Difuse/difos
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

hostapd: update to version 2025-05-23

Browse source 
Manually refreshed:

301-mesh-noscan.patch
601-ucode_support.patch
770-radius_server.patch

Automatically rebased all other patches.

Signed-off-by: Agustin Lorenzo <agustin.lorenzo@thinco.es>
Link: https://github.com/openwrt/openwrt/pull/18426
Signed-off-by: Robert Marko <robimarko@gmail.com>
This commit is contained in:
Agustin Lorenzo 2025-04-06 21:44:21 +02:00 committed by Robert Marko
parent 48135ddd44
commit 70505e0e51
38 changed files with 277 additions and 272 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
package/network/services/hostapd/Makefile
View file

@ -9,9 +9,9 @@ PKG_RELEASE:=2
PKG_SOURCE_URL:=https://w1.fi/hostap.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_DATE:=2025-02-09
PKG_SOURCE_VERSION:=c8c7d56a3d3c4ca79bcbb6a87f372ce4bc2e9f11
PKG_MIRROR_HASH:=fafdef456a545bd1de0cbd7b68b520e5be7e70ad1aab7ef051b1fc5ccaaa012a
PKG_SOURCE_DATE:=2025-05-23
PKG_SOURCE_VERSION:=4b8ac10cb77c3d4dbf7ccefbe697dc0578da374c
PKG_MIRROR_HASH:=25a77ae4b26adef9c0d71c3b175445f246a4530e63563e81b8e19c2436934100
PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
PKG_LICENSE:=BSD-3-Clause

83
package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch
View file

@ -14,7 +14,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -2972,7 +2972,7 @@ static int drv_supports_vht(struct wpa_s
@@ -2963,7 +2963,7 @@ static int drv_supports_vht(struct wpa_s
}
@ -23,7 +23,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
{
int i;
@@ -2981,7 +2981,10 @@ static bool ibss_mesh_is_80mhz_avail(int
@@ -2972,7 +2972,10 @@ static bool ibss_mesh_is_80mhz_avail(int
chan = hw_get_channel_chan(mode, i, NULL);
if (!chan ||
@ -35,42 +35,44 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
return false;
}
@@ -3108,7 +3111,7 @@ static void ibss_mesh_select_40mhz(struc
@@ -3099,7 +3102,7 @@ static void ibss_mesh_select_40mhz(struc
const struct wpa_ssid *ssid,
struct hostapd_hw_modes *mode,
struct hostapd_freq_params *freq,
- int obss_scan) {
+ int obss_scan, bool dfs_enabled) {
- int obss_scan, bool is_6ghz)
+ int obss_scan, bool is_6ghz, bool dfs_enabled)
{
int chan_idx;
struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
int i, res;
@@ -3132,8 +3135,11 @@ static void ibss_mesh_select_40mhz(struc
@@ -3130,8 +3133,11 @@ static void ibss_mesh_select_40mhz(struc
return;
/* Check primary channel flags */
- if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
- return;
+ if (pri_chan->flag & HOSTAPD_CHAN_DISABLED)
return;
+ return;
+ if (pri_chan->flag & (HOSTAPD_CHAN_RADAR | HOSTAPD_CHAN_NO_IR))
+ if (!dfs_enabled)
+ return;
#ifdef CONFIG_HT_OVERRIDES
if (ssid->disable_ht40)
@@ -3159,8 +3165,11 @@ static void ibss_mesh_select_40mhz(struc
@@ -3166,8 +3172,11 @@ static void ibss_mesh_select_40mhz(struc
return;
/* Check secondary channel flags */
- if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
- return;
+ if (sec_chan->flag & HOSTAPD_CHAN_DISABLED)
return;
+ return;
+ if (sec_chan->flag & (HOSTAPD_CHAN_RADAR | HOSTAPD_CHAN_NO_IR))
+ if (!dfs_enabled)
+ return;
if (ht40 == -1) {
if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
@@ -3236,7 +3245,7 @@ static bool ibss_mesh_select_80_160mhz(s
if (freq->ht_enabled) {
if (ht40 == -1) {
@@ -3245,7 +3254,7 @@ static bool ibss_mesh_select_80_160mhz(s
const struct wpa_ssid *ssid,
struct hostapd_hw_modes *mode,
struct hostapd_freq_params *freq,
@ -79,7 +81,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
static const int bw80[] = {
5180, 5260, 5500, 5580, 5660, 5745, 5825,
5955, 6035, 6115, 6195, 6275, 6355, 6435,
@@ -3286,7 +3295,7 @@ static bool ibss_mesh_select_80_160mhz(s
@@ -3298,7 +3307,7 @@ static bool ibss_mesh_select_80_160mhz(s
goto skip_80mhz;
/* Use 40 MHz if channel not usable */
@ -88,37 +90,40 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
goto skip_80mhz;
chwidth = CONF_OPER_CHWIDTH_80MHZ;
@@ -3300,7 +3309,7 @@ static bool ibss_mesh_select_80_160mhz(s
if ((mode->he_capab[ieee80211_mode].phy_cap[
HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] &
HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz &&
- ibss_mesh_is_80mhz_avail(channel + 16, mode)) {
+ ibss_mesh_is_80mhz_avail(channel + 16, mode, dfs_enabled)) {
@@ -3340,7 +3349,7 @@ static bool ibss_mesh_select_80_160mhz(s
HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) &&
(ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_160MHZ ||
ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_320MHZ) &&
- ibss_mesh_is_80mhz_avail(channel + 16 * offset_in_160, mode)) {
+ ibss_mesh_is_80mhz_avail(channel + 16 * offset_in_160, mode, dfs_enabled)) {
for (j = 0; j < ARRAY_SIZE(bw160); j++) {
if (freq->freq == bw160[j]) {
chwidth = CONF_OPER_CHWIDTH_160MHZ;
@@ -3317,9 +3326,9 @@ static bool ibss_mesh_select_80_160mhz(s
if ((mode->eht_capab[ieee80211_mode].phy_cap[
EHT_PHYCAP_320MHZ_IN_6GHZ_SUPPORT_IDX] &
u8 start_chan;
@@ -3363,11 +3372,11 @@ static bool ibss_mesh_select_80_160mhz(s
EHT_PHYCAP_320MHZ_IN_6GHZ_SUPPORT_MASK) && is_6ghz &&
- ibss_mesh_is_80mhz_avail(channel + 16, mode) &&
- ibss_mesh_is_80mhz_avail(channel + 32, mode) &&
- ibss_mesh_is_80mhz_avail(channel + 48, mode)) {
+ ibss_mesh_is_80mhz_avail(channel + 16, mode, dfs_enabled) &&
+ ibss_mesh_is_80mhz_avail(channel + 32, mode, dfs_enabled) &&
+ ibss_mesh_is_80mhz_avail(channel + 48, mode, dfs_enabled)) {
ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_320MHZ &&
ibss_mesh_is_80mhz_avail(channel + 16 -
- 64 * ((offset_in_320 + 1) / 4), mode) &&
+ 64 * ((offset_in_320 + 1) / 4), mode, dfs_enabled) &&
ibss_mesh_is_80mhz_avail(channel + 32 -
- 64 * ((offset_in_320 + 2) / 4), mode) &&
+ 64 * ((offset_in_320 + 2) / 4), mode, dfs_enabled) &&
ibss_mesh_is_80mhz_avail(channel + 48 -
- 64 * ((offset_in_320 + 3) / 4), mode)) {
+ 64 * ((offset_in_320 + 3) / 4), mode, dfs_enabled)) {
for (j = 0; j < ARRAY_SIZE(bw320); j += 2) {
if (freq->freq >= bw320[j] &&
freq->freq <= bw320[j + 1]) {
@@ -3348,10 +3357,12 @@ static bool ibss_mesh_select_80_160mhz(s
@@ -3396,10 +3405,12 @@ static bool ibss_mesh_select_80_160mhz(s
if (!chan)
continue;
- if (chan->flag & (HOSTAPD_CHAN_DISABLED |
- HOSTAPD_CHAN_NO_IR |
- HOSTAPD_CHAN_RADAR))
- continue;
+ if (chan->flag & HOSTAPD_CHAN_DISABLED)
continue;
+ continue;
+ if (chan->flag & (HOSTAPD_CHAN_RADAR |
+ HOSTAPD_CHAN_NO_IR))
+ if (!dfs_enabled)
@ -126,7 +131,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
/* Found a suitable second segment for 80+80 */
chwidth = CONF_OPER_CHWIDTH_80P80MHZ;
@@ -3406,6 +3417,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
@@ -3454,6 +3465,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
int obss_scan = 1;
u8 channel;
bool is_6ghz, is_24ghz;
@ -134,12 +139,12 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
freq->freq = ssid->frequency;
@@ -3448,9 +3460,9 @@ void ibss_mesh_setup_freq(struct wpa_sup
freq->channel = channel;
/* Setup higher BW only for 5 GHz */
@@ -3497,9 +3509,9 @@ void ibss_mesh_setup_freq(struct wpa_sup
/* Setup higher BW only for 5 and 6 GHz */
if (mode->mode == HOSTAPD_MODE_IEEE80211A) {
- ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan);
+ ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan, dfs_enabled);
ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan,
- is_6ghz);
+ is_6ghz, dfs_enabled);
if (!ibss_mesh_select_80_160mhz(wpa_s, ssid, mode, freq,
- ieee80211_mode, is_6ghz))
+ ieee80211_mode, is_6ghz, dfs_enabled))

2
package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch
View file

@ -68,7 +68,7 @@ Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
chan_idx, num_available_chandefs);
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -11656,6 +11656,10 @@ static int nl80211_switch_channel(void *
@@ -11592,6 +11592,10 @@ static int nl80211_switch_channel(void *
if (ret)
goto error;

4
package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch
View file

@ -4,7 +4,7 @@ Subject: [PATCH] fix adding back stations after a missed deauth/disassoc
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -4894,6 +4894,13 @@ static int add_associated_sta(struct hos
@@ -5033,6 +5033,13 @@ static int add_associated_sta(struct hos
* drivers to accept the STA parameter configuration. Since this is
* after a new FT-over-DS exchange, a new TK has been derived, so key
* reinstallation is not a concern for this case.
@ -18,7 +18,7 @@ Subject: [PATCH] fix adding back stations after a missed deauth/disassoc
*/
wpa_printf(MSG_DEBUG, "Add associated STA " MACSTR
" (added_unassoc=%d auth_alg=%u ft_over_ds=%u reassoc=%d authorized=%d ft_tk=%d fils_tk=%d)",
@@ -4907,7 +4914,8 @@ static int add_associated_sta(struct hos
@@ -5046,7 +5053,8 @@ static int add_associated_sta(struct hos
(!(sta->flags & WLAN_STA_AUTHORIZED) ||
(reassoc && sta->ft_over_ds && sta->auth_alg == WLAN_AUTH_FT) ||
(!wpa_auth_sta_ft_tk_already_set(sta->wpa_sm) &&

6
package/network/services/hostapd/patches/050-Fix-OpenWrt-13156.patch
View file

@ -20,7 +20,7 @@ Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -4075,6 +4075,8 @@ int hostapd_remove_iface(struct hapd_int
@@ -4091,6 +4091,8 @@ int hostapd_remove_iface(struct hapd_int
void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta,
int reassoc)
{
@ -29,7 +29,7 @@ Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
if (hapd->tkip_countermeasures) {
hostapd_drv_sta_deauth(hapd, sta->addr,
WLAN_REASON_MICHAEL_MIC_FAILURE);
@@ -4082,10 +4084,16 @@ void hostapd_new_assoc_sta(struct hostap
@@ -4098,10 +4100,16 @@ void hostapd_new_assoc_sta(struct hostap
}
#ifdef CONFIG_IEEE80211BE
@ -51,7 +51,7 @@ Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
ap_sta_clear_assoc_timeout(hapd, sta);
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
@@ -1552,9 +1552,6 @@ bool ap_sta_set_authorized_flag(struct h
@@ -1553,9 +1553,6 @@ bool ap_sta_set_authorized_flag(struct h
mld_assoc_link_id = -2;
}
#endif /* CONFIG_IEEE80211BE */

4
package/network/services/hostapd/patches/051-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
View file

