hostapd: update to git snapshot of 2018-03-26
authorDaniel Golle <daniel@makrotopia.org>
Tue, 27 Mar 2018 17:24:27 +0000 (19:24 +0200)
committerDaniel Golle <daniel@makrotopia.org>
Tue, 27 Mar 2018 17:25:32 +0000 (19:25 +0200)
The following patches were merged upstream:
000-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
 replaced by commit 0e3bd7ac6
001-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
 replaced by commit cb5132bb3
002-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
 replaced by commit 87e2db16b
003-Prevent-installation-of-an-all-zero-TK.patch
 replaced by commit 53bb18cc8
004-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
 replaced by commit 0adc9b28b
005-TDLS-Reject-TPK-TK-reconfiguration.patch
 replaced by commit ff89af96e
006-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
 replaced by commit adae51f8b
007-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
 replaced by commit 2a9c5217b
008-WPA-Extra-defense-against-PTK-reinstalls-in-4-way-ha.patch
 replaced by commit a00e946c1
009-Clear-PMK-length-and-check-for-this-when-deriving-PT.patch
 replaced by commit b488a1294
010-Optional-AP-side-workaround-for-key-reinstallation-a.patch
 replaced by commit 6f234c1e2
011-Additional-consistentcy-checks-for-PTK-component-len.patch
 replaced by commit a6ea66530
012-Clear-BSSID-information-in-supplicant-state-machine-.patch
 replaced by commit c0fe5f125
013-WNM-Ignore-WNM-Sleep-Mode-Request-in-wnm_sleep_mode-.patch
 replaced by commit 114f2830d

Some patches had to be modified to work with changed upstream source:
380-disable_ctrl_iface_mib.patch (adding more ifdef'ery)
plus some minor knits needed for other patches to apply which are not
worth being explicitely listed here.

For SAE key management in mesh mode, use the newly introduce
sae_password parameter instead of the psk parameter to also support
SAE keys which would fail the checks applied on the psk field (ie.
length and such). This fixes compatibility issues for users migrating
from authsae.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
35 files changed:
package/network/services/hostapd/Makefile
package/network/services/hostapd/files/hostapd.sh
package/network/services/hostapd/patches/000-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch [deleted file]
package/network/services/hostapd/patches/001-Prevent-reinstallation-of-an-already-in-use-group-ke.patch [deleted file]
package/network/services/hostapd/patches/002-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch [deleted file]
package/network/services/hostapd/patches/003-Prevent-installation-of-an-all-zero-TK.patch [deleted file]
package/network/services/hostapd/patches/004-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch [deleted file]
package/network/services/hostapd/patches/005-TDLS-Reject-TPK-TK-reconfiguration.patch [deleted file]
package/network/services/hostapd/patches/006-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch [deleted file]
package/network/services/hostapd/patches/007-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch [deleted file]
package/network/services/hostapd/patches/008-WPA-Extra-defense-against-PTK-reinstalls-in-4-way-ha.patch [deleted file]
package/network/services/hostapd/patches/009-Clear-PMK-length-and-check-for-this-when-deriving-PT.patch [deleted file]
package/network/services/hostapd/patches/010-Optional-AP-side-workaround-for-key-reinstallation-a.patch [deleted file]
package/network/services/hostapd/patches/011-Additional-consistentcy-checks-for-PTK-component-len.patch [deleted file]
package/network/services/hostapd/patches/012-Clear-BSSID-information-in-supplicant-state-machine-.patch [deleted file]
package/network/services/hostapd/patches/013-WNM-Ignore-WNM-Sleep-Mode-Request-in-wnm_sleep_mode-.patch [deleted file]
package/network/services/hostapd/patches/110-no_eapol_fix.patch
package/network/services/hostapd/patches/200-multicall.patch
package/network/services/hostapd/patches/300-noscan.patch
package/network/services/hostapd/patches/310-rescan_immediately.patch
package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch
package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch
package/network/services/hostapd/patches/360-ctrl_iface_reload.patch
package/network/services/hostapd/patches/370-ap_sta_support.patch
package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch
package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch
package/network/services/hostapd/patches/400-wps_single_auth_enc_type.patch
package/network/services/hostapd/patches/420-indicate-features.patch
package/network/services/hostapd/patches/430-hostapd_cli_ifdef.patch
package/network/services/hostapd/patches/450-scan_wait.patch
package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch
package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch
package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch
package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch
package/network/services/hostapd/patches/600-ubus_support.patch

index 51f169293336793918b0089325f4c8d99a1edd3d..f27916803175af536a6a034c80a751d739d40166 100644 (file)
@@ -7,13 +7,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=hostapd
-PKG_RELEASE:=6
+PKG_RELEASE:=1
 
 PKG_SOURCE_URL:=http://w1.fi/hostap.git
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_DATE:=2017-08-24
-PKG_SOURCE_VERSION:=c2d4f2eb5dba0b5c5a8c5805823084da958a9b52
-PKG_MIRROR_HASH:=c6ad9a73fc1ae0ba8bc48f71cf14394b274bc9c2c1d1b53c2775f08312597e74
+PKG_SOURCE_DATE:=2018-03-26
+PKG_SOURCE_VERSION:=64624f31cf81dc6164462fa153ee7a5909e21183
+PKG_MIRROR_HASH:=2c9e2548b1e6bbafe1b4e545543999b587bbd31a85eba69d54ffced8d7394f30
 
