mirror/openwrt
1
0
Fork 0
mirror of https://git.openwrt.org/openwrt/openwrt.git synced 2024-11-08 07:49:21 +01:00
Code Issues

hostapd: update to 2.11 release tag

Browse Source 
Release 2.11 has been quite a few new features and fixes since the 2.10
release. The following ChangeLog entries highlight some of the main
changes:

* Wi-Fi Easy Connect
  - add support for DPP release 3
  - allow Configurator parameters to be provided during config exchange
* HE/IEEE 802.11ax/Wi-Fi 6
  - various fixes
* EHT/IEEE 802.11be/Wi-Fi 7
  - add preliminary support
* SAE: add support for fetching the password from a RADIUS server
* support OpenSSL 3.0 API changes
* support background radar detection and CAC with some additional
  drivers
* support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3)
* EAP-SIM/AKA: support IMSI privacy
* improve 4-way handshake operations
  - use Secure=1 in message 3 during PTK rekeying

...and many more

Remove upstreamed patches:
  023-ndisc_snoop-call-dl_list_del-before-freeing-ipv6-add.patch
  030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch
  040-mesh-allow-processing-authentication-frames-in-block.patch
  181-driver_nl80211-update-drv-ifindex-on-removing-the-fi.patch
  182-nl80211-move-nl80211_put_freq_params-call-outside-of.patch
  183-hostapd-cancel-channel_list_update_timeout-in-hostap.patch
  210-build-de-duplicate-_DIRS-before-calling-mkdir.patch
  253-qos_map_set_without_interworking.patch
  751-qos_map_ignore_when_unsupported.patch
  800-SAE-Check-for-invalid-Rejected-Groups-element-length.patch
  801-SAE-Check-for-invalid-Rejected-Groups-element-length.patch
  802-SAE-Reject-invalid-Rejected-Groups-element-in-the-pa.patch

Other patches has been updated.

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16338
Signed-off-by: Robert Marko <robimarko@gmail.com>
This commit is contained in:
Ivan Pavlov 2024-08-15 21:47:25 +03:00 committed by Robert Marko
parent fea2264d9f
commit 395afc4c58
56 changed files with 263 additions and 1006 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
package/network/services/hostapd/Makefile
View File

@ -5,13 +5,13 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=hostapd
PKG_RELEASE:=4
PKG_RELEASE:=1
PKG_SOURCE_URL:=https://w1.fi/hostap.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_DATE:=2024-03-09
PKG_SOURCE_VERSION:=695277a5b3da08b9a8a4e7117b933deb8b4950a7
PKG_MIRROR_HASH:=57b8e64d24707e37e0df3359cee15dd5184b824b8622568833a5b8a0cae163ae
PKG_SOURCE_DATE:=2024-07-20
PKG_SOURCE_VERSION:=d945ddd368085f255e68328f2d3b020ceea359af
PKG_MIRROR_HASH:=647508a242f2969d8a815edb69d47b107f10d2415604e44b0451c48875ae46bd
PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
PKG_LICENSE:=BSD-3-Clause

24
package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch
View File

@ -14,7 +14,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -2698,7 +2698,7 @@ static int drv_supports_vht(struct wpa_s
@@ -2809,7 +2809,7 @@ static int drv_supports_vht(struct wpa_s
}
@ -23,7 +23,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
{
int i;
@@ -2707,7 +2707,10 @@ static bool ibss_mesh_is_80mhz_avail(int
@@ -2818,7 +2818,10 @@ static bool ibss_mesh_is_80mhz_avail(int
chan = hw_get_channel_chan(mode, i, NULL);
if (!chan ||
@ -35,7 +35,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
return false;
}
@@ -2834,7 +2837,7 @@ static void ibss_mesh_select_40mhz(struc
@@ -2945,7 +2948,7 @@ static void ibss_mesh_select_40mhz(struc
const struct wpa_ssid *ssid,
struct hostapd_hw_modes *mode,
struct hostapd_freq_params *freq,
@ -44,7 +44,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
int chan_idx;
struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
int i, res;
@@ -2858,8 +2861,11 @@ static void ibss_mesh_select_40mhz(struc
@@ -2969,8 +2972,11 @@ static void ibss_mesh_select_40mhz(struc
return;
/* Check primary channel flags */
@ -57,7 +57,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
#ifdef CONFIG_HT_OVERRIDES
if (ssid->disable_ht40)
@@ -2885,8 +2891,11 @@ static void ibss_mesh_select_40mhz(struc
@@ -2996,8 +3002,11 @@ static void ibss_mesh_select_40mhz(struc
return;
/* Check secondary channel flags */
@ -70,7 +70,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
if (ht40 == -1) {
if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
@@ -2940,7 +2949,7 @@ static bool ibss_mesh_select_80_160mhz(s
@@ -3052,7 +3061,7 @@ static bool ibss_mesh_select_80_160mhz(s
const struct wpa_ssid *ssid,
struct hostapd_hw_modes *mode,
struct hostapd_freq_params *freq,
@ -79,7 +79,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
static const int bw80[] = {
5180, 5260, 5500, 5580, 5660, 5745, 5825,
5955, 6035, 6115, 6195, 6275, 6355, 6435,
@@ -2985,7 +2994,7 @@ static bool ibss_mesh_select_80_160mhz(s
@@ -3097,7 +3106,7 @@ static bool ibss_mesh_select_80_160mhz(s
goto skip_80mhz;
/* Use 40 MHz if channel not usable */
@ -88,7 +88,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
goto skip_80mhz;
chwidth = CONF_OPER_CHWIDTH_80MHZ;
@@ -2999,7 +3008,7 @@ static bool ibss_mesh_select_80_160mhz(s
@@ -3111,7 +3120,7 @@ static bool ibss_mesh_select_80_160mhz(s
if ((mode->he_capab[ieee80211_mode].phy_cap[
HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] &
HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz &&
@ -97,7 +97,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
for (j = 0; j < ARRAY_SIZE(bw160); j++) {
if (freq->freq == bw160[j]) {
chwidth = CONF_OPER_CHWIDTH_160MHZ;
@@ -3027,10 +3036,12 @@ static bool ibss_mesh_select_80_160mhz(s
@@ -3139,10 +3148,12 @@ static bool ibss_mesh_select_80_160mhz(s
if (!chan)
continue;
@ -113,15 +113,15 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
/* Found a suitable second segment for 80+80 */
chwidth = CONF_OPER_CHWIDTH_80P80MHZ;
@@ -3085,6 +3096,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
int i, obss_scan = 1;
@@ -3197,6 +3208,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
int obss_scan = 1;
u8 channel;
bool is_6ghz, is_24ghz;
+ bool dfs_enabled = wpa_s->conf->country[0] && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR);
freq->freq = ssid->frequency;
@@ -3133,9 +3145,9 @@ void ibss_mesh_setup_freq(struct wpa_sup
@@ -3239,9 +3251,9 @@ void ibss_mesh_setup_freq(struct wpa_sup
freq->channel = channel;
/* Setup higher BW only for 5 GHz */
if (mode->mode == HOSTAPD_MODE_IEEE80211A) {

8
package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch
View File

@ -21,7 +21,7 @@ Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
--- a/src/ap/dfs.c
+++ b/src/ap/dfs.c
@@ -17,6 +17,7 @@
@@ -18,6 +18,7 @@
#include "ap_drv_ops.h"
#include "drivers/driver.h"
#include "dfs.h"
@ -29,7 +29,7 @@ Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
enum dfs_channel_type {
@@ -526,9 +527,14 @@ dfs_get_valid_channel(struct hostapd_ifa
@@ -527,9 +528,14 @@ dfs_get_valid_channel(struct hostapd_ifa
int num_available_chandefs;
int chan_idx, chan_idx2;
int sec_chan_idx_80p80 = -1;
@ -44,7 +44,7 @@ Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
wpa_printf(MSG_DEBUG, "DFS: Selecting random channel");
*secondary_channel = 0;
*oper_centr_freq_seg0_idx = 0;
@@ -548,8 +554,20 @@ dfs_get_valid_channel(struct hostapd_ifa
@@ -549,8 +555,20 @@ dfs_get_valid_channel(struct hostapd_ifa
if (num_available_chandefs == 0)
return NULL;
@ -68,7 +68,7 @@ Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
chan_idx, num_available_chandefs);
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -11195,6 +11195,10 @@ static int nl80211_switch_channel(void *
@@ -11306,6 +11306,10 @@ static int nl80211_switch_channel(void *
if (ret)
goto error;

4
package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch
View File

@ -4,7 +4,7 @@ Subject: [PATCH] fix adding back stations after a missed deauth/disassoc
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -4659,6 +4659,13 @@ static int add_associated_sta(struct hos
@@ -4756,6 +4756,13 @@ static int add_associated_sta(struct hos
* drivers to accept the STA parameter configuration. Since this is
* after a new FT-over-DS exchange, a new TK has been derived, so key
* reinstallation is not a concern for this case.
@ -18,7 +18,7 @@ Subject: [PATCH] fix adding back stations after a missed deauth/disassoc
*/
wpa_printf(MSG_DEBUG, "Add associated STA " MACSTR
" (added_unassoc=%d auth_alg=%u ft_over_ds=%u reassoc=%d authorized=%d ft_tk=%d fils_tk=%d)",
@@ -4672,7 +4679,8 @@ static int add_associated_sta(struct hos
@@ -4769,7 +4776,8 @@ static int add_associated_sta(struct hos
(!(sta->flags & WLAN_STA_AUTHORIZED) ||
(reassoc && sta->ft_over_ds && sta->auth_alg == WLAN_AUTH_FT) ||
(!wpa_auth_sta_ft_tk_already_set(sta->wpa_sm) &&

19
package/network/services/hostapd/patches/023-ndisc_snoop-call-dl_list_del-before-freeing-ipv6-add.patch
View File

@ -1,19 +0,0 @@
From: Felix Fietkau <nbd@nbd.name>
Date: Wed, 28 Jul 2021 05:43:29 +0200
Subject: [PATCH] ndisc_snoop: call dl_list_del before freeing ipv6 addresses
Fixes a segmentation fault on sta disconnect
Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
--- a/src/ap/ndisc_snoop.c
+++ b/src/ap/ndisc_snoop.c
@@ -61,6 +61,7 @@ void sta_ip6addr_del(struct hostapd_data
dl_list_for_each_safe(ip6addr, prev, &sta->ip6addr, struct ip6addr,
list) {
hostapd_drv_br_delete_ip_neigh(hapd, 6, (u8 *) &ip6addr->addr);
+ dl_list_del(&ip6addr->list);
os_free(ip6addr);
}
}

275
package/network/services/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch
View File

@ -1,275 +0,0 @@
From: Felix Fietkau <nbd@nbd.name>
Date: Wed, 28 Jul 2021 05:49:46 +0200
Subject: [PATCH] driver_nl80211: rewrite neigh code to not depend on
libnl3-route
Removes an unnecessary dependency and also makes the code smaller
Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -18,9 +18,6 @@
#include <netlink/genl/genl.h>
#include <netlink/genl/ctrl.h>
#include <netlink/genl/family.h>
-#ifdef CONFIG_LIBNL3_ROUTE
-#include <netlink/route/neighbour.h>
-#endif /* CONFIG_LIBNL3_ROUTE */
#include <linux/rtnetlink.h>
#include <netpacket/packet.h>
#include <linux/errqueue.h>
@@ -5859,26 +5856,29 @@ fail:
static void rtnl_neigh_delete_fdb_entry(struct i802_bss *bss, const u8 *addr)
{
-#ifdef CONFIG_LIBNL3_ROUTE
struct wpa_driver_nl80211_data *drv = bss->drv;
- struct rtnl_neigh *rn;
- struct nl_addr *nl_addr;
+ struct ndmsg nhdr = {
+ .ndm_state = NUD_PERMANENT,
+ .ndm_ifindex = bss->ifindex,
+ .ndm_family = AF_BRIDGE,
+ };
+ struct nl_msg *msg;
int err;
- rn = rtnl_neigh_alloc();
- if (!rn)
+ msg = nlmsg_alloc_simple(RTM_DELNEIGH, NLM_F_CREATE);
+ if (!msg)
return;
- rtnl_neigh_set_family(rn, AF_BRIDGE);
- rtnl_neigh_set_ifindex(rn, bss->ifindex);
- nl_addr = nl_addr_build(AF_BRIDGE, (void *) addr, ETH_ALEN);
- if (!nl_addr) {
- rtnl_neigh_put(rn);
- return;
- }
- rtnl_neigh_set_lladdr(rn, nl_addr);
+ if (nlmsg_append(msg, &nhdr, sizeof(nhdr), NLMSG_ALIGNTO) < 0)
+ goto errout;
+
+ if (nla_put(msg, NDA_LLADDR, ETH_ALEN, (void *)addr))
+ goto errout;
+
+ if (nl_send_auto_complete(drv->rtnl_sk, msg) < 0)
+ goto errout;
- err = rtnl_neigh_delete(drv->rtnl_sk, rn, 0);
+ err = nl_wait_for_ack(drv->rtnl_sk);
if (err < 0) {
wpa_printf(MSG_DEBUG, "nl80211: bridge FDB entry delete for "
MACSTR " ifindex=%d failed: %s", MAC2STR(addr),
@@ -5888,9 +5888,8 @@ static void rtnl_neigh_delete_fdb_entry(
MACSTR, MAC2STR(addr));
}
- nl_addr_put(nl_addr);
- rtnl_neigh_put(rn);
-#endif /* CONFIG_LIBNL3_ROUTE */
+errout:
+ nlmsg_free(msg);
}
@@ -8615,7 +8614,6 @@ static void *i802_init(struct hostapd_da
(params->num_bridge == 0 || !params->bridge[0]))
add_ifidx(drv, br_ifindex, drv->ifindex);
-#ifdef CONFIG_LIBNL3_ROUTE
if (bss->added_if_into_bridge || bss->already_in_bridge) {
int err;
@@ -8632,7 +8630,6 @@ static void *i802_init(struct hostapd_da
goto failed;
}
}
-#endif /* CONFIG_LIBNL3_ROUTE */
if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) {
wpa_printf(MSG_DEBUG,
@@ -12071,13 +12068,14 @@ static int wpa_driver_br_add_ip_neigh(vo
const u8 *ipaddr, int prefixlen,
const u8 *addr)
{
-#ifdef CONFIG_LIBNL3_ROUTE
struct i802_bss *bss = priv;
struct wpa_driver_nl80211_data *drv = bss->drv;
- struct rtnl_neigh *rn;
- struct nl_addr *nl_ipaddr = NULL;
- struct nl_addr *nl_lladdr = NULL;
- int family, addrsize;
+ struct ndmsg nhdr = {
+ .ndm_state = NUD_PERMANENT,
+ .ndm_ifindex = bss->br_ifindex,
+ };
+ struct nl_msg *msg;
+ int addrsize;
int res;
if (!ipaddr || prefixlen == 0 || !addr)
@@ -12096,85 +12094,66 @@ static int wpa_driver_br_add_ip_neigh(vo
}
if (version == 4) {
- family = AF_INET;
+ nhdr.ndm_family = AF_INET;
addrsize = 4;
} else if (version == 6) {
- family = AF_INET6;
+ nhdr.ndm_family = AF_INET6;
addrsize = 16;
} else {
return -EINVAL;
}
- rn = rtnl_neigh_alloc();
- if (rn == NULL)
+ msg = nlmsg_alloc_simple(RTM_NEWNEIGH, NLM_F_CREATE);
+ if (!msg)
return -ENOMEM;
- /* set the destination ip address for neigh */
- nl_ipaddr = nl_addr_build(family, (void *) ipaddr, addrsize);
- if (nl_ipaddr == NULL) {
- wpa_printf(MSG_DEBUG, "nl80211: nl_ipaddr build failed");
- res = -ENOMEM;
+ res = -ENOMEM;
+ if (nlmsg_append(msg, &nhdr, sizeof(nhdr), NLMSG_ALIGNTO) < 0)
goto errout;
- }
- nl_addr_set_prefixlen(nl_ipaddr, prefixlen);
- res = rtnl_neigh_set_dst(rn, nl_ipaddr);
- if (res) {
- wpa_printf(MSG_DEBUG,
- "nl80211: neigh set destination addr failed");
+
+ if (nla_put(msg, NDA_DST, addrsize, (void *)ipaddr))
goto errout;
- }
- /* set the corresponding lladdr for neigh */
- nl_lladdr = nl_addr_build(AF_BRIDGE, (u8 *) addr, ETH_ALEN);
- if (nl_lladdr == NULL) {
- wpa_printf(MSG_DEBUG, "nl80211: neigh set lladdr failed");
- res = -ENOMEM;
+ if (nla_put(msg, NDA_LLADDR, ETH_ALEN, (void *)addr))
goto errout;
- }
- rtnl_neigh_set_lladdr(rn, nl_lladdr);
- rtnl_neigh_set_ifindex(rn, bss->br_ifindex);
- rtnl_neigh_set_state(rn, NUD_PERMANENT);
+ res = nl_send_auto_complete(drv->rtnl_sk, msg);
+ if (res < 0)
+ goto errout;
- res = rtnl_neigh_add(drv->rtnl_sk, rn, NLM_F_CREATE);
+ res = nl_wait_for_ack(drv->rtnl_sk);
if (res) {
wpa_printf(MSG_DEBUG,
"nl80211: Adding bridge ip neigh failed: %s",
nl_geterror(res));
}
errout:
- if (nl_lladdr)
- nl_addr_put(nl_lladdr);
- if (nl_ipaddr)
- nl_addr_put(nl_ipaddr);
- if (rn)
- rtnl_neigh_put(rn);
+ nlmsg_free(msg);
return res;
-#else /* CONFIG_LIBNL3_ROUTE */
- return -1;
-#endif /* CONFIG_LIBNL3_ROUTE */
}
static int wpa_driver_br_delete_ip_neigh(void *priv, u8 version,
const u8 *ipaddr)
{
-#ifdef CONFIG_LIBNL3_ROUTE
struct i802_bss *bss = priv;
struct wpa_driver_nl80211_data *drv = bss->drv;
- struct rtnl_neigh *rn;
- struct nl_addr *nl_ipaddr;
- int family, addrsize;
+ struct ndmsg nhdr = {
+ .ndm_state = NUD_PERMANENT,
+ .ndm_ifindex = bss->br_ifindex,
+ };
+ struct nl_msg *msg;
+ int addrsize;
int res;
if (!ipaddr)
return -EINVAL;
if (version == 4) {
- family = AF_INET;
+ nhdr.ndm_family = AF_INET;
addrsize = 4;
} else if (version == 6) {
- family = AF_INET6;
+ nhdr.ndm_family = AF_INET6;
addrsize = 16;
} else {
return -EINVAL;
@@ -12192,41 +12171,30 @@ static int wpa_driver_br_delete_ip_neigh
return -1;
}
- rn = rtnl_neigh_alloc();
- if (rn == NULL)
+ msg = nlmsg_alloc_simple(RTM_DELNEIGH, NLM_F_CREATE);
+ if (!msg)
return -ENOMEM;
- /* set the destination ip address for neigh */
- nl_ipaddr = nl_addr_build(family, (void *) ipaddr, addrsize);
- if (nl_ipaddr == NULL) {
- wpa_printf(MSG_DEBUG, "nl80211: nl_ipaddr build failed");
- res = -ENOMEM;
+ res = -ENOMEM;
+ if (nlmsg_append(msg, &nhdr, sizeof(nhdr), NLMSG_ALIGNTO) < 0)
goto errout;
- }
- res = rtnl_neigh_set_dst(rn, nl_ipaddr);
- if (res) {
- wpa_printf(MSG_DEBUG,
- "nl80211: neigh set destination addr failed");
+
+ if (nla_put(msg, NDA_DST, addrsize, (void *)ipaddr))
goto errout;
- }
- rtnl_neigh_set_ifindex(rn, bss->br_ifindex);
+ res = nl_send_auto_complete(drv->rtnl_sk, msg);
+ if (res < 0)
+ goto errout;
- res = rtnl_neigh_delete(drv->rtnl_sk, rn, 0);
+ res = nl_wait_for_ack(drv->rtnl_sk);
if (res) {
wpa_printf(MSG_DEBUG,
"nl80211: Deleting bridge ip neigh failed: %s",
nl_geterror(res));
}
errout:
- if (nl_ipaddr)
- nl_addr_put(nl_ipaddr);
- if (rn)
- rtnl_neigh_put(rn);
+ nlmsg_free(msg);
return res;
-#else /* CONFIG_LIBNL3_ROUTE */
- return -1;
-#endif /* CONFIG_LIBNL3_ROUTE */
}