@ -26,7 +26,7 @@ Signed-off-by: David Bauer <mail@david-bauer.net>
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -2411,6 +2411,9 @@ struct wpa_driver_capa {
@@ -2441,6 +2441,9 @@ struct wpa_driver_capa {
/** Maximum number of iterations in a single scan plan */
u32 max_sched_scan_plan_iterations;
@ -38,7 +38,7 @@ Signed-off-by: David Bauer <mail@david-bauer.net>
--- a/src/drivers/driver_nl80211_capa.c
+++ b/src/drivers/driver_nl80211_capa.c
@@ -984,6 +984,10 @@ static int wiphy_info_handler(struct nl_
@@ -981,6 +981,10 @@ static int wiphy_info_handler(struct nl_
nla_get_u32(tb[NL80211_ATTR_MAX_SCAN_PLAN_ITERATIONS]);
}

18
package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch
View file

@ -7772,7 +7772,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
CONFIG_SIM_SIMULATOR=y
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -1232,6 +1232,29 @@ endif
@@ -1234,6 +1234,29 @@ endif
CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\"
endif
@ -7802,7 +7802,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifeq ($(CONFIG_TLS), gnutls)
ifndef CONFIG_CRYPTO
# default to libgcrypt
@@ -1424,9 +1447,11 @@ endif
@@ -1426,9 +1449,11 @@ endif
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
@ -7814,7 +7814,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifdef CONFIG_OPENSSL_INTERNAL_AES_WRAP
# Seems to be needed at least with BoringSSL
NEED_INTERNAL_AES_WRAP=y
@@ -1440,9 +1465,11 @@ endif
@@ -1442,9 +1467,11 @@ endif
ifdef NEED_INTERNAL_AES_WRAP
ifneq ($(CONFIG_TLS), linux)
@ -7826,7 +7826,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifdef NEED_AES_EAX
AESOBJS += ../src/crypto/aes-eax.o
NEED_AES_CTR=y
@@ -1452,35 +1479,45 @@ AESOBJS += ../src/crypto/aes-siv.o
@@ -1454,35 +1481,45 @@ AESOBJS += ../src/crypto/aes-siv.o
NEED_AES_CTR=y
endif
ifdef NEED_AES_CTR
@ -7872,7 +7872,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifdef NEED_AES_ENC
ifdef CONFIG_INTERNAL_AES
AESOBJS += ../src/crypto/aes-internal-enc.o
@@ -1495,12 +1532,16 @@ ifneq ($(CONFIG_TLS), openssl)
@@ -1497,12 +1534,16 @@ ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
@ -7889,7 +7889,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifdef CONFIG_INTERNAL_SHA1
SHA1OBJS += ../src/crypto/sha1-internal.o
ifdef NEED_FIPS186_2_PRF
@@ -1512,29 +1553,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2
@@ -1514,29 +1555,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2
else
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
@ -7927,7 +7927,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifdef NEED_MD5
ifdef CONFIG_INTERNAL_MD5
MD5OBJS += ../src/crypto/md5-internal.o
@@ -1589,12 +1638,17 @@ ifneq ($(CONFIG_TLS), openssl)
@@ -1591,12 +1640,17 @@ ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
@ -7945,7 +7945,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifdef CONFIG_INTERNAL_SHA256
SHA256OBJS += ../src/crypto/sha256-internal.o
endif
@@ -1607,50 +1661,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512
@@ -1609,50 +1663,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512
SHA256OBJS += ../src/crypto/sha512-internal.o
endif
ifdef NEED_TLS_PRF_SHA256
@ -8014,7 +8014,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifdef NEED_ASN1
OBJS += ../src/tls/asn1.o
@@ -1825,10 +1897,12 @@ ifdef CONFIG_FIPS
@@ -1827,10 +1899,12 @@ ifdef CONFIG_FIPS
CFLAGS += -DCONFIG_FIPS
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)

2
package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch
View file

@ -101,7 +101,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -1243,10 +1243,6 @@ endif
@@ -1245,10 +1245,6 @@ endif
OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
OBJS_p += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
OBJS_priv += ../src/crypto/crypto_$(CONFIG_CRYPTO).o

54
package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch
View file

@ -739,7 +739,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
hostapd.add_ap(apdev[0], params)
@@ -3581,7 +3626,7 @@ def test_ap_wpa2_eap_ikev2_oom(dev, apde
@@ -3588,7 +3633,7 @@ def test_ap_wpa2_eap_ikev2_oom(dev, apde
dev[0].request("REMOVE_NETWORK all")
tls = dev[0].request("GET tls_library")
@ -748,7 +748,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
tests = [(1, "os_get_random;dh_init")]
else:
tests = [(1, "crypto_dh_init;dh_init")]
@@ -4901,7 +4946,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
@@ -4908,7 +4953,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
params["private_key"] = "auth_serv/iCA-server/server.key"
hostapd.add_ap(apdev[0], params)
tls = dev[0].request("GET tls_library")
@ -757,7 +757,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ca_cert = "auth_serv/iCA-user/ca-and-root.pem"
client_cert = "auth_serv/iCA-user/user_and_ica.pem"
else:
@@ -4967,6 +5012,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
@@ -4974,6 +5019,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
run_ap_wpa2_eap_tls_intermediate_ca_ocsp(dev, apdev, params, "-sha1")
def run_ap_wpa2_eap_tls_intermediate_ca_ocsp(dev, apdev, params, md):
@ -765,7 +765,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
params = int_eap_server_params()
params["ca_cert"] = "auth_serv/iCA-server/ca-and-root.pem"
params["server_cert"] = "auth_serv/iCA-server/server.pem"
@@ -4976,7 +5022,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_
@@ -4983,7 +5029,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_
try:
hostapd.add_ap(apdev[0], params)
tls = dev[0].request("GET tls_library")
@ -774,7 +774,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ca_cert = "auth_serv/iCA-user/ca-and-root.pem"
client_cert = "auth_serv/iCA-user/user_and_ica.pem"
else:
@@ -5012,7 +5058,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_
@@ -5019,7 +5065,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_
try:
hostapd.add_ap(apdev[0], params)
tls = dev[0].request("GET tls_library")
@ -783,7 +783,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ca_cert = "auth_serv/iCA-user/ca-and-root.pem"
client_cert = "auth_serv/iCA-user/user_and_ica.pem"
else:
@@ -5062,7 +5108,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
@@ -5069,7 +5115,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
try:
hostapd.add_ap(apdev[0], params)
tls = dev[0].request("GET tls_library")
@ -792,7 +792,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ca_cert = "auth_serv/iCA-user/ca-and-root.pem"
client_cert = "auth_serv/iCA-user/user_and_ica.pem"
else:
@@ -5129,7 +5175,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
@@ -5136,7 +5182,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
hostapd.add_ap(apdev[0], params)
tls = dev[0].request("GET tls_library")
@ -801,7 +801,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ca_cert = "auth_serv/iCA-user/ca-and-root.pem"
client_cert = "auth_serv/iCA-user/user_and_ica.pem"
else:
@@ -5387,6 +5433,7 @@ def test_ap_wpa2_eap_ttls_server_cert_ek
@@ -5394,6 +5440,7 @@ def test_ap_wpa2_eap_ttls_server_cert_ek
def test_ap_wpa2_eap_ttls_server_pkcs12(dev, apdev):
"""WPA2-Enterprise using EAP-TTLS and server PKCS#12 file"""
@ -809,7 +809,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
skip_with_fips(dev[0])
params = int_eap_server_params()
del params["server_cert"]
@@ -5399,6 +5446,7 @@ def test_ap_wpa2_eap_ttls_server_pkcs12(
@@ -5406,6 +5453,7 @@ def test_ap_wpa2_eap_ttls_server_pkcs12(
def test_ap_wpa2_eap_ttls_server_pkcs12_extra(dev, apdev):
"""EAP-TTLS and server PKCS#12 file with extra certs"""
@ -817,7 +817,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
skip_with_fips(dev[0])
params = int_eap_server_params()
del params["server_cert"]
@@ -5421,6 +5469,7 @@ def test_ap_wpa2_eap_ttls_dh_params_serv
@@ -5428,6 +5476,7 @@ def test_ap_wpa2_eap_ttls_dh_params_serv
def test_ap_wpa2_eap_ttls_dh_params_dsa_server(dev, apdev):
"""WPA2-Enterprise using EAP-TTLS and alternative server dhparams (DSA)"""
@ -825,7 +825,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
params = int_eap_server_params()
params["dh_file"] = "auth_serv/dsaparam.pem"
hapd = hostapd.add_ap(apdev[0], params)
@@ -5732,8 +5781,8 @@ def test_ap_wpa2_eap_non_ascii_identity2
@@ -5739,8 +5788,8 @@ def test_ap_wpa2_eap_non_ascii_identity2
def test_openssl_cipher_suite_config_wpas(dev, apdev):
"""OpenSSL cipher suite configuration on wpa_supplicant"""
tls = dev[0].request("GET tls_library")
@ -836,7 +836,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
hapd = hostapd.add_ap(apdev[0], params)
eap_connect(dev[0], hapd, "TTLS", "pap user",
@@ -5759,14 +5808,14 @@ def test_openssl_cipher_suite_config_wpa
@@ -5766,14 +5815,14 @@ def test_openssl_cipher_suite_config_wpa
def test_openssl_cipher_suite_config_hapd(dev, apdev):
"""OpenSSL cipher suite configuration on hostapd"""
tls = dev[0].request("GET tls_library")
@ -855,7 +855,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
eap_connect(dev[0], hapd, "TTLS", "pap user",
anonymous_identity="ttls", password="password",
ca_cert="auth_serv/ca.pem", phase2="auth=PAP")
@@ -6209,13 +6258,17 @@ def test_ap_wpa2_eap_tls_versions(dev, a
@@ -6216,13 +6265,17 @@ def test_ap_wpa2_eap_tls_versions(dev, a
if tls.startswith("wolfSSL"):
check_tls_ver(dev[0], hapd,
"tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=1", "TLSv1.2")
@ -878,7 +878,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
if "run=OpenSSL 1.1.1" in tls or "run=OpenSSL 3." in tls or \
tls.startswith("wolfSSL"):
check_tls_ver(dev[0], hapd,
@@ -6238,6 +6291,11 @@ def test_ap_wpa2_eap_tls_versions_server
@@ -6245,6 +6298,11 @@ def test_ap_wpa2_eap_tls_versions_server
tests = [("TLSv1", "[ENABLE-TLSv1.0][DISABLE-TLSv1.1][DISABLE-TLSv1.2][DISABLE-TLSv1.3]"),
("TLSv1.1", "[ENABLE-TLSv1.0][ENABLE-TLSv1.1][DISABLE-TLSv1.2][DISABLE-TLSv1.3]"),
("TLSv1.2", "[ENABLE-TLSv1.0][ENABLE-TLSv1.1][ENABLE-TLSv1.2][DISABLE-TLSv1.3]")]
@ -890,7 +890,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
for exp, flags in tests:
hapd.disable()
hapd.set("tls_flags", flags)
@@ -7318,6 +7376,7 @@ def test_ap_wpa2_eap_assoc_rsn(dev, apde
@@ -7325,6 +7383,7 @@ def test_ap_wpa2_eap_assoc_rsn(dev, apde
def test_eap_tls_ext_cert_check(dev, apdev):
"""EAP-TLS and external server certification validation"""
# With internal server certificate chain validation
@ -898,7 +898,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
id = dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TLS",
identity="tls user",
ca_cert="auth_serv/ca.pem",
@@ -7330,6 +7389,7 @@ def test_eap_tls_ext_cert_check(dev, apd
@@ -7337,6 +7396,7 @@ def test_eap_tls_ext_cert_check(dev, apd
def test_eap_ttls_ext_cert_check(dev, apdev):
"""EAP-TTLS and external server certification validation"""
# Without internal server certificate chain validation
@ -906,7 +906,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
id = dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS",
identity="pap user", anonymous_identity="ttls",
password="password", phase2="auth=PAP",
@@ -7340,6 +7400,7 @@ def test_eap_ttls_ext_cert_check(dev, ap
@@ -7347,6 +7407,7 @@ def test_eap_ttls_ext_cert_check(dev, ap
def test_eap_peap_ext_cert_check(dev, apdev):
"""EAP-PEAP and external server certification validation"""
# With internal server certificate chain validation
@ -914,7 +914,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
id = dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="PEAP",
identity="user", anonymous_identity="peap",
ca_cert="auth_serv/ca.pem",
@@ -7350,6 +7411,7 @@ def test_eap_peap_ext_cert_check(dev, ap
@@ -7357,6 +7418,7 @@ def test_eap_peap_ext_cert_check(dev, ap
def test_eap_fast_ext_cert_check(dev, apdev):
"""EAP-FAST and external server certification validation"""
@ -922,7 +922,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
check_eap_capa(dev[0], "FAST")
# With internal server certificate chain validation
dev[0].request("SET blob fast_pac_auth_ext ")
@@ -7364,10 +7426,6 @@ def test_eap_fast_ext_cert_check(dev, ap
@@ -7371,10 +7433,6 @@ def test_eap_fast_ext_cert_check(dev, ap
run_ext_cert_check(dev, apdev, id)
def run_ext_cert_check(dev, apdev, net_id):
@ -1124,7 +1124,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
heavy_groups = [14, 15, 16]
suitable_groups = [15, 16, 17, 18, 19, 20, 21]
groups = [str(g) for g in sae_groups]
@@ -2248,6 +2253,8 @@ def run_sae_pwe_group(dev, apdev, group)
@@ -2285,6 +2290,8 @@ def run_sae_pwe_group(dev, apdev, group)
logger.info("Add Brainpool EC groups since OpenSSL is new enough")
elif tls.startswith("wolfSSL"):
logger.info("Make sure Brainpool EC groups were enabled when compiling wolfSSL")
@ -1144,7 +1144,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
if not tls.startswith("OpenSSL"):
raise HwsimSkip("TLS library not supported for Suite B: " + tls)
supported = False
@@ -520,6 +522,7 @@ def test_suite_b_192_rsa_insufficient_dh
@@ -539,6 +541,7 @@ def test_suite_b_192_rsa_insufficient_dh
dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192",
ieee80211w="2",
@ -1289,7 +1289,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
if (need_more_data) {
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -1190,6 +1190,7 @@ TLS_FUNCS=y
@@ -1192,6 +1192,7 @@ TLS_FUNCS=y
endif
ifeq ($(CONFIG_TLS), wolfssl)
@ -1297,7 +1297,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
CFLAGS += -DCRYPTO_RSA_OAEP_SHA256
ifdef TLS_FUNCS
CFLAGS += -DWOLFSSL_DER_LOAD
@@ -1206,6 +1207,7 @@ LIBS_p += -lwolfssl -lm
@@ -1208,6 +1209,7 @@ LIBS_p += -lwolfssl -lm
endif
ifeq ($(CONFIG_TLS), openssl)
@ -1305,7 +1305,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
CFLAGS += -DCRYPTO_RSA_OAEP_SHA256
ifdef TLS_FUNCS
CFLAGS += -DEAP_TLS_OPENSSL
@@ -1233,6 +1235,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF
@@ -1235,6 +1237,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF
endif
ifeq ($(CONFIG_TLS), mbedtls)
@ -1313,7 +1313,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifndef CONFIG_CRYPTO
CONFIG_CRYPTO=mbedtls
endif
@@ -1252,6 +1255,7 @@ endif
@@ -1254,6 +1257,7 @@ endif
endif
ifeq ($(CONFIG_TLS), gnutls)
@ -1321,7 +1321,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifndef CONFIG_CRYPTO
# default to libgcrypt
CONFIG_CRYPTO=gnutls
@@ -1282,6 +1286,7 @@ endif
@@ -1284,6 +1288,7 @@ endif
endif
ifeq ($(CONFIG_TLS), internal)
@ -1329,7 +1329,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
ifndef CONFIG_CRYPTO
CONFIG_CRYPTO=internal
endif
@@ -1362,6 +1367,7 @@ endif
@@ -1364,6 +1369,7 @@ endif
endif
ifeq ($(CONFIG_TLS), linux)