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
 PKG_LICENSE:=BSD-3-Clause
index 334694abfa4442fb842c199ba99fdc5c0f19f2a1..2d2c6a7c791082c3a31d8bef553a997b38a5b890 100644 (file)
@@ -706,7 +706,11 @@ wpa_supplicant_add_network() {
                        if [ ${#key} -eq 64 ]; then
                                passphrase="psk=${key}"
                        else
-                               passphrase="psk=\"${key}\""
+                               if [ "$_w_mode" = "mesh" ]; then
+                                       passphrase="sae_password=\"${key}\""
+                               else
+                                       passphrase="psk=\"${key}\""
+                               fi
                        fi
                        append network_data "$passphrase" "$N$T"
                ;;
diff --git a/package/network/services/hostapd/patches/000-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch b/package/network/services/hostapd/patches/000-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
deleted file mode 100644 (file)
index 14b2d7c..0000000
+++ /dev/null
@@ -1,154 +0,0 @@
-From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
-Date: Fri, 14 Jul 2017 15:15:35 +0200
-Subject: [PATCH] hostapd: Avoid key reinstallation in FT handshake
-
-Do not reinstall TK to the driver during Reassociation Response frame
-processing if the first attempt of setting the TK succeeded. This avoids
-issues related to clearing the TX/RX PN that could result in reusing
-same PN values for transmitted frames (e.g., due to CCM nonce reuse and
-also hitting replay protection on the receiver) and accepting replayed
-frames on RX side.
-
-This issue was introduced by the commit
-0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
-authenticator') which allowed wpa_ft_install_ptk() to be called multiple
-times with the same PTK. While the second configuration attempt is
-needed with some drivers, it must be done only if the first attempt
-failed.
-
-Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
----
-
---- a/src/ap/ieee802_11.c
-+++ b/src/ap/ieee802_11.c
-@@ -2522,6 +2522,7 @@ static int add_associated_sta(struct hos
- {
-       struct ieee80211_ht_capabilities ht_cap;
-       struct ieee80211_vht_capabilities vht_cap;
-+      int set = 1;
-       /*
-        * Remove the STA entry to ensure the STA PS state gets cleared and
-@@ -2529,9 +2530,18 @@ static int add_associated_sta(struct hos
-        * FT-over-the-DS, where a station re-associates back to the same AP but
-        * skips the authentication flow, or if working with a driver that
-        * does not support full AP client state.
-+       *
-+       * Skip this if the STA has already completed FT reassociation and the
-+       * TK has been configured since the TX/RX PN must not be reset to 0 for
-+       * the same key.
-        */
--      if (!sta->added_unassoc)
-+      if (!sta->added_unassoc &&
-+          (!(sta->flags & WLAN_STA_AUTHORIZED) ||
-+           !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
-               hostapd_drv_sta_remove(hapd, sta->addr);
-+              wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
-+              set = 0;
-+      }
- #ifdef CONFIG_IEEE80211N
-       if (sta->flags & WLAN_STA_HT)
-@@ -2554,11 +2564,11 @@ static int add_associated_sta(struct hos
-                           sta->flags & WLAN_STA_VHT ? &vht_cap : NULL,
-                           sta->flags | WLAN_STA_ASSOC, sta->qosinfo,
-                           sta->vht_opmode, sta->p2p_ie ? 1 : 0,
--                          sta->added_unassoc)) {
-+                          set)) {
-               hostapd_logger(hapd, sta->addr,
-                              HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE,
-                              "Could not %s STA to kernel driver",
--                             sta->added_unassoc ? "set" : "add");
-+                             set ? "set" : "add");
-               if (sta->added_unassoc) {
-                       hostapd_drv_sta_remove(hapd, sta->addr);
---- a/src/ap/wpa_auth.c
-+++ b/src/ap/wpa_auth.c
-@@ -1783,6 +1783,9 @@ int wpa_auth_sm_event(struct wpa_state_m
- #else /* CONFIG_FILS */
-               break;
- #endif /* CONFIG_FILS */
-+      case WPA_DRV_STA_REMOVED:
-+              sm->tk_already_set = FALSE;
-+              return 0;
-       }
- #ifdef CONFIG_IEEE80211R_AP
-@@ -3922,6 +3925,14 @@ int wpa_auth_sta_wpa_version(struct wpa_
- }
-+int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm)
-+{
-+      if (!sm || !wpa_key_mgmt_ft(sm->wpa_key_mgmt))
-+              return 0;
-+      return sm->tk_already_set;
-+}
-+
-+
- int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
-                            struct rsn_pmksa_cache_entry *entry)
- {
---- a/src/ap/wpa_auth.h
-+++ b/src/ap/wpa_auth.h
-@@ -300,7 +300,7 @@ void wpa_receive(struct wpa_authenticato
-                u8 *data, size_t data_len);
- enum wpa_event {
-       WPA_AUTH, WPA_ASSOC, WPA_DISASSOC, WPA_DEAUTH, WPA_REAUTH,
--      WPA_REAUTH_EAPOL, WPA_ASSOC_FT, WPA_ASSOC_FILS
-+      WPA_REAUTH_EAPOL, WPA_ASSOC_FT, WPA_ASSOC_FILS, WPA_DRV_STA_REMOVED
- };
- void wpa_remove_ptk(struct wpa_state_machine *sm);
- int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event);
-@@ -313,6 +313,7 @@ int wpa_auth_pairwise_set(struct wpa_sta
- int wpa_auth_get_pairwise(struct wpa_state_machine *sm);
- int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm);
- int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm);
-+int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm);
- int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
-                            struct rsn_pmksa_cache_entry *entry);
- struct rsn_pmksa_cache_entry *
---- a/src/ap/wpa_auth_ft.c
-+++ b/src/ap/wpa_auth_ft.c
-@@ -1937,6 +1937,14 @@ void wpa_ft_install_ptk(struct wpa_state
-               return;
-       }
-+      if (sm->tk_already_set) {
-+              /* Must avoid TK reconfiguration to prevent clearing of TX/RX
-+               * PN in the driver */
-+              wpa_printf(MSG_DEBUG,
-+                         "FT: Do not re-install same PTK to the driver");
-+              return;
-+      }
-+
-       /* FIX: add STA entry to kernel/driver here? The set_key will fail
-        * most likely without this.. At the moment, STA entry is added only
-        * after association has been completed. This function will be called
-@@ -1949,6 +1957,7 @@ void wpa_ft_install_ptk(struct wpa_state
-       /* FIX: MLME-SetProtection.Request(TA, Tx_Rx) */
-       sm->pairwise_set = TRUE;
-+      sm->tk_already_set = TRUE;
- }
-@@ -2152,6 +2161,7 @@ static int wpa_ft_process_auth_req(struc
-       sm->pairwise = pairwise;
-       sm->PTK_valid = TRUE;
-+      sm->tk_already_set = FALSE;
-       wpa_ft_install_ptk(sm);
-       buflen = 2 + sizeof(struct rsn_mdie) + 2 + sizeof(struct rsn_ftie) +
---- a/src/ap/wpa_auth_i.h
-+++ b/src/ap/wpa_auth_i.h
-@@ -61,6 +61,7 @@ struct wpa_state_machine {
-       struct wpa_ptk PTK;
-       Boolean PTK_valid;
-       Boolean pairwise_set;
-+      Boolean tk_already_set;
-       int keycount;
-       Boolean Pair;
-       struct wpa_key_replay_counter {
diff --git a/package/network/services/hostapd/patches/001-Prevent-reinstallation-of-an-already-in-use-group-ke.patch b/package/network/services/hostapd/patches/001-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
deleted file mode 100644 (file)
index b283bf8..0000000
+++ /dev/null
@@ -1,244 +0,0 @@
-From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
-Date: Wed, 12 Jul 2017 16:03:24 +0200
-Subject: [PATCH] Prevent reinstallation of an already in-use group key
-
-Track the current GTK and IGTK that is in use and when receiving a
-(possibly retransmitted) Group Message 1 or WNM-Sleep Mode Response, do
-not install the given key if it is already in use. This prevents an
-attacker from trying to trick the client into resetting or lowering the
-sequence counter associated to the group key.
-
-Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
----
-
---- a/src/common/wpa_common.h
-+++ b/src/common/wpa_common.h
-@@ -218,6 +218,17 @@ struct wpa_ptk {
-       size_t tk_len;
- };
-+struct wpa_gtk {
-+      u8 gtk[WPA_GTK_MAX_LEN];
-+      size_t gtk_len;
-+};
-+
-+#ifdef CONFIG_IEEE80211W
-+struct wpa_igtk {
-+      u8 igtk[WPA_IGTK_MAX_LEN];
-+      size_t igtk_len;
-+};
-+#endif /* CONFIG_IEEE80211W */
- /* WPA IE version 1
-  * 00-50-f2:1 (OUI:OUI type)
---- a/src/rsn_supp/wpa.c
-+++ b/src/rsn_supp/wpa.c
-@@ -800,6 +800,15 @@ static int wpa_supplicant_install_gtk(st
-       const u8 *_gtk = gd->gtk;
-       u8 gtk_buf[32];
-+      /* Detect possible key reinstallation */
-+      if (sm->gtk.gtk_len == (size_t) gd->gtk_len &&
-+          os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) {
-+              wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
-+                      "WPA: Not reinstalling already in-use GTK to the driver (keyidx=%d tx=%d len=%d)",
-+                      gd->keyidx, gd->tx, gd->gtk_len);
-+              return 0;
-+      }
-+
-       wpa_hexdump_key(MSG_DEBUG, "WPA: Group Key", gd->gtk, gd->gtk_len);
-       wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
-               "WPA: Installing GTK to the driver (keyidx=%d tx=%d len=%d)",
-@@ -834,6 +843,9 @@ static int wpa_supplicant_install_gtk(st
-       }
-       os_memset(gtk_buf, 0, sizeof(gtk_buf));
-+      sm->gtk.gtk_len = gd->gtk_len;
-+      os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len);
-+
-       return 0;
- }
-@@ -940,6 +952,48 @@ static int wpa_supplicant_pairwise_gtk(s
- }
-+#ifdef CONFIG_IEEE80211W
-+static int wpa_supplicant_install_igtk(struct wpa_sm *sm,
-+                                     const struct wpa_igtk_kde *igtk)
-+{
-+      size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher);
-+      u16 keyidx = WPA_GET_LE16(igtk->keyid);
-+
-+      /* Detect possible key reinstallation */
-+      if (sm->igtk.igtk_len == len &&
-+          os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) {
-+              wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
-+                      "WPA: Not reinstalling already in-use IGTK to the driver (keyidx=%d)",
-+                      keyidx);
-+              return  0;
-+      }
-+
-+      wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
-+              "WPA: IGTK keyid %d pn %02x%02x%02x%02x%02x%02x",
-+              keyidx, MAC2STR(igtk->pn));
-+      wpa_hexdump_key(MSG_DEBUG, "WPA: IGTK", igtk->igtk, len);
-+      if (keyidx > 4095) {
-+              wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
-+                      "WPA: Invalid IGTK KeyID %d", keyidx);
-+              return -1;
-+      }
-+      if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
-+                         broadcast_ether_addr,
-+                         keyidx, 0, igtk->pn, sizeof(igtk->pn),
-+                         igtk->igtk, len) < 0) {
-+              wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
-+                      "WPA: Failed to configure IGTK to the driver");
-+              return -1;
-+      }
-+
-+      sm->igtk.igtk_len = len;
-+      os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len);
-+
-+      return 0;
-+}
-+#endif /* CONFIG_IEEE80211W */
-+
-+
- static int ieee80211w_set_keys(struct wpa_sm *sm,
-                              struct wpa_eapol_ie_parse *ie)
- {
-@@ -950,30 +1004,14 @@ static int ieee80211w_set_keys(struct wp
-       if (ie->igtk) {
-               size_t len;
-               const struct wpa_igtk_kde *igtk;
--              u16 keyidx;
-+
-               len = wpa_cipher_key_len(sm->mgmt_group_cipher);
-               if (ie->igtk_len != WPA_IGTK_KDE_PREFIX_LEN + len)
-                       return -1;
-+
-               igtk = (const struct wpa_igtk_kde *) ie->igtk;
--              keyidx = WPA_GET_LE16(igtk->keyid);
--              wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: IGTK keyid %d "
--                      "pn %02x%02x%02x%02x%02x%02x",
--                      keyidx, MAC2STR(igtk->pn));
--              wpa_hexdump_key(MSG_DEBUG, "WPA: IGTK",
--                              igtk->igtk, len);
--              if (keyidx > 4095) {
--                      wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
--                              "WPA: Invalid IGTK KeyID %d", keyidx);
-+              if (wpa_supplicant_install_igtk(sm, igtk) < 0)
-                       return -1;
--              }
--              if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
--                                 broadcast_ether_addr,
--                                 keyidx, 0, igtk->pn, sizeof(igtk->pn),
--                                 igtk->igtk, len) < 0) {
--                      wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
--                              "WPA: Failed to configure IGTK to the driver");
--                      return -1;
--              }
-       }
-       return 0;
-@@ -2491,7 +2529,7 @@ void wpa_sm_deinit(struct wpa_sm *sm)
-  */
- void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
- {
--      int clear_ptk = 1;
-+      int clear_keys = 1;
-       if (sm == NULL)
-               return;
-@@ -2517,7 +2555,7 @@ void wpa_sm_notify_assoc(struct wpa_sm *
-               /* Prepare for the next transition */
-               wpa_ft_prepare_auth_request(sm, NULL);
--              clear_ptk = 0;
-+              clear_keys = 0;
-       }
- #endif /* CONFIG_IEEE80211R */
- #ifdef CONFIG_FILS
-@@ -2527,11 +2565,11 @@ void wpa_sm_notify_assoc(struct wpa_sm *
-                * AUTHENTICATED state to get the EAPOL port Authorized.
-                */
-               wpa_supplicant_key_neg_complete(sm, sm->bssid, 1);
--              clear_ptk = 0;
-+              clear_keys = 0;
-       }
- #endif /* CONFIG_FILS */
--      if (clear_ptk) {
-+      if (clear_keys) {
-               /*
-                * IEEE 802.11, 8.4.10: Delete PTK SA on (re)association if
-                * this is not part of a Fast BSS Transition.
-@@ -2541,6 +2579,10 @@ void wpa_sm_notify_assoc(struct wpa_sm *
-               os_memset(&sm->ptk, 0, sizeof(sm->ptk));
-               sm->tptk_set = 0;
-               os_memset(&sm->tptk, 0, sizeof(sm->tptk));
-+              os_memset(&sm->gtk, 0, sizeof(sm->gtk));
-+#ifdef CONFIG_IEEE80211W
-+              os_memset(&sm->igtk, 0, sizeof(sm->igtk));
-+#endif /* CONFIG_IEEE80211W */
-       }
- #ifdef CONFIG_TDLS
-@@ -3117,6 +3159,10 @@ void wpa_sm_drop_sa(struct wpa_sm *sm)
-       os_memset(sm->pmk, 0, sizeof(sm->pmk));
-       os_memset(&sm->ptk, 0, sizeof(sm->ptk));
-       os_memset(&sm->tptk, 0, sizeof(sm->tptk));
-+      os_memset(&sm->gtk, 0, sizeof(sm->gtk));
-+#ifdef CONFIG_IEEE80211W
-+      os_memset(&sm->igtk, 0, sizeof(sm->igtk));
-+#endif /* CONFIG_IEEE80211W */
- #ifdef CONFIG_IEEE80211R
-       os_memset(sm->xxkey, 0, sizeof(sm->xxkey));
-       os_memset(sm->pmk_r0, 0, sizeof(sm->pmk_r0));
-@@ -3189,29 +3235,11 @@ int wpa_wnmsleep_install_key(struct wpa_
-               os_memset(&gd, 0, sizeof(gd));
- #ifdef CONFIG_IEEE80211W
-       } else if (subelem_id == WNM_SLEEP_SUBELEM_IGTK) {
--              struct wpa_igtk_kde igd;
--              u16 keyidx;
-+              const struct wpa_igtk_kde *igtk;
--              os_memset(&igd, 0, sizeof(igd));
--              keylen = wpa_cipher_key_len(sm->mgmt_group_cipher);
--              os_memcpy(igd.keyid, buf + 2, 2);
--              os_memcpy(igd.pn, buf + 4, 6);
--
--              keyidx = WPA_GET_LE16(igd.keyid);
--              os_memcpy(igd.igtk, buf + 10, keylen);
--
--              wpa_hexdump_key(MSG_DEBUG, "Install IGTK (WNM SLEEP)",