34
package/network/services/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch
View File

@ -1,34 +0,0 @@
From: Felix Fietkau <nbd@nbd.name>
Date: Mon, 18 Feb 2019 12:57:11 +0100
Subject: [PATCH] mesh: allow processing authentication frames in blocked state
If authentication fails repeatedly e.g. because of a weak signal, the link
can end up in blocked state. If one of the nodes tries to establish a link
again before it is unblocked on the other side, it will block the link to
that other side. The same happens on the other side when it unblocks the
link. In that scenario, the link never recovers on its own.
To fix this, allow restarting authentication even if the link is in blocked
state, but don't initiate the attempt until the blocked period is over.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -3032,15 +3032,6 @@ static void handle_auth(struct hostapd_d
seq_ctrl);
return;
}
-#ifdef CONFIG_MESH
- if ((hapd->conf->mesh & MESH_ENABLED) &&
- sta->plink_state == PLINK_BLOCKED) {
- wpa_printf(MSG_DEBUG, "Mesh peer " MACSTR
- " is blocked - drop Authentication frame",
- MAC2STR(sa));
- return;
- }
-#endif /* CONFIG_MESH */
#ifdef CONFIG_PASN
if (auth_alg == WLAN_AUTH_PASN &&
(sta->flags & WLAN_STA_ASSOC)) {

6
package/network/services/hostapd/patches/050-Fix-OpenWrt-13156.patch
View File

@ -20,7 +20,7 @@ Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -3646,6 +3646,8 @@ int hostapd_remove_iface(struct hapd_int
@@ -3993,6 +3993,8 @@ int hostapd_remove_iface(struct hapd_int
void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta,
int reassoc)
{
@ -29,7 +29,7 @@ Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
if (hapd->tkip_countermeasures) {
hostapd_drv_sta_deauth(hapd, sta->addr,
WLAN_REASON_MICHAEL_MIC_FAILURE);
@@ -3653,10 +3655,16 @@ void hostapd_new_assoc_sta(struct hostap
@@ -4000,10 +4002,16 @@ void hostapd_new_assoc_sta(struct hostap
}
#ifdef CONFIG_IEEE80211BE
@ -51,7 +51,7 @@ Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
sta->post_csa_sa_query = 0;
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
@@ -1412,9 +1412,6 @@ bool ap_sta_set_authorized_flag(struct h
@@ -1485,9 +1485,6 @@ bool ap_sta_set_authorized_flag(struct h
mld_assoc_link_id = -2;
}
#endif /* CONFIG_IEEE80211BE */

4
package/network/services/hostapd/patches/051-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
View File

@ -26,7 +26,7 @@ Signed-off-by: David Bauer <mail@david-bauer.net>
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -2340,6 +2340,9 @@ struct wpa_driver_capa {
@@ -2355,6 +2355,9 @@ struct wpa_driver_capa {
/** Maximum number of iterations in a single scan plan */
u32 max_sched_scan_plan_iterations;
@ -38,7 +38,7 @@ Signed-off-by: David Bauer <mail@david-bauer.net>
--- a/src/drivers/driver_nl80211_capa.c
+++ b/src/drivers/driver_nl80211_capa.c
@@ -972,6 +972,10 @@ static int wiphy_info_handler(struct nl_
@@ -976,6 +976,10 @@ static int wiphy_info_handler(struct nl_
nla_get_u32(tb[NL80211_ATTR_MAX_SCAN_PLAN_ITERATIONS]);
}

2
package/network/services/hostapd/patches/052-AP-add-missing-null-pointer-check-in-hostapd_free_ha.patch
View File

@ -9,7 +9,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -502,7 +502,7 @@ void hostapd_free_hapd_data(struct hosta
@@ -485,7 +485,7 @@ void hostapd_free_hapd_data(struct hosta
struct hapd_interfaces *ifaces = hapd->iface->interfaces;
size_t i;

2
package/network/services/hostapd/patches/060-nl80211-fix-crash-when-adding-an-interface-fails.patch
View File

@ -10,7 +10,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -3071,7 +3071,7 @@ static int wpa_driver_nl80211_del_beacon
@@ -3083,7 +3083,7 @@ static int wpa_driver_nl80211_del_beacon
struct wpa_driver_nl80211_data *drv = bss->drv;
struct i802_link *link = nl80211_get_link(bss, link_id);

22
package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch
View File

@ -273,7 +273,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifdef CONFIG_RADIUS_SERVER
CFLAGS += -DRADIUS_SERVER
@@ -1341,7 +1426,9 @@ NOBJS += ../src/utils/trace.o
@@ -1342,7 +1427,9 @@ NOBJS += ../src/utils/trace.o
endif
HOBJS += hlr_auc_gw.o ../src/utils/common.o ../src/utils/wpa_debug.o ../src/utils/os_$(CONFIG_OS).o ../src/utils/wpabuf.o ../src/crypto/milenage.o
@ -283,7 +283,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifdef CONFIG_INTERNAL_AES
HOBJS += ../src/crypto/aes-internal.o
HOBJS += ../src/crypto/aes-internal-enc.o
@@ -1364,13 +1451,17 @@ SOBJS += ../src/common/sae.o
@@ -1365,13 +1452,17 @@ SOBJS += ../src/common/sae.o
SOBJS += ../src/common/sae_pk.o
SOBJS += ../src/common/dragonfly.o
SOBJS += $(AESOBJS)
@ -7765,7 +7765,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
CONFIG_SIM_SIMULATOR=y
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -1229,6 +1229,29 @@ endif
@@ -1230,6 +1230,29 @@ endif
CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\"
endif
@ -7795,7 +7795,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifeq ($(CONFIG_TLS), gnutls)
ifndef CONFIG_CRYPTO
# default to libgcrypt
@@ -1421,9 +1444,11 @@ endif
@@ -1422,9 +1445,11 @@ endif
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
@ -7807,7 +7807,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifdef CONFIG_OPENSSL_INTERNAL_AES_WRAP
# Seems to be needed at least with BoringSSL
NEED_INTERNAL_AES_WRAP=y
@@ -1437,9 +1462,11 @@ endif
@@ -1438,9 +1463,11 @@ endif
ifdef NEED_INTERNAL_AES_WRAP
ifneq ($(CONFIG_TLS), linux)
@ -7819,7 +7819,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifdef NEED_AES_EAX
AESOBJS += ../src/crypto/aes-eax.o
NEED_AES_CTR=y
@@ -1449,35 +1476,45 @@ AESOBJS += ../src/crypto/aes-siv.o
@@ -1450,35 +1477,45 @@ AESOBJS += ../src/crypto/aes-siv.o
NEED_AES_CTR=y
endif
ifdef NEED_AES_CTR
@ -7865,7 +7865,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifdef NEED_AES_ENC
ifdef CONFIG_INTERNAL_AES
AESOBJS += ../src/crypto/aes-internal-enc.o
@@ -1492,12 +1529,16 @@ ifneq ($(CONFIG_TLS), openssl)
@@ -1493,12 +1530,16 @@ ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
@ -7882,7 +7882,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifdef CONFIG_INTERNAL_SHA1
SHA1OBJS += ../src/crypto/sha1-internal.o
ifdef NEED_FIPS186_2_PRF
@@ -1509,29 +1550,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2
@@ -1510,29 +1551,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2
else
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
@ -7920,7 +7920,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifdef NEED_MD5
ifdef CONFIG_INTERNAL_MD5
MD5OBJS += ../src/crypto/md5-internal.o
@@ -1586,12 +1635,17 @@ ifneq ($(CONFIG_TLS), openssl)
@@ -1587,12 +1636,17 @@ ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
@ -7938,7 +7938,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifdef CONFIG_INTERNAL_SHA256
SHA256OBJS += ../src/crypto/sha256-internal.o
endif
@@ -1604,50 +1658,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512
@@ -1605,50 +1659,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512
SHA256OBJS += ../src/crypto/sha512-internal.o
endif
ifdef NEED_TLS_PRF_SHA256
@ -8007,7 +8007,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifdef NEED_ASN1
OBJS += ../src/tls/asn1.o
@@ -1822,10 +1894,12 @@ ifdef CONFIG_FIPS
@@ -1823,10 +1895,12 @@ ifdef CONFIG_FIPS
CFLAGS += -DCONFIG_FIPS
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)

2
package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch
View File

@ -101,7 +101,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -1240,10 +1240,6 @@ endif
@@ -1241,10 +1241,6 @@ endif
OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
OBJS_p += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
OBJS_priv += ../src/crypto/crypto_$(CONFIG_CRYPTO).o

22
package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch
View File

@ -696,7 +696,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
+ if tls.startswith("mbed TLS"):
+ raise HwsimSkip("TLS v1.3 not supported")
ok = ['run=OpenSSL 1.1.1', 'run=OpenSSL 3.0', 'run=OpenSSL 3.1',
'run=OpenSSL 3.2', 'wolfSSL']
'run=OpenSSL 3.2', 'run=OpenSSL 3.3', 'wolfSSL']
for s in ok:
@@ -122,11 +161,15 @@ def check_pkcs12_support(dev):
# raise HwsimSkip("PKCS#12 not supported with this TLS library: " + tls)
@ -935,7 +935,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
--- a/tests/hwsim/test_ap_ft.py
+++ b/tests/hwsim/test_ap_ft.py
@@ -2486,11 +2486,11 @@ def test_ap_ft_ap_oom5(dev, apdev):
@@ -2494,11 +2494,11 @@ def test_ap_ft_ap_oom5(dev, apdev):
# This will fail to roam
dev[0].roam(bssid1, check_bssid=False)
@ -1079,7 +1079,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS",
--- a/tests/hwsim/test_fils.py
+++ b/tests/hwsim/test_fils.py
@@ -1472,6 +1472,10 @@ def check_ec_group(dev, group):
@@ -1477,6 +1477,10 @@ def check_ec_group(dev, group):
tls = dev.request("GET tls_library")
if tls.startswith("wolfSSL"):
return
@ -1124,7 +1124,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
heavy_groups = [14, 15, 16]
suitable_groups = [15, 16, 17, 18, 19, 20, 21]
groups = [str(g) for g in sae_groups]
@@ -2194,6 +2199,8 @@ def run_sae_pwe_group(dev, apdev, group)
@@ -2232,6 +2237,8 @@ def run_sae_pwe_group(dev, apdev, group)
logger.info("Add Brainpool EC groups since OpenSSL is new enough")
elif tls.startswith("wolfSSL"):
logger.info("Make sure Brainpool EC groups were enabled when compiling wolfSSL")
@ -1154,7 +1154,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ca_cert="auth_serv/rsa3072-ca.pem",
--- a/tests/hwsim/test_wpas_ctrl.py
+++ b/tests/hwsim/test_wpas_ctrl.py
@@ -1842,7 +1842,7 @@ def _test_wpas_ctrl_oom(dev):
@@ -1856,7 +1856,7 @@ def _test_wpas_ctrl_oom(dev):
tls = dev[0].request("GET tls_library")
if not tls.startswith("internal"):
tests.append(('NFC_GET_HANDOVER_SEL NDEF P2P-CR-TAG', 'FAIL',
@ -1294,7 +1294,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
if (need_more_data) {
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -1188,6 +1188,7 @@ TLS_FUNCS=y
@@ -1189,6 +1189,7 @@ TLS_FUNCS=y
endif
ifeq ($(CONFIG_TLS), wolfssl)
@ -1302,7 +1302,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifdef TLS_FUNCS
CFLAGS += -DWOLFSSL_DER_LOAD
OBJS += ../src/crypto/tls_wolfssl.o
@@ -1203,6 +1204,7 @@ LIBS_p += -lwolfssl -lm
@@ -1204,6 +1205,7 @@ LIBS_p += -lwolfssl -lm
endif
ifeq ($(CONFIG_TLS), openssl)
@ -1310,7 +1310,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
CFLAGS += -DCRYPTO_RSA_OAEP_SHA256
ifdef TLS_FUNCS
CFLAGS += -DEAP_TLS_OPENSSL
@@ -1230,6 +1232,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF
@@ -1231,6 +1233,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF
endif
ifeq ($(CONFIG_TLS), mbedtls)
@ -1318,7 +1318,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifndef CONFIG_CRYPTO
CONFIG_CRYPTO=mbedtls
endif
@@ -1249,6 +1252,7 @@ endif
@@ -1250,6 +1253,7 @@ endif
endif
ifeq ($(CONFIG_TLS), gnutls)
@ -1326,7 +1326,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifndef CONFIG_CRYPTO
# default to libgcrypt
CONFIG_CRYPTO=gnutls
@@ -1279,6 +1283,7 @@ endif
@@ -1280,6 +1284,7 @@ endif
endif
ifeq ($(CONFIG_TLS), internal)
@ -1334,7 +1334,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifndef CONFIG_CRYPTO
CONFIG_CRYPTO=internal
endif
@@ -1359,6 +1364,7 @@ endif
@@ -1360,6 +1365,7 @@ endif
endif
ifeq ($(CONFIG_TLS), linux)