2
package/network/services/hostapd/patches/150-add-NULL-checks-encountered-during-tests-hwsim.patch
View file

@ -29,7 +29,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
wpa_printf(MSG_DEBUG, "DPP: Generating a keypair");
--- a/src/common/sae.c
+++ b/src/common/sae.c
@@ -1284,6 +1284,13 @@ void sae_deinit_pt(struct sae_pt *pt)
@@ -1287,6 +1287,13 @@ void sae_deinit_pt(struct sae_pt *pt)
static int sae_derive_commit_element_ecc(struct sae_data *sae,
struct crypto_bignum *mask)
{

10
package/network/services/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch
View file

@ -29,7 +29,7 @@ Signed-off-by: P Praneesh <ppranees@codeaurora.org>
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -1229,6 +1229,8 @@ static int hostapd_config_vht_capab(stru
@@ -1225,6 +1225,8 @@ static int hostapd_config_vht_capab(stru
conf->vht_capab |= VHT_CAP_RX_ANTENNA_PATTERN;
if (os_strstr(capab, "[TX-ANTENNA-PATTERN]"))
conf->vht_capab |= VHT_CAP_TX_ANTENNA_PATTERN;
@ -100,7 +100,7 @@ Signed-off-by: P Praneesh <ppranees@codeaurora.org>
u8 *pos = eid;
enum oper_chan_width oper_chwidth =
hostapd_get_oper_chwidth(hapd->iconf);
@@ -110,6 +123,7 @@ u8 * hostapd_eid_vht_operation(struct ho
@@ -113,6 +126,7 @@ u8 * hostapd_eid_vht_operation(struct ho
oper->vht_op_info_chan_center_freq_seg1_idx = seg1;
oper->vht_op_info_chwidth = oper_chwidth;
@ -108,7 +108,7 @@ Signed-off-by: P Praneesh <ppranees@codeaurora.org>
if (oper_chwidth == CONF_OPER_CHWIDTH_160MHZ) {
/*
* Convert 160 MHz channel width to new style as interop
@@ -123,6 +137,9 @@ u8 * hostapd_eid_vht_operation(struct ho
@@ -126,6 +140,9 @@ u8 * hostapd_eid_vht_operation(struct ho
oper->vht_op_info_chan_center_freq_seg0_idx -= 8;
else
oper->vht_op_info_chan_center_freq_seg0_idx += 8;
@ -120,7 +120,7 @@ Signed-off-by: P Praneesh <ppranees@codeaurora.org>
* Convert 80+80 MHz channel width to new style as interop
--- a/src/common/hw_features_common.c
+++ b/src/common/hw_features_common.c
@@ -923,6 +923,7 @@ int ieee80211ac_cap_check(u32 hw, u32 co
@@ -924,6 +924,7 @@ int ieee80211ac_cap_check(u32 hw, u32 co
VHT_CAP_CHECK(VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB);
VHT_CAP_CHECK(VHT_CAP_RX_ANTENNA_PATTERN);
VHT_CAP_CHECK(VHT_CAP_TX_ANTENNA_PATTERN);
@ -130,7 +130,7 @@ Signed-off-by: P Praneesh <ppranees@codeaurora.org>
#undef VHT_CAP_CHECK_MAX
--- a/src/common/ieee802_11_defs.h
+++ b/src/common/ieee802_11_defs.h
@@ -1420,6 +1420,8 @@ struct ieee80211_ampe_ie {
@@ -1421,6 +1421,8 @@ struct ieee80211_ampe_ie {
#define VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB ((u32) BIT(26) | BIT(27))
#define VHT_CAP_RX_ANTENNA_PATTERN ((u32) BIT(28))
#define VHT_CAP_TX_ANTENNA_PATTERN ((u32) BIT(29))

30
package/network/services/hostapd/patches/200-multicall.patch
View file

@ -94,7 +94,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
if (c < 0)
--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
@@ -2537,8 +2537,8 @@ static void hostapd_mld_iface_disable(st
@@ -2523,8 +2523,8 @@ static void hostapd_mld_iface_disable(st
#endif /* CONFIG_IEEE80211BE */
@ -105,7 +105,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
{
struct hostapd_data *hapd = ctx;
struct sta_info *sta;
@@ -2896,7 +2896,7 @@ void wpa_supplicant_event(void *ctx, enu
@@ -2882,7 +2882,7 @@ void wpa_supplicant_event(void *ctx, enu
}
@ -116,7 +116,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
struct hapd_interfaces *interfaces = ctx;
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -7072,8 +7072,8 @@ union wpa_event_data {
@@ -7105,8 +7105,8 @@ union wpa_event_data {
* Driver wrapper code should call this function whenever an event is received
* from the driver.
*/
@ -127,7 +127,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
/**
* wpa_supplicant_event_global - Report a driver event for wpa_supplicant
@@ -7085,7 +7085,7 @@ void wpa_supplicant_event(void *ctx, enu
@@ -7118,7 +7118,7 @@ void wpa_supplicant_event(void *ctx, enu
* Same as wpa_supplicant_event(), but we search for the interface in
* wpa_global.
*/
@ -169,7 +169,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
OBJS += ibss_rsn.o
endif
@@ -982,6 +985,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS
@@ -984,6 +987,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS
CFLAGS += -DCONFIG_DYNAMIC_EAP_METHODS
LIBS += -ldl -rdynamic
endif
@ -180,7 +180,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
endif
ifdef CONFIG_AP
@@ -989,9 +996,11 @@ NEED_EAP_COMMON=y
@@ -991,9 +998,11 @@ NEED_EAP_COMMON=y
NEED_RSN_AUTHENTICATOR=y
CFLAGS += -DCONFIG_AP
OBJS += ap.o
@ -192,7 +192,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
OBJS += ../src/ap/hostapd.o
OBJS += ../src/ap/wpa_auth_glue.o
OBJS += ../src/ap/utils.o
@@ -1082,6 +1091,12 @@ endif
@@ -1084,6 +1093,12 @@ endif
ifdef CONFIG_HS20
OBJS += ../src/ap/hs20.o
endif
@ -205,7 +205,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
endif
ifdef CONFIG_MBO
@@ -1091,7 +1106,9 @@ NEED_GAS=y
@@ -1093,7 +1108,9 @@ NEED_GAS=y
endif
ifdef NEED_RSN_AUTHENTICATOR
@ -215,7 +215,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
NEED_AES_WRAP=y
OBJS += ../src/ap/wpa_auth.o
OBJS += ../src/ap/wpa_auth_ie.o
@@ -2082,6 +2099,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
@@ -2084,6 +2101,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
_OBJS_VAR := OBJS
include ../src/objs.mk
@ -228,7 +228,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
$(Q)$(LDO) $(LDFLAGS) -o wpa_supplicant $(OBJS) $(LIBS) $(EXTRALIBS)
@$(E) " LD " $@
@@ -2214,6 +2237,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK)
@@ -2216,6 +2239,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK)
$(Q)sed -e 's|\@BINDIR\@|$(BINDIR)|g' $< >$@
@$(E) " sed" $<
@ -278,7 +278,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
os_memset(&eapol_test, 0, sizeof(eapol_test));
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -6170,8 +6170,8 @@ static int wpas_pasn_auth(struct wpa_sup
@@ -6175,8 +6175,8 @@ static int wpas_pasn_auth(struct wpa_sup
#endif /* CONFIG_PASN */
@ -289,7 +289,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
{
struct wpa_supplicant *wpa_s = ctx;
int resched;
@@ -7134,7 +7134,7 @@ void wpa_supplicant_event(void *ctx, enu
@@ -7139,7 +7139,7 @@ void wpa_supplicant_event(void *ctx, enu
}
@ -331,7 +331,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
os_memset(&global, 0, sizeof(global));
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -8062,7 +8062,6 @@ struct wpa_interface * wpa_supplicant_ma
@@ -8100,7 +8100,6 @@ struct wpa_interface * wpa_supplicant_ma
return NULL;
}
@ -339,7 +339,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
/**
* wpa_supplicant_match_existing - Match existing interfaces
* @global: Pointer to global data from wpa_supplicant_init()
@@ -8097,6 +8096,11 @@ static int wpa_supplicant_match_existing
@@ -8135,6 +8134,11 @@ static int wpa_supplicant_match_existing
#endif /* CONFIG_MATCH_IFACE */
@ -351,7 +351,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
/**
* wpa_supplicant_add_iface - Add a new network interface
@@ -8353,6 +8357,8 @@ struct wpa_global * wpa_supplicant_init(
@@ -8391,6 +8395,8 @@ struct wpa_global * wpa_supplicant_init(
#ifndef CONFIG_NO_WPA_MSG
wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
#endif /* CONFIG_NO_WPA_MSG */

2
package/network/services/hostapd/patches/201-lto-jobserver-support.patch
View file