--                              igd.igtk, keylen);
--              if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
--                                 broadcast_ether_addr,
--                                 keyidx, 0, igd.pn, sizeof(igd.pn),
--                                 igd.igtk, keylen) < 0) {
--                      wpa_printf(MSG_DEBUG, "Failed to install the IGTK in "
--                                 "WNM mode");
--                      os_memset(&igd, 0, sizeof(igd));
-+              igtk = (const struct wpa_igtk_kde *) (buf + 2);
-+              if (wpa_supplicant_install_igtk(sm, igtk) < 0)
-                       return -1;
--              }
--              os_memset(&igd, 0, sizeof(igd));
- #endif /* CONFIG_IEEE80211W */
-       } else {
-               wpa_printf(MSG_DEBUG, "Unknown element id");
---- a/src/rsn_supp/wpa_i.h
-+++ b/src/rsn_supp/wpa_i.h
-@@ -31,6 +31,10 @@ struct wpa_sm {
-       u8 rx_replay_counter[WPA_REPLAY_COUNTER_LEN];
-       int rx_replay_counter_set;
-       u8 request_counter[WPA_REPLAY_COUNTER_LEN];
-+      struct wpa_gtk gtk;
-+#ifdef CONFIG_IEEE80211W
-+      struct wpa_igtk igtk;
-+#endif /* CONFIG_IEEE80211W */
-       struct eapol_sm *eapol; /* EAPOL state machine from upper level code */
diff --git a/package/network/services/hostapd/patches/002-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch b/package/network/services/hostapd/patches/002-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
deleted file mode 100644 (file)
index 2093d25..0000000
+++ /dev/null
@@ -1,182 +0,0 @@
-From: Jouni Malinen <j@w1.fi>
-Date: Sun, 1 Oct 2017 12:12:24 +0300
-Subject: [PATCH] Extend protection of GTK/IGTK reinstallation of WNM-Sleep
- Mode cases
-
-This extends the protection to track last configured GTK/IGTK value
-separately from EAPOL-Key frames and WNM-Sleep Mode frames to cover a
-corner case where these two different mechanisms may get used when the
-GTK/IGTK has changed and tracking a single value is not sufficient to
-detect a possible key reconfiguration.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
-
---- a/src/rsn_supp/wpa.c
-+++ b/src/rsn_supp/wpa.c
-@@ -795,14 +795,17 @@ struct wpa_gtk_data {
- static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
-                                     const struct wpa_gtk_data *gd,
--                                    const u8 *key_rsc)
-+                                    const u8 *key_rsc, int wnm_sleep)
- {
-       const u8 *_gtk = gd->gtk;
-       u8 gtk_buf[32];
-       /* Detect possible key reinstallation */
--      if (sm->gtk.gtk_len == (size_t) gd->gtk_len &&
--          os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) {
-+      if ((sm->gtk.gtk_len == (size_t) gd->gtk_len &&
-+           os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) ||
-+          (sm->gtk_wnm_sleep.gtk_len == (size_t) gd->gtk_len &&
-+           os_memcmp(sm->gtk_wnm_sleep.gtk, gd->gtk,
-+                     sm->gtk_wnm_sleep.gtk_len) == 0)) {
-               wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
-                       "WPA: Not reinstalling already in-use GTK to the driver (keyidx=%d tx=%d len=%d)",
-                       gd->keyidx, gd->tx, gd->gtk_len);
-@@ -843,8 +846,14 @@ static int wpa_supplicant_install_gtk(st
-       }
-       os_memset(gtk_buf, 0, sizeof(gtk_buf));
--      sm->gtk.gtk_len = gd->gtk_len;
--      os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len);
-+      if (wnm_sleep) {
-+              sm->gtk_wnm_sleep.gtk_len = gd->gtk_len;
-+              os_memcpy(sm->gtk_wnm_sleep.gtk, gd->gtk,
-+                        sm->gtk_wnm_sleep.gtk_len);
-+      } else {
-+              sm->gtk.gtk_len = gd->gtk_len;
-+              os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len);
-+      }
-       return 0;
- }
-@@ -938,7 +947,7 @@ static int wpa_supplicant_pairwise_gtk(s
-           (wpa_supplicant_check_group_cipher(sm, sm->group_cipher,
-                                              gtk_len, gtk_len,
-                                              &gd.key_rsc_len, &gd.alg) ||
--           wpa_supplicant_install_gtk(sm, &gd, key_rsc))) {
-+           wpa_supplicant_install_gtk(sm, &gd, key_rsc, 0))) {
-               wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
-                       "RSN: Failed to install GTK");
-               os_memset(&gd, 0, sizeof(gd));
-@@ -954,14 +963,18 @@ static int wpa_supplicant_pairwise_gtk(s
- #ifdef CONFIG_IEEE80211W
- static int wpa_supplicant_install_igtk(struct wpa_sm *sm,
--                                     const struct wpa_igtk_kde *igtk)
-+                                     const struct wpa_igtk_kde *igtk,
-+                                     int wnm_sleep)
- {
-       size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher);
-       u16 keyidx = WPA_GET_LE16(igtk->keyid);
-       /* Detect possible key reinstallation */
--      if (sm->igtk.igtk_len == len &&
--          os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) {
-+      if ((sm->igtk.igtk_len == len &&
-+           os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) ||
-+          (sm->igtk_wnm_sleep.igtk_len == len &&
-+           os_memcmp(sm->igtk_wnm_sleep.igtk, igtk->igtk,
-+                     sm->igtk_wnm_sleep.igtk_len) == 0)) {
-               wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
-                       "WPA: Not reinstalling already in-use IGTK to the driver (keyidx=%d)",
-                       keyidx);
-@@ -986,8 +999,14 @@ static int wpa_supplicant_install_igtk(s
-               return -1;
-       }
--      sm->igtk.igtk_len = len;
--      os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len);
-+      if (wnm_sleep) {
-+              sm->igtk_wnm_sleep.igtk_len = len;
-+              os_memcpy(sm->igtk_wnm_sleep.igtk, igtk->igtk,
-+                        sm->igtk_wnm_sleep.igtk_len);
-+      } else {
-+              sm->igtk.igtk_len = len;
-+              os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len);
-+      }
-       return 0;
- }
-@@ -1010,7 +1029,7 @@ static int ieee80211w_set_keys(struct wp
-                       return -1;
-               igtk = (const struct wpa_igtk_kde *) ie->igtk;
--              if (wpa_supplicant_install_igtk(sm, igtk) < 0)
-+              if (wpa_supplicant_install_igtk(sm, igtk, 0) < 0)
-                       return -1;
-       }
-@@ -1659,7 +1678,7 @@ static void wpa_supplicant_process_1_of_
-       if (wpa_supplicant_rsc_relaxation(sm, key->key_rsc))
-               key_rsc = null_rsc;
--      if (wpa_supplicant_install_gtk(sm, &gd, key_rsc) ||
-+      if (wpa_supplicant_install_gtk(sm, &gd, key_rsc, 0) ||
-           wpa_supplicant_send_2_of_2(sm, key, ver, key_info) < 0)
-               goto failed;
-       os_memset(&gd, 0, sizeof(gd));
-@@ -2580,8 +2599,10 @@ void wpa_sm_notify_assoc(struct wpa_sm *
-               sm->tptk_set = 0;
-               os_memset(&sm->tptk, 0, sizeof(sm->tptk));
-               os_memset(&sm->gtk, 0, sizeof(sm->gtk));
-+              os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep));
- #ifdef CONFIG_IEEE80211W
-               os_memset(&sm->igtk, 0, sizeof(sm->igtk));
-+              os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep));
- #endif /* CONFIG_IEEE80211W */
-       }
-@@ -3160,8 +3181,10 @@ void wpa_sm_drop_sa(struct wpa_sm *sm)
-       os_memset(&sm->ptk, 0, sizeof(sm->ptk));
-       os_memset(&sm->tptk, 0, sizeof(sm->tptk));
-       os_memset(&sm->gtk, 0, sizeof(sm->gtk));
-+      os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep));
- #ifdef CONFIG_IEEE80211W
-       os_memset(&sm->igtk, 0, sizeof(sm->igtk));
-+      os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep));
- #endif /* CONFIG_IEEE80211W */
- #ifdef CONFIG_IEEE80211R
-       os_memset(sm->xxkey, 0, sizeof(sm->xxkey));
-@@ -3226,7 +3249,7 @@ int wpa_wnmsleep_install_key(struct wpa_
-               wpa_hexdump_key(MSG_DEBUG, "Install GTK (WNM SLEEP)",
-                               gd.gtk, gd.gtk_len);
--              if (wpa_supplicant_install_gtk(sm, &gd, key_rsc)) {
-+              if (wpa_supplicant_install_gtk(sm, &gd, key_rsc, 1)) {
-                       os_memset(&gd, 0, sizeof(gd));
-                       wpa_printf(MSG_DEBUG, "Failed to install the GTK in "
-                                  "WNM mode");
-@@ -3238,7 +3261,7 @@ int wpa_wnmsleep_install_key(struct wpa_
-               const struct wpa_igtk_kde *igtk;
-               igtk = (const struct wpa_igtk_kde *) (buf + 2);
--              if (wpa_supplicant_install_igtk(sm, igtk) < 0)
-+              if (wpa_supplicant_install_igtk(sm, igtk, 1) < 0)
-                       return -1;
- #endif /* CONFIG_IEEE80211W */
-       } else {
-@@ -4121,7 +4144,7 @@ int fils_process_assoc_resp(struct wpa_s
-       os_memcpy(gd.gtk, kde.gtk + 2, kde.gtk_len - 2);
-       wpa_printf(MSG_DEBUG, "FILS: Set GTK to driver");
--      if (wpa_supplicant_install_gtk(sm, &gd, elems.key_delivery) < 0) {
-+      if (wpa_supplicant_install_gtk(sm, &gd, elems.key_delivery, 0) < 0) {
-               wpa_printf(MSG_DEBUG, "FILS: Failed to set GTK");
-               goto fail;
-       }
---- a/src/rsn_supp/wpa_i.h
-+++ b/src/rsn_supp/wpa_i.h
-@@ -32,8 +32,10 @@ struct wpa_sm {
-       int rx_replay_counter_set;
-       u8 request_counter[WPA_REPLAY_COUNTER_LEN];
-       struct wpa_gtk gtk;
-+      struct wpa_gtk gtk_wnm_sleep;
- #ifdef CONFIG_IEEE80211W
-       struct wpa_igtk igtk;
-+      struct wpa_igtk igtk_wnm_sleep;
- #endif /* CONFIG_IEEE80211W */
-       struct eapol_sm *eapol; /* EAPOL state machine from upper level code */
diff --git a/package/network/services/hostapd/patches/003-Prevent-installation-of-an-all-zero-TK.patch b/package/network/services/hostapd/patches/003-Prevent-installation-of-an-all-zero-TK.patch
deleted file mode 100644 (file)
index 30679e2..0000000
+++ /dev/null
@@ -1,73 +0,0 @@
-From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
-Date: Fri, 29 Sep 2017 04:22:51 +0200
-Subject: [PATCH] Prevent installation of an all-zero TK
-
-Properly track whether a PTK has already been installed to the driver
-and the TK part cleared from memory. This prevents an attacker from
-trying to trick the client into installing an all-zero TK.
-
-This fixes the earlier fix in commit
-ad00d64e7d8827b3cebd665a0ceb08adabf15e1e ('Fix TK configuration to the
-driver in EAPOL-Key 3/4 retry case') which did not take into account
-possibility of an extra message 1/4 showing up between retries of
-message 3/4.
-
-Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
----
-
---- a/src/common/wpa_common.h
-+++ b/src/common/wpa_common.h
-@@ -216,6 +216,7 @@ struct wpa_ptk {
-       size_t kck_len;
-       size_t kek_len;
-       size_t tk_len;
-+      int installed; /* 1 if key has already been installed to driver */
- };
- struct wpa_gtk {
---- a/src/rsn_supp/wpa.c
-+++ b/src/rsn_supp/wpa.c
-@@ -594,7 +594,6 @@ static void wpa_supplicant_process_1_of_
-               os_memset(buf, 0, sizeof(buf));
-       }
-       sm->tptk_set = 1;
--      sm->tk_to_set = 1;
-       kde = sm->assoc_wpa_ie;
-       kde_len = sm->assoc_wpa_ie_len;
-@@ -701,7 +700,7 @@ static int wpa_supplicant_install_ptk(st
-       enum wpa_alg alg;
-       const u8 *key_rsc;
--      if (!sm->tk_to_set) {
-+      if (sm->ptk.installed) {
-               wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
-                       "WPA: Do not re-install same PTK to the driver");
-               return 0;
-@@ -745,7 +744,7 @@ static int wpa_supplicant_install_ptk(st
-       /* TK is not needed anymore in supplicant */
-       os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN);
--      sm->tk_to_set = 0;
-+      sm->ptk.installed = 1;
-       if (sm->wpa_ptk_rekey) {
-               eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL);
-@@ -4172,6 +4171,7 @@ int fils_process_assoc_resp(struct wpa_s
-        * takes care of association frame encryption/decryption. */
-       /* TK is not needed anymore in supplicant */
-       os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN);
-+      sm->ptk.installed = 1;
-       /* FILS HLP Container */
-       fils_process_hlp_container(sm, ie_start, end - ie_start);
---- a/src/rsn_supp/wpa_i.h
-+++ b/src/rsn_supp/wpa_i.h
-@@ -24,7 +24,6 @@ struct wpa_sm {
-       struct wpa_ptk ptk, tptk;
-       int ptk_set, tptk_set;
-       unsigned int msg_3_of_4_ok:1;
--      unsigned int tk_to_set:1;
-       u8 snonce[WPA_NONCE_LEN];
-       u8 anonce[WPA_NONCE_LEN]; /* ANonce from the last 1/4 msg */
-       int renew_snonce;
diff --git a/package/network/services/hostapd/patches/004-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch b/package/network/services/hostapd/patches/004-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
deleted file mode 100644 (file)
index 6f28e74..0000000
+++ /dev/null
@@ -1,56 +0,0 @@
-From: Jouni Malinen <j@w1.fi>
-Date: Sun, 1 Oct 2017 12:32:57 +0300
-Subject: [PATCH] Fix PTK rekeying to generate a new ANonce
-
-The Authenticator state machine path for PTK rekeying ended up bypassing
-the AUTHENTICATION2 state where a new ANonce is generated when going
-directly to the PTKSTART state since there is no need to try to
-determine the PMK again in such a case. This is far from ideal since the
-new PTK would depend on a new nonce only from the supplicant.
-
-Fix this by generating a new ANonce when moving to the PTKSTART state
-for the purpose of starting new 4-way handshake to rekey PTK.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
-
---- a/src/ap/wpa_auth.c
-+++ b/src/ap/wpa_auth.c
-@@ -1951,6 +1951,21 @@ SM_STATE(WPA_PTK, AUTHENTICATION2)
- }
-+static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm)
-+{
-+      if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) {
-+              wpa_printf(MSG_ERROR,
-+                         "WPA: Failed to get random data for ANonce");
-+              sm->Disconnect = TRUE;
-+              return -1;
-+      }
-+      wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce,
-+                  WPA_NONCE_LEN);
-+      sm->TimeoutCtr = 0;
-+      return 0;
-+}
-+
-+
- SM_STATE(WPA_PTK, INITPMK)
- {
-       u8 msk[2 * PMK_LEN];
-@@ -3116,9 +3131,12 @@ SM_STEP(WPA_PTK)
-               SM_ENTER(WPA_PTK, AUTHENTICATION);
-       else if (sm->ReAuthenticationRequest)
-               SM_ENTER(WPA_PTK, AUTHENTICATION2);
--      else if (sm->PTKRequest)
--              SM_ENTER(WPA_PTK, PTKSTART);
--      else switch (sm->wpa_ptk_state) {
-+      else if (sm->PTKRequest) {
-+              if (wpa_auth_sm_ptk_update(sm) < 0)
-+                      SM_ENTER(WPA_PTK, DISCONNECTED);
-+              else
-+                      SM_ENTER(WPA_PTK, PTKSTART);
-+      } else switch (sm->wpa_ptk_state) {
-       case WPA_PTK_INITIALIZE:
-               break;
-       case WPA_PTK_DISCONNECT:
diff --git a/package/network/services/hostapd/patches/005-TDLS-Reject-TPK-TK-reconfiguration.patch b/package/network/services/hostapd/patches/005-TDLS-Reject-TPK-TK-reconfiguration.patch
deleted file mode 100644 (file)
index 2ca05dd..0000000
+++ /dev/null
@@ -1,124 +0,0 @@
-From: Jouni Malinen <j@w1.fi>
-Date: Fri, 22 Sep 2017 11:03:15 +0300
-Subject: [PATCH] TDLS: Reject TPK-TK reconfiguration
-
-Do not try to reconfigure the same TPK-TK to the driver after it has
-been successfully configured. This is an explicit check to avoid issues
-related to resetting the TX/RX packet number. There was already a check
-for this for TPK M2 (retries of that message are ignored completely), so
-that behavior does not get modified.
-
-For TPK M3, the TPK-TK could have been reconfigured, but that was
-followed by immediate teardown of the link due to an issue in updating
