From 70505e0e517f6d0a5c6dc8c842f44be8d2d138a2 Mon Sep 17 00:00:00 2001 From: Agustin Lorenzo Date: Sun, 6 Apr 2025 21:44:21 +0200 Subject: [PATCH] hostapd: update to version 2025-05-23 Manually refreshed: 301-mesh-noscan.patch 601-ucode_support.patch 770-radius_server.patch Automatically rebased all other patches. Signed-off-by: Agustin Lorenzo Link: https://github.com/openwrt/openwrt/pull/18426 Signed-off-by: Robert Marko --- package/network/services/hostapd/Makefile | 6 +- ...hannels-to-be-selected-if-dfs-is-ena.patch | 83 +++++++++--------- ...erministic-channel-on-channel-switch.patch | 2 +- ...ix-sta-add-after-previous-connection.patch | 4 +- .../patches/050-Fix-OpenWrt-13156.patch | 6 +- ...-extra-ies-only-if-allowed-by-driver.patch | 4 +- ...edtls-TLS-crypto-option-initial-port.patch | 18 ++-- .../patches/120-mbedtls-fips186_2_prf.patch | 2 +- ...efile-make-run-tests-with-CONFIG_TLS.patch | 54 ++++++------ ...hecks-encountered-during-tests-hwsim.patch | 2 +- ...tapd-update-cfs0-and-cfs1-for-160MHz.patch | 10 +-- .../hostapd/patches/200-multicall.patch | 30 +++---- .../patches/201-lto-jobserver-support.patch | 2 +- ..._AP-functions-dependant-on-CONFIG_AP.patch | 4 +- ...ion-of-WLAN_SUPP_RATES_MAX-to-defs.h.patch | 2 +- .../patches/252-disable_ctrl_iface_mib.patch | 28 +++--- .../services/hostapd/patches/300-noscan.patch | 4 +- .../hostapd/patches/301-mesh-noscan.patch | 30 +++---- .../patches/310-rescan_immediately.patch | 2 +- .../patches/350-nl80211_del_beacon_bss.patch | 4 +- ...dd-new-config-params-to-be-used-with.patch | 8 +- .../patches/463-add-mcast_rate-to-11s.patch | 8 +- .../patches/464-fix-mesh-obss-check.patch | 2 +- ...tapd-config-support-random-BSS-color.patch | 2 +- .../hostapd/patches/600-ubus_support.patch | 52 +++++------ .../hostapd/patches/601-ucode_support.patch | 86 +++++++++---------- .../patches/701-reload_config_inline.patch | 2 +- .../hostapd/patches/710-vlan_no_bridge.patch | 4 +- .../patches/711-wds_bridge_force.patch | 4 +- .../patches/720-iface_max_num_sta.patch | 6 +- .../hostapd/patches/730-ft_iface.patch | 6 +- .../hostapd/patches/740-snoop_iface.patch | 10 +-- .../hostapd/patches/760-dynamic_own_ip.patch | 12 +-- ...probe-requests-with-invalid-DSSS-par.patch | 2 +- .../hostapd/patches/763-radius-wispr.patch | 10 +-- .../hostapd/patches/770-radius_server.patch | 16 ++-- ...ment-APuP-Access-Point-Micro-Peering.patch | 18 ++-- .../803-hostapd-fix-80211be-build.patch | 4 +- 38 files changed, 277 insertions(+), 272 deletions(-) diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile index 2e045406754..62c0a1952fe 100644 --- a/package/network/services/hostapd/Makefile +++ b/package/network/services/hostapd/Makefile @@ -9,9 +9,9 @@ PKG_RELEASE:=2 PKG_SOURCE_URL:=https://w1.fi/hostap.git PKG_SOURCE_PROTO:=git -PKG_SOURCE_DATE:=2025-02-09 -PKG_SOURCE_VERSION:=c8c7d56a3d3c4ca79bcbb6a87f372ce4bc2e9f11 -PKG_MIRROR_HASH:=fafdef456a545bd1de0cbd7b68b520e5be7e70ad1aab7ef051b1fc5ccaaa012a +PKG_SOURCE_DATE:=2025-05-23 +PKG_SOURCE_VERSION:=4b8ac10cb77c3d4dbf7ccefbe697dc0578da374c +PKG_MIRROR_HASH:=25a77ae4b26adef9c0d71c3b175445f246a4530e63563e81b8e19c2436934100 PKG_MAINTAINER:=Felix Fietkau PKG_LICENSE:=BSD-3-Clause diff --git a/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch b/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch index 9eef846f824..fc54e9d7850 100644 --- a/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch +++ b/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch @@ -14,7 +14,7 @@ Signed-off-by: Peter Oh --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -2972,7 +2972,7 @@ static int drv_supports_vht(struct wpa_s +@@ -2963,7 +2963,7 @@ static int drv_supports_vht(struct wpa_s } @@ -23,7 +23,7 @@ Signed-off-by: Peter Oh { int i; -@@ -2981,7 +2981,10 @@ static bool ibss_mesh_is_80mhz_avail(int +@@ -2972,7 +2972,10 @@ static bool ibss_mesh_is_80mhz_avail(int chan = hw_get_channel_chan(mode, i, NULL); if (!chan || @@ -35,42 +35,44 @@ Signed-off-by: Peter Oh return false; } -@@ -3108,7 +3111,7 @@ static void ibss_mesh_select_40mhz(struc +@@ -3099,7 +3102,7 @@ static void ibss_mesh_select_40mhz(struc const struct wpa_ssid *ssid, struct hostapd_hw_modes *mode, struct hostapd_freq_params *freq, -- int obss_scan) { -+ int obss_scan, bool dfs_enabled) { +- int obss_scan, bool is_6ghz) ++ int obss_scan, bool is_6ghz, bool dfs_enabled) + { int chan_idx; struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL; - int i, res; -@@ -3132,8 +3135,11 @@ static void ibss_mesh_select_40mhz(struc +@@ -3130,8 +3133,11 @@ static void ibss_mesh_select_40mhz(struc return; /* Check primary channel flags */ - if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) +- return; + if (pri_chan->flag & HOSTAPD_CHAN_DISABLED) - return; ++ return; + if (pri_chan->flag & (HOSTAPD_CHAN_RADAR | HOSTAPD_CHAN_NO_IR)) + if (!dfs_enabled) + return; #ifdef CONFIG_HT_OVERRIDES if (ssid->disable_ht40) -@@ -3159,8 +3165,11 @@ static void ibss_mesh_select_40mhz(struc +@@ -3166,8 +3172,11 @@ static void ibss_mesh_select_40mhz(struc return; /* Check secondary channel flags */ - if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) +- return; + if (sec_chan->flag & HOSTAPD_CHAN_DISABLED) - return; ++ return; + if (sec_chan->flag & (HOSTAPD_CHAN_RADAR | HOSTAPD_CHAN_NO_IR)) + if (!dfs_enabled) + return; - if (ht40 == -1) { - if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS)) -@@ -3236,7 +3245,7 @@ static bool ibss_mesh_select_80_160mhz(s + if (freq->ht_enabled) { + if (ht40 == -1) { +@@ -3245,7 +3254,7 @@ static bool ibss_mesh_select_80_160mhz(s const struct wpa_ssid *ssid, struct hostapd_hw_modes *mode, struct hostapd_freq_params *freq, @@ -79,7 +81,7 @@ Signed-off-by: Peter Oh static const int bw80[] = { 5180, 5260, 5500, 5580, 5660, 5745, 5825, 5955, 6035, 6115, 6195, 6275, 6355, 6435, -@@ -3286,7 +3295,7 @@ static bool ibss_mesh_select_80_160mhz(s +@@ -3298,7 +3307,7 @@ static bool ibss_mesh_select_80_160mhz(s goto skip_80mhz; /* Use 40 MHz if channel not usable */ @@ -88,37 +90,40 @@ Signed-off-by: Peter Oh goto skip_80mhz; chwidth = CONF_OPER_CHWIDTH_80MHZ; -@@ -3300,7 +3309,7 @@ static bool ibss_mesh_select_80_160mhz(s - if ((mode->he_capab[ieee80211_mode].phy_cap[ - HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] & - HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz && -- ibss_mesh_is_80mhz_avail(channel + 16, mode)) { -+ ibss_mesh_is_80mhz_avail(channel + 16, mode, dfs_enabled)) { +@@ -3340,7 +3349,7 @@ static bool ibss_mesh_select_80_160mhz(s + HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && + (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_160MHZ || + ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_320MHZ) && +- ibss_mesh_is_80mhz_avail(channel + 16 * offset_in_160, mode)) { ++ ibss_mesh_is_80mhz_avail(channel + 16 * offset_in_160, mode, dfs_enabled)) { for (j = 0; j < ARRAY_SIZE(bw160); j++) { - if (freq->freq == bw160[j]) { - chwidth = CONF_OPER_CHWIDTH_160MHZ; -@@ -3317,9 +3326,9 @@ static bool ibss_mesh_select_80_160mhz(s - if ((mode->eht_capab[ieee80211_mode].phy_cap[ - EHT_PHYCAP_320MHZ_IN_6GHZ_SUPPORT_IDX] & + u8 start_chan; + +@@ -3363,11 +3372,11 @@ static bool ibss_mesh_select_80_160mhz(s EHT_PHYCAP_320MHZ_IN_6GHZ_SUPPORT_MASK) && is_6ghz && -- ibss_mesh_is_80mhz_avail(channel + 16, mode) && -- ibss_mesh_is_80mhz_avail(channel + 32, mode) && -- ibss_mesh_is_80mhz_avail(channel + 48, mode)) { -+ ibss_mesh_is_80mhz_avail(channel + 16, mode, dfs_enabled) && -+ ibss_mesh_is_80mhz_avail(channel + 32, mode, dfs_enabled) && -+ ibss_mesh_is_80mhz_avail(channel + 48, mode, dfs_enabled)) { + ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_320MHZ && + ibss_mesh_is_80mhz_avail(channel + 16 - +- 64 * ((offset_in_320 + 1) / 4), mode) && ++ 64 * ((offset_in_320 + 1) / 4), mode, dfs_enabled) && + ibss_mesh_is_80mhz_avail(channel + 32 - +- 64 * ((offset_in_320 + 2) / 4), mode) && ++ 64 * ((offset_in_320 + 2) / 4), mode, dfs_enabled) && + ibss_mesh_is_80mhz_avail(channel + 48 - +- 64 * ((offset_in_320 + 3) / 4), mode)) { ++ 64 * ((offset_in_320 + 3) / 4), mode, dfs_enabled)) { for (j = 0; j < ARRAY_SIZE(bw320); j += 2) { if (freq->freq >= bw320[j] && freq->freq <= bw320[j + 1]) { -@@ -3348,10 +3357,12 @@ static bool ibss_mesh_select_80_160mhz(s +@@ -3396,10 +3405,12 @@ static bool ibss_mesh_select_80_160mhz(s if (!chan) continue; - if (chan->flag & (HOSTAPD_CHAN_DISABLED | - HOSTAPD_CHAN_NO_IR | - HOSTAPD_CHAN_RADAR)) +- continue; + if (chan->flag & HOSTAPD_CHAN_DISABLED) - continue; ++ continue; + if (chan->flag & (HOSTAPD_CHAN_RADAR | + HOSTAPD_CHAN_NO_IR)) + if (!dfs_enabled) @@ -126,7 +131,7 @@ Signed-off-by: Peter Oh /* Found a suitable second segment for 80+80 */ chwidth = CONF_OPER_CHWIDTH_80P80MHZ; -@@ -3406,6 +3417,7 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -3454,6 +3465,7 @@ void ibss_mesh_setup_freq(struct wpa_sup int obss_scan = 1; u8 channel; bool is_6ghz, is_24ghz; @@ -134,12 +139,12 @@ Signed-off-by: Peter Oh freq->freq = ssid->frequency; -@@ -3448,9 +3460,9 @@ void ibss_mesh_setup_freq(struct wpa_sup - freq->channel = channel; - /* Setup higher BW only for 5 GHz */ +@@ -3497,9 +3509,9 @@ void ibss_mesh_setup_freq(struct wpa_sup + /* Setup higher BW only for 5 and 6 GHz */ if (mode->mode == HOSTAPD_MODE_IEEE80211A) { -- ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan); -+ ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan, dfs_enabled); + ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan, +- is_6ghz); ++ is_6ghz, dfs_enabled); if (!ibss_mesh_select_80_160mhz(wpa_s, ssid, mode, freq, - ieee80211_mode, is_6ghz)) + ieee80211_mode, is_6ghz, dfs_enabled)) diff --git a/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch b/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch index 9d925cd8c66..ea67d653a32 100644 --- a/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch +++ b/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch @@ -68,7 +68,7 @@ Signed-off-by: Markus Theil chan_idx, num_available_chandefs); --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -11656,6 +11656,10 @@ static int nl80211_switch_channel(void * +@@ -11592,6 +11592,10 @@ static int nl80211_switch_channel(void * if (ret) goto error; diff --git a/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch b/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch index a5aa688efb4..090df4d5c90 100644 --- a/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch +++ b/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch @@ -4,7 +4,7 @@ Subject: [PATCH] fix adding back stations after a missed deauth/disassoc --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c -@@ -4894,6 +4894,13 @@ static int add_associated_sta(struct hos +@@ -5033,6 +5033,13 @@ static int add_associated_sta(struct hos * drivers to accept the STA parameter configuration. Since this is * after a new FT-over-DS exchange, a new TK has been derived, so key * reinstallation is not a concern for this case. @@ -18,7 +18,7 @@ Subject: [PATCH] fix adding back stations after a missed deauth/disassoc */ wpa_printf(MSG_DEBUG, "Add associated STA " MACSTR " (added_unassoc=%d auth_alg=%u ft_over_ds=%u reassoc=%d authorized=%d ft_tk=%d fils_tk=%d)", -@@ -4907,7 +4914,8 @@ static int add_associated_sta(struct hos +@@ -5046,7 +5053,8 @@ static int add_associated_sta(struct hos (!