@ -25,7 +25,7 @@ Subject: [PATCH] hostapd: build with LTO enabled (using jobserver for parallel
NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS)
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -2106,31 +2106,31 @@ wpa_supplicant_multi.a: .config $(BCHECK
@@ -2108,31 +2108,31 @@ wpa_supplicant_multi.a: .config $(BCHECK
@$(AR) cr $@ wpa_supplicant_multi.o $(OBJS)
wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)

4
package/network/services/hostapd/patches/211-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch
View file

@ -13,7 +13,7 @@ Signed-off-by: David Bauer <mail@david-bauer.net>
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -13566,7 +13566,7 @@ char * wpa_supplicant_ctrl_iface_process
@@ -13513,7 +13513,7 @@ char * wpa_supplicant_ctrl_iface_process
if (wpas_ctrl_iface_coloc_intf_report(wpa_s, buf + 18))
reply_len = -1;
#endif /* CONFIG_WNM */
@ -22,7 +22,7 @@ Signed-off-by: David Bauer <mail@david-bauer.net>
} else if (os_strncmp(buf, "DISASSOC_IMMINENT ", 18) == 0) {
if (ap_ctrl_iface_disassoc_imminent(wpa_s, buf + 18))
reply_len = -1;
@@ -13576,7 +13576,7 @@ char * wpa_supplicant_ctrl_iface_process
@@ -13523,7 +13523,7 @@ char * wpa_supplicant_ctrl_iface_process
} else if (os_strncmp(buf, "BSS_TM_REQ ", 11) == 0) {
if (ap_ctrl_iface_bss_tm_req(wpa_s, buf + 11))
reply_len = -1;

2
package/network/services/hostapd/patches/212-Move-definition-of-WLAN_SUPP_RATES_MAX-to-defs.h.patch
View file

@ -43,7 +43,7 @@ Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
struct mbo_non_pref_chan_info {
--- a/src/common/defs.h
+++ b/src/common/defs.h
@@ -63,6 +63,10 @@
@@ -62,6 +62,10 @@
WPA_KEY_MGMT_FT_FILS_SHA256 | \
WPA_KEY_MGMT_FT_FILS_SHA384)

28
package/network/services/hostapd/patches/252-disable_ctrl_iface_mib.patch
View file

@ -16,7 +16,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
else
--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
@@ -4087,6 +4087,7 @@ static int hostapd_ctrl_iface_receive_pr
@@ -4063,6 +4063,7 @@ static int hostapd_ctrl_iface_receive_pr
reply_size);
} else if (os_strcmp(buf, "STATUS-DRIVER") == 0) {
reply_len = hostapd_drv_status(hapd, reply, reply_size);
@ -24,7 +24,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
} else if (os_strcmp(buf, "MIB") == 0) {
reply_len = ieee802_11_get_mib(hapd, reply, reply_size);
if (reply_len >= 0) {
@@ -4128,6 +4129,7 @@ static int hostapd_ctrl_iface_receive_pr
@@ -4104,6 +4105,7 @@ static int hostapd_ctrl_iface_receive_pr
} else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply,
reply_size);
@ -113,7 +113,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
if (os_snprintf_error(buflen - len, ret))
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
@@ -2867,6 +2867,7 @@ static const char * bool_txt(bool val)
@@ -2831,6 +2831,7 @@ static const char * bool_txt(bool val)
return val ? "TRUE" : "FALSE";
}
@ -121,7 +121,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
int ieee802_1x_get_mib(struct hostapd_data *hapd, char *buf, size_t buflen)
{
@@ -3053,6 +3054,7 @@ int ieee802_1x_get_mib_sta(struct hostap
@@ -3017,6 +3018,7 @@ int ieee802_1x_get_mib_sta(struct hostap
return len;
}
@ -131,7 +131,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
static void ieee802_1x_wnm_notif_send(void *eloop_ctx, void *timeout_ctx)
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -6178,6 +6178,7 @@ static const char * wpa_bool_txt(int val
@@ -6233,6 +6233,7 @@ static const char * wpa_bool_txt(int val
return val ? "TRUE" : "FALSE";
}
@ -139,7 +139,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
#define RSN_SUITE "%02x-%02x-%02x-%d"
#define RSN_SUITE_ARG(s) \
@@ -6330,7 +6331,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
@@ -6385,7 +6386,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
return len;
}
@ -150,7 +150,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
{
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -4195,6 +4195,8 @@ static u32 wpa_key_mgmt_suite(struct wpa
@@ -4189,6 +4189,8 @@ static u32 wpa_key_mgmt_suite(struct wpa
}
@ -159,7 +159,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
#define RSN_SUITE "%02x-%02x-%02x-%d"
#define RSN_SUITE_ARG(s) \
((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff
@@ -4276,6 +4278,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch
@@ -4270,6 +4272,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch
return (int) len;
}
@ -169,7 +169,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -1040,6 +1040,9 @@ ifdef CONFIG_FILS
@@ -1042,6 +1042,9 @@ ifdef CONFIG_FILS
OBJS += ../src/ap/fils_hlp.o
endif
ifdef CONFIG_CTRL_IFACE
@ -192,7 +192,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
char *buf, size_t buflen)
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -2357,7 +2357,7 @@ static int wpa_supplicant_ctrl_iface_sta
@@ -2374,7 +2374,7 @@ static int wpa_supplicant_ctrl_iface_sta
pos += ret;
}
@ -201,7 +201,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
if (wpa_s->ap_iface) {
pos += ap_ctrl_iface_wpa_get_status(wpa_s, pos,
end - pos,
@@ -12876,6 +12876,7 @@ char * wpa_supplicant_ctrl_iface_process
@@ -12842,6 +12842,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_len = -1;
} else if (os_strncmp(buf, "NOTE ", 5) == 0) {
wpa_printf(MSG_INFO, "NOTE: %s", buf + 5);
@ -209,7 +209,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
} else if (os_strcmp(buf, "MIB") == 0) {
reply_len = wpa_sm_get_mib(wpa_s->wpa, reply, reply_size);
if (reply_len >= 0) {
@@ -12888,6 +12889,7 @@ char * wpa_supplicant_ctrl_iface_process
@@ -12854,6 +12855,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_size - reply_len);
#endif /* CONFIG_MACSEC */
}
@ -217,7 +217,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
} else if (os_strncmp(buf, "STATUS", 6) == 0) {
reply_len = wpa_supplicant_ctrl_iface_status(
wpa_s, buf + 6, reply, reply_size);
@@ -13394,6 +13396,7 @@ char * wpa_supplicant_ctrl_iface_process
@@ -13341,6 +13343,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_len = wpa_supplicant_ctrl_iface_bss(
wpa_s, buf + 4, reply, reply_size);
#ifdef CONFIG_AP
@ -225,7 +225,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
} else if (os_strcmp(buf, "STA-FIRST") == 0) {
reply_len = ap_ctrl_iface_sta_first(wpa_s, reply, reply_size);
} else if (os_strncmp(buf, "STA ", 4) == 0) {
@@ -13402,12 +13405,15 @@ char * wpa_supplicant_ctrl_iface_process
@@ -13349,12 +13352,15 @@ char * wpa_supplicant_ctrl_iface_process
} else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
reply_len = ap_ctrl_iface_sta_next(wpa_s, buf + 9, reply,
reply_size);

4
package/network/services/hostapd/patches/300-noscan.patch
View file

@ -5,7 +5,7 @@ Subject: [PATCH] Add noscan, no_ht_coex config options
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -3747,6 +3747,10 @@ static int hostapd_config_fill(struct ho
@@ -3518,6 +3518,10 @@ static int hostapd_config_fill(struct ho
if (bss->ocv && !bss->ieee80211w)
bss->ieee80211w = 1;
#endif /* CONFIG_OCV */
@ -18,7 +18,7 @@ Subject: [PATCH] Add noscan, no_ht_coex config options
} else if (os_strcmp(buf, "ht_capab") == 0) {
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -1125,6 +1125,8 @@ struct hostapd_config {
@@ -1105,6 +1105,8 @@ struct hostapd_config {
int ht_op_mode_fixed;
u16 ht_capab;

30
package/network/services/hostapd/patches/301-mesh-noscan.patch
View file

@ -5,7 +5,7 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -2668,6 +2668,7 @@ static const struct parse_data ssid_fiel
@@ -2642,6 +2642,7 @@ static const struct parse_data ssid_fiel
#else /* CONFIG_MESH */
{ INT_RANGE(mode, 0, 4) },
#endif /* CONFIG_MESH */
@ -15,17 +15,17 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
{ STR(id_str) },
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
@@ -867,6 +867,7 @@ static void wpa_config_write_network(FIL
#endif /* IEEE8021X_EAPOL */
@@ -868,6 +868,7 @@ static void wpa_config_write_network(FIL
INT(mode);
#ifdef CONFIG_MESH
INT(no_auto_peer);
+ INT(noscan);
INT_DEF(mesh_fwding, DEFAULT_MESH_FWDING);
#endif /* CONFIG_MESH */
INT(frequency);
INT(enable_edmg);
--- a/wpa_supplicant/config_ssid.h
+++ b/wpa_supplicant/config_ssid.h
@@ -1063,6 +1063,8 @@ struct wpa_ssid {
@@ -1071,6 +1071,8 @@ struct wpa_ssid {
*/
int no_auto_peer;
@ -36,7 +36,7 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
*
--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
@@ -509,6 +509,8 @@ static int wpa_supplicant_mesh_init(stru
@@ -538,6 +538,8 @@ static int wpa_supplicant_mesh_init(stru
frequency);
goto out_free;
}
@ -47,7 +47,7 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
/*
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -3044,7 +3044,7 @@ static bool ibss_mesh_can_use_vht(struct
@@ -3035,7 +3035,7 @@ static bool ibss_mesh_can_use_vht(struct
const struct wpa_ssid *ssid,
struct hostapd_hw_modes *mode)
{
@ -56,16 +56,16 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
return false;
if (!drv_supports_vht(wpa_s, ssid))
@@ -3117,7 +3117,7 @@ static void ibss_mesh_select_40mhz(struc
@@ -3109,7 +3109,7 @@ static void ibss_mesh_select_40mhz(struc
int i, res;
unsigned int j;
static const int ht40plus[] = {
static const int ht40plus_5ghz[] = {
- 36, 44, 52, 60, 100, 108, 116, 124, 132, 140,
+ 1, 2, 3, 4, 5, 6, 7, 36, 44, 52, 60, 100, 108, 116, 124, 132, 140,
149, 157, 165, 173, 184, 192
};
int ht40 = -1;
@@ -3414,7 +3414,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
static const int ht40plus_6ghz[] = {
@@ -3462,7 +3462,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
enum hostapd_hw_mode hw_mode;
struct hostapd_hw_modes *mode = NULL;
@ -74,12 +74,12 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
u8 channel;
bool is_6ghz, is_24ghz;
bool dfs_enabled = wpa_s->conf->country[0] && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR);
@@ -3458,6 +3458,8 @@ void ibss_mesh_setup_freq(struct wpa_sup
@@ -3506,6 +3506,8 @@ void ibss_mesh_setup_freq(struct wpa_sup
freq->he_enabled = ibss_mesh_can_use_he(wpa_s, ssid, mode,
ieee80211_mode);
freq->channel = channel;
+ if (mode->mode == HOSTAPD_MODE_IEEE80211G && ssid->noscan)
+ ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan, dfs_enabled);
/* Setup higher BW only for 5 GHz */
+ ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan, is_6ghz, dfs_enabled);
/* Setup higher BW only for 5 and 6 GHz */
if (mode->mode == HOSTAPD_MODE_IEEE80211A) {
ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan, dfs_enabled);
ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan,

2
package/network/services/hostapd/patches/310-rescan_immediately.patch
View file

@ -5,7 +5,7 @@ Subject: [PATCH] rescan_immediately.patch
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -6342,7 +6342,7 @@ wpa_supplicant_alloc(struct wpa_supplica
@@ -6381,7 +6381,7 @@ wpa_supplicant_alloc(struct wpa_supplica
if (wpa_s == NULL)
return NULL;
wpa_s->scan_req = INITIAL_SCAN_REQ;

4
package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch
View file

@ -4,8 +4,8 @@ Subject: [PATCH] nl80211_del_beacon_bss.patch
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -6381,8 +6381,7 @@ static void nl80211_teardown_ap(struct i
nl80211_mgmt_unsubscribe(bss, "AP teardown");
@@ -6340,8 +6340,7 @@ static void nl80211_teardown_ap(struct i
}
nl80211_put_wiphy_data_ap(bss);
- if (bss->flink)