2
package/network/services/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch
View File

@ -130,7 +130,7 @@ Signed-off-by: P Praneesh <ppranees@codeaurora.org>
#undef VHT_CAP_CHECK_MAX
--- a/src/common/ieee802_11_defs.h
+++ b/src/common/ieee802_11_defs.h
@@ -1397,6 +1397,8 @@ struct ieee80211_ampe_ie {
@@ -1398,6 +1398,8 @@ struct ieee80211_ampe_ie {
#define VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB ((u32) BIT(26) | BIT(27))
#define VHT_CAP_RX_ANTENNA_PATTERN ((u32) BIT(28))
#define VHT_CAP_TX_ANTENNA_PATTERN ((u32) BIT(29))

18
package/network/services/hostapd/patches/181-driver_nl80211-update-drv-ifindex-on-removing-the-fi.patch
View File

@ -1,18 +0,0 @@
From: Felix Fietkau <nbd@nbd.name>
Date: Thu, 14 Sep 2023 11:28:03 +0200
Subject: [PATCH] driver_nl80211: update drv->ifindex on removing the first
BSS
Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -8985,6 +8985,7 @@ static int wpa_driver_nl80211_if_remove(
if (drv->first_bss->next) {
drv->first_bss = drv->first_bss->next;
drv->ctx = drv->first_bss->ctx;
+ drv->ifindex = drv->first_bss->ifindex;
os_free(bss);
} else {
wpa_printf(MSG_DEBUG, "nl80211: No second BSS to reassign context to");

34
package/network/services/hostapd/patches/182-nl80211-move-nl80211_put_freq_params-call-outside-of.patch
View File

@ -1,34 +0,0 @@
From: Felix Fietkau <nbd@nbd.name>
Date: Mon, 18 Sep 2023 16:47:41 +0200
Subject: [PATCH] nl80211: move nl80211_put_freq_params call outside of
802.11ax #ifdef
The relevance of this call is not specific to 802.11ax, so it should be done
even with CONFIG_IEEE80211AX disabled.
Fixes: b3921db426ea ("nl80211: Add frequency info in start AP command")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -5315,6 +5315,9 @@ static int wpa_driver_nl80211_set_ap(voi
nla_nest_end(msg, ftm);
}
+ if (params->freq && nl80211_put_freq_params(msg, params->freq) < 0)
+ goto fail;
+
#ifdef CONFIG_IEEE80211AX
if (params->he_spr_ctrl) {
struct nlattr *spr;
@@ -5349,9 +5352,6 @@ static int wpa_driver_nl80211_set_ap(voi
nla_nest_end(msg, spr);
}
- if (params->freq && nl80211_put_freq_params(msg, params->freq) < 0)
- goto fail;
-
if (params->freq && params->freq->he_enabled &&
nl80211_attr_supported(drv, NL80211_ATTR_HE_BSS_COLOR)) {
struct nlattr *bss_color;

28
package/network/services/hostapd/patches/183-hostapd-cancel-channel_list_update_timeout-in-hostap.patch
View File

@ -1,28 +0,0 @@
From: Felix Fietkau <nbd@nbd.name>
Date: Wed, 20 Sep 2023 13:41:10 +0200
Subject: [PATCH] hostapd: cancel channel_list_update_timeout in
hostapd_cleanup_iface_partial
Fixes a crash when disabling an interface during channel list update
Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -656,6 +656,7 @@ static void sta_track_deinit(struct host
void hostapd_cleanup_iface_partial(struct hostapd_iface *iface)
{
wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface);
+ eloop_cancel_timeout(channel_list_update_timeout, iface, NULL);
#ifdef NEED_AP_MLME
hostapd_stop_setup_timers(iface);
#endif /* NEED_AP_MLME */
@@ -685,7 +686,6 @@ void hostapd_cleanup_iface_partial(struc
static void hostapd_cleanup_iface(struct hostapd_iface *iface)
{
wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface);
- eloop_cancel_timeout(channel_list_update_timeout, iface, NULL);
eloop_cancel_timeout(hostapd_interface_setup_failure_handler, iface,
NULL);

56
package/network/services/hostapd/patches/200-multicall.patch
View File

@ -15,7 +15,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
include ../src/build.rules
ifdef LIBS
@@ -199,7 +200,8 @@ endif
@@ -200,7 +201,8 @@ endif
ifdef CONFIG_NO_VLAN
CFLAGS += -DCONFIG_NO_VLAN
@ -25,7 +25,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
OBJS += ../src/ap/vlan_init.o
OBJS += ../src/ap/vlan_ifconfig.o
OBJS += ../src/ap/vlan.o
@@ -358,10 +360,14 @@ CFLAGS += -DCONFIG_MBO
@@ -359,10 +361,14 @@ CFLAGS += -DCONFIG_MBO
OBJS += ../src/ap/mbo_ap.o
endif
@ -43,7 +43,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
LIBS += $(DRV_AP_LIBS)
ifdef CONFIG_L2_PACKET
@@ -1392,6 +1398,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR)
@@ -1393,6 +1399,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR)
_OBJS_VAR := OBJS
include ../src/objs.mk
@ -56,7 +56,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
hostapd: $(OBJS)
$(Q)$(CC) $(LDFLAGS) -o hostapd $(OBJS) $(LIBS)
@$(E) " LD " $@
@@ -1472,6 +1484,12 @@ include ../src/objs.mk
@@ -1473,6 +1485,12 @@ include ../src/objs.mk
_OBJS_VAR := SOBJS
include ../src/objs.mk
@ -71,7 +71,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
@$(E) " LD " $@
--- a/hostapd/main.c
+++ b/hostapd/main.c
@@ -705,6 +705,11 @@ fail:
@@ -692,6 +692,11 @@ fail:
return -1;
}
@ -83,7 +83,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
#ifdef CONFIG_WPS
static int gen_uuid(const char *txt_addr)
@@ -798,6 +803,8 @@ int main(int argc, char *argv[])
@@ -808,6 +813,8 @@ int main(int argc, char *argv[])
return -1;
#endif /* CONFIG_DPP */
@ -94,8 +94,8 @@ This allows building both hostapd and wpa_supplicant as a single binary
if (c < 0)
--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
@@ -2341,8 +2341,8 @@ err:
#endif /* CONFIG_OWE */
@@ -2409,8 +2409,8 @@ static void hostapd_event_color_change(s
#endif /* CONFIG_IEEE80211AX */
-void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
@ -105,7 +105,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
{
struct hostapd_data *hapd = ctx;
struct sta_info *sta;
@@ -2674,7 +2674,7 @@ void wpa_supplicant_event(void *ctx, enu
@@ -2769,7 +2769,7 @@ void wpa_supplicant_event(void *ctx, enu
}
@ -116,7 +116,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
struct hapd_interfaces *interfaces = ctx;
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -6763,8 +6763,8 @@ union wpa_event_data {
@@ -6847,8 +6847,8 @@ union wpa_event_data {
* Driver wrapper code should call this function whenever an event is received
* from the driver.
*/
@ -127,7 +127,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
/**
* wpa_supplicant_event_global - Report a driver event for wpa_supplicant
@@ -6776,7 +6776,7 @@ void wpa_supplicant_event(void *ctx, enu
@@ -6860,7 +6860,7 @@ void wpa_supplicant_event(void *ctx, enu
* Same as wpa_supplicant_event(), but we search for the interface in
* wpa_global.
*/
@ -159,7 +159,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
include ../src/build.rules
ifdef CONFIG_BUILD_PASN_SO
@@ -388,7 +389,9 @@ endif
@@ -389,7 +390,9 @@ endif
ifdef CONFIG_IBSS_RSN
NEED_RSN_AUTHENTICATOR=y
CFLAGS += -DCONFIG_IBSS_RSN
@ -169,7 +169,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
OBJS += ibss_rsn.o
endif
@@ -980,6 +983,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS
@@ -981,6 +984,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS
CFLAGS += -DCONFIG_DYNAMIC_EAP_METHODS
LIBS += -ldl -rdynamic
endif
@ -180,7 +180,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
endif
ifdef CONFIG_AP
@@ -987,9 +994,11 @@ NEED_EAP_COMMON=y
@@ -988,9 +995,11 @@ NEED_EAP_COMMON=y
NEED_RSN_AUTHENTICATOR=y
CFLAGS += -DCONFIG_AP
OBJS += ap.o
@ -192,7 +192,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
OBJS += ../src/ap/hostapd.o
OBJS += ../src/ap/wpa_auth_glue.o
OBJS += ../src/ap/utils.o
@@ -1080,6 +1089,12 @@ endif
@@ -1081,6 +1090,12 @@ endif
ifdef CONFIG_HS20
OBJS += ../src/ap/hs20.o
endif
@ -205,7 +205,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
endif
ifdef CONFIG_MBO
@@ -1089,7 +1104,9 @@ NEED_GAS=y
@@ -1090,7 +1105,9 @@ NEED_GAS=y
endif
ifdef NEED_RSN_AUTHENTICATOR
@ -215,7 +215,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
NEED_AES_WRAP=y
OBJS += ../src/ap/wpa_auth.o
OBJS += ../src/ap/wpa_auth_ie.o
@@ -2079,6 +2096,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
@@ -2080,6 +2097,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
_OBJS_VAR := OBJS
include ../src/objs.mk
@ -228,7 +228,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
$(Q)$(LDO) $(LDFLAGS) -o wpa_supplicant $(OBJS) $(LIBS) $(EXTRALIBS)
@$(E) " LD " $@
@@ -2211,6 +2234,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK)
@@ -2212,6 +2235,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK)
$(Q)sed -e 's|\@BINDIR\@|$(BINDIR)|g' $< >$@
@$(E) " sed" $<
@ -256,7 +256,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
const struct wpa_driver_ops *const wpa_drivers[] = { NULL };
@@ -1325,6 +1330,10 @@ static void usage(void)
@@ -1328,6 +1333,10 @@ static void usage(void)
"option several times.\n");
}
@ -267,7 +267,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
int main(int argc, char *argv[])
{
@@ -1348,6 +1357,8 @@ int main(int argc, char *argv[])
@@ -1351,6 +1360,8 @@ int main(int argc, char *argv[])
if (os_program_init())
return -1;
@ -278,7 +278,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
os_memset(&eapol_test, 0, sizeof(eapol_test));
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -5919,8 +5919,8 @@ static void wpas_link_reconfig(struct wp
@@ -5979,8 +5979,8 @@ static void wpas_link_reconfig(struct wp
}
@ -289,7 +289,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
{
struct wpa_supplicant *wpa_s = ctx;
int resched;
@@ -6872,7 +6872,7 @@ void wpa_supplicant_event(void *ctx, enu
@@ -6932,7 +6932,7 @@ void wpa_supplicant_event(void *ctx, enu
}
@ -300,7 +300,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
struct wpa_supplicant *wpa_s;
--- a/wpa_supplicant/wpa_priv.c
+++ b/wpa_supplicant/wpa_priv.c
@@ -1039,8 +1039,8 @@ static void wpa_priv_send_ft_response(st
@@ -1042,8 +1042,8 @@ static void wpa_priv_send_ft_response(st
}
@ -311,7 +311,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
{
struct wpa_priv_interface *iface = ctx;
@@ -1103,7 +1103,7 @@ void wpa_supplicant_event(void *ctx, enu
@@ -1106,7 +1106,7 @@ void wpa_supplicant_event(void *ctx, enu
}
@ -320,7 +320,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
union wpa_event_data *data)
{
struct wpa_priv_global *global = ctx;
@@ -1217,6 +1217,8 @@ int main(int argc, char *argv[])
@@ -1220,6 +1220,8 @@ int main(int argc, char *argv[])
if (os_program_init())
return -1;
@ -331,7 +331,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
os_memset(&global, 0, sizeof(global));
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -7583,7 +7583,6 @@ struct wpa_interface * wpa_supplicant_ma
@@ -7714,7 +7714,6 @@ struct wpa_interface * wpa_supplicant_ma
return NULL;
}
@ -339,7 +339,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
/**
* wpa_supplicant_match_existing - Match existing interfaces
* @global: Pointer to global data from wpa_supplicant_init()
@@ -7618,6 +7617,11 @@ static int wpa_supplicant_match_existing
@@ -7749,6 +7748,11 @@ static int wpa_supplicant_match_existing
#endif /* CONFIG_MATCH_IFACE */
@ -351,7 +351,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
/**
* wpa_supplicant_add_iface - Add a new network interface
@@ -7874,6 +7878,8 @@ struct wpa_global * wpa_supplicant_init(
@@ -8005,6 +8009,8 @@ struct wpa_global * wpa_supplicant_init(
#ifndef CONFIG_NO_WPA_MSG
wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
#endif /* CONFIG_NO_WPA_MSG */

6
package/network/services/hostapd/patches/201-lto-jobserver-support.patch
View File

@ -5,7 +5,7 @@ Subject: [PATCH] hostapd: build with LTO enabled (using jobserver for parallel
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -1405,7 +1405,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS)
@@ -1406,7 +1406,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS)
@$(AR) cr $@ hostapd_multi.o $(OBJS)
hostapd: $(OBJS)
@ -14,7 +14,7 @@ Subject: [PATCH] hostapd: build with LTO enabled (using jobserver for parallel
@$(E) " LD " $@
ifdef CONFIG_WPA_TRACE
@@ -1416,7 +1416,7 @@ _OBJS_VAR := OBJS_c
@@ -1417,7 +1417,7 @@ _OBJS_VAR := OBJS_c
include ../src/objs.mk
hostapd_cli: $(OBJS_c)
@ -25,7 +25,7 @@ Subject: [PATCH] hostapd: build with LTO enabled (using jobserver for parallel
NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS)
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -2103,31 +2103,31 @@ wpa_supplicant_multi.a: .config $(BCHECK
@@ -2104,31 +2104,31 @@ wpa_supplicant_multi.a: .config $(BCHECK
@$(AR) cr $@ wpa_supplicant_multi.o $(OBJS)
wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)

23
package/network/services/hostapd/patches/210-build-de-duplicate-_DIRS-before-calling-mkdir.patch
View File

@ -1,23 +0,0 @@
From: Felix Fietkau <nbd@nbd.name>
Date: Thu, 4 Apr 2024 12:59:41 +0200
Subject: [PATCH] build: de-duplicate _DIRS before calling mkdir
If the build path is long, the contents of the _DIRS variable can be very long,
since it repeats the same directories very often.
In some cases, this has triggered an "Argument list too long" build error.
Suggested-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
--- a/src/build.rules
+++ b/src/build.rules
@@ -80,7 +80,7 @@ endif
_DIRS := $(BUILDDIR)/$(PROJ)
.PHONY: _make_dirs
_make_dirs:
- @mkdir -p $(_DIRS)
+ @mkdir -p $(sort $(_DIRS))
$(BUILDDIR)/$(PROJ)/src/%.o: $(ROOTDIR)src/%.c $(CONFIG_FILE) | _make_dirs
$(Q)$(CC) -c -o $@ $(CFLAGS) $<

4
package/network/services/hostapd/patches/211-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch
View File

@ -13,7 +13,7 @@ Signed-off-by: David Bauer <mail@david-bauer.net>
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -13214,7 +13214,7 @@ char * wpa_supplicant_ctrl_iface_process
@@ -13233,7 +13233,7 @@ char * wpa_supplicant_ctrl_iface_process
if (wpas_ctrl_iface_coloc_intf_report(wpa_s, buf + 18))
reply_len = -1;
#endif /* CONFIG_WNM */
@ -22,7 +22,7 @@ Signed-off-by: David Bauer <mail@david-bauer.net>
} else if (os_strncmp(buf, "DISASSOC_IMMINENT ", 18) == 0) {
if (ap_ctrl_iface_disassoc_imminent(wpa_s, buf + 18))
reply_len = -1;
@@ -13224,7 +13224,7 @@ char * wpa_supplicant_ctrl_iface_process
@@ -13243,7 +13243,7 @@ char * wpa_supplicant_ctrl_iface_process
} else if (os_strncmp(buf, "BSS_TM_REQ ", 11) == 0) {
if (ap_ctrl_iface_bss_tm_req(wpa_s, buf + 11))
reply_len = -1;

