From 24d0e74627bb12305a8b0058af6261f3fd4012bf Mon Sep 17 00:00:00 2001 From: Eneas U de Queiroz Date: Sat, 10 Feb 2024 18:10:08 -0300 Subject: [PATCH] hostapd: bump to 2024-03-09 This brings many changes, including fixes for a couple of memory leaks, and improved interoperability with 802.11r. There are also many changes related to 802.11be, which is not enabled at this time. Fixed upstream: - 022-hostapd-fix-use-of-uninitialized-stack-variables.patch - 180-driver_nl80211-fix-setting-QoS-map-on-secondary-BSSs.patch - 993-2023-10-28-ACS-Fix-typo-in-bw_40-frequency-array.patch Switch PKG_SOURCE_URL to https, since http is not currently working. Signed-off-by: Eneas U de Queiroz Tested-by: Ilya Katsnelson Tested by: Andrew Sim --- package/network/services/hostapd/Makefile | 10 +- .../001-wolfssl-init-RNG-with-ECC-key.patch | 43 ----- ...hannels-to-be-selected-if-dfs-is-ena.patch | 28 +-- ...erministic-channel-on-channel-switch.patch | 6 +- ...ix-sta-add-after-previous-connection.patch | 4 +- ...use-of-uninitialized-stack-variables.patch | 25 --- ...ewrite-neigh-code-to-not-depend-on-l.patch | 18 +- ...ssing-authentication-frames-in-block.patch | 2 +- .../hostapd/patches/050-build_fix.patch | 4 +- ...edtls-TLS-crypto-option-initial-port.patch | 42 ++--- .../patches/120-mbedtls-fips186_2_prf.patch | 4 +- ...efile-make-run-tests-with-CONFIG_TLS.patch | 166 ++++++++---------- ...tapd-update-cfs0-and-cfs1-for-160MHz.patch | 24 +-- ...ix-setting-QoS-map-on-secondary-BSSs.patch | 20 --- ...pdate-drv-ifindex-on-removing-the-fi.patch | 2 +- ...0211_put_freq_params-call-outside-of.patch | 8 +- ...hannel_list_update_timeout-in-hostap.patch | 4 +- .../hostapd/patches/200-multicall.patch | 48 ++--- .../services/hostapd/patches/300-noscan.patch | 6 +- .../hostapd/patches/301-mesh-noscan.patch | 18 +- .../patches/310-rescan_immediately.patch | 2 +- .../patches/330-nl80211_fix_set_freq.patch | 2 +- .../341-mesh-ctrl-iface-channel-switch.patch | 14 +- .../patches/350-nl80211_del_beacon_bss.patch | 9 +- .../patches/380-disable_ctrl_iface_mib.patch | 34 ++-- .../patches/390-wpa_ie_cap_workaround.patch | 4 +- .../patches/420-indicate-features.patch | 4 +- .../patches/430-hostapd_cli_ifdef.patch | 4 +- ...dd-new-config-params-to-be-used-with.patch | 8 +- ...ion-of-WLAN_SUPP_RATES_MAX-to-defs.h.patch | 76 ++++++++ .../patches/463-add-mcast_rate-to-11s.patch | 6 +- .../patches/464-fix-mesh-obss-check.patch | 2 +- ...tapd-config-support-random-BSS-color.patch | 2 +- .../patches/470-survey_data_fallback.patch | 4 +- .../patches/500-lto-jobserver-support.patch | 6 +- .../patches/590-rrm-wnm-statistics.patch | 14 +- .../hostapd/patches/600-ubus_support.patch | 96 +++++----- .../hostapd/patches/601-ucode_support.patch | 107 +++++------ .../patches/701-reload_config_inline.patch | 2 +- .../hostapd/patches/710-vlan_no_bridge.patch | 2 +- .../patches/711-wds_bridge_force.patch | 4 +- .../patches/720-iface_max_num_sta.patch | 10 +- .../hostapd/patches/730-ft_iface.patch | 4 +- .../hostapd/patches/740-snoop_iface.patch | 8 +- ...750-qos_map_set_without_interworking.patch | 18 +- .../751-qos_map_ignore_when_unsupported.patch | 2 +- .../hostapd/patches/760-dynamic_own_ip.patch | 14 +- .../hostapd/patches/761-shared_das_port.patch | 2 +- .../hostapd/patches/770-radius_server.patch | 2 +- ..._AP-functions-dependant-on-CONFIG_AP.patch | 4 +- .../patches/991-Fix-OpenWrt-13156.patch | 10 +- ...-extra-ies-only-if-allowed-by-driver.patch | 6 +- ...CS-Fix-typo-in-bw_40-frequency-array.patch | 25 --- .../services/hostapd/src/src/ap/ubus.c | 3 +- .../services/hostapd/src/src/ap/ubus.h | 3 + 55 files changed, 477 insertions(+), 518 deletions(-) delete mode 100644 package/network/services/hostapd/patches/001-wolfssl-init-RNG-with-ECC-key.patch delete mode 100644 package/network/services/hostapd/patches/022-hostapd-fix-use-of-uninitialized-stack-variables.patch delete mode 100644 package/network/services/hostapd/patches/180-driver_nl80211-fix-setting-QoS-map-on-secondary-BSSs.patch create mode 100644 package/network/services/hostapd/patches/461-Move-definition-of-WLAN_SUPP_RATES_MAX-to-defs.h.patch delete mode 100644 package/network/services/hostapd/patches/993-2023-10-28-ACS-Fix-typo-in-bw_40-frequency-array.patch diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile index 2b072bd599..780acc47c4 100644 --- a/package/network/services/hostapd/Makefile +++ b/package/network/services/hostapd/Makefile @@ -5,13 +5,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=hostapd -PKG_RELEASE:=6 +PKG_RELEASE:=1 -PKG_SOURCE_URL:=http://w1.fi/hostap.git +PKG_SOURCE_URL:=https://w1.fi/hostap.git PKG_SOURCE_PROTO:=git -PKG_SOURCE_DATE:=2023-09-08 -PKG_SOURCE_VERSION:=e5ccbfc69ecf297590341ae8b461edba9d8e964c -PKG_MIRROR_HASH:=8be806f6c88e736fff920e0d3e2cde7188fbf640fef47e9aeaad504674bfc0f3 +PKG_SOURCE_DATE:=2024-03-09 +PKG_SOURCE_VERSION:=695277a5b3da08b9a8a4e7117b933deb8b4950a7 +PKG_MIRROR_HASH:=8d6cb89be101bb3dcd84e7eb29484111dfeeeadf49eae85594b08011ba0ed62e PKG_MAINTAINER:=Felix Fietkau PKG_LICENSE:=BSD-3-Clause diff --git a/package/network/services/hostapd/patches/001-wolfssl-init-RNG-with-ECC-key.patch b/package/network/services/hostapd/patches/001-wolfssl-init-RNG-with-ECC-key.patch deleted file mode 100644 index 269dcaac75..0000000000 --- a/package/network/services/hostapd/patches/001-wolfssl-init-RNG-with-ECC-key.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 21ce83b4ae2b9563175fdb4fc4312096cc399cf8 Mon Sep 17 00:00:00 2001 -From: David Bauer -Date: Wed, 5 May 2021 00:44:34 +0200 -Subject: [PATCH] wolfssl: add RNG to EC key - -Since upstream commit 6467de5a8840 ("Randomize z ordinates in -scalar mult when timing resistant") WolfSSL requires a RNG for -the EC key when built hardened which is the default. - -Set the RNG for the EC key to fix connections for OWE clients. - -Signed-off-by: David Bauer ---- - src/crypto/crypto_wolfssl.c | 4 ++++ - 1 file changed, 4 insertions(+) - ---- a/src/crypto/crypto_wolfssl.c -+++ b/src/crypto/crypto_wolfssl.c -@@ -1340,6 +1340,7 @@ int ecc_projective_add_point(ecc_point * - - struct crypto_ec { - ecc_key key; -+ WC_RNG rng; - mp_int a; - mp_int prime; - mp_int order; -@@ -1394,6 +1395,8 @@ struct crypto_ec * crypto_ec_init(int gr - return NULL; - - if (wc_ecc_init(&e->key) != 0 || -+ wc_InitRng(&e->rng) != 0 || -+ wc_ecc_set_rng(&e->key, &e->rng) != 0 || - wc_ecc_set_curve(&e->key, 0, curve_id) != 0 || - mp_init(&e->a) != MP_OKAY || - mp_init(&e->prime) != MP_OKAY || -@@ -1425,6 +1428,7 @@ void crypto_ec_deinit(struct crypto_ec* - mp_clear(&e->order); - mp_clear(&e->prime); - mp_clear(&e->a); -+ wc_FreeRng(&e->rng); - wc_ecc_free(&e->key); - os_free(e); - } diff --git a/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch b/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch index 0a51c84d21..4291f01518 100644 --- a/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch +++ b/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch @@ -9,12 +9,12 @@ Note: DFS is assumed to be usable if a country code has been set Signed-off-by: Benjamin Berg Signed-off-by: Peter Oh --- - wpa_supplicant/wpa_supplicant.c | 25 +++++++++++++++++++------ - 1 file changed, 19 insertions(+), 6 deletions(-) + wpa_supplicant/wpa_supplicant.c | 38 ++++++++++++++++++++++----------- + 1 file changed, 25 insertions(+), 13 deletions(-) --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -2638,7 +2638,7 @@ static int drv_supports_vht(struct wpa_s +@@ -2698,7 +2698,7 @@ static int drv_supports_vht(struct wpa_s } @@ -23,7 +23,7 @@ Signed-off-by: Peter Oh { int i; -@@ -2647,7 +2647,10 @@ static bool ibss_mesh_is_80mhz_avail(int +@@ -2707,7 +2707,10 @@ static bool ibss_mesh_is_80mhz_avail(int chan = hw_get_channel_chan(mode, i, NULL); if (!chan || @@ -35,7 +35,7 @@ Signed-off-by: Peter Oh return false; } -@@ -2774,7 +2777,7 @@ static void ibss_mesh_select_40mhz(struc +@@ -2834,7 +2837,7 @@ static void ibss_mesh_select_40mhz(struc const struct wpa_ssid *ssid, struct hostapd_hw_modes *mode, struct hostapd_freq_params *freq, @@ -44,7 +44,7 @@ Signed-off-by: Peter Oh int chan_idx; struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL; int i, res; -@@ -2798,8 +2801,11 @@ static void ibss_mesh_select_40mhz(struc +@@ -2858,8 +2861,11 @@ static void ibss_mesh_select_40mhz(struc return; /* Check primary channel flags */ @@ -57,7 +57,7 @@ Signed-off-by: Peter Oh #ifdef CONFIG_HT_OVERRIDES if (ssid->disable_ht40) -@@ -2825,8 +2831,11 @@ static void ibss_mesh_select_40mhz(struc +@@ -2885,8 +2891,11 @@ static void ibss_mesh_select_40mhz(struc return; /* Check secondary channel flags */ @@ -70,7 +70,7 @@ Signed-off-by: Peter Oh if (ht40 == -1) { if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS)) -@@ -2880,7 +2889,7 @@ static bool