-the STA entry. Furthermore, for TDLS with any real security (i.e.,
-ignoring open/WEP), the TPK message exchange is protected on the AP path
-and simple replay attacks are not feasible.
-
-As an additional corner case, make sure the local nonce gets updated if
-the peer uses a very unlikely "random nonce" of all zeros.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
-
---- a/src/rsn_supp/tdls.c
-+++ b/src/rsn_supp/tdls.c
-@@ -112,6 +112,7 @@ struct wpa_tdls_peer {
-               u8 tk[16]; /* TPK-TK; assuming only CCMP will be used */
-       } tpk;
-       int tpk_set;
-+      int tk_set; /* TPK-TK configured to the driver */
-       int tpk_success;
-       int tpk_in_progress;
-@@ -192,6 +193,20 @@ static int wpa_tdls_set_key(struct wpa_s
-       u8 rsc[6];
-       enum wpa_alg alg;
-+      if (peer->tk_set) {
-+              /*
-+               * This same TPK-TK has already been configured to the driver
-+               * and this new configuration attempt (likely due to an
-+               * unexpected retransmitted frame) would result in clearing
-+               * the TX/RX sequence number which can break security, so must
-+               * not allow that to happen.
-+               */
-+              wpa_printf(MSG_INFO, "TDLS: TPK-TK for the peer " MACSTR
-+                         " has already been configured to the driver - do not reconfigure",
-+                         MAC2STR(peer->addr));
-+              return -1;
-+      }
-+
-       os_memset(rsc, 0, 6);
-       switch (peer->cipher) {
-@@ -209,12 +224,15 @@ static int wpa_tdls_set_key(struct wpa_s
-               return -1;
-       }
-+      wpa_printf(MSG_DEBUG, "TDLS: Configure pairwise key for peer " MACSTR,
-+                 MAC2STR(peer->addr));
-       if (wpa_sm_set_key(sm, alg, peer->addr, -1, 1,
-                          rsc, sizeof(rsc), peer->tpk.tk, key_len) < 0) {
-               wpa_printf(MSG_WARNING, "TDLS: Failed to set TPK to the "
-                          "driver");
-               return -1;
-       }
-+      peer->tk_set = 1;
-       return 0;
- }
-@@ -695,7 +713,7 @@ static void wpa_tdls_peer_clear(struct w
-       peer->cipher = 0;
-       peer->qos_info = 0;
-       peer->wmm_capable = 0;
--      peer->tpk_set = peer->tpk_success = 0;
-+      peer->tk_set = peer->tpk_set = peer->tpk_success = 0;
-       peer->chan_switch_enabled = 0;
-       os_memset(&peer->tpk, 0, sizeof(peer->tpk));
-       os_memset(peer->inonce, 0, WPA_NONCE_LEN);
-@@ -1158,6 +1176,7 @@ skip_rsnie:
-               wpa_tdls_peer_free(sm, peer);
-               return -1;
-       }
-+      peer->tk_set = 0; /* A new nonce results in a new TK */
-       wpa_hexdump(MSG_DEBUG, "TDLS: Initiator Nonce for TPK handshake",
-                   peer->inonce, WPA_NONCE_LEN);
-       os_memcpy(ftie->Snonce, peer->inonce, WPA_NONCE_LEN);
-@@ -1751,6 +1770,19 @@ static int wpa_tdls_addset_peer(struct w
- }
-+static int tdls_nonce_set(const u8 *nonce)
-+{
-+      int i;
-+
-+      for (i = 0; i < WPA_NONCE_LEN; i++) {
-+              if (nonce[i])
-+                      return 1;
-+      }
-+
-+      return 0;
-+}
-+
-+
- static int wpa_tdls_process_tpk_m1(struct wpa_sm *sm, const u8 *src_addr,
-                                  const u8 *buf, size_t len)
- {
-@@ -2004,7 +2036,8 @@ skip_rsn:
-       peer->rsnie_i_len = kde.rsn_ie_len;
-       peer->cipher = cipher;
--      if (os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) != 0) {
-+      if (os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) != 0 ||
-+          !tdls_nonce_set(peer->inonce)) {
-               /*
-                * There is no point in updating the RNonce for every obtained
-                * TPK M1 frame (e.g., retransmission due to timeout) with the
-@@ -2020,6 +2053,7 @@ skip_rsn:
-                               "TDLS: Failed to get random data for responder nonce");
-                       goto error;
-               }
-+              peer->tk_set = 0; /* A new nonce results in a new TK */
-       }
- #if 0
diff --git a/package/network/services/hostapd/patches/006-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch b/package/network/services/hostapd/patches/006-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
deleted file mode 100644 (file)
index 13d78b8..0000000
+++ /dev/null
@@ -1,35 +0,0 @@
-From: Jouni Malinen <j@w1.fi>
-Date: Fri, 22 Sep 2017 11:25:02 +0300
-Subject: [PATCH] WNM: Ignore WNM-Sleep Mode Response without pending
- request
-
-Commit 03ed0a52393710be6bdae657d1b36efa146520e5 ('WNM: Ignore WNM-Sleep
-Mode Response if WNM-Sleep Mode has not been used') started ignoring the
-response when no WNM-Sleep Mode Request had been used during the
-association. This can be made tighter by clearing the used flag when
-successfully processing a response. This adds an additional layer of
-protection against unexpected retransmissions of the response frame.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
-
---- a/wpa_supplicant/wnm_sta.c
-+++ b/wpa_supplicant/wnm_sta.c
-@@ -260,7 +260,7 @@ static void ieee802_11_rx_wnmsleep_resp(
-       if (!wpa_s->wnmsleep_used) {
-               wpa_printf(MSG_DEBUG,
--                         "WNM: Ignore WNM-Sleep Mode Response frame since WNM-Sleep Mode has not been used in this association");
-+                         "WNM: Ignore WNM-Sleep Mode Response frame since WNM-Sleep Mode operation has not been requested");
-               return;
-       }
-@@ -299,6 +299,8 @@ static void ieee802_11_rx_wnmsleep_resp(
-               return;
-       }
-+      wpa_s->wnmsleep_used = 0;
-+
-       if (wnmsleep_ie->status == WNM_STATUS_SLEEP_ACCEPT ||
-           wnmsleep_ie->status == WNM_STATUS_SLEEP_EXIT_ACCEPT_GTK_UPDATE) {
-               wpa_printf(MSG_DEBUG, "Successfully recv WNM-Sleep Response "
diff --git a/package/network/services/hostapd/patches/007-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch b/package/network/services/hostapd/patches/007-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
deleted file mode 100644 (file)
index 7712ce5..0000000
+++ /dev/null
@@ -1,68 +0,0 @@
-From: Jouni Malinen <j@w1.fi>
-Date: Fri, 22 Sep 2017 12:06:37 +0300
-Subject: [PATCH] FT: Do not allow multiple Reassociation Response frames
-
-The driver is expected to not report a second association event without
-the station having explicitly request a new association. As such, this
-case should not be reachable. However, since reconfiguring the same
-pairwise or group keys to the driver could result in nonce reuse issues,
-be extra careful here and do an additional state check to avoid this
-even if the local driver ends up somehow accepting an unexpected
-Reassociation Response frame.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
-
---- a/src/rsn_supp/wpa.c
-+++ b/src/rsn_supp/wpa.c
-@@ -2637,6 +2637,9 @@ void wpa_sm_notify_disassoc(struct wpa_s
- #ifdef CONFIG_FILS
-       sm->fils_completed = 0;
- #endif /* CONFIG_FILS */
-+#ifdef CONFIG_IEEE80211R
-+      sm->ft_reassoc_completed = 0;
-+#endif /* CONFIG_IEEE80211R */
-       /* Keys are not needed in the WPA state machine anymore */
-       wpa_sm_drop_sa(sm);
---- a/src/rsn_supp/wpa_ft.c
-+++ b/src/rsn_supp/wpa_ft.c
-@@ -153,6 +153,7 @@ static u8 * wpa_ft_gen_req_ies(struct wp
-       u16 capab;
-       sm->ft_completed = 0;
-+      sm->ft_reassoc_completed = 0;
-       buf_len = 2 + sizeof(struct rsn_mdie) + 2 + sizeof(struct rsn_ftie) +
-               2 + sm->r0kh_id_len + ric_ies_len + 100;
-@@ -687,6 +688,11 @@ int wpa_ft_validate_reassoc_resp(struct
-               return -1;
-       }
-+      if (sm->ft_reassoc_completed) {
-+              wpa_printf(MSG_DEBUG, "FT: Reassociation has already been completed for this FT protocol instance - ignore unexpected retransmission");
-+              return 0;
-+      }
-+
-       if (wpa_ft_parse_ies(ies, ies_len, &parse) < 0) {
-               wpa_printf(MSG_DEBUG, "FT: Failed to parse IEs");
-               return -1;
-@@ -787,6 +793,8 @@ int wpa_ft_validate_reassoc_resp(struct
-               return -1;
-       }
-+      sm->ft_reassoc_completed = 1;
-+
-       if (wpa_ft_process_gtk_subelem(sm, parse.gtk, parse.gtk_len) < 0)
-               return -1;
---- a/src/rsn_supp/wpa_i.h
-+++ b/src/rsn_supp/wpa_i.h
-@@ -128,6 +128,7 @@ struct wpa_sm {
-       size_t r0kh_id_len;
-       u8 r1kh_id[FT_R1KH_ID_LEN];
-       int ft_completed;
-+      int ft_reassoc_completed;
-       int over_the_ds_in_progress;
-       u8 target_ap[ETH_ALEN]; /* over-the-DS target AP */
-       int set_ptk_after_assoc;
diff --git a/package/network/services/hostapd/patches/008-WPA-Extra-defense-against-PTK-reinstalls-in-4-way-ha.patch b/package/network/services/hostapd/patches/008-WPA-Extra-defense-against-PTK-reinstalls-in-4-way-ha.patch
deleted file mode 100644 (file)
index 40f6b56..0000000
+++ /dev/null
@@ -1,34 +0,0 @@
-From a00e946c1c9a1f9cc65c72900d2a444ceb1f872e Mon Sep 17 00:00:00 2001
-From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
-Date: Thu, 5 Oct 2017 23:53:01 +0200
-Subject: [PATCH] WPA: Extra defense against PTK reinstalls in 4-way handshake
-
-Currently, reinstallations of the PTK are prevented by (1) assuring the
-same TPTK is only set once as the PTK, and (2) that one particular PTK
-is only installed once. This patch makes it more explicit that point (1)
-is required to prevent key reinstallations. At the same time, this patch
-hardens wpa_supplicant such that future changes do not accidentally
-break this property.
-
-Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
----
- src/rsn_supp/wpa.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
---- a/src/rsn_supp/wpa.c
-+++ b/src/rsn_supp/wpa.c
-@@ -1728,6 +1728,14 @@ static int wpa_supplicant_verify_eapol_k
-                       sm->ptk_set = 1;
-                       os_memcpy(&sm->ptk, &sm->tptk, sizeof(sm->ptk));
-                       os_memset(&sm->tptk, 0, sizeof(sm->tptk));
-+                      /*
-+                       * This assures the same TPTK in sm->tptk can never be
-+                       * copied twice to sm->pkt as the new PTK. In
-+                       * combination with the installed flag in the wpa_ptk
-+                       * struct, this assures the same PTK is only installed
-+                       * once.
-+                       */
-+                      sm->renew_snonce = 1;
-               }
-       }
diff --git a/package/network/services/hostapd/patches/009-Clear-PMK-length-and-check-for-this-when-deriving-PT.patch b/package/network/services/hostapd/patches/009-Clear-PMK-length-and-check-for-this-when-deriving-PT.patch
deleted file mode 100644 (file)
index ed7d79e..0000000
+++ /dev/null
@@ -1,53 +0,0 @@
-From b488a12948751f57871f09baa345e59b23959a41 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Sun, 8 Oct 2017 13:18:02 +0300
-Subject: [PATCH] Clear PMK length and check for this when deriving PTK
-
-Instead of setting the default PMK length for the cleared PMK, set the
-length to 0 and explicitly check for this when deriving PTK to avoid
-unexpected key derivation with an all-zeroes key should it be possible
-to somehow trigger PTK derivation to happen before PMK derivation.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/common/wpa_common.c | 5 +++++
- src/rsn_supp/wpa.c      | 7 ++++---
- 2 files changed, 9 insertions(+), 3 deletions(-)
-
---- a/src/common/wpa_common.c
-+++ b/src/common/wpa_common.c
-@@ -225,6 +225,11 @@ int wpa_pmk_to_ptk(const u8 *pmk, size_t
-       u8 tmp[WPA_KCK_MAX_LEN + WPA_KEK_MAX_LEN + WPA_TK_MAX_LEN];
-       size_t ptk_len;
-+      if (pmk_len == 0) {
-+              wpa_printf(MSG_ERROR, "WPA: No PMK set for PT derivation");
-+              return -1;
-+      }
-+
-       if (os_memcmp(addr1, addr2, ETH_ALEN) < 0) {
-               os_memcpy(data, addr1, ETH_ALEN);
-               os_memcpy(data + ETH_ALEN, addr2, ETH_ALEN);
---- a/src/rsn_supp/wpa.c
-+++ b/src/rsn_supp/wpa.c
-@@ -584,7 +584,8 @@ static void wpa_supplicant_process_1_of_
-       /* Calculate PTK which will be stored as a temporary PTK until it has
-        * been verified when processing message 3/4. */
-       ptk = &sm->tptk;
--      wpa_derive_ptk(sm, src_addr, key, ptk);
-+      if (wpa_derive_ptk(sm, src_addr, key, ptk) < 0)
-+              goto failed;
-       if (sm->pairwise_cipher == WPA_CIPHER_TKIP) {
-               u8 buf[8];
-               /* Supplicant: swap tx/rx Mic keys */
-@@ -2705,8 +2706,8 @@ void wpa_sm_set_pmk_from_pmksa(struct wp
-               sm->pmk_len = sm->cur_pmksa->pmk_len;
-               os_memcpy(sm->pmk, sm->cur_pmksa->pmk, sm->pmk_len);
-       } else {
--              sm->pmk_len = PMK_LEN;
--              os_memset(sm->pmk, 0, PMK_LEN);
-+              sm->pmk_len = 0;
-+              os_memset(sm->pmk, 0, PMK_LEN_MAX);
-       }
- }
diff --git a/package/network/services/hostapd/patches/010-Optional-AP-side-workaround-for-key-reinstallation-a.patch b/package/network/services/hostapd/patches/010-Optional-AP-side-workaround-for-key-reinstallation-a.patch
deleted file mode 100644 (file)
index 19165cc..0000000
+++ /dev/null
@@ -1,221 +0,0 @@
-From 6f234c1e2ee1ede29f2412b7012b3345ed8e52d3 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Mon, 16 Oct 2017 18:37:43 +0300
-Subject: [PATCH] Optional AP side workaround for key reinstallation attacks
-
-This adds a new hostapd configuration parameter
-wpa_disable_eapol_key_retries=1 that can be used to disable
-retransmission of EAPOL-Key frames that are used to install
-keys (EAPOL-Key message 3/4 and group message 1/2). This is
-similar to setting wpa_group_update_count=1 and
-wpa_pairwise_update_count=1, but with no impact to message 1/4
-retries and with extended timeout for messages 4/4 and group
-message 2/2 to avoid causing issues with stations that may use
-aggressive power saving have very long time in replying to the
-EAPOL-Key messages.
-
-This option can be used to work around key reinstallation attacks
-on the station (supplicant) side in cases those station devices
-cannot be updated for some reason. By removing the
-retransmissions the attacker cannot cause key reinstallation with
-a delayed frame transmission. This is related to the station side
-vulnerabilities CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,
-CVE-2017-13080, and CVE-2017-13081.
-
-This workaround might cause interoperability issues and reduced
-robustness of key negotiation especially in environments with
-heavy traffic load due to the number of attempts to perform the
-key exchange is reduced significantly. As such, this workaround
-is disabled by default (unless overridden in build
-configuration). To enable this, set the parameter to 1.
-
-It is also possible to enable this in the build by default by
-adding the following to the build configuration:
-
-CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- hostapd/config_file.c  |  2 ++
- hostapd/defconfig      |  4 ++++
- hostapd/hostapd.conf   | 24 ++++++++++++++++++++++++
- src/ap/ap_config.c     |  6 ++++++
- src/ap/ap_config.h     |  1 +
- src/ap/wpa_auth.c      | 22 ++++++++++++++++++++--
- src/ap/wpa_auth.h      |  1 +
- src/ap/wpa_auth_glue.c |  2 ++
- 8 files changed, 60 insertions(+), 2 deletions(-)
-
---- a/hostapd/config_file.c
-+++ b/hostapd/config_file.c
-@@ -2542,6 +2542,8 @@ static int hostapd_config_fill(struct ho
-                       return 1;
-               }
-               bss->wpa_pairwise_update_count = (u32) val;
-+      } else if (os_strcmp(buf, "wpa_disable_eapol_key_retries") == 0) {
-+              bss->wpa_disable_eapol_key_retries = atoi(pos);
-       } else if (os_strcmp(buf, "wpa_passphrase") == 0) {
-               int len = os_strlen(pos);
-               if (len < 8 || len > 63) {
