From 304423a4ff841129f1b6b7504c83dd11c1f71c84 Mon Sep 17 00:00:00 2001 From: Nick Hainke Date: Mon, 13 Mar 2023 19:35:49 +0100 Subject: [PATCH] hostapd: update to 2023-03-29 Add patches: - 170-wpa_supplicant-fix-compiling-without-IEEE8021X_EAPOL.patch Remove upstreamed: - 170-DPP-fix-memleak-of-intro.peer_key.patch - 461-driver_nl80211-use-new-parameters-during-ibss-join.patch - 800-acs-don-t-select-indoor-channel-on-outdoor-operation.patch - 992-openssl-include-rsa.patch Automatically refreshed: - 011-mesh-use-deterministic-channel-on-channel-switch.patch - 021-fix-sta-add-after-previous-connection.patch - 022-hostapd-fix-use-of-uninitialized-stack-variables.patch - 030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch - 040-mesh-allow-processing-authentication-frames-in-block.patch - 050-build_fix.patch - 110-mbedtls-TLS-crypto-option-initial-port.patch - 120-mbedtls-fips186_2_prf.patch - 140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch - 150-add-NULL-checks-encountered-during-tests-hwsim.patch - 160-dpp_pkex-EC-point-mul-w-value-prime.patch - 200-multicall.patch - 300-noscan.patch - 310-rescan_immediately.patch - 330-nl80211_fix_set_freq.patch - 341-mesh-ctrl-iface-channel-switch.patch - 360-ctrl_iface_reload.patch - 381-hostapd_cli_UNKNOWN-COMMAND.patch - 390-wpa_ie_cap_workaround.patch - 410-limit_debug_messages.patch - 420-indicate-features.patch - 430-hostapd_cli_ifdef.patch - 450-scan_wait.patch - 460-wpa_supplicant-add-new-config-params-to-be-used-with.patch - 463-add-mcast_rate-to-11s.patch - 465-hostapd-config-support-random-BSS-color.patch - 500-lto-jobserver-support.patch - 590-rrm-wnm-statistics.patch - 710-vlan_no_bridge.patch - 720-iface_max_num_sta.patch - 730-ft_iface.patch - 750-qos_map_set_without_interworking.patch - 751-qos_map_ignore_when_unsupported.patch - 760-dynamic_own_ip.patch - 761-shared_das_port.patch - 990-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch Manually refresh: - 010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch - 301-mesh-noscan.patch - 340-reload_freq_change.patch - 350-nl80211_del_beacon_bss.patch - 370-ap_sta_support.patch - 380-disable_ctrl_iface_mib.patch - 464-fix-mesh-obss-check.patch - 470-survey_data_fallback.patch - 600-ubus_support.patch - 700-wifi-reload.patch - 711-wds_bridge_force.patch - 740-snoop_iface.patch Tested-by: Packet Please [Fritzbox 4040 (ipq40xx), EAP225-Outdoor (ath79); 802.11s, WPA3 OWE, and WPA3 PSK] Tested-by: Andrew Sim [mediatek/filogic] Signed-off-by: Nick Hainke --- package/network/services/hostapd/Makefile | 6 +- ...hannels-to-be-selected-if-dfs-is-ena.patch | 87 ++++++++++++------ ...erministic-channel-on-channel-switch.patch | 6 +- ...ix-sta-add-after-previous-connection.patch | 4 +- ...use-of-uninitialized-stack-variables.patch | 2 +- ...ewrite-neigh-code-to-not-depend-on-l.patch | 14 +-- ...ssing-authentication-frames-in-block.patch | 2 +- .../hostapd/patches/050-build_fix.patch | 2 +- ...edtls-TLS-crypto-option-initial-port.patch | 22 ++--- .../patches/120-mbedtls-fips186_2_prf.patch | 2 +- ...efile-make-run-tests-with-CONFIG_TLS.patch | 78 ++++++++-------- ...hecks-encountered-during-tests-hwsim.patch | 2 +- ...-dpp_pkex-EC-point-mul-w-value-prime.patch | 2 +- ...70-DPP-fix-memleak-of-intro.peer_key.patch | 32 ------- ...ix-compiling-without-IEEE8021X_EAPOL.patch | 41 +++++++++ .../hostapd/patches/200-multicall.patch | 48 +++++----- .../services/hostapd/patches/300-noscan.patch | 4 +- .../hostapd/patches/301-mesh-noscan.patch | 52 +++++------ .../patches/310-rescan_immediately.patch | 2 +- .../patches/330-nl80211_fix_set_freq.patch | 2 +- .../patches/340-reload_freq_change.patch | 10 ++- .../341-mesh-ctrl-iface-channel-switch.patch | 2 +- .../patches/350-nl80211_del_beacon_bss.patch | 23 ++--- .../patches/360-ctrl_iface_reload.patch | 10 +-- .../hostapd/patches/370-ap_sta_support.patch | 59 ++++++------ .../patches/380-disable_ctrl_iface_mib.patch | 82 +++++++++++++---- .../381-hostapd_cli_UNKNOWN-COMMAND.patch | 2 +- .../patches/390-wpa_ie_cap_workaround.patch | 4 +- .../patches/410-limit_debug_messages.patch | 22 ++--- .../patches/420-indicate-features.patch | 4 +- .../patches/430-hostapd_cli_ifdef.patch | 12 +-- .../hostapd/patches/450-scan_wait.patch | 6 +- ...dd-new-config-params-to-be-used-with.patch | 10 +-- ...-use-new-parameters-during-ibss-join.patch | 59 ------------ .../patches/463-add-mcast_rate-to-11s.patch | 6 +- .../patches/464-fix-mesh-obss-check.patch | 22 ++--- ...tapd-config-support-random-BSS-color.patch | 2 +- .../patches/470-survey_data_fallback.patch | 15 ++-- .../patches/500-lto-jobserver-support.patch | 6 +- .../patches/590-rrm-wnm-statistics.patch | 12 +-- .../hostapd/patches/600-ubus_support.patch | 89 ++++++++++--------- .../hostapd/patches/700-wifi-reload.patch | 72 +++++---------- .../hostapd/patches/710-vlan_no_bridge.patch | 2 +- .../patches/711-wds_bridge_force.patch | 6 +- .../patches/720-iface_max_num_sta.patch | 10 +-- .../hostapd/patches/730-ft_iface.patch | 6 +- .../hostapd/patches/740-snoop_iface.patch | 8 +- ...750-qos_map_set_without_interworking.patch | 18 ++-- .../751-qos_map_ignore_when_unsupported.patch | 2 +- .../hostapd/patches/760-dynamic_own_ip.patch | 4 +- .../hostapd/patches/761-shared_das_port.patch | 2 +- ...-indoor-channel-on-outdoor-operation.patch | 58 ------------ ..._AP-functions-dependant-on-CONFIG_AP.patch | 4 +- .../patches/992-openssl-include-rsa.patch | 32 ------- 54 files changed, 504 insertions(+), 587 deletions(-) delete mode 100644 package/network/services/hostapd/patches/170-DPP-fix-memleak-of-intro.peer_key.patch create mode 100644 package/network/services/hostapd/patches/170-wpa_supplicant-fix-compiling-without-IEEE8021X_EAPOL.patch delete mode 100644 package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch delete mode 100644 package/network/services/hostapd/patches/800-acs-don-t-select-indoor-channel-on-outdoor-operation.patch delete mode 100644 package/network/services/hostapd/patches/992-openssl-include-rsa.patch diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile index f184830be3ae..30749f407074 100644 --- a/package/network/services/hostapd/Makefile +++ b/package/network/services/hostapd/Makefile @@ -9,9 +9,9 @@ PKG_RELEASE:=$(AUTORELEASE).2 PKG_SOURCE_URL:=http://w1.fi/hostap.git PKG_SOURCE_PROTO:=git -PKG_SOURCE_DATE:=2022-07-29 -PKG_SOURCE_VERSION:=b704dc72ef824dfdd96674b90179b274d1d38105 -PKG_MIRROR_HASH:=6c9dd359ef5a4595b6576e07928566d6864957c4af6466d641d6c3f7717f4689 +PKG_SOURCE_DATE:=2023-03-29 +PKG_SOURCE_VERSION:=bb945b98fefc64887dffb40773a19d77585cee42 +PKG_MIRROR_HASH:=1da8a39c7c81ce257994874402a86d00080a6145b5eb5c5fc44b2fae1853fe8d PKG_MAINTAINER:=Felix Fietkau PKG_LICENSE:=BSD-3-Clause diff --git a/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch b/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch index 6bc48abfb950..761fe368cd2a 100644 --- a/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch +++ b/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch @@ -14,7 +14,7 @@ Signed-off-by: Peter Oh --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -2436,7 +2436,7 @@ static int drv_supports_vht(struct wpa_s +@@ -2621,7 +2621,7 @@ static int drv_supports_vht(struct wpa_s } @@ -23,7 +23,7 @@ Signed-off-by: Peter Oh { int i; -@@ -2445,7 +2445,10 @@ static bool ibss_mesh_is_80mhz_avail(int +@@ -2630,7 +2630,10 @@ static bool ibss_mesh_is_80mhz_avail(int chan = hw_get_channel_chan(mode, i, NULL); if (!chan || @@ -35,16 +35,16 @@ Signed-off-by: Peter Oh return false; } -@@ -2474,6 +2477,8 @@ void ibss_mesh_setup_freq(struct wpa_sup - int chwidth, seg0, seg1; - u32 vht_caps = 0; - bool is_24ghz, is_6ghz; -+ bool dfs_enabled = wpa_s->conf->country[0] && -+ (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR); - - freq->freq = ssid->frequency; - -@@ -2570,8 +2575,11 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -2757,7 +2760,7 @@ static void ibss_mesh_select_40mhz(struc + const struct wpa_ssid *ssid, + struct hostapd_hw_modes *mode, + struct hostapd_freq_params *freq, +- int obss_scan) { ++ int obss_scan, bool dfs_enabled) { + int chan_idx; + struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL; + int i, res; +@@ -2781,8 +2784,11 @@ static void ibss_mesh_select_40mhz(struc return; /* Check primary channel flags */ @@ -55,9 +55,9 @@ Signed-off-by: Peter Oh + if (!dfs_enabled) + return; - freq->channel = pri_chan->chan; - -@@ -2604,8 +2612,11 @@ void ibss_mesh_setup_freq(struct wpa_sup + #ifdef CONFIG_HT_OVERRIDES + if (ssid->disable_ht40) +@@ -2808,8 +2814,11 @@ static void ibss_mesh_select_40mhz(struc return; /* Check secondary channel flags */ @@ -70,25 +70,34 @@ Signed-off-by: Peter Oh if (ht40 == -1) { if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS)) -@@ -2694,7 +2705,7 @@ skip_to_6ghz: - return; - - /* Back to HT configuration if channel not usable */ +@@ -2863,7 +2872,7 @@ static bool ibss_mesh_select_80_160mhz(s + const struct wpa_ssid *ssid, + struct hostapd_hw_modes *mode, + struct hostapd_freq_params *freq, +- int ieee80211_mode, bool is_6ghz) { ++ int ieee80211_mode, bool is_6ghz, bool dfs_enabled) { + static const int bw80[] = { + 5180, 5260, 5500, 5580, 5660, 5745, 5825, + 5955, 6035, 6115, 6195, 6275, 6355, 6435, +@@ -2908,7 +2917,7 @@ static bool ibss_mesh_select_80_160mhz(s + goto skip_80mhz; + + /* Use 40 MHz if channel not usable */ - if (!ibss_mesh_is_80mhz_avail(channel, mode)) + if (!ibss_mesh_is_80mhz_avail(channel, mode, dfs_enabled)) - return; + goto skip_80mhz; chwidth = CONF_OPER_CHWIDTH_80MHZ; -@@ -2708,7 +2719,7 @@ skip_to_6ghz: - * above; check the remaining four 20 MHz channels for the total - * of 160 MHz bandwidth. - */ -- if (!ibss_mesh_is_80mhz_avail(channel + 16, mode)) -+ if (!ibss_mesh_is_80mhz_avail(channel + 16, mode, dfs_enabled)) - return; - +@@ -2922,7 +2931,7 @@ static bool ibss_mesh_select_80_160mhz(s + if ((mode->he_capab[ieee80211_mode].phy_cap[ + HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] & + HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz && +- ibss_mesh_is_80mhz_avail(channel + 16, mode)) { ++ ibss_mesh_is_80mhz_avail(channel + 16, mode, dfs_enabled)) { for (j = 0; j < ARRAY_SIZE(bw160); j++) { -@@ -2738,10 +2749,12 @@ skip_to_6ghz: + if (freq->freq == bw160[j]) { + chwidth = CONF_OPER_CHWIDTH_160MHZ; +@@ -2950,10 +2959,12 @@ static bool ibss_mesh_select_80_160mhz(s if (!chan) continue; @@ -104,3 +113,23 @@ Signed-off-by: Peter Oh /* Found a suitable second segment for 80+80 */ chwidth = CONF_OPER_CHWIDTH_80P80MHZ; +@@ -3008,6 +3019,7 @@ void ibss_mesh_setup_freq(struct wpa_sup + int i, obss_scan = 1; + u8 channel; + bool is_6ghz; ++ bool dfs_enabled = wpa_s->conf->country[0] && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR); + + freq->freq = ssid->frequency; + +@@ -3053,9 +3065,9 @@ void ibss_mesh_setup_freq(struct wpa_sup + freq->channel = channel; + /* Setup higher BW only for 5 GHz */ + if (mode->mode == HOSTAPD_MODE_IEEE80211A) { +- ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan); ++ ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan, dfs_enabled); + if (!ibss_mesh_select_80_160mhz(wpa_s, ssid, mode, freq, +- ieee80211_mode, is_6ghz)) ++ ieee80211_mode, is_6ghz, dfs_enabled)) + freq->he_enabled = freq->vht_enabled = false; + } + diff --git a/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch b/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch index 32a447914ced..20a8bee07275 100644 --- a/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch +++ b/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch @@ -29,7 +29,7 @@ Signed-off-by: Markus Theil enum dfs_channel_type { -@@ -515,9 +516,14 @@ dfs_get_valid_channel(struct hostapd_ifa +@@ -521,9 +522,14 @@ dfs_get_valid_channel(struct hostapd_ifa int num_available_chandefs; int chan_idx, chan_idx2; int sec_chan_idx_80p80 = -1; @@ -44,7 +44,7 @@ Signed-off-by: Markus Theil wpa_printf(MSG_DEBUG, "DFS: Selecting random channel"); *secondary_channel = 0; *oper_centr_freq_seg0_idx = 0; -@@ -537,8 +543,20 @@ dfs_get_valid_channel(struct hostapd_ifa +@@ -543,8 +549,20 @@ dfs_get_valid_channel(struct hostapd_ifa if (num_available_chandefs == 0) return NULL; @@ -68,7 +68,7 @@ Signed-off-by: Markus Theil if (!chan) { --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -9948,6 +9948,10 @@ static int nl80211_switch_channel(void * +@@ -10739,6 +10739,10 @@ static int nl80211_switch_channel(void * if (ret) goto error; diff --git a/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch b/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch index 80b23bdfc964..827e122baf4e 100644 --- a/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch +++ b/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch @@ -1,6 +1,6 @@ --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c -@@ -4963,6 +4963,13 @@ static int add_associated_sta(struct hos +@@ -4168,6 +4168,13 @@ static int add_associated_sta(struct hos * drivers to accept the STA parameter configuration. Since this is * after a new FT-over-DS exchange, a new TK has been derived, so key * reinstallation is not a concern for this case. @@ -14,7 +14,7 @@ */ wpa_printf(MSG_DEBUG, "Add associated STA " MACSTR " (added_unassoc=%d auth_alg=%u ft_over_ds=%u reassoc=%d authorized=%d ft_tk=%d fils_tk=%d)", -@@ -4976,7 +4983,8 @@ static int add_associated_sta(struct hos +@@ -4181,7 +4188,8 @@ static int add_associated_sta(struct hos (!