(sta->flags & WLAN_STA_AUTHORIZED) || (reassoc && sta->ft_over_ds && sta->auth_alg == WLAN_AUTH_FT) || (!wpa_auth_sta_ft_tk_already_set(sta->wpa_sm) && diff --git a/package/network/services/hostapd/patches/050-Fix-OpenWrt-13156.patch b/package/network/services/hostapd/patches/050-Fix-OpenWrt-13156.patch index 584dd3b2f84..252929a64d4 100644 --- a/package/network/services/hostapd/patches/050-Fix-OpenWrt-13156.patch +++ b/package/network/services/hostapd/patches/050-Fix-OpenWrt-13156.patch @@ -20,7 +20,7 @@ Signed-off-by: Stijn Tintel --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -4075,6 +4075,8 @@ int hostapd_remove_iface(struct hapd_int +@@ -4091,6 +4091,8 @@ int hostapd_remove_iface(struct hapd_int void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta, int reassoc) { @@ -29,7 +29,7 @@ Signed-off-by: Stijn Tintel if (hapd->tkip_countermeasures) { hostapd_drv_sta_deauth(hapd, sta->addr, WLAN_REASON_MICHAEL_MIC_FAILURE); -@@ -4082,10 +4084,16 @@ void hostapd_new_assoc_sta(struct hostap +@@ -4098,10 +4100,16 @@ void hostapd_new_assoc_sta(struct hostap } #ifdef CONFIG_IEEE80211BE @@ -51,7 +51,7 @@ Signed-off-by: Stijn Tintel ap_sta_clear_assoc_timeout(hapd, sta); --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c -@@ -1552,9 +1552,6 @@ bool ap_sta_set_authorized_flag(struct h +@@ -1553,9 +1553,6 @@ bool ap_sta_set_authorized_flag(struct h mld_assoc_link_id = -2; } #endif /* CONFIG_IEEE80211BE */ diff --git a/package/network/services/hostapd/patches/051-nl80211-add-extra-ies-only-if-allowed-by-driver.patch b/package/network/services/hostapd/patches/051-nl80211-add-extra-ies-only-if-allowed-by-driver.patch index cba6614633d..b4709cf5044 100644 --- a/package/network/services/hostapd/patches/051-nl80211-add-extra-ies-only-if-allowed-by-driver.patch +++ b/package/network/services/hostapd/patches/051-nl80211-add-extra-ies-only-if-allowed-by-driver.patch @@ -26,7 +26,7 @@ Signed-off-by: David Bauer --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -2411,6 +2411,9 @@ struct wpa_driver_capa { +@@ -2441,6 +2441,9 @@ struct wpa_driver_capa { /** Maximum number of iterations in a single scan plan */ u32 max_sched_scan_plan_iterations; @@ -38,7 +38,7 @@ Signed-off-by: David Bauer --- a/src/drivers/driver_nl80211_capa.c +++ b/src/drivers/driver_nl80211_capa.c -@@ -984,6 +984,10 @@ static int wiphy_info_handler(struct nl_ +@@ -981,6 +981,10 @@ static int wiphy_info_handler(struct nl_ nla_get_u32(tb[NL80211_ATTR_MAX_SCAN_PLAN_ITERATIONS]); } diff --git a/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch b/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch index ab05c92d36f..d90298c97d9 100644 --- a/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch +++ b/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch @@ -7772,7 +7772,7 @@ Signed-off-by: Glenn Strauss CONFIG_SIM_SIMULATOR=y --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -1232,6 +1232,29 @@ endif +@@ -1234,6 +1234,29 @@ endif CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\" endif @@ -7802,7 +7802,7 @@ Signed-off-by: Glenn Strauss ifeq ($(CONFIG_TLS), gnutls) ifndef CONFIG_CRYPTO # default to libgcrypt -@@ -1424,9 +1447,11 @@ endif +@@ -1426,9 +1449,11 @@ endif ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), wolfssl) @@ -7814,7 +7814,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_OPENSSL_INTERNAL_AES_WRAP # Seems to be needed at least with BoringSSL NEED_INTERNAL_AES_WRAP=y -@@ -1440,9 +1465,11 @@ endif +@@ -1442,9 +1467,11 @@ endif ifdef NEED_INTERNAL_AES_WRAP ifneq ($(CONFIG_TLS), linux) @@ -7826,7 +7826,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_AES_EAX AESOBJS += ../src/crypto/aes-eax.o NEED_AES_CTR=y -@@ -1452,35 +1479,45 @@ AESOBJS += ../src/crypto/aes-siv.o +@@ -1454,35 +1481,45 @@ AESOBJS += ../src/crypto/aes-siv.o NEED_AES_CTR=y endif ifdef NEED_AES_CTR @@ -7872,7 +7872,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_AES_ENC ifdef CONFIG_INTERNAL_AES AESOBJS += ../src/crypto/aes-internal-enc.o -@@ -1495,12 +1532,16 @@ ifneq ($(CONFIG_TLS), openssl) +@@ -1497,12 +1534,16 @@ ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), linux) ifneq ($(CONFIG_TLS), gnutls) ifneq ($(CONFIG_TLS), wolfssl) @@ -7889,7 +7889,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_INTERNAL_SHA1 SHA1OBJS += ../src/crypto/sha1-internal.o ifdef NEED_FIPS186_2_PRF -@@ -1512,29 +1553,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2 +@@ -1514,29 +1555,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2 else ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), wolfssl) @@ -7927,7 +7927,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_MD5 ifdef CONFIG_INTERNAL_MD5 MD5OBJS += ../src/crypto/md5-internal.o -@@ -1589,12 +1638,17 @@ ifneq ($(CONFIG_TLS), openssl) +@@ -1591,12 +1640,17 @@ ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), linux) ifneq ($(CONFIG_TLS), gnutls) ifneq ($(CONFIG_TLS), wolfssl) @@ -7945,7 +7945,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_INTERNAL_SHA256 SHA256OBJS += ../src/crypto/sha256-internal.o endif -@@ -1607,50 +1661,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512 +@@ -1609,50 +1663,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512 SHA256OBJS += ../src/crypto/sha512-internal.o endif ifdef NEED_TLS_PRF_SHA256 @@ -8014,7 +8014,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_ASN1 OBJS += ../src/tls/asn1.o -@@ -1825,10 +1897,12 @@ ifdef CONFIG_FIPS +@@ -1827,10 +1899,12 @@ ifdef CONFIG_FIPS CFLAGS += -DCONFIG_FIPS ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), wolfssl) diff --git a/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch b/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch index 5534de7efac..71b06401cd6 100644 --- a/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch +++ b/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch @@ -101,7 +101,7 @@ Signed-off-by: Glenn Strauss --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -1243,10 +1243,6 @@ endif +@@ -1245,10 +1245,6 @@ endif OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o OBJS_p += ../src/crypto/crypto_$(CONFIG_CRYPTO).o OBJS_priv += ../src/crypto/crypto_$(CONFIG_CRYPTO).o diff --git a/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch b/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch index babc2a568db..548358db38c 100644 --- a/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch +++ b/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch @@ -739,7 +739,7 @@ Signed-off-by: Glenn Strauss params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap") hostapd.add_ap(apdev[0], params) -@@ -3581,7 +3626,7 @@ def test_ap_wpa2_eap_ikev2_oom(dev, apde +@@ -3588,7 +3633,7 @@ def test_ap_wpa2_eap_ikev2_oom(dev, apde dev[0].request("REMOVE_NETWORK all") tls = dev[0].request("GET tls_library") @@ -748,7 +748,7 @@ Signed-off-by: Glenn Strauss tests = [(1, "os_get_random;dh_init")] else: tests = [(1, "crypto_dh_init;dh_init")] -@@ -4901,7 +4946,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca +@@ -4908,7 +4953,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca params["private_key"] = "auth_serv/iCA-server/server.key" hostapd.add_ap(apdev[0], params) tls = dev[0].request("GET tls_library") @@ -757,7 +757,7 @@ Signed-off-by: Glenn Strauss ca_cert = "auth_serv/iCA-user/ca-and-root.pem" client_cert = "auth_serv/iCA-user/user_and_ica.pem" else: -@@ -4967,6 +5012,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca +@@ -4974,6 +5019,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca run_ap_wpa2_eap_tls_intermediate_ca_ocsp(dev, apdev, params, "-sha1") def run_ap_wpa2_eap_tls_intermediate_ca_ocsp(dev, apdev, params, md): @@ -765,7 +765,7 @@ Signed-off-by: Glenn Strauss params = int_eap_server_params() params["ca_cert"] = "auth_serv/iCA-server/ca-and-root.pem" params["server_cert"] = "auth_serv/iCA-server/server.pem" -@@ -4976,7 +5022,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_ +@@ -4983,7 +5029,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_ try: hostapd.add_ap(apdev[0], params) tls = dev[0].request("GET tls_library") @@ -774,7 +774,7 @@ Signed-off-by: Glenn Strauss ca_cert = "auth_serv/iCA-user/ca-and-root.pem" client_cert = "auth_serv/iCA-user/user_and_ica.pem" else: -@@ -5012,7 +5058,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_ +@@ -5019,7 +5065,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_ try: hostapd.add_ap(apdev[0], params) tls = dev[0].request("GET tls_library") @@ -783,7 +783,7 @@ Signed-off-by: Glenn Strauss ca_cert = "auth_serv/iCA-user/ca-and-root.pem" client_cert = "auth_serv/iCA-user/user_and_ica.pem" else: -@@ -5062,7 +5108,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca +@@ -5069,7 +5115,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca try: hostapd.add_ap(apdev[0], params) tls = dev[0].request("GET tls_library") @@ -792,7 +792,7 @@ Signed-off-by: Glenn Strauss ca_cert = "auth_serv/iCA-user/ca-and-root.pem" client_cert = "auth_serv/iCA-user/user_and_ica.pem" else: -@@ -5129,7 +5175,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca +@@ -5136,7 +5182,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca hostapd.add_ap(apdev[0], params) tls = dev[0].request("GET tls_library") @@ -801,7 +801,7 @@ Signed-off-by: Glenn Strauss ca_cert = "auth_serv/iCA-user/ca-and-root.pem" client_cert = "auth_serv/iCA-user/user_and_ica.pem" else: -@@ -5387,6 +5433,7 @@ def test_ap_wpa2_eap_ttls_server_cert_ek +@@ -5394,6 +5440,7 @@ def test_ap_wpa2_eap_ttls_server_cert_ek def test_ap_wpa2_eap_ttls_server_pkcs12(dev, apdev): """WPA2-Enterprise using EAP-TTLS and server PKCS#12 file""" @@ -809,7 +809,7 @@ Signed-off-by: Glenn Strauss skip_with_fips(dev[0]) params = int_eap_server_params() del params["server_cert"] -@@ -5399,6 +5446,7 @@ def test_ap_wpa2_eap_ttls_server_pkcs12( +@@ -5406,6 +5453,7 @@ def test_ap_wpa2_eap_ttls_server_pkcs12( def test_ap_wpa2_eap_ttls_server_pkcs12_extra(dev, apdev): """EAP-TTLS and server PKCS#12 file with extra certs""" @@ -817,7 +817,7 @@ Signed-off-by: Glenn Strauss skip_with_fips(dev[0]) params = int_eap_server_params() del params["server_cert"] -@@ -5421,6 +5469,7 @@ def test_ap_wpa2_eap_ttls_dh_params_serv +@@ -5428,6 +5476,7 @@ def test_ap_wpa2_eap_ttls_dh_params_serv def test_ap_wpa2_eap_ttls_dh_params_dsa_server(dev, apdev): """WPA2-Enterprise using EAP-TTLS and alternative server dhparams (DSA)""" @@ -825,7 +825,7 @@ Signed-off-by: Glenn Strauss params = int_eap_server_params() params["dh_file"] = "auth_serv/dsaparam.pem" hapd = hostapd.add_ap(apdev[0], params) -@@ -5732,8 +5781,8 @@ def test_ap_wpa2_eap_non_ascii_identity2 +@@ -5739,8 +5788,8 @@ def test_ap_wpa2_eap_non_ascii_identity2 def test_openssl_cipher_suite_config_wpas(dev, apdev): """OpenSSL cipher suite configuration on wpa_supplicant""" tls = dev[0].request("GET tls_library") @@ -836,7 +836,7 @@ Signed-off-by: Glenn Strauss params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap") hapd = hostapd.add_ap(apdev[0], params) eap_connect(dev[0], hapd, "TTLS", "pap user", -@@ -5759,14 +5808,14 @@ def test_openssl_cipher_suite_config_wpa +@@ -5766,14 +5815,14 @@ def test_openssl_cipher_suite_config_wpa def test_openssl_cipher_suite_config_hapd(dev, apdev): """OpenSSL cipher suite configuration on hostapd""" tls = dev[0].request("GET tls_library") @@ -855,7 +855,7 @@ Signed-off-by: Glenn Strauss eap_connect(dev[0], hapd, "TTLS", "pap user", anonymous_identity="ttls", password="password", ca_cert="auth_serv/ca.pem", phase2="auth=PAP") -@@ -6209,13 +6258,17 @@ def test_ap_wpa2_eap_tls_versions(dev, a +@@ -6216,13 +6265,17 @@ def test_ap_wpa2_eap_tls_versions(dev, a if tls.startswith("wolfSSL"): check_tls_ver(dev[0], hapd, "tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=1", "TLSv1.2") @@ -878,7 +878,7 @@ Signed-off-by: Glenn Strauss if "run=OpenSSL 1.1.1" in tls or "run=OpenSSL 3." in tls or \ tls.startswith("wolfSSL"): check_tls_ver(dev[0], hapd, -@@ -6238,6 +6291,11 @@ def test_ap_wpa2_eap_tls_versions_server +@@ -6245,6 +6298,11 @@ def test_ap_wpa2_eap_tls_versions_server tests = [("TLSv1", "[ENABLE-TLSv1.0][DISABLE-TLSv1.1][DISABLE-TLSv1.2][DISABLE-TLSv1.3]"), ("TLSv1.1", "[ENABLE-TLSv1.0][ENABLE-TLSv1.1][DISABLE-TLSv1.2][DISABLE-TLSv1.3]"), ("TLSv1.2", "[ENABLE-TLSv1.0][ENABLE-TLSv1.1][ENABLE-TLSv1.2][DISABLE-TLSv1.3]")] @@ -890,7 +890,7 @@ Signed-off-by: Glenn Strauss for exp, flags in tests: hapd.disable() hapd.set("tls_flags", flags) -@@ -7318,6 +7376,7 @@ def test_ap_wpa2_eap_assoc_rsn(dev, apde +@@ -7325,6 +7383,7 @@ def test_ap_wpa2_eap_assoc_rsn(dev, apde def test_eap_tls_ext_cert_check(dev, apdev): """EAP-TLS and external server certification