---- a/hostapd/defconfig
-+++ b/hostapd/defconfig
-@@ -372,3 +372,7 @@ CONFIG_IPV6=y
- # Opportunistic Wireless Encryption (OWE)
- # Experimental implementation of draft-harkins-owe-07.txt
- #CONFIG_OWE=y
-+
-+# Override default value for the wpa_disable_eapol_key_retries configuration
-+# parameter. See that parameter in hostapd.conf for more details.
-+#CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1
---- a/hostapd/hostapd.conf
-+++ b/hostapd/hostapd.conf
-@@ -1315,6 +1315,30 @@ own_ip_addr=127.0.0.1
- # Range 1..4294967295; default: 4
- #wpa_pairwise_update_count=4
-+# Workaround for key reinstallation attacks
-+#
-+# This parameter can be used to disable retransmission of EAPOL-Key frames that
-+# are used to install keys (EAPOL-Key message 3/4 and group message 1/2). This
-+# is similar to setting wpa_group_update_count=1 and
-+# wpa_pairwise_update_count=1, but with no impact to message 1/4 and with
-+# extended timeout on the response to avoid causing issues with stations that
-+# may use aggressive power saving have very long time in replying to the
-+# EAPOL-Key messages.
-+#
-+# This option can be used to work around key reinstallation attacks on the
-+# station (supplicant) side in cases those station devices cannot be updated
-+# for some reason. By removing the retransmissions the attacker cannot cause
-+# key reinstallation with a delayed frame transmission. This is related to the
-+# station side vulnerabilities CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,
-+# CVE-2017-13080, and CVE-2017-13081.
-+#
-+# This workaround might cause interoperability issues and reduced robustness of
-+# key negotiation especially in environments with heavy traffic load due to the
-+# number of attempts to perform the key exchange is reduced significantly. As
-+# such, this workaround is disabled by default (unless overridden in build
-+# configuration). To enable this, set the parameter to 1.
-+#wpa_disable_eapol_key_retries=1
-+
- # Enable IEEE 802.11i/RSN/WPA2 pre-authentication. This is used to speed up
- # roaming be pre-authenticating IEEE 802.1X/EAP part of the full RSN
- # authentication and key handshake before actually associating with a new AP.
---- a/src/ap/ap_config.c
-+++ b/src/ap/ap_config.c
-@@ -37,6 +37,10 @@ static void hostapd_config_free_vlan(str
- }
-+#ifndef DEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES
-+#define DEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES 0
-+#endif /* DEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES */
-+
- void hostapd_config_defaults_bss(struct hostapd_bss_config *bss)
- {
-       dl_list_init(&bss->anqp_elem);
-@@ -58,6 +62,8 @@ void hostapd_config_defaults_bss(struct
-       bss->wpa_gmk_rekey = 86400;
-       bss->wpa_group_update_count = 4;
-       bss->wpa_pairwise_update_count = 4;
-+      bss->wpa_disable_eapol_key_retries =
-+              DEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES;
-       bss->wpa_key_mgmt = WPA_KEY_MGMT_PSK;
-       bss->wpa_pairwise = WPA_CIPHER_TKIP;
-       bss->wpa_group = WPA_CIPHER_TKIP;
---- a/src/ap/ap_config.h
-+++ b/src/ap/ap_config.h
-@@ -333,6 +333,7 @@ struct hostapd_bss_config {
-       int wpa_ptk_rekey;
-       u32 wpa_group_update_count;
-       u32 wpa_pairwise_update_count;
-+      int wpa_disable_eapol_key_retries;
-       int rsn_pairwise;
-       int rsn_preauth;
-       char *rsn_preauth_interfaces;
---- a/src/ap/wpa_auth.c
-+++ b/src/ap/wpa_auth.c
-@@ -65,6 +65,7 @@ static u8 * ieee80211w_kde_add(struct wp
- static const u32 eapol_key_timeout_first = 100; /* ms */
- static const u32 eapol_key_timeout_subseq = 1000; /* ms */
- static const u32 eapol_key_timeout_first_group = 500; /* ms */
-+static const u32 eapol_key_timeout_no_retrans = 4000; /* ms */
- /* TODO: make these configurable */
- static const int dot11RSNAConfigPMKLifetime = 43200;
-@@ -1653,6 +1654,9 @@ static void wpa_send_eapol(struct wpa_au
-                       eapol_key_timeout_first_group;
-       else
-               timeout_ms = eapol_key_timeout_subseq;
-+      if (wpa_auth->conf.wpa_disable_eapol_key_retries &&
-+          (!pairwise || (key_info & WPA_KEY_INFO_MIC)))
-+              timeout_ms = eapol_key_timeout_no_retrans;
-       if (pairwise && ctr == 1 && !(key_info & WPA_KEY_INFO_MIC))
-               sm->pending_1_of_4_timeout = 1;
-       wpa_printf(MSG_DEBUG, "WPA: Use EAPOL-Key timeout of %u ms (retry "
-@@ -2882,6 +2886,11 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING)
-       sm->TimeoutEvt = FALSE;
-       sm->TimeoutCtr++;
-+      if (sm->wpa_auth->conf.wpa_disable_eapol_key_retries &&
-+          sm->TimeoutCtr > 1) {
-+              /* Do not allow retransmission of EAPOL-Key msg 3/4 */
-+              return;
-+      }
-       if (sm->TimeoutCtr > sm->wpa_auth->conf.wpa_pairwise_update_count) {
-               /* No point in sending the EAPOL-Key - we will disconnect
-                * immediately following this. */
-@@ -3220,7 +3229,9 @@ SM_STEP(WPA_PTK)
-                        sm->EAPOLKeyPairwise && sm->MICVerified)
-                       SM_ENTER(WPA_PTK, PTKINITDONE);
-               else if (sm->TimeoutCtr >
--                       sm->wpa_auth->conf.wpa_pairwise_update_count) {
-+                       sm->wpa_auth->conf.wpa_pairwise_update_count ||
-+                       (sm->wpa_auth->conf.wpa_disable_eapol_key_retries &&
-+                        sm->TimeoutCtr > 1)) {
-                       wpa_auth->dot11RSNA4WayHandshakeFailures++;
-                       wpa_auth_vlogger(
-                               sm->wpa_auth, sm->addr, LOGGER_DEBUG,
-@@ -3260,6 +3271,11 @@ SM_STATE(WPA_PTK_GROUP, REKEYNEGOTIATING
-       SM_ENTRY_MA(WPA_PTK_GROUP, REKEYNEGOTIATING, wpa_ptk_group);
-       sm->GTimeoutCtr++;
-+      if (sm->wpa_auth->conf.wpa_disable_eapol_key_retries &&
-+          sm->GTimeoutCtr > 1) {
-+              /* Do not allow retransmission of EAPOL-Key group msg 1/2 */
-+              return;
-+      }
-       if (sm->GTimeoutCtr > sm->wpa_auth->conf.wpa_group_update_count) {
-               /* No point in sending the EAPOL-Key - we will disconnect
-                * immediately following this. */
-@@ -3363,7 +3379,9 @@ SM_STEP(WPA_PTK_GROUP)
-                   !sm->EAPOLKeyPairwise && sm->MICVerified)
-                       SM_ENTER(WPA_PTK_GROUP, REKEYESTABLISHED);
-               else if (sm->GTimeoutCtr >
--                       sm->wpa_auth->conf.wpa_group_update_count)
-+                       sm->wpa_auth->conf.wpa_group_update_count ||
-+                       (sm->wpa_auth->conf.wpa_disable_eapol_key_retries &&
-+                        sm->GTimeoutCtr > 1))
-                       SM_ENTER(WPA_PTK_GROUP, KEYERROR);
-               else if (sm->TimeoutEvt)
-                       SM_ENTER(WPA_PTK_GROUP, REKEYNEGOTIATING);
---- a/src/ap/wpa_auth.h
-+++ b/src/ap/wpa_auth.h
-@@ -165,6 +165,7 @@ struct wpa_auth_config {
-       int wpa_ptk_rekey;
-       u32 wpa_group_update_count;
-       u32 wpa_pairwise_update_count;
-+      int wpa_disable_eapol_key_retries;
-       int rsn_pairwise;
-       int rsn_preauth;
-       int eapol_version;
---- a/src/ap/wpa_auth_glue.c
-+++ b/src/ap/wpa_auth_glue.c
-@@ -45,6 +45,8 @@ static void hostapd_wpa_auth_conf(struct
-       wconf->wpa_gmk_rekey = conf->wpa_gmk_rekey;
-       wconf->wpa_ptk_rekey = conf->wpa_ptk_rekey;
-       wconf->wpa_group_update_count = conf->wpa_group_update_count;
-+      wconf->wpa_disable_eapol_key_retries =
-+              conf->wpa_disable_eapol_key_retries;
-       wconf->wpa_pairwise_update_count = conf->wpa_pairwise_update_count;
-       wconf->rsn_pairwise = conf->rsn_pairwise;
-       wconf->rsn_preauth = conf->rsn_preauth;
diff --git a/package/network/services/hostapd/patches/011-Additional-consistentcy-checks-for-PTK-component-len.patch b/package/network/services/hostapd/patches/011-Additional-consistentcy-checks-for-PTK-component-len.patch
deleted file mode 100644 (file)
index 5cc2f7b..0000000
+++ /dev/null
@@ -1,100 +0,0 @@
-From a6ea665300919d6a3af22b1f4237203647fda93a Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Tue, 17 Oct 2017 00:01:11 +0300
-Subject: [PATCH] Additional consistentcy checks for PTK component lengths
-
-Verify that TK, KCK, and KEK lengths are set to consistent values within
-struct wpa_ptk before using them in supplicant. This is an additional
-layer of protection against unexpected states.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/common/wpa_common.c |  6 ++++++
- src/rsn_supp/wpa.c      | 26 ++++++++++++++++++++------
- 2 files changed, 26 insertions(+), 6 deletions(-)
-
---- a/src/common/wpa_common.c
-+++ b/src/common/wpa_common.c
-@@ -100,6 +100,12 @@ int wpa_eapol_key_mic(const u8 *key, siz
- {
-       u8 hash[SHA512_MAC_LEN];
-+      if (key_len == 0) {
-+              wpa_printf(MSG_DEBUG,
-+                         "WPA: KCK not set - cannot calculate MIC");
-+              return -1;
-+      }
-+
-       switch (ver) {
- #ifndef CONFIG_FIPS
-       case WPA_KEY_INFO_TYPE_HMAC_MD5_RC4:
---- a/src/rsn_supp/wpa.c
-+++ b/src/rsn_supp/wpa.c
-@@ -725,6 +725,11 @@ static int wpa_supplicant_install_ptk(st
-       alg = wpa_cipher_to_alg(sm->pairwise_cipher);
-       keylen = wpa_cipher_key_len(sm->pairwise_cipher);
-+      if (keylen <= 0 || (unsigned int) keylen != sm->ptk.tk_len) {
-+              wpa_printf(MSG_DEBUG, "WPA: TK length mismatch: %d != %lu",
-+                         keylen, (long unsigned int) sm->ptk.tk_len);
-+              return -1;
-+      }
-       rsclen = wpa_cipher_rsc_len(sm->pairwise_cipher);
-       if (sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) {
-@@ -745,6 +750,7 @@ static int wpa_supplicant_install_ptk(st
-       /* TK is not needed anymore in supplicant */
-       os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN);
-+      sm->ptk.tk_len = 0;
-       sm->ptk.installed = 1;
-       if (sm->wpa_ptk_rekey) {
-@@ -1717,9 +1723,10 @@ static int wpa_supplicant_verify_eapol_k
-       os_memcpy(mic, key + 1, mic_len);
-       if (sm->tptk_set) {
-               os_memset(key + 1, 0, mic_len);
--              wpa_eapol_key_mic(sm->tptk.kck, sm->tptk.kck_len, sm->key_mgmt,
--                                ver, buf, len, (u8 *) (key + 1));
--              if (os_memcmp_const(mic, key + 1, mic_len) != 0) {
-+              if (wpa_eapol_key_mic(sm->tptk.kck, sm->tptk.kck_len,
-+                                    sm->key_mgmt,
-+                                    ver, buf, len, (u8 *) (key + 1)) < 0 ||
-+                  os_memcmp_const(mic, key + 1, mic_len) != 0) {
-                       wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
-                               "WPA: Invalid EAPOL-Key MIC "
-                               "when using TPTK - ignoring TPTK");
-@@ -1742,9 +1749,10 @@ static int wpa_supplicant_verify_eapol_k
-       if (!ok && sm->ptk_set) {
-               os_memset(key + 1, 0, mic_len);
--              wpa_eapol_key_mic(sm->ptk.kck, sm->ptk.kck_len, sm->key_mgmt,
--                                ver, buf, len, (u8 *) (key + 1));
--              if (os_memcmp_const(mic, key + 1, mic_len) != 0) {
-+              if (wpa_eapol_key_mic(sm->ptk.kck, sm->ptk.kck_len,
-+                                    sm->key_mgmt,
-+                                    ver, buf, len, (u8 *) (key + 1)) < 0 ||
-+                  os_memcmp_const(mic, key + 1, mic_len) != 0) {
-                       wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
-                               "WPA: Invalid EAPOL-Key MIC - "
-                               "dropping packet");
-@@ -4167,6 +4175,11 @@ int fils_process_assoc_resp(struct wpa_s
-       alg = wpa_cipher_to_alg(sm->pairwise_cipher);
-       keylen = wpa_cipher_key_len(sm->pairwise_cipher);
-+      if (keylen <= 0 || (unsigned int) keylen != sm->ptk.tk_len) {
-+              wpa_printf(MSG_DEBUG, "FILS: TK length mismatch: %u != %lu",
-+                         keylen, (long unsigned int) sm->ptk.tk_len);
-+              goto fail;
-+      }
-       rsclen = wpa_cipher_rsc_len(sm->pairwise_cipher);
-       wpa_hexdump_key(MSG_DEBUG, "FILS: Set TK to driver",
-                       sm->ptk.tk, keylen);
-@@ -4183,6 +4196,7 @@ int fils_process_assoc_resp(struct wpa_s
-        * takes care of association frame encryption/decryption. */
-       /* TK is not needed anymore in supplicant */
-       os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN);
-+      sm->ptk.tk_len = 0;
-       sm->ptk.installed = 1;
-       /* FILS HLP Container */
diff --git a/package/network/services/hostapd/patches/012-Clear-BSSID-information-in-supplicant-state-machine-.patch b/package/network/services/hostapd/patches/012-Clear-BSSID-information-in-supplicant-state-machine-.patch
deleted file mode 100644 (file)
index 808d345..0000000
+++ /dev/null
@@ -1,25 +0,0 @@
-From c0fe5f125a9d4a6564e1f4956ccc3809bf2fd69d Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Tue, 17 Oct 2017 01:15:24 +0300
-Subject: [PATCH] Clear BSSID information in supplicant state machine on
- disconnection
-
-This fixes a corner case where RSN pre-authentication candidate from
-scan results was ignored if the station was associated with that BSS
-just before running the new scan for the connection.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/rsn_supp/wpa.c | 1 +
- 1 file changed, 1 insertion(+)
-
---- a/src/rsn_supp/wpa.c
-+++ b/src/rsn_supp/wpa.c
-@@ -2662,6 +2662,7 @@ void wpa_sm_notify_disassoc(struct wpa_s
-       wpa_sm_drop_sa(sm);
-       sm->msg_3_of_4_ok = 0;
-+      os_memset(sm->bssid, 0, ETH_ALEN);
- }
diff --git a/package/network/services/hostapd/patches/013-WNM-Ignore-WNM-Sleep-Mode-Request-in-wnm_sleep_mode-.patch b/package/network/services/hostapd/patches/013-WNM-Ignore-WNM-Sleep-Mode-Request-in-wnm_sleep_mode-.patch
deleted file mode 100644 (file)
index 13426e4..0000000
+++ /dev/null
@@ -1,35 +0,0 @@
-From 114f2830d2c2aee6db23d48240e93415a256a37c Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <jouni@qca.qualcomm.com>
-Date: Fri, 20 Oct 2017 17:39:42 +0300
-Subject: [PATCH] WNM: Ignore WNM-Sleep Mode Request in wnm_sleep_mode=0 case
-
-The hostapd wnm_sleep_mode parameter was previously used to control
-advertisement of WNM-Sleep Mode support, but it was not used when
-processing a request to use WNM-Sleep Mode. Add an explicit check during
-request processing as well so that any misbehaving station is ignored.
-
-Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
----
- src/ap/wnm_ap.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/src/ap/wnm_ap.c b/src/ap/wnm_ap.c
-index 7c4fde0..973e4d3 100644
---- a/src/ap/wnm_ap.c
-+++ b/src/ap/wnm_ap.c
-@@ -200,6 +200,13 @@ static void ieee802_11_rx_wnmsleep_req(struct hostapd_data *hapd,
-       u8 *tfsreq_ie_end = NULL;
-       u16 tfsreq_ie_len = 0;
-+      if (!hapd->conf->wnm_sleep_mode) {
-+              wpa_printf(MSG_DEBUG, "Ignore WNM-Sleep Mode Request from "
-+                         MACSTR " since WNM-Sleep Mode is disabled",
-+                         MAC2STR(addr));
-+              return;
-+      }
-+
-       dialog_token = *pos++;
-       while (pos + 1 < frm + len) {
-               u8 ie_len = pos[1];
--- 
-2.1.4
index 3a48a7a95fb88659060cc2ba74e8b5247f140c27..b8e057e2faf8d16896ecbc50607a299e112a6050 100644 (file)
@@ -1,6 +1,6 @@
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -265,9 +265,10 @@ void wpa_supplicant_cancel_auth_timeout(
+@@ -272,9 +272,10 @@ void wpa_supplicant_cancel_auth_timeout(
   */
  void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
  {
index 0d289d53a36853bb6f8963d312d9bc332c9a50eb..92a47742b44414afa5b931442df305d354295277 100644 (file)
@@ -36,7 +36,7 @@
  LIBS += $(DRV_AP_LIBS)
  