(sta->flags & WLAN_STA_AUTHORIZED) || (reassoc && sta->ft_over_ds && sta->auth_alg == WLAN_AUTH_FT) || (!wpa_auth_sta_ft_tk_already_set(sta->wpa_sm) && diff --git a/package/network/services/hostapd/patches/022-hostapd-fix-use-of-uninitialized-stack-variables.patch b/package/network/services/hostapd/patches/022-hostapd-fix-use-of-uninitialized-stack-variables.patch index 25801da3349d..f4f56f5107cf 100644 --- a/package/network/services/hostapd/patches/022-hostapd-fix-use-of-uninitialized-stack-variables.patch +++ b/package/network/services/hostapd/patches/022-hostapd-fix-use-of-uninitialized-stack-variables.patch @@ -14,7 +14,7 @@ Signed-off-by: Felix Fietkau --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -3453,7 +3453,7 @@ static int hostapd_change_config_freq(st +@@ -3562,7 +3562,7 @@ static int hostapd_change_config_freq(st struct hostapd_freq_params *old_params) { int channel; diff --git a/package/network/services/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch b/package/network/services/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch index 988fbbc6f67b..c02d4b497e2a 100644 --- a/package/network/services/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch +++ b/package/network/services/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch @@ -20,7 +20,7 @@ Signed-off-by: Felix Fietkau #include #include #include -@@ -5344,26 +5341,29 @@ fail: +@@ -5590,26 +5587,29 @@ fail: static void rtnl_neigh_delete_fdb_entry(struct i802_bss *bss, const u8 *addr) { @@ -64,7 +64,7 @@ Signed-off-by: Felix Fietkau if (err < 0) { wpa_printf(MSG_DEBUG, "nl80211: bridge FDB entry delete for " MACSTR " ifindex=%d failed: %s", MAC2STR(addr), -@@ -5373,9 +5373,8 @@ static void rtnl_neigh_delete_fdb_entry( +@@ -5619,9 +5619,8 @@ static void rtnl_neigh_delete_fdb_entry( MACSTR, MAC2STR(addr)); } @@ -76,7 +76,7 @@ Signed-off-by: Felix Fietkau } -@@ -7763,7 +7762,6 @@ static void *i802_init(struct hostapd_da +@@ -8275,7 +8274,6 @@ static void *i802_init(struct hostapd_da (params->num_bridge == 0 || !params->bridge[0])) add_ifidx(drv, br_ifindex, drv->ifindex); @@ -84,7 +84,7 @@ Signed-off-by: Felix Fietkau if (bss->added_if_into_bridge || bss->already_in_bridge) { int err; -@@ -7780,7 +7778,6 @@ static void *i802_init(struct hostapd_da +@@ -8292,7 +8290,6 @@ static void *i802_init(struct hostapd_da goto failed; } } @@ -92,7 +92,7 @@ Signed-off-by: Felix Fietkau if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) { wpa_printf(MSG_DEBUG, -@@ -10813,13 +10810,14 @@ static int wpa_driver_br_add_ip_neigh(vo +@@ -11605,13 +11602,14 @@ static int wpa_driver_br_add_ip_neigh(vo const u8 *ipaddr, int prefixlen, const u8 *addr) { @@ -112,7 +112,7 @@ Signed-off-by: Felix Fietkau int res; if (!ipaddr || prefixlen == 0 || !addr) -@@ -10838,85 +10836,66 @@ static int wpa_driver_br_add_ip_neigh(vo +@@ -11630,85 +11628,66 @@ static int wpa_driver_br_add_ip_neigh(vo } if (version == 4) { @@ -220,7 +220,7 @@ Signed-off-by: Felix Fietkau addrsize = 16; } else { return -EINVAL; -@@ -10934,41 +10913,30 @@ static int wpa_driver_br_delete_ip_neigh +@@ -11726,41 +11705,30 @@ static int wpa_driver_br_delete_ip_neigh return -1; } diff --git a/package/network/services/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch b/package/network/services/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch index 6b34cd4350b2..179d47ecc4ed 100644 --- a/package/network/services/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch +++ b/package/network/services/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch @@ -16,7 +16,7 @@ Signed-off-by: Felix Fietkau --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c -@@ -3781,15 +3781,6 @@ static void handle_auth(struct hostapd_d +@@ -2948,15 +2948,6 @@ static void handle_auth(struct hostapd_d seq_ctrl); return; } diff --git a/package/network/services/hostapd/patches/050-build_fix.patch b/package/network/services/hostapd/patches/050-build_fix.patch index c9268f59e3d0..8680b07c66a2 100644 --- a/package/network/services/hostapd/patches/050-build_fix.patch +++ b/package/network/services/hostapd/patches/050-build_fix.patch @@ -10,7 +10,7 @@ CFLAGS += -DCONFIG_FILS_SK_PFS --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -320,6 +320,7 @@ endif +@@ -331,6 +331,7 @@ endif ifdef CONFIG_FILS CFLAGS += -DCONFIG_FILS NEED_SHA384=y diff --git a/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch b/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch index 01af14b71eb3..22107944dce7 100644 --- a/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch +++ b/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch @@ -273,7 +273,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_RADIUS_SERVER CFLAGS += -DRADIUS_SERVER -@@ -1327,7 +1412,9 @@ NOBJS += ../src/utils/trace.o +@@ -1329,7 +1414,9 @@ NOBJS += ../src/utils/trace.o endif HOBJS += hlr_auc_gw.o ../src/utils/common.o ../src/utils/wpa_debug.o ../src/utils/os_$(CONFIG_OS).o ../src/utils/wpabuf.o ../src/crypto/milenage.o @@ -283,7 +283,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_INTERNAL_AES HOBJS += ../src/crypto/aes-internal.o HOBJS += ../src/crypto/aes-internal-enc.o -@@ -1350,13 +1437,17 @@ SOBJS += ../src/common/sae.o +@@ -1352,13 +1439,17 @@ SOBJS += ../src/common/sae.o SOBJS += ../src/common/sae_pk.o SOBJS += ../src/common/dragonfly.o SOBJS += $(AESOBJS) @@ -7765,7 +7765,7 @@ Signed-off-by: Glenn Strauss CONFIG_SIM_SIMULATOR=y --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -1149,6 +1149,29 @@ endif +@@ -1163,6 +1163,29 @@ endif CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\" endif @@ -7795,7 +7795,7 @@ Signed-off-by: Glenn Strauss ifeq ($(CONFIG_TLS), gnutls) ifndef CONFIG_CRYPTO # default to libgcrypt -@@ -1341,9 +1364,11 @@ endif +@@ -1355,9 +1378,11 @@ endif ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), wolfssl) @@ -7807,7 +7807,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_OPENSSL_INTERNAL_AES_WRAP # Seems to be needed at least with BoringSSL NEED_INTERNAL_AES_WRAP=y -@@ -1357,9 +1382,11 @@ endif +@@ -1371,9 +1396,11 @@ endif ifdef NEED_INTERNAL_AES_WRAP ifneq ($(CONFIG_TLS), linux) @@ -7819,7 +7819,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_AES_EAX AESOBJS += ../src/crypto/aes-eax.o NEED_AES_CTR=y -@@ -1369,35 +1396,45 @@ AESOBJS += ../src/crypto/aes-siv.o +@@ -1383,35 +1410,45 @@ AESOBJS += ../src/crypto/aes-siv.o NEED_AES_CTR=y endif ifdef NEED_AES_CTR @@ -7865,7 +7865,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_AES_ENC ifdef CONFIG_INTERNAL_AES AESOBJS += ../src/crypto/aes-internal-enc.o -@@ -1412,12 +1449,16 @@ ifneq ($(CONFIG_TLS), openssl) +@@ -1426,12 +1463,16 @@ ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), linux) ifneq ($(CONFIG_TLS), gnutls) ifneq ($(CONFIG_TLS), wolfssl) @@ -7882,7 +7882,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_INTERNAL_SHA1 SHA1OBJS += ../src/crypto/sha1-internal.o ifdef NEED_FIPS186_2_PRF -@@ -1429,29 +1470,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2 +@@ -1443,29 +1484,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2 else ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), wolfssl) @@ -7920,7 +7920,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_MD5 ifdef CONFIG_INTERNAL_MD5 MD5OBJS += ../src/crypto/md5-internal.o -@@ -1506,12 +1555,17 @@ ifneq ($(CONFIG_TLS), openssl) +@@ -1520,12 +1569,17 @@ ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), linux) ifneq ($(CONFIG_TLS), gnutls) ifneq ($(CONFIG_TLS), wolfssl) @@ -7938,7 +7938,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_INTERNAL_SHA256 SHA256OBJS += ../src/crypto/sha256-internal.o endif -@@ -1524,50 +1578,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512 +@@ -1538,50 +1592,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512 SHA256OBJS += ../src/crypto/sha512-internal.o endif ifdef NEED_TLS_PRF_SHA256 @@ -8007,7 +8007,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_ASN1 OBJS += ../src/tls/asn1.o -@@ -1742,10 +1814,12 @@ ifdef CONFIG_FIPS +@@ -1756,10 +1828,12 @@ ifdef CONFIG_FIPS CFLAGS += -DCONFIG_FIPS ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), wolfssl) diff --git a/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch b/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch index a0d287086b2a..a48725264fd3 100644 --- a/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch +++ b/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch @@ -101,7 +101,7 @@ Signed-off-by: Glenn Strauss --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -1160,10 +1160,6 @@ endif +@@ -1174,10 +1174,6 @@ endif OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o OBJS_p += ../src/crypto/crypto_$(CONFIG_CRYPTO).o OBJS_priv += ../src/crypto/crypto_$(CONFIG_CRYPTO).o diff --git a/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch b/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch index 9e9e88c1ebeb..148c268f9ca1 100644 --- a/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch +++ b/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch @@ -727,7 +727,7 @@ Signed-off-by: Glenn Strauss def check_ec_support(dev): tls = dev.request("GET tls_library") -@@ -1625,7 +1668,7 @@ def test_ap_wpa2_eap_ttls_pap_subject_ma +@@ -1595,7 +1638,7 @@ def test_ap_wpa2_eap_ttls_pap_subject_ma eap_connect(dev[0], hapd, "TTLS", "pap user", anonymous_identity="ttls", password="password", ca_cert="auth_serv/ca.pem", phase2="auth=PAP", @@ -736,7 +736,7 @@ Signed-off-by: Glenn Strauss altsubject_match="EMAIL:noone@example.com;DNS:server.w1.fi;URI:http://example.com/") eap_reauth(dev[0], "TTLS") -@@ -2860,6 +2903,7 @@ def test_ap_wpa2_eap_tls_neg_domain_matc +@@ -2830,6 +2873,7 @@ def test_ap_wpa2_eap_tls_neg_domain_matc def test_ap_wpa2_eap_tls_neg_subject_match(dev, apdev): """WPA2-Enterprise negative test - subject mismatch""" @@ -744,7 +744,7 @@ Signed-off-by: Glenn Strauss params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap") hostapd.add_ap(apdev[0], params) dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS", -@@ -2920,6 +2964,7 @@ def test_ap_wpa2_eap_tls_neg_subject_mat +@@ -2890,6 +2934,7 @@ def test_ap_wpa2_eap_tls_neg_subject_mat def test_ap_wpa2_eap_tls_neg_altsubject_match(dev, apdev): """WPA2-Enterprise negative test - altsubject mismatch""" @@ -752,7 +752,7 @@ Signed-off-by: Glenn Strauss params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap") hostapd.add_ap(apdev[0], params) -@@ -3460,7 +3505,7 @@ def test_ap_wpa2_eap_ikev2_oom(dev, apde +@@ -3430,7 +3475,7 @@ def test_ap_wpa2_eap_ikev2_oom(dev, apde dev[0].request("REMOVE_NETWORK all") tls = dev[0].request("GET tls_library") @@ -761,7 +761,7 @@ Signed-off-by: Glenn Strauss tests = [(1, "os_get_random;dh_init")] else: tests = [(1, "crypto_dh_init;dh_init")] -@@ -4774,7 +4819,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca +@@ -4744,7 +4789,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca params["private_key"] = "auth_serv/iCA-server/server.key" hostapd.add_ap(apdev[0], params) tls = dev[0].request("GET tls_library") @@ -770,7 +770,7 @@ Signed-off-by: Glenn Strauss ca_cert = "auth_serv/iCA-user/ca-and-root.pem" client_cert = "auth_serv/iCA-user/user_and_ica.pem" else: -@@ -4840,6 +4885,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca +@@ -4810,6 +4855,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca run_ap_wpa2_eap_tls_intermediate_ca_ocsp(dev, apdev, params, "-sha1") def run_ap_wpa2_eap_tls_intermediate_ca_ocsp(dev, apdev, params, md): @@ -778,7 +778,7 @@ Signed-off-by: Glenn Strauss params = int_eap_server_params() params["ca_cert"] = "auth_serv/iCA-server/ca-and-root.pem" params["server_cert"] = "auth_serv/iCA-server/server.pem" -@@ -4849,7 +4895,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_ +@@ -4819,7 +4865,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_ try: hostapd.add_ap(apdev[0], params) tls = dev[0].request("GET tls_library") @@ -787,7 +787,7 @@ Signed-off-by: Glenn Strauss ca_cert = "auth_serv/iCA-user/ca-and-root.pem" client_cert = "auth_serv/iCA-user/user_and_ica.pem" else: -@@ -4885,7 +4931,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_ +@@ -4855,7 +4901,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_ try: hostapd.add_ap(apdev[0], params) tls = dev[0].request("GET tls_library") @@ -796,7 +796,7 @@ Signed-off-by: Glenn Strauss ca_cert = "auth_serv/iCA-user/ca-and-root.pem" client_cert = "auth_serv/iCA-user/user_and_ica.pem" else: -@@ -4935,7 +4981,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca +@@ -4905,7 +4951,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca try: hostapd.add_ap(apdev[0], params) tls = dev[0].request("GET tls_library") @@ -805,7 +805,7 @@ Signed-off-by: Glenn Strauss ca_cert = "auth_serv/iCA-user/ca-and-root.pem" client_cert = "auth_serv/iCA-user/user_and_ica.pem" else: -@@ -5002,7 +5048,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca +@@ -4972,7 +5018,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca hostapd.add_ap(apdev[0], params) tls = dev[0].request("GET tls_library") @@ -814,7 +814,7 @@ Signed-off-by: Glenn Strauss ca_cert = "auth_serv/iCA-user/ca-and-root.pem" client_cert = "auth_serv/iCA-user/user_and_ica.pem" else: -@@ -5260,6 +5306,7 @@ def test_ap_wpa2_eap_ttls_server_cert_ek +@@ -5230,6 +5276,7 @@ def test_ap_wpa2_eap_ttls_server_cert_ek def test_ap_wpa2_eap_ttls_server_pkcs12(dev, apdev): """WPA2-Enterprise using EAP-TTLS and server PKCS#12 file""" @@ -822,7 +822,7 @@ Signed-off-by: Glenn Strauss skip_with_fips(dev[0]) params = int_eap_server_params() del params["server_cert"] -@@ -5272,6 +5319,7 @@ def test_ap_wpa2_eap_ttls_server_pkcs12( +@@ -5242,6 +5289,7 @@ def test_ap_wpa2_eap_ttls_server_pkcs12( def test_ap_wpa2_eap_ttls_server_pkcs12_extra(dev, apdev): """EAP-TTLS and server PKCS#12 file with extra certs""" @@ -830,7 +830,7 @@ Signed-off-by: Glenn Strauss skip_with_fips(dev[0]) params = int_eap_server_params() del params["server_cert"] -@@ -5294,6 +5342,7 @@ def test_ap_wpa2_eap_ttls_dh_params_serv +@@ -5264,6 +5312,7 @@ def test_ap_wpa2_eap_ttls_dh_params_serv def test_ap_wpa2_eap_ttls_dh_params_dsa_server(dev, apdev): """WPA2-Enterprise using EAP-TTLS and alternative server dhparams (DSA)""" @@ -838,7 +838,7 @@ Signed-off-by: Glenn Strauss params = int_eap_server_params() params["dh_file"] = "auth_serv/dsaparam.pem" hapd = hostapd.add_ap(apdev[0], params) -@@ -5605,8 +5654,8 @@ def test_ap_wpa2_eap_non_ascii_identity2 +@@ -5575,8 +5624,8 @@ def test_ap_wpa2_eap_non_ascii_identity2 def test_openssl_cipher_suite_config_wpas(dev, apdev): """OpenSSL cipher suite configuration on wpa_supplicant""" tls = dev[0].request("GET tls_library") @@ -849,7 +849,7 @@ Signed-off-by: Glenn Strauss params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap") hapd = hostapd.add_ap(apdev[0], params) eap_connect(dev[0], hapd, "TTLS", "pap user", -@@ -5632,14 +5681,14 @@ def test_openssl_cipher_suite_config_wpa +@@ -5602,14 +5651,14 @@ def test_openssl_cipher_suite_config_wpa def test_openssl_cipher_suite_config_hapd(dev, apdev): """OpenSSL cipher suite configuration on hostapd""" tls = dev[0].request("GET tls_library") @@ -868,7 +868,7 @@ Signed-off-by: Glenn Strauss eap_connect(dev[0], hapd, "TTLS", "pap user", anonymous_identity="ttls", password="password", ca_cert="auth_serv/ca.pem", phase2="auth=PAP") -@@ -6081,13 +6130,17 @@ def test_ap_wpa2_eap_tls_versions(dev, a +@@ -6051,13 +6100,17 @@ def test_ap_wpa2_eap_tls_versions(dev, a check_tls_ver(dev[0], hapd, "tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=1", "TLSv1.2") @@ -891,7 +891,7 @@ Signed-off-by: Glenn Strauss if "run=OpenSSL 1.1.1" in tls or "run=OpenSSL 3.0" in tls: check_tls_ver(dev[0], hapd, "tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=1 tls_disable_tlsv1_2=1 tls_disable_tlsv1_3=0", "TLSv1.3") -@@ -6109,6 +6162,11 @@ def test_ap_wpa2_eap_tls_versions_server +@@ -6079,6 +6132,11 @@ def test_ap_wpa2_eap_tls_versions_server tests = [("TLSv1", "[ENABLE-TLSv1.0][DISABLE-TLSv1.1][DISABLE-TLSv1.2][DISABLE-TLSv1.3]"), ("TLSv1.1", "[ENABLE-TLSv1.0][ENABLE-TLSv1.1][DISABLE-TLSv1.2][DISABLE-TLSv1.3]"), ("TLSv1.2", "[ENABLE-TLSv1.0][ENABLE-TLSv1.1][ENABLE-TLSv1.2][DISABLE-TLSv1.3]")] @@ -903,7 +903,7 @@ Signed-off-by: Glenn Strauss for exp, flags in tests: hapd.disable() hapd.set("tls_flags", flags) -@@ -7145,6 +7203,7 @@ def test_ap_wpa2_eap_assoc_rsn(dev, apde +@@ -7115,6 +7173,7 @@ def test_ap_wpa2_eap_assoc_rsn(dev, apde def test_eap_tls_ext_cert_check(dev, apdev): """EAP-TLS and external server certification validation""" # With internal server certificate chain validation @@ -911,7 +911,7 @@ Signed-off-by: Glenn Strauss id = dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TLS", identity="tls user", ca_cert="auth_serv/ca.pem", -@@ -7157,6 +7216,7 @@ def test_eap_tls_ext_cert_check(dev, apd +@@ -7127,6 +7186,7 @@ def test_eap_tls_ext_cert_check(dev, apd def test_eap_ttls_ext_cert_check(dev, apdev): """EAP-TTLS and external server certification validation""" # Without internal server certificate chain validation @@ -919,7 +919,7 @@ Signed-off-by: Glenn Strauss id = dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS", identity="pap user", anonymous_identity="ttls", password="password", phase2="auth=PAP", -@@ -7167,6 +7227,7 @@ def test_eap_ttls_ext_cert_check(dev, ap +@@ -7137,6 +7197,7 @@ def test_eap_ttls_ext_cert_check(dev, ap def test_eap_peap_ext_cert_check(dev, apdev): """EAP-PEAP and external server certification validation""" # With internal server certificate chain validation @@ -927,7 +927,7 @@ Signed-off-by: Glenn Strauss id = dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="PEAP", identity="user", anonymous_identity="peap", ca_cert="auth_serv/ca.pem", -@@ -7177,6 +7238,7 @@ def test_eap_peap_ext_cert_check(dev, ap +@@ -7147,6 +7208,7 @@ def test_eap_peap_ext_cert_check(dev, ap def test_eap_fast_ext_cert_check(dev, apdev): """EAP-FAST and external server certification validation""" @@ -935,7 +935,7 @@ Signed-off-by: Glenn Strauss check_eap_capa(dev[0], "FAST") # With internal server certificate chain validation dev[0].request("SET blob fast_pac_auth_ext ") -@@ -7191,10 +7253,6 @@ def test_eap_fast_ext_cert_check(dev, ap +@@ -7161,10 +7223,6 @@ def test_eap_fast_ext_cert_check(dev, ap run_ext_cert_check(dev, apdev, id) def run_ext_cert_check(dev, apdev, net_id): @@ -948,7 +948,7 @@ Signed-off-by: Glenn Strauss --- a/tests/hwsim/test_ap_ft.py +++ b/tests/hwsim/test_ap_ft.py -@@ -2347,11 +2347,11 @@ def test_ap_ft_ap_oom5(dev, apdev): +@@ -2471,11 +2471,11 @@ def test_ap_ft_ap_oom5(dev, apdev): # This will fail to roam dev[0].roam(bssid1, check_bssid=False) @@ -992,7 +992,7 @@ Signed-off-by: Glenn Strauss raise HwsimSkip("Crypto library does not support Brainpool curves: " + tls) capa = dev.request("GET_CAPABILITY dpp") ver = 1 -@@ -3621,6 +3622,9 @@ def test_dpp_proto_auth_req_no_i_proto_k +@@ -3892,6 +3893,9 @@ def test_dpp_proto_auth_req_no_i_proto_k def test_dpp_proto_auth_req_invalid_i_proto_key(dev, apdev): """DPP protocol testing - invalid I-proto key in Auth Req""" @@ -1002,7 +1002,7 @@ Signed-off-by: Glenn Strauss run_dpp_proto_auth_req_missing(dev, 66, "Invalid Initiator Protocol Key") def test_dpp_proto_auth_req_no_i_nonce(dev, apdev): -@@ -3716,7 +3720,12 @@ def test_dpp_proto_auth_resp_no_r_proto_ +@@ -3987,7 +3991,12 @@ def test_dpp_proto_auth_resp_no_r_proto_ def test_dpp_proto_auth_resp_invalid_r_proto_key(dev, apdev): """DPP protocol testing - invalid R-Proto Key in Auth Resp""" @@ -1016,7 +1016,7 @@ Signed-off-by: Glenn Strauss def test_dpp_proto_auth_resp_no_r_nonce(dev, apdev): """DPP protocol testing - no R-nonce in Auth Resp""" -@@ -4078,11 +4087,17 @@ def test_dpp_proto_pkex_exchange_resp_in +@@ -4349,11 +4358,17 @@ def test_dpp_proto_pkex_exchange_resp_in def test_dpp_proto_pkex_cr_req_invalid_bootstrap_key(dev, apdev): """DPP protocol testing - invalid Bootstrap Key in PKEX Commit-Reveal Request""" @@ -1106,7 +1106,7 @@ Signed-off-by: Glenn Strauss raise HwsimSkip("EC group not supported") --- a/tests/hwsim/test_pmksa_cache.py +++ b/tests/hwsim/test_pmksa_cache.py -@@ -954,7 +954,7 @@ def test_pmksa_cache_preauth_wpas_oom(de +@@ -955,7 +955,7 @@ def test_pmksa_cache_preauth_wpas_oom(de eap_connect(dev[0], hapd, "PAX", "pax.user@example.com", password_hex="0123456789abcdef0123456789abcdef", bssid=apdev[0]['bssid']) @@ -1115,7 +1115,7 @@ Signed-off-by: Glenn Strauss with alloc_fail(dev[0], i, "rsn_preauth_init"): res = dev[0].request("PREAUTH f2:11:22:33:44:55").strip() logger.info("Iteration %d - PREAUTH command results: %s" % (i, res)) -@@ -962,7 +962,7 @@ def test_pmksa_cache_preauth_wpas_oom(de +@@ -963,7 +963,7 @@ def test_pmksa_cache_preauth_wpas_oom(de state = dev[0].request('GET_ALLOC_FAIL') if state.startswith('0:'): break @@ -1138,7 +1138,7 @@ Signed-off-by: Glenn Strauss heavy_groups = [14, 15, 16] suitable_groups = [15, 16, 17, 18, 19, 20, 21] groups = [str(g) for g in sae_groups] -@@ -2122,6 +2127,8 @@ def run_sae_pwe_group(dev, apdev, group) +@@ -2188,6 +2193,8 @@ def run_sae_pwe_group(dev, apdev, group) logger.info("Add Brainpool EC groups since OpenSSL is new enough") elif tls.startswith("wolfSSL"): logger.info("Make sure Brainpool EC groups were enabled when compiling wolfSSL") @@ -1149,7 +1149,7 @@ Signed-off-by: Glenn Strauss start_sae_pwe_ap(apdev[0], group, 2) --- a/tests/hwsim/test_suite_b.py +++ b/tests/hwsim/test_suite_b.py -@@ -26,6 +26,8 @@ def check_suite_b_tls_lib(dev, dhe=False +@@ -27,6 +27,8 @@ def check_suite_b_tls_lib(dev, dhe=False return if tls.startswith("wolfSSL"): return @@ -1158,7 +1158,7 @@ Signed-off-by: Glenn Strauss if not tls.startswith("OpenSSL"): raise HwsimSkip("TLS library not supported for Suite B: " + tls) supported = False -@@ -499,6 +501,7 @@ def test_suite_b_192_rsa_insufficient_dh +@@ -520,6 +522,7 @@ def test_suite_b_192_rsa_insufficient_dh dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192", ieee80211w="2", @@ -1168,7 +1168,7 @@ Signed-off-by: Glenn Strauss ca_cert="auth_serv/rsa3072-ca.pem", --- a/tests/hwsim/test_wpas_ctrl.py +++ b/tests/hwsim/test_wpas_ctrl.py -@@ -1834,7 +1834,7 @@ def _test_wpas_ctrl_oom(dev): +@@ -1842,7 +1842,7 @@ def _test_wpas_ctrl_oom(dev): tls = dev[0].request("GET tls_library") if not tls.startswith("internal"): tests.append(('NFC_GET_HANDOVER_SEL NDEF P2P-CR-TAG', 'FAIL', @@ -1179,7 +1179,7 @@ Signed-off-by: Glenn Strauss res = dev[0].request(cmd) --- a/tests/hwsim/utils.py +++ b/tests/hwsim/utils.py -@@ -135,7 +135,13 @@ def check_fils_sk_pfs_capa(dev): +@@ -141,7 +141,13 @@ def check_imsi_privacy_support(dev): def check_tls_tod(dev): tls = dev.request("GET tls_library") @@ -1308,7 +1308,7 @@ Signed-off-by: Glenn Strauss if (need_more_data) { --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -1108,6 +1108,7 @@ CFLAGS += -DCONFIG_TLSV12 +@@ -1122,6 +1122,7 @@ CFLAGS += -DCONFIG_TLSV12 endif ifeq ($(CONFIG_TLS), wolfssl) @@ -1316,7 +1316,7 @@ Signed-off-by: Glenn Strauss ifdef TLS_FUNCS CFLAGS += -DWOLFSSL_DER_LOAD OBJS += ../src/crypto/tls_wolfssl.o -@@ -1123,6 +1124,7 @@ LIBS_p += -lwolfssl -lm +@@ -1137,6 +1138,7 @@ LIBS_p += -lwolfssl -lm endif ifeq ($(CONFIG_TLS), openssl) @@ -1324,7 +1324,7 @@ Signed-off-by: Glenn Strauss CFLAGS += -DCRYPTO_RSA_OAEP_SHA256 ifdef TLS_FUNCS CFLAGS += -DEAP_TLS_OPENSSL -@@ -1150,6 +1152,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF +@@ -1164,6 +1166,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF endif ifeq ($(CONFIG_TLS), mbedtls) @@ -1332,7 +1332,7 @@ Signed-off-by: Glenn Strauss ifndef CONFIG_CRYPTO CONFIG_CRYPTO=mbedtls endif -@@ -1169,6 +1172,7 @@ endif +@@ -1183,6 +1186,7 @@ endif endif ifeq ($(CONFIG_TLS), gnutls) @@ -1340,7 +1340,7 @@ Signed-off-by: Glenn Strauss ifndef CONFIG_CRYPTO # default to libgcrypt CONFIG_CRYPTO=gnutls -@@ -1199,6 +1203,7 @@ endif +@@ -1213,6 +1217,7 @@ endif endif ifeq ($(CONFIG_TLS), internal) @@ -1348,7 +1348,7 @@ Signed-off-by: Glenn Strauss ifndef CONFIG_CRYPTO CONFIG_CRYPTO=internal endif -@@ -1279,6 +1284,7 @@ endif +@@ -1293,6 +1298,7 @@ endif endif ifeq ($(CONFIG_TLS), linux) diff --git a/package/network/services/hostapd/patches/150-add-NULL-checks-encountered-during-tests-hwsim.patch b/package/network/services/hostapd/patches/150-add-NULL-checks-encountered-during-tests-hwsim.patch index 361f72614696..c8c3ff33f420 100644 --- a/package/network/services/hostapd/patches/150-add-NULL-checks-encountered-during-tests-hwsim.patch +++ b/package/network/services/hostapd/patches/150-add-NULL-checks-encountered-during-tests-hwsim.patch @@ -14,7 +14,7 @@ Signed-off-by: Glenn Strauss --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c -@@ -248,6 +248,12 @@ struct crypto_ec_key * dpp_set_pubkey_po +@@ -269,6 +269,12 @@ int dpp_get_pubkey_hash(struct crypto_ec struct crypto_ec_key * dpp_gen_keypair(const struct dpp_curve_params *curve) { diff --git a/package/network/services/hostapd/patches/160-dpp_pkex-EC-point-mul-w-value-prime.patch b/package/network/services/hostapd/patches/160-dpp_pkex-EC-point-mul-w-value-prime.patch index 56ae8d0b8679..db4fcfe2357c 100644 --- a/package/network/services/hostapd/patches/160-dpp_pkex-EC-point-mul-w-value-prime.patch +++ b/package/network/services/hostapd/patches/160-dpp_pkex-EC-point-mul-w-value-prime.patch @@ -13,7 +13,7 @@ Signed-off-by: Glenn Strauss --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c -@@ -1567,7 +1567,9 @@ dpp_pkex_derive_Qr(const struct dpp_curv +@@ -1588,7 +1588,9 @@ dpp_pkex_derive_Qr(const struct dpp_curv Pr = crypto_ec_key_get_public_key(Pr_key); Qr = crypto_ec_point_init(ec); hash_bn = crypto_bignum_init_set(hash, curve->hash_len); diff --git a/package/network/services/hostapd/patches/170-DPP-fix-memleak-of-intro.peer_key.patch b/package/network/services/hostapd/patches/170-DPP-fix-memleak-of-intro.peer_key.patch deleted file mode 100644 index 157347d6d76f..000000000000 --- a/package/network/services/hostapd/patches/170-DPP-fix-memleak-of-intro.peer_key.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 639bb1bb912029ec4ff110c3ed807b62f583d6bf Mon Sep 17 00:00:00 2001 -From: Glenn Strauss -Date: Sun, 9 Oct 2022 04:02:44 -0400 -Subject: [PATCH 7/7] DPP: fix memleak of intro.peer_key - -fix memleak of intro.peer_key in wpas_dpp_rx_peer_disc_resp() - -Signed-off-by: Glenn Strauss ---- - wpa_supplicant/dpp_supplicant.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - ---- a/wpa_supplicant/dpp_supplicant.c -+++ b/wpa_supplicant/dpp_supplicant.c -@@ -2610,6 +2610,8 @@ static void wpas_dpp_rx_peer_disc_resp(s - return; - } - -+ os_memset(&intro, 0, sizeof(intro)); -+ - trans_id = dpp_get_attr(buf, len, DPP_ATTR_TRANSACTION_ID, - &trans_id_len); - if (!trans_id || trans_id_len != 1) { -@@ -2720,7 +2722,7 @@ static void wpas_dpp_rx_peer_disc_resp(s - wpa_supplicant_req_scan(wpa_s, 0, 0); - } - fail: -- os_memset(&intro, 0, sizeof(intro)); -+ dpp_peer_intro_deinit(&intro); - } - - diff --git a/package/network/services/hostapd/patches/170-wpa_supplicant-fix-compiling-without-IEEE8021X_EAPOL.patch b/package/network/services/hostapd/patches/170-wpa_supplicant-fix-compiling-without-IEEE8021X_EAPOL.patch new file mode 100644 index 000000000000..7724f1ae8d64 --- /dev/null +++ b/package/network/services/hostapd/patches/170-wpa_supplicant-fix-compiling-without-IEEE8021X_EAPOL.patch @@ -0,0 +1,41 @@ +From c85ce84d942e1eabde33e120b18e5b1f1637b76e Mon Sep 17 00:00:00 2001 +From: Nick Hainke +Date: Tue, 14 Mar 2023 21:40:53 +0100 +Subject: [PATCH] wpa_supplicant: fix compiling without IEEE8021X_EAPOL + +If IEEE8021X_EAPOL is not defined wpa_supplicant will not compile with +following error: + + events.c: In function 'wpa_supplicant_connect': + events.c:1827:14: warning: implicit declaration of function 'eap_is_wps_pbc_enrollee' [-Wimplicit-function-declaration] + 1827 | if ((eap_is_wps_pbc_enrollee(&ssid->eap) && + | ^~~~~~~~~~~~~~~~~~~~~~~ + events.c:1827:43: error: 'struct wpa_ssid' has no member named 'eap' + 1827 | if ((eap_is_wps_pbc_enrollee(&ssid->eap) && + | ^~ + +Adding ifdef statements around the calling function fixes the issue. + +Signed-off-by: Nick Hainke +--- + wpa_supplicant/events.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/wpa_supplicant/events.c ++++ b/wpa_supplicant/events.c +@@ -1824,6 +1824,7 @@ int wpa_supplicant_connect(struct wpa_su + struct wpa_bss *selected, + struct wpa_ssid *ssid) + { ++#ifdef IEEE8021X_EAPOL + if ((eap_is_wps_pbc_enrollee(&ssid->eap) && + wpas_wps_partner_link_overlap_detect(wpa_s)) || + wpas_wps_scan_pbc_overlap(wpa_s, selected, ssid)) { +@@ -1846,6 +1847,7 @@ int wpa_supplicant_connect(struct wpa_su + #endif /* CONFIG_WPS */ + return -1; + } ++#endif /* IEEE8021X_EAPOL */ + + wpa_msg(wpa_s, MSG_DEBUG, + "Considering connect request: reassociate: %d selected: " diff --git a/package/network/services/hostapd/patches/200-multicall.patch b/package/network/services/hostapd/patches/200-multicall.patch index 0db8caa20e1a..f12aeb0ca9e3 100644 --- a/package/network/services/hostapd/patches/200-multicall.patch +++ b/package/network/services/hostapd/patches/200-multicall.patch @@ -36,7 +36,7 @@ LIBS += $(DRV_AP_LIBS) ifdef CONFIG_L2_PACKET -@@ -1378,6 +1384,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR) +@@ -1380,6 +1386,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR) _OBJS_VAR := OBJS include ../src/objs.mk @@ -49,7 +49,7 @@ hostapd: $(OBJS) $(Q)$(CC) $(LDFLAGS) -o hostapd $(OBJS) $(LIBS) @$(E) " LD " $@ -@@ -1458,6 +1470,12 @@ include ../src/objs.mk +@@ -1460,6 +1472,12 @@ include ../src/objs.mk _OBJS_VAR := SOBJS include ../src/objs.mk @@ -71,8 +71,8 @@ +-include $(if $(MULTICALL),../hostapd/.config) include ../src/build.rules - ifdef CONFIG_BUILD_WPA_CLIENT_SO -@@ -371,7 +372,9 @@ endif + ifdef CONFIG_BUILD_PASN_SO +@@ -382,7 +383,9 @@ endif ifdef CONFIG_IBSS_RSN NEED_RSN_AUTHENTICATOR=y CFLAGS += -DCONFIG_IBSS_RSN @@ -82,7 +82,7 @@ OBJS += ibss_rsn.o endif -@@ -912,6 +915,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS +@@ -924,6 +927,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS CFLAGS += -DCONFIG_DYNAMIC_EAP_METHODS LIBS += -ldl -rdynamic endif @@ -93,7 +93,7 @@ endif ifdef CONFIG_AP -@@ -919,9 +926,11 @@ NEED_EAP_COMMON=y +@@ -931,9 +938,11 @@ NEED_EAP_COMMON=y NEED_RSN_AUTHENTICATOR=y CFLAGS += -DCONFIG_AP OBJS += ap.o @@ -105,7 +105,7 @@ OBJS += ../src/ap/hostapd.o OBJS += ../src/ap/wpa_auth_glue.o OBJS += ../src/ap/utils.o -@@ -1008,6 +1017,12 @@ endif +@@ -1022,6 +1031,12 @@ endif ifdef CONFIG_HS20 OBJS += ../src/ap/hs20.o endif @@ -118,7 +118,7 @@ endif ifdef CONFIG_MBO -@@ -1016,7 +1031,9 @@ CFLAGS += -DCONFIG_MBO +@@ -1030,7 +1045,9 @@ CFLAGS += -DCONFIG_MBO endif ifdef NEED_RSN_AUTHENTICATOR @@ -128,7 +128,7 @@ NEED_AES_WRAP=y OBJS += ../src/ap/wpa_auth.o OBJS += ../src/ap/wpa_auth_ie.o -@@ -1996,6 +2013,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv) +@@ -2010,6 +2027,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv) _OBJS_VAR := OBJS include ../src/objs.mk @@ -141,7 +141,7 @@ wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs) $(Q)$(LDO) $(LDFLAGS) -o wpa_supplicant $(OBJS) $(LIBS) $(EXTRALIBS) @$(E) " LD " $@ -@@ -2128,6 +2151,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK) +@@ -2142,6 +2165,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK) $(Q)sed -e 's|\@BINDIR\@|$(BINDIR)|g' $< >$@ @$(E) " sed" $< @@ -156,7 +156,7 @@ wpa_cli.exe: wpa_cli --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -6171,8 +6171,8 @@ union wpa_event_data { +@@ -6544,8 +6544,8 @@ union wpa_event_data { * Driver wrapper code should call this function whenever an event is received * from the driver. */ @@ -167,7 +167,7 @@ /** * wpa_supplicant_event_global - Report a driver event for wpa_supplicant -@@ -6184,7 +6184,7 @@ void wpa_supplicant_event(void *ctx, enu +@@ -6557,7 +6557,7 @@ void wpa_supplicant_event(void *ctx, enu * Same as wpa_supplicant_event(), but we search for the interface in * wpa_global. */ @@ -178,7 +178,7 @@ /* --- a/src/ap/drv_callbacks.c +++ b/src/ap/drv_callbacks.c -@@ -1872,8 +1872,8 @@ err: +@@ -1887,8 +1887,8 @@ err: #endif /* CONFIG_OWE */ @@ -189,7 +189,7 @@ { struct hostapd_data *hapd = ctx; #ifndef CONFIG_NO_STDOUT_DEBUG -@@ -2145,7 +2145,7 @@ void wpa_supplicant_event(void *ctx, enu +@@ -2161,7 +2161,7 @@ void wpa_supplicant_event(void *ctx, enu } @@ -200,7 +200,7 @@ struct hapd_interfaces *interfaces = ctx; --- a/wpa_supplicant/wpa_priv.c +++ b/wpa_supplicant/wpa_priv.c -@@ -1038,8 +1038,8 @@ static void wpa_priv_send_ft_response(st +@@ -1039,8 +1039,8 @@ static void wpa_priv_send_ft_response(st } @@ -211,7 +211,7 @@ { struct wpa_priv_interface *iface = ctx; -@@ -1102,7 +1102,7 @@ void wpa_supplicant_event(void *ctx, enu +@@ -1103,7 +1103,7 @@ void wpa_supplicant_event(void *ctx, enu } @@ -220,7 +220,7 @@ union wpa_event_data *data) { struct wpa_priv_global *global = ctx; -@@ -1216,6 +1216,8 @@ int main(int argc, char *argv[]) +@@ -1217,6 +1217,8 @@ int main(int argc, char *argv[]) if (os_program_init()) return -1; @@ -231,7 +231,7 @@ os_memset(&global, 0, sizeof(global)); --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c -@@ -4953,8 +4953,8 @@ static