/ap/apup.c
-@@ -0,0 +1,168 @@
+@@ -0,0 +1,169 @@
+/*
+ * hostapd / APuP Access Point Micro Peering
+ *
+ sta_ret = ap_sta_add(hapd, mgmt->bssid);
+
+ /* TODO: this has been added just to making compiler happy after breaking
-+ * changes introduced in 11a607d121df512e010148bedcb4263a03329dc7 to support
-+ * IEEE80211BE Multi Link Operation. Look at that commit with more time and
++ * changes introduced in 11a607d12 and 7855b6d60 to support
++ * IEEE80211BE Multi Link Operation. Look at these commits with more time and
+ * understand what could be a proper implementation in this context too
+ */
+ const u8 *mld_link_addr = NULL;
+ bool mld_link_sta = false;
++ u16 eml_cap = 0;
+
+ /* First add the station without more information */
+ int aRet = hostapd_sta_add(
+ NULL, 0, 0, NULL, NULL, NULL, 0, NULL, 0, NULL,
+ sta_ret->flags, 0, 0, 0,
+ 0, // 0 add, 1 set
-+ mld_link_addr, mld_link_sta);
++ mld_link_addr, mld_link_sta, eml_cap);
+
+ sta_ret->flags |= WLAN_STA_AUTH;
+ wpa_auth_sm_event(sta_ret->wpa_sm, WPA_AUTH);
+ sta_ret->vht_opmode,
+ 0, // int supp_p2p_ps
+ 1, // 0 add, 1 set
-+ mld_link_addr, mld_link_sta);
++ mld_link_addr, mld_link_sta, eml_cap);
+
+ ap_sta_set_authorized(hapd, sta_ret, 1);
+ hostapd_set_sta_flags(hapd, sta_ret);
#ifdef CONFIG_FILS
static struct wpabuf *
-@@ -3617,8 +3620,8 @@ static u16 check_multi_ap(struct hostapd
+@@ -3664,8 +3667,8 @@ static u16 check_multi_ap(struct hostapd
}
{
/* Supported rates not used in IEEE 802.11ad/DMG */
if (hapd->iface->current_mode &&
-@@ -4005,7 +4008,7 @@ static int __check_assoc_ies(struct host
+@@ -4105,7 +4108,7 @@ static int __check_assoc_ies(struct host
elems->ext_capab_len);
if (resp != WLAN_STATUS_SUCCESS)
return resp;
if (resp != WLAN_STATUS_SUCCESS)
return resp;
-@@ -6060,6 +6063,11 @@ static void handle_beacon(struct hostapd
+@@ -6175,6 +6178,11 @@ static void handle_beacon(struct hostapd
0);
ap_list_process_beacon(hapd->iface, mgmt, &elems, fi);
u16 copy_sta_vendor_vht(struct hostapd_data *hapd, struct sta_info *sta,
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -4048,7 +4048,7 @@ struct wpa_driver_ops {
+@@ -4123,7 +4123,7 @@ struct wpa_driver_ops {
* Returns: 0 on success, -1 on failure
*/
int (*set_wds_sta)(void *priv, const u8 *addr, int aid, int val,
* send_action - Transmit an Action frame
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -8559,25 +8559,15 @@ static int have_ifidx(struct wpa_driver_
+@@ -8699,25 +8699,15 @@ static int have_ifidx(struct wpa_driver_
static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val,
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
-@@ -1914,3 +1914,22 @@ void ap_sta_free_sta_profile(struct mld_
+@@ -1970,3 +1970,22 @@ void ap_sta_free_sta_profile(struct mld_
}
}
#endif /* CONFIG_IEEE80211BE */
+
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
-@@ -409,23 +409,8 @@ int ap_sta_re_add(struct hostapd_data *h
+@@ -414,23 +414,8 @@ int ap_sta_re_add(struct hostapd_data *h
void ap_free_sta_pasn(struct hostapd_data *hapd, struct sta_info *sta);
+++ /dev/null
-From 161327f91d956771996c96ea1b6e4e1cb8dc074c Mon Sep 17 00:00:00 2001
-From: Stone Zhang <quic_stonez@quicinc.com>
-Date: Mon, 14 Oct 2024 18:47:32 +0800
-Subject: [PATCH] hostapd: Fix clearing up settings for color switch
-
-Settings for color switch (struct cca_settings settings)
-is used without zero clearing, which causes the member
-settings->ubpr->unsol_bcast_probe_resp_intervalettings
-to be a random value. It is againsts the NLA policy of
-NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT and causes
-BSS color switch failure.
-
-Fixes: 654d2395dddf ("BSS coloring: Handling of collision events and triggering CCA")
-Signed-off-by: Stone Zhang <quic_stonez@quicinc.com>
----
- src/ap/hostapd.c | 1 +
- 1 file changed, 1 insertion(+)
-
---- a/src/ap/hostapd.c
-+++ b/src/ap/hostapd.c
-@@ -4813,6 +4813,7 @@ static void hostapd_switch_color_timeout
- struct cca_settings settings;
- int ret;
-
-+ os_memset(&settings, 0, sizeof(settings));
- hostapd_cleanup_cca_params(bss);
- bss->cca_color = r;
- bss->cca_count = 10;
projects / openwrt / staging / stintel.git / commitdiff