  ifdef CONFIG_L2_PACKET
-@@ -1204,6 +1210,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR)
+@@ -1270,6 +1276,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR)
  
  BCHECK=../src/drivers/build.hostapd
  
@@ -49,7 +49,7 @@
  hostapd: $(BCHECK) $(OBJS)
        $(Q)$(CC) $(LDFLAGS) -o hostapd $(OBJS) $(LIBS)
        @$(E) "  LD " $@
-@@ -1248,6 +1260,12 @@ ifeq ($(CONFIG_TLS), linux)
+@@ -1315,6 +1327,12 @@ ifeq ($(CONFIG_TLS), linux)
  HOBJS += ../src/crypto/crypto_linux.o
  endif
  
@@ -72,7 +72,7 @@
  
  ifndef CONFIG_NO_GITVER
  # Add VERSION_STR postfix for builds from a git repository
-@@ -357,7 +358,9 @@ endif
+@@ -358,7 +359,9 @@ endif
  ifdef CONFIG_IBSS_RSN
  NEED_RSN_AUTHENTICATOR=y
  CFLAGS += -DCONFIG_IBSS_RSN
@@ -82,7 +82,7 @@
  OBJS += ibss_rsn.o
  endif
  
-@@ -861,6 +864,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS
+@@ -866,6 +869,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS
  CFLAGS += -DCONFIG_DYNAMIC_EAP_METHODS
  LIBS += -ldl -rdynamic
  endif
@@ -93,7 +93,7 @@
  endif
  
  ifdef CONFIG_AP
-@@ -868,9 +875,11 @@ NEED_EAP_COMMON=y
+@@ -873,9 +880,11 @@ NEED_EAP_COMMON=y
  NEED_RSN_AUTHENTICATOR=y
  CFLAGS += -DCONFIG_AP
  OBJS += ap.o
  OBJS += ../src/ap/hostapd.o
  OBJS += ../src/ap/wpa_auth_glue.o
  OBJS += ../src/ap/utils.o
-@@ -952,6 +961,12 @@ endif
+@@ -957,6 +966,12 @@ endif
  ifdef CONFIG_HS20
  OBJS += ../src/ap/hs20.o
  endif
  endif
  
  ifdef CONFIG_MBO
-@@ -960,7 +975,9 @@ CFLAGS += -DCONFIG_MBO
+@@ -965,7 +980,9 @@ CFLAGS += -DCONFIG_MBO
  endif
  
  ifdef NEED_RSN_AUTHENTICATOR
  NEED_AES_WRAP=y
  OBJS += ../src/ap/wpa_auth.o
  OBJS += ../src/ap/wpa_auth_ie.o
-@@ -1835,6 +1852,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
+@@ -1895,6 +1912,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
  
  $(OBJS_c) $(OBJS_t) $(OBJS_t2) $(OBJS) $(BCHECK) $(EXTRA_progs): .config
  
  wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
        $(Q)$(LDO) $(LDFLAGS) -o wpa_supplicant $(OBJS) $(LIBS) $(EXTRALIBS)
        @$(E) "  LD " $@
-@@ -1937,6 +1960,12 @@ endif
+@@ -1997,6 +2020,12 @@ endif
                -e 's|\@DBUS_INTERFACE\@|$(DBUS_INTERFACE)|g' $< >$@
        @$(E) "  sed" $<
  
  wpa_cli.exe: wpa_cli
 --- a/src/drivers/driver.h
 +++ b/src/drivers/driver.h
-@@ -5317,8 +5317,8 @@ union wpa_event_data {
+@@ -5418,8 +5418,8 @@ union wpa_event_data {
   * Driver wrapper code should call this function whenever an event is received
   * from the driver.
   */
  
  /**
   * wpa_supplicant_event_global - Report a driver event for wpa_supplicant
-@@ -5330,7 +5330,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -5431,7 +5431,7 @@ void wpa_supplicant_event(void *ctx, enu
   * Same as wpa_supplicant_event(), but we search for the interface in
   * wpa_global.
   */
  /*
 --- a/src/ap/drv_callbacks.c
 +++ b/src/ap/drv_callbacks.c
-@@ -1375,8 +1375,8 @@ static void hostapd_event_dfs_cac_starte
+@@ -1473,8 +1473,8 @@ static void hostapd_event_dfs_cac_starte
  #endif /* NEED_AP_MLME */
  
  
  {
        struct hostapd_data *hapd = ctx;
  #ifndef CONFIG_NO_STDOUT_DEBUG
-@@ -1590,7 +1590,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -1694,7 +1694,7 @@ void wpa_supplicant_event(void *ctx, enu
  }
  
  
  {
        struct wpa_priv_interface *iface = ctx;
  
-@@ -1101,7 +1101,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -1095,7 +1095,7 @@ void wpa_supplicant_event(void *ctx, enu
  }
  
  
                                 union wpa_event_data *data)
  {
        struct wpa_priv_global *global = ctx;
-@@ -1213,6 +1213,8 @@ int main(int argc, char *argv[])
+@@ -1207,6 +1207,8 @@ int main(int argc, char *argv[])
        if (os_program_init())
                return -1;
  
        os_memset(&global, 0, sizeof(global));
 --- a/wpa_supplicant/events.c
 +++ b/wpa_supplicant/events.c
-@@ -3709,8 +3709,8 @@ static void wpa_supplicant_event_assoc_a
+@@ -3812,8 +3812,8 @@ static void wpa_supplicant_event_assoc_a
  }
  
  
  {
        struct wpa_supplicant *wpa_s = ctx;
        int resched;
-@@ -4466,7 +4466,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -4628,7 +4628,7 @@ void wpa_supplicant_event(void *ctx, enu
  }
  
  
        struct wpa_supplicant *wpa_s;
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -5457,7 +5457,6 @@ struct wpa_interface * wpa_supplicant_ma
+@@ -5678,7 +5678,6 @@ struct wpa_interface * wpa_supplicant_ma
        return NULL;
  }
  
  /**
   * wpa_supplicant_match_existing - Match existing interfaces
   * @global: Pointer to global data from wpa_supplicant_init()
-@@ -5494,6 +5493,11 @@ static int wpa_supplicant_match_existing
+@@ -5715,6 +5714,11 @@ static int wpa_supplicant_match_existing
  
  #endif /* CONFIG_MATCH_IFACE */
  
  
  /**
   * wpa_supplicant_add_iface - Add a new network interface
-@@ -5750,6 +5754,8 @@ struct wpa_global * wpa_supplicant_init(
+@@ -5971,6 +5975,8 @@ struct wpa_global * wpa_supplicant_init(
  #ifndef CONFIG_NO_WPA_MSG
        wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
  #endif /* CONFIG_NO_WPA_MSG */
                wpa_debug_open_file(params->wpa_debug_file_path);
 --- a/hostapd/main.c
 +++ b/hostapd/main.c
-@@ -590,6 +590,11 @@ fail:
+@@ -591,6 +591,11 @@ fail:
        return -1;
  }
  
  
  #ifdef CONFIG_WPS
  static int gen_uuid(const char *txt_addr)
-@@ -670,6 +675,8 @@ int main(int argc, char *argv[])
-       dl_list_init(&interfaces.eth_p_oui);
- #endif /* CONFIG_ETH_P_OUI */
+@@ -674,6 +679,8 @@ int main(int argc, char *argv[])
+       hostapd_dpp_init_global(&interfaces);
+ #endif /* CONFIG_DPP */
  
 +      wpa_supplicant_event = hostapd_wpa_event;
 +      wpa_supplicant_event_global = hostapd_wpa_event_global;
index c8ca3694c0e19448c7e904309167e737b695f326..fcd7e5a8dd70118c929b5e6592e59e78f50dc3b8 100644 (file)
@@ -1,6 +1,6 @@
 --- a/hostapd/config_file.c
 +++ b/hostapd/config_file.c
-@@ -3016,6 +3016,10 @@ static int hostapd_config_fill(struct ho
+@@ -3088,6 +3088,10 @@ static int hostapd_config_fill(struct ho
                }
  #endif /* CONFIG_IEEE80211W */
  #ifdef CONFIG_IEEE80211N
@@ -13,7 +13,7 @@
        } else if (os_strcmp(buf, "ht_capab") == 0) {
 --- a/src/ap/ap_config.h
 +++ b/src/ap/ap_config.h
-@@ -735,6 +735,8 @@ struct hostapd_config {
+@@ -750,6 +750,8 @@ struct hostapd_config {
  
        int ht_op_mode_fixed;
        u16 ht_capab;
        hostapd_set_state(iface, HAPD_IFACE_HT_SCAN);
 --- a/src/ap/ieee802_11_ht.c
 +++ b/src/ap/ieee802_11_ht.c
-@@ -244,6 +244,9 @@ void hostapd_2040_coex_action(struct hos
-       if (!(iface->conf->ht_capab & HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
+@@ -252,6 +252,9 @@ void hostapd_2040_coex_action(struct hos
                return;
+       }
  
 +      if (iface->conf->noscan || iface->conf->no_ht_coex)
 +              return;
 +
-       if (len < IEEE80211_HDRLEN + 2 + sizeof(*bc_ie))
-               return;
-@@ -368,6 +371,9 @@ void ht40_intolerant_add(struct hostapd_
+       if (len < IEEE80211_HDRLEN + 2 + sizeof(*bc_ie)) {
+               wpa_printf(MSG_DEBUG,
+                          "Ignore too short 20/40 BSS Coexistence Management frame");
+@@ -412,6 +415,9 @@ void ht40_intolerant_add(struct hostapd_
        if (iface->current_mode->mode != HOSTAPD_MODE_IEEE80211G)
                return;
  
index 6846db27503a308078b97537accc3d2e36bce97f..552fd182e41a04d7ab106b031d6038ccb03cd626 100644 (file)
@@ -1,6 +1,6 @@
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -3927,7 +3927,7 @@ wpa_supplicant_alloc(struct wpa_supplica
+@@ -4126,7 +4126,7 @@ wpa_supplicant_alloc(struct wpa_supplica
        if (wpa_s == NULL)
                return NULL;
        wpa_s->scan_req = INITIAL_SCAN_REQ;
index 3bc916b6b8fa782cbff51a213b2f65e53bcf1cb4..272d4f924078adb9ea0108be3860c02be07cdc42 100644 (file)
@@ -1,6 +1,6 @@
 --- a/src/drivers/driver_nl80211.c
 +++ b/src/drivers/driver_nl80211.c
-@@ -4152,7 +4152,7 @@ static int nl80211_set_channel(struct i8
+@@ -4231,7 +4231,7 @@ static int nl80211_set_channel(struct i8
                   freq->freq, freq->ht_enabled, freq->vht_enabled,
                   freq->bandwidth, freq->center_freq1, freq->center_freq2);
  
index 92e6ae9ae066740e0601f4137b863f945db422e3..fcb572766b5a27f1e44db3a03cfac783b285d410 100644 (file)
@@ -1,6 +1,6 @@
 --- a/src/drivers/driver_nl80211.c
 +++ b/src/drivers/driver_nl80211.c
-@@ -2536,10 +2536,15 @@ static int wpa_driver_nl80211_del_beacon
+@@ -2563,10 +2563,15 @@ static int wpa_driver_nl80211_del_beacon
        struct nl_msg *msg;
        struct wpa_driver_nl80211_data *drv = bss->drv;
  
@@ -18,7 +18,7 @@
        return send_and_recv_msgs(drv, msg, NULL, NULL);
  }
  
-@@ -4753,7 +4758,7 @@ static void nl80211_teardown_ap(struct i
+@@ -4832,7 +4837,7 @@ static void nl80211_teardown_ap(struct i
                nl80211_mgmt_unsubscribe(bss, "AP teardown");
  
        nl80211_put_wiphy_data_ap(bss);
@@ -27,7 +27,7 @@
  }
  
  
-@@ -6853,8 +6858,6 @@ static int wpa_driver_nl80211_if_remove(
+@@ -7037,8 +7042,6 @@ static int wpa_driver_nl80211_if_remove(
        } else {
                wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context");
                nl80211_teardown_ap(bss);
@@ -36,7 +36,7 @@
                nl80211_destroy_bss(bss);
                if (!bss->added_if)
                        i802_set_iface_flags(bss, 0);
-@@ -7225,7 +7228,6 @@ static int wpa_driver_nl80211_deinit_ap(
+@@ -7409,7 +7412,6 @@ static int wpa_driver_nl80211_deinit_ap(
        if (!is_ap_interface(drv->nlmode))
                return -1;
        wpa_driver_nl80211_del_beacon(bss);
@@ -44,7 +44,7 @@
  
        /*
         * If the P2P GO interface was dynamically added, then it is
-@@ -7245,7 +7247,6 @@ static int wpa_driver_nl80211_stop_ap(vo
+@@ -7429,7 +7431,6 @@ static int wpa_driver_nl80211_stop_ap(vo
        if (!is_ap_interface(drv->nlmode))
                return -1;
        wpa_driver_nl80211_del_beacon(bss);
index 043ddbf889ccfe4c223a3cf4e5fc292430c2ba1c..e7fc814d6a7f8adeba1824cc92073e6b7769b00c 100644 (file)
@@ -1,6 +1,6 @@
 --- a/hostapd/ctrl_iface.c
 +++ b/hostapd/ctrl_iface.c
-@@ -56,6 +56,7 @@
+@@ -60,6 +60,7 @@
  #include "fst/fst_ctrl_iface.h"
  #include "config_file.h"
  #include "ctrl_iface.h"
@@ -8,7 +8,7 @@
  
  
  #define HOSTAPD_CLI_DUP_VALUE_MAX_LEN 256
-@@ -74,6 +75,7 @@ static void hostapd_ctrl_iface_send(stru
+@@ -78,6 +79,7 @@ static void hostapd_ctrl_iface_send(stru
                                    enum wpa_msg_type type,
                                    const char *buf, size_t len);
  
@@ -16,7 +16,7 @@
  
  static int hostapd_ctrl_iface_attach(struct hostapd_data *hapd,
                                     struct sockaddr_storage *from,
-@@ -125,6 +127,61 @@ static int hostapd_ctrl_iface_new_sta(st
+@@ -129,6 +131,61 @@ static int hostapd_ctrl_iface_new_sta(st
        return 0;
  }
  
@@ -78,7 +78,7 @@
  
  #ifdef CONFIG_IEEE80211W
  #ifdef NEED_AP_MLME
-@@ -2607,6 +2664,8 @@ static int hostapd_ctrl_iface_receive_pr
+@@ -3026,6 +3083,8 @@ static int hostapd_ctrl_iface_receive_pr
        } else if (os_strncmp(buf, "VENDOR ", 7) == 0) {
                reply_len = hostapd_ctrl_iface_vendor(hapd, buf + 7, reply,
                                                      reply_size);
@@ -89,7 +89,7 @@
  #ifdef RADIUS_SERVER
 --- a/src/ap/ctrl_iface_ap.c
 +++ b/src/ap/ctrl_iface_ap.c
-@@ -624,7 +624,13 @@ int hostapd_parse_csa_settings(const cha
+@@ -857,7 +857,13 @@ int hostapd_parse_csa_settings(const cha
  
  int hostapd_ctrl_iface_stop_ap(struct hostapd_data *hapd)
  {
index a37b193b6ba76324f8a0798aa3ada938745ccef4..91731d34c0463d958aff4c9e2718b345705ff38f 100644 (file)
@@ -12,7 +12,7 @@
         * bridge_ifname - Optional bridge interface name
         *
         * If the driver interface (ifname) is included in a Linux bridge
-@@ -512,6 +517,8 @@ struct wpa_supplicant {
+@@ -513,6 +518,8 @@ struct wpa_supplicant {
  #endif /* CONFIG_CTRL_IFACE_BINDER */
        char bridge_ifname[16];
  
@@ -45,8 +45,8 @@
  CONFIG_OS=win32
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -118,6 +118,55 @@ const char *const wpa_supplicant_full_li
- static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
+@@ -125,6 +125,55 @@ static void wpas_update_fils_connect_par
+ #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
  