void wpas_event_unprot_beacon(str +@@ -5237,8 +5237,8 @@ static void wpas_event_unprot_beacon(str } @@ -242,7 +242,7 @@ { struct wpa_supplicant *wpa_s = ctx; int resched; -@@ -5813,7 +5813,7 @@ void wpa_supplicant_event(void *ctx, enu +@@ -6149,7 +6149,7 @@ void wpa_supplicant_event(void *ctx, enu } @@ -253,7 +253,7 @@ struct wpa_supplicant *wpa_s; --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -7087,7 +7087,6 @@ struct wpa_interface * wpa_supplicant_ma +@@ -7408,7 +7408,6 @@ struct wpa_interface * wpa_supplicant_ma return NULL; } @@ -261,7 +261,7 @@ /** * wpa_supplicant_match_existing - Match existing interfaces * @global: Pointer to global data from wpa_supplicant_init() -@@ -7122,6 +7121,11 @@ static int wpa_supplicant_match_existing +@@ -7443,6 +7442,11 @@ static int wpa_supplicant_match_existing #endif /* CONFIG_MATCH_IFACE */ @@ -273,7 +273,7 @@ /** * wpa_supplicant_add_iface - Add a new network interface -@@ -7378,6 +7382,8 @@ struct wpa_global * wpa_supplicant_init( +@@ -7699,6 +7703,8 @@ struct wpa_global * wpa_supplicant_init( #ifndef CONFIG_NO_WPA_MSG wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb); #endif /* CONFIG_NO_WPA_MSG */ @@ -284,7 +284,7 @@ wpa_debug_open_file(params->wpa_debug_file_path); --- a/hostapd/main.c +++ b/hostapd/main.c -@@ -591,6 +591,11 @@ fail: +@@ -595,6 +595,11 @@ fail: return -1; } @@ -296,7 +296,7 @@ #ifdef CONFIG_WPS static int gen_uuid(const char *txt_addr) -@@ -684,6 +689,8 @@ int main(int argc, char *argv[]) +@@ -688,6 +693,8 @@ int main(int argc, char *argv[]) return -1; #endif /* CONFIG_DPP */ diff --git a/package/network/services/hostapd/patches/300-noscan.patch b/package/network/services/hostapd/patches/300-noscan.patch index a0e00c4d5646..91e1aaad8333 100644 --- a/package/network/services/hostapd/patches/300-noscan.patch +++ b/package/network/services/hostapd/patches/300-noscan.patch @@ -1,6 +1,6 @@ --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3439,6 +3439,10 @@ static int hostapd_config_fill(struct ho +@@ -3446,6 +3446,10 @@ static int hostapd_config_fill(struct ho if (bss->ocv && !bss->ieee80211w) bss->ieee80211w = 1; #endif /* CONFIG_OCV */ @@ -13,7 +13,7 @@ } else if (os_strcmp(buf, "ht_capab") == 0) { --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h -@@ -1043,6 +1043,8 @@ struct hostapd_config { +@@ -1061,6 +1061,8 @@ struct hostapd_config { int ht_op_mode_fixed; u16 ht_capab; diff --git a/package/network/services/hostapd/patches/301-mesh-noscan.patch b/package/network/services/hostapd/patches/301-mesh-noscan.patch index 998540198ec1..8a1bdaa1854a 100644 --- a/package/network/services/hostapd/patches/301-mesh-noscan.patch +++ b/package/network/services/hostapd/patches/301-mesh-noscan.patch @@ -1,6 +1,6 @@ --- a/wpa_supplicant/config.c +++ b/wpa_supplicant/config.c -@@ -2555,6 +2555,7 @@ static const struct parse_data ssid_fiel +@@ -2599,6 +2599,7 @@ static const struct parse_data ssid_fiel #else /* CONFIG_MESH */ { INT_RANGE(mode, 0, 4) }, #endif /* CONFIG_MESH */ @@ -10,7 +10,7 @@ { STR(id_str) }, --- a/wpa_supplicant/config_file.c +++ b/wpa_supplicant/config_file.c -@@ -766,6 +766,7 @@ static void wpa_config_write_network(FIL +@@ -775,6 +775,7 @@ static void wpa_config_write_network(FIL #endif /* IEEE8021X_EAPOL */ INT(mode); INT(no_auto_peer); @@ -31,36 +31,36 @@ /* --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -2463,7 +2463,7 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -2693,7 +2693,7 @@ static bool ibss_mesh_can_use_vht(struct + const struct wpa_ssid *ssid, + struct hostapd_hw_modes *mode) + { +- if (mode->mode != HOSTAPD_MODE_IEEE80211A) ++ if (mode->mode != HOSTAPD_MODE_IEEE80211A && !(ssid->noscan)) + return false; + + if (!drv_supports_vht(wpa_s, ssid)) +@@ -2766,7 +2766,7 @@ static void ibss_mesh_select_40mhz(struc + int i, res; + unsigned int j; + static const int ht40plus[] = { +- 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157, 165, 173, ++ 1, 2, 3, 4, 5, 6, 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157, 165, 173, + 184, 192 + }; + int ht40 = -1; +@@ -3016,7 +3016,7 @@ void ibss_mesh_setup_freq(struct wpa_sup int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode); enum hostapd_hw_mode hw_mode; struct hostapd_hw_modes *mode = NULL; -- int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157, -+ int ht40plus[] = { 1, 2, 3, 4, 5, 6, 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157, - 184, 192 }; - int bw80[] = { 5180, 5260, 5500, 5580, 5660, 5745, 5955, - 6035, 6115, 6195, 6275, 6355, 6435, 6515, -@@ -2471,7 +2471,7 @@ void ibss_mesh_setup_freq(struct wpa_sup - int bw160[] = { 5955, 6115, 6275, 6435, 6595, 6755, 6915 }; - struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL; +- int i, obss_scan = 1; ++ int i, obss_scan = !(ssid->noscan); u8 channel; -- int i, chan_idx, ht40 = -1, res, obss_scan = 1; -+ int i, chan_idx, ht40 = -1, res, obss_scan = !(ssid->noscan); - unsigned int j, k; - struct hostapd_freq_params vht_freq; - int chwidth, seg0, seg1; -@@ -2562,7 +2562,7 @@ void ibss_mesh_setup_freq(struct wpa_sup - #endif /* CONFIG_HE_OVERRIDES */ - - /* Setup higher BW only for 5 GHz */ -- if (mode->mode != HOSTAPD_MODE_IEEE80211A) -+ if (mode->mode != HOSTAPD_MODE_IEEE80211A && !(ssid->noscan)) - return; - - for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) { + bool is_6ghz; + bool dfs_enabled = wpa_s->conf->country[0] && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR); --- a/wpa_supplicant/config_ssid.h +++ b/wpa_supplicant/config_ssid.h -@@ -981,6 +981,8 @@ struct wpa_ssid { +@@ -1035,6 +1035,8 @@ struct wpa_ssid { */ int no_auto_peer; diff --git a/package/network/services/hostapd/patches/310-rescan_immediately.patch b/package/network/services/hostapd/patches/310-rescan_immediately.patch index 2c2541947c35..033f763094d5 100644 --- a/package/network/services/hostapd/patches/310-rescan_immediately.patch +++ b/package/network/services/hostapd/patches/310-rescan_immediately.patch @@ -1,6 +1,6 @@ --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -5419,7 +5419,7 @@ wpa_supplicant_alloc(struct wpa_supplica +@@ -5713,7 +5713,7 @@ wpa_supplicant_alloc(struct wpa_supplica if (wpa_s == NULL) return NULL; wpa_s->scan_req = INITIAL_SCAN_REQ; diff --git a/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch b/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch index 8218a439ac5b..93a03a6db670 100644 --- a/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch +++ b/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch @@ -1,6 +1,6 @@ --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -5022,7 +5022,7 @@ static int nl80211_set_channel(struct i8 +@@ -5224,7 +5224,7 @@ static int nl80211_set_channel(struct i8 freq->he_enabled, freq->eht_enabled, freq->bandwidth, freq->center_freq1, freq->center_freq2); diff --git a/package/network/services/hostapd/patches/340-reload_freq_change.patch b/package/network/services/hostapd/patches/340-reload_freq_change.patch index b59107463477..9a468079d1a5 100644 --- a/package/network/services/hostapd/patches/340-reload_freq_change.patch +++ b/package/network/services/hostapd/patches/340-reload_freq_change.patch @@ -1,6 +1,6 @@ --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -119,6 +119,29 @@ static void hostapd_reload_bss(struct ho +@@ -142,6 +142,29 @@ static void hostapd_reload_bss(struct ho #endif /* CONFIG_NO_RADIUS */ ssid = &hapd->conf->ssid; @@ -30,7 +30,7 @@ if (!ssid->wpa_psk_set && ssid->wpa_psk && !ssid->wpa_psk->next && ssid->wpa_passphrase_set && ssid->wpa_passphrase) { /* -@@ -220,6 +243,7 @@ int hostapd_reload_config(struct hostapd +@@ -250,6 +273,7 @@ int hostapd_reload_config(struct hostapd struct hostapd_data *hapd = iface->bss[0]; struct hostapd_config *newconf, *oldconf; size_t j; @@ -38,7 +38,7 @@ if (iface->config_fname == NULL) { /* Only in-memory config in use - assume it has been updated */ -@@ -270,24 +294,20 @@ int hostapd_reload_config(struct hostapd +@@ -300,6 +324,17 @@ int hostapd_reload_config(struct hostapd } iface->conf = newconf; @@ -55,6 +55,10 @@ + for (j = 0; j < iface->num_bss; j++) { hapd = iface->bss[j]; + if (!hapd->conf->config_id || !newconf->bss[j]->config_id || +@@ -307,21 +342,6 @@ int hostapd_reload_config(struct hostapd + newconf->bss[j]->config_id) != 0) + hostapd_clear_old_bss(hapd); hapd->iconf = newconf; - hapd->iconf->channel = oldconf->channel; - hapd->iconf->acs = oldconf->acs; diff --git a/package/network/services/hostapd/patches/341-mesh-ctrl-iface-channel-switch.patch b/package/network/services/hostapd/patches/341-mesh-ctrl-iface-channel-switch.patch index 29a3799b5e7a..8784452876b2 100644 --- a/package/network/services/hostapd/patches/341-mesh-ctrl-iface-channel-switch.patch +++ b/package/network/services/hostapd/patches/341-mesh-ctrl-iface-channel-switch.patch @@ -1,6 +1,6 @@ --- a/wpa_supplicant/ap.c +++ b/wpa_supplicant/ap.c -@@ -1803,15 +1803,35 @@ int ap_switch_channel(struct wpa_supplic +@@ -1825,15 +1825,35 @@ int ap_switch_channel(struct wpa_supplic #ifdef CONFIG_CTRL_IFACE diff --git a/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch b/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch index a88b63e913d2..a943395b5640 100644 --- a/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch +++ b/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch @@ -1,34 +1,35 @@ --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -2938,11 +2938,11 @@ static int wpa_driver_nl80211_del_beacon - struct wpa_driver_nl80211_data *drv = bss->drv; +@@ -3006,12 +3006,12 @@ static int wpa_driver_nl80211_del_beacon + return 0; wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)", - drv->ifindex); + bss->ifindex); - bss->beacon_set = 0; - bss->freq = 0; + link->beacon_set = 0; + link->freq = 0; + nl80211_put_wiphy_data_ap(bss); - msg = nl80211_drv_msg(drv, 0, NL80211_CMD_DEL_BEACON); + msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_BEACON); - return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); - } + if (!msg) + return -ENOBUFS; -@@ -5661,7 +5661,7 @@ static void nl80211_teardown_ap(struct i +@@ -5907,7 +5907,7 @@ static void nl80211_teardown_ap(struct i nl80211_mgmt_unsubscribe(bss, "AP teardown"); nl80211_put_wiphy_data_ap(bss); -- bss->beacon_set = 0; -+ wpa_driver_nl80211_del_beacon(bss); +- bss->flink->beacon_set = 0; ++ wpa_driver_nl80211_del_beacon_all(bss); } -@@ -8120,8 +8120,6 @@ static int wpa_driver_nl80211_if_remove( +@@ -8642,8 +8642,6 @@ static int wpa_driver_nl80211_if_remove( } else { wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context"); nl80211_teardown_ap(bss); - if (!bss->added_if && !drv->first_bss->next) -- wpa_driver_nl80211_del_beacon(bss); +- wpa_driver_nl80211_del_beacon_all(bss); nl80211_destroy_bss(bss); if (!bss->added_if) i802_set_iface_flags(bss, 0); diff --git a/package/network/services/hostapd/patches/360-ctrl_iface_reload.patch b/package/network/services/hostapd/patches/360-ctrl_iface_reload.patch index 7699541fd463..e9f46ce9d36f 100644 --- a/package/network/services/hostapd/patches/360-ctrl_iface_reload.patch +++ b/package/network/services/hostapd/patches/360-ctrl_iface_reload.patch @@ -1,6 +1,6 @@ --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c -@@ -67,6 +67,7 @@ +@@ -68,6 +68,7 @@ #include "fst/fst_ctrl_iface.h" #include "config_file.h" #include "ctrl_iface.h" @@ -8,7 +8,7 @@ #define HOSTAPD_CLI_DUP_VALUE_MAX_LEN 256 -@@ -82,6 +83,7 @@ static void hostapd_ctrl_iface_send(stru +@@ -83,6 +84,7 @@ static void hostapd_ctrl_iface_send(stru enum wpa_msg_type type, const char *buf, size_t len); @@ -16,7 +16,7 @@ static int hostapd_ctrl_iface_attach(struct hostapd_data *hapd, struct sockaddr_storage *from, -@@ -133,6 +135,61 @@ static int hostapd_ctrl_iface_new_sta(st +@@ -134,6 +136,61 @@ static int hostapd_ctrl_iface_new_sta(st return 0; } @@ -78,7 +78,7 @@ #ifdef NEED_AP_MLME static int hostapd_ctrl_iface_sa_query(struct hostapd_data *hapd, -@@ -3449,6 +3506,8 @@ static int hostapd_ctrl_iface_receive_pr +@@ -3529,6 +3586,8 @@ static int hostapd_ctrl_iface_receive_pr } else if (os_strncmp(buf, "VENDOR ", 7) == 0) { reply_len = hostapd_ctrl_iface_vendor(hapd, buf + 7, reply, reply_size); @@ -89,7 +89,7 @@ #ifdef RADIUS_SERVER --- a/src/ap/ctrl_iface_ap.c +++ b/src/ap/ctrl_iface_ap.c -@@ -945,7 +945,13 @@ int hostapd_parse_csa_settings(const cha +@@ -1008,7 +1008,13 @@ int hostapd_parse_csa_settings(const cha int hostapd_ctrl_iface_stop_ap(struct hostapd_data *hapd) { diff --git a/package/network/services/hostapd/patches/370-ap_sta_support.patch b/package/network/services/hostapd/patches/370-ap_sta_support.patch index 6faaffcf724b..24064839f13e 100644 --- a/package/network/services/hostapd/patches/370-ap_sta_support.patch +++ b/package/network/services/hostapd/patches/370-ap_sta_support.patch @@ -1,6 +1,6 @@ --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -115,6 +115,8 @@ OBJS_c += ../src/utils/common.o +@@ -126,6 +126,8 @@ OBJS_c += ../src/utils/common.o OBJS_c += ../src/common/cli.o OBJS += wmm_ac.o @@ -19,7 +19,7 @@ #include "drivers/driver.h" #include "eap_peer/eap.h" #include "wpa_supplicant_i.h" -@@ -282,6 +283,10 @@ void calculate_update_time(const struct +@@ -283,6 +284,10 @@ void calculate_update_time(const struct static void wpa_bss_copy_res(struct wpa_bss *dst, struct wpa_scan_res *src, struct os_reltime *fetch_time) { @@ -30,7 +30,7 @@ dst->flags = src->flags; os_memcpy(dst->bssid, src->bssid, ETH_ALEN); dst->freq = src->freq; -@@ -295,6 +300,15 @@ static void wpa_bss_copy_res(struct wpa_ +@@ -296,6 +301,15 @@ static void wpa_bss_copy_res(struct wpa_ dst->est_throughput = src->est_throughput; dst->snr = src->snr; @@ -154,7 +154,7 @@ #ifdef CONFIG_WEP /* Configure default/group WEP keys for static WEP */ -@@ -1016,6 +1064,8 @@ void wpa_supplicant_set_state(struct wpa +@@ -1026,6 +1074,8 @@ void wpa_supplicant_set_state(struct wpa sme_sched_obss_scan(wpa_s, 1); @@ -163,7 +163,7 @@ #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) if (!fils_hlp_sent && ssid && ssid->eap.erp) update_fils_connect_params = true; -@@ -1026,6 +1076,8 @@ void wpa_supplicant_set_state(struct wpa +@@ -1036,6 +1086,8 @@ void wpa_supplicant_set_state(struct wpa #endif /* CONFIG_OWE */ } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING || state == WPA_ASSOCIATED) { @@ -172,7 +172,7 @@ wpa_s->new_connection = 1; wpa_drv_set_operstate(wpa_s, 0); #ifndef IEEE8021X_EAPOL -@@ -2335,6 +2387,8 @@ void wpa_supplicant_associate(struct wpa +@@ -2520,6 +2572,8 @@ void wpa_supplicant_associate(struct wpa return; } wpa_s->current_bss = bss; @@ -181,7 +181,7 @@ #else /* CONFIG_MESH */ wpa_msg(wpa_s, MSG_ERROR, "mesh mode support not included in the build"); -@@ -6693,6 +6747,16 @@ static int wpa_supplicant_init_iface(str +@@ -7010,6 +7064,16 @@ static int wpa_supplicant_init_iface(str sizeof(wpa_s->bridge_ifname)); } @@ -198,7 +198,7 @@ /* RSNA Supplicant Key Management - INITIALIZE */ eapol_sm_notify_portEnabled(wpa_s->eapol, false); eapol_sm_notify_portValid(wpa_s->eapol, false); -@@ -7031,6 +7095,11 @@ static void wpa_supplicant_deinit_iface( +@@ -7352,6 +7416,11 @@ static void wpa_supplicant_deinit_iface( if (terminate) wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING); @@ -212,7 +212,7 @@ --- a/wpa_supplicant/wpa_supplicant_i.h +++ b/wpa_supplicant/wpa_supplicant_i.h -@@ -105,6 +105,11 @@ struct wpa_interface { +@@ -106,6 +106,11 @@ struct wpa_interface { const char *ifname; /** @@ -224,7 +224,7 @@ * bridge_ifname - Optional bridge interface name * * If the driver interface (ifname) is included in a Linux bridge -@@ -717,6 +722,8 @@ struct wpa_supplicant { +@@ -665,6 +670,8 @@ struct wpa_supplicant { #endif /* CONFIG_CTRL_IFACE_BINDER */ char bridge_ifname[16]; @@ -235,7 +235,7 @@ --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c -@@ -2641,6 +2641,12 @@ static int hostapd_ctrl_iface_chan_switc +@@ -2716,6 +2716,12 @@ static int hostapd_ctrl_iface_chan_switc return 0; } @@ -250,7 +250,7 @@ /* Save CHAN_SWITCH VHT, HE, and EHT config */ --- a/src/ap/beacon.c +++ b/src/ap/beacon.c -@@ -1903,11 +1903,6 @@ static int __ieee802_11_set_beacon(struc +@@ -2052,11 +2052,6 @@ static int __ieee802_11_set_beacon(struc return -1; } @@ -264,7 +264,7 @@ if (ieee802_11_build_ap_params(hapd, ¶ms) < 0) --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c -@@ -4953,6 +4953,60 @@ static void wpas_event_unprot_beacon(str +@@ -5237,6 +5237,60 @@ static void wpas_event_unprot_beacon(str } @@ -325,7 +325,7 @@ void supplicant_event(void *ctx, enum wpa_event_type event, union wpa_event_data *data) { -@@ -5268,8 +5322,10 @@ void supplicant_event(void *ctx, enum wp +@@ -5586,8 +5640,10 @@ void supplicant_event(void *ctx, enum wp channel_width_to_string(data->ch_switch.ch_width), data->ch_switch.cf1, data->ch_switch.cf2); @@ -339,7 +339,7 @@ wpa_s->current_ssid->frequency = data->ch_switch.freq; --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -5968,6 +5968,7 @@ union wpa_event_data { +@@ -6324,6 +6324,7 @@ union wpa_event_data { /** * struct ch_switch @@ -347,8 +347,8 @@ * @freq: Frequency of new channel in MHz * @ht_enabled: Whether this is an HT channel * @ch_offset: Secondary channel offset -@@ -5976,6 +5977,7 @@ union wpa_event_data { - * @cf2: Center frequency 2 +@@ -6334,6 +6335,7 @@ union wpa_event_data { + * @punct_bitmap: Puncturing bitmap */ struct ch_switch { + int count; @@ -357,16 +357,15 @@ int ch_offset; --- a/src/drivers/driver_nl80211_event.c +++ b/src/drivers/driver_nl80211_event.c -@@ -694,7 +694,7 @@ static void mlme_event_ch_switch(struct - struct nlattr *ifindex, struct nlattr *freq, - struct nlattr *type, struct nlattr *bw, - struct nlattr *cf1, struct nlattr *cf2, -- int finished) -+ struct nlattr *count, int finished) +@@ -997,6 +997,7 @@ static void mlme_event_ch_switch(struct + struct nlattr *bw, struct nlattr *cf1, + struct nlattr *cf2, + struct nlattr *punct_bitmap, ++ struct nlattr *count, + int finished) { struct i802_bss *bss; - union wpa_event_data data; -@@ -755,6 +755,8 @@ static void mlme_event_ch_switch(struct +@@ -1060,6 +1061,8 @@ static void mlme_event_ch_switch(struct data.ch_switch.cf1 = nla_get_u32(cf1); if (cf2) data.ch_switch.cf2 = nla_get_u32(cf2); @@ -374,19 +373,19 @@ + data.ch_switch.count = nla_get_u32(count); if (finished) - bss->freq = data.ch_switch.freq; -@@ -3113,6 +3115,7 @@ static void do_process_drv_event(struct - tb[NL80211_ATTR_CHANNEL_WIDTH], + bss->flink->freq = data.ch_switch.freq; +@@ -3604,6 +3607,7 @@ static void do_process_drv_event(struct tb[NL80211_ATTR_CENTER_FREQ1], tb[NL80211_ATTR_CENTER_FREQ2], + tb[NL80211_ATTR_PUNCT_BITMAP], + tb[NL80211_ATTR_CH_SWITCH_COUNT], 0); break; case NL80211_CMD_CH_SWITCH_NOTIFY: -@@ -3123,6 +3126,7 @@ static void do_process_drv_event(struct - tb[NL80211_ATTR_CHANNEL_WIDTH], +@@ -3616,6 +3620,7 @@ static void do_process_drv_event(struct tb[NL80211_ATTR_CENTER_FREQ1], tb[NL80211_ATTR_CENTER_FREQ2], + tb[NL80211_ATTR_PUNCT_BITMAP], + NULL, 1); break; diff --git a/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch b/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch index 1f78c42dee56..b886ab749274 100644 --- a/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch +++ b/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch @@ -12,7 +12,7 @@ else --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c -@@ -3265,6 +3265,7 @@ static int hostapd_ctrl_iface_receive_pr +@@ -3342,6 +3342,7 @@ static int hostapd_ctrl_iface_receive_pr reply_size); } else if (os_strcmp(buf, "STATUS-DRIVER") == 0) { reply_len = hostapd_drv_status(hapd, reply, reply_size); @@ -20,7 +20,7 @@ } else if (os_strcmp(buf, "MIB") == 0) { reply_len = ieee802_11_get_mib(hapd, reply, reply_size); if (reply_len >= 0) { -@@ -3306,6 +3307,7 @@ static int hostapd_ctrl_iface_receive_pr +@@ -3383,6 +3384,7 @@ static int hostapd_ctrl_iface_receive_pr } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) { reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply, reply_size); @@ -30,7 +30,7 @@ reply_len = -1; --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -973,6 +973,9 @@ ifdef CONFIG_FILS +@@ -985,6 +985,9 @@ ifdef CONFIG_FILS OBJS += ../src/ap/fils_hlp.o endif ifdef CONFIG_CTRL_IFACE @@ -42,7 +42,7 @@ --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c -@@ -2325,7 +2325,7 @@ static int wpa_supplicant_ctrl_iface_sta +@@ -2326,7 +2326,7 @@ static int wpa_supplicant_ctrl_iface_sta pos += ret; } @@ -51,7 +51,7 @@ if (wpa_s->ap_iface) { pos += ap_ctrl_iface_wpa_get_status(wpa_s, pos, end - pos, -@@ -11565,6 +11565,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -11964,6 +11964,7 @@ char * wpa_supplicant_ctrl_iface_process reply_len = -1; } else if (os_strncmp(buf, "NOTE ", 5) == 0) { wpa_printf(MSG_INFO, "NOTE: %s", buf + 5); @@ -59,7 +59,7 @@ } else if (os_strcmp(buf, "MIB") == 0) { reply_len = wpa_sm_get_mib(wpa_s->wpa, reply, reply_size); if (reply_len >= 0) { -@@ -11577,6 +11578,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -11976,6 +11977,7 @@ char * wpa_supplicant_ctrl_iface_process reply_size - reply_len); #endif /* CONFIG_MACSEC */ } @@ -67,7 +67,7 @@ } else if (os_strncmp(buf, "STATUS", 6) == 0) { reply_len = wpa_supplicant_ctrl_iface_status( wpa_s, buf + 6, reply, reply_size); -@@ -12065,6 +12067,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -12464,6 +12466,7 @@ char * wpa_supplicant_ctrl_iface_process reply_len = wpa_supplicant_ctrl_iface_bss( wpa_s, buf + 4, reply, reply_size); #ifdef CONFIG_AP @@ -75,7 +75,7 @@ } else if (os_strcmp(buf, "STA-FIRST") == 0) { reply_len = ap_ctrl_iface_sta_first(wpa_s, reply, reply_size); } else if (os_strncmp(buf, "STA ", 4) == 0) { -@@ -12073,12 +12076,15 @@ char * wpa_supplicant_ctrl_iface_process +@@ -12472,12 +12475,15 @@ char * wpa_supplicant_ctrl_iface_process } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) { reply_len = ap_ctrl_iface_sta_next(wpa_s, buf + 9, reply, reply_size); @@ -93,15 +93,61 @@ reply_len = -1; --- a/src/ap/ctrl_iface_ap.c +++ b/src/ap/ctrl_iface_ap.c -@@ -26,6 +26,7 @@ +@@ -26,6 +26,26 @@ #include "taxonomy.h" #include "wnm_ap.h" ++static const char * hw_mode_str(enum hostapd_hw_mode mode) ++{ ++ switch (mode) { ++ case HOSTAPD_MODE_IEEE80211B: ++ return "b"; ++ case HOSTAPD_MODE_IEEE80211G: ++ return "g"; ++ case HOSTAPD_MODE_IEEE80211A: ++ return "a"; ++ case HOSTAPD_MODE_IEEE80211AD: ++ return "ad"; ++ case HOSTAPD_MODE_IEEE80211ANY: ++ return "any"; ++ case NUM_HOSTAPD_MODES: ++ return "invalid"; ++ } ++ return "unknown"; ++} ++ +#ifdef CONFIG_CTRL_IFACE_MIB static size_t hostapd_write_ht_mcs_bitmask(char *buf, size_t buflen, size_t curr_len, const u8 *mcs_set) -@@ -460,6 +461,7 @@ int hostapd_ctrl_iface_sta_next(struct h +@@ -212,26 +232,6 @@ static const char * timeout_next_str(int + } + + +-static const char * hw_mode_str(enum hostapd_hw_mode mode) +-{ +- switch (mode) { +- case HOSTAPD_MODE_IEEE80211B: +- return "b"; +- case HOSTAPD_MODE_IEEE80211G: +- return "g"; +- case HOSTAPD_MODE_IEEE80211A: +- return "a"; +- case HOSTAPD_MODE_IEEE80211AD: +- return "ad"; +- case HOSTAPD_MODE_IEEE80211ANY: +- return "any"; +- case NUM_HOSTAPD_MODES: +- return "invalid"; +- } +- return "unknown"; +-} +- +- + static int hostapd_ctrl_iface_sta_mib(struct hostapd_data *hapd, + struct sta_info *sta, + char *buf, size_t buflen) +@@ -493,6 +493,7 @@ int hostapd_ctrl_iface_sta_next(struct h return hostapd_ctrl_iface_sta_mib(hapd, sta->next, buf, buflen); } @@ -109,7 +155,7 @@ #ifdef CONFIG_P2P_MANAGER static int p2p_manager_disconnect(struct hostapd_data *hapd, u16 stype, -@@ -832,12 +834,12 @@ int hostapd_ctrl_iface_status(struct hos +@@ -884,12 +885,12 @@ int hostapd_ctrl_iface_status(struct hos return len; len += ret; } @@ -126,7 +172,7 @@ if (os_snprintf_error(buflen - len, ret)) --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c -@@ -2740,6 +2740,7 @@ static const char * bool_txt(bool val) +@@ -2753,6 +2753,7 @@ static const char * bool_txt(bool val) return val ? "TRUE" : "FALSE"; } @@ -134,7 +180,7 @@ int ieee802_1x_get_mib(struct hostapd_data *hapd, char *buf, size_t buflen) { -@@ -2926,6 +2927,7 @@ int ieee802_1x_get_mib_sta(struct hostap +@@ -2939,6 +2940,7 @@ int ieee802_1x_get_mib_sta(struct hostap return len; } @@ -144,7 +190,7 @@ static void ieee802_1x_wnm_notif_send(void *eloop_ctx, void *timeout_ctx) --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c -@@ -4559,6 +4559,7 @@ static const char * wpa_bool_txt(int val +@@ -4786,6 +4786,7 @@ static const char * wpa_bool_txt(int val return val ? "TRUE" : "FALSE"; } @@ -152,7 +198,7 @@ #define RSN_SUITE "%02x-%02x-%02x-%d" #define RSN_SUITE_ARG(s) \ -@@ -4709,7 +4710,7 @@ int wpa_get_mib_sta(struct wpa_state_mac +@@ -4938,7 +4939,7 @@ int wpa_get_mib_sta(struct wpa_state_mac return len; } @@ -163,7 +209,7 @@ { --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c -@@ -2802,6 +2802,8 @@ static u32 wpa_key_mgmt_suite(struct wpa +@@ -3834,6 +3834,8 @@ static u32 wpa_key_mgmt_suite(struct wpa } @@ -172,7 +218,7 @@ #define RSN_SUITE "%02x-%02x-%02x-%d" #define RSN_SUITE_ARG(s) \ ((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff -@@ -2883,6 +2885,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch +@@ -3915,6 +3917,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch return (int) len; } @@ -182,7 +228,7 @@ --- a/wpa_supplicant/ap.c +++ b/wpa_supplicant/ap.c -@@ -1477,7 +1477,7 @@ int wpas_ap_wps_nfc_report_handover(stru +@@ -1499,7 +1499,7 @@ int wpas_ap_wps_nfc_report_handover(stru #endif /* CONFIG_WPS */ diff --git a/package/network/services/hostapd/patches/381-hostapd_cli_UNKNOWN-COMMAND.patch b/package/network/services/hostapd/patches/381-hostapd_cli_UNKNOWN-COMMAND.patch index d2414faf01fd..e9083f6ecc6d 100644 --- a/package/network/services/hostapd/patches/381-hostapd_cli_UNKNOWN-COMMAND.patch +++ b/package/network/services/hostapd/patches/381-hostapd_cli_UNKNOWN-COMMAND.patch @@ -1,6 +1,6 @@ --- a/hostapd/hostapd_cli.c +++ b/hostapd/hostapd_cli.c -@@ -744,7 +744,7 @@ static int wpa_ctrl_command_sta(struct w +@@ -757,7 +757,7 @@ static int wpa_ctrl_command_sta(struct w } buf[len] = '\0'; diff --git a/package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch b/package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch index bf481c3bab7d..40c39ff29c7e 100644 --- a/package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch +++ b/package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch @@ -1,6 +1,6 @@ --- a/src/common/wpa_common.c +++ b/src/common/wpa_common.c -@@ -2529,6 +2529,31 @@ u32 wpa_akm_to_suite(int akm) +@@ -2719,6 +2719,31 @@ u32 wpa_akm_to_suite(int akm) } @@ -32,7 +32,7 @@ int wpa_compare_rsn_ie(int ft_initial_assoc, const u8 *ie1, size_t ie1len, const u8 *ie2, size_t ie2len) -@@ -2536,8 +2561,19 @@ int wpa_compare_rsn_ie(int ft_initial_as +@@ -2726,8 +2751,19 @@ int wpa_compare_rsn_ie(int ft_initial_as if (ie1 == NULL || ie2 == NULL) return -1; diff --git a/package/network/services/hostapd/patches/410-limit_debug_messages.patch b/package/network/services/hostapd/patches/410-limit_debug_messages.patch index d2713fc29b24..48a5589200f1 100644 --- a/package/network/services/hostapd/patches/410-limit_debug_messages.patch +++ b/package/network/services/hostapd/patches/410-limit_debug_messages.patch @@ -60,7 +60,7 @@ #ifdef CONFIG_DEBUG_FILE static char *last_path = NULL; #endif /* CONFIG_DEBUG_FILE */ -@@ -636,7 +610,7 @@ void wpa_msg_register_ifname_cb(wpa_msg_ +@@ -644,7 +618,7 @@ void wpa_msg_register_ifname_cb(wpa_msg_ } @@ -69,7 +69,7 @@ { va_list ap; char *buf; -@@ -674,7 +648,7 @@ void wpa_msg(void *ctx, int level, const +@@ -682,7 +656,7 @@ void wpa_msg(void *ctx, int level, const } @@ -80,9 +80,9 @@ char *buf; --- a/src/utils/wpa_debug.h +++ b/src/utils/wpa_debug.h -@@ -50,6 +50,17 @@ int wpa_debug_reopen_file(void); - void wpa_debug_close_file(void); +@@ -51,6 +51,17 @@ void wpa_debug_close_file(void); void wpa_debug_setup_stdout(void); + void wpa_debug_stop_log(void); +/* internal */ +void _wpa_hexdump(int level, const char *title, const u8 *buf, @@ -98,7 +98,7 @@ /** * wpa_debug_printf_timestamp - Print timestamp for debug output * -@@ -70,9 +81,15 @@ void wpa_debug_print_timestamp(void); +@@ -71,9 +82,15 @@ void wpa_debug_print_timestamp(void); * * Note: New line '\n' is added to the end of the text when printing to stdout. */ @@ -115,7 +115,7 @@ /** * wpa_hexdump - conditional hex dump * @level: priority level (MSG_*) of the message -@@ -84,7 +101,13 @@ PRINTF_FORMAT(2, 3); +@@ -85,7 +102,13 @@ PRINTF_FORMAT(2, 3); * output may be directed to stdout, stderr, and/or syslog based on * configuration. The contents of buf is printed out has hex dump. */ @@ -130,7 +130,7 @@ static inline void wpa_hexdump_buf(int level, const char *title, const struct wpabuf *buf) -@@ -106,7 +129,13 @@ static inline void wpa_hexdump_buf(int l +@@ -107,7 +130,13 @@ static inline void wpa_hexdump_buf(int l * like wpa_hexdump(), but by default, does not include secret keys (passwords, * etc.) in debug output. */ @@ -145,7 +145,7 @@ static inline void wpa_hexdump_buf_key(int level, const char *title, const struct wpabuf *buf) -@@ -128,8 +157,14 @@ static inline void wpa_hexdump_buf_key(i +@@ -129,8 +158,14 @@ static inline void wpa_hexdump_buf_key(i * the hex numbers and ASCII characters (for printable range) are shown. 