validation""" # With internal server certificate chain validation @@ -898,7 +898,7 @@ Signed-off-by: Glenn Strauss id = dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TLS", identity="tls user", ca_cert="auth_serv/ca.pem", -@@ -7330,6 +7389,7 @@ def test_eap_tls_ext_cert_check(dev, apd +@@ -7337,6 +7396,7 @@ def test_eap_tls_ext_cert_check(dev, apd def test_eap_ttls_ext_cert_check(dev, apdev): """EAP-TTLS and external server certification validation""" # Without internal server certificate chain validation @@ -906,7 +906,7 @@ Signed-off-by: Glenn Strauss id = dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS", identity="pap user", anonymous_identity="ttls", password="password", phase2="auth=PAP", -@@ -7340,6 +7400,7 @@ def test_eap_ttls_ext_cert_check(dev, ap +@@ -7347,6 +7407,7 @@ def test_eap_ttls_ext_cert_check(dev, ap def test_eap_peap_ext_cert_check(dev, apdev): """EAP-PEAP and external server certification validation""" # With internal server certificate chain validation @@ -914,7 +914,7 @@ Signed-off-by: Glenn Strauss id = dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="PEAP", identity="user", anonymous_identity="peap", ca_cert="auth_serv/ca.pem", -@@ -7350,6 +7411,7 @@ def test_eap_peap_ext_cert_check(dev, ap +@@ -7357,6 +7418,7 @@ def test_eap_peap_ext_cert_check(dev, ap def test_eap_fast_ext_cert_check(dev, apdev): """EAP-FAST and external server certification validation""" @@ -922,7 +922,7 @@ Signed-off-by: Glenn Strauss check_eap_capa(dev[0], "FAST") # With internal server certificate chain validation dev[0].request("SET blob fast_pac_auth_ext ") -@@ -7364,10 +7426,6 @@ def test_eap_fast_ext_cert_check(dev, ap +@@ -7371,10 +7433,6 @@ def test_eap_fast_ext_cert_check(dev, ap run_ext_cert_check(dev, apdev, id) def run_ext_cert_check(dev, apdev, net_id): @@ -1124,7 +1124,7 @@ Signed-off-by: Glenn Strauss heavy_groups = [14, 15, 16] suitable_groups = [15, 16, 17, 18, 19, 20, 21] groups = [str(g) for g in sae_groups] -@@ -2248,6 +2253,8 @@ def run_sae_pwe_group(dev, apdev, group) +@@ -2285,6 +2290,8 @@ def run_sae_pwe_group(dev, apdev, group) logger.info("Add Brainpool EC groups since OpenSSL is new enough") elif tls.startswith("wolfSSL"): logger.info("Make sure Brainpool EC groups were enabled when compiling wolfSSL") @@ -1144,7 +1144,7 @@ Signed-off-by: Glenn Strauss if not tls.startswith("OpenSSL"): raise HwsimSkip("TLS library not supported for Suite B: " + tls) supported = False -@@ -520,6 +522,7 @@ def test_suite_b_192_rsa_insufficient_dh +@@ -539,6 +541,7 @@ def test_suite_b_192_rsa_insufficient_dh dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192", ieee80211w="2", @@ -1289,7 +1289,7 @@ Signed-off-by: Glenn Strauss if (need_more_data) { --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -1190,6 +1190,7 @@ TLS_FUNCS=y +@@ -1192,6 +1192,7 @@ TLS_FUNCS=y endif ifeq ($(CONFIG_TLS), wolfssl) @@ -1297,7 +1297,7 @@ Signed-off-by: Glenn Strauss CFLAGS += -DCRYPTO_RSA_OAEP_SHA256 ifdef TLS_FUNCS CFLAGS += -DWOLFSSL_DER_LOAD -@@ -1206,6 +1207,7 @@ LIBS_p += -lwolfssl -lm +@@ -1208,6 +1209,7 @@ LIBS_p += -lwolfssl -lm endif ifeq ($(CONFIG_TLS), openssl) @@ -1305,7 +1305,7 @@ Signed-off-by: Glenn Strauss CFLAGS += -DCRYPTO_RSA_OAEP_SHA256 ifdef TLS_FUNCS CFLAGS += -DEAP_TLS_OPENSSL -@@ -1233,6 +1235,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF +@@ -1235,6 +1237,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF endif ifeq ($(CONFIG_TLS), mbedtls) @@ -1313,7 +1313,7 @@ Signed-off-by: Glenn Strauss ifndef CONFIG_CRYPTO CONFIG_CRYPTO=mbedtls endif -@@ -1252,6 +1255,7 @@ endif +@@ -1254,6 +1257,7 @@ endif endif ifeq ($(CONFIG_TLS), gnutls) @@ -1321,7 +1321,7 @@ Signed-off-by: Glenn Strauss ifndef CONFIG_CRYPTO # default to libgcrypt CONFIG_CRYPTO=gnutls -@@ -1282,6 +1286,7 @@ endif +@@ -1284,6 +1288,7 @@ endif endif ifeq ($(CONFIG_TLS), internal) @@ -1329,7 +1329,7 @@ Signed-off-by: Glenn Strauss ifndef CONFIG_CRYPTO CONFIG_CRYPTO=internal endif -@@ -1362,6 +1367,7 @@ endif +@@ -1364,6 +1369,7 @@ endif endif ifeq ($(CONFIG_TLS), linux) diff --git a/package/network/services/hostapd/patches/150-add-NULL-checks-encountered-during-tests-hwsim.patch b/package/network/services/hostapd/patches/150-add-NULL-checks-encountered-during-tests-hwsim.patch index e562c2dd2a4..0b0737e760e 100644 --- a/package/network/services/hostapd/patches/150-add-NULL-checks-encountered-during-tests-hwsim.patch +++ b/package/network/services/hostapd/patches/150-add-NULL-checks-encountered-during-tests-hwsim.patch @@ -29,7 +29,7 @@ Signed-off-by: Glenn Strauss wpa_printf(MSG_DEBUG, "DPP: Generating a keypair"); --- a/src/common/sae.c +++ b/src/common/sae.c -@@ -1284,6 +1284,13 @@ void sae_deinit_pt(struct sae_pt *pt) +@@ -1287,6 +1287,13 @@ void sae_deinit_pt(struct sae_pt *pt) static int sae_derive_commit_element_ecc(struct sae_data *sae, struct crypto_bignum *mask) { diff --git a/package/network/services/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch b/package/network/services/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch index d9cdb1d3eb9..8ad4bae33c6 100644 --- a/package/network/services/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch +++ b/package/network/services/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch @@ -29,7 +29,7 @@ Signed-off-by: P Praneesh --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -1229,6 +1229,8 @@ static int hostapd_config_vht_capab(stru +@@ -1225,6 +1225,8 @@ static int hostapd_config_vht_capab(stru conf->vht_capab |= VHT_CAP_RX_ANTENNA_PATTERN; if (os_strstr(capab, "[TX-ANTENNA-PATTERN]")) conf->vht_capab |= VHT_CAP_TX_ANTENNA_PATTERN; @@ -100,7 +100,7 @@ Signed-off-by: P Praneesh u8 *pos = eid; enum oper_chan_width oper_chwidth = hostapd_get_oper_chwidth(hapd->iconf); -@@ -110,6 +123,7 @@ u8 * hostapd_eid_vht_operation(struct ho +@@ -113,6 +126,7 @@ u8 * hostapd_eid_vht_operation(struct ho oper->vht_op_info_chan_center_freq_seg1_idx = seg1; oper->vht_op_info_chwidth = oper_chwidth; @@ -108,7 +108,7 @@ Signed-off-by: P Praneesh if (oper_chwidth == CONF_OPER_CHWIDTH_160MHZ) { /* * Convert 160 MHz channel width to new style as interop -@@ -123,6 +137,9 @@ u8 * hostapd_eid_vht_operation(struct ho +@@ -126,6 +140,9 @@ u8 * hostapd_eid_vht_operation(struct ho oper->vht_op_info_chan_center_freq_seg0_idx -= 8; else oper->vht_op_info_chan_center_freq_seg0_idx += 8; @@ -120,7 +120,7 @@ Signed-off-by: P Praneesh * Convert 80+80 MHz channel width to new style as interop --- a/src/common/hw_features_common.c +++ b/src/common/hw_features_common.c -@@ -923,6 +923,7 @@ int ieee80211ac_cap_check(u32 hw, u32 co +@@ -924,6 +924,7 @@ int ieee80211ac_cap_check(u32 hw, u32 co VHT_CAP_CHECK(VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB); VHT_CAP_CHECK(VHT_CAP_RX_ANTENNA_PATTERN); VHT_CAP_CHECK(VHT_CAP_TX_ANTENNA_PATTERN); @@ -130,7 +130,7 @@ Signed-off-by: P Praneesh #undef VHT_CAP_CHECK_MAX --- a/src/common/ieee802_11_defs.h +++ b/src/common/ieee802_11_defs.h -@@ -1420,6 +1420,8 @@ struct ieee80211_ampe_ie { +@@ -1421,6 +1421,8 @@ struct ieee80211_ampe_ie { #define VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB ((u32) BIT(26) | BIT(27)) #define VHT_CAP_RX_ANTENNA_PATTERN ((u32) BIT(28)) #define VHT_CAP_TX_ANTENNA_PATTERN ((u32) BIT(29)) diff --git a/package/network/services/hostapd/patches/200-multicall.patch b/package/network/services/hostapd/patches/200-multicall.patch index 7472dc63e6c..85c91805764 100644 --- a/package/network/services/hostapd/patches/200-multicall.patch +++ b/package/network/services/hostapd/patches/200-multicall.patch @@ -94,7 +94,7 @@ This allows building both hostapd and wpa_supplicant as a single binary if (c < 0) --- a/src/ap/drv_callbacks.c +++ b/src/ap/drv_callbacks.c -@@ -2537,8 +2537,8 @@ static void hostapd_mld_iface_disable(st +@@ -2523,8 +2523,8 @@ static void hostapd_mld_iface_disable(st #endif /* CONFIG_IEEE80211BE */ @@ -105,7 +105,7 @@ This allows building both hostapd and wpa_supplicant as a single binary { struct hostapd_data *hapd = ctx; struct sta_info *sta; -@@ -2896,7 +2896,7 @@ void wpa_supplicant_event(void *ctx, enu +@@ -2882,7 +2882,7 @@ void wpa_supplicant_event(void *ctx, enu } @@ -116,7 +116,7 @@ This allows building both hostapd and wpa_supplicant as a single binary struct hapd_interfaces *interfaces = ctx; --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -7072,8 +7072,8 @@ union wpa_event_data { +@@ -7105,8 +7105,8 @@ union wpa_event_data { * Driver wrapper code should call this function whenever an event is received * from the driver. */ @@ -127,7 +127,7 @@ This allows building both hostapd and wpa_supplicant as a single binary /** * wpa_supplicant_event_global - Report a driver event for wpa_supplicant -@@ -7085,7 +7085,7 @@ void wpa_supplicant_event(void *ctx, enu +@@ -7118,7 +7118,7 @@ void wpa_supplicant_event(void *ctx, enu * Same as wpa_supplicant_event(), but we search for the interface in * wpa_global. */ @@ -169,7 +169,7 @@ This allows building both hostapd and wpa_supplicant as a single binary OBJS += ibss_rsn.o endif -@@ -982,6 +985,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS +@@ -984,6 +987,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS CFLAGS += -DCONFIG_DYNAMIC_EAP_METHODS LIBS += -ldl -rdynamic endif @@ -180,7 +180,7 @@ This allows building both hostapd and wpa_supplicant as a single binary endif ifdef CONFIG_AP -@@ -989,9 +996,11 @@ NEED_EAP_COMMON=y +@@ -991,9 +998,11 @@ NEED_EAP_COMMON=y NEED_RSN_AUTHENTICATOR=y CFLAGS += -DCONFIG_AP OBJS += ap.o @@ -192,7 +192,7 @@ This allows building both hostapd and wpa_supplicant as a single binary OBJS += ../src/ap/hostapd.o OBJS += ../src/ap/wpa_auth_glue.o OBJS += ../src/ap/utils.o -@@ -1082,6 +1091,12 @@ endif +@@ -1084,6 +1093,12 @@ endif ifdef CONFIG_HS20 OBJS += ../src/ap/hs20.o endif @@ -205,7 +205,7 @@ This allows building both hostapd and wpa_supplicant as a single binary endif ifdef CONFIG_MBO -@@ -1091,7 +1106,9 @@ NEED_GAS=y +@@ -1093,7 +1108,9 @@ NEED_GAS=y endif ifdef NEED_RSN_AUTHENTICATOR @@ -215,7 +215,7 @@ This allows building both hostapd and wpa_supplicant as a single binary NEED_AES_WRAP=y OBJS += ../src/ap/wpa_auth.o OBJS += ../src/ap/wpa_auth_ie.o -@@ -2082,6 +2099,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv) +@@ -2084,6 +2101,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv) _OBJS_VAR := OBJS include ../src/objs.mk @@ -228,7 +228,7 @@ This allows building both hostapd and wpa_supplicant as a single binary wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs) $(Q)$(LDO) $(LDFLAGS) -o wpa_supplicant $(OBJS) $(LIBS) $(EXTRALIBS) @$(E) " LD " $@ -@@ -2214,6 +2237,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK) +@@ -2216,6 +2239,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK) $(Q)sed -e 's|\@BINDIR\@|$(BINDIR)|g' $< >$@ @$(E) " sed" $< @@ -278,7 +278,7 @@ This allows building both hostapd and wpa_supplicant as a single binary os_memset(&eapol_test, 0, sizeof(eapol_test)); --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c -@@ -6170,8 +6170,8 @@ static int wpas_pasn_auth(struct wpa_sup +@@ -6175,8 +6175,8 @@ static int wpas_pasn_auth(struct wpa_sup #endif /* CONFIG_PASN */ @@ -289,7 +289,7 @@ This allows building both hostapd and wpa_supplicant as a single binary { struct wpa_supplicant *wpa_s = ctx; int resched; -@@ -7134,7 +7134,7 @@ void wpa_supplicant_event(void *ctx, enu +@@ -7139,7 +7139,7 @@ void wpa_supplicant_event(void *ctx, enu } @@ -331,7 +331,7 @@ This allows building both hostapd and wpa_supplicant as a single binary os_memset(&global, 0, sizeof(global)); --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -8062,7 +8062,6 @@ struct wpa_interface * wpa_supplicant_ma +@@ -8100,7 +8100,6 @@ struct wpa_interface * wpa_supplicant_ma return NULL; } @@ -339,7 +339,7 @@ This allows building both hostapd and wpa_supplicant as a single binary /** * wpa_supplicant_match_existing - Match existing interfaces * @global: Pointer to global data from wpa_supplicant_init() -@@ -8097,6 +8096,11 @@ static int wpa_supplicant_match_existing +@@ -8135,6 +8134,11 @@ static int wpa_supplicant_match_existing #endif /* CONFIG_MATCH_IFACE */ @@ -351,7 +351,7 @@ This allows building both hostapd and wpa_supplicant as a single binary /** * wpa_supplicant_add_iface - Add a new network interface -@@ -8353,6 +8357,8 @@ struct wpa_global * wpa_supplicant_init( +@@ -8391,6 +8395,8 @@ struct wpa_global * wpa_supplicant_init( #ifndef CONFIG_NO_WPA_MSG wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb); #endif /* CONFIG_NO_WPA_MSG */ diff --git a/package/network/services/hostapd/patches/201-lto-jobserver-support.patch b/package/network/services/hostapd/patches/201-lto-jobserver-support.patch index 7911071e0f9..531852cf210 100644 --- a/package/network/services/hostapd/patches/201-lto-jobserver-support.patch +++ b/package/network/services/hostapd/patches/201-lto-jobserver-support.patch @@ -25,7 +25,7 @@ Subject: [PATCH] hostapd: build with LTO enabled (using jobserver for parallel NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS) --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -2106,31 +2106,31 @@ wpa_supplicant_multi.a: .config $(BCHECK +@@ -2108,31 +2108,31 @@ wpa_supplicant_multi.a: .config $(BCHECK @$(AR) cr $@ wpa_supplicant_multi.o $(OBJS) wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs) diff --git a/package/network/services/hostapd/patches/211-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch b/package/network/services/hostapd/patches/211-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch index f7d3984c60c..4e67a0a56cb 100644 --- a/package/network/services/hostapd/patches/211-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch +++ b/package/network/services/hostapd/patches/211-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch @@ -13,7 +13,7 @@ Signed-off-by: David Bauer --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c -@@ -13566,7 +13566,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -13513,7 +13513,7 @@ char * wpa_supplicant_ctrl_iface_process if (wpas_ctrl_iface_coloc_intf_report(wpa_s, buf + 18)) reply_len = -1; #endif /* CONFIG_WNM */ @@ -22,7 +22,7 @@ Signed-off-by: David Bauer } else if (os_strncmp(buf, "DISASSOC_IMMINENT ", 18) == 0) { if (ap_ctrl_iface_disassoc_imminent(wpa_s, buf + 18)) reply_len = -1; -@@ -13576,7 +13576,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -13523,7 +13523,7 @@ char * wpa_supplicant_ctrl_iface_process } else if (os_strncmp(buf, "BSS_TM_REQ ", 11) == 0) { if (ap_ctrl_iface_bss_tm_req(wpa_s, buf + 11)) reply_len = -1; diff --git a/package/network/services/hostapd/patches/212-Move-definition-of-WLAN_SUPP_RATES_MAX-to-defs.h.patch b/package/network/services/hostapd/patches/212-Move-definition-of-WLAN_SUPP_RATES_MAX-to-defs.h.patch index 2961749c39e..cb3bea7771e 100644 --- a/package/network/services/hostapd/patches/212-Move-definition-of-WLAN_SUPP_RATES_MAX-to-defs.h.patch +++ b/package/network/services/hostapd/patches/212-Move-definition-of-WLAN_SUPP_RATES_MAX-to-defs.h.patch @@ -43,7 +43,7 @@ Signed-off-by: Eneas U de Queiroz struct mbo_non_pref_chan_info { --- a/src/common/defs.h +++ b/src/common/defs.h -@@ -63,6 +63,10 @@ +@@ -62,6 +62,10 @@ WPA_KEY_MGMT_FT_FILS_SHA256 | \ WPA_KEY_MGMT_FT_FILS_SHA384) diff --git a/package/network/services/hostapd/patches/252-disable_ctrl_iface_mib.patch b/package/network/services/hostapd/patches/252-disable_ctrl_iface_mib.patch index c5cf70d54df..eec53455b04 100644 --- a/package/network/services/hostapd/patches/252-disable_ctrl_iface_mib.patch +++ b/package/network/services/hostapd/patches/252-disable_ctrl_iface_mib.patch @@ -16,7 +16,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality else --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c -@@ -4087,6 +4087,7 @@ static int hostapd_ctrl_iface_receive_pr +@@ -4063,6 +4063,7 @@ static int hostapd_ctrl_iface_receive_pr reply_size); } else if (os_strcmp(buf, "STATUS-DRIVER") == 0) { reply_len = hostapd_drv_status(hapd, reply, reply_size); @@ -24,7 +24,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality } else if (os_strcmp(buf, "MIB") == 0) { reply_len = ieee802_11_get_mib(hapd, reply, reply_size); if (reply_len >= 0) { -@@ -4128,6 +4129,7 @@ static int hostapd_ctrl_iface_receive_pr +@@ -4104,6 +4105,7 @@ static int hostapd_ctrl_iface_receive_pr } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) { reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply, reply_size); @@ -113,7 +113,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality if (os_snprintf_error(buflen - len, ret)) --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c -@@ -2867,6 +2867,7 @@ static const char * bool_txt(bool val) +@@ -2831,6 +2831,7 @@ static const char * bool_txt(bool val) return val ? "TRUE" : "FALSE"; } @@ -121,7 +121,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality int ieee802_1x_get_mib(struct hostapd_data *hapd, char *buf, size_t buflen) { -@@ -3053,6 +3054,7 @@ int ieee802_1x_get_mib_sta(struct hostap +@@ -3017,6 +3018,7 @@ int ieee802_1x_get_mib_sta(struct hostap return len; } @@ -131,7 +131,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality static void ieee802_1x_wnm_notif_send(void *eloop_ctx, void *timeout_ctx) --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c -@@ -6178,6 +6178,7 @@ static const char * wpa_bool_txt(int val +@@ -6233,6 +6233,7 @@ static const char * wpa_bool_txt(int val return val ? "TRUE" : "FALSE"; } @@ -139,7 +139,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality #define RSN_SUITE "%02x-%02x-%02x-%d" #define RSN_SUITE_ARG(s) \ -@@ -6330,7 +6331,7 @@ int wpa_get_mib_sta(struct wpa_state_mac +@@ -6385,7 +6386,7 @@ int wpa_get_mib_sta(struct wpa_state_mac return len; } @@ -150,7 +150,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality { --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c -@@ -4195,6 +4195,8 @@ static u32 wpa_key_mgmt_suite(struct wpa +@@ -4189,6 +4189,8 @@ static u32 wpa_key_mgmt_suite(struct wpa } @@ -159,7 +159,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality #define RSN_SUITE "%02x-%02x-%02x-%d" #define RSN_SUITE_ARG(s) \ ((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff -@@ -4276,6 +4278,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch +@@ -4270,6 +4272,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch return (int) len; } @@ -169,7 +169,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -1040,6 +1040,9 @@ ifdef CONFIG_FILS +@@ -1042,6 +1042,9 @@ ifdef CONFIG_FILS OBJS += ../src/ap/fils_hlp.o endif ifdef CONFIG_CTRL_IFACE @@ -192,7 +192,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality char *buf, size_t buflen) --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c -@@ -2357,7 +2357,7 @@ static int wpa_supplicant_ctrl_iface_sta +@@ -2374,7 +2374,7 @@ static int wpa_supplicant_ctrl_iface_sta pos += ret; } @@ -201,7 +201,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality if (wpa_s->ap_iface) { pos += ap_ctrl_iface_wpa_get_status(wpa_s, pos, end - pos, -@@ -12876,6 +12876,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -12842,6 +12842,7 @@ char * wpa_supplicant_ctrl_iface_process reply_len = -1; } else if (os_strncmp(buf, "NOTE ", 5) == 0) { wpa_printf(MSG_INFO, "NOTE: %s", buf + 5); @@ -209,7 +209,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality } else if (os_strcmp(buf, "MIB") == 0) { reply_len = wpa_sm_get_mib(wpa_s->wpa, reply, reply_size); if (reply_len >= 0) { -@@ -12888,6 +12889,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -12854,6 +12855,7 @@ char * wpa_supplicant_ctrl_iface_process reply_size - reply_len); #endif /* CONFIG_MACSEC */ } @@ -217,7 +217,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality } else if (os_strncmp(buf, "STATUS", 6) == 0) { reply_len = wpa_supplicant_ctrl_iface_status( wpa_s, buf + 6, reply, reply_size); -@@ -13394,6 +13396,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -13341,6 +13343,7 @@ char * wpa_supplicant_ctrl_iface_process reply_len = wpa_supplicant_ctrl_iface_bss( wpa_s, buf + 4, reply, reply_size); #ifdef CONFIG_AP @@ -225,7 +225,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality } else if (os_strcmp(buf, "STA-FIRST") == 0) { reply_len = ap_ctrl_iface_sta_first(wpa_s, reply, reply_size); } else if (os_strncmp(buf, "STA ", 4) == 0) { -@@ -13402,12 +13405,15 @@ char * wpa_supplicant_ctrl_iface_process +@@ -13349,12 +13352,15 @@ char * wpa_supplicant_ctrl_iface_process } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) { reply_len = ap_ctrl_iface_sta_next(wpa_s, buf + 9, reply, reply_size); diff --git a/package/network/services/hostapd/patches/300-noscan.patch b/package/network/services/hostapd/patches/300-noscan.patch index ebedb2603c2..6d976918552 100644 --- a/package/network/services/hostapd/patches/300-noscan.patch +++ b/package/network/services/hostapd/patches/300-noscan.patch @@ -5,7 +5,7 @@ Subject: [PATCH] Add noscan, no_ht_coex config options --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3747,6 +3747,10 @@ static int hostapd_config_fill(struct ho +@@ -3518,6 +3518,10 @@ static int hostapd_config_fill(struct ho if (bss->ocv && !bss->ieee80211w) bss->ieee80211w = 1; #endif /* CONFIG_OCV */ @@ -18,7 +18,7 @@ Subject: [PATCH] Add noscan, no_ht_coex config options } else if (os_strcmp(buf, "ht_capab") == 0) { --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h -@@ -1125,6 +1125,8 @@ struct hostapd_config { +@@ -1105,6 +1105,8 @@ struct hostapd_config { int ht_op_mode_fixed; u16 ht_capab; diff --git a/package/network/services/hostapd/patches/301-mesh-noscan.patch b/package/network/services/hostapd/patches/301-mesh-noscan.patch index 175b76c60be..1c2eedda42a 100644 --- a/package/network/services/hostapd/patches/301-mesh-noscan.patch +++ b/package/network/services/hostapd/patches/301-mesh-noscan.patch @@ -5,7 +5,7 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also --- a/wpa_supplicant/config.c +++ b/wpa_supplicant/config.c -@@ -2668,6 +2668,7 @@ static const struct parse_data ssid_fiel +@@ -2642,6 +2642,7 @@ static const struct parse_data ssid_fiel #else /* CONFIG_MESH */ { INT_RANGE(mode, 0, 4) }, #endif /* CONFIG_MESH */ @@ -15,17 +15,17 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also { STR(id_str) }, --- a/wpa_supplicant/config_file.c +++ b/wpa_supplicant/config_file.c -@@ -867,6 +867,7 @@ static void wpa_config_write_network(FIL - #endif /* IEEE8021X_EAPOL */ +@@ -868,6 +868,7 @@ static void wpa_config_write_network(FIL INT(mode); + #ifdef CONFIG_MESH INT(no_auto_peer); + INT(noscan); INT_DEF(mesh_fwding, DEFAULT_MESH_FWDING); + #endif /* CONFIG_MESH */ INT(frequency); - INT(enable_edmg); --- a/wpa_supplicant/config_ssid.h +++ b/wpa_supplicant/config_ssid.h -@@ -1063,6 +1063,8 @@ struct wpa_ssid { +@@ -1071,6 +1071,8 @@ struct wpa_ssid { */ int no_auto_peer; @@ -36,7 +36,7 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also * --- a/wpa_supplicant/mesh.c +++ b/wpa_supplicant/mesh.c -@@ -509,6 +509,8 @@ static int wpa_supplicant_mesh_init(stru +@@ -538,6 +538,8 @@ static int wpa_supplicant_mesh_init(stru frequency); goto out_free; } @@ -47,7 +47,7 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also /* --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -3044,7 +3044,7 @@ static bool ibss_mesh_can_use_vht(struct +@@ -3035,7 +3035,7 @@ static bool ibss_mesh_can_use_vht(struct const struct wpa_ssid *ssid, struct hostapd_hw_modes *mode) { @@ -56,16 +56,16 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also return false; if (!drv_supports_vht(wpa_s, ssid)) -@@ -3117,7 +3117,7 @@ static void ibss_mesh_select_40mhz(struc +@@ -3109,7 +3109,7 @@ static void ibss_mesh_select_40mhz(struc int i, res; unsigned int j; - static const int ht40plus[] = { + static const int ht40plus_5ghz[] = { - 36, 44, 52, 60, 100, 108, 116, 124, 132, 140, + 1, 2, 3, 4, 5, 6, 7, 36, 44, 52, 60, 100, 108, 116, 124, 132, 140, 149, 157, 165, 173, 184, 192 }; - int ht40 = -1; -@@ -3414,7 +3414,7 @@ void ibss_mesh_setup_freq(struct wpa_sup + static const int ht40plus_6ghz[] = { +@@ -3462,7 +3462,7 @@ void ibss_mesh_setup_freq(struct wpa_sup int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode); enum hostapd_hw_mode hw_mode; struct hostapd_hw_modes *mode = NULL; @@ -74,12 +74,12 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also u8 channel; bool is_6ghz, is_24ghz; bool dfs_enabled = wpa_s->conf->country[0] && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR); -@@ -3458,6 +3458,8 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -3506,6 +3506,8 @@ void ibss_mesh_setup_freq(struct wpa_sup freq->he_enabled = ibss_mesh_can_use_he(wpa_s, ssid, mode, ieee80211_mode); freq->channel = channel; + if (mode->mode == HOSTAPD_MODE_IEEE80211G && ssid->noscan) -+ ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan, dfs_enabled); - /* Setup higher BW only for 5 GHz */ ++ ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan, is_6ghz, dfs_enabled); + /* Setup higher BW only for 5 and 6 GHz */ if (mode->mode == HOSTAPD_MODE_IEEE80211A) { - ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan, dfs_enabled); + ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan, diff --git a/package/network/services/hostapd/patches/310-rescan_immediately.patch b/package/network/services/hostapd/patches/310-rescan_immediately.patch index 83b616116f4..15c74a71ae2 100644 --- a/package/network/services/hostapd/patches/310-rescan_immediately.patch +++ b/package/network/services/hostapd/patches/310-rescan_immediately.patch @@ -5,7 +5,7 @@ Subject: [PATCH] rescan_immediately.patch --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -6342,7 +6342,7 @@ wpa_supplicant_alloc(struct wpa_supplica +@@ -6381,7 +6381,7 @@ wpa_supplicant_alloc(struct wpa_supplica if (wpa_s == NULL) return NULL; wpa_s->scan_req = INITIAL_SCAN_REQ; diff --git a/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch b/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch index 6b3baea5584..814b15f819b 100644 --- a/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch +++ b/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch @@ -4,8 +4,8 @@ Subject: [PATCH] nl80211_del_beacon_bss.patch --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -6381,8 +6381,7 @@ static void nl80211_teardown_ap(struct i - nl80211_mgmt_unsubscribe(bss, "AP teardown"); +@@ -6340,8 +6340,7 @@ static void nl80211_teardown_ap(struct i + } nl80211_put_wiphy_data_ap(bss); - if (bss->flink) diff --git a/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch b/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch index bedac7f606c..e22da803410 100644 --- a/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch +++ b/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch @@ -14,7 +14,7 @@ Signed-hostap: Antonio Quartulli --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -1012,6 +1012,9 @@ struct wpa_driver_associate_params { +@@ -1018,6 +1018,9 @@ struct wpa_driver_associate_params { * responsible for selecting with which BSS to associate. */ const u8 *bssid; @@ -34,7 +34,7 @@ Signed-hostap: Antonio Quartulli #include "config.h" -@@ -2449,6 +2450,97 @@ static char * wpa_config_write_mac_value +@@ -2423,6 +2424,97 @@ static char * wpa_config_write_mac_value #endif /* NO_CONFIG_WRITE */ @@ -132,7 +132,7 @@ Signed-hostap: Antonio Quartulli /* Helper macros for network block parser */ #ifdef OFFSET -@@ -2744,6 +2836,8 @@ static const struct parse_data ssid_fiel +@@ -2718,6 +2810,8 @@ static const struct parse_data ssid_fiel { INT(ap_max_inactivity) }, { INT(dtim_period) }, { INT(beacon_int) }, @@ -155,7 +155,7 @@ Signed-hostap: Antonio Quartulli * macsec_policy - Determines the policy for MACsec secure session --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -4635,6 +4635,12 @@ static void wpas_start_assoc_cb(struct w +@@ -4674,6 +4674,12 @@ static void wpas_start_assoc_cb(struct w params.beacon_int = ssid->beacon_int; else params.beacon_int = wpa_s->conf->beacon_int; diff --git a/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch b/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch index b30e0409a69..917b4ac3b62 100644 --- a/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch +++ b/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch @@ -19,7 +19,7 @@ Tested-by: Simon Wunderlich --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -1932,6 +1932,7 @@ struct wpa_driver_mesh_join_params { +@@ -1959,6 +1959,7 @@ struct wpa_driver_mesh_join_params { #define WPA_DRIVER_MESH_FLAG_AMPE 0x00000008 unsigned int flags; bool handle_dfs; @@ -29,7 +29,7 @@ Tested-by: Simon Wunderlich struct wpa_driver_set_key_params { --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -12333,6 +12333,18 @@ static int nl80211_put_mesh_id(struct nl +@@ -12269,6 +12269,18 @@ static int nl80211_put_mesh_id(struct nl } @@ -48,7 +48,7 @@ Tested-by: Simon Wunderlich static int nl80211_put_mesh_config(struct nl_msg *msg, struct wpa_driver_mesh_bss_params *params) { -@@ -12394,6 +12406,7 @@ static int nl80211_join_mesh(struct i802 +@@ -12330,6 +12342,7 @@ static int nl80211_join_mesh(struct i802 nl80211_put_basic_rates(msg, params->basic_rates) || nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) || nl80211_put_beacon_int(msg, params->beacon_int) || @@ -58,7 +58,7 @@ Tested-by: Simon Wunderlich --- a/wpa_supplicant/mesh.c +++ b/wpa_supplicant/mesh.c -@@ -636,6 +636,7 @@ int wpa_supplicant_join_mesh(struct wpa_ +@@ -665,6 +665,7 @@ int wpa_supplicant_join_mesh(struct wpa_ params->meshid = ssid->ssid; params->meshid_len = ssid->ssid_len; diff --git a/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch b/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch index 1975c2b1787..a60397ce12a 100644 --- a/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch +++ b/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch @@ -5,7 +5,7 @@ Subject: [PATCH] Fix issues with disabling obss scan when using fixed_freq on --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -3421,6 +3421,10 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -3469,6 +3469,10 @@ void ibss_mesh_setup_freq(struct wpa_sup freq->freq = ssid->frequency; diff --git a/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch b/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch index 16962024456..d14a4c63f74 100644 --- a/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch +++ b/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch @@ -13,7 +13,7 @@ Signed-off-by: David Bauer --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3801,6 +3801,8 @@ static int hostapd_config_fill(struct ho +@@ -3572,6 +3572,8 @@ static int hostapd_config_fill(struct ho } else if (os_strcmp(buf, "he_bss_color") == 0) { conf->he_op.he_bss_color = atoi(pos) & 0x3f; conf->he_op.he_bss_color_disabled = 0; diff --git a/package/network/services/hostapd/patches/600-ubus_support.patch b/package/network/services/hostapd/patches/600-ubus_support.patch index 9310fd2d155..90560b21247 100644 --- a/package/network/services/hostapd/patches/600-ubus_support.patch +++ b/package/network/services/hostapd/patches/600-ubus_support.patch @@ -53,7 +53,7 @@ probe/assoc/auth requests via object subscribe. } --- a/src/ap/beacon.c +++ b/src/ap/beacon.c -@@ -1437,6 +1437,12 @@ void handle_probe_req(struct hostapd_dat +@@ -1438,6 +1438,12 @@ void handle_probe_req(struct hostapd_dat int mld_id; u16 links; #endif /* CONFIG_IEEE80211BE */ @@ -66,7 +66,7 @@ probe/assoc/auth requests via object subscribe. if (hapd->iconf->rssi_ignore_probe_request && ssi_signal && ssi_signal < hapd->iconf->rssi_ignore_probe_request) -@@ -1623,6 +1629,12 @@ void handle_probe_req(struct hostapd_dat +@@ -1624,6 +1630,12 @@ void handle_probe_req(struct hostapd_dat } #endif /* CONFIG_P2P */ @@ -92,7 +92,7 @@ probe/assoc/auth requests via object subscribe. return 0; --- a/src/ap/drv_callbacks.c +++ b/src/ap/drv_callbacks.c -@@ -317,6 +317,10 @@ int hostapd_notif_assoc(struct hostapd_d +@@ -330,6 +330,10 @@ int hostapd_notif_assoc(struct hostapd_d struct hostapd_iface *iface = hapd->iface; #endif /* CONFIG_OWE */ bool updated = false; @@ -103,7 +103,7 @@ probe/assoc/auth requests via object subscribe. if (addr == NULL) { /* -@@ -461,6 +465,12 @@ int hostapd_notif_assoc(struct hostapd_d +@@ -468,6 +472,12 @@ int hostapd_notif_assoc(struct hostapd_d goto fail; } @@ -116,7 +116,7 @@ probe/assoc/auth requests via object subscribe. #ifdef CONFIG_P2P if (elems.p2p) { wpabuf_free(sta->p2p_ie); -@@ -1385,6 +1395,7 @@ void hostapd_event_ch_switch(struct host +@@ -1371,6 +1381,7 @@ void hostapd_event_ch_switch(struct host wpa_msg(hapd->msg_ctx, MSG_INFO, AP_CSA_FINISHED "freq=%d dfs=%d", freq, is_dfs); @@ -159,7 +159,7 @@ probe/assoc/auth requests via object subscribe. if (iface->is_no_ir) { hostapd_set_state(iface, HAPD_IFACE_NO_IR); -@@ -3501,6 +3506,7 @@ void hostapd_interface_deinit_free(struc +@@ -3517,6 +3522,7 @@ void hostapd_interface_deinit_free(struc (unsigned int) iface->conf->num_bss); driver = iface->bss[0]->driver; drv_priv = iface->bss[0]->drv_priv; @@ -195,7 +195,7 @@ probe/assoc/auth requests via object subscribe. struct hostapd_iface * hostapd_alloc_iface(void); --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c -@@ -2941,7 +2941,7 @@ static void handle_auth(struct hostapd_d +@@ -3091,7 +3091,7 @@ static void handle_auth(struct hostapd_d u16 auth_alg, auth_transaction, status_code; u16 resp = WLAN_STATUS_SUCCESS; struct sta_info *sta = NULL; @@ -204,7 +204,7 @@ probe/assoc/auth requests via object subscribe. u16 fc; const u8 *challenge = NULL; u8 resp_ies[2 + WLAN_AUTH_CHALLENGE_LEN]; -@@ -2952,6 +2952,11 @@ static void handle_auth(struct hostapd_d +@@ -3102,6 +3102,11 @@ static void handle_auth(struct hostapd_d #ifdef CONFIG_IEEE80211BE bool mld_sta = false; #endif /* CONFIG_IEEE80211BE */ @@ -216,7 +216,7 @@ probe/assoc/auth requests via object subscribe. if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) { wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)", -@@ -3148,6 +3153,13 @@ static void handle_auth(struct hostapd_d +@@ -3298,6 +3303,13 @@ static void handle_auth(struct hostapd_d resp = WLAN_STATUS_UNSPECIFIED_FAILURE; goto fail; } @@ -230,7 +230,7 @@ probe/assoc/auth requests via object subscribe. if (res == HOSTAPD_ACL_PENDING) return; -@@ -5477,7 +5489,7 @@ static void handle_assoc(struct hostapd_ +@@ -5616,7 +5628,7 @@ static void handle_assoc(struct hostapd_ int resp = WLAN_STATUS_SUCCESS; u16 reply_res = WLAN_STATUS_UNSPECIFIED_FAILURE; const u8 *pos; @@ -239,7 +239,7 @@ probe/assoc/auth requests via object subscribe. struct sta_info *sta; u8 *tmp = NULL; #ifdef CONFIG_FILS -@@ -5719,6 +5731,11 @@ static void handle_assoc(struct hostapd_ +@@ -5858,6 +5870,11 @@ static void handle_assoc(struct hostapd_ left = res; } #endif /* CONFIG_FILS */ @@ -251,7 +251,7 @@ probe/assoc/auth requests via object subscribe. /* followed by SSID and Supported rates; and HT capabilities if 802.11n * is used */ -@@ -5826,6 +5843,13 @@ static void handle_assoc(struct hostapd_ +@@ -5965,6 +5982,13 @@ static void handle_assoc(struct hostapd_ if (set_beacon) ieee802_11_update_beacons(hapd->iface); @@ -265,7 +265,7 @@ probe/assoc/auth requests via object subscribe. fail: /* -@@ -6055,6 +6079,7 @@ static void handle_disassoc(struct hosta +@@ -6194,6 +6218,7 @@ static void handle_disassoc(struct hosta (unsigned long) len); return; } @@ -273,7 +273,7 @@ probe/assoc/auth requests via object subscribe. sta = ap_get_sta(hapd, mgmt->sa); if (!sta) { -@@ -6086,6 +6111,8 @@ static void handle_deauth(struct hostapd +@@ -6225,6 +6250,8 @@ static void handle_deauth(struct hostapd /* Clear the PTKSA cache entries for PASN */ ptksa_cache_flush(hapd->ptksa, mgmt->sa, WPA_CIPHER_NONE); @@ -305,7 +305,7 @@ probe/assoc/auth requests via object subscribe. wpa_printf(MSG_DEBUG, "RRM action %u is not supported", --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c -@@ -543,6 +543,7 @@ void ap_handle_timer(void *eloop_ctx, vo +@@ -544,6 +544,7 @@ void ap_handle_timer(void *eloop_ctx, vo hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_INFO, "deauthenticated due to " "local deauth request"); @@ -313,7 +313,7 @@ probe/assoc/auth requests via object subscribe. ap_free_sta(hapd, sta); return; } -@@ -700,6 +701,7 @@ skip_poll: +@@ -701,6 +702,7 @@ skip_poll: mlme_deauthenticate_indication( hapd, sta, WLAN_REASON_PREV_AUTH_NOT_VALID); @@ -321,7 +321,7 @@ probe/assoc/auth requests via object subscribe. ap_free_sta(hapd, sta); break; } -@@ -1588,15 +1590,28 @@ void ap_sta_set_authorized_event(struct +@@ -1589,15 +1591,28 @@ void ap_sta_set_authorized_event(struct os_snprintf(buf, sizeof(buf), MACSTR, MAC2STR(sta->addr)); if (authorized) { @@ -350,7 +350,7 @@ probe/assoc/auth requests via object subscribe. #ifdef CONFIG_P2P if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) { os_snprintf(ip_addr, sizeof(ip_addr), -@@ -1607,6 +1622,13 @@ void ap_sta_set_authorized_event(struct +@@ -1608,6 +1623,13 @@ void ap_sta_set_authorized_event(struct } #endif /* CONFIG_P2P */ @@ -364,7 +364,7 @@ probe/assoc/auth requests via object subscribe. keyid = ap_sta_wpa_get_keyid(hapd, sta); if (keyid) { os_snprintf(keyid_buf, sizeof(keyid_buf), -@@ -1625,17 +1647,19 @@ void ap_sta_set_authorized_event(struct +@@ -1626,17 +1648,19 @@ void ap_sta_set_authorized_event(struct dpp_pkhash, SHA256_MAC_LEN); } @@ -390,7 +390,7 @@ probe/assoc/auth requests via object subscribe. hapd->msg_ctx_parent != hapd->msg_ctx) --- a/src/ap/sta_info.h +++ b/src/ap/sta_info.h -@@ -305,6 +305,7 @@ struct sta_info { +@@ -302,6 +302,7 @@ struct sta_info { #endif /* CONFIG_TESTING_OPTIONS */ #ifdef CONFIG_AIRTIME_POLICY unsigned int airtime_weight; @@ -478,7 +478,7 @@ probe/assoc/auth requests via object subscribe. } --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c -@@ -331,6 +331,7 @@ static void hostapd_wpa_auth_psk_failure +@@ -320,6 +320,7 @@ static void hostapd_wpa_auth_psk_failure struct hostapd_data *hapd = ctx; wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_POSSIBLE_PSK_MISMATCH MACSTR, MAC2STR(addr)); @@ -650,7 +650,7 @@ probe/assoc/auth requests via object subscribe. ifdef CONFIG_CODE_COVERAGE CFLAGS += -O0 -fprofile-arcs -ftest-coverage -U_FORTIFY_SOURCE LIBS += -lgcov -@@ -1044,6 +1051,9 @@ ifdef CONFIG_CTRL_IFACE_MIB +@@ -1046,6 +1053,9 @@ ifdef CONFIG_CTRL_IFACE_MIB CFLAGS += -DCONFIG_CTRL_IFACE_MIB endif OBJS += ../src/ap/ctrl_iface_ap.o @@ -683,7 +683,7 @@ probe/assoc/auth requests via object subscribe. break; --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -8195,6 +8195,8 @@ struct wpa_supplicant * wpa_supplicant_a +@@ -8233,6 +8233,8 @@ struct wpa_supplicant * wpa_supplicant_a } #endif /* CONFIG_P2P */ @@ -692,7 +692,7 @@ probe/assoc/auth requests via object subscribe. return wpa_s; } -@@ -8221,6 +8223,8 @@ int wpa_supplicant_remove_iface(struct w +@@ -8259,6 +8261,8 @@ int wpa_supplicant_remove_iface(struct w struct wpa_supplicant *parent = wpa_s->parent; #endif /* CONFIG_MESH */ @@ -701,7 +701,7 @@ probe/assoc/auth requests via object subscribe. /* Remove interface from the global list of interfaces */ prev = global->ifaces; if (prev == wpa_s) { -@@ -8567,8 +8571,12 @@ int wpa_supplicant_run(struct wpa_global +@@ -8605,8 +8609,12 @@ int wpa_supplicant_run(struct wpa_global eloop_register_signal_terminate(wpa_supplicant_terminate, global); eloop_register_signal_reconfig(wpa_supplicant_reconfig, global); @@ -733,7 +733,7 @@ probe/assoc/auth requests via object subscribe. }; -@@ -705,6 +708,7 @@ struct wpa_supplicant { +@@ -696,6 +699,7 @@ struct wpa_supplicant { unsigned char own_addr[ETH_ALEN]; unsigned char perm_addr[ETH_ALEN]; char ifname[100]; diff --git a/package/network/services/hostapd/patches/601-ucode_support.patch b/package/network/services/hostapd/patches/601-ucode_support.patch index cd713ea286a..7bf464f2d9b 100644 --- a/package/network/services/hostapd/patches/601-ucode_support.patch +++ b/package/network/services/hostapd/patches/601-ucode_support.patch @@ -34,7 +34,7 @@ as adding/removing interfaces. ifdef CONFIG_CODE_COVERAGE --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c -@@ -6031,6 +6031,7 @@ try_again: +@@ -6004,6 +6004,7 @@ try_again: return -1; } @@ -42,7 +42,7 @@ as adding/removing interfaces. wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb); return 0; -@@ -6132,6 +6133,7 @@ fail: +@@ -6105,6 +6106,7 @@ fail: os_free(fname); interface->global_ctrl_sock = s; @@ -157,7 +157,7 @@ as adding/removing interfaces. { #ifdef CONFIG_OWE /* Check whether the enabled BSS can complete OWE transition mode -@@ -2975,7 +2981,7 @@ hostapd_alloc_bss_data(struct hostapd_if +@@ -2976,7 +2982,7 @@ hostapd_alloc_bss_data(struct hostapd_if } @@ -166,7 +166,7 @@ as adding/removing interfaces. { if (!hapd) return; -@@ -4035,7 +4041,8 @@ int hostapd_remove_iface(struct hapd_int +@@ -4051,7 +4057,8 @@ int hostapd_remove_iface(struct hapd_int hapd_iface = interfaces->iface[i]; if (hapd_iface == NULL) return -1; @@ -232,7 +232,7 @@ as adding/removing interfaces. void hostapd_switch_color(struct hostapd_data *hapd, u64 bitmap); --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -4003,6 +4003,25 @@ struct wpa_driver_ops { +@@ -4036,6 +4036,25 @@ struct wpa_driver_ops { const char *ifname); /** @@ -258,7 +258,7 @@ as adding/removing interfaces. * set_sta_vlan - Bind a station into a specific interface (AP only) * @priv: Private driver interface data * @ifname: Interface (main or virtual BSS or VLAN) -@@ -6818,6 +6837,7 @@ union wpa_event_data { +@@ -6851,6 +6870,7 @@ union wpa_event_data { /** * struct ch_switch @@ -266,7 +266,7 @@ as adding/removing interfaces. * @freq: Frequency of new channel in MHz * @ht_enabled: Whether this is an HT channel * @ch_offset: Secondary channel offset -@@ -6828,6 +6848,7 @@ union wpa_event_data { +@@ -6861,6 +6881,7 @@ union wpa_event_data { * @punct_bitmap: Puncturing bitmap */ struct ch_switch { @@ -314,7 +314,7 @@ as adding/removing interfaces. err.err = -ENOMEM; s_nl_cb = nl_socket_get_cb(nl_handle); -@@ -546,6 +563,7 @@ int send_and_recv_glb(struct nl80211_glo +@@ -552,6 +569,7 @@ int send_and_recv_glb(struct nl80211_glo err.err_info = err_info; err.drv = drv; @@ -322,7 +322,7 @@ as adding/removing interfaces. nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err); nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err.err); if (ack_handler_custom) { -@@ -949,6 +967,7 @@ nl80211_get_wiphy_data_ap(struct i802_bs +@@ -955,6 +973,7 @@ nl80211_get_wiphy_data_ap(struct i802_bs os_free(w); return NULL; } @@ -330,7 +330,7 @@ as adding/removing interfaces. nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL); nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, -@@ -1364,7 +1383,7 @@ static void wpa_driver_nl80211_event_rtm +@@ -1370,7 +1389,7 @@ static void wpa_driver_nl80211_event_rtm } wpa_printf(MSG_DEBUG, "nl80211: Interface down (%s/%s)", namebuf, ifname); @@ -339,7 +339,7 @@ as adding/removing interfaces. wpa_printf(MSG_DEBUG, "nl80211: Not the main interface (%s) - do not indicate interface down", drv->first_bss->ifname); -@@ -1400,7 +1419,7 @@ static void wpa_driver_nl80211_event_rtm +@@ -1406,7 +1425,7 @@ static void wpa_driver_nl80211_event_rtm } wpa_printf(MSG_DEBUG, "nl80211: Interface up (%s/%s)", namebuf, ifname); @@ -348,7 +348,7 @@ as adding/removing interfaces. wpa_printf(MSG_DEBUG, "nl80211: Not the main interface (%s) - do not indicate interface up", drv->first_bss->ifname); -@@ -2046,6 +2065,7 @@ static int wpa_driver_nl80211_init_nl_gl +@@ -2052,6 +2071,7 @@ static int wpa_driver_nl80211_init_nl_gl genl_family_put(family); nl_cache_free(cache); @@ -356,7 +356,7 @@ as adding/removing interfaces. nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL); nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, -@@ -2216,6 +2236,7 @@ static int nl80211_init_bss(struct i802_ +@@ -2222,6 +2242,7 @@ static int nl80211_init_bss(struct i802_ if (!bss->nl_cb) return -1; @@ -364,7 +364,7 @@ as adding/removing interfaces. nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL); nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, -@@ -8844,6 +8865,7 @@ static void *i802_init(struct hostapd_da +@@ -8763,6 +8784,7 @@ static void *i802_init(struct hostapd_da char master_ifname[IFNAMSIZ]; int ifindex, br_ifindex = 0; int br_added = 0; @@ -372,7 +372,7 @@ as adding/removing interfaces. bss = wpa_driver_nl80211_drv_init(hapd, params->ifname, params->global_priv, 1, -@@ -8904,21 +8926,17 @@ static void *i802_init(struct hostapd_da +@@ -8823,21 +8845,17 @@ static void *i802_init(struct hostapd_da (params->num_bridge == 0 || !params->bridge[0])) add_ifidx(drv, br_ifindex, drv->ifindex); @@ -404,7 +404,7 @@ as adding/removing interfaces. } if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) { -@@ -9287,6 +9305,50 @@ static int wpa_driver_nl80211_if_remove( +@@ -9210,6 +9228,50 @@ static int wpa_driver_nl80211_if_remove( return 0; } @@ -455,7 +455,7 @@ as adding/removing interfaces. static int cookie_handler(struct nl_msg *msg, void *arg) { -@@ -11150,6 +11212,37 @@ static bool nl80211_is_drv_shared(void * +@@ -11088,6 +11150,37 @@ static bool nl80211_is_drv_shared(void * #endif /* CONFIG_IEEE80211BE */ @@ -493,7 +493,7 @@ as adding/removing interfaces. static int driver_nl80211_send_mlme(void *priv, const u8 *data, size_t data_len, int noack, unsigned int freq, -@@ -14874,6 +14967,8 @@ const struct wpa_driver_ops wpa_driver_n +@@ -14813,6 +14906,8 @@ const struct wpa_driver_ops wpa_driver_n .set_acl = wpa_driver_nl80211_set_acl, .if_add = wpa_driver_nl80211_if_add, .if_remove = driver_nl80211_if_remove, @@ -504,7 +504,7 @@ as adding/removing interfaces. .sta_add = wpa_driver_nl80211_sta_add, --- a/src/drivers/driver_nl80211_event.c +++ b/src/drivers/driver_nl80211_event.c -@@ -1199,6 +1199,7 @@ static void mlme_event_ch_switch(struct +@@ -1213,6 +1213,7 @@ static void mlme_event_ch_switch(struct struct nlattr *bw, struct nlattr *cf1, struct nlattr *cf2, struct nlattr *punct_bitmap, @@ -512,7 +512,7 @@ as adding/removing interfaces. int finished) { struct i802_bss *bss; -@@ -1262,6 +1263,8 @@ static void mlme_event_ch_switch(struct +@@ -1278,6 +1279,8 @@ static void mlme_event_ch_switch(struct data.ch_switch.cf1 = nla_get_u32(cf1); if (cf2) data.ch_switch.cf2 = nla_get_u32(cf2); @@ -521,7 +521,7 @@ as adding/removing interfaces. if (link) { data.ch_switch.link_id = nla_get_u8(link); -@@ -4114,6 +4117,7 @@ static void do_process_drv_event(struct +@@ -4129,6 +4132,7 @@ static void do_process_drv_event(struct tb[NL80211_ATTR_CENTER_FREQ1], tb[NL80211_ATTR_CENTER_FREQ2], tb[NL80211_ATTR_PUNCT_BITMAP], @@ -529,7 +529,7 @@ as adding/removing interfaces. 