4
package/network/services/hostapd/patches/220-indicate-features.patch
View File

@ -15,7 +15,7 @@ Subject: [PATCH] hostapd: support optional argument for the -v switch of
struct hapd_global {
void **drv_priv;
@@ -806,7 +806,7 @@ int main(int argc, char *argv[])
@@ -816,7 +816,7 @@ int main(int argc, char *argv[])
wpa_supplicant_event = hostapd_wpa_event;
wpa_supplicant_event_global = hostapd_wpa_event_global;
for (;;) {
@ -24,7 +24,7 @@ Subject: [PATCH] hostapd: support optional argument for the -v switch of
if (c < 0)
break;
switch (c) {
@@ -843,6 +843,8 @@ int main(int argc, char *argv[])
@@ -853,6 +853,8 @@ int main(int argc, char *argv[])
break;
#endif /* CONFIG_DEBUG_LINUX_TRACING */
case 'v':

4
package/network/services/hostapd/patches/250-hostapd_cli_ifdef.patch
View File

@ -37,7 +37,7 @@ Subject: [PATCH] hostapd: support wps in hostapd_cli even when built from the
static int hostapd_cli_cmd_disassoc_imminent(struct wpa_ctrl *ctrl, int argc,
@@ -1670,13 +1666,10 @@ static const struct hostapd_cli_cmd host
@@ -1686,13 +1682,10 @@ static const struct hostapd_cli_cmd host
{ "disassociate", hostapd_cli_cmd_disassociate,
hostapd_complete_stations,
"<addr> = disassociate a station" },
@ -51,7 +51,7 @@ Subject: [PATCH] hostapd: support wps in hostapd_cli even when built from the
{ "wps_pin", hostapd_cli_cmd_wps_pin, NULL,
"<uuid> <pin> [timeout] [addr] = add WPS Enrollee PIN" },
{ "wps_check_pin", hostapd_cli_cmd_wps_check_pin, NULL,
@@ -1701,7 +1694,6 @@ static const struct hostapd_cli_cmd host
@@ -1717,7 +1710,6 @@ static const struct hostapd_cli_cmd host
"<SSID> <auth> <encr> <key> = configure AP" },
{ "wps_get_status", hostapd_cli_cmd_wps_get_status, NULL,
"= show current WPS status" },

32
package/network/services/hostapd/patches/252-disable_ctrl_iface_mib.patch
View File

@ -4,7 +4,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -221,6 +221,9 @@ endif
@@ -222,6 +222,9 @@ endif
ifdef CONFIG_NO_CTRL_IFACE
CFLAGS += -DCONFIG_NO_CTRL_IFACE
else
@ -16,7 +16,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
else
--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
@@ -3897,6 +3897,7 @@ static int hostapd_ctrl_iface_receive_pr
@@ -4005,6 +4005,7 @@ static int hostapd_ctrl_iface_receive_pr
reply_size);
} else if (os_strcmp(buf, "STATUS-DRIVER") == 0) {
reply_len = hostapd_drv_status(hapd, reply, reply_size);
@ -24,7 +24,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
} else if (os_strcmp(buf, "MIB") == 0) {
reply_len = ieee802_11_get_mib(hapd, reply, reply_size);
if (reply_len >= 0) {
@@ -3938,6 +3939,7 @@ static int hostapd_ctrl_iface_receive_pr
@@ -4046,6 +4047,7 @@ static int hostapd_ctrl_iface_receive_pr
} else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply,
reply_size);
@ -88,7 +88,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
static int hostapd_ctrl_iface_sta_mib(struct hostapd_data *hapd,
struct sta_info *sta,
char *buf, size_t buflen)
@@ -539,6 +539,7 @@ int hostapd_ctrl_iface_sta_next(struct h
@@ -562,6 +562,7 @@ int hostapd_ctrl_iface_sta_next(struct h
return hostapd_ctrl_iface_sta_mib(hapd, sta->next, buf, buflen);
}
@ -96,7 +96,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
#ifdef CONFIG_P2P_MANAGER
static int p2p_manager_disconnect(struct hostapd_data *hapd, u16 stype,
@@ -951,12 +952,12 @@ int hostapd_ctrl_iface_status(struct hos
@@ -1010,12 +1011,12 @@ int hostapd_ctrl_iface_status(struct hos
return len;
len += ret;
}
@ -113,7 +113,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
if (os_snprintf_error(buflen - len, ret))
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
@@ -2837,6 +2837,7 @@ static const char * bool_txt(bool val)
@@ -2848,6 +2848,7 @@ static const char * bool_txt(bool val)
return val ? "TRUE" : "FALSE";
}
@ -121,7 +121,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
int ieee802_1x_get_mib(struct hostapd_data *hapd, char *buf, size_t buflen)
{
@@ -3023,6 +3024,7 @@ int ieee802_1x_get_mib_sta(struct hostap
@@ -3034,6 +3035,7 @@ int ieee802_1x_get_mib_sta(struct hostap
return len;
}
@ -131,7 +131,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
static void ieee802_1x_wnm_notif_send(void *eloop_ctx, void *timeout_ctx)
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -5583,6 +5583,7 @@ static const char * wpa_bool_txt(int val
@@ -5956,6 +5956,7 @@ static const char * wpa_bool_txt(int val
return val ? "TRUE" : "FALSE";
}
@ -139,7 +139,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
#define RSN_SUITE "%02x-%02x-%02x-%d"
#define RSN_SUITE_ARG(s) \
@@ -5735,7 +5736,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
@@ -6108,7 +6109,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
return len;
}
@ -150,7 +150,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
{
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -3943,6 +3943,8 @@ static u32 wpa_key_mgmt_suite(struct wpa
@@ -3974,6 +3974,8 @@ static u32 wpa_key_mgmt_suite(struct wpa
}
@ -159,7 +159,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
#define RSN_SUITE "%02x-%02x-%02x-%d"
#define RSN_SUITE_ARG(s) \
((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff
@@ -4024,6 +4026,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch
@@ -4055,6 +4057,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch
return (int) len;
}
@ -169,7 +169,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -1038,6 +1038,9 @@ ifdef CONFIG_FILS
@@ -1039,6 +1039,9 @@ ifdef CONFIG_FILS
OBJS += ../src/ap/fils_hlp.o
endif
ifdef CONFIG_CTRL_IFACE
@ -201,7 +201,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
if (wpa_s->ap_iface) {
pos += ap_ctrl_iface_wpa_get_status(wpa_s, pos,
end - pos,
@@ -12542,6 +12542,7 @@ char * wpa_supplicant_ctrl_iface_process
@@ -12561,6 +12561,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_len = -1;
} else if (os_strncmp(buf, "NOTE ", 5) == 0) {
wpa_printf(MSG_INFO, "NOTE: %s", buf + 5);
@ -209,7 +209,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
} else if (os_strcmp(buf, "MIB") == 0) {
reply_len = wpa_sm_get_mib(wpa_s->wpa, reply, reply_size);
if (reply_len >= 0) {
@@ -12554,6 +12555,7 @@ char * wpa_supplicant_ctrl_iface_process
@@ -12573,6 +12574,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_size - reply_len);
#endif /* CONFIG_MACSEC */
}
@ -217,7 +217,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
} else if (os_strncmp(buf, "STATUS", 6) == 0) {
reply_len = wpa_supplicant_ctrl_iface_status(
wpa_s, buf + 6, reply, reply_size);
@@ -13042,6 +13044,7 @@ char * wpa_supplicant_ctrl_iface_process
@@ -13061,6 +13063,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_len = wpa_supplicant_ctrl_iface_bss(
wpa_s, buf + 4, reply, reply_size);
#ifdef CONFIG_AP
@ -225,7 +225,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
} else if (os_strcmp(buf, "STA-FIRST") == 0) {
reply_len = ap_ctrl_iface_sta_first(wpa_s, reply, reply_size);
} else if (os_strncmp(buf, "STA ", 4) == 0) {
@@ -13050,12 +13053,15 @@ char * wpa_supplicant_ctrl_iface_process
@@ -13069,12 +13072,15 @@ char * wpa_supplicant_ctrl_iface_process
} else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
reply_len = ap_ctrl_iface_sta_next(wpa_s, buf + 9, reply,
reply_size);

103
package/network/services/hostapd/patches/253-qos_map_set_without_interworking.patch
View File

@ -1,103 +0,0 @@
From: Felix Fietkau <nbd@nbd.name>
Date: Thu, 4 Nov 2021 11:45:18 +0100
Subject: [PATCH] hostapd: support qos_map_set without CONFIG_INTERWORKING
This feature is useful on its own even without full interworking support
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -1680,6 +1680,8 @@ static int parse_anqp_elem(struct hostap
return 0;
}
+#endif /* CONFIG_INTERWORKING */
+
static int parse_qos_map_set(struct hostapd_bss_config *bss,
char *buf, int line)
@@ -1721,8 +1723,6 @@ static int parse_qos_map_set(struct host
return 0;
}
-#endif /* CONFIG_INTERWORKING */
-
#ifdef CONFIG_HS20
static int hs20_parse_conn_capab(struct hostapd_bss_config *bss, char *buf,
@@ -4260,10 +4260,10 @@ static int hostapd_config_fill(struct ho
bss->gas_frag_limit = val;
} else if (os_strcmp(buf, "gas_comeback_delay") == 0) {
bss->gas_comeback_delay = atoi(pos);
+#endif /* CONFIG_INTERWORKING */
} else if (os_strcmp(buf, "qos_map_set") == 0) {
if (parse_qos_map_set(bss, pos, line) < 0)
return 1;
-#endif /* CONFIG_INTERWORKING */
#ifdef CONFIG_RADIUS_TEST
} else if (os_strcmp(buf, "dump_msk_file") == 0) {
os_free(bss->dump_msk_file);
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -1548,6 +1548,7 @@ static int hostapd_setup_bss(struct host
wpa_printf(MSG_ERROR, "GAS server initialization failed");
return -1;
}
+#endif /* CONFIG_INTERWORKING */
if (conf->qos_map_set_len &&
hostapd_drv_set_qos_map(hapd, conf->qos_map_set,
@@ -1555,7 +1556,6 @@ static int hostapd_setup_bss(struct host
wpa_printf(MSG_ERROR, "Failed to initialize QoS Map");
return -1;
}
-#endif /* CONFIG_INTERWORKING */
if (conf->bss_load_update_period && bss_load_update_init(hapd)) {
wpa_printf(MSG_ERROR, "BSS Load initialization failed");
--- a/src/ap/ieee802_11_shared.c
+++ b/src/ap/ieee802_11_shared.c
@@ -1138,13 +1138,11 @@ u8 * hostapd_eid_rsnxe(struct hostapd_da
u16 check_ext_capab(struct hostapd_data *hapd, struct sta_info *sta,
const u8 *ext_capab_ie, size_t ext_capab_ie_len)
{
-#ifdef CONFIG_INTERWORKING
/* check for QoS Map support */
if (ext_capab_ie_len >= 5) {
if (ext_capab_ie[4] & 0x01)
sta->qos_map_enabled = 1;
}
-#endif /* CONFIG_INTERWORKING */
if (ext_capab_ie_len > 0) {
sta->ecsa_supported = !!(ext_capab_ie[0] & BIT(2));
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -2935,8 +2935,6 @@ void wnm_bss_keep_alive_deinit(struct wp
}
-#ifdef CONFIG_INTERWORKING
-
static int wpas_qos_map_set(struct wpa_supplicant *wpa_s, const u8 *qos_map,
size_t len)
{
@@ -2969,8 +2967,6 @@ static void interworking_process_assoc_r
}
}
-#endif /* CONFIG_INTERWORKING */
-
static void wpa_supplicant_set_4addr_mode(struct wpa_supplicant *wpa_s)
{
@@ -3350,10 +3346,8 @@ static int wpa_supplicant_event_associnf
wnm_process_assoc_resp(wpa_s, data->assoc_info.resp_ies,
data->assoc_info.resp_ies_len);
#endif /* CONFIG_WNM */
-#ifdef CONFIG_INTERWORKING
interworking_process_assoc_resp(wpa_s, data->assoc_info.resp_ies,
data->assoc_info.resp_ies_len);
-#endif /* CONFIG_INTERWORKING */
if (wpa_s->hw_capab == CAPAB_VHT &&
get_ie(data->assoc_info.resp_ies,
data->assoc_info.resp_ies_len, WLAN_EID_VHT_CAP))

6
package/network/services/hostapd/patches/300-noscan.patch
View File

@ -5,7 +5,7 @@ Subject: [PATCH] Add noscan, no_ht_coex config options
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -3656,6 +3656,10 @@ static int hostapd_config_fill(struct ho
@@ -3680,6 +3680,10 @@ static int hostapd_config_fill(struct ho
if (bss->ocv && !bss->ieee80211w)
bss->ieee80211w = 1;
#endif /* CONFIG_OCV */
@ -18,7 +18,7 @@ Subject: [PATCH] Add noscan, no_ht_coex config options
} else if (os_strcmp(buf, "ht_capab") == 0) {
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -1093,6 +1093,8 @@ struct hostapd_config {
@@ -1108,6 +1108,8 @@ struct hostapd_config {
int ht_op_mode_fixed;
u16 ht_capab;
@ -29,7 +29,7 @@ Subject: [PATCH] Add noscan, no_ht_coex config options
int no_pri_sec_switch;
--- a/src/ap/hw_features.c
+++ b/src/ap/hw_features.c
@@ -544,7 +544,8 @@ static int ieee80211n_check_40mhz(struct
@@ -551,7 +551,8 @@ static int ieee80211n_check_40mhz(struct
int ret;
/* Check that HT40 is used and PRI / SEC switch is allowed */

12
package/network/services/hostapd/patches/301-mesh-noscan.patch
View File

@ -47,7 +47,7 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
/*
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -2770,7 +2770,7 @@ static bool ibss_mesh_can_use_vht(struct
@@ -2881,7 +2881,7 @@ static bool ibss_mesh_can_use_vht(struct
const struct wpa_ssid *ssid,
struct hostapd_hw_modes *mode)
{
@ -56,7 +56,7 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
return false;
if (!drv_supports_vht(wpa_s, ssid))
@@ -2843,7 +2843,7 @@ static void ibss_mesh_select_40mhz(struc
@@ -2954,7 +2954,7 @@ static void ibss_mesh_select_40mhz(struc
int i, res;
unsigned int j;
static const int ht40plus[] = {
@ -65,16 +65,16 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
149, 157, 165, 173, 184, 192
};
int ht40 = -1;
@@ -3093,7 +3093,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
@@ -3205,7 +3205,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
enum hostapd_hw_mode hw_mode;
struct hostapd_hw_modes *mode = NULL;
- int i, obss_scan = 1;
+ int i, obss_scan = !(ssid->noscan);
- int obss_scan = 1;
+ int obss_scan = !(ssid->noscan);
u8 channel;
bool is_6ghz, is_24ghz;
bool dfs_enabled = wpa_s->conf->country[0] && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR);
@@ -3143,6 +3143,8 @@ void ibss_mesh_setup_freq(struct wpa_sup
@@ -3249,6 +3249,8 @@ void ibss_mesh_setup_freq(struct wpa_sup
freq->he_enabled = ibss_mesh_can_use_he(wpa_s, ssid, mode,
ieee80211_mode);
freq->channel = channel;

2
package/network/services/hostapd/patches/310-rescan_immediately.patch
View File

@ -5,7 +5,7 @@ Subject: [PATCH] rescan_immediately.patch
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -5870,7 +5870,7 @@ wpa_supplicant_alloc(struct wpa_supplica
@@ -6001,7 +6001,7 @@ wpa_supplicant_alloc(struct wpa_supplica
if (wpa_s == NULL)
return NULL;
wpa_s->scan_req = INITIAL_SCAN_REQ;