16 * bytes per line will be shown. */ @@ -162,7 +162,7 @@ /** * wpa_hexdump_ascii_key - conditional hex dump, hide keys -@@ -145,8 +180,14 @@ void wpa_hexdump_ascii(int level, const +@@ -146,8 +181,14 @@ void wpa_hexdump_ascii(int level, const * bytes per line will be shown. This works like wpa_hexdump_ascii(), but by * default, does not include secret keys (passwords, etc.) in debug output. */ @@ -179,7 +179,7 @@ /* * wpa_dbg() behaves like wpa_msg(), but it can be removed from build to reduce -@@ -183,7 +224,12 @@ void wpa_hexdump_ascii_key(int level, co +@@ -184,7 +225,12 @@ void wpa_hexdump_ascii_key(int level, co * * Note: New line '\n' is added to the end of the text when printing to stdout. */ @@ -193,7 +193,7 @@ /** * wpa_msg_ctrl - Conditional printf for ctrl_iface monitors -@@ -197,8 +243,13 @@ void wpa_msg(void *ctx, int level, const +@@ -198,8 +244,13 @@ void wpa_msg(void *ctx, int level, const * attached ctrl_iface monitors. In other words, it can be used for frequent * events that do not need to be sent to syslog. */ diff --git a/package/network/services/hostapd/patches/420-indicate-features.patch b/package/network/services/hostapd/patches/420-indicate-features.patch index 12edb6baccbc..356d5f8c6814 100644 --- a/package/network/services/hostapd/patches/420-indicate-features.patch +++ b/package/network/services/hostapd/patches/420-indicate-features.patch @@ -9,7 +9,7 @@ struct hapd_global { void **drv_priv; -@@ -692,7 +692,7 @@ int main(int argc, char *argv[]) +@@ -696,7 +696,7 @@ int main(int argc, char *argv[]) wpa_supplicant_event = hostapd_wpa_event; wpa_supplicant_event_global = hostapd_wpa_event_global; for (;;) { @@ -18,7 +18,7 @@ if (c < 0) break; switch (c) { -@@ -729,6 +729,8 @@ int main(int argc, char *argv[]) +@@ -733,6 +733,8 @@ int main(int argc, char *argv[]) break; #endif /* CONFIG_DEBUG_LINUX_TRACING */ case 'v': diff --git a/package/network/services/hostapd/patches/430-hostapd_cli_ifdef.patch b/package/network/services/hostapd/patches/430-hostapd_cli_ifdef.patch index e52420953a2c..a21f0bf7cee0 100644 --- a/package/network/services/hostapd/patches/430-hostapd_cli_ifdef.patch +++ b/package/network/services/hostapd/patches/430-hostapd_cli_ifdef.patch @@ -1,6 +1,6 @@ --- a/hostapd/hostapd_cli.c +++ b/hostapd/hostapd_cli.c -@@ -388,7 +388,6 @@ static int hostapd_cli_cmd_disassociate( +@@ -401,7 +401,6 @@ static int hostapd_cli_cmd_disassociate( } @@ -8,7 +8,7 @@ static int hostapd_cli_cmd_signature(struct wpa_ctrl *ctrl, int argc, char *argv[]) { -@@ -401,7 +400,6 @@ static int hostapd_cli_cmd_signature(str +@@ -414,7 +413,6 @@ static int hostapd_cli_cmd_signature(str os_snprintf(buf, sizeof(buf), "SIGNATURE %s", argv[0]); return wpa_ctrl_command(ctrl, buf); } @@ -16,7 +16,7 @@ static int hostapd_cli_cmd_sa_query(struct wpa_ctrl *ctrl, int argc, -@@ -418,7 +416,6 @@ static int hostapd_cli_cmd_sa_query(stru +@@ -431,7 +429,6 @@ static int hostapd_cli_cmd_sa_query(stru } @@ -24,7 +24,7 @@ static int hostapd_cli_cmd_wps_pin(struct wpa_ctrl *ctrl, int argc, char *argv[]) { -@@ -644,7 +641,6 @@ static int hostapd_cli_cmd_wps_config(st +@@ -657,7 +654,6 @@ static int hostapd_cli_cmd_wps_config(st ssid_hex, argv[1]); return wpa_ctrl_command(ctrl, buf); } @@ -32,7 +32,7 @@ static int hostapd_cli_cmd_disassoc_imminent(struct wpa_ctrl *ctrl, int argc, -@@ -1588,13 +1584,10 @@ static const struct hostapd_cli_cmd host +@@ -1610,13 +1606,10 @@ static const struct hostapd_cli_cmd host { "disassociate", hostapd_cli_cmd_disassociate, hostapd_complete_stations, " = disassociate a station" }, @@ -46,7 +46,7 @@ { "wps_pin", hostapd_cli_cmd_wps_pin, NULL, " [timeout] [addr] = add WPS Enrollee PIN" }, { "wps_check_pin", hostapd_cli_cmd_wps_check_pin, NULL, -@@ -1619,7 +1612,6 @@ static const struct hostapd_cli_cmd host +@@ -1641,7 +1634,6 @@ static const struct hostapd_cli_cmd host " = configure AP" }, { "wps_get_status", hostapd_cli_cmd_wps_get_status, NULL, "= show current WPS status" }, diff --git a/package/network/services/hostapd/patches/450-scan_wait.patch b/package/network/services/hostapd/patches/450-scan_wait.patch index ac874ad66a4b..e265d1ac7ca9 100644 --- a/package/network/services/hostapd/patches/450-scan_wait.patch +++ b/package/network/services/hostapd/patches/450-scan_wait.patch @@ -33,7 +33,7 @@ /* Initialize the driver interface */ if (!(b[0] | b[1] | b[2] | b[3] | b[4] | b[5])) b = NULL; -@@ -404,8 +416,6 @@ static void hostapd_global_deinit(const +@@ -407,8 +419,6 @@ static void hostapd_global_deinit(const #endif /* CONFIG_NATIVE_WINDOWS */ eap_server_unregister_methods(); @@ -42,7 +42,7 @@ } -@@ -431,18 +441,6 @@ static int hostapd_global_run(struct hap +@@ -434,18 +444,6 @@ static int hostapd_global_run(struct hap } #endif /* EAP_SERVER_TNC */ @@ -61,7 +61,7 @@ eloop_run(); return 0; -@@ -645,8 +643,7 @@ int main(int argc, char *argv[]) +@@ -649,8 +647,7 @@ int main(int argc, char *argv[]) struct hapd_interfaces interfaces; int ret = 1; size_t i, j; diff --git a/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch b/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch index 38ff663173dd..80987774597e 100644 --- a/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch +++ b/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch @@ -22,7 +22,7 @@ Signed-hostap: Antonio Quartulli #include "common/defs.h" #include "common/ieee802_11_defs.h" #include "common/wpa_common.h" -@@ -894,6 +895,9 @@ struct wpa_driver_associate_params { +@@ -936,6 +937,9 @@ struct wpa_driver_associate_params { * responsible for selecting with which BSS to associate. */ const u8 *bssid; @@ -42,7 +42,7 @@ Signed-hostap: Antonio Quartulli #include "config.h" -@@ -2345,6 +2346,97 @@ static char * wpa_config_write_peerkey(c +@@ -2389,6 +2390,97 @@ static char * wpa_config_write_mac_value #endif /* NO_CONFIG_WRITE */ @@ -140,7 +140,7 @@ Signed-hostap: Antonio Quartulli /* Helper macros for network block parser */ #ifdef OFFSET -@@ -2629,6 +2721,8 @@ static const struct parse_data ssid_fiel +@@ -2673,6 +2765,8 @@ static const struct parse_data ssid_fiel { INT(ap_max_inactivity) }, { INT(dtim_period) }, { INT(beacon_int) }, @@ -162,7 +162,7 @@ Signed-hostap: Antonio Quartulli #define DEFAULT_EAP_WORKAROUND ((unsigned int) -1) -@@ -846,6 +848,9 @@ struct wpa_ssid { +@@ -879,6 +881,9 @@ struct wpa_ssid { */ void *parent_cred; @@ -174,7 +174,7 @@ Signed-hostap: Antonio Quartulli * macsec_policy - Determines the policy for MACsec secure session --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -3899,6 +3899,12 @@ static void wpas_start_assoc_cb(struct w +@@ -4177,6 +4177,12 @@ static void wpas_start_assoc_cb(struct w params.beacon_int = ssid->beacon_int; else params.beacon_int = wpa_s->conf->beacon_int; diff --git a/package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch b/package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch deleted file mode 100644 index 65d67b8b0581..000000000000 --- a/package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch +++ /dev/null @@ -1,59 +0,0 @@ -From ffc4445958a3ed4064f2e1bf73fa478a61c5cf7b Mon Sep 17 00:00:00 2001 -From: Antonio Quartulli -Date: Sun, 3 Jun 2012 18:42:25 +0200 -Subject: [PATCHv2 602/602] driver_nl80211: use new parameters during ibss join - -Signed-hostap: Antonio Quartulli ---- - src/drivers/driver_nl80211.c | 33 ++++++++++++++++++++++++++++++++- - 1 file changed, 32 insertions(+), 1 deletion(-) - ---- a/src/drivers/driver_nl80211.c -+++ b/src/drivers/driver_nl80211.c -@@ -6005,7 +6005,7 @@ static int wpa_driver_nl80211_ibss(struc - struct wpa_driver_associate_params *params) - { - struct nl_msg *msg; -- int ret = -1; -+ int ret = -1, i; - int count = 0; - - wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex); -@@ -6032,6 +6032,37 @@ retry: - nl80211_put_beacon_int(msg, params->beacon_int)) - goto fail; - -+ if (params->fixed_freq) { -+ wpa_printf(MSG_DEBUG, " * fixed_freq"); -+ nla_put_flag(msg, NL80211_ATTR_FREQ_FIXED); -+ } -+ -+ if (params->beacon_int > 0) { -+ wpa_printf(MSG_DEBUG, " * beacon_int=%d", -+ params->beacon_int); -+ nla_put_u32(msg, NL80211_ATTR_BEACON_INTERVAL, -+ params->beacon_int); -+ } -+ -+ if (params->rates[0] > 0) { -+ wpa_printf(MSG_DEBUG, " * basic_rates:"); -+ i = 0; -+ while (i < NL80211_MAX_SUPP_RATES && -+ params->rates[i] > 0) { -+ wpa_printf(MSG_DEBUG, " %.1f", -+ (double)params->rates[i] / 2); -+ i++; -+ } -+ nla_put(msg, NL80211_ATTR_BSS_BASIC_RATES, i, -+ params->rates); -+ } -+ -+ if (params->mcast_rate > 0) { -+ wpa_printf(MSG_DEBUG, " * mcast_rate=%.1f", -+ (double)params->mcast_rate / 10); -+ nla_put_u32(msg, NL80211_ATTR_MCAST_RATE, params->mcast_rate); -+ } -+ - ret = nl80211_set_conn_keys(params, msg); - if (ret) - goto fail; diff --git a/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch b/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch index 5dc19fedee1f..e738ea131641 100644 --- a/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch +++ b/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch @@ -19,7 +19,7 @@ Tested-by: Simon Wunderlich --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -1661,6 +1661,7 @@ struct wpa_driver_mesh_join_params { +@@ -1768,6 +1768,7 @@ struct wpa_driver_mesh_join_params { #define WPA_DRIVER_MESH_FLAG_AMPE 0x00000008 unsigned int flags; bool handle_dfs; @@ -29,7 +29,7 @@ Tested-by: Simon Wunderlich struct wpa_driver_set_key_params { --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -10627,6 +10627,18 @@ static int nl80211_put_mesh_id(struct nl +@@ -11388,6 +11388,18 @@ static int nl80211_put_mesh_id(struct nl } @@ -48,7 +48,7 @@ Tested-by: Simon Wunderlich static int nl80211_put_mesh_config(struct nl_msg *msg, struct wpa_driver_mesh_bss_params *params) { -@@ -10688,6 +10700,7 @@ static int nl80211_join_mesh(struct i802 +@@ -11449,6 +11461,7 @@ static int nl80211_join_mesh(struct i802 nl80211_put_basic_rates(msg, params->basic_rates) || nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) || nl80211_put_beacon_int(msg, params->beacon_int) || diff --git a/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch b/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch index 48086ea0e3a0..73ccc65ad985 100644 --- a/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch +++ b/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch @@ -1,19 +1,13 @@ --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -2539,11 +2539,13 @@ void ibss_mesh_setup_freq(struct wpa_sup - for (j = 0; j < wpa_s->last_scan_res_used; j++) { - struct wpa_bss *bss = wpa_s->last_scan_res[j]; +@@ -3077,6 +3077,10 @@ void ibss_mesh_setup_freq(struct wpa_sup -- if (ssid->mode != WPAS_MODE_IBSS) -+ /* Don't adjust control freq in case of fixed_freq */ -+ if (ssid->fixed_freq) { -+ obss_scan = 0; - break; -+ } + freq->freq = ssid->frequency; -- /* Don't adjust control freq in case of fixed_freq */ -- if (ssid->fixed_freq) -+ if (ssid->mode != WPAS_MODE_IBSS) - break; ++ if (ssid->fixed_freq) { ++ obss_scan = 0; ++ } ++ + if (ssid->mode == WPAS_MODE_IBSS && !ssid->fixed_freq) { + struct wpa_bss *bss = ibss_find_existing_bss(wpa_s, ssid); - if (!bss_is_ibss(bss)) diff --git a/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch b/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch index 6810b797c9b1..ada77853feea 100644 --- a/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch +++ b/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch @@ -13,7 +13,7 @@ Signed-off-by: David Bauer --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3489,6 +3489,8 @@ static int hostapd_config_fill(struct ho +@@ -3498,6 +3498,8 @@ static int hostapd_config_fill(struct ho } else if (os_strcmp(buf, "he_bss_color") == 0) { conf->he_op.he_bss_color = atoi(pos) & 0x3f; conf->he_op.he_bss_color_disabled = 0; diff --git a/package/network/services/hostapd/patches/470-survey_data_fallback.patch b/package/network/services/hostapd/patches/470-survey_data_fallback.patch index 359b5f3ef8f4..79ab48c5c274 100644 --- a/package/network/services/hostapd/patches/470-survey_data_fallback.patch +++ b/package/network/services/hostapd/patches/470-survey_data_fallback.patch @@ -1,24 +1,29 @@ --- a/src/ap/acs.c +++ b/src/ap/acs.c -@@ -420,20 +420,19 @@ static int acs_usable_bw160_chan(const s +@@ -455,17 +455,17 @@ static int acs_get_bw_center_chan(int fr static int acs_survey_is_sufficient(struct freq_survey *survey) { if (!(survey->filled & SURVEY_HAS_NF)) { + survey->nf = -95; - wpa_printf(MSG_INFO, "ACS: Survey is missing noise floor"); + wpa_printf(MSG_INFO, + "ACS: Survey for freq %d is missing noise floor", + survey->freq); - return 0; } if (!(survey->filled & SURVEY_HAS_CHAN_TIME)) { + survey->channel_time = 0; - wpa_printf(MSG_INFO, "ACS: Survey is missing channel time"); + wpa_printf(MSG_INFO, + "ACS: Survey for freq %d is missing channel time", + survey->freq); - return 0; } if (!(survey->filled & SURVEY_HAS_CHAN_TIME_BUSY) && - !(survey->filled & SURVEY_HAS_CHAN_TIME_RX)) { +@@ -473,7 +473,6 @@ static int acs_survey_is_sufficient(stru wpa_printf(MSG_INFO, - "ACS: Survey is missing RX and busy time (at least one is required)"); + "ACS: Survey for freq %d is missing RX and busy time (at least one is required)", + survey->freq); - return 0; } diff --git a/package/network/services/hostapd/patches/500-lto-jobserver-support.patch b/package/network/services/hostapd/patches/500-lto-jobserver-support.patch index 1a0ce1256aba..046da42ab8b9 100644 --- a/package/network/services/hostapd/patches/500-lto-jobserver-support.patch +++ b/package/network/services/hostapd/patches/500-lto-jobserver-support.patch @@ -1,6 +1,6 @@ --- a/hostapd/Makefile +++ b/hostapd/Makefile -@@ -1394,7 +1394,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS) +@@ -1396,7 +1396,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS) @$(AR) cr $@ hostapd_multi.o $(OBJS) hostapd: $(OBJS) @@ -9,7 +9,7 @@ @$(E) " LD " $@ ifdef CONFIG_WPA_TRACE -@@ -1405,7 +1405,7 @@ _OBJS_VAR := OBJS_c +@@ -1407,7 +1407,7 @@ _OBJS_VAR := OBJS_c include ../src/objs.mk hostapd_cli: $(OBJS_c) @@ -20,7 +20,7 @@ NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS) --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -2025,31 +2025,31 @@ wpa_supplicant_multi.a: .config $(BCHECK +@@ -2039,31 +2039,31 @@ wpa_supplicant_multi.a: .config $(BCHECK @$(AR) cr $@ wpa_supplicant_multi.o $(OBJS) wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs) diff --git a/package/network/services/hostapd/patches/590-rrm-wnm-statistics.patch b/package/network/services/hostapd/patches/590-rrm-wnm-statistics.patch index 98b8820cd77a..a6f43171ccdd 100644 --- a/package/network/services/hostapd/patches/590-rrm-wnm-statistics.patch +++ b/package/network/services/hostapd/patches/590-rrm-wnm-statistics.patch @@ -42,9 +42,9 @@ wpa_printf(MSG_DEBUG, "WNM: Send BSS Transition Management Request to " MACSTR " dialog_token=%u req_mode=0x%x disassoc_timer=%u " "validity_interval=%u", -@@ -659,10 +660,12 @@ int ieee802_11_rx_wnm_action_ap(struct h - - switch (action) { +@@ -790,10 +791,12 @@ int ieee802_11_rx_wnm_action_ap(struct h + plen); + return 0; case WNM_BSS_TRANS_MGMT_QUERY: + hapd->openwrt_stats.wnm.bss_transition_query_rx++; ieee802_11_rx_bss_trans_mgmt_query(hapd, mgmt->sa, payload, @@ -55,7 +55,7 @@ ieee802_11_rx_bss_trans_mgmt_resp(hapd, mgmt->sa, payload, plen); return 0; -@@ -709,6 +712,7 @@ int wnm_send_disassoc_imminent(struct ho +@@ -840,6 +843,7 @@ int wnm_send_disassoc_imminent(struct ho pos = mgmt->u.action.u.bss_tm_req.variable; @@ -63,7 +63,7 @@ wpa_printf(MSG_DEBUG, "WNM: Send BSS Transition Management Request frame to indicate imminent disassociation (disassoc_timer=%d) to " MACSTR, disassoc_timer, MAC2STR(sta->addr)); if (hostapd_drv_send_mlme(hapd, buf, pos - buf, 0, NULL, 0, 0) < 0) { -@@ -790,6 +794,7 @@ int wnm_send_ess_disassoc_imminent(struc +@@ -921,6 +925,7 @@ int wnm_send_ess_disassoc_imminent(struc return -1; } @@ -71,7 +71,7 @@ if (disassoc_timer) { /* send disassociation frame after time-out */ set_disassoc_timer(hapd, sta, disassoc_timer); -@@ -870,6 +875,7 @@ int wnm_send_bss_tm_req(struct hostapd_d +@@ -1001,6 +1006,7 @@ int wnm_send_bss_tm_req(struct hostapd_d } os_free(buf); diff --git a/package/network/services/hostapd/patches/600-ubus_support.patch b/package/network/services/hostapd/patches/600-ubus_support.patch index 521e7df82e2b..aa68079fb266 100644 --- a/package/network/services/hostapd/patches/600-ubus_support.patch +++ b/package/network/services/hostapd/patches/600-ubus_support.patch @@ -39,7 +39,7 @@ int interface_added; /* virtual interface added for this BSS */ unsigned int started:1; unsigned int disabled:1; -@@ -673,6 +675,7 @@ hostapd_alloc_bss_data(struct hostapd_if +@@ -682,6 +684,7 @@ hostapd_alloc_bss_data(struct hostapd_if struct hostapd_bss_config *bss); int hostapd_setup_interface(struct hostapd_iface *iface); int hostapd_setup_interface_complete(struct hostapd_iface *iface, int err); @@ -49,7 +49,7 @@ struct hostapd_iface * hostapd_alloc_iface(void); --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -401,6 +401,7 @@ void hostapd_free_hapd_data(struct hosta +@@ -435,6 +435,7 @@ void hostapd_free_hapd_data(struct hosta hapd->beacon_set_done = 0; wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface); @@ -57,7 +57,7 @@ accounting_deinit(hapd); hostapd_deinit_wpa(hapd); vlan_deinit(hapd); -@@ -1431,6 +1432,8 @@ static int hostapd_setup_bss(struct host +@@ -1185,6 +1186,8 @@ static int hostapd_start_beacon(struct h if (hapd->driver && hapd->driver->set_operstate) hapd->driver->set_operstate(hapd->drv_priv, 1); @@ -66,7 +66,7 @@ return 0; } -@@ -2050,6 +2053,7 @@ static int hostapd_setup_interface_compl +@@ -2126,6 +2129,7 @@ static int hostapd_setup_interface_compl if (err) goto fail; @@ -74,7 +74,7 @@ wpa_printf(MSG_DEBUG, "Completing interface initialization"); if (iface->freq) { #ifdef NEED_AP_MLME -@@ -2248,6 +2252,7 @@ dfs_offload: +@@ -2342,6 +2346,7 @@ dfs_offload: fail: wpa_printf(MSG_ERROR, "Interface initialization failed"); @@ -82,7 +82,7 @@ hostapd_set_state(iface, HAPD_IFACE_DISABLED); wpa_msg(hapd->msg_ctx, MSG_INFO, AP_EVENT_DISABLED); #ifdef CONFIG_FST -@@ -2723,6 +2728,7 @@ void hostapd_interface_deinit_free(struc +@@ -2817,6 +2822,7 @@ void hostapd_interface_deinit_free(struc (unsigned int) iface->conf->num_bss); driver = iface->bss[0]->driver; drv_priv = iface->bss[0]->drv_priv; @@ -92,7 +92,7 @@ __func__, driver, drv_priv); --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c -@@ -3573,13 +3573,18 @@ static void handle_auth(struct hostapd_d +@@ -2740,13 +2740,18 @@ static void handle_auth(struct hostapd_d u16 auth_alg, auth_transaction, status_code; u16 resp = WLAN_STATUS_SUCCESS; struct sta_info *sta = NULL; @@ -112,7 +112,7 @@ if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) { wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)", -@@ -3747,6 +3752,13 @@ static void handle_auth(struct hostapd_d +@@ -2914,6 +2919,13 @@ static void handle_auth(struct hostapd_d resp = WLAN_STATUS_UNSPECIFIED_FAILURE; goto fail; } @@ -126,7 +126,7 @@ if (res == HOSTAPD_ACL_PENDING) return; -@@ -5488,7 +5500,7 @@ static void handle_assoc(struct hostapd_ +@@ -4695,7 +4707,7 @@ static void handle_assoc(struct hostapd_ int resp = WLAN_STATUS_SUCCESS; u16 reply_res = WLAN_STATUS_UNSPECIFIED_FAILURE; const u8 *pos; @@ -135,7 +135,7 @@ struct sta_info *sta; u8 *tmp = NULL; #ifdef CONFIG_FILS -@@ -5701,6 +5713,11 @@ static void handle_assoc(struct hostapd_ +@@ -4908,6 +4920,11 @@ static void handle_assoc(struct hostapd_ left = res; } #endif /* CONFIG_FILS */ @@ -147,7 +147,7 @@ /* followed by SSID and Supported rates; and HT capabilities if 802.11n * is used */ -@@ -5799,6 +5816,13 @@ static void handle_assoc(struct hostapd_ +@@ -5006,6 +5023,13 @@ static void handle_assoc(struct hostapd_ } #endif /* CONFIG_FILS */ @@ -161,7 +161,7 @@ fail: /* -@@ -5892,6 +5916,7 @@ static void handle_disassoc(struct hosta +@@ -5099,6 +5123,7 @@ static void handle_disassoc(struct hosta wpa_printf(MSG_DEBUG, "disassocation: STA=" MACSTR " reason_code=%d", MAC2STR(mgmt->sa), le_to_host16(mgmt->u.disassoc.reason_code)); @@ -169,7 +169,7 @@ sta = ap_get_sta(hapd, mgmt->sa); if (sta == NULL) { -@@ -5961,6 +5986,8 @@ static void handle_deauth(struct hostapd +@@ -5168,6 +5193,8 @@ static void handle_deauth(struct hostapd /* Clear the PTKSA cache entries for PASN */ ptksa_cache_flush(hapd->ptksa, mgmt->sa, WPA_CIPHER_NONE); @@ -180,7 +180,7 @@ wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR " trying " --- a/src/ap/beacon.c +++ b/src/ap/beacon.c -@@ -919,6 +919,12 @@ void handle_probe_req(struct hostapd_dat +@@ -1006,6 +1006,12 @@ void handle_probe_req(struct hostapd_dat u16 csa_offs[2]; size_t csa_offs_len; struct radius_sta rad_info; @@ -193,7 +193,7 @@ if (hapd->iconf->rssi_ignore_probe_request && ssi_signal && ssi_signal < hapd->iconf->rssi_ignore_probe_request) -@@ -1105,6 +1111,12 @@ void handle_probe_req(struct hostapd_dat +@@ -1192,6 +1198,12 @@ void handle_probe_req(struct hostapd_dat } #endif /* CONFIG_P2P */ @@ -250,7 +250,7 @@ ap_free_sta(hapd, sta); break; } -@@ -1298,12 +1300,25 @@ void ap_sta_set_authorized(struct hostap +@@ -1305,15 +1307,28 @@ void ap_sta_set_authorized(struct hostap sta->addr, authorized, dev_addr); if (authorized) { @@ -265,18 +265,21 @@ + [WLAN_AUTH_PASN] = "pasn", + }; + const char *auth_alg = NULL; + const u8 *dpp_pkhash; const char *keyid; + char dpp_pkhash_buf[100]; char keyid_buf[100]; char ip_addr[100]; + char alg_buf[100]; + dpp_pkhash_buf[0] = '\0'; keyid_buf[0] = '\0'; ip_addr[0] = '\0'; + alg_buf[0] = '\0'; #ifdef CONFIG_P2P if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) { os_snprintf(ip_addr, sizeof(ip_addr), -@@ -1313,22 +1328,31 @@ void ap_sta_set_authorized(struct hostap +@@ -1323,6 +1338,13 @@ void ap_sta_set_authorized(struct hostap } #endif /* CONFIG_P2P */ @@ -285,27 +288,29 @@ + + if (auth_alg) + os_snprintf(alg_buf, sizeof(alg_buf), -+ " auth_alg=%s", auth_alg); ++ " auth_alg=%s", auth_alg); + keyid = ap_sta_wpa_get_keyid(hapd, sta); if (keyid) { os_snprintf(keyid_buf, sizeof(keyid_buf), - " keyid=%s", keyid); +@@ -1341,17 +1363,19 @@ void ap_sta_set_authorized(struct hostap + dpp_pkhash, SHA256_MAC_LEN); } -- wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s%s", -- buf, ip_addr, keyid_buf); +- wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s%s%s", +- buf, ip_addr, keyid_buf, dpp_pkhash_buf); + hostapd_ubus_notify_authorized(hapd, sta, auth_alg); -+ wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s%s%s", -+ buf, ip_addr, keyid_buf, alg_buf); ++ wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s%s%s%s", ++ buf, ip_addr, keyid_buf, dpp_pkhash_buf, alg_buf); if (hapd->msg_ctx_parent && hapd->msg_ctx_parent != hapd->msg_ctx) wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO, -- AP_STA_CONNECTED "%s%s%s", -- buf, ip_addr, keyid_buf); -+ AP_STA_CONNECTED "%s%s%s%s", -+ buf, ip_addr, keyid_buf, alg_buf); +- AP_STA_CONNECTED "%s%s%s%s", ++ AP_STA_CONNECTED "%s%s%s%s%s", + buf, ip_addr, keyid_buf, +- dpp_pkhash_buf); ++ dpp_pkhash_buf, alg_buf); } else { wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf); + hostapd_ubus_notify(hapd, "disassoc", sta->addr); @@ -314,7 +319,7 @@ hapd->msg_ctx_parent != hapd->msg_ctx) --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c -@@ -268,6 +268,7 @@ static void hostapd_wpa_auth_psk_failure +@@ -269,6 +269,7 @@ static void hostapd_wpa_auth_psk_failure struct hostapd_data *hapd = ctx; wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_POSSIBLE_PSK_MISMATCH MACSTR, MAC2STR(addr)); @@ -324,7 +329,7 @@ --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -183,6 +183,12 @@ ifdef CONFIG_EAPOL_TEST +@@ -194,6 +194,12 @@ ifdef CONFIG_EAPOL_TEST CFLAGS += -Werror -DEAPOL_TEST endif @@ -337,7 +342,7 @@ ifdef CONFIG_CODE_COVERAGE CFLAGS += -O0 -fprofile-arcs -ftest-coverage LIBS += -lgcov -@@ -977,6 +983,9 @@ ifdef CONFIG_CTRL_IFACE_MIB +@@ -989,6 +995,9 @@ ifdef CONFIG_CTRL_IFACE_MIB CFLAGS += -DCONFIG_CTRL_IFACE_MIB endif OBJS += ../src/ap/ctrl_iface_ap.o @@ -349,7 +354,7 @@ CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -7285,6 +7285,8 @@ struct wpa_supplicant * wpa_supplicant_a +@@ -7608,6 +7608,8 @@ struct wpa_supplicant * wpa_supplicant_a } #endif /* CONFIG_P2P */ @@ -358,7 +363,7 @@ return wpa_s; } -@@ -7311,6 +7313,8 @@ int wpa_supplicant_remove_iface(struct w +@@ -7634,6 +7636,8 @@ int wpa_supplicant_remove_iface(struct w struct wpa_supplicant *parent = wpa_s->parent; #endif /* CONFIG_MESH */ @@ -367,7 +372,7 @@ /* Remove interface from the global list of interfaces */ prev = global->ifaces; if (prev == wpa_s) { -@@ -7614,8 +7618,12 @@ int wpa_supplicant_run(struct wpa_global +@@ -7980,8 +7984,12 @@ int wpa_supplicant_run(struct wpa_global eloop_register_signal_terminate(wpa_supplicant_terminate, global); eloop_register_signal_reconfig(wpa_supplicant_reconfig, global); @@ -382,15 +387,15 @@ --- a/wpa_supplicant/wpa_supplicant_i.h +++ b/wpa_supplicant/wpa_supplicant_i.h -@@ -20,6 +20,7 @@ - #include "wps/wps_defs.h" +@@ -21,6 +21,7 @@ #include "config_ssid.h" #include "wmm_ac.h" + #include "pasn/pasn_common.h" +#include "ubus.h" extern const char *const wpa_supplicant_version; extern const char *const wpa_supplicant_license; -@@ -323,6 +324,8 @@ struct wpa_global { +@@ -324,6 +325,8 @@ struct wpa_global { #endif /* CONFIG_WIFI_DISPLAY */ struct psk_list_entry *add_psk; /* From group formation */ @@ -399,7 +404,7 @@ }; -@@ -707,6 +710,7 @@ struct wpa_supplicant { +@@ -655,6 +658,7 @@ struct wpa_supplicant { unsigned char own_addr[ETH_ALEN]; unsigned char perm_addr[ETH_ALEN]; char ifname[100]; @@ -417,7 +422,7 @@ #ifndef WPS_PIN_SCAN_IGNORE_SEL_REG -@@ -391,6 +392,8 @@ static int wpa_supplicant_wps_cred(void +@@ -402,6 +403,8 @@ static int wpa_supplicant_wps_cred(void wpa_hexdump_key(MSG_DEBUG, "WPS: Received Credential attribute", cred->cred_attr, cred->cred_attr_len); @@ -428,7 +433,7 @@ --- a/hostapd/main.c +++ b/hostapd/main.c -@@ -897,6 +897,7 @@ int main(int argc, char *argv[]) +@@ -901,6 +901,7 @@ int main(int argc, char *argv[]) } hostapd_global_ctrl_iface_init(&interfaces); @@ -436,7 +441,7 @@ if (hostapd_global_run(&interfaces, daemonize, pid_file)) { wpa_printf(MSG_ERROR, "Failed to start eloop"); -@@ -906,6 +907,7 @@ int main(int argc, char *argv[]) +@@ -910,6 +911,7 @@ int main(int argc, char *argv[]) ret = 0; out: @@ -527,7 +532,7 @@ --- a/src/ap/dfs.c +++ b/src/ap/dfs.c -@@ -1203,6 +1203,8 @@ int hostapd_dfs_pre_cac_expired(struct h +@@ -1211,6 +1211,8 @@ int hostapd_dfs_pre_cac_expired(struct h "freq=%d ht_enabled=%d chan_offset=%d chan_width=%d cf1=%d cf2=%d", freq, ht_enabled, chan_offset, chan_width, cf1, cf2); @@ -569,7 +574,7 @@ } --- a/src/ap/sta_info.h +++ b/src/ap/sta_info.h -@@ -328,6 +328,7 @@ struct sta_info { +@@ -293,6 +293,7 @@ struct sta_info { #endif /* CONFIG_TESTING_OPTIONS */ #ifdef CONFIG_AIRTIME_POLICY unsigned int airtime_weight; diff --git a/package/network/services/hostapd/patches/700-wifi-reload.patch b/package/network/services/hostapd/patches/700-wifi-reload.patch index 174127df6e11..5ac7f711a5cd 100644 --- a/package/network/services/hostapd/patches/700-wifi-reload.patch +++ b/package/network/services/hostapd/patches/700-wifi-reload.patch @@ -1,6 +1,6 @@ --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -2416,6 +2416,8 @@ static int hostapd_config_fill(struct ho +@@ -2418,6 +2418,8 @@ static int hostapd_config_fill(struct ho bss->isolate = atoi(pos); } else if (os_strcmp(buf, "ap_max_inactivity") == 0) { bss->ap_max_inactivity = atoi(pos); @@ -8,8 +8,8 @@ + bss->config_id = os_strdup(pos); } else if (os_strcmp(buf, "skip_inactivity_poll") == 0) { bss->skip_inactivity_poll = atoi(pos); - } else if (os_strcmp(buf, "country_code") == 0) { -@@ -3121,6 +3123,8 @@ static int hostapd_config_fill(struct ho + } else if (os_strcmp(buf, "config_id") == 0) { +@@ -3128,6 +3130,8 @@ static int hostapd_config_fill(struct ho } } else if (os_strcmp(buf, "acs_exclude_dfs") == 0) { conf->acs_exclude_dfs = atoi(pos); @@ -20,15 +20,7 @@ } else if (os_strcmp(buf, "channel") == 0) { --- a/src/ap/ap_config.c +++ b/src/ap/ap_config.c -@@ -796,6 +796,7 @@ void hostapd_config_free_bss(struct host - os_free(conf->radius_req_attr_sqlite); - os_free(conf->rsn_preauth_interfaces); - os_free(conf->ctrl_interface); -+ os_free(conf->config_id); - os_free(conf->ca_cert); - os_free(conf->server_cert); - os_free(conf->server_cert2); -@@ -995,6 +996,7 @@ void hostapd_config_free(struct hostapd_ +@@ -997,6 +997,7 @@ void hostapd_config_free(struct hostapd_ for (i = 0; i < conf->num_bss; i++) hostapd_config_free_bss(conf->bss[i]); @@ -38,16 +30,7 @@ os_free(conf->basic_rates); --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h -@@ -285,6 +285,8 @@ struct hostapd_bss_config { - char vlan_bridge[IFNAMSIZ + 1]; - char wds_bridge[IFNAMSIZ + 1]; - -+ char *config_id; -+ - enum hostapd_logger_level logger_syslog_level, logger_stdout_level; - - unsigned int logger_syslog; /* module bitfield */ -@@ -969,6 +971,7 @@ struct eht_phy_capabilities_info { +@@ -987,6 +987,7 @@ struct eht_phy_capabilities_info { struct hostapd_config { struct hostapd_bss_config **bss, *last_bss; size_t num_bss; @@ -57,7 +40,7 @@ int rts_threshold; --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -224,6 +224,10 @@ static int hostapd_iface_conf_changed(st +@@ -254,6 +254,10 @@ static int hostapd_iface_conf_changed(st { size_t i; @@ -68,7 +51,7 @@ if (newconf->num_bss != oldconf->num_bss) return 1; -@@ -237,7 +241,7 @@ static int hostapd_iface_conf_changed(st +@@ -267,7 +271,7 @@ static int hostapd_iface_conf_changed(st } @@ -77,26 +60,17 @@ { struct hapd_interfaces *interfaces = iface->interfaces; struct hostapd_data *hapd = iface->bss[0]; -@@ -260,13 +264,16 @@ int hostapd_reload_config(struct hostapd - if (newconf == NULL) - return -1; - -- hostapd_clear_old(iface); -- - oldconf = hapd->iconf; - if (hostapd_iface_conf_changed(newconf, oldconf)) { +@@ -295,6 +299,9 @@ int hostapd_reload_config(struct hostapd char *fname; int res; + if (reconf) + return -1; + -+ hostapd_clear_old(iface); -+ + hostapd_clear_old(iface); + wpa_printf(MSG_DEBUG, - "Configuration changes include interface/BSS modification - force full disable+enable sequence"); - fname = os_strdup(iface->config_fname); -@@ -291,6 +298,24 @@ int hostapd_reload_config(struct hostapd +@@ -321,6 +328,24 @@ int hostapd_reload_config(struct hostapd wpa_printf(MSG_ERROR, "Failed to enable interface on config reload"); return res; @@ -121,7 +95,7 @@ } iface->conf = newconf; -@@ -307,6 +332,12 @@ int hostapd_reload_config(struct hostapd +@@ -337,6 +362,12 @@ int hostapd_reload_config(struct hostapd for (j = 0; j < iface->num_bss; j++) { hapd = iface->bss[j]; @@ -131,10 +105,10 @@ + } + if (newconf->bss[j]->config_id) + hapd->config_id = strdup(newconf->bss[j]->config_id); - hapd->iconf = newconf; - hapd->conf = newconf->bss[j]; - hostapd_reload_bss(hapd); -@@ -2420,6 +2451,10 @@ hostapd_alloc_bss_data(struct hostapd_if + if (!hapd->conf->config_id || !newconf->bss[j]->config_id || + os_strcmp(hapd->conf->config_id, + newconf->bss[j]->config_id) != 0) +@@ -2514,6 +2545,10 @@ hostapd_alloc_bss_data(struct hostapd_if hapd->iconf = conf; hapd->conf = bss; hapd->iface = hapd_iface; @@ -164,7 +138,7 @@ int interface_added; /* virtual interface added for this BSS */ unsigned int started:1; unsigned int disabled:1; -@@ -667,7 +668,7 @@ struct hostapd_iface { +@@ -676,7 +677,7 @@ struct hostapd_iface { int hostapd_for_each_interface(struct hapd_interfaces *interfaces, int (*cb)(struct hostapd_iface *iface, void *ctx), void *ctx); @@ -175,19 +149,19 @@ hostapd_alloc_bss_data(struct hostapd_iface *hapd_iface, --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -4852,6 +4852,9 @@ static int wpa_driver_nl80211_set_ap(voi +@@ -5054,6 +5054,9 @@ static int wpa_driver_nl80211_set_ap(voi if (ret) { wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)", ret, strerror(-ret)); -+ if (!bss->beacon_set) ++ if (!bss->flink->beacon_set) + ret = 0; -+ bss->beacon_set = 0; ++ bss->flink->beacon_set = 0; } else { - bss->beacon_set = 1; + bss->flink->beacon_set = 1; nl80211_set_bss(bss, params->cts_protect, params->preamble, --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c -@@ -186,7 +186,7 @@ static int hostapd_ctrl_iface_update(str +@@ -187,7 +187,7 @@ static int hostapd_ctrl_iface_update(str iface->interfaces->config_read_cb = hostapd_ctrl_iface_config_read; reload_opts = txt; @@ -198,7 +172,7 @@ } --- a/hostapd/main.c +++ b/hostapd/main.c -@@ -317,7 +317,7 @@ static void handle_term(int sig, void *s +@@ -320,7 +320,7 @@ static void handle_term(int sig, void *s static int handle_reload_iface(struct hostapd_iface *iface, void *ctx) { diff --git a/package/network/services/hostapd/patches/710-vlan_no_bridge.patch