ibss_mesh_select_80_160mhz(s +@@ -2940,7 +2949,7 @@ static bool ibss_mesh_select_80_160mhz(s const struct wpa_ssid *ssid, struct hostapd_hw_modes *mode, struct hostapd_freq_params *freq, @@ -79,7 +79,7 @@ Signed-off-by: Peter Oh static const int bw80[] = { 5180, 5260, 5500, 5580, 5660, 5745, 5825, 5955, 6035, 6115, 6195, 6275, 6355, 6435, -@@ -2925,7 +2934,7 @@ static bool ibss_mesh_select_80_160mhz(s +@@ -2985,7 +2994,7 @@ static bool ibss_mesh_select_80_160mhz(s goto skip_80mhz; /* Use 40 MHz if channel not usable */ @@ -88,7 +88,7 @@ Signed-off-by: Peter Oh goto skip_80mhz; chwidth = CONF_OPER_CHWIDTH_80MHZ; -@@ -2939,7 +2948,7 @@ static bool ibss_mesh_select_80_160mhz(s +@@ -2999,7 +3008,7 @@ static bool ibss_mesh_select_80_160mhz(s if ((mode->he_capab[ieee80211_mode].phy_cap[ HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] & HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz && @@ -97,7 +97,7 @@ Signed-off-by: Peter Oh for (j = 0; j < ARRAY_SIZE(bw160); j++) { if (freq->freq == bw160[j]) { chwidth = CONF_OPER_CHWIDTH_160MHZ; -@@ -2967,10 +2976,12 @@ static bool ibss_mesh_select_80_160mhz(s +@@ -3027,10 +3036,12 @@ static bool ibss_mesh_select_80_160mhz(s if (!chan) continue; @@ -113,15 +113,15 @@ Signed-off-by: Peter Oh /* Found a suitable second segment for 80+80 */ chwidth = CONF_OPER_CHWIDTH_80P80MHZ; -@@ -3025,6 +3036,7 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -3085,6 +3096,7 @@ void ibss_mesh_setup_freq(struct wpa_sup int i, obss_scan = 1; u8 channel; - bool is_6ghz; + bool is_6ghz, is_24ghz; + bool dfs_enabled = wpa_s->conf->country[0] && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR); freq->freq = ssid->frequency; -@@ -3070,9 +3082,9 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -3133,9 +3145,9 @@ void ibss_mesh_setup_freq(struct wpa_sup freq->channel = channel; /* Setup higher BW only for 5 GHz */ if (mode->mode == HOSTAPD_MODE_IEEE80211A) { diff --git a/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch b/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch index 07b7a5971d..a53fcc480c 100644 --- a/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch +++ b/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch @@ -64,11 +64,11 @@ Signed-off-by: Markus Theil return NULL; + chan_idx = _rand % num_available_chandefs; - dfs_find_channel(iface, &chan, chan_idx, type); - if (!chan) { + wpa_printf(MSG_DEBUG, "DFS: Picked random entry from the list: %d/%d", + chan_idx, num_available_chandefs); --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -11017,6 +11017,10 @@ static int nl80211_switch_channel(void * +@@ -11195,6 +11195,10 @@ static int nl80211_switch_channel(void * if (ret) goto error; diff --git a/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch b/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch index edf599e3e2..b1eba69c55 100644 --- a/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch +++ b/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch @@ -1,6 +1,6 @@ --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c -@@ -4621,6 +4621,13 @@ static int add_associated_sta(struct hos +@@ -4659,6 +4659,13 @@ static int add_associated_sta(struct hos * drivers to accept the STA parameter configuration. Since this is * after a new FT-over-DS exchange, a new TK has been derived, so key * reinstallation is not a concern for this case. @@ -14,7 +14,7 @@ */ wpa_printf(MSG_DEBUG, "Add associated STA " MACSTR " (added_unassoc=%d auth_alg=%u ft_over_ds=%u reassoc=%d authorized=%d ft_tk=%d fils_tk=%d)", -@@ -4634,7 +4641,8 @@ static int add_associated_sta(struct hos +@@ -4672,7 +4679,8 @@ static int add_associated_sta(struct hos (!(sta->flags & WLAN_STA_AUTHORIZED) || (reassoc && sta->ft_over_ds && sta->auth_alg == WLAN_AUTH_FT) || (!wpa_auth_sta_ft_tk_already_set(sta->wpa_sm) && diff --git a/package/network/services/hostapd/patches/022-hostapd-fix-use-of-uninitialized-stack-variables.patch b/package/network/services/hostapd/patches/022-hostapd-fix-use-of-uninitialized-stack-variables.patch deleted file mode 100644 index 8dec325c98..0000000000 --- a/package/network/services/hostapd/patches/022-hostapd-fix-use-of-uninitialized-stack-variables.patch +++ /dev/null @@ -1,25 +0,0 @@ -From: Felix Fietkau -Date: Thu, 8 Jul 2021 16:33:03 +0200 -Subject: [PATCH] hostapd: fix use of uninitialized stack variables - -When a CSA is performed on an 80 MHz channel, hostapd_change_config_freq -unconditionally calls hostapd_set_oper_centr_freq_seg0/1_idx with seg0/1 -filled by ieee80211_freq_to_chan. -However, if ieee80211_freq_to_chan fails (because the freq is 0 or invalid), -seg0/1 remains uninitialized and filled with stack garbage, causing errors -such as "hostapd: 80 MHz: center segment 1 configured" - -Signed-off-by: Felix Fietkau ---- - ---- a/src/ap/hostapd.c -+++ b/src/ap/hostapd.c -@@ -3764,7 +3764,7 @@ static int hostapd_change_config_freq(st - struct hostapd_freq_params *old_params) - { - int channel; -- u8 seg0, seg1; -+ u8 seg0 = 0, seg1 = 0; - struct hostapd_hw_modes *mode; - - if (!params->channel) { diff --git a/package/network/services/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch b/package/network/services/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch index ef2bb408fb..c5cf8b1b79 100644 --- a/package/network/services/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch +++ b/package/network/services/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch @@ -10,17 +10,17 @@ Signed-off-by: Felix Fietkau --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -16,9 +16,6 @@ - #include +@@ -18,9 +18,6 @@ #include #include + #include -#ifdef CONFIG_LIBNL3_ROUTE -#include -#endif /* CONFIG_LIBNL3_ROUTE */ #include #include #include -@@ -5783,26 +5780,29 @@ fail: +@@ -5859,26 +5856,29 @@ fail: static void rtnl_neigh_delete_fdb_entry(struct i802_bss *bss, const u8 *addr) { @@ -64,7 +64,7 @@ Signed-off-by: Felix Fietkau if (err < 0) { wpa_printf(MSG_DEBUG, "nl80211: bridge FDB entry delete for " MACSTR " ifindex=%d failed: %s", MAC2STR(addr), -@@ -5812,9 +5812,8 @@ static void rtnl_neigh_delete_fdb_entry( +@@ -5888,9 +5888,8 @@ static void rtnl_neigh_delete_fdb_entry( MACSTR, MAC2STR(addr)); } @@ -76,7 +76,7 @@ Signed-off-by: Felix Fietkau } -@@ -8492,7 +8491,6 @@ static void *i802_init(struct hostapd_da +@@ -8615,7 +8614,6 @@ static void *i802_init(struct hostapd_da (params->num_bridge == 0 || !params->bridge[0])) add_ifidx(drv, br_ifindex, drv->ifindex); @@ -84,7 +84,7 @@ Signed-off-by: Felix Fietkau if (bss->added_if_into_bridge || bss->already_in_bridge) { int err; -@@ -8509,7 +8507,6 @@ static void *i802_init(struct hostapd_da +@@ -8632,7 +8630,6 @@ static void *i802_init(struct hostapd_da goto failed; } } @@ -92,7 +92,7 @@ Signed-off-by: Felix Fietkau if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) { wpa_printf(MSG_DEBUG, -@@ -11883,13 +11880,14 @@ static int wpa_driver_br_add_ip_neigh(vo +@@ -12071,13 +12068,14 @@ static int wpa_driver_br_add_ip_neigh(vo const u8 *ipaddr, int prefixlen, const u8 *addr) { @@ -112,7 +112,7 @@ Signed-off-by: Felix Fietkau int res; if (!ipaddr || prefixlen == 0 || !addr) -@@ -11908,85 +11906,66 @@ static int wpa_driver_br_add_ip_neigh(vo +@@ -12096,85 +12094,66 @@ static int wpa_driver_br_add_ip_neigh(vo } if (version == 4) { @@ -220,7 +220,7 @@ Signed-off-by: Felix Fietkau addrsize = 16; } else { return -EINVAL; -@@ -12004,41 +11983,30 @@ static int wpa_driver_br_delete_ip_neigh +@@ -12192,41 +12171,30 @@ static int wpa_driver_br_delete_ip_neigh return -1; } diff --git a/package/network/services/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch b/package/network/services/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch index b7bf9e351e..636ec2d9c8 100644 --- a/package/network/services/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch +++ b/package/network/services/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch @@ -16,7 +16,7 @@ Signed-off-by: Felix Fietkau --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c -@@ -3020,15 +3020,6 @@ static void handle_auth(struct hostapd_d +@@ -3032,15 +3032,6 @@ static void handle_auth(struct hostapd_d seq_ctrl); return; } diff --git a/package/network/services/hostapd/patches/050-build_fix.patch b/package/network/services/hostapd/patches/050-build_fix.patch index 8680b07c66..005cc726c6 100644 --- a/package/network/services/hostapd/patches/050-build_fix.patch +++ b/package/network/services/hostapd/patches/050-build_fix.patch @@ -1,6 +1,6 @@ --- a/hostapd/Makefile +++ b/hostapd/Makefile -@@ -324,6 +324,7 @@ ifdef CONFIG_FILS +@@ -326,6 +326,7 @@ ifdef CONFIG_FILS CFLAGS += -DCONFIG_FILS OBJS += ../src/ap/fils_hlp.o NEED_SHA384=y @@ -10,7 +10,7 @@ CFLAGS += -DCONFIG_FILS_SK_PFS --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -331,6 +331,7 @@ endif +@@ -334,6 +334,7 @@ endif ifdef CONFIG_FILS CFLAGS += -DCONFIG_FILS NEED_SHA384=y diff --git a/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch b/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch index 22107944dc..7c82c469aa 100644 --- a/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch +++ b/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch @@ -21,7 +21,7 @@ Signed-off-by: Glenn Strauss --- a/hostapd/Makefile +++ b/hostapd/Makefile -@@ -745,6 +745,40 @@ endif +@@ -758,6 +758,40 @@ endif CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\" endif @@ -62,7 +62,7 @@ Signed-off-by: Glenn Strauss ifeq ($(CONFIG_TLS), gnutls) ifndef CONFIG_CRYPTO # default to libgcrypt -@@ -924,9 +958,11 @@ endif +@@ -937,9 +971,11 @@ endif ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), wolfssl) @@ -74,7 +74,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_AES_EAX AESOBJS += ../src/crypto/aes-eax.o NEED_AES_CTR=y -@@ -936,38 +972,48 @@ AESOBJS += ../src/crypto/aes-siv.o +@@ -949,38 +985,48 @@ AESOBJS += ../src/crypto/aes-siv.o NEED_AES_CTR=y endif ifdef NEED_AES_CTR @@ -123,7 +123,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_AES_DEC ifdef CONFIG_INTERNAL_AES AESOBJS += ../src/crypto/aes-internal-dec.o -@@ -982,12 +1028,16 @@ ifneq ($(CONFIG_TLS), openssl) +@@ -995,12 +1041,16 @@ ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), linux) ifneq ($(CONFIG_TLS), gnutls) ifneq ($(CONFIG_TLS), wolfssl) @@ -140,7 +140,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_INTERNAL_SHA1 SHA1OBJS += ../src/crypto/sha1-internal.o ifdef NEED_FIPS186_2_PRF -@@ -996,16 +1046,22 @@ endif +@@ -1009,16 +1059,22 @@ endif endif ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), wolfssl) @@ -163,7 +163,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_SHA1 OBJS += $(SHA1OBJS) -@@ -1015,11 +1071,13 @@ ifneq ($(CONFIG_TLS), openssl) +@@ -1028,11 +1084,13 @@ ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), linux) ifneq ($(CONFIG_TLS), gnutls) ifneq ($(CONFIG_TLS), wolfssl) @@ -177,7 +177,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_MD5 ifdef CONFIG_INTERNAL_MD5 -@@ -1058,56 +1116,81 @@ ifneq ($(CONFIG_TLS), openssl) +@@ -1071,56 +1129,81 @@ ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), linux) ifneq ($(CONFIG_TLS), gnutls) ifneq ($(CONFIG_TLS), wolfssl) @@ -259,7 +259,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_INTERNAL_SHA384 CFLAGS += -DCONFIG_INTERNAL_SHA384 -@@ -1152,11 +1235,13 @@ HOBJS += $(SHA1OBJS) +@@ -1165,11 +1248,13 @@ HOBJS += $(SHA1OBJS) ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), linux) ifneq ($(CONFIG_TLS), wolfssl) @@ -273,7 +273,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_RADIUS_SERVER CFLAGS += -DRADIUS_SERVER -@@ -1329,7 +1414,9 @@ NOBJS += ../src/utils/trace.o +@@ -1342,7 +1427,9 @@ NOBJS += ../src/utils/trace.o endif HOBJS += hlr_auc_gw.o ../src/utils/common.o ../src/utils/wpa_debug.o ../src/utils/os_$(CONFIG_OS).o ../src/utils/wpabuf.o ../src/crypto/milenage.o @@ -283,7 +283,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_INTERNAL_AES HOBJS += ../src/crypto/aes-internal.o HOBJS += ../src/crypto/aes-internal-enc.o -@@ -1352,13 +1439,17 @@ SOBJS += ../src/common/sae.o +@@ -1365,13 +1452,17 @@ SOBJS += ../src/common/sae.o SOBJS += ../src/common/sae_pk.o SOBJS += ../src/common/dragonfly.o SOBJS += $(AESOBJS) @@ -326,7 +326,7 @@ Signed-off-by: Glenn Strauss # Driver interface for Host AP driver CONFIG_DRIVER_HOSTAP=y -@@ -278,6 +290,7 @@ CONFIG_IPV6=y +@@ -281,6 +293,7 @@ CONFIG_IPV6=y # openssl = OpenSSL (default) # gnutls = GnuTLS # internal = Internal TLSv1 implementation (experimental) @@ -7765,7 +7765,7 @@ Signed-off-by: Glenn Strauss CONFIG_SIM_SIMULATOR=y --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -1163,6 +1163,29 @@ endif +@@ -1230,6 +1230,29 @@ endif CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\" endif @@ -7795,7 +7795,7 @@ Signed-off-by: Glenn Strauss ifeq ($(CONFIG_TLS), gnutls) ifndef CONFIG_CRYPTO # default to libgcrypt -@@ -1355,9 +1378,11 @@ endif +@@ -1422,9 +1445,11 @@ endif ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), wolfssl) @@ -7807,7 +7807,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_OPENSSL_INTERNAL_AES_WRAP # Seems to be needed at least with BoringSSL NEED_INTERNAL_AES_WRAP=y -@@ -1371,9 +1396,11 @@ endif +@@ -1438,9 +1463,11 @@ endif ifdef NEED_INTERNAL_AES_WRAP ifneq ($(CONFIG_TLS), linux) @@ -7819,7 +7819,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_AES_EAX AESOBJS += ../src/crypto/aes-eax.o NEED_AES_CTR=y -@@ -1383,35 +1410,45 @@ AESOBJS += ../src/crypto/aes-siv.o +@@ -1450,35 +1477,45 @@ AESOBJS += ../src/crypto/aes-siv.o NEED_AES_CTR=y endif ifdef NEED_AES_CTR @@ -7865,7 +7865,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_AES_ENC ifdef CONFIG_INTERNAL_AES AESOBJS += ../src/crypto/aes-internal-enc.o -@@ -1426,12 +1463,16 @@ ifneq ($(CONFIG_TLS), openssl) +@@ -1493,12 +1530,16 @@ ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), linux) ifneq ($(CONFIG_TLS), gnutls) ifneq ($(CONFIG_TLS), wolfssl) @@ -7882,7 +7882,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_INTERNAL_SHA1 SHA1OBJS += ../src/crypto/sha1-internal.o ifdef NEED_FIPS186_2_PRF -@@ -1443,29 +1484,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2 +@@ -1510,29 +1551,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2 else ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), wolfssl) @@ -7920,7 +7920,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_MD5 ifdef CONFIG_INTERNAL_MD5 MD5OBJS += ../src/crypto/md5-internal.o -@@ -1520,12 +1569,17 @@ ifneq ($(CONFIG_TLS), openssl) +@@ -1587,12 +1636,17 @@ ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), linux) ifneq ($(CONFIG_TLS), gnutls) ifneq ($(CONFIG_TLS), wolfssl) @@ -7938,7 +7938,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_INTERNAL_SHA256 SHA256OBJS += ../src/crypto/sha256-internal.o endif -@@ -1538,50 +1592,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512 +@@ -1605,50 +1659,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512 SHA256OBJS += ../src/crypto/sha512-internal.o endif ifdef NEED_TLS_PRF_SHA256 @@ -8007,7 +8007,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_ASN1 OBJS += ../src/tls/asn1.o -@@ -1756,10 +1828,12 @@ ifdef CONFIG_FIPS +@@ -1823,10 +1895,12 @@ ifdef CONFIG_FIPS CFLAGS += -DCONFIG_FIPS ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), wolfssl) @@ -8041,7 +8041,7 @@ Signed-off-by: Glenn Strauss # Driver interface for generic Linux wireless extensions # Note: WEXT is deprecated in the current Linux kernel version and no new # functionality is added to it. nl80211-based interface is the new -@@ -326,6 +327,7 @@ CONFIG_BACKEND=file +@@ -329,6 +330,7 @@ CONFIG_BACKEND=file # openssl = OpenSSL (default) # gnutls = GnuTLS # internal = Internal TLSv1 implementation (experimental) diff --git a/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch b/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch index a48725264f..8c11eeb01d 100644 --- a/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch +++ b/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch @@ -12,7 +12,7 @@ Signed-off-by: Glenn Strauss --- a/hostapd/Makefile +++ b/hostapd/Makefile -@@ -759,10 +759,6 @@ endif +@@ -772,10 +772,6 @@ endif OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o HOBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o SOBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o @@ -101,7 +101,7 @@ Signed-off-by: Glenn Strauss --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -1174,10 +1174,6 @@ endif +@@ -1241,10 +1241,6 @@ endif OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o OBJS_p += ../src/crypto/crypto_$(CONFIG_CRYPTO).o OBJS_priv += ../src/crypto/crypto_$(CONFIG_CRYPTO).o diff --git a/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch b/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch index e967cff427..fa2a1332a8 100644 --- a/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch +++ b/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch @@ -38,15 +38,15 @@ Signed-off-by: Glenn Strauss src/crypto/Makefile | 129 ++++++++++++++++++++- src/crypto/crypto_module_tests.c | 134 ++++++++++++++++++++++ src/tls/Makefile | 11 ++ - tests/Makefile | 75 +++++++++--- - tests/hwsim/example-hostapd.config | 11 +- - tests/hwsim/example-wpa_supplicant.config | 12 +- + tests/Makefile | 76 +++++++++--- + tests/hwsim/example-hostapd.config | 10 +- + tests/hwsim/example-wpa_supplicant.config | 11 +- tests/hwsim/test_ap_eap.py | 114 +++++++++++++----- tests/hwsim/test_ap_ft.py | 4 +- tests/hwsim/test_authsrv.py | 9 +- tests/hwsim/test_dpp.py | 19 ++- tests/hwsim/test_erp.py | 16 +-- - tests/hwsim/test_fils.py | 5 +- + tests/hwsim/test_fils.py | 4 + tests/hwsim/test_pmksa_cache.py | 4 +- tests/hwsim/test_sae.py | 7 ++ tests/hwsim/test_suite_b.py | 3 + @@ -56,12 +56,12 @@ Signed-off-by: Glenn Strauss tests/test-https.c | 12 +- tests/test-https_server.c | 12 +- wpa_supplicant/Makefile | 6 + - 22 files changed, 524 insertions(+), 91 deletions(-) + 22 files changed, 522 insertions(+), 91 deletions(-) create mode 100644 tests/test-crypto_module.c --- a/hostapd/Makefile +++ b/hostapd/Makefile -@@ -696,6 +696,7 @@ CFLAGS += -DCONFIG_TLSV12 +@@ -709,6 +709,7 @@ CFLAGS += -DCONFIG_TLSV12 endif ifeq ($(CONFIG_TLS), wolfssl) @@ -69,7 +69,7 @@ Signed-off-by: Glenn Strauss CONFIG_CRYPTO=wolfssl ifdef TLS_FUNCS OBJS += ../src/crypto/tls_wolfssl.o -@@ -716,6 +717,7 @@ endif +@@ -729,6 +730,7 @@ endif endif ifeq ($(CONFIG_TLS), openssl) @@ -77,7 +77,7 @@ Signed-off-by: Glenn Strauss CFLAGS += -DCRYPTO_RSA_OAEP_SHA256 CONFIG_CRYPTO=openssl ifdef TLS_FUNCS -@@ -746,6 +748,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF +@@ -759,6 +761,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF endif ifeq ($(CONFIG_TLS), mbedtls) @@ -85,7 +85,7 @@ Signed-off-by: Glenn Strauss ifndef CONFIG_CRYPTO CONFIG_CRYPTO=mbedtls endif -@@ -776,6 +779,7 @@ endif +@@ -789,6 +792,7 @@ endif endif ifeq ($(CONFIG_TLS), gnutls) @@ -93,7 +93,7 @@ Signed-off-by: Glenn Strauss ifndef CONFIG_CRYPTO # default to libgcrypt CONFIG_CRYPTO=gnutls -@@ -806,6 +810,7 @@ endif +@@ -819,6 +823,7 @@ endif endif ifeq ($(CONFIG_TLS), internal) @@ -101,7 +101,7 @@ Signed-off-by: Glenn Strauss ifndef CONFIG_CRYPTO CONFIG_CRYPTO=internal endif -@@ -884,6 +889,7 @@ endif +@@ -897,6 +902,7 @@ endif endif ifeq ($(CONFIG_TLS), linux) @@ -271,7 +271,7 @@ Signed-off-by: Glenn Strauss endif --- a/src/crypto/crypto_module_tests.c +++ b/src/crypto/crypto_module_tests.c -@@ -2469,6 +2469,139 @@ static int test_hpke(void) +@@ -2470,6 +2470,139 @@ static int test_hpke(void) } @@ -411,7 +411,7 @@ Signed-off-by: Glenn Strauss static int test_ms_funcs(void) { #ifndef CONFIG_FIPS -@@ -2590,6 +2723,7 @@ int crypto_module_tests(void) +@@ -2591,6 +2724,7 @@ int crypto_module_tests(void) test_fips186_2_prf() || test_extract_expand_hkdf() || test_hpke() || @@ -444,23 +444,25 @@ Signed-off-by: Glenn Strauss include ../lib.rules --- a/tests/Makefile +++ b/tests/Makefile -@@ -1,8 +1,10 @@ +@@ -1,10 +1,12 @@ -ALL=test-base64 test-md4 test-milenage \ - test-rsa-sig-ver \ - test-sha1 \ - test-https test-https_server \ -- test-sha256 test-aes test-x509v3 test-list test-rc4 +- test-sha256 test-aes test-x509v3 test-list test-rc4 \ +RUN_TESTS= \ + test-list \ + test-md4 test-rc4 test-sha1 test-sha256 \ + test-milenage test-aes \ -+ test-crypto_module -+ -+ALL=$(RUN_TESTS) test-base64 test-https test-https_server ++ test-crypto_module \ + test-bss ++ALL=$(RUN_TESTS) test-base64 test-https test-https_server ++ include ../src/build.rules -@@ -24,13 +26,27 @@ CFLAGS += -DCONFIG_IEEE80211R_AP + ifdef LIBFUZZER +@@ -25,13 +27,27 @@ CFLAGS += -DCONFIG_IEEE80211R_AP CFLAGS += -DCONFIG_IEEE80211R CFLAGS += -DCONFIG_TDLS @@ -490,7 +492,7 @@ Signed-off-by: Glenn Strauss _OBJS_VAR := LLIBS include ../src/objs.mk -@@ -42,12 +58,43 @@ include ../src/objs.mk +@@ -43,12 +59,43 @@ include ../src/objs.mk LIBS = $(SLIBS) $(DLIBS) LLIBS = -Wl,--start-group $(DLIBS) -Wl,--end-group $(SLIBS) @@ -534,8 +536,8 @@ Signed-off-by: Glenn Strauss test-base64: $(call BUILDOBJ,test-base64.o) $(LIBS) $(LDO) $(LDFLAGS) -o $@ $^ $(LLIBS) -@@ -83,17 +130,11 @@ test-x509v3: $(call BUILDOBJ,test-x509v3 - +@@ -141,18 +188,11 @@ test-bss: $(call BUILDOBJ,test-bss.o) $( + $(LDO) $(LDFLAGS) -o $@ $< $(LLIBS) $(WPA_CFLAGS) $(WPA_OBJS) $(LIBS) run-tests: $(ALL) - ./test-aes @@ -545,6 +547,7 @@ Signed-off-by: Glenn Strauss - ./test-rsa-sig-ver - ./test-sha1 - ./test-sha256 +- ./test-bss + @set -ex; for i in $(RUN_TESTS); do ./$$i; done @echo @echo All tests completed successfully. @@ -575,14 +578,6 @@ Signed-off-by: Glenn Strauss CONFIG_EAP_EKE=y CONFIG_PKCS12=y CONFIG_RADIUS_SERVER=y -@@ -89,6 +81,7 @@ CFLAGS += -DCONFIG_RADIUS_TEST - CONFIG_MODULE_TESTS=y - - CONFIG_SUITEB=y -+CONFIG_SUITEB192=$(if $(filter openssl mbedtls,$(CONFIG_TLS)),y,) - - # AddressSanitizer (ASan) can be enabled by uncommenting the following lines. - # This can be used as a more efficient memory error detector than valgrind --- a/tests/hwsim/example-wpa_supplicant.config +++ b/tests/hwsim/example-wpa_supplicant.config @@ -35,16 +35,7 @@ LIBS += -rdynamic @@ -603,14 +598,6 @@ Signed-off-by: Glenn Strauss CONFIG_USIM_SIMULATOR=y CONFIG_SIM_SIMULATOR=y -@@ -137,6 +128,7 @@ CONFIG_TESTING_OPTIONS=y - CONFIG_MODULE_TESTS=y - - CONFIG_SUITEB=y -+CONFIG_SUITEB192=$(if $(filter openssl mbedtls,$(CONFIG_TLS)),y,) - - # AddressSanitizer (ASan) can be enabled by uncommenting the following lines. - # This can be used as a more efficient memory error detector than valgrind --- a/tests/hwsim/test_ap_eap.py +++ b/tests/hwsim/test_ap_eap.py @@ -42,20 +42,42 @@ def check_eap_capa(dev, method): @@ -708,10 +695,10 @@ Signed-off-by: Glenn Strauss tls = dev.request("GET tls_library") + if tls.startswith("mbed TLS"): + raise HwsimSkip("TLS v1.3 not supported") - if "run=OpenSSL 1.1.1" not in tls and "run=OpenSSL 3.0" not in tls and "wolfSSL" not in tls: - raise HwsimSkip("TLS v1.3 not supported") - -@@ -118,11 +157,15 @@ def check_pkcs12_support(dev): + ok = ['run=OpenSSL 1.1.1', 'run=OpenSSL 3.0', 'run=OpenSSL 3.1', + 'run=OpenSSL 3.2', 'wolfSSL'] + for s in ok: +@@ -122,11 +161,15 @@ def check_pkcs12_support(dev): # raise HwsimSkip("PKCS#12 not supported with this TLS library: " + tls) if tls.startswith("wolfSSL"): raise HwsimSkip("PKCS#12 not supported with this TLS library: " + tls) @@ -727,7 +714,7 @@ Signed-off-by: Glenn Strauss def check_ec_support(dev): tls = dev.request("GET tls_library") -@@ -1595,7 +1638,7 @@ def test_ap_wpa2_eap_ttls_pap_subject_ma +@@ -1741,7 +1784,7 @@ def test_ap_wpa2_eap_ttls_pap_subject_ma eap_connect(dev[0], hapd, "TTLS", "pap user", anonymous_identity="ttls", password="password", ca_cert="auth_serv/ca.pem", phase2="auth=PAP", @@ -736,7 +723,7 @@ Signed-off-by: Glenn Strauss altsubject_match="EMAIL:noone@example.com;DNS:server.w1.fi;URI:http://example.com/") eap_reauth(dev[0], "TTLS") -@@ -2830,6 +2873,7 @@ def test_ap_wpa2_eap_tls_neg_domain_matc +@@ -2976,6 +3019,7 @@ def test_ap_wpa2_eap_tls_neg_domain_matc def test_ap_wpa2_eap_tls_neg_subject_match(dev, apdev): """WPA2-Enterprise negative test - subject mismatch""" @@ -744,7 +731,7 @@ Signed-off-by: Glenn Strauss params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap") hostapd.add_ap(apdev[0], params) dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS", -@@ -2890,6 +2934,7 @@ def test_ap_wpa2_eap_tls_neg_subject_mat +@@ -3036,6 +3080,7 @@ def test_ap_wpa2_eap_tls_neg_subject_mat def test_ap_wpa2_eap_tls_neg_altsubject_match(dev, apdev): """WPA2-Enterprise negative test - altsubject mismatch""" @@ -752,7 +739,7 @@ Signed-off-by: Glenn Strauss params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap") hostapd.add_ap(apdev[0], params) -@@ -3430,7 +3475,7 @@ def test_ap_wpa2_eap_ikev2_oom(dev, apde +@@ -3582,7 +3627,7 @@ def test_ap_wpa2_eap_ikev2_oom(dev, apde dev[0].request("REMOVE_NETWORK all") tls = dev[0].request("GET tls_library") @@ -761,7 +748,7 @@ Signed-off-by: Glenn Strauss tests = [(1, "os_get_random;dh_init")] else: tests = [(1, "crypto_dh_init;dh_init")] -@@ -4744,7 +4789,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca +@@ -4896,7 +4941,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca params["private_key"] = "auth_serv/iCA-server/server.key" hostapd.add_ap(apdev[0], params) tls = dev[0].request("GET tls_library") @@ -770,7 +757,7 @@ Signed-off-by: Glenn Strauss ca_cert = "auth_serv/iCA-user/ca-and-root.pem" client_cert = "auth_serv/iCA-user/user_and_ica.pem" else: -@@ -4810,6 +4855,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca +@@ -4962,6 +5007,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca run_ap_wpa2_eap_tls_intermediate_ca_ocsp(dev, apdev, params, "-sha1") def run_ap_wpa2_eap_tls_intermediate_ca_ocsp(dev, apdev, params, md): @@ -778,7 +765,7 @@ Signed-off-by: Glenn Strauss params = int_eap_server_params() params["ca_cert"] = "auth_serv/iCA-server/ca-and-root.pem" params["server_cert"] = "auth_serv/iCA-server/server.pem" -@@ -4819,7 +4865,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_ +@@ -4971,7 +5017,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_ try: hostapd.add_ap(apdev[0], params) tls = dev[0].request("GET tls_library") @@ -787,7 +774,7 @@ Signed-off-by: Glenn Strauss ca_cert = "auth_serv/iCA-user/ca-and-root.pem" client_cert = "auth_serv/iCA-user/user_and_ica.pem" else: -@@ -4855,7 +4901,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_ +@@ -5007,7 +5053,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_ try: hostapd.add_ap(apdev[0], params) tls = dev[0].request("GET tls_library") @@ -796,7 +783,7 @@ Signed-off-by: Glenn Strauss ca_cert = "auth_serv/iCA-user/ca-and-root.pem" client_cert = "auth_serv/iCA-user/user_and_ica.pem" else: -@@ -4905,7 +4951,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca +@@ -5057,7 +5103,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca try: hostapd.add_ap(apdev[0], params) tls = dev[0].request("GET tls_library") @@ -805,7 +792,7 @@ Signed-off-by: Glenn Strauss ca_cert = "auth_serv/iCA-user/ca-and-root.pem" client_cert = "auth_serv/iCA-user/user_and_ica.pem" else: -@@ -4972,7 +5018,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca +@@ -5124,7 +5170,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca hostapd.add_ap(apdev[0], params) tls = dev[0].request("GET tls_library") @@ -814,7 +801,7 @@ Signed-off-by: Glenn Strauss ca_cert = "auth_serv/iCA-user/ca-and-root.pem" client_cert = "auth_serv/iCA-user/user_and_ica.pem" else: -@@ -5230,6 +5276,7 @@ def test_ap_wpa2_eap_ttls_server_cert_ek +@@ -5382,6 +5428,7 @@ def test_ap_wpa2_eap_ttls_server_cert_ek def test_ap_wpa2_eap_ttls_server_pkcs12(dev, apdev): """WPA2-Enterprise using EAP-TTLS and server PKCS#12 file""" @@ -822,7 +809,7 @@ Signed-off-by: Glenn Strauss skip_with_fips(dev[0]) params = int_eap_server_params() del params["server_cert"] -@@ -5242,6 +5289,7 @@ def test_ap_wpa2_eap_ttls_server_pkcs12( +@@ -5394,6 +5441,7 @@ def test_ap_wpa2_eap_ttls_server_pkcs12( def test_ap_wpa2_eap_ttls_server_pkcs12_extra(dev, apdev): """EAP-TTLS and server PKCS#12 file with extra certs""" @@ -830,7 +817,7 @@ Signed-off-by: Glenn Strauss skip_with_fips(dev[0]) params = int_eap_server_params() del params["server_cert"] -@@ -5264,6 +5312,7 @@ def test_ap_wpa2_eap_ttls_dh_params_serv +@@ -5416,6 +5464,7 @@ def test_ap_wpa2_eap_ttls_dh_params_serv def test_ap_wpa2_eap_ttls_dh_params_dsa_server(dev, apdev): """WPA2-Enterprise using EAP-TTLS and alternative server dhparams (DSA)""" @@ -838,7 +825,7 @@ Signed-off-by: Glenn Strauss params = int_eap_server_params() params["dh_file"] = "auth_serv/dsaparam.pem" hapd = hostapd.add_ap(apdev[0], params) -@@ -5575,8 +5624,8 @@ def test_ap_wpa2_eap_non_ascii_identity2 +@@ -5727,8 +5776,8 @@ def test_ap_wpa2_eap_non_ascii_identity2 def test_openssl_cipher_suite_config_wpas(dev, apdev): """OpenSSL cipher suite configuration on wpa_supplicant""" tls = dev[0].request("GET tls_library") @@ -849,7 +836,7 @@ Signed-off-by: Glenn Strauss params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap") hapd = hostapd.add_ap(apdev[0], params) eap_connect(dev[0], hapd, "TTLS", "pap user", -@@ -5602,14 +5651,14 @@ def test_openssl_cipher_suite_config_wpa +@@ -5754,14 +5803,14 @@ def test_openssl_cipher_suite_config_wpa def test_openssl_cipher_suite_config_hapd(dev, apdev): """OpenSSL cipher suite configuration on hostapd""" tls = dev[0].request("GET tls_library") @@ -868,7 +855,7 @@ Signed-off-by: Glenn Strauss eap_connect(dev[0], hapd, "TTLS", "pap user", anonymous_identity="ttls", password="password", ca_cert="auth_serv/ca.pem", phase2="auth=PAP") -@@ -6051,13 +6100,17 @@ def test_ap_wpa2_eap_tls_versions(dev, a +@@ -6207,13 +6256,17 @@ def test_ap_wpa2_eap_tls_versions(dev, a check_tls_ver(dev[0], hapd, "tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=1", "TLSv1.2") @@ -888,10 +875,10 @@ Signed-off-by: Glenn Strauss + "tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=0 tls_disable_tlsv1_2=1", "TLSv1.1") + check_tls_ver(dev[2], hapd, + "tls_disable_tlsv1_0=0 tls_disable_tlsv1_1=1 tls_disable_tlsv1_2=1", "TLSv1") - if "run=OpenSSL 1.1.1" in tls or "run=OpenSSL 3.0" in tls: + if "run=OpenSSL 1.1.1" in tls or "run=OpenSSL 3." in tls: check_tls_ver(dev[0], hapd, "tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=1 tls_disable_tlsv1_2=1 tls_disable_tlsv1_3=0", "TLSv1.3") -@@ -6079,6 +6132,11 @@ def test_ap_wpa2_eap_tls_versions_server +@@ -6235,6 +6288,11 @@ def test_ap_wpa2_eap_tls_versions_server tests = [("TLSv1", "[ENABLE-TLSv1.0][DISABLE-TLSv1.1][DISABLE-TLSv1.2][DISABLE-TLSv1.3]"), ("TLSv1.1", "[ENABLE-TLSv1.0][ENABLE-TLSv1.1][DISABLE-TLSv1.2][DISABLE-TLSv1.3]"), ("TLSv1.2", "[ENABLE-TLSv1.0][ENABLE-TLSv1.1][ENABLE-TLSv1.2][DISABLE-TLSv1.3]")] @@ -903,7 +890,7 @@ Signed-off-by: Glenn Strauss for exp, flags in tests: hapd.disable() hapd.set("tls_flags", flags) -@@ -7138,6 +7196,7 @@ def test_ap_wpa2_eap_assoc_rsn(dev, apde +@@ -7305,6 +7363,7 @@ def test_ap_wpa2_eap_assoc_rsn(dev, apde def test_eap_tls_ext_cert_check(dev, apdev): """EAP-TLS and external server certification validation""" # With internal server certificate chain validation @@ -911,7 +898,7 @@ Signed-off-by: Glenn Strauss id = dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TLS", identity="tls user", ca_cert="auth_serv/ca.pem", -@@ -7150,6 +7209,7 @@ def test_eap_tls_ext_cert_check(dev, apd +@@ -7317,6 +7376,7 @@ def test_eap_tls_ext_cert_check(dev, apd def test_eap_ttls_ext_cert_check(dev, apdev): """EAP-TTLS and external server certification validation""" # Without internal server certificate chain validation @@ -919,7 +906,7 @@ Signed-off-by: Glenn Strauss id = dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS", identity="pap user", anonymous_identity="ttls", password="password", phase2="auth=PAP", -@@ -7160,6 +7220,7 @@ def test_eap_ttls_ext_cert_check(dev, ap +@@ -7327,6 +7387,7 @@ def test_eap_ttls_ext_cert_check(dev, ap def test_eap_peap_ext_cert_check(dev, apdev): """EAP-PEAP and external server certification validation""" # With internal server certificate chain validation @@ -927,7 +914,7 @@ Signed-off-by: Glenn Strauss id = dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="PEAP", identity="user", anonymous_identity="peap", ca_cert="auth_serv/ca.pem", -@@ -7170,6 +7231,7 @@ def test_eap_peap_ext_cert_check(dev, ap +@@ -7337,6 +7398,7 @@ def test_eap_peap_ext_cert_check(dev, ap def test_eap_fast_ext_cert_check(dev, apdev): """EAP-FAST and external server certification validation""" @@ -935,7 +922,7 @@ Signed-off-by: Glenn Strauss check_eap_capa(dev[0], "FAST") # With internal server certificate chain validation dev[0].request("SET blob fast_pac_auth_ext ") -@@ -7184,10 +7246,6 @@ def test_eap_fast_ext_cert_check(dev, ap +@@ -7351,10 +7413,6 @@ def test_eap_fast_ext_cert_check(dev, ap run_ext_cert_check(dev, apdev, id) def run_ext_cert_check(dev, apdev, net_id): @@ -948,7 +935,7 @@ Signed-off-by: Glenn Strauss --- a/tests/hwsim/test_ap_ft.py +++ b/tests/hwsim/test_ap_ft.py -@@ -2474,11 +2474,11 @@ def test_ap_ft_ap_oom5(dev, apdev): +@@ -2486,11 +2486,11 @@ def test_ap_ft_ap_oom5(dev, apdev): # This will fail to roam dev[0].roam(bssid1, check_bssid=False) @@ -992,7 +979,7 @@ Signed-off-by: Glenn Strauss raise HwsimSkip("Crypto library does not support Brainpool curves: " + tls) capa = dev.request("GET_CAPABILITY dpp") ver = 1 -@@ -3892,6 +3893,9 @@ def test_dpp_proto_auth_req_no_i_proto_k +@@ -3902,6 +3903,9 @@ def test_dpp_proto_auth_req_no_i_proto_k def test_dpp_proto_auth_req_invalid_i_proto_key(dev, apdev): """DPP protocol testing - invalid I-proto key in Auth Req""" @@ -1002,7 +989,7 @@ Signed-off-by: Glenn Strauss run_dpp_proto_auth_req_missing(dev, 66, "Invalid Initiator Protocol Key") def test_dpp_proto_auth_req_no_i_nonce(dev, apdev): -@@ -3987,7 +3991,12 @@ def test_dpp_proto_auth_resp_no_r_proto_ +@@ -3997,7 +4001,12 @@ def test_dpp_proto_auth_resp_no_r_proto_ def test_dpp_proto_auth_resp_invalid_r_proto_key(dev, apdev): """DPP protocol testing - invalid R-Proto Key in Auth Resp""" @@ -1016,7 +1003,7 @@ Signed-off-by: Glenn Strauss def test_dpp_proto_auth_resp_no_r_nonce(dev, apdev): """DPP protocol testing - no R-nonce in Auth Resp""" -@@ -4349,11 +4358,17 @@ def test_dpp_proto_pkex_exchange_resp_in +@@ -4359,11 +4368,17 @@ def test_dpp_proto_pkex_exchange_resp_in def test_dpp_proto_pkex_cr_req_invalid_bootstrap_key(dev, apdev): """DPP protocol testing - invalid Bootstrap Key in PKEX Commit-Reveal Request""" @@ -1092,21 +1079,20 @@ Signed-off-by: Glenn Strauss dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS", --- a/tests/hwsim/test_fils.py +++ b/tests/hwsim/test_fils.py -@@ -1422,7 +1422,10 @@ def run_fils_sk_pfs(dev, apdev, group, p - check_erp_capa(dev[0]) - - tls = dev[0].request("GET tls_library") -- if not tls.startswith("wolfSSL"): -+ if tls.startswith("mbed TLS"): +@@ -1472,6 +1472,10 @@ def check_ec_group(dev, group): + tls = dev.request("GET tls_library") + if tls.startswith("wolfSSL"): + return ++ elif tls.startswith("mbed TLS"): + if int(group) == 27: + raise HwsimSkip("Brainpool