0); break; case NL80211_CMD_CH_SWITCH_NOTIFY: -@@ -4126,6 +4130,7 @@ static void do_process_drv_event(struct +@@ -4141,6 +4145,7 @@ static void do_process_drv_event(struct tb[NL80211_ATTR_CENTER_FREQ1], tb[NL80211_ATTR_CENTER_FREQ2], tb[NL80211_ATTR_PUNCT_BITMAP], @@ -610,7 +610,7 @@ as adding/removing interfaces. endif ifdef CONFIG_CODE_COVERAGE -@@ -1054,6 +1066,9 @@ OBJS += ../src/ap/ctrl_iface_ap.o +@@ -1056,6 +1068,9 @@ OBJS += ../src/ap/ctrl_iface_ap.o ifdef CONFIG_UBUS OBJS += ../src/ap/ubus.o endif @@ -622,7 +622,7 @@ as adding/removing interfaces. CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c -@@ -6206,6 +6206,7 @@ void supplicant_event(void *ctx, enum wp +@@ -6211,6 +6211,7 @@ void supplicant_event(void *ctx, enum wp event_to_string(event), event); #endif /* CONFIG_NO_STDOUT_DEBUG */ @@ -632,7 +632,7 @@ as adding/removing interfaces. #ifdef CONFIG_FST --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -1256,6 +1256,7 @@ void wpa_supplicant_set_state(struct wpa +@@ -1271,6 +1271,7 @@ void wpa_supplicant_set_state(struct wpa sme_sched_obss_scan(wpa_s, 0); } wpa_s->wpa_state = state; @@ -640,7 +640,7 @@ as adding/removing interfaces. #ifdef CONFIG_BGSCAN if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid) -@@ -8196,6 +8197,7 @@ struct wpa_supplicant * wpa_supplicant_a +@@ -8234,6 +8235,7 @@ struct wpa_supplicant * wpa_supplicant_a #endif /* CONFIG_P2P */ wpas_ubus_add_bss(wpa_s); @@ -648,7 +648,7 @@ as adding/removing interfaces. return wpa_s; } -@@ -8223,6 +8225,7 @@ int wpa_supplicant_remove_iface(struct w +@@ -8261,6 +8263,7 @@ int wpa_supplicant_remove_iface(struct w struct wpa_supplicant *parent = wpa_s->parent; #endif /* CONFIG_MESH */ @@ -656,7 +656,7 @@ as adding/removing interfaces. wpas_ubus_free_bss(wpa_s); /* Remove interface from the global list of interfaces */ -@@ -8533,6 +8536,7 @@ struct wpa_global * wpa_supplicant_init( +@@ -8571,6 +8574,7 @@ struct wpa_global * wpa_supplicant_init( eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0, wpas_periodic, global, NULL); @@ -664,7 +664,7 @@ as adding/removing interfaces. return global; } -@@ -8571,12 +8575,8 @@ int wpa_supplicant_run(struct wpa_global +@@ -8609,12 +8613,8 @@ int wpa_supplicant_run(struct wpa_global eloop_register_signal_terminate(wpa_supplicant_terminate, global); eloop_register_signal_reconfig(wpa_supplicant_reconfig, global); @@ -677,7 +677,7 @@ as adding/removing interfaces. return 0; } -@@ -8609,6 +8609,8 @@ void wpa_supplicant_deinit(struct wpa_gl +@@ -8647,6 +8647,8 @@ void wpa_supplicant_deinit(struct wpa_gl wpas_notify_supplicant_deinitialized(global); @@ -696,7 +696,7 @@ as adding/removing interfaces. extern const char *const wpa_supplicant_version; extern const char *const wpa_supplicant_license; -@@ -709,6 +710,7 @@ struct wpa_supplicant { +@@ -700,6 +701,7 @@ struct wpa_supplicant { unsigned char perm_addr[ETH_ALEN]; char ifname[100]; struct wpas_ubus_bss ubus; @@ -706,7 +706,7 @@ as adding/removing interfaces. #endif /* CONFIG_MATCH_IFACE */ --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c -@@ -555,12 +555,17 @@ const char * sae_get_password(struct hos +@@ -631,12 +631,17 @@ const char * sae_get_password(struct hos struct sae_pt **s_pt, const struct sae_pk **s_pk) { @@ -722,10 +722,10 @@ as adding/removing interfaces. + if (sta && sta->use_sta_psk) + goto use_sta_psk; + - for (pw = hapd->conf->sae_passwords; pw; pw = pw->next) { - if (!is_broadcast_ether_addr(pw->peer_addr) && - (!sta || -@@ -582,12 +587,30 @@ const char * sae_get_password(struct hos + /* With sae_track_password functionality enabled, try to first find the + * next viable wildcard-address password if a password identifier was + * not used. Select an wildcard-addr entry if the STA is known to have +@@ -697,12 +702,30 @@ const char * sae_get_password(struct hos pt = hapd->conf->ssid.pt; } @@ -758,7 +758,7 @@ as adding/removing interfaces. } } -@@ -3273,6 +3296,12 @@ static void handle_auth(struct hostapd_d +@@ -3429,6 +3452,12 @@ static void handle_auth(struct hostapd_d goto fail; } @@ -773,7 +773,7 @@ as adding/removing interfaces. --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c -@@ -475,6 +475,11 @@ void ap_free_sta(struct hostapd_data *ha +@@ -476,6 +476,11 @@ void ap_free_sta(struct hostapd_data *ha forced_memzero(sta->last_tk, WPA_TK_MAX_LEN); #endif /* CONFIG_TESTING_OPTIONS */ @@ -785,7 +785,7 @@ as adding/removing interfaces. os_free(sta); } -@@ -1574,6 +1579,8 @@ void ap_sta_set_authorized_event(struct +@@ -1575,6 +1580,8 @@ void ap_sta_set_authorized_event(struct #endif /* CONFIG_P2P */ const u8 *ip_ptr = NULL; @@ -796,7 +796,7 @@ as adding/removing interfaces. if (sta->p2p_ie != NULL && --- a/src/ap/sta_info.h +++ b/src/ap/sta_info.h -@@ -181,6 +181,9 @@ struct sta_info { +@@ -180,6 +180,9 @@ struct sta_info { int vlan_id_bound; /* updated by ap_sta_bind_vlan() */ /* PSKs from RADIUS authentication server */ struct hostapd_sta_wpa_psk_short *psk; @@ -808,7 +808,7 @@ as adding/removing interfaces. char *radius_cui; /* Chargeable-User-Identity from RADIUS */ --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c -@@ -403,6 +403,7 @@ static const u8 * hostapd_wpa_auth_get_p +@@ -392,6 +392,7 @@ static const u8 * hostapd_wpa_auth_get_p struct sta_info *sta = ap_get_sta(hapd, addr); const u8 *psk; @@ -816,7 +816,7 @@ as adding/removing interfaces. if (vlan_id) *vlan_id = 0; if (psk_len) -@@ -449,13 +450,18 @@ static const u8 * hostapd_wpa_auth_get_p +@@ -438,13 +439,18 @@ static const u8 * hostapd_wpa_auth_get_p * returned psk which should not be returned again. * logic list (all hostapd_get_psk; all sta->psk) */ @@ -836,7 +836,7 @@ as adding/removing interfaces. if (pos->is_passphrase) { if (pbkdf2_sha1(pos->passphrase, hapd->conf->ssid.ssid, -@@ -469,9 +475,13 @@ static const u8 * hostapd_wpa_auth_get_p +@@ -458,9 +464,13 @@ static const u8 * hostapd_wpa_auth_get_p } if (pos->psk == prev_psk) { psk = pos->next ? pos->next->psk : NULL; diff --git a/package/network/services/hostapd/patches/701-reload_config_inline.patch b/package/network/services/hostapd/patches/701-reload_config_inline.patch index 2c2b9d4c303..9c142d1ab60 100644 --- a/package/network/services/hostapd/patches/701-reload_config_inline.patch +++ b/package/network/services/hostapd/patches/701-reload_config_inline.patch @@ -8,7 +8,7 @@ as adding/removing interfaces. --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -5223,7 +5223,12 @@ struct hostapd_config * hostapd_config_r +@@ -4981,7 +4981,12 @@ struct hostapd_config * hostapd_config_r int errors = 0; size_t i; diff --git a/package/network/services/hostapd/patches/710-vlan_no_bridge.patch b/package/network/services/hostapd/patches/710-vlan_no_bridge.patch index 750d159f8d1..fb0a5d4a95f 100644 --- a/package/network/services/hostapd/patches/710-vlan_no_bridge.patch +++ b/package/network/services/hostapd/patches/710-vlan_no_bridge.patch @@ -8,7 +8,7 @@ was provided by the config --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3644,6 +3644,8 @@ static int hostapd_config_fill(struct ho +@@ -3415,6 +3415,8 @@ static int hostapd_config_fill(struct ho #ifndef CONFIG_NO_VLAN } else if (os_strcmp(buf, "dynamic_vlan") == 0) { bss->ssid.dynamic_vlan = atoi(pos); @@ -19,7 +19,7 @@ was provided by the config } else if (os_strcmp(buf, "vlan_file") == 0) { --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h -@@ -121,6 +121,7 @@ struct hostapd_ssid { +@@ -120,6 +120,7 @@ struct hostapd_ssid { #define DYNAMIC_VLAN_OPTIONAL 1 #define DYNAMIC_VLAN_REQUIRED 2 int dynamic_vlan; diff --git a/package/network/services/hostapd/patches/711-wds_bridge_force.patch b/package/network/services/hostapd/patches/711-wds_bridge_force.patch index 7c5a3998f03..c71318be854 100644 --- a/package/network/services/hostapd/patches/711-wds_bridge_force.patch +++ b/package/network/services/hostapd/patches/711-wds_bridge_force.patch @@ -11,7 +11,7 @@ instead rely entirely on netifd handling this properly --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -2472,6 +2472,8 @@ static int hostapd_config_fill(struct ho +@@ -2241,6 +2241,8 @@ static int hostapd_config_fill(struct ho sizeof(conf->bss[0]->iface)); } else if (os_strcmp(buf, "bridge") == 0) { os_strlcpy(bss->bridge, pos, sizeof(bss->bridge)); @@ -22,7 +22,7 @@ instead rely entirely on netifd handling this properly } else if (os_strcmp(buf, "vlan_bridge") == 0) { --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c -@@ -394,8 +394,6 @@ int hostapd_set_wds_sta(struct hostapd_d +@@ -390,8 +390,6 @@ int hostapd_set_wds_sta(struct hostapd_d return -1; if (hapd->conf->wds_bridge[0]) bridge = hapd->conf->wds_bridge; diff --git a/package/network/services/hostapd/patches/720-iface_max_num_sta.patch b/package/network/services/hostapd/patches/720-iface_max_num_sta.patch index 022b2d9621c..6a22a610c53 100644 --- a/package/network/services/hostapd/patches/720-iface_max_num_sta.patch +++ b/package/network/services/hostapd/patches/720-iface_max_num_sta.patch @@ -8,7 +8,7 @@ full device, e.g. in order to deal with hardware/driver limitations --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3088,6 +3088,14 @@ static int hostapd_config_fill(struct ho +@@ -2857,6 +2857,14 @@ static int hostapd_config_fill(struct ho line, bss->max_num_sta, MAX_STA_COUNT); return 1; } @@ -25,7 +25,7 @@ full device, e.g. in order to deal with hardware/driver limitations } else if (os_strcmp(buf, "extended_key_id") == 0) { --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h -@@ -1089,6 +1089,8 @@ struct hostapd_config { +@@ -1069,6 +1069,8 @@ struct hostapd_config { unsigned int track_sta_max_num; unsigned int track_sta_max_age; @@ -36,7 +36,7 @@ full device, e.g. in order to deal with hardware/driver limitations * ' ' (ascii 32): all environments --- a/src/ap/beacon.c +++ b/src/ap/beacon.c -@@ -1653,7 +1653,7 @@ void handle_probe_req(struct hostapd_dat +@@ -1654,7 +1654,7 @@ void handle_probe_req(struct hostapd_dat if (hapd->conf->no_probe_resp_if_max_sta && is_multicast_ether_addr(mgmt->da) && is_multicast_ether_addr(mgmt->bssid) && diff --git a/package/network/services/hostapd/patches/730-ft_iface.patch b/package/network/services/hostapd/patches/730-ft_iface.patch index 4226a59d665..e5d29c30f22 100644 --- a/package/network/services/hostapd/patches/730-ft_iface.patch +++ b/package/network/services/hostapd/patches/730-ft_iface.patch @@ -8,7 +8,7 @@ a VLAN interface on top of the bridge, instead of using the bridge directly --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3285,6 +3285,8 @@ static int hostapd_config_fill(struct ho +@@ -3054,6 +3054,8 @@ static int hostapd_config_fill(struct ho wpa_printf(MSG_INFO, "Line %d: Obsolete peerkey parameter ignored", line); #ifdef CONFIG_IEEE80211R_AP @@ -19,7 +19,7 @@ a VLAN interface on top of the bridge, instead of using the bridge directly hexstr2bin(pos, bss->mobility_domain, --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h -@@ -283,6 +283,7 @@ struct airtime_sta_weight { +@@ -285,6 +285,7 @@ struct airtime_sta_weight { struct hostapd_bss_config { char iface[IFNAMSIZ + 1]; char bridge[IFNAMSIZ + 1]; @@ -29,7 +29,7 @@ a VLAN interface on top of the bridge, instead of using the bridge directly int bridge_hairpin; /* hairpin_mode on bridge members */ --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c -@@ -1829,8 +1829,12 @@ int hostapd_setup_wpa(struct hostapd_dat +@@ -1834,8 +1834,12 @@ int hostapd_setup_wpa(struct hostapd_dat wpa_key_mgmt_ft(hapd->conf->wpa_key_mgmt)) { const char *ft_iface; diff --git a/package/network/services/hostapd/patches/740-snoop_iface.patch b/package/network/services/hostapd/patches/740-snoop_iface.patch index 0d7024af8f1..1933247f8c9 100644 --- a/package/network/services/hostapd/patches/740-snoop_iface.patch +++ b/package/network/services/hostapd/patches/740-snoop_iface.patch @@ -8,7 +8,7 @@ untagged DHCP packets --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -2476,6 +2476,8 @@ static int hostapd_config_fill(struct ho +@@ -2245,6 +2245,8 @@ static int hostapd_config_fill(struct ho os_strlcpy(bss->wds_bridge, pos, sizeof(bss->wds_bridge)); } else if (os_strcmp(buf, "bridge_hairpin") == 0) { bss->bridge_hairpin = atoi(pos); @@ -19,7 +19,7 @@ untagged DHCP packets } else if (os_strcmp(buf, "wds_bridge") == 0) { --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h -@@ -284,6 +284,7 @@ struct hostapd_bss_config { +@@ -286,6 +286,7 @@ struct hostapd_bss_config { char iface[IFNAMSIZ + 1]; char bridge[IFNAMSIZ + 1]; char ft_iface[IFNAMSIZ + 1]; @@ -112,7 +112,7 @@ untagged DHCP packets hapd->x_snoop_initialized = false; --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -4429,7 +4429,7 @@ struct wpa_driver_ops { +@@ -4462,7 +4462,7 @@ struct wpa_driver_ops { * Returns: 0 on success, negative (<0) on failure */ int (*br_set_net_param)(void *priv, enum drv_br_net_param param, @@ -123,7 +123,7 @@ untagged DHCP packets * get_wowlan - Get wake-on-wireless status --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -12853,7 +12853,7 @@ static const char * drv_br_net_param_str +@@ -12789,7 +12789,7 @@ static const char * drv_br_net_param_str static int wpa_driver_br_set_net_param(void *priv, enum drv_br_net_param param, @@ -132,7 +132,7 @@ untagged DHCP packets { struct i802_bss *bss = priv; char path[128]; -@@ -12879,8 +12879,11 @@ static int wpa_driver_br_set_net_param(v +@@ -12815,8 +12815,11 @@ static int wpa_driver_br_set_net_param(v return -EINVAL; } diff --git a/package/network/services/hostapd/patches/760-dynamic_own_ip.patch b/package/network/services/hostapd/patches/760-dynamic_own_ip.patch index 7f1dc117550..f46ba6b2e79 100644 --- a/package/network/services/hostapd/patches/760-dynamic_own_ip.patch +++ b/package/network/services/hostapd/patches/760-dynamic_own_ip.patch @@ -7,7 +7,7 @@ Some servers use the NAS-IP-Address attribute as a destination address --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -2863,6 +2863,8 @@ static int hostapd_config_fill(struct ho +@@ -2632,6 +2632,8 @@ static int hostapd_config_fill(struct ho } else if (os_strcmp(buf, "iapp_interface") == 0) { wpa_printf(MSG_INFO, "DEPRECATED: iapp_interface not used"); #endif /* CONFIG_IAPP */ @@ -18,7 +18,7 @@ Some servers use the NAS-IP-Address attribute as a destination address wpa_printf(MSG_ERROR, --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h -@@ -310,6 +310,7 @@ struct hostapd_bss_config { +@@ -312,6 +312,7 @@ struct hostapd_bss_config { unsigned int eap_sim_db_timeout; int eap_server_erp; /* Whether ERP is enabled on internal EAP server */ struct hostapd_ip_addr own_ip_addr; @@ -28,7 +28,7 @@ Some servers use the NAS-IP-Address attribute as a destination address int radius_require_message_authenticator; --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c -@@ -598,6 +598,10 @@ int add_common_radius_attr(struct hostap +@@ -597,6 +597,10 @@ int add_common_radius_attr(struct hostap struct hostapd_radius_attr *attr; int len; @@ -50,7 +50,7 @@ Some servers use the NAS-IP-Address attribute as a destination address /** * conf - RADIUS client configuration (list of RADIUS servers to use) */ -@@ -819,6 +821,30 @@ static void radius_close_acct_socket(str +@@ -822,6 +824,30 @@ static void radius_close_acct_socket(str /** @@ -81,7 +81,7 @@ Some servers use the NAS-IP-Address attribute as a destination address * radius_client_send - Send a RADIUS request * @radius: RADIUS client context from radius_client_init() * @msg: RADIUS message to be sent -@@ -1714,6 +1740,10 @@ radius_change_server(struct radius_clien +@@ -1733,6 +1759,10 @@ radius_change_server(struct radius_clien wpa_printf(MSG_DEBUG, "RADIUS local address: %s:%u", inet_ntoa(claddr.sin_addr), ntohs(claddr.sin_port)); @@ -92,7 +92,7 @@ Some servers use the NAS-IP-Address attribute as a destination address } break; #ifdef CONFIG_IPV6 -@@ -1725,6 +1755,10 @@ radius_change_server(struct radius_clien +@@ -1744,6 +1774,10 @@ radius_change_server(struct radius_clien inet_ntop(AF_INET6, &claddr6.sin6_addr, abuf, sizeof(abuf)), ntohs(claddr6.sin6_port)); diff --git a/package/network/services/hostapd/patches/762-AP-don-t-ignore-probe-requests-with-invalid-DSSS-par.patch b/package/network/services/hostapd/patches/762-AP-don-t-ignore-probe-requests-with-invalid-DSSS-par.patch index 03b333138ab..e6730021398 100644 --- a/package/network/services/hostapd/patches/762-AP-don-t-ignore-probe-requests-with-invalid-DSSS-par.patch +++ b/package/network/services/hostapd/patches/762-AP-don-t-ignore-probe-requests-with-invalid-DSSS-par.patch @@ -28,7 +28,7 @@ Signed-off-by: David Bauer --- a/src/ap/beacon.c +++ b/src/ap/beacon.c -@@ -1496,7 +1496,7 @@ void handle_probe_req(struct hostapd_dat +@@ -1497,7 +1497,7 @@ void handle_probe_req(struct hostapd_dat * is less likely to see them (Probe Request frame sent on a * neighboring, but partially overlapping, channel). */ diff --git a/package/network/services/hostapd/patches/763-radius-wispr.patch b/package/network/services/hostapd/patches/763-radius-wispr.patch index e8967a85476..1b1797318c0 100644 --- a/package/network/services/hostapd/patches/763-radius-wispr.patch +++ b/package/network/services/hostapd/patches/763-radius-wispr.patch @@ -1,6 +1,6 @@ --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c -@@ -2033,6 +2033,25 @@ static int ieee802_1x_update_vlan(struct +@@ -2000,6 +2000,25 @@ static int ieee802_1x_update_vlan(struct } #endif /* CONFIG_NO_VLAN */ @@ -26,7 +26,7 @@ /** * ieee802_1x_receive_auth - Process RADIUS frames from Authentication Server -@@ -2149,6 +2168,7 @@ ieee802_1x_receive_auth(struct radius_ms +@@ -2116,6 +2135,7 @@ ieee802_1x_receive_auth(struct radius_ms ieee802_1x_check_hs20(hapd, sta, msg, session_timeout_set ? (int) session_timeout : -1); @@ -46,7 +46,7 @@ enum mesh_plink_state plink_state; --- a/src/radius/radius.c +++ b/src/radius/radius.c -@@ -1339,6 +1339,35 @@ radius_msg_get_cisco_keys(struct radius_ +@@ -1377,6 +1377,35 @@ radius_msg_get_cisco_keys(struct radius_ return keys; } @@ -84,7 +84,7 @@ const u8 *req_authenticator, --- a/src/radius/radius.h +++ b/src/radius/radius.h -@@ -233,6 +233,10 @@ enum { +@@ -232,6 +232,10 @@ enum { RADIUS_VENDOR_ATTR_WFA_HS20_T_C_URL = 10, }; @@ -95,7 +95,7 @@ #ifdef _MSC_VER #pragma pack(pop) #endif /* _MSC_VER */ -@@ -306,6 +310,7 @@ radius_msg_get_ms_keys(struct radius_msg +@@ -304,6 +308,7 @@ radius_msg_get_ms_keys(struct radius_msg struct radius_ms_mppe_keys * radius_msg_get_cisco_keys(struct radius_msg *msg, struct radius_msg *sent_msg, const u8 *secret, size_t secret_len); diff --git a/package/network/services/hostapd/patches/770-radius_server.patch b/package/network/services/hostapd/patches/770-radius_server.patch index 53d162e916c..d6fdb167f60 100644 --- a/package/network/services/hostapd/patches/770-radius_server.patch +++ b/package/network/services/hostapd/patches/770-radius_server.patch @@ -56,7 +56,7 @@ handle reload. /** * struct radius_session - Internal RADIUS server data for a session */ -@@ -90,7 +96,7 @@ struct radius_session { +@@ -89,7 +95,7 @@ struct radius_session { unsigned int macacl:1; unsigned int t_c_filtering:1; @@ -65,7 +65,7 @@ handle reload. u32 t_c_timestamp; /* Last read T&C timestamp from user DB */ }; -@@ -394,6 +400,7 @@ static void radius_server_session_free(s +@@ -373,6 +379,7 @@ static void radius_server_session_free(s radius_msg_free(sess->last_reply); os_free(sess->username); os_free(sess->nas_ip); @@ -73,7 +73,7 @@ handle reload. os_free(sess); data->num_sess--; } -@@ -554,6 +561,36 @@ radius_server_erp_find_key(struct radius +@@ -533,6 +540,36 @@ radius_server_erp_find_key(struct radius } #endif /* CONFIG_ERP */ @@ -110,7 +110,7 @@ handle reload. static struct radius_session * radius_server_get_new_session(struct radius_server_data *data, -@@ -607,7 +644,7 @@ radius_server_get_new_session(struct rad +@@ -586,7 +623,7 @@ radius_server_get_new_session(struct rad eap_user_free(tmp); return NULL; } @@ -119,7 +119,7 @@ handle reload. sess->macacl = tmp->macacl; eap_user_free(tmp); -@@ -1123,11 +1160,10 @@ radius_server_encapsulate_eap(struct rad +@@ -923,11 +960,10 @@ radius_server_encapsulate_eap(struct rad } if (code == RADIUS_CODE_ACCESS_ACCEPT) { @@ -135,7 +135,7 @@ handle reload. wpa_printf(MSG_ERROR, "Could not add RADIUS attribute"); radius_msg_free(msg); return NULL; -@@ -1221,11 +1257,10 @@ radius_server_macacl(struct radius_serve +@@ -1023,11 +1059,10 @@ radius_server_macacl(struct radius_serve } if (code == RADIUS_CODE_ACCESS_ACCEPT) { @@ -151,12 +151,12 @@ handle reload. wpa_printf(MSG_ERROR, "Could not add RADIUS attribute"); radius_msg_free(msg); return NULL; -@@ -2527,7 +2562,7 @@ static int radius_server_get_eap_user(vo +@@ -2335,7 +2370,7 @@ static int radius_server_get_eap_user(vo ret = data->get_eap_user(data->conf_ctx, identity, identity_len, phase2, user); if (ret == 0 && user) { - sess->accept_attr = user->accept_attr; + sess->accept_attr = radius_server_copy_attr(user->accept_attr); - sess->remediation = user->remediation; sess->macacl = user->macacl; sess->t_c_timestamp = user->t_c_timestamp; + } diff --git a/package/network/services/hostapd/patches/780-Implement-APuP-Access-Point-Micro-Peering.patch b/package/network/services/hostapd/patches/780-Implement-APuP-Access-Point-Micro-Peering.patch index d21027636a5..72c48a3d003 100644 --- a/package/network/services/hostapd/patches/780-Implement-APuP-Access-Point-Micro-Peering.patch +++ b/package/network/services/hostapd/patches/780-Implement-APuP-Access-Point-Micro-Peering.patch @@ -53,7 +53,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6 --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -5216,6 +5216,15 @@ static int hostapd_config_fill(struct ho +@@ -4974,6 +4974,15 @@ static int hostapd_config_fill(struct ho bss->mld_indicate_disabled = atoi(pos); #endif /* CONFIG_TESTING_OPTIONS */ #endif /* CONFIG_IEEE80211BE */ @@ -71,7 +71,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6 "Line %d: unknown configuration item '%s'", --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h -@@ -1002,6 +1002,35 @@ struct hostapd_bss_config { +@@ -982,6 +982,35 @@ struct hostapd_bss_config { int mbssid_index; bool spp_amsdu; @@ -109,7 +109,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6 /** --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c -@@ -389,13 +389,39 @@ int hostapd_set_wds_sta(struct hostapd_d +@@ -385,13 +385,39 @@ int hostapd_set_wds_sta(struct hostapd_d const u8 *addr, int aid, int val) { const char *bridge = NULL; @@ -373,7 +373,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6 #ifdef CONFIG_FILS static struct wpabuf * -@@ -3664,8 +3667,8 @@ static u16 check_multi_ap(struct hostapd +@@ -3820,8 +3823,8 @@ static u16 check_multi_ap(struct hostapd } @@ -384,7 +384,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6 { /* Supported rates not used in IEEE 802.11ad/DMG */ if (hapd->iface->current_mode && -@@ -4105,7 +4108,7 @@ static int __check_assoc_ies(struct host +@@ -4263,7 +4266,7 @@ static int __check_assoc_ies(struct host elems->ext_capab_len); if (resp != WLAN_STATUS_SUCCESS) return resp; @@ -393,7 +393,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6 if (resp != WLAN_STATUS_SUCCESS) return resp; -@@ -6175,6 +6178,11 @@ static void handle_beacon(struct hostapd +@@ -6314,6 +6317,11 @@ static void handle_beacon(struct hostapd 0); ap_list_process_beacon(hapd->iface, mgmt, &elems, fi); @@ -407,7 +407,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6 --- a/src/ap/ieee802_11.h +++ b/src/ap/ieee802_11.h -@@ -108,6 +108,8 @@ int hostapd_process_ml_assoc_req_addr(st +@@ -114,6 +114,8 @@ int hostapd_process_ml_assoc_req_addr(st const u8 *basic_mle, size_t basic_mle_len, u8 *mld_addr); int hostapd_get_aid(struct hostapd_data *hapd, struct sta_info *sta); @@ -418,7 +418,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6 u16 copy_sta_vendor_vht(struct hostapd_data *hapd, struct sta_info *sta, --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -4123,7 +4123,7 @@ struct wpa_driver_ops { +@@ -4156,7 +4156,7 @@ struct wpa_driver_ops { * Returns: 0 on success, -1 on failure */ int (*set_wds_sta)(void *priv, const u8 *addr, int aid, int val, @@ -429,7 +429,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6 * send_action - Transmit an Action frame --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -8699,25 +8699,15 @@ static int have_ifidx(struct wpa_driver_ +@@ -8615,25 +8615,15 @@ static int have_ifidx(struct wpa_driver_ static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val, diff --git a/package/network/services/hostapd/patches/803-hostapd-fix-80211be-build.patch b/package/network/services/hostapd/patches/803-hostapd-fix-80211be-build.patch index 85c745d187a..d2b7b0b414a 100644 --- a/package/network/services/hostapd/patches/803-hostapd-fix-80211be-build.patch +++ b/package/network/services/hostapd/patches/803-hostapd-fix-80211be-build.patch @@ -1,6 +1,6 @@ --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c -@@ -1970,3 +1970,22 @@ void ap_sta_free_sta_profile(struct mld_ +@@ -1971,3 +1971,22 @@ void ap_sta_free_sta_profile(struct mld_ } } #endif /* CONFIG_IEEE80211BE */ @@ -25,7 +25,7 @@ + --- a/src/ap/sta_info.h +++ b/src/ap/sta_info.h -@@ -414,23 +414,8 @@ int ap_sta_re_add(struct hostapd_data *h +@@ -411,23 +411,8 @@ int ap_sta_re_add(struct hostapd_data *h void ap_free_sta_pasn(struct hostapd_data *hapd, struct sta_info *sta);