8
package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch
View file

@ -14,7 +14,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -1012,6 +1012,9 @@ struct wpa_driver_associate_params {
@@ -1018,6 +1018,9 @@ struct wpa_driver_associate_params {
* responsible for selecting with which BSS to associate. */
const u8 *bssid;
@ -34,7 +34,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
#include "config.h"
@@ -2449,6 +2450,97 @@ static char * wpa_config_write_mac_value
@@ -2423,6 +2424,97 @@ static char * wpa_config_write_mac_value
#endif /* NO_CONFIG_WRITE */
@ -132,7 +132,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
/* Helper macros for network block parser */
#ifdef OFFSET
@@ -2744,6 +2836,8 @@ static const struct parse_data ssid_fiel
@@ -2718,6 +2810,8 @@ static const struct parse_data ssid_fiel
{ INT(ap_max_inactivity) },
{ INT(dtim_period) },
{ INT(beacon_int) },
@ -155,7 +155,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
* macsec_policy - Determines the policy for MACsec secure session
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -4635,6 +4635,12 @@ static void wpas_start_assoc_cb(struct w
@@ -4674,6 +4674,12 @@ static void wpas_start_assoc_cb(struct w
params.beacon_int = ssid->beacon_int;
else
params.beacon_int = wpa_s->conf->beacon_int;

8
package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch
View file

@ -19,7 +19,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -1932,6 +1932,7 @@ struct wpa_driver_mesh_join_params {
@@ -1959,6 +1959,7 @@ struct wpa_driver_mesh_join_params {
#define WPA_DRIVER_MESH_FLAG_AMPE 0x00000008
unsigned int flags;
bool handle_dfs;
@ -29,7 +29,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
struct wpa_driver_set_key_params {
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -12333,6 +12333,18 @@ static int nl80211_put_mesh_id(struct nl
@@ -12269,6 +12269,18 @@ static int nl80211_put_mesh_id(struct nl
}
@ -48,7 +48,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
static int nl80211_put_mesh_config(struct nl_msg *msg,
struct wpa_driver_mesh_bss_params *params)
{
@@ -12394,6 +12406,7 @@ static int nl80211_join_mesh(struct i802
@@ -12330,6 +12342,7 @@ static int nl80211_join_mesh(struct i802
nl80211_put_basic_rates(msg, params->basic_rates) ||
nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) ||
nl80211_put_beacon_int(msg, params->beacon_int) ||
@ -58,7 +58,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
@@ -636,6 +636,7 @@ int wpa_supplicant_join_mesh(struct wpa_
@@ -665,6 +665,7 @@ int wpa_supplicant_join_mesh(struct wpa_
params->meshid = ssid->ssid;
params->meshid_len = ssid->ssid_len;

2
package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch
View file

@ -5,7 +5,7 @@ Subject: [PATCH] Fix issues with disabling obss scan when using fixed_freq on
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -3421,6 +3421,10 @@ void ibss_mesh_setup_freq(struct wpa_sup
@@ -3469,6 +3469,10 @@ void ibss_mesh_setup_freq(struct wpa_sup
freq->freq = ssid->frequency;

2
package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch
View file

@ -13,7 +13,7 @@ Signed-off-by: David Bauer <mail@david-bauer.net>
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -3801,6 +3801,8 @@ static int hostapd_config_fill(struct ho
@@ -3572,6 +3572,8 @@ static int hostapd_config_fill(struct ho
} else if (os_strcmp(buf, "he_bss_color") == 0) {
conf->he_op.he_bss_color = atoi(pos) & 0x3f;
conf->he_op.he_bss_color_disabled = 0;

52
package/network/services/hostapd/patches/600-ubus_support.patch
View file

@ -53,7 +53,7 @@ probe/assoc/auth requests via object subscribe.
}
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
@@ -1437,6 +1437,12 @@ void handle_probe_req(struct hostapd_dat
@@ -1438,6 +1438,12 @@ void handle_probe_req(struct hostapd_dat
int mld_id;
u16 links;
#endif /* CONFIG_IEEE80211BE */
@ -66,7 +66,7 @@ probe/assoc/auth requests via object subscribe.
if (hapd->iconf->rssi_ignore_probe_request && ssi_signal &&
ssi_signal < hapd->iconf->rssi_ignore_probe_request)
@@ -1623,6 +1629,12 @@ void handle_probe_req(struct hostapd_dat
@@ -1624,6 +1630,12 @@ void handle_probe_req(struct hostapd_dat
}
#endif /* CONFIG_P2P */
@ -92,7 +92,7 @@ probe/assoc/auth requests via object subscribe.
return 0;
--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
@@ -317,6 +317,10 @@ int hostapd_notif_assoc(struct hostapd_d
@@ -330,6 +330,10 @@ int hostapd_notif_assoc(struct hostapd_d
struct hostapd_iface *iface = hapd->iface;
#endif /* CONFIG_OWE */
bool updated = false;
@ -103,7 +103,7 @@ probe/assoc/auth requests via object subscribe.
if (addr == NULL) {
/*
@@ -461,6 +465,12 @@ int hostapd_notif_assoc(struct hostapd_d
@@ -468,6 +472,12 @@ int hostapd_notif_assoc(struct hostapd_d
goto fail;
}
@ -116,7 +116,7 @@ probe/assoc/auth requests via object subscribe.
#ifdef CONFIG_P2P
if (elems.p2p) {
wpabuf_free(sta->p2p_ie);
@@ -1385,6 +1395,7 @@ void hostapd_event_ch_switch(struct host
@@ -1371,6 +1381,7 @@ void hostapd_event_ch_switch(struct host
wpa_msg(hapd->msg_ctx, MSG_INFO, AP_CSA_FINISHED
"freq=%d dfs=%d", freq, is_dfs);
@ -159,7 +159,7 @@ probe/assoc/auth requests via object subscribe.
if (iface->is_no_ir) {
hostapd_set_state(iface, HAPD_IFACE_NO_IR);
@@ -3501,6 +3506,7 @@ void hostapd_interface_deinit_free(struc
@@ -3517,6 +3522,7 @@ void hostapd_interface_deinit_free(struc
(unsigned int) iface->conf->num_bss);
driver = iface->bss[0]->driver;
drv_priv = iface->bss[0]->drv_priv;
@ -195,7 +195,7 @@ probe/assoc/auth requests via object subscribe.
struct hostapd_iface * hostapd_alloc_iface(void);
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -2941,7 +2941,7 @@ static void handle_auth(struct hostapd_d
@@ -3091,7 +3091,7 @@ static void handle_auth(struct hostapd_d
u16 auth_alg, auth_transaction, status_code;
u16 resp = WLAN_STATUS_SUCCESS;
struct sta_info *sta = NULL;
@ -204,7 +204,7 @@ probe/assoc/auth requests via object subscribe.
u16 fc;
const u8 *challenge = NULL;
u8 resp_ies[2 + WLAN_AUTH_CHALLENGE_LEN];
@@ -2952,6 +2952,11 @@ static void handle_auth(struct hostapd_d
@@ -3102,6 +3102,11 @@ static void handle_auth(struct hostapd_d
#ifdef CONFIG_IEEE80211BE
bool mld_sta = false;
#endif /* CONFIG_IEEE80211BE */
@ -216,7 +216,7 @@ probe/assoc/auth requests via object subscribe.
if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) {
wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)",
@@ -3148,6 +3153,13 @@ static void handle_auth(struct hostapd_d
@@ -3298,6 +3303,13 @@ static void handle_auth(struct hostapd_d
resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
goto fail;
}
@ -230,7 +230,7 @@ probe/assoc/auth requests via object subscribe.
if (res == HOSTAPD_ACL_PENDING)
return;
@@ -5477,7 +5489,7 @@ static void handle_assoc(struct hostapd_
@@ -5616,7 +5628,7 @@ static void handle_assoc(struct hostapd_
int resp = WLAN_STATUS_SUCCESS;
u16 reply_res = WLAN_STATUS_UNSPECIFIED_FAILURE;
const u8 *pos;
@ -239,7 +239,7 @@ probe/assoc/auth requests via object subscribe.
struct sta_info *sta;
u8 *tmp = NULL;
#ifdef CONFIG_FILS
@@ -5719,6 +5731,11 @@ static void handle_assoc(struct hostapd_
@@ -5858,6 +5870,11 @@ static void handle_assoc(struct hostapd_
left = res;
}
#endif /* CONFIG_FILS */
@ -251,7 +251,7 @@ probe/assoc/auth requests via object subscribe.
/* followed by SSID and Supported rates; and HT capabilities if 802.11n
* is used */
@@ -5826,6 +5843,13 @@ static void handle_assoc(struct hostapd_
@@ -5965,6 +5982,13 @@ static void handle_assoc(struct hostapd_
if (set_beacon)
ieee802_11_update_beacons(hapd->iface);
@ -265,7 +265,7 @@ probe/assoc/auth requests via object subscribe.
fail:
/*
@@ -6055,6 +6079,7 @@ static void handle_disassoc(struct hosta
@@ -6194,6 +6218,7 @@ static void handle_disassoc(struct hosta
(unsigned long) len);
return;
}
@ -273,7 +273,7 @@ probe/assoc/auth requests via object subscribe.
sta = ap_get_sta(hapd, mgmt->sa);
if (!sta) {
@@ -6086,6 +6111,8 @@ static void handle_deauth(struct hostapd
@@ -6225,6 +6250,8 @@ static void handle_deauth(struct hostapd
/* Clear the PTKSA cache entries for PASN */
ptksa_cache_flush(hapd->ptksa, mgmt->sa, WPA_CIPHER_NONE);
@ -305,7 +305,7 @@ probe/assoc/auth requests via object subscribe.
wpa_printf(MSG_DEBUG, "RRM action %u is not supported",
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
@@ -543,6 +543,7 @@ void ap_handle_timer(void *eloop_ctx, vo
@@ -544,6 +544,7 @@ void ap_handle_timer(void *eloop_ctx, vo
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_INFO, "deauthenticated due to "
"local deauth request");
@ -313,7 +313,7 @@ probe/assoc/auth requests via object subscribe.
ap_free_sta(hapd, sta);
return;
}
@@ -700,6 +701,7 @@ skip_poll:
@@ -701,6 +702,7 @@ skip_poll:
mlme_deauthenticate_indication(
hapd, sta,
WLAN_REASON_PREV_AUTH_NOT_VALID);
@ -321,7 +321,7 @@ probe/assoc/auth requests via object subscribe.
ap_free_sta(hapd, sta);
break;
}
@@ -1588,15 +1590,28 @@ void ap_sta_set_authorized_event(struct
@@ -1589,15 +1591,28 @@ void ap_sta_set_authorized_event(struct
os_snprintf(buf, sizeof(buf), MACSTR, MAC2STR(sta->addr));
if (authorized) {
@ -350,7 +350,7 @@ probe/assoc/auth requests via object subscribe.
#ifdef CONFIG_P2P
if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) {
os_snprintf(ip_addr, sizeof(ip_addr),
@@ -1607,6 +1622,13 @@ void ap_sta_set_authorized_event(struct
@@ -1608,6 +1623,13 @@ void ap_sta_set_authorized_event(struct
}
#endif /* CONFIG_P2P */
@ -364,7 +364,7 @@ probe/assoc/auth requests via object subscribe.
keyid = ap_sta_wpa_get_keyid(hapd, sta);
if (keyid) {
os_snprintf(keyid_buf, sizeof(keyid_buf),
@@ -1625,17 +1647,19 @@ void ap_sta_set_authorized_event(struct
@@ -1626,17 +1648,19 @@ void ap_sta_set_authorized_event(struct
dpp_pkhash, SHA256_MAC_LEN);
}
@ -390,7 +390,7 @@ probe/assoc/auth requests via object subscribe.
hapd->msg_ctx_parent != hapd->msg_ctx)
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
@@ -305,6 +305,7 @@ struct sta_info {
@@ -302,6 +302,7 @@ struct sta_info {
#endif /* CONFIG_TESTING_OPTIONS */
#ifdef CONFIG_AIRTIME_POLICY
unsigned int airtime_weight;
@ -478,7 +478,7 @@ probe/assoc/auth requests via object subscribe.
}
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
@@ -331,6 +331,7 @@ static void hostapd_wpa_auth_psk_failure
@@ -320,6 +320,7 @@ static void hostapd_wpa_auth_psk_failure
struct hostapd_data *hapd = ctx;
wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_POSSIBLE_PSK_MISMATCH MACSTR,
MAC2STR(addr));
@ -650,7 +650,7 @@ probe/assoc/auth requests via object subscribe.
ifdef CONFIG_CODE_COVERAGE
CFLAGS += -O0 -fprofile-arcs -ftest-coverage -U_FORTIFY_SOURCE
LIBS += -lgcov
@@ -1044,6 +1051,9 @@ ifdef CONFIG_CTRL_IFACE_MIB
@@ -1046,6 +1053,9 @@ ifdef CONFIG_CTRL_IFACE_MIB
CFLAGS += -DCONFIG_CTRL_IFACE_MIB
endif
OBJS += ../src/ap/ctrl_iface_ap.o
@ -683,7 +683,7 @@ probe/assoc/auth requests via object subscribe.
break;
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -8195,6 +8195,8 @@ struct wpa_supplicant * wpa_supplicant_a
@@ -8233,6 +8233,8 @@ struct wpa_supplicant * wpa_supplicant_a
}
#endif /* CONFIG_P2P */
@ -692,7 +692,7 @@ probe/assoc/auth requests via object subscribe.
return wpa_s;
}
@@ -8221,6 +8223,8 @@ int wpa_supplicant_remove_iface(struct w
@@ -8259,6 +8261,8 @@ int wpa_supplicant_remove_iface(struct w
struct wpa_supplicant *parent = wpa_s->parent;
#endif /* CONFIG_MESH */
@ -701,7 +701,7 @@ probe/assoc/auth requests via object subscribe.
/* Remove interface from the global list of interfaces */
prev = global->ifaces;
if (prev == wpa_s) {
@@ -8567,8 +8571,12 @@ int wpa_supplicant_run(struct wpa_global
@@ -8605,8 +8609,12 @@ int wpa_supplicant_run(struct wpa_global
eloop_register_signal_terminate(wpa_supplicant_terminate, global);
eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
@ -733,7 +733,7 @@ probe/assoc/auth requests via object subscribe.
};
@@ -705,6 +708,7 @@ struct wpa_supplicant {
@@ -696,6 +699,7 @@ struct wpa_supplicant {
unsigned char own_addr[ETH_ALEN];
unsigned char perm_addr[ETH_ALEN];
char ifname[100];