EC group 27 not supported by mbed TLS") -+ elif not tls.startswith("wolfSSL"): - if int(group) in [25]: - if not (tls.startswith("OpenSSL") and ("build=OpenSSL 1.0.2" in tls or "build=OpenSSL 1.1" in tls or "build=OpenSSL 3.0" in tls) and ("run=OpenSSL 1.0.2" in tls or "run=OpenSSL 1.1" in tls or "run=OpenSSL 3.0" in tls)): - raise HwsimSkip("EC group not supported") ++ return + if int(group) in [25]: + if not (tls.startswith("OpenSSL") and ("build=OpenSSL 1.0.2" in tls or "build=OpenSSL 1.1" in tls or "build=OpenSSL 3." in tls) and ("run=OpenSSL 1.0.2" in tls or "run=OpenSSL 1.1" in tls or "run=OpenSSL 3." in tls)): + raise HwsimSkip("EC group not supported") --- a/tests/hwsim/test_pmksa_cache.py +++ b/tests/hwsim/test_pmksa_cache.py -@@ -955,7 +955,7 @@ def test_pmksa_cache_preauth_wpas_oom(de +@@ -958,7 +958,7 @@ def test_pmksa_cache_preauth_wpas_oom(de eap_connect(dev[0], hapd, "PAX", "pax.user@example.com", password_hex="0123456789abcdef0123456789abcdef", bssid=apdev[0]['bssid']) @@ -1115,7 +1101,7 @@ Signed-off-by: Glenn Strauss with alloc_fail(dev[0], i, "rsn_preauth_init"): res = dev[0].request("PREAUTH f2:11:22:33:44:55").strip() logger.info("Iteration %d - PREAUTH command results: %s" % (i, res)) -@@ -963,7 +963,7 @@ def test_pmksa_cache_preauth_wpas_oom(de +@@ -966,7 +966,7 @@ def test_pmksa_cache_preauth_wpas_oom(de state = dev[0].request('GET_ALLOC_FAIL') if state.startswith('0:'): break @@ -1126,7 +1112,7 @@ Signed-off-by: Glenn Strauss """PMKSA cache control interface operations""" --- a/tests/hwsim/test_sae.py +++ b/tests/hwsim/test_sae.py -@@ -177,6 +177,11 @@ def test_sae_groups(dev, apdev): +@@ -178,6 +178,11 @@ def test_sae_groups(dev, apdev): if tls.startswith("OpenSSL") and "run=OpenSSL 1." in tls: logger.info("Add Brainpool EC groups since OpenSSL is new enough") sae_groups += [27, 28, 29, 30] @@ -1138,7 +1124,7 @@ Signed-off-by: Glenn Strauss heavy_groups = [14, 15, 16] suitable_groups = [15, 16, 17, 18, 19, 20, 21] groups = [str(g) for g in sae_groups] -@@ -2193,6 +2198,8 @@ def run_sae_pwe_group(dev, apdev, group) +@@ -2194,6 +2199,8 @@ def run_sae_pwe_group(dev, apdev, group) logger.info("Add Brainpool EC groups since OpenSSL is new enough") elif tls.startswith("wolfSSL"): logger.info("Make sure Brainpool EC groups were enabled when compiling wolfSSL") @@ -1179,7 +1165,7 @@ Signed-off-by: Glenn Strauss res = dev[0].request(cmd) --- a/tests/hwsim/utils.py +++ b/tests/hwsim/utils.py -@@ -141,7 +141,13 @@ def check_imsi_privacy_support(dev): +@@ -145,7 +145,13 @@ def check_imsi_privacy_support(dev): def check_tls_tod(dev): tls = dev.request("GET tls_library") @@ -1308,7 +1294,7 @@ Signed-off-by: Glenn Strauss if (need_more_data) { --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -1122,6 +1122,7 @@ CFLAGS += -DCONFIG_TLSV12 +@@ -1189,6 +1189,7 @@ TLS_FUNCS=y endif ifeq ($(CONFIG_TLS), wolfssl) @@ -1316,7 +1302,7 @@ Signed-off-by: Glenn Strauss ifdef TLS_FUNCS CFLAGS += -DWOLFSSL_DER_LOAD OBJS += ../src/crypto/tls_wolfssl.o -@@ -1137,6 +1138,7 @@ LIBS_p += -lwolfssl -lm +@@ -1204,6 +1205,7 @@ LIBS_p += -lwolfssl -lm endif ifeq ($(CONFIG_TLS), openssl) @@ -1324,7 +1310,7 @@ Signed-off-by: Glenn Strauss CFLAGS += -DCRYPTO_RSA_OAEP_SHA256 ifdef TLS_FUNCS CFLAGS += -DEAP_TLS_OPENSSL -@@ -1164,6 +1166,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF +@@ -1231,6 +1233,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF endif ifeq ($(CONFIG_TLS), mbedtls) @@ -1332,7 +1318,7 @@ Signed-off-by: Glenn Strauss ifndef CONFIG_CRYPTO CONFIG_CRYPTO=mbedtls endif -@@ -1183,6 +1186,7 @@ endif +@@ -1250,6 +1253,7 @@ endif endif ifeq ($(CONFIG_TLS), gnutls) @@ -1340,7 +1326,7 @@ Signed-off-by: Glenn Strauss ifndef CONFIG_CRYPTO # default to libgcrypt CONFIG_CRYPTO=gnutls -@@ -1213,6 +1217,7 @@ endif +@@ -1280,6 +1284,7 @@ endif endif ifeq ($(CONFIG_TLS), internal) @@ -1348,7 +1334,7 @@ Signed-off-by: Glenn Strauss ifndef CONFIG_CRYPTO CONFIG_CRYPTO=internal endif -@@ -1293,6 +1298,7 @@ endif +@@ -1360,6 +1365,7 @@ endif endif ifeq ($(CONFIG_TLS), linux) diff --git a/package/network/services/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch b/package/network/services/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch index b0151b071f..96f674a77d 100644 --- a/package/network/services/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch +++ b/package/network/services/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch @@ -21,15 +21,15 @@ operation information element instead. Signed-off-by: P Praneesh --- hostapd/config_file.c | 2 ++ - src/ap/ieee802_11_ht.c | 7 +++++++ - src/ap/ieee802_11_vht.c | 16 ++++++++++++++++ + src/ap/ieee802_11_ht.c | 9 +++++++++ + src/ap/ieee802_11_vht.c | 17 +++++++++++++++++ src/common/hw_features_common.c | 1 + - src/common/ieee802_11_defs.h | 1 + - 5 files changed, 27 insertions(+) + src/common/ieee802_11_defs.h | 2 ++ + 5 files changed, 31 insertions(+) --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -1153,6 +1153,8 @@ static int hostapd_config_vht_capab(stru +@@ -1229,6 +1229,8 @@ static int hostapd_config_vht_capab(stru conf->vht_capab |= VHT_CAP_RX_ANTENNA_PATTERN; if (os_strstr(capab, "[TX-ANTENNA-PATTERN]")) conf->vht_capab |= VHT_CAP_TX_ANTENNA_PATTERN; @@ -66,7 +66,7 @@ Signed-off-by: P Praneesh return pos; --- a/src/ap/ieee802_11_vht.c +++ b/src/ap/ieee802_11_vht.c -@@ -25,6 +25,7 @@ u8 * hostapd_eid_vht_capabilities(struct +@@ -26,6 +26,7 @@ u8 * hostapd_eid_vht_capabilities(struct struct ieee80211_vht_capabilities *cap; struct hostapd_hw_modes *mode = hapd->iface->current_mode; u8 *pos = eid; @@ -74,7 +74,7 @@ Signed-off-by: P Praneesh if (!mode || is_6ghz_op_class(hapd->iconf->op_class)) return eid; -@@ -62,6 +63,17 @@ u8 * hostapd_eid_vht_capabilities(struct +@@ -63,6 +64,17 @@ u8 * hostapd_eid_vht_capabilities(struct host_to_le32(nsts << VHT_CAP_BEAMFORMEE_STS_OFFSET); } @@ -92,7 +92,7 @@ Signed-off-by: P Praneesh /* Supported MCS set comes from hw */ os_memcpy(&cap->vht_supported_mcs_set, mode->vht_mcs_set, 8); -@@ -74,6 +86,7 @@ u8 * hostapd_eid_vht_capabilities(struct +@@ -75,6 +87,7 @@ u8 * hostapd_eid_vht_capabilities(struct u8 * hostapd_eid_vht_operation(struct hostapd_data *hapd, u8 *eid) { struct ieee80211_vht_operation *oper; @@ -100,7 +100,7 @@ Signed-off-by: P Praneesh u8 *pos = eid; enum oper_chan_width oper_chwidth = hostapd_get_oper_chwidth(hapd->iconf); -@@ -106,6 +119,7 @@ u8 * hostapd_eid_vht_operation(struct ho +@@ -110,6 +123,7 @@ u8 * hostapd_eid_vht_operation(struct ho oper->vht_op_info_chan_center_freq_seg1_idx = seg1; oper->vht_op_info_chwidth = oper_chwidth; @@ -108,7 +108,7 @@ Signed-off-by: P Praneesh if (oper_chwidth == CONF_OPER_CHWIDTH_160MHZ) { /* * Convert 160 MHz channel width to new style as interop -@@ -119,6 +133,9 @@ u8 * hostapd_eid_vht_operation(struct ho +@@ -123,6 +137,9 @@ u8 * hostapd_eid_vht_operation(struct ho oper->vht_op_info_chan_center_freq_seg0_idx -= 8; else oper->vht_op_info_chan_center_freq_seg0_idx += 8; @@ -120,7 +120,7 @@ Signed-off-by: P Praneesh * Convert 80+80 MHz channel width to new style as interop --- a/src/common/hw_features_common.c +++ b/src/common/hw_features_common.c -@@ -811,6 +811,7 @@ int ieee80211ac_cap_check(u32 hw, u32 co +@@ -898,6 +898,7 @@ int ieee80211ac_cap_check(u32 hw, u32 co VHT_CAP_CHECK(VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB); VHT_CAP_CHECK(VHT_CAP_RX_ANTENNA_PATTERN); VHT_CAP_CHECK(VHT_CAP_TX_ANTENNA_PATTERN); @@ -130,7 +130,7 @@ Signed-off-by: P Praneesh #undef VHT_CAP_CHECK_MAX --- a/src/common/ieee802_11_defs.h +++ b/src/common/ieee802_11_defs.h -@@ -1349,6 +1349,8 @@ struct ieee80211_ampe_ie { +@@ -1397,6 +1397,8 @@ struct ieee80211_ampe_ie { #define VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB ((u32) BIT(26) | BIT(27)) #define VHT_CAP_RX_ANTENNA_PATTERN ((u32) BIT(28)) #define VHT_CAP_TX_ANTENNA_PATTERN ((u32) BIT(29)) diff --git a/package/network/services/hostapd/patches/180-driver_nl80211-fix-setting-QoS-map-on-secondary-BSSs.patch b/package/network/services/hostapd/patches/180-driver_nl80211-fix-setting-QoS-map-on-secondary-BSSs.patch deleted file mode 100644 index 4929c581ce..0000000000 --- a/package/network/services/hostapd/patches/180-driver_nl80211-fix-setting-QoS-map-on-secondary-BSSs.patch +++ /dev/null @@ -1,20 +0,0 @@ -From: Felix Fietkau -Date: Thu, 14 Sep 2023 10:53:50 +0200 -Subject: [PATCH] driver_nl80211: fix setting QoS map on secondary BSSs - -The setting is per-BSS, not per PHY - -Signed-off-by: Felix Fietkau ---- - ---- a/src/drivers/driver_nl80211.c -+++ b/src/drivers/driver_nl80211.c -@@ -11341,7 +11341,7 @@ static int nl80211_set_qos_map(void *pri - wpa_hexdump(MSG_DEBUG, "nl80211: Setting QoS Map", - qos_map_set, qos_map_set_len); - -- if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_QOS_MAP)) || -+ if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_QOS_MAP)) || - nla_put(msg, NL80211_ATTR_QOS_MAP, qos_map_set_len, qos_map_set)) { - nlmsg_free(msg); - return -ENOBUFS; diff --git a/package/network/services/hostapd/patches/181-driver_nl80211-update-drv-ifindex-on-removing-the-fi.patch b/package/network/services/hostapd/patches/181-driver_nl80211-update-drv-ifindex-on-removing-the-fi.patch index adfb21fb47..b54abecc4f 100644 --- a/package/network/services/hostapd/patches/181-driver_nl80211-update-drv-ifindex-on-removing-the-fi.patch +++ b/package/network/services/hostapd/patches/181-driver_nl80211-update-drv-ifindex-on-removing-the-fi.patch @@ -8,7 +8,7 @@ Signed-off-by: Felix Fietkau --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -8867,6 +8867,7 @@ static int wpa_driver_nl80211_if_remove( +@@ -8985,6 +8985,7 @@ static int wpa_driver_nl80211_if_remove( if (drv->first_bss->next) { drv->first_bss = drv->first_bss->next; drv->ctx = drv->first_bss->ctx; diff --git a/package/network/services/hostapd/patches/182-nl80211-move-nl80211_put_freq_params-call-outside-of.patch b/package/network/services/hostapd/patches/182-nl80211-move-nl80211_put_freq_params-call-outside-of.patch index 395c645954..e875a82aea 100644 --- a/package/network/services/hostapd/patches/182-nl80211-move-nl80211_put_freq_params-call-outside-of.patch +++ b/package/network/services/hostapd/patches/182-nl80211-move-nl80211_put_freq_params-call-outside-of.patch @@ -12,7 +12,7 @@ Signed-off-by: Felix Fietkau --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -5226,6 +5226,9 @@ static int wpa_driver_nl80211_set_ap(voi +@@ -5315,6 +5315,9 @@ static int wpa_driver_nl80211_set_ap(voi nla_nest_end(msg, ftm); } @@ -22,13 +22,13 @@ Signed-off-by: Felix Fietkau #ifdef CONFIG_IEEE80211AX if (params->he_spr_ctrl) { struct nlattr *spr; -@@ -5260,9 +5263,6 @@ static int wpa_driver_nl80211_set_ap(voi +@@ -5349,9 +5352,6 @@ static int wpa_driver_nl80211_set_ap(voi nla_nest_end(msg, spr); } - if (params->freq && nl80211_put_freq_params(msg, params->freq) < 0) - goto fail; - - if (params->freq && params->freq->he_enabled) { + if (params->freq && params->freq->he_enabled && + nl80211_attr_supported(drv, NL80211_ATTR_HE_BSS_COLOR)) { struct nlattr *bss_color; - diff --git a/package/network/services/hostapd/patches/183-hostapd-cancel-channel_list_update_timeout-in-hostap.patch b/package/network/services/hostapd/patches/183-hostapd-cancel-channel_list_update_timeout-in-hostap.patch index fe81318385..4d1af1f5c0 100644 --- a/package/network/services/hostapd/patches/183-hostapd-cancel-channel_list_update_timeout-in-hostap.patch +++ b/package/network/services/hostapd/patches/183-hostapd-cancel-channel_list_update_timeout-in-hostap.patch @@ -10,7 +10,7 @@ Signed-off-by: Felix Fietkau --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -569,6 +569,7 @@ static void sta_track_deinit(struct host +@@ -656,6 +656,7 @@ static void sta_track_deinit(struct host void hostapd_cleanup_iface_partial(struct hostapd_iface *iface) { wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface); @@ -18,7 +18,7 @@ Signed-off-by: Felix Fietkau #ifdef NEED_AP_MLME hostapd_stop_setup_timers(iface); #endif /* NEED_AP_MLME */ -@@ -598,7 +599,6 @@ void hostapd_cleanup_iface_partial(struc +@@ -685,7 +686,6 @@ void hostapd_cleanup_iface_partial(struc static void hostapd_cleanup_iface(struct hostapd_iface *iface) { wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface); diff --git a/package/network/services/hostapd/patches/200-multicall.patch b/package/network/services/hostapd/patches/200-multicall.patch index e3ed00f2de..5693e203d8 100644 --- a/package/network/services/hostapd/patches/200-multicall.patch +++ b/package/network/services/hostapd/patches/200-multicall.patch @@ -18,7 +18,7 @@ OBJS += ../src/ap/vlan_init.o OBJS += ../src/ap/vlan_ifconfig.o OBJS += ../src/ap/vlan.o -@@ -357,10 +359,14 @@ CFLAGS += -DCONFIG_MBO +@@ -359,10 +361,14 @@ CFLAGS += -DCONFIG_MBO OBJS += ../src/ap/mbo_ap.o endif @@ -36,7 +36,7 @@ LIBS += $(DRV_AP_LIBS) ifdef CONFIG_L2_PACKET -@@ -1380,6 +1386,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR) +@@ -1393,6 +1399,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR) _OBJS_VAR := OBJS include ../src/objs.mk @@ -49,7 +49,7 @@ hostapd: $(OBJS) $(Q)$(CC) $(LDFLAGS) -o hostapd $(OBJS) $(LIBS) @$(E) " LD " $@ -@@ -1460,6 +1472,12 @@ include ../src/objs.mk +@@ -1473,6 +1485,12 @@ include ../src/objs.mk _OBJS_VAR := SOBJS include ../src/objs.mk @@ -72,7 +72,7 @@ include ../src/build.rules ifdef CONFIG_BUILD_PASN_SO -@@ -382,7 +383,9 @@ endif +@@ -389,7 +390,9 @@ endif ifdef CONFIG_IBSS_RSN NEED_RSN_AUTHENTICATOR=y CFLAGS += -DCONFIG_IBSS_RSN @@ -82,7 +82,7 @@ OBJS += ibss_rsn.o endif -@@ -924,6 +927,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS +@@ -981,6 +984,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS CFLAGS += -DCONFIG_DYNAMIC_EAP_METHODS LIBS += -ldl -rdynamic endif @@ -93,7 +93,7 @@ endif ifdef CONFIG_AP -@@ -931,9 +938,11 @@ NEED_EAP_COMMON=y +@@ -988,9 +995,11 @@ NEED_EAP_COMMON=y NEED_RSN_AUTHENTICATOR=y CFLAGS += -DCONFIG_AP OBJS += ap.o @@ -105,7 +105,7 @@ OBJS += ../src/ap/hostapd.o OBJS += ../src/ap/wpa_auth_glue.o OBJS += ../src/ap/utils.o -@@ -1022,6 +1031,12 @@ endif +@@ -1081,6 +1090,12 @@ endif ifdef CONFIG_HS20 OBJS += ../src/ap/hs20.o endif @@ -118,7 +118,7 @@ endif ifdef CONFIG_MBO -@@ -1030,7 +1045,9 @@ CFLAGS += -DCONFIG_MBO +@@ -1090,7 +1105,9 @@ NEED_GAS=y endif ifdef NEED_RSN_AUTHENTICATOR @@ -128,7 +128,7 @@ NEED_AES_WRAP=y OBJS += ../src/ap/wpa_auth.o OBJS += ../src/ap/wpa_auth_ie.o -@@ -2010,6 +2027,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv) +@@ -2080,6 +2097,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv) _OBJS_VAR := OBJS include ../src/objs.mk @@ -141,7 +141,7 @@ wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs) $(Q)$(LDO) $(LDFLAGS) -o wpa_supplicant $(OBJS) $(LIBS) $(EXTRALIBS) @$(E) " LD " $@ -@@ -2142,6 +2165,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK) +@@ -2212,6 +2235,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK) $(Q)sed -e 's|\@BINDIR\@|$(BINDIR)|g' $< >$@ @$(E) " sed" $< @@ -156,7 +156,7 @@ wpa_cli.exe: wpa_cli --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -6667,8 +6667,8 @@ union wpa_event_data { +@@ -6760,8 +6760,8 @@ union wpa_event_data { * Driver wrapper code should call this function whenever an event is received * from the driver. */ @@ -167,7 +167,7 @@ /** * wpa_supplicant_event_global - Report a driver event for wpa_supplicant -@@ -6680,7 +6680,7 @@ void wpa_supplicant_event(void *ctx, enu +@@ -6773,7 +6773,7 @@ void wpa_supplicant_event(void *ctx, enu * Same as wpa_supplicant_event(), but we search for the interface in * wpa_global. */ @@ -178,7 +178,7 @@ /* --- a/src/ap/drv_callbacks.c +++ b/src/ap/drv_callbacks.c -@@ -2184,8 +2184,8 @@ err: +@@ -2341,8 +2341,8 @@ err: #endif /* CONFIG_OWE */ @@ -188,8 +188,8 @@ + union wpa_event_data *data) { struct hostapd_data *hapd = ctx; - #ifndef CONFIG_NO_STDOUT_DEBUG -@@ -2489,7 +2489,7 @@ void wpa_supplicant_event(void *ctx, enu + struct sta_info *sta; +@@ -2674,7 +2674,7 @@ void wpa_supplicant_event(void *ctx, enu } @@ -231,7 +231,7 @@ os_memset(&global, 0, sizeof(global)); --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c -@@ -5353,8 +5353,8 @@ static void wpas_link_reconfig(struct wp +@@ -5919,8 +5919,8 @@ static void wpas_link_reconfig(struct wp } @@ -242,7 +242,7 @@ { struct wpa_supplicant *wpa_s = ctx; int resched; -@@ -6272,7 +6272,7 @@ void wpa_supplicant_event(void *ctx, enu +@@ -6872,7 +6872,7 @@ void wpa_supplicant_event(void *ctx, enu } @@ -253,7 +253,7 @@ struct wpa_supplicant *wpa_s; --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -7462,7 +7462,6 @@ struct wpa_interface * wpa_supplicant_ma +@@ -7583,7 +7583,6 @@ struct wpa_interface * wpa_supplicant_ma return NULL; } @@ -261,7 +261,7 @@ /** * wpa_supplicant_match_existing - Match existing interfaces * @global: Pointer to global data from wpa_supplicant_init() -@@ -7497,6 +7496,11 @@ static int wpa_supplicant_match_existing +@@ -7618,6 +7617,11 @@ static int wpa_supplicant_match_existing #endif /* CONFIG_MATCH_IFACE */ @@ -273,7 +273,7 @@ /** * wpa_supplicant_add_iface - Add a new network interface -@@ -7753,6 +7757,8 @@ struct wpa_global * wpa_supplicant_init( +@@ -7874,6 +7878,8 @@ struct wpa_global * wpa_supplicant_init( #ifndef CONFIG_NO_WPA_MSG wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb); #endif /* CONFIG_NO_WPA_MSG */ @@ -284,7 +284,7 @@ wpa_debug_open_file(params->wpa_debug_file_path); --- a/hostapd/main.c +++ b/hostapd/main.c -@@ -698,6 +698,11 @@ fail: +@@ -705,6 +705,11 @@ fail: return -1; } @@ -296,7 +296,7 @@ #ifdef CONFIG_WPS static int gen_uuid(const char *txt_addr) -@@ -791,6 +796,8 @@ int main(int argc, char *argv[]) +@@ -798,6 +803,8 @@ int main(int argc, char *argv[]) return -1; #endif /* CONFIG_DPP */ @@ -333,7 +333,7 @@ const struct wpa_driver_ops *const wpa_drivers[] = { NULL }; -@@ -1303,6 +1308,10 @@ static void usage(void) +@@ -1325,6 +1330,10 @@ static void usage(void) "option several times.