2
package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch
View File

@ -5,7 +5,7 @@ Subject: [PATCH] nl80211_fix_set_freq.patch
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -5483,7 +5483,7 @@ static int nl80211_set_channel(struct i8
@@ -5494,7 +5494,7 @@ static int nl80211_set_channel(struct i8
freq->he_enabled, freq->eht_enabled, freq->bandwidth,
freq->center_freq1, freq->center_freq2);

26
package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch
View File

@ -4,22 +4,7 @@ Subject: [PATCH] nl80211_del_beacon_bss.patch
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -3075,12 +3075,12 @@ static int wpa_driver_nl80211_del_beacon
return 0;
wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)",
- drv->ifindex);
+ bss->ifindex);
link->beacon_set = 0;
link->freq = 0;
nl80211_put_wiphy_data_ap(bss);
- msg = nl80211_drv_msg(drv, 0, NL80211_CMD_DEL_BEACON);
+ msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_BEACON);
if (!msg)
return -ENOBUFS;
@@ -6176,8 +6176,7 @@ static void nl80211_teardown_ap(struct i
@@ -6183,8 +6183,7 @@ static void nl80211_teardown_ap(struct i
nl80211_mgmt_unsubscribe(bss, "AP teardown");
nl80211_put_wiphy_data_ap(bss);
@ -29,12 +14,3 @@ Subject: [PATCH] nl80211_del_beacon_bss.patch
}
@@ -8977,8 +8976,6 @@ static int wpa_driver_nl80211_if_remove(
} else {
wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context");
nl80211_teardown_ap(bss);
- if (!bss->added_if && !drv->first_bss->next)
- wpa_driver_nl80211_del_beacon_all(bss);
nl80211_destroy_bss(bss);
if (!bss->added_if)
i802_set_iface_flags(bss, 0);

4
package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch
View File

@ -14,7 +14,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -971,6 +971,9 @@ struct wpa_driver_associate_params {
@@ -979,6 +979,9 @@ struct wpa_driver_associate_params {
* responsible for selecting with which BSS to associate. */
const u8 *bssid;
@ -155,7 +155,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
* macsec_policy - Determines the policy for MACsec secure session
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -4249,6 +4249,12 @@ static void wpas_start_assoc_cb(struct w
@@ -4370,6 +4370,12 @@ static void wpas_start_assoc_cb(struct w
params.beacon_int = ssid->beacon_int;
else
params.beacon_int = wpa_s->conf->beacon_int;

6
package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch
View File

@ -19,7 +19,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -1876,6 +1876,7 @@ struct wpa_driver_mesh_join_params {
@@ -1889,6 +1889,7 @@ struct wpa_driver_mesh_join_params {
#define WPA_DRIVER_MESH_FLAG_AMPE 0x00000008
unsigned int flags;
bool handle_dfs;
@ -29,7 +29,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
struct wpa_driver_set_key_params {
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -11850,6 +11850,18 @@ static int nl80211_put_mesh_id(struct nl
@@ -11983,6 +11983,18 @@ static int nl80211_put_mesh_id(struct nl
}
@ -48,7 +48,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
static int nl80211_put_mesh_config(struct nl_msg *msg,
struct wpa_driver_mesh_bss_params *params)
{
@@ -11911,6 +11923,7 @@ static int nl80211_join_mesh(struct i802
@@ -12044,6 +12056,7 @@ static int nl80211_join_mesh(struct i802
nl80211_put_basic_rates(msg, params->basic_rates) ||
nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) ||
nl80211_put_beacon_int(msg, params->beacon_int) ||

2
package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch
View File

@ -5,7 +5,7 @@ Subject: [PATCH] Fix issues with disabling obss scan when using fixed_freq on
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -3100,6 +3100,10 @@ void ibss_mesh_setup_freq(struct wpa_sup
@@ -3212,6 +3212,10 @@ void ibss_mesh_setup_freq(struct wpa_sup
freq->freq = ssid->frequency;

2
package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch
View File

@ -13,7 +13,7 @@ Signed-off-by: David Bauer <mail@david-bauer.net>
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -3708,6 +3708,8 @@ static int hostapd_config_fill(struct ho
@@ -3734,6 +3734,8 @@ static int hostapd_config_fill(struct ho
} else if (os_strcmp(buf, "he_bss_color") == 0) {
conf->he_op.he_bss_color = atoi(pos) & 0x3f;
conf->he_op.he_bss_color_disabled = 0;

4
package/network/services/hostapd/patches/470-survey_data_fallback.patch
View File

@ -4,7 +4,7 @@ Subject: [PATCH] hostapd: implement fallback for incomplete survey data
--- a/src/ap/acs.c
+++ b/src/ap/acs.c
@@ -467,17 +467,17 @@ static int acs_get_bw_center_chan(int fr
@@ -471,17 +471,17 @@ static int acs_get_bw_center_chan(int fr
static int acs_survey_is_sufficient(struct freq_survey *survey)
{
if (!(survey->filled & SURVEY_HAS_NF)) {
@ -24,7 +24,7 @@ Subject: [PATCH] hostapd: implement fallback for incomplete survey data
}
if (!(survey->filled & SURVEY_HAS_CHAN_TIME_BUSY) &&
@@ -485,7 +485,6 @@ static int acs_survey_is_sufficient(stru
@@ -489,7 +489,6 @@ static int acs_survey_is_sufficient(stru
wpa_printf(MSG_INFO,
"ACS: Survey for freq %d is missing RX and busy time (at least one is required)",
survey->freq);

6
package/network/services/hostapd/patches/590-rrm-wnm-statistics.patch
View File

@ -10,7 +10,7 @@ method.
--- a/src/ap/hostapd.h
+++ b/src/ap/hostapd.h
@@ -163,6 +163,21 @@ struct hostapd_sae_commit_queue {
@@ -168,6 +168,21 @@ struct hostapd_sae_commit_queue {
};
/**
@ -32,9 +32,9 @@ method.
* struct hostapd_data - hostapd per-BSS data structure
*/
struct hostapd_data {
@@ -182,6 +197,9 @@ struct hostapd_data {
@@ -181,6 +196,9 @@ struct hostapd_data {
struct hostapd_data *mld_first_bss;
u8 own_addr[ETH_ALEN];
+ /* OpenWrt specific statistics */
+ struct hostapd_openwrt_stats openwrt_stats;

85
package/network/services/hostapd/patches/600-ubus_support.patch
View File

@ -7,7 +7,7 @@ probe/assoc/auth requests via object subscribe.
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -166,6 +166,12 @@ OBJS += ../src/common/hw_features_common
@@ -167,6 +167,12 @@ OBJS += ../src/common/hw_features_common
OBJS += ../src/eapol_auth/eapol_auth_sm.o
@ -53,7 +53,7 @@ probe/assoc/auth requests via object subscribe.
}
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
@@ -1351,6 +1351,12 @@ void handle_probe_req(struct hostapd_dat
@@ -1357,6 +1357,12 @@ void handle_probe_req(struct hostapd_dat
int mld_id;
u16 links;
#endif /* CONFIG_IEEE80211BE */
@ -66,7 +66,7 @@ probe/assoc/auth requests via object subscribe.
if (hapd->iconf->rssi_ignore_probe_request && ssi_signal &&
ssi_signal < hapd->iconf->rssi_ignore_probe_request)
@@ -1537,6 +1543,12 @@ void handle_probe_req(struct hostapd_dat
@@ -1543,6 +1549,12 @@ void handle_probe_req(struct hostapd_dat
}
#endif /* CONFIG_P2P */
@ -81,7 +81,7 @@ probe/assoc/auth requests via object subscribe.
--- a/src/ap/dfs.c
+++ b/src/ap/dfs.c
@@ -1225,6 +1225,8 @@ int hostapd_dfs_pre_cac_expired(struct h
@@ -1236,6 +1236,8 @@ int hostapd_dfs_pre_cac_expired(struct h
"freq=%d ht_enabled=%d chan_offset=%d chan_width=%d cf1=%d cf2=%d",
freq, ht_enabled, chan_offset, chan_width, cf1, cf2);
@ -118,7 +118,7 @@ probe/assoc/auth requests via object subscribe.
wpabuf_free(sta->p2p_ie);
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -493,6 +493,7 @@ void hostapd_free_hapd_data(struct hosta
@@ -475,6 +475,7 @@ void hostapd_free_hapd_data(struct hosta
hapd->beacon_set_done = 0;
wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface);
@ -126,7 +126,7 @@ probe/assoc/auth requests via object subscribe.
accounting_deinit(hapd);
hostapd_deinit_wpa(hapd);
vlan_deinit(hapd);
@@ -1274,6 +1275,8 @@ static int hostapd_start_beacon(struct h
@@ -1303,6 +1304,8 @@ static int hostapd_start_beacon(struct h
if (hapd->driver && hapd->driver->set_operstate)
hapd->driver->set_operstate(hapd->drv_priv, 1);
@ -135,7 +135,7 @@ probe/assoc/auth requests via object subscribe.
return 0;
}
@@ -2367,6 +2370,7 @@ static int hostapd_setup_interface_compl
@@ -2481,6 +2484,7 @@ static int hostapd_setup_interface_compl
if (err)
goto fail;
@ -143,7 +143,7 @@ probe/assoc/auth requests via object subscribe.
wpa_printf(MSG_DEBUG, "Completing interface initialization");
if (iface->freq) {
#ifdef NEED_AP_MLME
@@ -2586,6 +2590,7 @@ dfs_offload:
@@ -2700,6 +2704,7 @@ dfs_offload:
fail:
wpa_printf(MSG_ERROR, "Interface initialization failed");
@ -151,7 +151,7 @@ probe/assoc/auth requests via object subscribe.
if (iface->is_no_ir) {
hostapd_set_state(iface, HAPD_IFACE_NO_IR);
@@ -3076,6 +3081,7 @@ void hostapd_interface_deinit_free(struc
@@ -3416,6 +3421,7 @@ void hostapd_interface_deinit_free(struc
(unsigned int) iface->conf->num_bss);
driver = iface->bss[0]->driver;
drv_priv = iface->bss[0]->drv_priv;
@ -169,7 +169,7 @@ probe/assoc/auth requests via object subscribe.
#define OCE_STA_CFON_ENABLED(hapd) \
((hapd->conf->oce & OCE_STA_CFON) && \
@@ -184,6 +185,7 @@ struct hostapd_data {
@@ -189,6 +190,7 @@ struct hostapd_data {
struct hostapd_iface *iface;
struct hostapd_config *iconf;
struct hostapd_bss_config *conf;
@ -177,7 +177,7 @@ probe/assoc/auth requests via object subscribe.
int interface_added; /* virtual interface added for this BSS */
unsigned int started:1;
unsigned int disabled:1;
@@ -707,6 +709,7 @@ hostapd_alloc_bss_data(struct hostapd_if
@@ -743,6 +745,7 @@ hostapd_alloc_bss_data(struct hostapd_if
struct hostapd_bss_config *bss);
int hostapd_setup_interface(struct hostapd_iface *iface);
int hostapd_setup_interface_complete(struct hostapd_iface *iface, int err);
@ -187,7 +187,7 @@ probe/assoc/auth requests via object subscribe.
struct hostapd_iface * hostapd_alloc_iface(void);
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -2798,7 +2798,7 @@ static void handle_auth(struct hostapd_d
@@ -2874,7 +2874,7 @@ static void handle_auth(struct hostapd_d
u16 auth_alg, auth_transaction, status_code;
u16 resp = WLAN_STATUS_SUCCESS;
struct sta_info *sta = NULL;
@ -196,10 +196,10 @@ probe/assoc/auth requests via object subscribe.
u16 fc;
const u8 *challenge = NULL;
u8 resp_ies[2 + WLAN_AUTH_CHALLENGE_LEN];
@@ -2807,6 +2807,11 @@ static void handle_auth(struct hostapd_d
struct radius_sta rad_info;
const u8 *dst, *sa, *bssid;
@@ -2885,6 +2885,11 @@ static void handle_auth(struct hostapd_d
#ifdef CONFIG_IEEE80211BE
bool mld_sta = false;
#endif /* CONFIG_IEEE80211BE */
+ struct hostapd_ubus_request req = {
+ .type = HOSTAPD_UBUS_AUTH_REQ,
+ .mgmt_frame = mgmt,
@ -208,7 +208,7 @@ probe/assoc/auth requests via object subscribe.
if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) {
wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)",
@@ -2998,6 +3003,13 @@ static void handle_auth(struct hostapd_d
@@ -3078,6 +3083,13 @@ static void handle_auth(struct hostapd_d
resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
goto fail;
}
@ -222,7 +222,7 @@ probe/assoc/auth requests via object subscribe.
if (res == HOSTAPD_ACL_PENDING)
return;
@@ -5242,7 +5254,7 @@ static void handle_assoc(struct hostapd_
@@ -5338,7 +5350,7 @@ static void handle_assoc(struct hostapd_
int resp = WLAN_STATUS_SUCCESS;
u16 reply_res = WLAN_STATUS_UNSPECIFIED_FAILURE;
const u8 *pos;
@ -231,7 +231,7 @@ probe/assoc/auth requests via object subscribe.
struct sta_info *sta;
u8 *tmp = NULL;
#ifdef CONFIG_FILS
@@ -5484,6 +5496,11 @@ static void handle_assoc(struct hostapd_
@@ -5580,6 +5592,11 @@ static void handle_assoc(struct hostapd_
left = res;
}
#endif /* CONFIG_FILS */
@ -243,9 +243,9 @@ probe/assoc/auth requests via object subscribe.
/* followed by SSID and Supported rates; and HT capabilities if 802.11n
* is used */
@@ -5586,6 +5603,13 @@ static void handle_assoc(struct hostapd_
@@ -5682,6 +5699,13 @@ static void handle_assoc(struct hostapd_
if (set_beacon)
ieee802_11_set_beacons(hapd->iface);
ieee802_11_update_beacons(hapd->iface);
+ ubus_resp = hostapd_ubus_handle_event(hapd, &req);
+ if (ubus_resp) {
@ -257,7 +257,7 @@ probe/assoc/auth requests via object subscribe.
fail:
/*
@@ -5836,6 +5860,7 @@ static void handle_disassoc(struct hosta
@@ -5911,6 +5935,7 @@ static void handle_disassoc(struct hosta
(unsigned long) len);
return;
}
@ -265,7 +265,7 @@ probe/assoc/auth requests via object subscribe.
sta = ap_get_sta(hapd, mgmt->sa);
if (!sta) {
@@ -5867,6 +5892,8 @@ static void handle_deauth(struct hostapd
@@ -5942,6 +5967,8 @@ static void handle_deauth(struct hostapd
/* Clear the PTKSA cache entries for PASN */
ptksa_cache_flush(hapd->ptksa, mgmt->sa, WPA_CIPHER_NONE);
@ -286,19 +286,18 @@ probe/assoc/auth requests via object subscribe.
}
@@ -352,6 +355,9 @@ void hostapd_handle_radio_measurement(st
mgmt->u.action.u.rrm.action, MAC2STR(mgmt->sa));
switch (mgmt->u.action.u.rrm.action) {
+ case WLAN_RRM_LINK_MEASUREMENT_REPORT:
+ hostapd_ubus_handle_link_measurement(hapd, buf, len);
+ break;
case WLAN_RRM_RADIO_MEASUREMENT_REPORT:
hostapd_handle_radio_msmt_report(hapd, buf, len);
@@ -406,7 +409,7 @@ void hostapd_handle_radio_measurement(st
hostapd_handle_nei_report_req(hapd, buf, len);
break;
case WLAN_RRM_LINK_MEASUREMENT_REPORT:
- hostapd_handle_link_mesr_report(hapd, buf, len);
+ hostapd_ubus_handle_link_measurement(hapd, buf, len);
break;
default:
wpa_printf(MSG_DEBUG, "RRM action %u is not supported",
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
@@ -476,6 +476,7 @@ void ap_handle_timer(void *eloop_ctx, vo
@@ -542,6 +542,7 @@ void ap_handle_timer(void *eloop_ctx, vo
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_INFO, "deauthenticated due to "
"local deauth request");
@ -306,7 +305,7 @@ probe/assoc/auth requests via object subscribe.
ap_free_sta(hapd, sta);
return;
}
@@ -631,6 +632,7 @@ skip_poll:
@@ -699,6 +700,7 @@ skip_poll:
mlme_deauthenticate_indication(
hapd, sta,
WLAN_REASON_PREV_AUTH_NOT_VALID);
@ -314,7 +313,7 @@ probe/assoc/auth requests via object subscribe.
ap_free_sta(hapd, sta);
break;
}
@@ -1448,15 +1450,28 @@ void ap_sta_set_authorized_event(struct
@@ -1521,15 +1523,28 @@ void ap_sta_set_authorized_event(struct
os_snprintf(buf, sizeof(buf), MACSTR, MAC2STR(sta->addr));
if (authorized) {
@ -343,7 +342,7 @@ probe/assoc/auth requests via object subscribe.
#ifdef CONFIG_P2P
if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) {
os_snprintf(ip_addr, sizeof(ip_addr),
@@ -1467,6 +1482,13 @@ void ap_sta_set_authorized_event(struct
@@ -1540,6 +1555,13 @@ void ap_sta_set_authorized_event(struct
}
#endif /* CONFIG_P2P */
@ -357,7 +356,7 @@ probe/assoc/auth requests via object subscribe.
keyid = ap_sta_wpa_get_keyid(hapd, sta);
if (keyid) {
os_snprintf(keyid_buf, sizeof(keyid_buf),
@@ -1485,17 +1507,19 @@ void ap_sta_set_authorized_event(struct
@@ -1558,17 +1580,19 @@ void ap_sta_set_authorized_event(struct
dpp_pkhash, SHA256_MAC_LEN);
}
@ -383,7 +382,7 @@ probe/assoc/auth requests via object subscribe.
hapd->msg_ctx_parent != hapd->msg_ctx)
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
@@ -319,6 +319,7 @@ struct sta_info {
@@ -317,6 +317,7 @@ struct sta_info {
#endif /* CONFIG_TESTING_OPTIONS */
#ifdef CONFIG_AIRTIME_POLICY
unsigned int airtime_weight;
@ -471,7 +470,7 @@ probe/assoc/auth requests via object subscribe.
}
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
@@ -275,6 +275,7 @@ static void hostapd_wpa_auth_psk_failure
@@ -279,6 +279,7 @@ static void hostapd_wpa_auth_psk_failure
struct hostapd_data *hapd = ctx;
wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_POSSIBLE_PSK_MISMATCH MACSTR,
MAC2STR(addr));
@ -629,7 +628,7 @@ probe/assoc/auth requests via object subscribe.
+}
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -189,6 +189,13 @@ ifdef CONFIG_EAPOL_TEST
@@ -191,6 +191,13 @@ ifdef CONFIG_EAPOL_TEST
CFLAGS += -Werror -DEAPOL_TEST
endif
@ -643,7 +642,7 @@ probe/assoc/auth requests via object subscribe.
ifdef CONFIG_CODE_COVERAGE
CFLAGS += -O0 -fprofile-arcs -ftest-coverage -U_FORTIFY_SOURCE
LIBS += -lgcov
@@ -1042,6 +1049,9 @@ ifdef CONFIG_CTRL_IFACE_MIB
@@ -1043,6 +1050,9 @@ ifdef CONFIG_CTRL_IFACE_MIB
CFLAGS += -DCONFIG_CTRL_IFACE_MIB
endif
OBJS += ../src/ap/ctrl_iface_ap.o
@ -676,7 +675,7 @@ probe/assoc/auth requests via object subscribe.
break;
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -7716,6 +7716,8 @@ struct wpa_supplicant * wpa_supplicant_a
@@ -7847,6 +7847,8 @@ struct wpa_supplicant * wpa_supplicant_a
}
#endif /* CONFIG_P2P */
@ -685,7 +684,7 @@ probe/assoc/auth requests via object subscribe.
return wpa_s;
}
@@ -7742,6 +7744,8 @@ int wpa_supplicant_remove_iface(struct w
@@ -7873,6 +7875,8 @@ int wpa_supplicant_remove_iface(struct w
struct wpa_supplicant *parent = wpa_s->parent;
#endif /* CONFIG_MESH */
@ -694,7 +693,7 @@ probe/assoc/auth requests via object subscribe.
/* Remove interface from the global list of interfaces */
prev = global->ifaces;
if (prev == wpa_s) {
@@ -8088,8 +8092,12 @@ int wpa_supplicant_run(struct wpa_global
@@ -8219,8 +8223,12 @@ int wpa_supplicant_run(struct wpa_global
eloop_register_signal_terminate(wpa_supplicant_terminate, global);
eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);