86
package/network/services/hostapd/patches/601-ucode_support.patch
View file

@ -34,7 +34,7 @@ as adding/removing interfaces.
ifdef CONFIG_CODE_COVERAGE
--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
@@ -6031,6 +6031,7 @@ try_again:
@@ -6004,6 +6004,7 @@ try_again:
return -1;
}
@ -42,7 +42,7 @@ as adding/removing interfaces.
wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
return 0;
@@ -6132,6 +6133,7 @@ fail:
@@ -6105,6 +6106,7 @@ fail:
os_free(fname);
interface->global_ctrl_sock = s;
@ -157,7 +157,7 @@ as adding/removing interfaces.
{
#ifdef CONFIG_OWE
/* Check whether the enabled BSS can complete OWE transition mode
@@ -2975,7 +2981,7 @@ hostapd_alloc_bss_data(struct hostapd_if
@@ -2976,7 +2982,7 @@ hostapd_alloc_bss_data(struct hostapd_if
}
@ -166,7 +166,7 @@ as adding/removing interfaces.
{
if (!hapd)
return;
@@ -4035,7 +4041,8 @@ int hostapd_remove_iface(struct hapd_int
@@ -4051,7 +4057,8 @@ int hostapd_remove_iface(struct hapd_int
hapd_iface = interfaces->iface[i];
if (hapd_iface == NULL)
return -1;
@ -232,7 +232,7 @@ as adding/removing interfaces.
void hostapd_switch_color(struct hostapd_data *hapd, u64 bitmap);
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -4003,6 +4003,25 @@ struct wpa_driver_ops {
@@ -4036,6 +4036,25 @@ struct wpa_driver_ops {
const char *ifname);
/**
@ -258,7 +258,7 @@ as adding/removing interfaces.
* set_sta_vlan - Bind a station into a specific interface (AP only)
* @priv: Private driver interface data
* @ifname: Interface (main or virtual BSS or VLAN)
@@ -6818,6 +6837,7 @@ union wpa_event_data {
@@ -6851,6 +6870,7 @@ union wpa_event_data {
/**
* struct ch_switch
@ -266,7 +266,7 @@ as adding/removing interfaces.
* @freq: Frequency of new channel in MHz
* @ht_enabled: Whether this is an HT channel
* @ch_offset: Secondary channel offset
@@ -6828,6 +6848,7 @@ union wpa_event_data {
@@ -6861,6 +6881,7 @@ union wpa_event_data {
* @punct_bitmap: Puncturing bitmap
*/
struct ch_switch {
@ -314,7 +314,7 @@ as adding/removing interfaces.
err.err = -ENOMEM;
s_nl_cb = nl_socket_get_cb(nl_handle);
@@ -546,6 +563,7 @@ int send_and_recv_glb(struct nl80211_glo
@@ -552,6 +569,7 @@ int send_and_recv_glb(struct nl80211_glo
err.err_info = err_info;
err.drv = drv;
@ -322,7 +322,7 @@ as adding/removing interfaces.
nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err.err);
if (ack_handler_custom) {
@@ -949,6 +967,7 @@ nl80211_get_wiphy_data_ap(struct i802_bs
@@ -955,6 +973,7 @@ nl80211_get_wiphy_data_ap(struct i802_bs
os_free(w);
return NULL;
}
@ -330,7 +330,7 @@ as adding/removing interfaces.
nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
no_seq_check, NULL);
nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
@@ -1364,7 +1383,7 @@ static void wpa_driver_nl80211_event_rtm
@@ -1370,7 +1389,7 @@ static void wpa_driver_nl80211_event_rtm
}
wpa_printf(MSG_DEBUG, "nl80211: Interface down (%s/%s)",
namebuf, ifname);
@ -339,7 +339,7 @@ as adding/removing interfaces.
wpa_printf(MSG_DEBUG,
"nl80211: Not the main interface (%s) - do not indicate interface down",
drv->first_bss->ifname);
@@ -1400,7 +1419,7 @@ static void wpa_driver_nl80211_event_rtm
@@ -1406,7 +1425,7 @@ static void wpa_driver_nl80211_event_rtm
}
wpa_printf(MSG_DEBUG, "nl80211: Interface up (%s/%s)",
namebuf, ifname);
@ -348,7 +348,7 @@ as adding/removing interfaces.
wpa_printf(MSG_DEBUG,
"nl80211: Not the main interface (%s) - do not indicate interface up",
drv->first_bss->ifname);
@@ -2046,6 +2065,7 @@ static int wpa_driver_nl80211_init_nl_gl
@@ -2052,6 +2071,7 @@ static int wpa_driver_nl80211_init_nl_gl
genl_family_put(family);
nl_cache_free(cache);
@ -356,7 +356,7 @@ as adding/removing interfaces.
nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
no_seq_check, NULL);
nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
@@ -2216,6 +2236,7 @@ static int nl80211_init_bss(struct i802_
@@ -2222,6 +2242,7 @@ static int nl80211_init_bss(struct i802_
if (!bss->nl_cb)
return -1;
@ -364,7 +364,7 @@ as adding/removing interfaces.
nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
no_seq_check, NULL);
nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
@@ -8844,6 +8865,7 @@ static void *i802_init(struct hostapd_da
@@ -8763,6 +8784,7 @@ static void *i802_init(struct hostapd_da
char master_ifname[IFNAMSIZ];
int ifindex, br_ifindex = 0;
int br_added = 0;
@ -372,7 +372,7 @@ as adding/removing interfaces.
bss = wpa_driver_nl80211_drv_init(hapd, params->ifname,
params->global_priv, 1,
@@ -8904,21 +8926,17 @@ static void *i802_init(struct hostapd_da
@@ -8823,21 +8845,17 @@ static void *i802_init(struct hostapd_da
(params->num_bridge == 0 || !params->bridge[0]))
add_ifidx(drv, br_ifindex, drv->ifindex);
@ -404,7 +404,7 @@ as adding/removing interfaces.
}
if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) {
@@ -9287,6 +9305,50 @@ static int wpa_driver_nl80211_if_remove(
@@ -9210,6 +9228,50 @@ static int wpa_driver_nl80211_if_remove(
return 0;
}
@ -455,7 +455,7 @@ as adding/removing interfaces.
static int cookie_handler(struct nl_msg *msg, void *arg)
{
@@ -11150,6 +11212,37 @@ static bool nl80211_is_drv_shared(void *
@@ -11088,6 +11150,37 @@ static bool nl80211_is_drv_shared(void *
#endif /* CONFIG_IEEE80211BE */
@ -493,7 +493,7 @@ as adding/removing interfaces.
static int driver_nl80211_send_mlme(void *priv, const u8 *data,
size_t data_len, int noack,
unsigned int freq,
@@ -14874,6 +14967,8 @@ const struct wpa_driver_ops wpa_driver_n
@@ -14813,6 +14906,8 @@ const struct wpa_driver_ops wpa_driver_n
.set_acl = wpa_driver_nl80211_set_acl,
.if_add = wpa_driver_nl80211_if_add,
.if_remove = driver_nl80211_if_remove,
@ -504,7 +504,7 @@ as adding/removing interfaces.
.sta_add = wpa_driver_nl80211_sta_add,
--- a/src/drivers/driver_nl80211_event.c
+++ b/src/drivers/driver_nl80211_event.c
@@ -1199,6 +1199,7 @@ static void mlme_event_ch_switch(struct
@@ -1213,6 +1213,7 @@ static void mlme_event_ch_switch(struct
struct nlattr *bw, struct nlattr *cf1,
struct nlattr *cf2,
struct nlattr *punct_bitmap,
@ -512,7 +512,7 @@ as adding/removing interfaces.
int finished)
{
struct i802_bss *bss;
@@ -1262,6 +1263,8 @@ static void mlme_event_ch_switch(struct
@@ -1278,6 +1279,8 @@ static void mlme_event_ch_switch(struct
data.ch_switch.cf1 = nla_get_u32(cf1);
if (cf2)
data.ch_switch.cf2 = nla_get_u32(cf2);
@ -521,7 +521,7 @@ as adding/removing interfaces.
if (link) {
data.ch_switch.link_id = nla_get_u8(link);
@@ -4114,6 +4117,7 @@ static void do_process_drv_event(struct
@@ -4129,6 +4132,7 @@ static void do_process_drv_event(struct
tb[NL80211_ATTR_CENTER_FREQ1],
tb[NL80211_ATTR_CENTER_FREQ2],
tb[NL80211_ATTR_PUNCT_BITMAP],
@ -529,7 +529,7 @@ as adding/removing interfaces.
0);
break;
case NL80211_CMD_CH_SWITCH_NOTIFY:
@@ -4126,6 +4130,7 @@ static void do_process_drv_event(struct
@@ -4141,6 +4145,7 @@ static void do_process_drv_event(struct
tb[NL80211_ATTR_CENTER_FREQ1],
tb[NL80211_ATTR_CENTER_FREQ2],
tb[NL80211_ATTR_PUNCT_BITMAP],
@ -610,7 +610,7 @@ as adding/removing interfaces.
endif
ifdef CONFIG_CODE_COVERAGE
@@ -1054,6 +1066,9 @@ OBJS += ../src/ap/ctrl_iface_ap.o
@@ -1056,6 +1068,9 @@ OBJS += ../src/ap/ctrl_iface_ap.o
ifdef CONFIG_UBUS
OBJS += ../src/ap/ubus.o
endif
@ -622,7 +622,7 @@ as adding/removing interfaces.
CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -6206,6 +6206,7 @@ void supplicant_event(void *ctx, enum wp
@@ -6211,6 +6211,7 @@ void supplicant_event(void *ctx, enum wp
event_to_string(event), event);
#endif /* CONFIG_NO_STDOUT_DEBUG */
@ -632,7 +632,7 @@ as adding/removing interfaces.
#ifdef CONFIG_FST
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -1256,6 +1256,7 @@ void wpa_supplicant_set_state(struct wpa
@@ -1271,6 +1271,7 @@ void wpa_supplicant_set_state(struct wpa
sme_sched_obss_scan(wpa_s, 0);
}
wpa_s->wpa_state = state;
@ -640,7 +640,7 @@ as adding/removing interfaces.
#ifdef CONFIG_BGSCAN
if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid)
@@ -8196,6 +8197,7 @@ struct wpa_supplicant * wpa_supplicant_a
@@ -8234,6 +8235,7 @@ struct wpa_supplicant * wpa_supplicant_a
#endif /* CONFIG_P2P */
wpas_ubus_add_bss(wpa_s);
@ -648,7 +648,7 @@ as adding/removing interfaces.
return wpa_s;
}
@@ -8223,6 +8225,7 @@ int wpa_supplicant_remove_iface(struct w
@@ -8261,6 +8263,7 @@ int wpa_supplicant_remove_iface(struct w
struct wpa_supplicant *parent = wpa_s->parent;
#endif /* CONFIG_MESH */
@ -656,7 +656,7 @@ as adding/removing interfaces.
wpas_ubus_free_bss(wpa_s);
/* Remove interface from the global list of interfaces */
@@ -8533,6 +8536,7 @@ struct wpa_global * wpa_supplicant_init(
@@ -8571,6 +8574,7 @@ struct wpa_global * wpa_supplicant_init(
eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
wpas_periodic, global, NULL);
@ -664,7 +664,7 @@ as adding/removing interfaces.
return global;
}
@@ -8571,12 +8575,8 @@ int wpa_supplicant_run(struct wpa_global
@@ -8609,12 +8613,8 @@ int wpa_supplicant_run(struct wpa_global
eloop_register_signal_terminate(wpa_supplicant_terminate, global);
eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
@ -677,7 +677,7 @@ as adding/removing interfaces.
return 0;
}
@@ -8609,6 +8609,8 @@ void wpa_supplicant_deinit(struct wpa_gl
@@ -8647,6 +8647,8 @@ void wpa_supplicant_deinit(struct wpa_gl
wpas_notify_supplicant_deinitialized(global);
@ -696,7 +696,7 @@ as adding/removing interfaces.
extern const char *const wpa_supplicant_version;
extern const char *const wpa_supplicant_license;
@@ -709,6 +710,7 @@ struct wpa_supplicant {
@@ -700,6 +701,7 @@ struct wpa_supplicant {
unsigned char perm_addr[ETH_ALEN];
char ifname[100];
struct wpas_ubus_bss ubus;
@ -706,7 +706,7 @@ as adding/removing interfaces.
#endif /* CONFIG_MATCH_IFACE */
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -555,12 +555,17 @@ const char * sae_get_password(struct hos
@@ -631,12 +631,17 @@ const char * sae_get_password(struct hos
struct sae_pt **s_pt,
const struct sae_pk **s_pk)
{
@ -722,10 +722,10 @@ as adding/removing interfaces.
+ if (sta && sta->use_sta_psk)
+ goto use_sta_psk;
+
for (pw = hapd->conf->sae_passwords; pw; pw = pw->next) {
if (!is_broadcast_ether_addr(pw->peer_addr) &&
(!sta ||
@@ -582,12 +587,30 @@ const char * sae_get_password(struct hos
/* With sae_track_password functionality enabled, try to first find the
* next viable wildcard-address password if a password identifier was
* not used. Select an wildcard-addr entry if the STA is known to have
@@ -697,12 +702,30 @@ const char * sae_get_password(struct hos
pt = hapd->conf->ssid.pt;
}
@ -758,7 +758,7 @@ as adding/removing interfaces.
}
}
@@ -3273,6 +3296,12 @@ static void handle_auth(struct hostapd_d
@@ -3429,6 +3452,12 @@ static void handle_auth(struct hostapd_d
goto fail;
}
@ -773,7 +773,7 @@ as adding/removing interfaces.
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
@@ -475,6 +475,11 @@ void ap_free_sta(struct hostapd_data *ha
@@ -476,6 +476,11 @@ void ap_free_sta(struct hostapd_data *ha
forced_memzero(sta->last_tk, WPA_TK_MAX_LEN);
#endif /* CONFIG_TESTING_OPTIONS */
@ -785,7 +785,7 @@ as adding/removing interfaces.
os_free(sta);
}
@@ -1574,6 +1579,8 @@ void ap_sta_set_authorized_event(struct
@@ -1575,6 +1580,8 @@ void ap_sta_set_authorized_event(struct
#endif /* CONFIG_P2P */
const u8 *ip_ptr = NULL;
@ -796,7 +796,7 @@ as adding/removing interfaces.
if (sta->p2p_ie != NULL &&
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
@@ -181,6 +181,9 @@ struct sta_info {
@@ -180,6 +180,9 @@ struct sta_info {
int vlan_id_bound; /* updated by ap_sta_bind_vlan() */
/* PSKs from RADIUS authentication server */
struct hostapd_sta_wpa_psk_short *psk;
@ -808,7 +808,7 @@ as adding/removing interfaces.
char *radius_cui; /* Chargeable-User-Identity from RADIUS */
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
@@ -403,6 +403,7 @@ static const u8 * hostapd_wpa_auth_get_p
@@ -392,6 +392,7 @@ static const u8 * hostapd_wpa_auth_get_p
struct sta_info *sta = ap_get_sta(hapd, addr);
const u8 *psk;
@ -816,7 +816,7 @@ as adding/removing interfaces.
if (vlan_id)
*vlan_id = 0;
if (psk_len)
@@ -449,13 +450,18 @@ static const u8 * hostapd_wpa_auth_get_p
@@ -438,13 +439,18 @@ static const u8 * hostapd_wpa_auth_get_p
* returned psk which should not be returned again.
* logic list (all hostapd_get_psk; all sta->psk)
*/
@ -836,7 +836,7 @@ as adding/removing interfaces.
if (pos->is_passphrase) {
if (pbkdf2_sha1(pos->passphrase,
hapd->conf->ssid.ssid,
@@ -469,9 +475,13 @@ static const u8 * hostapd_wpa_auth_get_p
@@ -458,9 +464,13 @@ static const u8 * hostapd_wpa_auth_get_p
}
if (pos->psk == prev_psk) {
psk = pos->next ? pos->next->psk : NULL;

