From ff8df2b3f9c161edc3ab543bdbeb04a9fb45c959 Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Wed, 18 Apr 2018 22:08:21 +0200 Subject: [PATCH] hostapd: mesh: make forwarding configurable For unencrypted mesh networks our scripts take care of setting the various mesh_param values. wpa_supplicant changes somes of them when being used for SAE encrypted mesh and previously didn't allow configuring any of them. Add support for setting mesh_fwding (which has to be set to 0 when using other routing protocols on top of 802.11s) and update our script to pass the value to wpa_supplicant. Signed-off-by: Daniel Golle --- package/network/services/hostapd/Makefile | 2 +- .../network/services/hostapd/files/hostapd.sh | 3 +- ...21-mesh-make-forwarding-configurable.patch | 242 ++++++++++++++++++ 3 files changed, 245 insertions(+), 2 deletions(-) create mode 100644 package/network/services/hostapd/patches/021-mesh-make-forwarding-configurable.patch diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile index 983249c4ece..1dbad344e7f 100644 --- a/package/network/services/hostapd/Makefile +++ b/package/network/services/hostapd/Makefile @@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=hostapd -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_URL:=http://w1.fi/hostap.git PKG_SOURCE_PROTO:=git diff --git a/package/network/services/hostapd/files/hostapd.sh b/package/network/services/hostapd/files/hostapd.sh index 2d2c6a7c791..c3640689da6 100644 --- a/package/network/services/hostapd/files/hostapd.sh +++ b/package/network/services/hostapd/files/hostapd.sh @@ -676,10 +676,11 @@ wpa_supplicant_add_network() { } [[ "$_w_mode" = "mesh" ]] && { - json_get_vars mesh_id + json_get_vars mesh_id mesh_fwding ssid="${mesh_id}" append network_data "mode=5" "$N$T" + [ -n "$mesh_fwding" ] && append network_data "mesh_fwding=${mesh_fwding}" "$N$T" [ -n "$channel" ] && wpa_supplicant_set_fixed_freq "$freq" "$htmode" append wpa_key_mgmt "SAE" scan_ssid="" diff --git a/package/network/services/hostapd/patches/021-mesh-make-forwarding-configurable.patch b/package/network/services/hostapd/patches/021-mesh-make-forwarding-configurable.patch new file mode 100644 index 00000000000..c7e7ffde9e8 --- /dev/null +++ b/package/network/services/hostapd/patches/021-mesh-make-forwarding-configurable.patch @@ -0,0 +1,242 @@ +From d11881c1ad0d6a102962d1a040a398f597256ae0 Mon Sep 17 00:00:00 2001 +From: Daniel Golle +Date: Wed, 18 Apr 2018 19:24:31 +0200 +Subject: [PATCH] mesh: make forwarding configurable +To: hostap@lists.infradead.org +Cc: Jouni Malinen , + Johannes Berg + +Allow mesh_fwding to be specified in a mesh bss config, pass that +to the driver (only nl80211 implemented for now) and announce +forwarding capability accordingly. + +Signed-off-by: Daniel Golle +--- + src/ap/ap_config.h | 2 ++ + src/drivers/driver.h | 2 ++ + src/drivers/driver_nl80211.c | 3 +++ + wpa_supplicant/config.c | 4 ++++ + wpa_supplicant/config.h | 3 +++ + wpa_supplicant/config_file.c | 4 ++++ + wpa_supplicant/config_ssid.h | 5 +++++ + wpa_supplicant/mesh.c | 6 ++++++ + wpa_supplicant/mesh_mpm.c | 4 ++-- + wpa_supplicant/wpa_supplicant.conf | 6 ++++++ + 10 files changed, 37 insertions(+), 2 deletions(-) + +diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h +index 03ab80d43..804385e93 100644 +--- a/src/ap/ap_config.h ++++ b/src/ap/ap_config.h +@@ -49,6 +49,7 @@ struct mesh_conf { + int dot11MeshRetryTimeout; /* msec */ + int dot11MeshConfirmTimeout; /* msec */ + int dot11MeshHoldingTimeout; /* msec */ ++ int mesh_fwding; + }; + + #define MAX_STA_COUNT 2007 +@@ -612,6 +613,7 @@ struct hostapd_bss_config { + + #define MESH_ENABLED BIT(0) + int mesh; ++ int mesh_fwding; + + u8 radio_measurements[RRM_CAPABILITIES_IE_LEN]; + +diff --git a/src/drivers/driver.h b/src/drivers/driver.h +index 6c9245584..7f1ec3697 100644 +--- a/src/drivers/driver.h ++++ b/src/drivers/driver.h +@@ -1363,6 +1363,7 @@ struct wpa_driver_mesh_bss_params { + #define WPA_DRIVER_MESH_CONF_FLAG_MAX_PEER_LINKS 0x00000004 + #define WPA_DRIVER_MESH_CONF_FLAG_HT_OP_MODE 0x00000008 + #define WPA_DRIVER_MESH_CONF_FLAG_RSSI_THRESHOLD 0x00000010 ++#define WPA_DRIVER_MESH_CONF_FLAG_FORWARDING 0x00000020 + /* + * TODO: Other mesh configuration parameters would go here. + * See NL80211_MESHCONF_* for all the mesh config parameters. +@@ -1372,6 +1373,7 @@ struct wpa_driver_mesh_bss_params { + int peer_link_timeout; + int max_peer_links; + int rssi_threshold; ++ int forwarding; + u16 ht_opmode; + }; + +diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c +index e9cb4ae2f..f3de61886 100644 +--- a/src/drivers/driver_nl80211.c ++++ b/src/drivers/driver_nl80211.c +@@ -9197,6 +9197,9 @@ static int nl80211_put_mesh_config(struct nl_msg *msg, + if (((params->flags & WPA_DRIVER_MESH_CONF_FLAG_AUTO_PLINKS) && + nla_put_u8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, + params->auto_plinks)) || ++ ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_FORWARDING) && ++ nla_put_u8(msg, NL80211_MESHCONF_FORWARDING, ++ params->forwarding)) || + ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_MAX_PEER_LINKS) && + nla_put_u16(msg, NL80211_MESHCONF_MAX_PEER_LINKS, + params->max_peer_links)) || +diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c +index a0b8cd007..0212e3f86 100644 +--- a/wpa_supplicant/config.c ++++ b/wpa_supplicant/config.c +@@ -2211,6 +2211,7 @@ static const struct parse_data ssid_fields[] = { + #ifdef CONFIG_MESH + { INT_RANGE(mode, 0, 5) }, + { INT_RANGE(no_auto_peer, 0, 1) }, ++ { INT_RANGE(mesh_fwding, 0, 1) }, + { INT_RANGE(mesh_rssi_threshold, -255, 1) }, + #else /* CONFIG_MESH */ + { INT_RANGE(mode, 0, 4) }, +@@ -2757,6 +2758,7 @@ void wpa_config_set_network_defaults(struct wpa_ssid *ssid) + ssid->dot11MeshRetryTimeout = DEFAULT_MESH_RETRY_TIMEOUT; + ssid->dot11MeshConfirmTimeout = DEFAULT_MESH_CONFIRM_TIMEOUT; + ssid->dot11MeshHoldingTimeout = DEFAULT_MESH_HOLDING_TIMEOUT; ++ ssid->mesh_fwding = DEFAULT_MESH_FWDING; + ssid->mesh_rssi_threshold = DEFAULT_MESH_RSSI_THRESHOLD; + #endif /* CONFIG_MESH */ + #ifdef CONFIG_HT_OVERRIDES +@@ -3886,6 +3888,7 @@ struct wpa_config * wpa_config_alloc_empty(const char *ctrl_interface, + config->user_mpm = DEFAULT_USER_MPM; + config->max_peer_links = DEFAULT_MAX_PEER_LINKS; + config->mesh_max_inactivity = DEFAULT_MESH_MAX_INACTIVITY; ++ config->mesh_fwding = DEFAULT_MESH_FWDING; + config->dot11RSNASAERetransPeriod = + DEFAULT_DOT11_RSNA_SAE_RETRANS_PERIOD; + config->fast_reauth = DEFAULT_FAST_REAUTH; +@@ -4508,6 +4511,7 @@ static const struct global_parse_data global_fields[] = { + { INT(user_mpm), 0 }, + { INT_RANGE(max_peer_links, 0, 255), 0 }, + { INT(mesh_max_inactivity), 0 }, ++ { INT_RANGE(mesh_fwding, 0, 1), 0 }, + { INT(dot11RSNASAERetransPeriod), 0 }, + #endif /* CONFIG_MESH */ + { INT(disable_scan_offload), 0 }, +diff --git a/wpa_supplicant/config.h b/wpa_supplicant/config.h +index 05c4f8fb9..491d8aa5c 100644 +--- a/wpa_supplicant/config.h ++++ b/wpa_supplicant/config.h +@@ -18,6 +18,7 @@ + #define DEFAULT_USER_MPM 1 + #define DEFAULT_MAX_PEER_LINKS 99 + #define DEFAULT_MESH_MAX_INACTIVITY 300 ++#define DEFAULT_MESH_FWDING 1 + /* + * The default dot11RSNASAERetransPeriod is defined as 40 ms in the standard, + * but use 1000 ms in practice to avoid issues on low power CPUs. +@@ -1269,6 +1270,8 @@ struct wpa_config { + */ + int mesh_max_inactivity; + ++ int mesh_fwding; ++ + /** + * dot11RSNASAERetransPeriod - Timeout to retransmit SAE Auth frame + * +diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c +index 5a7186961..c4112b3ff 100644 +--- a/wpa_supplicant/config_file.c ++++ b/wpa_supplicant/config_file.c +@@ -816,6 +816,7 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid) + #endif /* IEEE8021X_EAPOL */ + INT(mode); + INT(no_auto_peer); ++ INT(mesh_fwding); + INT(frequency); + INT(fixed_freq); + #ifdef CONFIG_ACS +@@ -1433,6 +1434,9 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config) + fprintf(f, "mesh_max_inactivity=%d\n", + config->mesh_max_inactivity); + ++ if (config->mesh_fwding != DEFAULT_MESH_FWDING) ++ fprintf(f, "mesh_fwding=%d\n", config->mesh_fwding); ++ + if (config->dot11RSNASAERetransPeriod != + DEFAULT_DOT11_RSNA_SAE_RETRANS_PERIOD) + fprintf(f, "dot11RSNASAERetransPeriod=%d\n", +diff --git a/wpa_supplicant/config_ssid.h b/wpa_supplicant/config_ssid.h +index 87a45c435..24d1848e0 100644 +--- a/wpa_supplicant/config_ssid.h ++++ b/wpa_supplicant/config_ssid.h +@@ -492,6 +492,11 @@ struct wpa_ssid { + int dot11MeshConfirmTimeout; /* msec */ + int dot11MeshHoldingTimeout; /* msec */ + ++ /** ++ * Mesh network layer-2 forwarding ++ */ ++ int mesh_fwding; ++ + int ht; + int ht40; + +diff --git a/wpa_supplicant/mesh.c b/wpa_supplicant/mesh.c +index 3c2ee97da..22c10a015 100644 +--- a/wpa_supplicant/mesh.c ++++ b/wpa_supplicant/mesh.c +@@ -121,6 +121,7 @@ static struct mesh_conf * mesh_config_create(struct wpa_supplicant *wpa_s, + conf->mesh_cc_id = 0; + conf->mesh_sp_id = MESH_SYNC_METHOD_NEIGHBOR_OFFSET; + conf->mesh_auth_id = (conf->security & MESH_CONF_SEC_AUTH) ? 1 : 0; ++ conf->mesh_fwding = ssid->mesh_fwding; + conf->dot11MeshMaxRetries = ssid->dot11MeshMaxRetries; + conf->dot11MeshRetryTimeout = ssid->dot11MeshRetryTimeout; + conf->dot11MeshConfirmTimeout = ssid->dot11MeshConfirmTimeout; +@@ -254,6 +255,7 @@ static int wpa_supplicant_mesh_init(struct wpa_supplicant *wpa_s, + bss->conf->start_disabled = 1; + bss->conf->mesh = MESH_ENABLED; + bss->conf->ap_max_inactivity = wpa_s->conf->mesh_max_inactivity; ++ bss->conf->mesh_fwding = wpa_s->conf->mesh_fwding; + + if (ieee80211_is_dfs(ssid->frequency) && wpa_s->conf->country[0]) { + conf->ieee80211h = 1; +@@ -506,6 +508,10 @@ int wpa_supplicant_join_mesh(struct wpa_supplicant *wpa_s, + } + params->conf.peer_link_timeout = wpa_s->conf->mesh_max_inactivity; + ++ /* always explicitely set forwarding to on or off for now */ ++ params->conf.flags |= WPA_DRIVER_MESH_CONF_FLAG_FORWARDING; ++ params->conf.forwarding = ssid->mesh_fwding; ++ + wpa_s->mesh_params = params; + if (wpa_supplicant_mesh_init(wpa_s, ssid, ¶ms->freq)) { + wpa_msg(wpa_s, MSG_ERROR, "Failed to init mesh"); +diff --git a/wpa_supplicant/mesh_mpm.c b/wpa_supplicant/mesh_mpm.c +index bc3cc5ef9..e7058e646 100644 +--- a/wpa_supplicant/mesh_mpm.c ++++ b/wpa_supplicant/mesh_mpm.c +@@ -288,9 +288,9 @@ static void mesh_mpm_send_plink_action(struct wpa_supplicant *wpa_s, + info = (bss->num_plinks > 63 ? 63 : bss->num_plinks) << 1; + /* TODO: Add Connected to Mesh Gate/AS subfields */ + wpabuf_put_u8(buf, info); +- /* always forwarding & accepting plinks for now */ ++ /* set forwarding & always accepting plinks for now */ + wpabuf_put_u8(buf, MESH_CAP_ACCEPT_ADDITIONAL_PEER | +- MESH_CAP_FORWARDING); ++ (conf->mesh_fwding ? MESH_CAP_FORWARDING : 0)); + } else { /* Peer closing frame */ + /* IE: Mesh ID */ + wpabuf_put_u8(buf, WLAN_EID_MESH_ID); +diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf +index 972e7e73d..e1c475f37 100644 +--- a/wpa_supplicant/wpa_supplicant.conf ++++ b/wpa_supplicant/wpa_supplicant.conf +@@ -153,6 +153,12 @@ ap_scan=1 + # This timeout value is used in mesh STA to clean up inactive stations. + #mesh_max_inactivity=300 + ++# Enable 802.11s layer-2 routing and forwarding ++#mesh_fwding=1 ++ ++# Accept additional peer links ++#mesh_auto_open_plinks=1 ++ + # cert_in_cb - Whether to include a peer certificate dump in events + # This controls whether peer certificates for authentication server and + # its certificate chain are included in EAP peer certificate events. This is +-- +2.17.0 + -- 2.30.2