76
package/network/services/hostapd/patches/601-ucode_support.patch
View File

@ -8,7 +8,7 @@ as adding/removing interfaces.
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -168,9 +168,21 @@ OBJS += ../src/eapol_auth/eapol_auth_sm.
@@ -169,9 +169,21 @@ OBJS += ../src/eapol_auth/eapol_auth_sm.
ifdef CONFIG_UBUS
CFLAGS += -DUBUS_SUPPORT
@ -34,7 +34,7 @@ as adding/removing interfaces.
ifdef CONFIG_CODE_COVERAGE
--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
@@ -5487,6 +5487,7 @@ try_again:
@@ -5603,6 +5603,7 @@ try_again:
return -1;
}
@ -42,7 +42,7 @@ as adding/removing interfaces.
wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
return 0;
@@ -5588,6 +5589,7 @@ fail:
@@ -5704,6 +5705,7 @@ fail:
os_free(fname);
interface->global_ctrl_sock = s;
@ -52,7 +52,7 @@ as adding/removing interfaces.
--- a/hostapd/main.c
+++ b/hostapd/main.c
@@ -1014,6 +1014,7 @@ int main(int argc, char *argv[])
@@ -1024,6 +1024,7 @@ int main(int argc, char *argv[])
}
hostapd_global_ctrl_iface_init(&interfaces);
@ -60,7 +60,7 @@ as adding/removing interfaces.
if (hostapd_global_run(&interfaces, daemonize, pid_file)) {
wpa_printf(MSG_ERROR, "Failed to start eloop");
@@ -1023,6 +1024,7 @@ int main(int argc, char *argv[])
@@ -1033,6 +1034,7 @@ int main(int argc, char *argv[])
ret = 0;
out:
@ -70,7 +70,7 @@ as adding/removing interfaces.
for (i = 0; i < interfaces.count; i++) {
--- a/src/ap/ap_drv_ops.h
+++ b/src/ap/ap_drv_ops.h
@@ -399,6 +399,23 @@ static inline int hostapd_drv_stop_ap(st
@@ -404,6 +404,23 @@ static inline int hostapd_drv_stop_ap(st
return hapd->driver->stop_ap(hapd->drv_priv, link_id);
}
@ -105,7 +105,7 @@ as adding/removing interfaces.
if (iface->config_fname == NULL) {
/* Only in-memory config in use - assume it has been updated */
hostapd_clear_old(iface);
@@ -493,6 +495,7 @@ void hostapd_free_hapd_data(struct hosta
@@ -475,6 +477,7 @@ void hostapd_free_hapd_data(struct hosta
hapd->beacon_set_done = 0;
wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface);
@ -113,7 +113,7 @@ as adding/removing interfaces.
hostapd_ubus_free_bss(hapd);
accounting_deinit(hapd);
hostapd_deinit_wpa(hapd);
@@ -687,6 +690,7 @@ void hostapd_cleanup_iface_partial(struc
@@ -716,6 +719,7 @@ void hostapd_cleanup_iface_partial(struc
static void hostapd_cleanup_iface(struct hostapd_iface *iface)
{
wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface);
@ -121,7 +121,7 @@ as adding/removing interfaces.
eloop_cancel_timeout(hostapd_interface_setup_failure_handler, iface,
NULL);
@@ -1276,6 +1280,7 @@ static int hostapd_start_beacon(struct h
@@ -1305,6 +1309,7 @@ static int hostapd_start_beacon(struct h
hapd->driver->set_operstate(hapd->drv_priv, 1);
hostapd_ubus_add_bss(hapd);
@ -129,7 +129,7 @@ as adding/removing interfaces.
return 0;
}
@@ -1298,8 +1303,7 @@ static int hostapd_start_beacon(struct h
@@ -1380,8 +1385,7 @@ static int hostapd_bss_radius_init(struc
* initialized. Most of the modules that are initialized here will be
* deinitialized in hostapd_cleanup().
*/
@ -139,7 +139,7 @@ as adding/removing interfaces.
{
struct hostapd_bss_config *conf = hapd->conf;
u8 ssid[SSID_MAX_LEN + 1];
@@ -2790,7 +2794,7 @@ hostapd_alloc_bss_data(struct hostapd_if
@@ -2904,7 +2908,7 @@ hostapd_alloc_bss_data(struct hostapd_if
}
@ -148,7 +148,7 @@ as adding/removing interfaces.
{
if (!hapd)
return;
@@ -3608,7 +3612,8 @@ int hostapd_remove_iface(struct hapd_int
@@ -3953,7 +3957,8 @@ int hostapd_remove_iface(struct hapd_int
hapd_iface = interfaces->iface[i];
if (hapd_iface == NULL)
return -1;
@ -168,7 +168,7 @@ as adding/removing interfaces.
#define OCE_STA_CFON_ENABLED(hapd) \
((hapd->conf->oce & OCE_STA_CFON) && \
@@ -51,6 +52,10 @@ struct hapd_interfaces {
@@ -52,6 +53,10 @@ struct hapd_interfaces {
struct hostapd_config * (*config_read_cb)(const char *config_fname);
int (*ctrl_iface_init)(struct hostapd_data *hapd);
void (*ctrl_iface_deinit)(struct hostapd_data *hapd);
@ -179,7 +179,7 @@ as adding/removing interfaces.
int (*for_each_interface)(struct hapd_interfaces *interfaces,
int (*cb)(struct hostapd_iface *iface,
void *ctx), void *ctx);
@@ -186,6 +191,7 @@ struct hostapd_data {
@@ -191,6 +196,7 @@ struct hostapd_data {
struct hostapd_config *iconf;
struct hostapd_bss_config *conf;
struct hostapd_ubus_bss ubus;
@ -187,7 +187,7 @@ as adding/removing interfaces.
int interface_added; /* virtual interface added for this BSS */
unsigned int started:1;
unsigned int disabled:1;
@@ -518,6 +524,7 @@ struct hostapd_sta_info {
@@ -548,6 +554,7 @@ struct hostapd_mld {
*/
struct hostapd_iface {
struct hapd_interfaces *interfaces;
@ -195,7 +195,7 @@ as adding/removing interfaces.
void *owner;
char *config_fname;
struct hostapd_config *conf;
@@ -718,6 +725,8 @@ struct hostapd_iface * hostapd_init(stru
@@ -754,6 +761,8 @@ struct hostapd_iface * hostapd_init(stru
struct hostapd_iface *
hostapd_interface_init_bss(struct hapd_interfaces *interfaces, const char *phy,
const char *config_fname, int debug);
@ -206,7 +206,7 @@ as adding/removing interfaces.
void hostapd_interface_deinit_free(struct hostapd_iface *iface);
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -3856,6 +3856,25 @@ struct wpa_driver_ops {
@@ -3893,6 +3893,25 @@ struct wpa_driver_ops {
const char *ifname);
/**
@ -232,7 +232,7 @@ as adding/removing interfaces.
* set_sta_vlan - Bind a station into a specific interface (AP only)
* @priv: Private driver interface data
* @ifname: Interface (main or virtual BSS or VLAN)
@@ -6510,6 +6529,7 @@ union wpa_event_data {
@@ -6593,6 +6612,7 @@ union wpa_event_data {
/**
* struct ch_switch
@ -240,7 +240,7 @@ as adding/removing interfaces.
* @freq: Frequency of new channel in MHz
* @ht_enabled: Whether this is an HT channel
* @ch_offset: Secondary channel offset
@@ -6520,6 +6540,7 @@ union wpa_event_data {
@@ -6603,6 +6623,7 @@ union wpa_event_data {
* @punct_bitmap: Puncturing bitmap
*/
struct ch_switch {
@ -338,7 +338,7 @@ as adding/removing interfaces.
nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
no_seq_check, NULL);
nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
@@ -8554,6 +8575,7 @@ static void *i802_init(struct hostapd_da
@@ -8573,6 +8594,7 @@ static void *i802_init(struct hostapd_da
char master_ifname[IFNAMSIZ];
int ifindex, br_ifindex = 0;
int br_added = 0;
@ -346,7 +346,7 @@ as adding/removing interfaces.
bss = wpa_driver_nl80211_drv_init(hapd, params->ifname,
params->global_priv, 1,
@@ -8613,21 +8635,17 @@ static void *i802_init(struct hostapd_da
@@ -8632,21 +8654,17 @@ static void *i802_init(struct hostapd_da
(params->num_bridge == 0 || !params->bridge[0]))
add_ifidx(drv, br_ifindex, drv->ifindex);
@ -378,7 +378,7 @@ as adding/removing interfaces.
}
if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) {
@@ -8992,6 +9010,50 @@ static int wpa_driver_nl80211_if_remove(
@@ -9015,6 +9033,50 @@ static int wpa_driver_nl80211_if_remove(
return 0;
}
@ -429,8 +429,8 @@ as adding/removing interfaces.
static int cookie_handler(struct nl_msg *msg, void *arg)
{
@@ -10688,6 +10750,37 @@ static int driver_nl80211_if_remove(void
}
@@ -10803,6 +10865,37 @@ static bool nl80211_is_drv_shared(void *
#endif /* CONFIG_IEEE80211BE */
+static int driver_nl80211_if_rename(void *priv, enum wpa_driver_if_type type,
@ -467,7 +467,7 @@ as adding/removing interfaces.
static int driver_nl80211_send_mlme(void *priv, const u8 *data,
size_t data_len, int noack,
unsigned int freq,
@@ -13881,6 +13974,8 @@ const struct wpa_driver_ops wpa_driver_n
@@ -14040,6 +14133,8 @@ const struct wpa_driver_ops wpa_driver_n
.set_acl = wpa_driver_nl80211_set_acl,
.if_add = wpa_driver_nl80211_if_add,
.if_remove = driver_nl80211_if_remove,
@ -493,9 +493,9 @@ as adding/removing interfaces.
+ if (count)
+ data.ch_switch.count = nla_get_u32(count);
if (finished)
bss->flink->freq = data.ch_switch.freq;
@@ -3961,6 +3964,7 @@ static void do_process_drv_event(struct
if (link)
data.ch_switch.link_id = nla_get_u8(link);
@@ -3999,6 +4002,7 @@ static void do_process_drv_event(struct
tb[NL80211_ATTR_CENTER_FREQ1],
tb[NL80211_ATTR_CENTER_FREQ2],
tb[NL80211_ATTR_PUNCT_BITMAP],
@ -503,7 +503,7 @@ as adding/removing interfaces.
0);
break;
case NL80211_CMD_CH_SWITCH_NOTIFY:
@@ -3973,6 +3977,7 @@ static void do_process_drv_event(struct
@@ -4011,6 +4015,7 @@ static void do_process_drv_event(struct
tb[NL80211_ATTR_CENTER_FREQ1],
tb[NL80211_ATTR_CENTER_FREQ2],
tb[NL80211_ATTR_PUNCT_BITMAP],
@ -562,7 +562,7 @@ as adding/removing interfaces.
extern int wpa_debug_timestamp;
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -192,8 +192,20 @@ endif
@@ -194,8 +194,20 @@ endif
ifdef CONFIG_UBUS
CFLAGS += -DUBUS_SUPPORT
OBJS += ubus.o
@ -584,7 +584,7 @@ as adding/removing interfaces.
endif
ifdef CONFIG_CODE_COVERAGE
@@ -1052,6 +1064,9 @@ OBJS += ../src/ap/ctrl_iface_ap.o
@@ -1053,6 +1065,9 @@ OBJS += ../src/ap/ctrl_iface_ap.o
ifdef CONFIG_UBUS
OBJS += ../src/ap/ubus.o
endif
@ -596,7 +596,7 @@ as adding/removing interfaces.
CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -5949,6 +5949,7 @@ void supplicant_event(void *ctx, enum wp
@@ -6015,6 +6015,7 @@ void supplicant_event(void *ctx, enum wp
event_to_string(event), event);
#endif /* CONFIG_NO_STDOUT_DEBUG */
@ -606,7 +606,7 @@ as adding/removing interfaces.
#ifdef CONFIG_FST
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -1060,6 +1060,7 @@ void wpa_supplicant_set_state(struct wpa
@@ -1148,6 +1148,7 @@ void wpa_supplicant_set_state(struct wpa
sme_sched_obss_scan(wpa_s, 0);
}
wpa_s->wpa_state = state;
@ -614,7 +614,7 @@ as adding/removing interfaces.
#ifdef CONFIG_BGSCAN
if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid)
@@ -7717,6 +7718,7 @@ struct wpa_supplicant * wpa_supplicant_a
@@ -7848,6 +7849,7 @@ struct wpa_supplicant * wpa_supplicant_a
#endif /* CONFIG_P2P */
wpas_ubus_add_bss(wpa_s);
@ -622,7 +622,7 @@ as adding/removing interfaces.
return wpa_s;
}
@@ -7744,6 +7746,7 @@ int wpa_supplicant_remove_iface(struct w
@@ -7875,6 +7877,7 @@ int wpa_supplicant_remove_iface(struct w
struct wpa_supplicant *parent = wpa_s->parent;
#endif /* CONFIG_MESH */
@ -630,7 +630,7 @@ as adding/removing interfaces.
wpas_ubus_free_bss(wpa_s);
/* Remove interface from the global list of interfaces */
@@ -8054,6 +8057,7 @@ struct wpa_global * wpa_supplicant_init(
@@ -8185,6 +8188,7 @@ struct wpa_global * wpa_supplicant_init(
eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
wpas_periodic, global, NULL);
@ -638,7 +638,7 @@ as adding/removing interfaces.
return global;
}
@@ -8092,12 +8096,8 @@ int wpa_supplicant_run(struct wpa_global
@@ -8223,12 +8227,8 @@ int wpa_supplicant_run(struct wpa_global
eloop_register_signal_terminate(wpa_supplicant_terminate, global);
eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
@ -651,7 +651,7 @@ as adding/removing interfaces.
return 0;
}
@@ -8130,6 +8130,8 @@ void wpa_supplicant_deinit(struct wpa_gl
@@ -8261,6 +8261,8 @@ void wpa_supplicant_deinit(struct wpa_gl
wpas_notify_supplicant_deinitialized(global);