  
 +static int hostapd_stop(struct wpa_supplicant *wpa_s)
  /* Configure default/group WEP keys for static WEP */
  int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
  {
-@@ -883,8 +932,12 @@ void wpa_supplicant_set_state(struct wpa
-               wpas_p2p_completed(wpa_s);
+@@ -893,12 +942,16 @@ void wpa_supplicant_set_state(struct wpa
  
                sme_sched_obss_scan(wpa_s, 1);
 +              if (wpa_s->hostapd)
 +                      hostapd_reload(wpa_s, wpa_s->current_bss);
+ #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
+               if (!fils_hlp_sent && ssid && ssid->eap.erp)
+                       wpas_update_fils_connect_params(wpa_s);
+ #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
        } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
                   state == WPA_ASSOCIATED) {
 +              if (wpa_s->hostapd)
                wpa_s->new_connection = 1;
                wpa_drv_set_operstate(wpa_s, 0);
  #ifndef IEEE8021X_EAPOL
-@@ -5080,6 +5133,20 @@ static int wpa_supplicant_init_iface(str
+@@ -5301,6 +5354,20 @@ static int wpa_supplicant_init_iface(str
                           sizeof(wpa_s->bridge_ifname));
        }
  
        /* RSNA Supplicant Key Management - INITIALIZE */
        eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
        eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
-@@ -5404,6 +5471,11 @@ static void wpa_supplicant_deinit_iface(
+@@ -5625,6 +5692,11 @@ static void wpa_supplicant_deinit_iface(
        if (terminate)
                wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
  
index e977f00a2552bd20bd731be734ea2474d85e900b..39eb415e5e07653c9e6d04c49fe39344821ed024 100644 (file)
@@ -12,7 +12,7 @@
  else
 --- a/hostapd/ctrl_iface.c
 +++ b/hostapd/ctrl_iface.c
-@@ -2458,6 +2458,7 @@ static int hostapd_ctrl_iface_receive_pr
+@@ -2852,6 +2852,7 @@ static int hostapd_ctrl_iface_receive_pr
                                                      reply_size);
        } else if (os_strcmp(buf, "STATUS-DRIVER") == 0) {
                reply_len = hostapd_drv_status(hapd, reply, reply_size);
        } else if (os_strcmp(buf, "MIB") == 0) {
                reply_len = ieee802_11_get_mib(hapd, reply, reply_size);
                if (reply_len >= 0) {
-@@ -2499,6 +2500,7 @@ static int hostapd_ctrl_iface_receive_pr
+@@ -2893,6 +2894,7 @@ static int hostapd_ctrl_iface_receive_pr
        } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
                reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply,
                                                        reply_size);
 +#endif
        } else if (os_strcmp(buf, "ATTACH") == 0) {
-               if (hostapd_ctrl_iface_attach(hapd, from, fromlen))
+               if (hostapd_ctrl_iface_attach(hapd, from, fromlen, NULL))
                        reply_len = -1;
 --- a/wpa_supplicant/Makefile
 +++ b/wpa_supplicant/Makefile
-@@ -926,6 +926,9 @@ ifdef CONFIG_FILS
+@@ -931,6 +931,9 @@ ifdef CONFIG_FILS
  OBJS += ../src/ap/fils_hlp.o
  endif
  ifdef CONFIG_CTRL_IFACE
@@ -42,7 +42,7 @@
  
 --- a/wpa_supplicant/ctrl_iface.c
 +++ b/wpa_supplicant/ctrl_iface.c
-@@ -2070,7 +2070,7 @@ static int wpa_supplicant_ctrl_iface_sta
+@@ -2130,7 +2130,7 @@ static int wpa_supplicant_ctrl_iface_sta
                        pos += ret;
                }
  
@@ -51,7 +51,7 @@
                if (wpa_s->ap_iface) {
                        pos += ap_ctrl_iface_wpa_get_status(wpa_s, pos,
                                                            end - pos,
-@@ -9631,6 +9631,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -9831,6 +9831,7 @@ char * wpa_supplicant_ctrl_iface_process
                        reply_len = -1;
        } else if (os_strncmp(buf, "NOTE ", 5) == 0) {
                wpa_printf(MSG_INFO, "NOTE: %s", buf + 5);
@@ -59,7 +59,7 @@
        } else if (os_strcmp(buf, "MIB") == 0) {
                reply_len = wpa_sm_get_mib(wpa_s->wpa, reply, reply_size);
                if (reply_len >= 0) {
-@@ -9638,6 +9639,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -9838,6 +9839,7 @@ char * wpa_supplicant_ctrl_iface_process
                                                      reply + reply_len,
                                                      reply_size - reply_len);
                }
@@ -67,7 +67,7 @@
        } else if (os_strncmp(buf, "STATUS", 6) == 0) {
                reply_len = wpa_supplicant_ctrl_iface_status(
                        wpa_s, buf + 6, reply, reply_size);
-@@ -10124,6 +10126,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -10319,6 +10321,7 @@ char * wpa_supplicant_ctrl_iface_process
                reply_len = wpa_supplicant_ctrl_iface_bss(
                        wpa_s, buf + 4, reply, reply_size);
  #ifdef CONFIG_AP
@@ -75,7 +75,7 @@
        } else if (os_strcmp(buf, "STA-FIRST") == 0) {
                reply_len = ap_ctrl_iface_sta_first(wpa_s, reply, reply_size);
        } else if (os_strncmp(buf, "STA ", 4) == 0) {
-@@ -10132,12 +10135,15 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -10327,12 +10330,15 @@ char * wpa_supplicant_ctrl_iface_process
        } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
                reply_len = ap_ctrl_iface_sta_next(wpa_s, buf + 9, reply,
                                                   reply_size);
@@ -99,9 +99,9 @@
  
 +#ifdef CONFIG_CTRL_IFACE_MIB
  
- static int hostapd_get_sta_tx_rx(struct hostapd_data *hapd,
-                                struct sta_info *sta,
-@@ -250,6 +251,7 @@ int hostapd_ctrl_iface_sta_next(struct h
+ static size_t hostapd_write_ht_mcs_bitmask(char *buf, size_t buflen,
+                                          size_t curr_len, const u8 *mcs_set)
+@@ -408,6 +409,7 @@ int hostapd_ctrl_iface_sta_next(struct h
        return hostapd_ctrl_iface_sta_mib(hapd, sta->next, buf, buflen);
  }
  
  
  #ifdef CONFIG_P2P_MANAGER
  static int p2p_manager_disconnect(struct hostapd_data *hapd, u16 stype,
+@@ -746,12 +748,12 @@ int hostapd_ctrl_iface_status(struct hos
+                       return len;
+               len += ret;
+       }
+-
++#ifdef CONFIG_CTRL_IFACE_MIB
+       if (iface->conf->ieee80211n && !hapd->conf->disable_11n && mode) {
+               len = hostapd_write_ht_mcs_bitmask(buf, buflen, len,
+                                                  mode->mcs_set);
+       }
+-
++#endif /* CONFIG_CTRL_IFACE_MIB */
+       if (iface->current_rates && iface->num_rates) {
+               ret = os_snprintf(buf + len, buflen - len, "supported_rates=");
+               if (os_snprintf_error(buflen - len, ret))
 --- a/src/ap/ieee802_1x.c
 +++ b/src/ap/ieee802_1x.c
-@@ -2492,6 +2492,7 @@ static const char * bool_txt(Boolean val
+@@ -2501,6 +2501,7 @@ static const char * bool_txt(Boolean val
        return val ? "TRUE" : "FALSE";
  }
  
  
  int ieee802_1x_get_mib(struct hostapd_data *hapd, char *buf, size_t buflen)
  {
-@@ -2667,6 +2668,7 @@ int ieee802_1x_get_mib_sta(struct hostap
+@@ -2676,6 +2677,7 @@ int ieee802_1x_get_mib_sta(struct hostap
        return len;
  }
  
  static void ieee802_1x_wnm_notif_send(void *eloop_ctx, void *timeout_ctx)
 --- a/src/ap/wpa_auth.c
 +++ b/src/ap/wpa_auth.c
-@@ -3780,6 +3780,7 @@ static const char * wpa_bool_txt(int val
+@@ -3773,6 +3773,7 @@ static const char * wpa_bool_txt(int val
        return val ? "TRUE" : "FALSE";
  }
  
  
  #define RSN_SUITE "%02x-%02x-%02x-%d"
  #define RSN_SUITE_ARG(s) \
-@@ -3924,7 +3925,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
+@@ -3917,7 +3918,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
  
        return len;
  }
  {
 --- a/src/rsn_supp/wpa.c
 +++ b/src/rsn_supp/wpa.c
-@@ -2356,6 +2356,8 @@ static u32 wpa_key_mgmt_suite(struct wpa
+@@ -2295,6 +2295,8 @@ static u32 wpa_key_mgmt_suite(struct wpa
  }
  
  
  #define RSN_SUITE "%02x-%02x-%02x-%d"
  #define RSN_SUITE_ARG(s) \
  ((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff
-@@ -2439,6 +2441,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch
+@@ -2378,6 +2380,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch
  
        return (int) len;
  }
  
 --- a/wpa_supplicant/ap.c
 +++ b/wpa_supplicant/ap.c
-@@ -1139,7 +1139,7 @@ int wpas_ap_wps_nfc_report_handover(stru
+@@ -1170,7 +1170,7 @@ int wpas_ap_wps_nfc_report_handover(stru
  #endif /* CONFIG_WPS */
  
  
index 8f7a6879ca9ee78a8a39c8d8bdfc7d7e30875d29..70d5d97c3ad410b319e6b5200a4f9510f1390714 100644 (file)
@@ -1,6 +1,6 @@
 --- a/src/common/wpa_common.c
 +++ b/src/common/wpa_common.c
-@@ -1675,6 +1675,31 @@ u32 wpa_akm_to_suite(int akm)
+@@ -1847,6 +1847,31 @@ u32 wpa_akm_to_suite(int akm)
  }
  
  
@@ -32,7 +32,7 @@
  int wpa_compare_rsn_ie(int ft_initial_assoc,
                       const u8 *ie1, size_t ie1len,
                       const u8 *ie2, size_t ie2len)
-@@ -1682,8 +1707,19 @@ int wpa_compare_rsn_ie(int ft_initial_as
+@@ -1854,8 +1879,19 @@ int wpa_compare_rsn_ie(int ft_initial_as
        if (ie1 == NULL || ie2 == NULL)
                return -1;
  
index c10176371f7c982b8500ed979b968ff1e8c61e04..ea144f4def315f79e37a47acf9800592fed25567 100644 (file)
@@ -10,8 +10,8 @@
                        bss->wpa_pairwise |= WPA_CIPHER_TKIP;
                bss->rsn_pairwise = bss->wpa_pairwise;
                bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa,
-@@ -1067,8 +1066,7 @@ int hostapd_init_wps(struct hostapd_data
-               if (conf->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) {
+@@ -1069,8 +1068,7 @@ int hostapd_init_wps(struct hostapd_data
+                                         WPA_CIPHER_GCMP_256)) {
                        wps->encr_types |= WPS_ENCR_AES;
                        wps->encr_types_rsn |= WPS_ENCR_AES;
 -              }
index 2b529ca3e605cc726665dadd83c0a9a04c9714b8..d582c8574c866bde85bd666ad088eb4c3912bda6 100644 (file)
@@ -8,7 +8,7 @@
  #include "crypto/random.h"
  #include "crypto/tls.h"
  #include "common/version.h"
-@@ -678,7 +679,7 @@ int main(int argc, char *argv[])
+@@ -682,7 +683,7 @@ int main(int argc, char *argv[])
        wpa_supplicant_event = hostapd_wpa_event;
        wpa_supplicant_event_global = hostapd_wpa_event_global;
        for (;;) {
@@ -17,7 +17,7 @@
                if (c < 0)
                        break;
                switch (c) {
-@@ -715,6 +716,8 @@ int main(int argc, char *argv[])
+@@ -719,6 +720,8 @@ int main(int argc, char *argv[])
                        break;
  #endif /* CONFIG_DEBUG_LINUX_TRACING */
                case 'v':
index 32cab7ff62b733cf1f2dcc58de0e51291fc5a1ea..c1882d84a50f8879f45decdd0e5bda42d80b0a73 100644 (file)
@@ -16,7 +16,7 @@
  
  
  static int hostapd_cli_cmd_disassoc_imminent(struct wpa_ctrl *ctrl, int argc,
-@@ -1476,7 +1474,6 @@ static const struct hostapd_cli_cmd host
+@@ -1518,7 +1516,6 @@ static const struct hostapd_cli_cmd host
        { "sa_query", hostapd_cli_cmd_sa_query, hostapd_complete_stations,
          "<addr> = send SA Query to a station" },
  #endif /* CONFIG_IEEE80211W */
@@ -24,7 +24,7 @@
        { "wps_pin", hostapd_cli_cmd_wps_pin, NULL,
          "<uuid> <pin> [timeout] [addr] = add WPS Enrollee PIN" },
        { "wps_check_pin", hostapd_cli_cmd_wps_check_pin, NULL,
-@@ -1501,7 +1498,6 @@ static const struct hostapd_cli_cmd host
+@@ -1543,7 +1540,6 @@ static const struct hostapd_cli_cmd host
          "<SSID> <auth> <encr> <key> = configure AP" },
        { "wps_get_status", hostapd_cli_cmd_wps_get_status, NULL,
          "= show current WPS status" },
index 463a36291114f760ad9f53f4ff8ab35be4beb774..9620ecc5200c00127730a3d43890182cd51b7f13 100644 (file)
@@ -1,6 +1,6 @@
 --- a/hostapd/main.c
 +++ b/hostapd/main.c
-@@ -37,6 +37,8 @@ struct hapd_global {
+@@ -38,6 +38,8 @@ struct hapd_global {
  };
  
  static struct hapd_global global;
@@ -9,7 +9,7 @@
  
  
  #ifndef CONFIG_NO_HOSTAPD_LOGGER
-@@ -147,6 +149,14 @@ static void hostapd_logger_cb(void *ctx,
+@@ -148,6 +150,14 @@ static void hostapd_logger_cb(void *ctx,
  }
  #endif /* CONFIG_NO_HOSTAPD_LOGGER */
  
@@ -24,7 +24,7 @@
  
  /**
   * hostapd_driver_init - Preparate driver interface
-@@ -165,6 +175,8 @@ static int hostapd_driver_init(struct ho
+@@ -166,6 +176,8 @@ static int hostapd_driver_init(struct ho
                return -1;
        }
  
@@ -33,7 +33,7 @@
        /* Initialize the driver interface */
        if (!(b[0] | b[1] | b[2] | b[3] | b[4] | b[5]))
                b = NULL;
-@@ -405,8 +417,6 @@ static void hostapd_global_deinit(const
+@@ -406,8 +418,6 @@ static void hostapd_global_deinit(const
  #endif /* CONFIG_NATIVE_WINDOWS */
  
        eap_server_unregister_methods();
@@ -42,7 +42,7 @@
  }
  
  
-@@ -432,18 +442,6 @@ static int hostapd_global_run(struct hap
+@@ -433,18 +443,6 @@ static int hostapd_global_run(struct hap
        }
  #endif /* EAP_SERVER_TNC */
  