2
package/network/services/hostapd/patches/701-reload_config_inline.patch
View file

@ -8,7 +8,7 @@ as adding/removing interfaces.
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -5223,7 +5223,12 @@ struct hostapd_config * hostapd_config_r
@@ -4981,7 +4981,12 @@ struct hostapd_config * hostapd_config_r
int errors = 0;
size_t i;

4
package/network/services/hostapd/patches/710-vlan_no_bridge.patch
View file

@ -8,7 +8,7 @@ was provided by the config
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -3644,6 +3644,8 @@ static int hostapd_config_fill(struct ho
@@ -3415,6 +3415,8 @@ static int hostapd_config_fill(struct ho
#ifndef CONFIG_NO_VLAN
} else if (os_strcmp(buf, "dynamic_vlan") == 0) {
bss->ssid.dynamic_vlan = atoi(pos);
@ -19,7 +19,7 @@ was provided by the config
} else if (os_strcmp(buf, "vlan_file") == 0) {
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -121,6 +121,7 @@ struct hostapd_ssid {
@@ -120,6 +120,7 @@ struct hostapd_ssid {
#define DYNAMIC_VLAN_OPTIONAL 1
#define DYNAMIC_VLAN_REQUIRED 2
int dynamic_vlan;

4
package/network/services/hostapd/patches/711-wds_bridge_force.patch
View file

@ -11,7 +11,7 @@ instead rely entirely on netifd handling this properly
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -2472,6 +2472,8 @@ static int hostapd_config_fill(struct ho
@@ -2241,6 +2241,8 @@ static int hostapd_config_fill(struct ho
sizeof(conf->bss[0]->iface));
} else if (os_strcmp(buf, "bridge") == 0) {
os_strlcpy(bss->bridge, pos, sizeof(bss->bridge));
@ -22,7 +22,7 @@ instead rely entirely on netifd handling this properly
} else if (os_strcmp(buf, "vlan_bridge") == 0) {
--- a/src/ap/ap_drv_ops.c
+++ b/src/ap/ap_drv_ops.c
@@ -394,8 +394,6 @@ int hostapd_set_wds_sta(struct hostapd_d
@@ -390,8 +390,6 @@ int hostapd_set_wds_sta(struct hostapd_d
return -1;
if (hapd->conf->wds_bridge[0])
bridge = hapd->conf->wds_bridge;

6
package/network/services/hostapd/patches/720-iface_max_num_sta.patch
View file

@ -8,7 +8,7 @@ full device, e.g. in order to deal with hardware/driver limitations
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -3088,6 +3088,14 @@ static int hostapd_config_fill(struct ho
@@ -2857,6 +2857,14 @@ static int hostapd_config_fill(struct ho
line, bss->max_num_sta, MAX_STA_COUNT);
return 1;
}
@ -25,7 +25,7 @@ full device, e.g. in order to deal with hardware/driver limitations
} else if (os_strcmp(buf, "extended_key_id") == 0) {
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -1089,6 +1089,8 @@ struct hostapd_config {
@@ -1069,6 +1069,8 @@ struct hostapd_config {
unsigned int track_sta_max_num;
unsigned int track_sta_max_age;
@ -36,7 +36,7 @@ full device, e.g. in order to deal with hardware/driver limitations
* ' ' (ascii 32): all environments
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
@@ -1653,7 +1653,7 @@ void handle_probe_req(struct hostapd_dat
@@ -1654,7 +1654,7 @@ void handle_probe_req(struct hostapd_dat
if (hapd->conf->no_probe_resp_if_max_sta &&
is_multicast_ether_addr(mgmt->da) &&
is_multicast_ether_addr(mgmt->bssid) &&

6
package/network/services/hostapd/patches/730-ft_iface.patch
View file

@ -8,7 +8,7 @@ a VLAN interface on top of the bridge, instead of using the bridge directly
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -3285,6 +3285,8 @@ static int hostapd_config_fill(struct ho
@@ -3054,6 +3054,8 @@ static int hostapd_config_fill(struct ho
wpa_printf(MSG_INFO,
"Line %d: Obsolete peerkey parameter ignored", line);
#ifdef CONFIG_IEEE80211R_AP
@ -19,7 +19,7 @@ a VLAN interface on top of the bridge, instead of using the bridge directly
hexstr2bin(pos, bss->mobility_domain,
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -283,6 +283,7 @@ struct airtime_sta_weight {
@@ -285,6 +285,7 @@ struct airtime_sta_weight {
struct hostapd_bss_config {
char iface[IFNAMSIZ + 1];
char bridge[IFNAMSIZ + 1];
@ -29,7 +29,7 @@ a VLAN interface on top of the bridge, instead of using the bridge directly
int bridge_hairpin; /* hairpin_mode on bridge members */
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
@@ -1829,8 +1829,12 @@ int hostapd_setup_wpa(struct hostapd_dat
@@ -1834,8 +1834,12 @@ int hostapd_setup_wpa(struct hostapd_dat
wpa_key_mgmt_ft(hapd->conf->wpa_key_mgmt)) {
const char *ft_iface;

10
package/network/services/hostapd/patches/740-snoop_iface.patch
View file

@ -8,7 +8,7 @@ untagged DHCP packets
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -2476,6 +2476,8 @@ static int hostapd_config_fill(struct ho
@@ -2245,6 +2245,8 @@ static int hostapd_config_fill(struct ho
os_strlcpy(bss->wds_bridge, pos, sizeof(bss->wds_bridge));
} else if (os_strcmp(buf, "bridge_hairpin") == 0) {
bss->bridge_hairpin = atoi(pos);
@ -19,7 +19,7 @@ untagged DHCP packets
} else if (os_strcmp(buf, "wds_bridge") == 0) {
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -284,6 +284,7 @@ struct hostapd_bss_config {
@@ -286,6 +286,7 @@ struct hostapd_bss_config {
char iface[IFNAMSIZ + 1];
char bridge[IFNAMSIZ + 1];
char ft_iface[IFNAMSIZ + 1];
@ -112,7 +112,7 @@ untagged DHCP packets
hapd->x_snoop_initialized = false;
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -4429,7 +4429,7 @@ struct wpa_driver_ops {
@@ -4462,7 +4462,7 @@ struct wpa_driver_ops {
* Returns: 0 on success, negative (<0) on failure
*/
int (*br_set_net_param)(void *priv, enum drv_br_net_param param,
@ -123,7 +123,7 @@ untagged DHCP packets
* get_wowlan - Get wake-on-wireless status
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -12853,7 +12853,7 @@ static const char * drv_br_net_param_str
@@ -12789,7 +12789,7 @@ static const char * drv_br_net_param_str
static int wpa_driver_br_set_net_param(void *priv, enum drv_br_net_param param,
@ -132,7 +132,7 @@ untagged DHCP packets
{
struct i802_bss *bss = priv;
char path[128];
@@ -12879,8 +12879,11 @@ static int wpa_driver_br_set_net_param(v
@@ -12815,8 +12815,11 @@ static int wpa_driver_br_set_net_param(v
return -EINVAL;
}