b/package/network/services/hostapd/patches/710-vlan_no_bridge.patch index b06ef8f68bbd..f625f4bda4b4 100644 --- a/package/network/services/hostapd/patches/710-vlan_no_bridge.patch +++ b/package/network/services/hostapd/patches/710-vlan_no_bridge.patch @@ -30,7 +30,7 @@ --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3346,6 +3346,8 @@ static int hostapd_config_fill(struct ho +@@ -3353,6 +3353,8 @@ static int hostapd_config_fill(struct ho #ifndef CONFIG_NO_VLAN } else if (os_strcmp(buf, "dynamic_vlan") == 0) { bss->ssid.dynamic_vlan = atoi(pos); diff --git a/package/network/services/hostapd/patches/711-wds_bridge_force.patch b/package/network/services/hostapd/patches/711-wds_bridge_force.patch index 169807c61ef8..e04ae6253845 100644 --- a/package/network/services/hostapd/patches/711-wds_bridge_force.patch +++ b/package/network/services/hostapd/patches/711-wds_bridge_force.patch @@ -6,12 +6,12 @@ os_strlcpy(bss->bridge, pos, sizeof(bss->bridge)); + if (!bss->wds_bridge[0]) + os_strlcpy(bss->wds_bridge, pos, sizeof(bss->wds_bridge)); + } else if (os_strcmp(buf, "bridge_hairpin") == 0) { + bss->bridge_hairpin = atoi(pos); } else if (os_strcmp(buf, "vlan_bridge") == 0) { - os_strlcpy(bss->vlan_bridge, pos, sizeof(bss->vlan_bridge)); - } else if (os_strcmp(buf, "wds_bridge") == 0) { --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c -@@ -340,8 +340,6 @@ int hostapd_set_wds_sta(struct hostapd_d +@@ -348,8 +348,6 @@ int hostapd_set_wds_sta(struct hostapd_d return -1; if (hapd->conf->wds_bridge[0]) bridge = hapd->conf->wds_bridge; diff --git a/package/network/services/hostapd/patches/720-iface_max_num_sta.patch b/package/network/services/hostapd/patches/720-iface_max_num_sta.patch index ed76d22dd0b0..a06f141c83fc 100644 --- a/package/network/services/hostapd/patches/720-iface_max_num_sta.patch +++ b/package/network/services/hostapd/patches/720-iface_max_num_sta.patch @@ -1,6 +1,6 @@ --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -2841,6 +2841,14 @@ static int hostapd_config_fill(struct ho +@@ -2848,6 +2848,14 @@ static int hostapd_config_fill(struct ho line, bss->max_num_sta, MAX_STA_COUNT); return 1; } @@ -17,7 +17,7 @@ } else if (os_strcmp(buf, "extended_key_id") == 0) { --- a/src/ap/hostapd.h +++ b/src/ap/hostapd.h -@@ -711,6 +711,7 @@ void hostapd_cleanup_cs_params(struct ho +@@ -721,6 +721,7 @@ void hostapd_cleanup_cs_params(struct ho void hostapd_periodic_iface(struct hostapd_iface *iface); int hostapd_owe_trans_get_info(struct hostapd_data *hapd); void hostapd_ocv_check_csa_sa_query(void *eloop_ctx, void *timeout_ctx); @@ -27,7 +27,7 @@ void hostapd_cleanup_cca_params(struct hostapd_data *hapd); --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -241,6 +241,30 @@ static int hostapd_iface_conf_changed(st +@@ -271,6 +271,30 @@ static int hostapd_iface_conf_changed(st } @@ -60,7 +60,7 @@ struct hapd_interfaces *interfaces = iface->interfaces; --- a/src/ap/beacon.c +++ b/src/ap/beacon.c -@@ -1135,7 +1135,7 @@ void handle_probe_req(struct hostapd_dat +@@ -1222,7 +1222,7 @@ void handle_probe_req(struct hostapd_dat if (hapd->conf->no_probe_resp_if_max_sta && is_multicast_ether_addr(mgmt->da) && is_multicast_ether_addr(mgmt->bssid) && @@ -71,7 +71,7 @@ " since no room for additional STA", --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h -@@ -1010,6 +1010,8 @@ struct hostapd_config { +@@ -1026,6 +1026,8 @@ struct hostapd_config { unsigned int track_sta_max_num; unsigned int track_sta_max_age; diff --git a/package/network/services/hostapd/patches/730-ft_iface.patch b/package/network/services/hostapd/patches/730-ft_iface.patch index d9a4f15f0309..1826c9762362 100644 --- a/package/network/services/hostapd/patches/730-ft_iface.patch +++ b/package/network/services/hostapd/patches/730-ft_iface.patch @@ -1,6 +1,6 @@ --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3000,6 +3000,8 @@ static int hostapd_config_fill(struct ho +@@ -3007,6 +3007,8 @@ static int hostapd_config_fill(struct ho wpa_printf(MSG_INFO, "Line %d: Obsolete peerkey parameter ignored", line); #ifdef CONFIG_IEEE80211R_AP @@ -18,10 +18,10 @@ + char ft_iface[IFNAMSIZ + 1]; char vlan_bridge[IFNAMSIZ + 1]; char wds_bridge[IFNAMSIZ + 1]; - + int bridge_hairpin; /* hairpin_mode on bridge members */ --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c -@@ -1595,8 +1595,12 @@ int hostapd_setup_wpa(struct hostapd_dat +@@ -1616,8 +1616,12 @@ int hostapd_setup_wpa(struct hostapd_dat wpa_key_mgmt_ft(hapd->conf->wpa_key_mgmt)) { const char *ft_iface; diff --git a/package/network/services/hostapd/patches/740-snoop_iface.patch b/package/network/services/hostapd/patches/740-snoop_iface.patch index 608f15a2564f..a11664473653 100644 --- a/package/network/services/hostapd/patches/740-snoop_iface.patch +++ b/package/network/services/hostapd/patches/740-snoop_iface.patch @@ -7,7 +7,7 @@ + char snoop_iface[IFNAMSIZ + 1]; char vlan_bridge[IFNAMSIZ + 1]; char wds_bridge[IFNAMSIZ + 1]; - + int bridge_hairpin; /* hairpin_mode on bridge members */ --- a/src/ap/x_snoop.c +++ b/src/ap/x_snoop.c @@ -33,14 +33,16 @@ int x_snoop_init(struct hostapd_data *ha @@ -55,10 +55,10 @@ "x_snoop: Failed to initialize L2 packet processing %s", --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -2318,6 +2318,8 @@ static int hostapd_config_fill(struct ho - os_strlcpy(bss->bridge, pos, sizeof(bss->bridge)); - if (!bss->wds_bridge[0]) +@@ -2320,6 +2320,8 @@ static int hostapd_config_fill(struct ho os_strlcpy(bss->wds_bridge, pos, sizeof(bss->wds_bridge)); + } else if (os_strcmp(buf, "bridge_hairpin") == 0) { + bss->bridge_hairpin = atoi(pos); + } else if (os_strcmp(buf, "snoop_iface") == 0) { + os_strlcpy(bss->snoop_iface, pos, sizeof(bss->snoop_iface)); } else if (os_strcmp(buf, "vlan_bridge") == 0) { diff --git a/package/network/services/hostapd/patches/750-qos_map_set_without_interworking.patch b/package/network/services/hostapd/patches/750-qos_map_set_without_interworking.patch index 479d5615556e..c3a77bc6537b 100644 --- a/package/network/services/hostapd/patches/750-qos_map_set_without_interworking.patch +++ b/package/network/services/hostapd/patches/750-qos_map_set_without_interworking.patch @@ -18,7 +18,7 @@ #ifdef CONFIG_HS20 static int hs20_parse_conn_capab(struct hostapd_bss_config *bss, char *buf, -@@ -4046,10 +4046,10 @@ static int hostapd_config_fill(struct ho +@@ -4064,10 +4064,10 @@ static int hostapd_config_fill(struct ho bss->gas_frag_limit = val; } else if (os_strcmp(buf, "gas_comeback_delay") == 0) { bss->gas_comeback_delay = atoi(pos); @@ -32,7 +32,7 @@ os_free(bss->dump_msk_file); --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -1424,6 +1424,7 @@ static int hostapd_setup_bss(struct host +@@ -1499,6 +1499,7 @@ static int hostapd_setup_bss(struct host wpa_printf(MSG_ERROR, "GAS server initialization failed"); return -1; } @@ -40,7 +40,7 @@ if (conf->qos_map_set_len && hostapd_drv_set_qos_map(hapd, conf->qos_map_set, -@@ -1431,7 +1432,6 @@ static int hostapd_setup_bss(struct host +@@ -1506,7 +1507,6 @@ static int hostapd_setup_bss(struct host wpa_printf(MSG_ERROR, "Failed to initialize QoS Map"); return -1; } @@ -50,7 +50,7 @@ wpa_printf(MSG_ERROR, "BSS Load initialization failed"); --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c -@@ -2586,8 +2586,6 @@ void wnm_bss_keep_alive_deinit(struct wp +@@ -2672,8 +2672,6 @@ void wnm_bss_keep_alive_deinit(struct wp } @@ -59,16 +59,16 @@ static int wpas_qos_map_set(struct wpa_supplicant *wpa_s, const u8 *qos_map, size_t len) { -@@ -2620,8 +2618,6 @@ static void interworking_process_assoc_r +@@ -2706,8 +2704,6 @@ static void interworking_process_assoc_r } } -#endif /* CONFIG_INTERWORKING */ - - static void multi_ap_process_assoc_resp(struct wpa_supplicant *wpa_s, - const u8 *ies, size_t ies_len) -@@ -2954,10 +2950,8 @@ static int wpa_supplicant_event_associnf + static void wpa_supplicant_set_4addr_mode(struct wpa_supplicant *wpa_s) + { +@@ -3087,10 +3083,8 @@ static int wpa_supplicant_event_associnf wnm_process_assoc_resp(wpa_s, data->assoc_info.resp_ies, data->assoc_info.resp_ies_len); #endif /* CONFIG_WNM */ @@ -81,7 +81,7 @@ data->assoc_info.resp_ies_len, WLAN_EID_VHT_CAP)) --- a/src/ap/ieee802_11_shared.c +++ b/src/ap/ieee802_11_shared.c -@@ -1100,13 +1100,11 @@ u8 * hostapd_eid_rsnxe(struct hostapd_da +@@ -1116,13 +1116,11 @@ u8 * hostapd_eid_rsnxe(struct hostapd_da u16 check_ext_capab(struct hostapd_data *hapd, struct sta_info *sta, const u8 *ext_capab_ie, size_t ext_capab_ie_len) { diff --git a/package/network/services/hostapd/patches/751-qos_map_ignore_when_unsupported.patch b/package/network/services/hostapd/patches/751-qos_map_ignore_when_unsupported.patch index d90a275233a1..1fc4e8a77cf2 100644 --- a/package/network/services/hostapd/patches/751-qos_map_ignore_when_unsupported.patch +++ b/package/network/services/hostapd/patches/751-qos_map_ignore_when_unsupported.patch @@ -1,6 +1,6 @@ --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c -@@ -864,7 +864,8 @@ int hostapd_start_dfs_cac(struct hostapd +@@ -874,7 +874,8 @@ int hostapd_start_dfs_cac(struct hostapd int hostapd_drv_set_qos_map(struct hostapd_data *hapd, const u8 *qos_map_set, u8 qos_map_set_len) { diff --git a/package/network/services/hostapd/patches/760-dynamic_own_ip.patch b/package/network/services/hostapd/patches/760-dynamic_own_ip.patch index 3d2b59e8cab8..2f5015892b7b 100644 --- a/package/network/services/hostapd/patches/760-dynamic_own_ip.patch +++ b/package/network/services/hostapd/patches/760-dynamic_own_ip.patch @@ -1,6 +1,6 @@ --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h -@@ -311,6 +311,7 @@ struct hostapd_bss_config { +@@ -310,6 +310,7 @@ struct hostapd_bss_config { unsigned int eap_sim_db_timeout; int eap_server_erp; /* Whether ERP is enabled on internal EAP server */ struct hostapd_ip_addr own_ip_addr; @@ -98,7 +98,7 @@ hapd->conf->own_ip_addr.af == AF_INET && --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -2681,6 +2681,8 @@ static int hostapd_config_fill(struct ho +@@ -2688,6 +2688,8 @@ static int hostapd_config_fill(struct ho } else if (os_strcmp(buf, "iapp_interface") == 0) { wpa_printf(MSG_INFO, "DEPRECATED: iapp_interface not used"); #endif /* CONFIG_IAPP */ diff --git a/package/network/services/hostapd/patches/761-shared_das_port.patch b/package/network/services/hostapd/patches/761-shared_das_port.patch index 7516b7349ec0..59c2a967953d 100644 --- a/package/network/services/hostapd/patches/761-shared_das_port.patch +++ b/package/network/services/hostapd/patches/761-shared_das_port.patch @@ -10,7 +10,7 @@ unsigned int time_window; --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -1367,6 +1367,7 @@ static int hostapd_setup_bss(struct host +@@ -1442,6 +1442,7 @@ static int hostapd_setup_bss(struct host struct radius_das_conf das_conf; os_memset(&das_conf, 0, sizeof(das_conf)); das_conf.port = conf->radius_das_port; diff --git a/package/network/services/hostapd/patches/800-acs-don-t-select-indoor-channel-on-outdoor-operation.patch b/package/network/services/hostapd/patches/800-acs-don-t-select-indoor-channel-on-outdoor-operation.patch deleted file mode 100644 index 1d9e9564ecfb..000000000000 --- a/package/network/services/hostapd/patches/800-acs-don-t-select-indoor-channel-on-outdoor-operation.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 37528a5205cb0b9e2238b7d97fb2ff5457448f1c Mon Sep 17 00:00:00 2001 -From: David Bauer -Date: Thu, 8 Sep 2022 01:45:41 +0200 -Subject: [PATCH] acs: don't select indoor channel on outdoor operation - -Don't select channels designated for exclusive-indoor use when the -country3 element is set on outdoor operation. - -Signed-off-by: David Bauer ---- - src/ap/acs.c | 9 +++++++++ - src/ap/dfs.c | 3 +++ - 2 files changed, 12 insertions(+) - ---- a/src/ap/acs.c -+++ b/src/ap/acs.c -@@ -552,6 +552,9 @@ static void acs_survey_mode_interference - if (chan->max_tx_power < iface->conf->min_tx_power) - continue; - -+ if (chan->flag & HOSTAPD_CHAN_INDOOR_ONLY && iface->conf->country[2] == 0x4f) -+ continue; -+ - wpa_printf(MSG_DEBUG, "ACS: Survey analysis for channel %d (%d MHz)", - chan->chan, chan->freq); - -@@ -686,6 +689,9 @@ acs_find_ideal_chan_mode(struct hostapd_ - if (chan->max_tx_power < iface->conf->min_tx_power) - continue; - -+ if (chan->flag & HOSTAPD_CHAN_INDOOR_ONLY && iface->conf->country[2] == 0x4f) -+ continue; -+ - if (!chan_bw_allowed(chan, bw, 1, 1)) { - wpa_printf(MSG_DEBUG, - "ACS: Channel %d: BW %u is not supported", -@@ -1067,6 +1073,9 @@ static int * acs_request_scan_add_freqs( - if (chan->max_tx_power < iface->conf->min_tx_power) - continue; - -+ if (chan->flag & HOSTAPD_CHAN_INDOOR_ONLY && iface->conf->country[2] == 0x4f) -+ continue; -+ - *freq++ = chan->freq; - } - ---- a/src/ap/dfs.c -+++ b/src/ap/dfs.c -@@ -282,6 +282,9 @@ static int dfs_find_channel(struct hosta - if (chan->max_tx_power < iface->conf->min_tx_power) - continue; - -+ if (chan->flag & HOSTAPD_CHAN_INDOOR_ONLY && iface->conf->country[2] == 0x4f) -+ continue; -+ - if (ret_chan && idx == channel_idx) { - wpa_printf(MSG_DEBUG, "Selected channel %d (%d)", - chan->freq, chan->chan); diff --git a/package/network/services/hostapd/patches/990-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch b/package/network/services/hostapd/patches/990-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch index e78a4ef5cff9..51690def09c7 100644 --- a/package/network/services/hostapd/patches/990-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch +++ b/package/network/services/hostapd/patches/990-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch @@ -13,7 +13,7 @@ Signed-off-by: David Bauer --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c -@@ -12241,7 +12241,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -12640,7 +12640,7 @@ char * wpa_supplicant_ctrl_iface_process if (wpas_ctrl_iface_coloc_intf_report(wpa_s, buf + 18)) reply_len = -1; #endif /* CONFIG_WNM */ @@ -22,7 +22,7 @@ Signed-off-by: David Bauer } else if (os_strncmp(buf, "DISASSOC_IMMINENT ", 18) == 0) { if (ap_ctrl_iface_disassoc_imminent(wpa_s, buf + 18)) reply_len = -1; -@@ -12251,7 +12251,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -12650,7 +12650,7 @@ char * wpa_supplicant_ctrl_iface_process } else if (os_strncmp(buf, "BSS_TM_REQ ", 11) == 0) { if (ap_ctrl_iface_bss_tm_req(wpa_s, buf + 11)) reply_len = -1; diff --git a/package/network/services/hostapd/patches/992-openssl-include-rsa.patch b/package/network/services/hostapd/patches/992-openssl-include-rsa.patch deleted file mode 100644 index 581ae9f67ad1..000000000000 --- a/package/network/services/hostapd/patches/992-openssl-include-rsa.patch +++ /dev/null @@ -1,32 +0,0 @@ -From f374d52079111a4340acb6df835f45ac6b5f3f60 Mon Sep 17 00:00:00 2001 -From: Andre Heider -Date: Wed, 22 Jun 2022 14:13:55 +0200 -Subject: OpenSSL: Include rsa.h for all OpenSSL versions - -This fixes the build with OpenSSL 1.1.1: -../src/crypto/crypto_openssl.c: In function 'crypto_rsa_oaep_sha256_decrypt': -../src/crypto/crypto_openssl.c:4404:49: error: 'RSA_PKCS1_OAEP_PADDING' undeclared (first use in this function) - -Signed-off-by: Andre Heider ---- - src/crypto/crypto_openssl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/src/crypto/crypto_openssl.c -+++ b/src/crypto/crypto_openssl.c -@@ -16,6 +16,7 @@ - #include - #include - #include -+#include - #include - #ifdef CONFIG_ECC - #include -@@ -25,7 +26,6 @@ - #include - #include - #include --#include - #include - #include - #else /* OpenSSL version >= 3.0 */ -- 2.30.2