@@ -61,7 +61,7 @@
        eloop_run();
  
        return 0;
-@@ -645,8 +643,7 @@ int main(int argc, char *argv[])
+@@ -646,8 +644,7 @@ int main(int argc, char *argv[])
        struct hapd_interfaces interfaces;
        int ret = 1;
        size_t i, j;
index 213ee6d726593e776637d678e52ebd659de277c6..9df9239cb448daa87da960a6b0abd0e108ec13e4 100644 (file)
@@ -42,8 +42,8 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
  #include "config.h"
  
  
-@@ -1985,6 +1986,97 @@ static char * wpa_config_write_mka_ckn(c
- #endif /* CONFIG_MACSEC */
+@@ -2037,6 +2038,97 @@ static char * wpa_config_write_peerkey(c
+ #endif /* NO_CONFIG_WRITE */
  
  
 +static int wpa_config_parse_mcast_rate(const struct parse_data *data,
@@ -140,7 +140,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
  /* Helper macros for network block parser */
  
  #ifdef OFFSET
-@@ -2224,6 +2316,8 @@ static const struct parse_data ssid_fiel
+@@ -2279,6 +2371,8 @@ static const struct parse_data ssid_fiel
        { INT(ap_max_inactivity) },
        { INT(dtim_period) },
        { INT(beacon_int) },
@@ -162,7 +162,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
  
  
  #define DEFAULT_EAP_WORKAROUND ((unsigned int) -1)
-@@ -735,6 +737,9 @@ struct wpa_ssid {
+@@ -743,6 +745,9 @@ struct wpa_ssid {
         */
        void *parent_cred;
  
@@ -174,7 +174,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
         * macsec_policy - Determines the policy for MACsec secure session
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -2781,6 +2781,12 @@ static void wpas_start_assoc_cb(struct w
+@@ -2942,6 +2942,12 @@ static void wpas_start_assoc_cb(struct w
                        params.beacon_int = ssid->beacon_int;
                else
                        params.beacon_int = wpa_s->conf->beacon_int;
@@ -186,4 +186,4 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
 +              params.mcast_rate = ssid->mcast_rate;
        }
  
-       params.wpa_ie = wpa_ie;
+       params.pairwise_suite = cipher_pairwise;
index 11822366de291ff4505fa494fb765d6f3e8e1a4d..bf9020e2b6e1e3836182f373df80c4a014899a11 100644 (file)
@@ -10,7 +10,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
 
 --- a/src/drivers/driver_nl80211.c
 +++ b/src/drivers/driver_nl80211.c
-@@ -5012,7 +5012,7 @@ static int wpa_driver_nl80211_ibss(struc
+@@ -5091,7 +5091,7 @@ static int wpa_driver_nl80211_ibss(struc
                                   struct wpa_driver_associate_params *params)
  {
        struct nl_msg *msg;
@@ -19,7 +19,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
        int count = 0;
  
        wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex);
-@@ -5039,6 +5039,37 @@ retry:
+@@ -5118,6 +5118,37 @@ retry:
            nl80211_put_beacon_int(msg, params->beacon_int))
                goto fail;
  
index 9b5ee4bbb35efdd585cf3a7ed8ba950c59d973cb..ef615d2b2f43cf984fc9f9da56c47da1df731184 100644 (file)
@@ -19,7 +19,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
 
 --- a/src/drivers/driver.h
 +++ b/src/drivers/driver.h
-@@ -1424,6 +1424,7 @@ struct wpa_driver_mesh_join_params {
+@@ -1394,6 +1394,7 @@ struct wpa_driver_mesh_join_params {
  #define WPA_DRIVER_MESH_FLAG_SAE_AUTH 0x00000004
  #define WPA_DRIVER_MESH_FLAG_AMPE     0x00000008
        unsigned int flags;
@@ -29,7 +29,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
  /**
 --- a/src/drivers/driver_nl80211.c
 +++ b/src/drivers/driver_nl80211.c
-@@ -8981,6 +8981,18 @@ static int nl80211_put_mesh_id(struct nl
+@@ -9210,6 +9210,18 @@ static int nl80211_put_mesh_id(struct nl
  }
  
  
@@ -48,7 +48,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
  static int nl80211_put_mesh_config(struct nl_msg *msg,
                                   struct wpa_driver_mesh_bss_params *params)
  {
-@@ -9039,6 +9051,7 @@ static int nl80211_join_mesh(struct i802
+@@ -9268,6 +9280,7 @@ static int nl80211_join_mesh(struct i802
            nl80211_put_basic_rates(msg, params->basic_rates) ||
            nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) ||
            nl80211_put_beacon_int(msg, params->beacon_int) ||
index 38335394890c7666a96c4b9375cc265da6cc7fc1..4f8ea499c0f150e4916507b8627379c1d5f68f7f 100644 (file)
@@ -1,6 +1,6 @@
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -2010,11 +2010,13 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2081,11 +2081,13 @@ void ibss_mesh_setup_freq(struct wpa_sup
        for (j = 0; j < wpa_s->last_scan_res_used; j++) {
                struct wpa_bss *bss = wpa_s->last_scan_res[j];
  
index acdc668a7b1cf5bc296aad46125e9b7e6d240831..940e171ed07c6023d4698557908171da27d170ca 100644 (file)
@@ -22,7 +22,7 @@
  
  struct wpa_ctrl_dst;
  struct radius_server_data;
-@@ -122,6 +123,7 @@ struct hostapd_data {
+@@ -129,6 +130,7 @@ struct hostapd_data {
        struct hostapd_iface *iface;
        struct hostapd_config *iconf;
        struct hostapd_bss_config *conf;
@@ -30,7 +30,7 @@
        int interface_added; /* virtual interface added for this BSS */
        unsigned int started:1;
        unsigned int disabled:1;
-@@ -370,6 +372,8 @@ struct hostapd_iface {
+@@ -392,6 +394,8 @@ struct hostapd_iface {
        struct hostapd_config *conf;
        char phy[16]; /* Name of the PHY (radio) */
  
@@ -39,7 +39,7 @@
        enum hostapd_iface_state {
                HAPD_IFACE_UNINITIALIZED,
                HAPD_IFACE_DISABLED,
-@@ -518,6 +522,7 @@ hostapd_alloc_bss_data(struct hostapd_if
+@@ -544,6 +548,7 @@ hostapd_alloc_bss_data(struct hostapd_if
                       struct hostapd_bss_config *bss);
  int hostapd_setup_interface(struct hostapd_iface *iface);
  int hostapd_setup_interface_complete(struct hostapd_iface *iface, int err);
@@ -75,7 +75,7 @@
  {
  #ifdef NEED_AP_MLME
        u16 capab = hostapd_own_capab_info(hapd);
-@@ -1711,6 +1714,7 @@ static int hostapd_setup_interface_compl
+@@ -1807,6 +1810,7 @@ static int hostapd_setup_interface_compl
        if (err)
                goto fail;
  
@@ -83,7 +83,7 @@
        wpa_printf(MSG_DEBUG, "Completing interface initialization");
        if (iface->conf->channel) {
  #ifdef NEED_AP_MLME
-@@ -1890,6 +1894,7 @@ dfs_offload:
+@@ -1987,6 +1991,7 @@ dfs_offload:
  
  fail:
        wpa_printf(MSG_ERROR, "Interface initialization failed");
@@ -91,7 +91,7 @@
        hostapd_set_state(iface, HAPD_IFACE_DISABLED);
        wpa_msg(hapd->msg_ctx, MSG_INFO, AP_EVENT_DISABLED);
  #ifdef CONFIG_FST
-@@ -2344,6 +2349,7 @@ void hostapd_interface_deinit_free(struc
+@@ -2441,6 +2446,7 @@ void hostapd_interface_deinit_free(struc
                   (unsigned int) iface->conf->num_bss);
        driver = iface->bss[0]->driver;
        drv_priv = iface->bss[0]->drv_priv;
                   __func__, driver, drv_priv);
 --- a/src/ap/ieee802_11.c
 +++ b/src/ap/ieee802_11.c
-@@ -1587,12 +1587,13 @@ ieee802_11_set_radius_info(struct hostap
+@@ -1662,12 +1662,13 @@ ieee802_11_set_radius_info(struct hostap
  
  
  static void handle_auth(struct hostapd_data *hapd,
        u16 fc;
        const u8 *challenge = NULL;
        u32 session_timeout, acct_interim_interval;
-@@ -1603,6 +1604,11 @@ static void handle_auth(struct hostapd_d
+@@ -1678,6 +1679,11 @@ static void handle_auth(struct hostapd_d
        char *identity = NULL;
        char *radius_cui = NULL;
        u16 seq_ctrl;
  
        if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) {
                wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)",
-@@ -1757,6 +1763,13 @@ static void handle_auth(struct hostapd_d
+@@ -1836,6 +1842,13 @@ static void handle_auth(struct hostapd_d
                resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
                goto fail;
        }
        if (res == HOSTAPD_ACL_PENDING)
                return;
  
-@@ -2870,12 +2883,12 @@ void fils_hlp_timeout(void *eloop_ctx, v
+@@ -3102,12 +3115,12 @@ void fils_hlp_timeout(void *eloop_ctx, v
  
  static void handle_assoc(struct hostapd_data *hapd,
                         const struct ieee80211_mgmt *mgmt, size_t len,
        struct sta_info *sta;
        u8 *tmp = NULL;
        struct hostapd_sta_wpa_psk_short *psk = NULL;
-@@ -2884,6 +2897,11 @@ static void handle_assoc(struct hostapd_
+@@ -3116,6 +3129,11 @@ static void handle_assoc(struct hostapd_
  #ifdef CONFIG_FILS
        int delay_assoc = 0;
  #endif /* CONFIG_FILS */
  
        if (len < IEEE80211_HDRLEN + (reassoc ? sizeof(mgmt->u.reassoc_req) :
                                      sizeof(mgmt->u.assoc_req))) {
-@@ -3051,6 +3069,14 @@ static void handle_assoc(struct hostapd_
+@@ -3287,6 +3305,14 @@ static void handle_assoc(struct hostapd_
        }
  #endif /* CONFIG_MBO */
  
        /*
         * sta->capability is used in check_assoc_ies() for RRM enabled
         * capability element.
-@@ -3258,6 +3284,7 @@ static void handle_disassoc(struct hosta
+@@ -3500,6 +3526,7 @@ static void handle_disassoc(struct hosta
        wpa_printf(MSG_DEBUG, "disassocation: STA=" MACSTR " reason_code=%d",
                   MAC2STR(mgmt->sa),
                   le_to_host16(mgmt->u.disassoc.reason_code));
  
        sta = ap_get_sta(hapd, mgmt->sa);
        if (sta == NULL) {
-@@ -3323,6 +3350,8 @@ static void handle_deauth(struct hostapd
+@@ -3565,6 +3592,8 @@ static void handle_deauth(struct hostapd
                " reason_code=%d",
                MAC2STR(mgmt->sa), le_to_host16(mgmt->u.deauth.reason_code));
  
        sta = ap_get_sta(hapd, mgmt->sa);
        if (sta == NULL) {
                wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR " trying "
-@@ -3637,7 +3666,7 @@ int ieee802_11_mgmt(struct hostapd_data
+@@ -3884,7 +3913,7 @@ int ieee802_11_mgmt(struct hostapd_data
  
  
        if (stype == WLAN_FC_STYPE_PROBE_REQ) {
--              handle_probe_req(hapd, mgmt, len, fi->ssi_signal);
+-              handle_probe_req(hapd, mgmt, len, ssi_signal);
 +              handle_probe_req(hapd, mgmt, len, fi);
                return 1;
        }
  
-@@ -3657,17 +3686,17 @@ int ieee802_11_mgmt(struct hostapd_data
+@@ -3904,17 +3933,17 @@ int ieee802_11_mgmt(struct hostapd_data
        switch (stype) {
        case WLAN_FC_STYPE_AUTH:
                wpa_printf(MSG_DEBUG, "mgmt::auth");
        case WLAN_FC_STYPE_DISASSOC:
 --- a/src/ap/beacon.c
 +++ b/src/ap/beacon.c
-@@ -716,7 +716,7 @@ void sta_track_claim_taxonomy_info(struc
+@@ -720,7 +720,7 @@ void sta_track_claim_taxonomy_info(struc
  
  void handle_probe_req(struct hostapd_data *hapd,
                      const struct ieee80211_mgmt *mgmt, size_t len,
  {
        u8 *resp;
        struct ieee802_11_elems elems;
-@@ -725,9 +725,15 @@ void handle_probe_req(struct hostapd_dat
+@@ -729,6 +729,7 @@ void handle_probe_req(struct hostapd_dat
        size_t i, resp_len;
        int noack;
        enum ssid_match_result res;
        int ret;
        u16 csa_offs[2];
        size_t csa_offs_len;
+@@ -737,6 +738,11 @@ void handle_probe_req(struct hostapd_dat
+       struct hostapd_sta_wpa_psk_short *psk = NULL;
+       char *identity = NULL;
+       char *radius_cui = NULL;
 +      struct hostapd_ubus_request req = {
 +              .type = HOSTAPD_UBUS_PROBE_REQ,
 +              .mgmt_frame = mgmt,
  
        if (len < IEEE80211_HDRLEN)
                return;
-@@ -894,6 +900,12 @@ void handle_probe_req(struct hostapd_dat
+@@ -914,6 +920,12 @@ void handle_probe_req(struct hostapd_dat
        }
  #endif /* CONFIG_P2P */
  
                wpabuf_free(sta->p2p_ie);
 --- a/src/ap/sta_info.c
 +++ b/src/ap/sta_info.c
-@@ -404,6 +404,7 @@ void ap_handle_timer(void *eloop_ctx, vo
+@@ -412,6 +412,7 @@ void ap_handle_timer(void *eloop_ctx, vo
                               HOSTAPD_LEVEL_INFO, "deauthenticated due to "
                               "local deauth request");
                ap_free_sta(hapd, sta);
                return;
        }
  
-@@ -551,6 +552,7 @@ skip_poll:
+@@ -559,6 +560,7 @@ skip_poll:
                        hapd, sta,
                        WLAN_REASON_PREV_AUTH_NOT_VALID);
                ap_free_sta(hapd, sta);
                break;
        }
  }
-@@ -1212,6 +1214,7 @@ void ap_sta_set_authorized(struct hostap
+@@ -1220,6 +1222,7 @@ void ap_sta_set_authorized(struct hostap
                                          buf, ip_addr);
        } else {
                wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf);
                    hapd->msg_ctx_parent != hapd->msg_ctx)
 --- a/src/ap/wpa_auth_glue.c
 +++ b/src/ap/wpa_auth_glue.c
-@@ -175,6 +175,7 @@ static void hostapd_wpa_auth_psk_failure
+@@ -176,6 +176,7 @@ static void hostapd_wpa_auth_psk_failure
        struct hostapd_data *hapd = ctx;
        wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_POSSIBLE_PSK_MISMATCH MACSTR,
                MAC2STR(addr));