2
package/network/services/hostapd/patches/701-reload_config_inline.patch
View File

@ -8,7 +8,7 @@ as adding/removing interfaces.
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -5065,7 +5065,12 @@ struct hostapd_config * hostapd_config_r
@@ -5132,7 +5132,12 @@ struct hostapd_config * hostapd_config_r
int errors = 0;
size_t i;

2
package/network/services/hostapd/patches/710-vlan_no_bridge.patch
View File

@ -8,7 +8,7 @@ was provided by the config
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -3559,6 +3559,8 @@ static int hostapd_config_fill(struct ho
@@ -3583,6 +3583,8 @@ static int hostapd_config_fill(struct ho
#ifndef CONFIG_NO_VLAN
} else if (os_strcmp(buf, "dynamic_vlan") == 0) {
bss->ssid.dynamic_vlan = atoi(pos);

2
package/network/services/hostapd/patches/711-wds_bridge_force.patch
View File

@ -22,7 +22,7 @@ instead rely entirely on netifd handling this properly
} else if (os_strcmp(buf, "vlan_bridge") == 0) {
--- a/src/ap/ap_drv_ops.c
+++ b/src/ap/ap_drv_ops.c
@@ -387,8 +387,6 @@ int hostapd_set_wds_sta(struct hostapd_d
@@ -390,8 +390,6 @@ int hostapd_set_wds_sta(struct hostapd_d
return -1;
if (hapd->conf->wds_bridge[0])
bridge = hapd->conf->wds_bridge;

8
package/network/services/hostapd/patches/720-iface_max_num_sta.patch
View File

@ -8,7 +8,7 @@ full device, e.g. in order to deal with hardware/driver limitations
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -3041,6 +3041,14 @@ static int hostapd_config_fill(struct ho
@@ -3065,6 +3065,14 @@ static int hostapd_config_fill(struct ho
line, bss->max_num_sta, MAX_STA_COUNT);
return 1;
}
@ -25,7 +25,7 @@ full device, e.g. in order to deal with hardware/driver limitations
} else if (os_strcmp(buf, "extended_key_id") == 0) {
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -1057,6 +1057,8 @@ struct hostapd_config {
@@ -1072,6 +1072,8 @@ struct hostapd_config {
unsigned int track_sta_max_num;
unsigned int track_sta_max_age;
@ -36,7 +36,7 @@ full device, e.g. in order to deal with hardware/driver limitations
* ' ' (ascii 32): all environments
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
@@ -1567,7 +1567,7 @@ void handle_probe_req(struct hostapd_dat
@@ -1573,7 +1573,7 @@ void handle_probe_req(struct hostapd_dat
if (hapd->conf->no_probe_resp_if_max_sta &&
is_multicast_ether_addr(mgmt->da) &&
is_multicast_ether_addr(mgmt->bssid) &&
@ -79,7 +79,7 @@ full device, e.g. in order to deal with hardware/driver limitations
{
--- a/src/ap/hostapd.h
+++ b/src/ap/hostapd.h
@@ -754,6 +754,7 @@ void hostapd_cleanup_cs_params(struct ho
@@ -790,6 +790,7 @@ void hostapd_cleanup_cs_params(struct ho
void hostapd_periodic_iface(struct hostapd_iface *iface);
int hostapd_owe_trans_get_info(struct hostapd_data *hapd);
void hostapd_ocv_check_csa_sa_query(void *eloop_ctx, void *timeout_ctx);

4
package/network/services/hostapd/patches/730-ft_iface.patch
View File

@ -8,7 +8,7 @@ a VLAN interface on top of the bridge, instead of using the bridge directly
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -3200,6 +3200,8 @@ static int hostapd_config_fill(struct ho
@@ -3224,6 +3224,8 @@ static int hostapd_config_fill(struct ho
wpa_printf(MSG_INFO,
"Line %d: Obsolete peerkey parameter ignored", line);
#ifdef CONFIG_IEEE80211R_AP
@ -29,7 +29,7 @@ a VLAN interface on top of the bridge, instead of using the bridge directly
int bridge_hairpin; /* hairpin_mode on bridge members */
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
@@ -1777,8 +1777,12 @@ int hostapd_setup_wpa(struct hostapd_dat
@@ -1763,8 +1763,12 @@ int hostapd_setup_wpa(struct hostapd_dat
wpa_key_mgmt_ft(hapd->conf->wpa_key_mgmt)) {
const char *ft_iface;

8
package/network/services/hostapd/patches/740-snoop_iface.patch
View File

@ -29,7 +29,7 @@ untagged DHCP packets
int bridge_hairpin; /* hairpin_mode on bridge members */
--- a/src/ap/ap_drv_ops.h
+++ b/src/ap/ap_drv_ops.h
@@ -366,12 +366,12 @@ static inline int hostapd_drv_br_port_se
@@ -371,12 +371,12 @@ static inline int hostapd_drv_br_port_se
static inline int hostapd_drv_br_set_net_param(struct hostapd_data *hapd,
enum drv_br_net_param param,
@ -112,7 +112,7 @@ untagged DHCP packets
hapd->x_snoop_initialized = false;
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -4278,7 +4278,7 @@ struct wpa_driver_ops {
@@ -4315,7 +4315,7 @@ struct wpa_driver_ops {
* Returns: 0 on success, negative (<0) on failure
*/
int (*br_set_net_param)(void *priv, enum drv_br_net_param param,
@ -123,7 +123,7 @@ untagged DHCP packets
* get_wowlan - Get wake-on-wireless status
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -12376,7 +12376,7 @@ static const char * drv_br_net_param_str
@@ -12503,7 +12503,7 @@ static const char * drv_br_net_param_str
static int wpa_driver_br_set_net_param(void *priv, enum drv_br_net_param param,
@ -132,7 +132,7 @@ untagged DHCP packets
{
struct i802_bss *bss = priv;
char path[128];
@@ -12402,8 +12402,11 @@ static int wpa_driver_br_set_net_param(v
@@ -12529,8 +12529,11 @@ static int wpa_driver_br_set_net_param(v
return -EINVAL;
}

19
package/network/services/hostapd/patches/751-qos_map_ignore_when_unsupported.patch
View File

@ -1,19 +0,0 @@
From: Felix Fietkau <nbd@nbd.name>
Date: Thu, 23 Dec 2021 19:18:33 +0100
Subject: [PATCH] hostapd: only attempt to set qos map if supported by the
driver
Fixes issues with brcmfmac
--- a/src/ap/ap_drv_ops.c
+++ b/src/ap/ap_drv_ops.c
@@ -998,7 +998,8 @@ int hostapd_start_dfs_cac(struct hostapd
int hostapd_drv_set_qos_map(struct hostapd_data *hapd,
const u8 *qos_map_set, u8 qos_map_set_len)
{
- if (!hapd->driver || !hapd->driver->set_qos_map || !hapd->drv_priv)
+ if (!hapd->driver || !hapd->driver->set_qos_map || !hapd->drv_priv ||
+ !(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING))
return 0;
return hapd->driver->set_qos_map(hapd->drv_priv, qos_map_set,
qos_map_set_len);

6
package/network/services/hostapd/patches/760-dynamic_own_ip.patch
View File

@ -7,7 +7,7 @@ Some servers use the NAS-IP-Address attribute as a destination address
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -2819,6 +2819,8 @@ static int hostapd_config_fill(struct ho
@@ -2840,6 +2840,8 @@ static int hostapd_config_fill(struct ho
} else if (os_strcmp(buf, "iapp_interface") == 0) {
wpa_printf(MSG_INFO, "DEPRECATED: iapp_interface not used");
#endif /* CONFIG_IAPP */
@ -25,10 +25,10 @@ Some servers use the NAS-IP-Address attribute as a destination address
+ int dynamic_own_ip_addr;
char *nas_identifier;
struct hostapd_radius_servers *radius;
int acct_interim_interval;
int radius_require_message_authenticator;
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
@@ -601,6 +601,10 @@ int add_common_radius_attr(struct hostap
@@ -600,6 +600,10 @@ int add_common_radius_attr(struct hostap
struct hostapd_radius_attr *attr;
int len;

28
package/network/services/hostapd/patches/761-shared_das_port.patch
View File

@ -7,14 +7,14 @@ Use the NAS identifier to find the right receiver context on incoming messages
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -1510,6 +1510,7 @@ int hostapd_setup_bss(struct hostapd_dat
@@ -1366,6 +1366,7 @@ static int hostapd_bss_radius_init(struc
os_memset(&das_conf, 0, sizeof(das_conf));
das_conf.port = conf->radius_das_port;
+ das_conf.nas_identifier = conf->nas_identifier;
das_conf.shared_secret = conf->radius_das_shared_secret;
das_conf.shared_secret_len =
conf->radius_das_shared_secret_len;
os_memset(&das_conf, 0, sizeof(das_conf));
das_conf.port = conf->radius_das_port;
+ das_conf.nas_identifier = conf->nas_identifier;
das_conf.shared_secret = conf->radius_das_shared_secret;
das_conf.shared_secret_len =
conf->radius_das_shared_secret_len;
--- a/src/radius/radius_das.c
+++ b/src/radius/radius_das.c
@@ -12,13 +12,26 @@
@ -45,7 +45,7 @@ Use the NAS identifier to find the right receiver context on incoming messages
size_t shared_secret_len;
struct hostapd_ip_addr client_addr;
unsigned int time_window;
@@ -378,56 +391,17 @@ fail:
@@ -388,56 +401,17 @@ fail:
}
@ -108,7 +108,7 @@ Use the NAS identifier to find the right receiver context on incoming messages
if (radius_msg_verify_das_req(msg, das->shared_secret,
das->shared_secret_len,
@@ -494,9 +468,8 @@ static void radius_das_receive(int sock,
@@ -504,9 +478,8 @@ static void radius_das_receive(int sock,
radius_msg_dump(reply);
rbuf = radius_msg_get_buf(reply);
@ -120,7 +120,7 @@ Use the NAS identifier to find the right receiver context on incoming messages
if (res < 0) {
wpa_printf(MSG_ERROR, "DAS: sendto(to %s:%d): %s",
abuf, from_port, strerror(errno));
@@ -508,6 +481,72 @@ fail:
@@ -518,6 +491,72 @@ fail:
radius_msg_free(reply);
}
@ -193,7 +193,7 @@ Use the NAS identifier to find the right receiver context on incoming messages
static int radius_das_open_socket(int port)
{
@@ -533,6 +572,49 @@ static int radius_das_open_socket(int po
@@ -543,6 +582,49 @@ static int radius_das_open_socket(int po
}
@ -243,7 +243,7 @@ Use the NAS identifier to find the right receiver context on incoming messages
struct radius_das_data *
radius_das_init(struct radius_das_conf *conf)
{
@@ -553,6 +635,8 @@ radius_das_init(struct radius_das_conf *
@@ -563,6 +645,8 @@ radius_das_init(struct radius_das_conf *
das->ctx = conf->ctx;
das->disconnect = conf->disconnect;
das->coa = conf->coa;
@ -252,7 +252,7 @@ Use the NAS identifier to find the right receiver context on incoming messages
os_memcpy(&das->client_addr, conf->client_addr,
sizeof(das->client_addr));
@@ -565,19 +649,15 @@ radius_das_init(struct radius_das_conf *
@@ -575,19 +659,15 @@ radius_das_init(struct radius_das_conf *
}
das->shared_secret_len = conf->shared_secret_len;
@ -275,7 +275,7 @@ Use the NAS identifier to find the right receiver context on incoming messages
return das;
}
@@ -588,11 +668,14 @@ void radius_das_deinit(struct radius_das
@@ -598,11 +678,14 @@ void radius_das_deinit(struct radius_das
if (das == NULL)
return;

7
package/network/services/hostapd/patches/762-AP-don-t-ignore-probe-requests-with-invalid-DSSS-par.patch
View File

@ -26,11 +26,9 @@ Signed-off-by: David Bauer <mail@david-bauer.net>
src/ap/beacon.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/ap/beacon.c b/src/ap/beacon.c
index 8cd1c4170..bb9329085 100644
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
@@ -905,7 +905,7 @@ void handle_probe_req(struct hostapd_data *hapd,
@@ -1416,7 +1416,7 @@ void handle_probe_req(struct hostapd_dat
* is less likely to see them (Probe Request frame sent on a
* neighboring, but partially overlapping, channel).
*/
@ -39,6 +37,3 @@ index 8cd1c4170..bb9329085 100644
hapd->iface->current_mode &&
(hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G ||
hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211B) &&
--
2.43.0

8
package/network/services/hostapd/patches/770-radius_server.patch
View File

@ -29,7 +29,7 @@ handle reload.
#ifndef CONFIG_NO_HOSTAPD_LOGGER
static void hostapd_logger_cb(void *ctx, const u8 *addr, unsigned int module,
@@ -778,6 +779,11 @@ int main(int argc, char *argv[])
@@ -788,6 +789,11 @@ int main(int argc, char *argv[])
if (os_program_init())
return -1;
@ -119,7 +119,7 @@ handle reload.
sess->macacl = tmp->macacl;
eap_user_free(tmp);
@@ -1118,11 +1155,10 @@ radius_server_encapsulate_eap(struct rad
@@ -1123,11 +1160,10 @@ radius_server_encapsulate_eap(struct rad
}
if (code == RADIUS_CODE_ACCESS_ACCEPT) {
@ -135,7 +135,7 @@ handle reload.
wpa_printf(MSG_ERROR, "Could not add RADIUS attribute");
radius_msg_free(msg);
return NULL;
@@ -1211,11 +1247,10 @@ radius_server_macacl(struct radius_serve
@@ -1221,11 +1257,10 @@ radius_server_macacl(struct radius_serve
}
if (code == RADIUS_CODE_ACCESS_ACCEPT) {
@ -151,7 +151,7 @@ handle reload.
wpa_printf(MSG_ERROR, "Could not add RADIUS attribute");
radius_msg_free(msg);
return NULL;
@@ -2512,7 +2547,7 @@ static int radius_server_get_eap_user(vo
@@ -2527,7 +2562,7 @@ static int radius_server_get_eap_user(vo
ret = data->get_eap_user(data->conf_ctx, identity, identity_len,
phase2, user);
if (ret == 0 && user) {

51
package/network/services/hostapd/patches/780-Implement-APuP-Access-Point-Micro-Peering.patch
View File