12
package/network/services/hostapd/patches/760-dynamic_own_ip.patch
View file

@ -7,7 +7,7 @@ Some servers use the NAS-IP-Address attribute as a destination address
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -2863,6 +2863,8 @@ static int hostapd_config_fill(struct ho
@@ -2632,6 +2632,8 @@ static int hostapd_config_fill(struct ho
} else if (os_strcmp(buf, "iapp_interface") == 0) {
wpa_printf(MSG_INFO, "DEPRECATED: iapp_interface not used");
#endif /* CONFIG_IAPP */
@ -18,7 +18,7 @@ Some servers use the NAS-IP-Address attribute as a destination address
wpa_printf(MSG_ERROR,
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -310,6 +310,7 @@ struct hostapd_bss_config {
@@ -312,6 +312,7 @@ struct hostapd_bss_config {
unsigned int eap_sim_db_timeout;
int eap_server_erp; /* Whether ERP is enabled on internal EAP server */
struct hostapd_ip_addr own_ip_addr;
@ -28,7 +28,7 @@ Some servers use the NAS-IP-Address attribute as a destination address
int radius_require_message_authenticator;
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
@@ -598,6 +598,10 @@ int add_common_radius_attr(struct hostap
@@ -597,6 +597,10 @@ int add_common_radius_attr(struct hostap
struct hostapd_radius_attr *attr;
int len;
@ -50,7 +50,7 @@ Some servers use the NAS-IP-Address attribute as a destination address
/**
* conf - RADIUS client configuration (list of RADIUS servers to use)
*/
@@ -819,6 +821,30 @@ static void radius_close_acct_socket(str
@@ -822,6 +824,30 @@ static void radius_close_acct_socket(str
/**
@ -81,7 +81,7 @@ Some servers use the NAS-IP-Address attribute as a destination address
* radius_client_send - Send a RADIUS request
* @radius: RADIUS client context from radius_client_init()
* @msg: RADIUS message to be sent
@@ -1714,6 +1740,10 @@ radius_change_server(struct radius_clien
@@ -1733,6 +1759,10 @@ radius_change_server(struct radius_clien
wpa_printf(MSG_DEBUG, "RADIUS local address: %s:%u",
inet_ntoa(claddr.sin_addr),
ntohs(claddr.sin_port));
@ -92,7 +92,7 @@ Some servers use the NAS-IP-Address attribute as a destination address
}
break;
#ifdef CONFIG_IPV6
@@ -1725,6 +1755,10 @@ radius_change_server(struct radius_clien
@@ -1744,6 +1774,10 @@ radius_change_server(struct radius_clien
inet_ntop(AF_INET6, &claddr6.sin6_addr,
abuf, sizeof(abuf)),
ntohs(claddr6.sin6_port));

2
package/network/services/hostapd/patches/762-AP-don-t-ignore-probe-requests-with-invalid-DSSS-par.patch
View file

@ -28,7 +28,7 @@ Signed-off-by: David Bauer <mail@david-bauer.net>
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
@@ -1496,7 +1496,7 @@ void handle_probe_req(struct hostapd_dat
@@ -1497,7 +1497,7 @@ void handle_probe_req(struct hostapd_dat
* is less likely to see them (Probe Request frame sent on a
* neighboring, but partially overlapping, channel).
*/

10
package/network/services/hostapd/patches/763-radius-wispr.patch
View file

@ -1,6 +1,6 @@
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
@@ -2033,6 +2033,25 @@ static int ieee802_1x_update_vlan(struct
@@ -2000,6 +2000,25 @@ static int ieee802_1x_update_vlan(struct
}
#endif /* CONFIG_NO_VLAN */
@ -26,7 +26,7 @@
/**
* ieee802_1x_receive_auth - Process RADIUS frames from Authentication Server
@@ -2149,6 +2168,7 @@ ieee802_1x_receive_auth(struct radius_ms
@@ -2116,6 +2135,7 @@ ieee802_1x_receive_auth(struct radius_ms
ieee802_1x_check_hs20(hapd, sta, msg,
session_timeout_set ?
(int) session_timeout : -1);
@ -46,7 +46,7 @@
enum mesh_plink_state plink_state;
--- a/src/radius/radius.c
+++ b/src/radius/radius.c
@@ -1339,6 +1339,35 @@ radius_msg_get_cisco_keys(struct radius_
@@ -1377,6 +1377,35 @@ radius_msg_get_cisco_keys(struct radius_
return keys;
}
@ -84,7 +84,7 @@
const u8 *req_authenticator,
--- a/src/radius/radius.h
+++ b/src/radius/radius.h
@@ -233,6 +233,10 @@ enum {
@@ -232,6 +232,10 @@ enum {
RADIUS_VENDOR_ATTR_WFA_HS20_T_C_URL = 10,
};
@ -95,7 +95,7 @@
#ifdef _MSC_VER
#pragma pack(pop)
#endif /* _MSC_VER */
@@ -306,6 +310,7 @@ radius_msg_get_ms_keys(struct radius_msg
@@ -304,6 +308,7 @@ radius_msg_get_ms_keys(struct radius_msg
struct radius_ms_mppe_keys *
radius_msg_get_cisco_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
const u8 *secret, size_t secret_len);

16
package/network/services/hostapd/patches/770-radius_server.patch
View file

@ -56,7 +56,7 @@ handle reload.
/**
* struct radius_session - Internal RADIUS server data for a session
*/
@@ -90,7 +96,7 @@ struct radius_session {
@@ -89,7 +95,7 @@ struct radius_session {
unsigned int macacl:1;
unsigned int t_c_filtering:1;
@ -65,7 +65,7 @@ handle reload.
u32 t_c_timestamp; /* Last read T&C timestamp from user DB */
};
@@ -394,6 +400,7 @@ static void radius_server_session_free(s
@@ -373,6 +379,7 @@ static void radius_server_session_free(s
radius_msg_free(sess->last_reply);
os_free(sess->username);
os_free(sess->nas_ip);
@ -73,7 +73,7 @@ handle reload.
os_free(sess);
data->num_sess--;
}
@@ -554,6 +561,36 @@ radius_server_erp_find_key(struct radius
@@ -533,6 +540,36 @@ radius_server_erp_find_key(struct radius
}
#endif /* CONFIG_ERP */
@ -110,7 +110,7 @@ handle reload.
static struct radius_session *
radius_server_get_new_session(struct radius_server_data *data,
@@ -607,7 +644,7 @@ radius_server_get_new_session(struct rad
@@ -586,7 +623,7 @@ radius_server_get_new_session(struct rad
eap_user_free(tmp);
return NULL;
}
@ -119,7 +119,7 @@ handle reload.
sess->macacl = tmp->macacl;
eap_user_free(tmp);
@@ -1123,11 +1160,10 @@ radius_server_encapsulate_eap(struct rad
@@ -923,11 +960,10 @@ radius_server_encapsulate_eap(struct rad
}
if (code == RADIUS_CODE_ACCESS_ACCEPT) {
@ -135,7 +135,7 @@ handle reload.
wpa_printf(MSG_ERROR, "Could not add RADIUS attribute");
radius_msg_free(msg);
return NULL;
@@ -1221,11 +1257,10 @@ radius_server_macacl(struct radius_serve
@@ -1023,11 +1059,10 @@ radius_server_macacl(struct radius_serve
}
if (code == RADIUS_CODE_ACCESS_ACCEPT) {
@ -151,12 +151,12 @@ handle reload.
wpa_printf(MSG_ERROR, "Could not add RADIUS attribute");
radius_msg_free(msg);
return NULL;
@@ -2527,7 +2562,7 @@ static int radius_server_get_eap_user(vo
@@ -2335,7 +2370,7 @@ static int radius_server_get_eap_user(vo
ret = data->get_eap_user(data->conf_ctx, identity, identity_len,
phase2, user);
if (ret == 0 && user) {
- sess->accept_attr = user->accept_attr;
+ sess->accept_attr = radius_server_copy_attr(user->accept_attr);
sess->remediation = user->remediation;
sess->macacl = user->macacl;
sess->t_c_timestamp = user->t_c_timestamp;
}

18
package/network/services/hostapd/patches/780-Implement-APuP-Access-Point-Micro-Peering.patch
View file

@ -53,7 +53,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -5216,6 +5216,15 @@ static int hostapd_config_fill(struct ho
@@ -4974,6 +4974,15 @@ static int hostapd_config_fill(struct ho
bss->mld_indicate_disabled = atoi(pos);
#endif /* CONFIG_TESTING_OPTIONS */
#endif /* CONFIG_IEEE80211BE */
@ -71,7 +71,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
"Line %d: unknown configuration item '%s'",
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -1002,6 +1002,35 @@ struct hostapd_bss_config {
@@ -982,6 +982,35 @@ struct hostapd_bss_config {
int mbssid_index;
bool spp_amsdu;
@ -109,7 +109,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
/**
--- a/src/ap/ap_drv_ops.c
+++ b/src/ap/ap_drv_ops.c
@@ -389,13 +389,39 @@ int hostapd_set_wds_sta(struct hostapd_d
@@ -385,13 +385,39 @@ int hostapd_set_wds_sta(struct hostapd_d
const u8 *addr, int aid, int val)
{
const char *bridge = NULL;
@ -373,7 +373,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
#ifdef CONFIG_FILS
static struct wpabuf *
@@ -3664,8 +3667,8 @@ static u16 check_multi_ap(struct hostapd
@@ -3820,8 +3823,8 @@ static u16 check_multi_ap(struct hostapd
}
@ -384,7 +384,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
{
/* Supported rates not used in IEEE 802.11ad/DMG */
if (hapd->iface->current_mode &&
@@ -4105,7 +4108,7 @@ static int __check_assoc_ies(struct host
@@ -4263,7 +4266,7 @@ static int __check_assoc_ies(struct host
elems->ext_capab_len);
if (resp != WLAN_STATUS_SUCCESS)
return resp;
@ -393,7 +393,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
if (resp != WLAN_STATUS_SUCCESS)
return resp;
@@ -6175,6 +6178,11 @@ static void handle_beacon(struct hostapd
@@ -6314,6 +6317,11 @@ static void handle_beacon(struct hostapd
0);
ap_list_process_beacon(hapd->iface, mgmt, &elems, fi);
@ -407,7 +407,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
--- a/src/ap/ieee802_11.h
+++ b/src/ap/ieee802_11.h
@@ -108,6 +108,8 @@ int hostapd_process_ml_assoc_req_addr(st
@@ -114,6 +114,8 @@ int hostapd_process_ml_assoc_req_addr(st
const u8 *basic_mle, size_t basic_mle_len,
u8 *mld_addr);
int hostapd_get_aid(struct hostapd_data *hapd, struct sta_info *sta);
@ -418,7 +418,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
u16 copy_sta_vendor_vht(struct hostapd_data *hapd, struct sta_info *sta,
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -4123,7 +4123,7 @@ struct wpa_driver_ops {
@@ -4156,7 +4156,7 @@ struct wpa_driver_ops {
* Returns: 0 on success, -1 on failure
*/
int (*set_wds_sta)(void *priv, const u8 *addr, int aid, int val,
@ -429,7 +429,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
* send_action - Transmit an Action frame
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -8699,25 +8699,15 @@ static int have_ifidx(struct wpa_driver_
@@ -8615,25 +8615,15 @@ static int have_ifidx(struct wpa_driver_
static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val,

4
package/network/services/hostapd/patches/803-hostapd-fix-80211be-build.patch
View file

@ -1,6 +1,6 @@
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
@@ -1970,3 +1970,22 @@ void ap_sta_free_sta_profile(struct mld_
@@ -1971,3 +1971,22 @@ void ap_sta_free_sta_profile(struct mld_
}
}
#endif /* CONFIG_IEEE80211BE */
@ -25,7 +25,7 @@
+
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
@@ -414,23 +414,8 @@ int ap_sta_re_add(struct hostapd_data *h
@@ -411,23 +411,8 @@ int ap_sta_re_add(struct hostapd_data *h
void ap_free_sta_pasn(struct hostapd_data *hapd, struct sta_info *sta);