@ -37,11 +37,9 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
create mode 100644 src/ap/apup.c
create mode 100644 src/ap/apup.h
diff --git a/hostapd/Makefile b/hostapd/Makefile
index 73048c1297..c890a7f29c 100644
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -1415,6 +1415,11 @@ ifdef CONFIG_NO_TKIP
@@ -1416,6 +1416,11 @@ ifdef CONFIG_NO_TKIP
CFLAGS += -DCONFIG_NO_TKIP
endif
@ -53,11 +51,9 @@ index 73048c1297..c890a7f29c 100644
$(DESTDIR)$(BINDIR)/%: %
install -D $(<) $(@)
diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index bba5b19164..ef906199ec 100644
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -5058,6 +5058,15 @@ static int hostapd_config_fill(struct hostapd_config *conf,
@@ -5125,6 +5125,15 @@ static int hostapd_config_fill(struct ho
bss->mld_indicate_disabled = atoi(pos);
#endif /* CONFIG_TESTING_OPTIONS */
#endif /* CONFIG_IEEE80211BE */
@ -73,11 +69,9 @@ index bba5b19164..ef906199ec 100644
} else {
wpa_printf(MSG_ERROR,
"Line %d: unknown configuration item '%s'",
diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h
index 0e52a9990d..9102db5ed0 100644
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -970,6 +970,35 @@ struct hostapd_bss_config {
@@ -985,6 +985,35 @@ struct hostapd_bss_config {
bool mld_indicate_disabled;
#endif /* CONFIG_TESTING_OPTIONS */
#endif /* CONFIG_IEEE80211BE */
@ -113,11 +107,9 @@ index 0e52a9990d..9102db5ed0 100644
};
/**
diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c
index e7396d9aea..0a49ae515e 100644
--- a/src/ap/ap_drv_ops.c
+++ b/src/ap/ap_drv_ops.c
@@ -382,13 +382,39 @@ int hostapd_set_wds_sta(struct hostapd_data *hapd, char *ifname_wds,
@@ -385,13 +385,39 @@ int hostapd_set_wds_sta(struct hostapd_d
const u8 *addr, int aid, int val)
{
const char *bridge = NULL;
@ -158,11 +150,9 @@ index e7396d9aea..0a49ae515e 100644
}
diff --git a/src/ap/ap_drv_ops.h b/src/ap/ap_drv_ops.h
index fa89d2398e..ab4dc8eb16 100644
--- a/src/ap/ap_drv_ops.h
+++ b/src/ap/ap_drv_ops.h
@@ -33,6 +33,9 @@ int hostapd_set_drv_ieee8021x(struct hostapd_data *hapd, const char *ifname,
@@ -35,6 +35,9 @@ int hostapd_set_drv_ieee8021x(struct hos
int enabled);
int hostapd_vlan_if_add(struct hostapd_data *hapd, const char *ifname);
int hostapd_vlan_if_remove(struct hostapd_data *hapd, const char *ifname);
@ -171,10 +161,7 @@ index fa89d2398e..ab4dc8eb16 100644
+ */
int hostapd_set_wds_sta(struct hostapd_data *hapd, char *ifname_wds,
const u8 *addr, int aid, int val);
diff --git a/src/ap/apup.c b/src/ap/apup.c
new file mode 100644
index 0000000000..3575f1b6c6
int hostapd_sta_add(struct hostapd_data *hapd,
--- /dev/null
+++ b/src/ap/apup.c
@@ -0,0 +1,152 @@
@ -330,9 +317,6 @@ index 0000000000..3575f1b6c6
+ " capabilities %d",
+ mIfname, sta_ret->flags, sta_ret->capability);
+}
diff --git a/src/ap/apup.h b/src/ap/apup.h
new file mode 100644
index 0000000000..a14a283bb4
--- /dev/null
+++ b/src/ap/apup.h
@@ -0,0 +1,24 @@
@ -360,8 +344,6 @@ index 0000000000..a14a283bb4
+void apup_process_beacon(struct hostapd_data *hapd,
+ const struct ieee80211_mgmt *mgmt, size_t len,
+ const struct ieee802_11_elems *elems );
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 1c4dd22da1..09254f18f2 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -59,6 +59,9 @@
@ -374,7 +356,7 @@ index 1c4dd22da1..09254f18f2 100644
#ifdef CONFIG_FILS
static struct wpabuf *
@@ -3469,8 +3472,8 @@ static u16 check_multi_ap(struct hostapd_data *hapd, struct sta_info *sta,
@@ -3562,8 +3565,8 @@ static u16 check_multi_ap(struct hostapd
}
@ -385,7 +367,7 @@ index 1c4dd22da1..09254f18f2 100644
{
/* Supported rates not used in IEEE 802.11ad/DMG */
if (hapd->iface->current_mode &&
@@ -3855,7 +3858,7 @@ static int __check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta,
@@ -3950,7 +3953,7 @@ static int __check_assoc_ies(struct host
elems->ext_capab_len);
if (resp != WLAN_STATUS_SUCCESS)
return resp;
@ -394,7 +376,7 @@ index 1c4dd22da1..09254f18f2 100644
if (resp != WLAN_STATUS_SUCCESS)
return resp;
@@ -5927,6 +5930,11 @@ static void handle_beacon(struct hostapd_data *hapd,
@@ -6002,6 +6005,11 @@ static void handle_beacon(struct hostapd
0);
ap_list_process_beacon(hapd->iface, mgmt, &elems, fi);
@ -406,11 +388,9 @@ index 1c4dd22da1..09254f18f2 100644
}
diff --git a/src/ap/ieee802_11.h b/src/ap/ieee802_11.h
index a35486d464..0861bef82e 100644
--- a/src/ap/ieee802_11.h
+++ b/src/ap/ieee802_11.h
@@ -108,6 +108,8 @@ int hostapd_process_ml_assoc_req_addr(struct hostapd_data *hapd,
@@ -108,6 +108,8 @@ int hostapd_process_ml_assoc_req_addr(st
const u8 *basic_mle, size_t basic_mle_len,
u8 *mld_addr);
int hostapd_get_aid(struct hostapd_data *hapd, struct sta_info *sta);
@ -419,11 +399,9 @@ index a35486d464..0861bef82e 100644
u16 copy_sta_ht_capab(struct hostapd_data *hapd, struct sta_info *sta,
const u8 *ht_capab);
u16 copy_sta_vendor_vht(struct hostapd_data *hapd, struct sta_info *sta,
diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index 1bbb9672cd..8d26561e97 100644
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -3976,7 +3976,7 @@ struct wpa_driver_ops {
@@ -4013,7 +4013,7 @@ struct wpa_driver_ops {
* Returns: 0 on success, -1 on failure
*/
int (*set_wds_sta)(void *priv, const u8 *addr, int aid, int val,
@ -432,11 +410,9 @@ index 1bbb9672cd..8d26561e97 100644
/**
* send_action - Transmit an Action frame
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index aeb1e6beef..b6e4ddd86d 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -8415,24 +8415,14 @@ static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx,
@@ -8434,24 +8434,14 @@ static int have_ifidx(struct wpa_driver_
static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val,
@ -463,6 +439,3 @@ index aeb1e6beef..b6e4ddd86d 100644
wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR
" aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name);
if (val) {
--
2.44.2

15
package/network/services/hostapd/patches/790-APuP-add-ubus-notification-when-a-peer-comes-up.patch
View File

@ -13,8 +13,6 @@ Signed-off-by: Gioacchino Mazzurco <gio@polymathes.cc>
src/ap/ubus.h | 5 +++++
3 files changed, 28 insertions(+)
diff --git a/src/ap/apup.c b/src/ap/apup.c
index 3575f1b6c6..3a3991f4d6 100644
--- a/src/ap/apup.c
+++ b/src/ap/apup.c
@@ -23,6 +23,10 @@
@ -28,7 +26,7 @@ index 3575f1b6c6..3a3991f4d6 100644
void apup_process_beacon(struct hostapd_data *hapd,
const struct ieee80211_mgmt *mgmt, size_t len,
const struct ieee802_11_elems *elems )
@@ -149,4 +153,8 @@ void apup_process_beacon(struct hostapd_data *hapd,
@@ -149,4 +153,8 @@ void apup_process_beacon(struct hostapd_
"apup_process_beacon(...) Added APuP peer at %s with flags: %d,"
" capabilities %d",
mIfname, sta_ret->flags, sta_ret->capability);
@ -37,11 +35,9 @@ index 3575f1b6c6..3a3991f4d6 100644
+ hostapd_ubus_notify_apup_newpeer(hapd, mgmt->bssid, mIfname);
+#endif
}
diff --git a/src/ap/ubus.c b/src/ap/ubus.c
index 8689494bcf..f21516fc3c 100644
--- a/src/ap/ubus.c
+++ b/src/ap/ubus.c
@@ -2004,3 +2004,18 @@ int hostapd_ubus_notify_bss_transition_query(
@@ -2004,3 +2004,18 @@ int hostapd_ubus_notify_bss_transition_q
return ureq.resp;
#endif
}
@ -60,11 +56,9 @@ index 8689494bcf..f21516fc3c 100644
+ ubus_notify(ctx, &hapd->ubus.obj, "apup-newpeer", b.head, -1);
+}
+#endif // def CONFIG_APUP
diff --git a/src/ap/ubus.h b/src/ap/ubus.h
index 22767d67ee..1c65e4dcb9 100644
--- a/src/ap/ubus.h
+++ b/src/ap/ubus.h
@@ -71,6 +71,11 @@ int hostapd_ubus_notify_bss_transition_query(
@@ -71,6 +71,11 @@ int hostapd_ubus_notify_bss_transition_q
void hostapd_ubus_notify_authorized(struct hostapd_data *hapd, struct sta_info *sta,
const char *auth_alg);
@ -76,6 +70,3 @@ index 22767d67ee..1c65e4dcb9 100644
#else
struct hostapd_ubus_bss {};
--
2.44.2

15
package/network/services/hostapd/patches/800-APuP-add-ucode-hook-for-when-a-peer-comes-up.patch
View File

@ -10,8 +10,6 @@ Signed-off-by: Gioacchino Mazzurco <gio@polymathes.cc>
src/ap/ucode.h | 4 ++++
3 files changed, 29 insertions(+)
diff --git a/src/ap/apup.c b/src/ap/apup.c
index 3a3991f4d6..f736ddc8e3 100644
--- a/src/ap/apup.c
+++ b/src/ap/apup.c
@@ -27,6 +27,10 @@
@ -25,7 +23,7 @@ index 3a3991f4d6..f736ddc8e3 100644
void apup_process_beacon(struct hostapd_data *hapd,
const struct ieee80211_mgmt *mgmt, size_t len,
const struct ieee802_11_elems *elems )
@@ -157,4 +161,8 @@ void apup_process_beacon(struct hostapd_data *hapd,
@@ -157,4 +161,8 @@ void apup_process_beacon(struct hostapd_
#ifdef UBUS_SUPPORT
hostapd_ubus_notify_apup_newpeer(hapd, mgmt->bssid, mIfname);
#endif
@ -34,11 +32,9 @@ index 3a3991f4d6..f736ddc8e3 100644
+ hostapd_ucode_apup_newpeer(hapd, mIfname);
+#endif
}
diff --git a/src/ap/ucode.c b/src/ap/ucode.c
index d344190208..391002feae 100644
--- a/src/ap/ucode.c
+++ b/src/ap/ucode.c
@@ -811,3 +811,20 @@ void hostapd_ucode_free_bss(struct hostapd_data *hapd)
@@ -815,3 +815,20 @@ void hostapd_ucode_free_bss(struct hosta
ucv_put(wpa_ucode_call(2));
ucv_gc(vm);
}
@ -59,11 +55,9 @@ index d344190208..391002feae 100644
+ ucv_gc(vm);
+}
+#endif // def CONFIG_APUP
diff --git a/src/ap/ucode.h b/src/ap/ucode.h
index d00b787169..c9bdde6516 100644
--- a/src/ap/ucode.h
+++ b/src/ap/ucode.h
@@ -27,6 +27,10 @@ void hostapd_ucode_add_bss(struct hostapd_data *hapd);
@@ -27,6 +27,10 @@ void hostapd_ucode_add_bss(struct hostap
void hostapd_ucode_free_bss(struct hostapd_data *hapd);
void hostapd_ucode_reload_bss(struct hostapd_data *hapd);
@ -74,6 +68,3 @@ index d00b787169..c9bdde6516 100644
#else
static inline int hostapd_ucode_init(struct hapd_interfaces *ifaces)
--
2.44.2

43
package/network/services/hostapd/patches/800-SAE-Check-for-invalid-Rejected-Groups-element-length.patch
View File

@ -1,43 +0,0 @@
From 364c2da8741f0979dae497551e70b94c0e6c8636 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sun, 7 Jul 2024 11:46:49 +0300
Subject: [PATCH] SAE: Check for invalid Rejected Groups element length
explicitly
Instead of practically ignoring an odd octet at the end of the element,
check for such invalid case explicitly. This is needed to avoid a
potential group downgrade attack.
Signed-off-by: Jouni Malinen <j@w1.fi>
---
src/ap/ieee802_11.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -1229,7 +1229,7 @@ static int check_sae_rejected_groups(str
struct sae_data *sae)
{
const struct wpabuf *groups;
- size_t i, count;
+ size_t i, count, len;
const u8 *pos;
if (!sae->tmp)
@@ -1239,7 +1239,15 @@ static int check_sae_rejected_groups(str
return 0;
pos = wpabuf_head(groups);
- count = wpabuf_len(groups) / 2;
+ len = wpabuf_len(groups);
+ if (len & 1) {
+ wpa_printf(MSG_DEBUG,
+ "SAE: Invalid length of the Rejected Groups element payload: %zu",
+ len);
+ return 1;
+ }
+
+ count = len / 2;
for (i = 0; i < count; i++) {
int enabled;
u16 group;

42
package/network/services/hostapd/patches/801-SAE-Check-for-invalid-Rejected-Groups-element-length.patch
View File

@ -1,42 +0,0 @@
From 593a7c2f8c93edd6b552f2d42e28164464b4e6ff Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Tue, 9 Jul 2024 23:33:38 +0300
Subject: [PATCH] SAE: Check for invalid Rejected Groups element length
explicitly on STA
Instead of practically ignoring an odd octet at the end of the element,
check for such invalid case explicitly. This is needed to avoid a
potential group downgrade attack.
Fixes: 444d76f74f65 ("SAE: Check that peer's rejected groups are not enabled")
Signed-off-by: Jouni Malinen <j@w1.fi>
---
wpa_supplicant/sme.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -1561,14 +1561,21 @@ static int sme_sae_is_group_enabled(stru
static int sme_check_sae_rejected_groups(struct wpa_supplicant *wpa_s,
const struct wpabuf *groups)
{
- size_t i, count;
+ size_t i, count, len;
const u8 *pos;
if (!groups)
return 0;
pos = wpabuf_head(groups);
- count = wpabuf_len(groups) / 2;
+ len = wpabuf_len(groups);
+ if (len & 1) {
+ wpa_printf(MSG_DEBUG,
+ "SAE: Invalid length of the Rejected Groups element payload: %zu",
+ len);
+ return 1;
+ }
+ count = len / 2;
for (i = 0; i < count; i++) {
int enabled;
u16 group;

30
package/network/services/hostapd/patches/802-SAE-Reject-invalid-Rejected-Groups-element-in-the-pa.patch
View File

@ -1,30 +0,0 @@
From 9716bf1160beb677e965d9e6475d6c9e162e8374 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Tue, 9 Jul 2024 23:34:34 +0300
Subject: [PATCH] SAE: Reject invalid Rejected Groups element in the parser
There is no need to depend on all uses (i.e., both hostapd and
wpa_supplicant) to verify that the length of the Rejected Groups field
in the Rejected Groups element is valid (i.e., a multiple of two octets)
since the common parser can reject the message when detecting this.
Signed-off-by: Jouni Malinen <j@w1.fi>
---
src/common/sae.c | 6 ++++++
1 file changed, 6 insertions(+)
--- a/src/common/sae.c
+++ b/src/common/sae.c
@@ -2120,6 +2120,12 @@ static int sae_parse_rejected_groups(str
return WLAN_STATUS_UNSPECIFIED_FAILURE;
epos++; /* skip ext ID */
len--;
+ if (len & 1) {
+ wpa_printf(MSG_DEBUG,
+ "SAE: Invalid length of the Rejected Groups element payload: %u",
+ len);
+ return WLAN_STATUS_UNSPECIFIED_FAILURE;
+ }
wpabuf_free(sae->tmp->peer_rejected_groups);
sae->tmp->peer_rejected_groups = wpabuf_alloc(len);