\n"); } @@ -344,7 +344,7 @@ int main(int argc, char *argv[]) { -@@ -1323,6 +1332,8 @@ int main(int argc, char *argv[]) +@@ -1348,6 +1357,8 @@ int main(int argc, char *argv[]) if (os_program_init()) return -1; diff --git a/package/network/services/hostapd/patches/300-noscan.patch b/package/network/services/hostapd/patches/300-noscan.patch index 3b5f4325de..fa69362847 100644 --- a/package/network/services/hostapd/patches/300-noscan.patch +++ b/package/network/services/hostapd/patches/300-noscan.patch @@ -1,6 +1,6 @@ --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3448,6 +3448,10 @@ static int hostapd_config_fill(struct ho +@@ -3656,6 +3656,10 @@ static int hostapd_config_fill(struct ho if (bss->ocv && !bss->ieee80211w) bss->ieee80211w = 1; #endif /* CONFIG_OCV */ @@ -13,7 +13,7 @@ } else if (os_strcmp(buf, "ht_capab") == 0) { --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h -@@ -1075,6 +1075,8 @@ struct hostapd_config { +@@ -1093,6 +1093,8 @@ struct hostapd_config { int ht_op_mode_fixed; u16 ht_capab; @@ -24,7 +24,7 @@ int no_pri_sec_switch; --- a/src/ap/hw_features.c +++ b/src/ap/hw_features.c -@@ -546,7 +546,8 @@ static int ieee80211n_check_40mhz(struct +@@ -544,7 +544,8 @@ static int ieee80211n_check_40mhz(struct int ret; /* Check that HT40 is used and PRI / SEC switch is allowed */ diff --git a/package/network/services/hostapd/patches/301-mesh-noscan.patch b/package/network/services/hostapd/patches/301-mesh-noscan.patch index ceb6d0c161..a2200c8e9a 100644 --- a/package/network/services/hostapd/patches/301-mesh-noscan.patch +++ b/package/network/services/hostapd/patches/301-mesh-noscan.patch @@ -1,6 +1,6 @@ --- a/wpa_supplicant/config.c +++ b/wpa_supplicant/config.c -@@ -2600,6 +2600,7 @@ static const struct parse_data ssid_fiel +@@ -2639,6 +2639,7 @@ static const struct parse_data ssid_fiel #else /* CONFIG_MESH */ { INT_RANGE(mode, 0, 4) }, #endif /* CONFIG_MESH */ @@ -31,7 +31,7 @@ /* --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -2710,7 +2710,7 @@ static bool ibss_mesh_can_use_vht(struct +@@ -2770,7 +2770,7 @@ static bool ibss_mesh_can_use_vht(struct const struct wpa_ssid *ssid, struct hostapd_hw_modes *mode) { @@ -40,25 +40,25 @@ return false; if (!drv_supports_vht(wpa_s, ssid)) -@@ -2783,7 +2783,7 @@ static void ibss_mesh_select_40mhz(struc +@@ -2843,7 +2843,7 @@ static void ibss_mesh_select_40mhz(struc int i, res; unsigned int j; static const int ht40plus[] = { -- 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157, 165, 173, -+ 1, 2, 3, 4, 5, 6, 7, 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157, 165, 173, - 184, 192 +- 36, 44, 52, 60, 100, 108, 116, 124, 132, 140, ++ 1, 2, 3, 4, 5, 6, 7, 36, 44, 52, 60, 100, 108, 116, 124, 132, 140, + 149, 157, 165, 173, 184, 192 }; int ht40 = -1; -@@ -3033,7 +3033,7 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -3093,7 +3093,7 @@ void ibss_mesh_setup_freq(struct wpa_sup int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode); enum hostapd_hw_mode hw_mode; struct hostapd_hw_modes *mode = NULL; - int i, obss_scan = 1; + int i, obss_scan = !(ssid->noscan); u8 channel; - bool is_6ghz; + bool is_6ghz, is_24ghz; bool dfs_enabled = wpa_s->conf->country[0] && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR); -@@ -3080,6 +3080,8 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -3143,6 +3143,8 @@ void ibss_mesh_setup_freq(struct wpa_sup freq->he_enabled = ibss_mesh_can_use_he(wpa_s, ssid, mode, ieee80211_mode); freq->channel = channel; diff --git a/package/network/services/hostapd/patches/310-rescan_immediately.patch b/package/network/services/hostapd/patches/310-rescan_immediately.patch index 6e0244bca2..1315f0c30e 100644 --- a/package/network/services/hostapd/patches/310-rescan_immediately.patch +++ b/package/network/services/hostapd/patches/310-rescan_immediately.patch @@ -1,6 +1,6 @@ --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -5769,7 +5769,7 @@ wpa_supplicant_alloc(struct wpa_supplica +@@ -5870,7 +5870,7 @@ wpa_supplicant_alloc(struct wpa_supplica if (wpa_s == NULL) return NULL; wpa_s->scan_req = INITIAL_SCAN_REQ; diff --git a/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch b/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch index c11c957216..dc9ccff12c 100644 --- a/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch +++ b/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch @@ -1,6 +1,6 @@ --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -5407,7 +5407,7 @@ static int nl80211_set_channel(struct i8 +@@ -5483,7 +5483,7 @@ static int nl80211_set_channel(struct i8 freq->he_enabled, freq->eht_enabled, freq->bandwidth, freq->center_freq1, freq->center_freq2); diff --git a/package/network/services/hostapd/patches/341-mesh-ctrl-iface-channel-switch.patch b/package/network/services/hostapd/patches/341-mesh-ctrl-iface-channel-switch.patch index 8784452876..9853c10c13 100644 --- a/package/network/services/hostapd/patches/341-mesh-ctrl-iface-channel-switch.patch +++ b/package/network/services/hostapd/patches/341-mesh-ctrl-iface-channel-switch.patch @@ -1,6 +1,6 @@ --- a/wpa_supplicant/ap.c +++ b/wpa_supplicant/ap.c -@@ -1825,15 +1825,35 @@ int ap_switch_channel(struct wpa_supplic +@@ -1846,17 +1846,37 @@ int ap_switch_channel(struct wpa_supplic #ifdef CONFIG_CTRL_IFACE @@ -24,15 +24,19 @@ struct csa_settings settings; int ret = hostapd_parse_csa_settings(pos, &settings); +- if (ret) +- return ret; + if (!(wpa_s->ap_iface && wpa_s->ap_iface->bss[0]) && + !(wpa_s->ifmsh && wpa_s->ifmsh->bss[0])) + return -1; -+ -+ ret = __ap_ctrl_iface_chanswitch(wpa_s->ap_iface, &settings); - if (ret) - return ret; + + settings.link_id = -1; - return ap_switch_channel(wpa_s, &settings); ++ ret = __ap_ctrl_iface_chanswitch(wpa_s->ap_iface, &settings); ++ if (ret) ++ return ret; ++ + return __ap_ctrl_iface_chanswitch(wpa_s->ifmsh, &settings); } #endif /* CONFIG_CTRL_IFACE */ diff --git a/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch b/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch index 647ca2cbf9..630e030935 100644 --- a/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch +++ b/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch @@ -1,6 +1,6 @@ --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -3008,12 +3008,12 @@ static int wpa_driver_nl80211_del_beacon +@@ -3075,12 +3075,12 @@ static int wpa_driver_nl80211_del_beacon return 0; wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)", @@ -15,16 +15,17 @@ if (!msg) return -ENOBUFS; -@@ -6100,7 +6100,7 @@ static void nl80211_teardown_ap(struct i +@@ -6176,8 +6176,7 @@ static void nl80211_teardown_ap(struct i nl80211_mgmt_unsubscribe(bss, "AP teardown"); nl80211_put_wiphy_data_ap(bss); -- bss->flink->beacon_set = 0; +- if (bss->flink) +- bss->flink->beacon_set = 0; + wpa_driver_nl80211_del_beacon_all(bss); } -@@ -8859,8 +8859,6 @@ static int wpa_driver_nl80211_if_remove( +@@ -8977,8 +8976,6 @@ static int wpa_driver_nl80211_if_remove( } else { wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context"); nl80211_teardown_ap(bss); diff --git a/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch b/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch index f7720fce2f..32699e4bc4 100644 --- a/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch +++ b/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch @@ -12,7 +12,7 @@ else --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c -@@ -3314,6 +3314,7 @@ static int hostapd_ctrl_iface_receive_pr +@@ -3897,6 +3897,7 @@ static int hostapd_ctrl_iface_receive_pr reply_size); } else if (os_strcmp(buf, "STATUS-DRIVER") == 0) { reply_len = hostapd_drv_status(hapd, reply, reply_size); @@ -20,7 +20,7 @@ } else if (os_strcmp(buf, "MIB") == 0) { reply_len = ieee802_11_get_mib(hapd, reply, reply_size); if (reply_len >= 0) { -@@ -3355,6 +3356,7 @@ static int hostapd_ctrl_iface_receive_pr +@@ -3938,6 +3939,7 @@ static int hostapd_ctrl_iface_receive_pr } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) { reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply, reply_size); @@ -30,7 +30,7 @@ reply_len = -1; --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -983,6 +983,9 @@ ifdef CONFIG_FILS +@@ -1039,6 +1039,9 @@ ifdef CONFIG_FILS OBJS += ../src/ap/fils_hlp.o endif ifdef CONFIG_CTRL_IFACE @@ -42,7 +42,7 @@ --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c -@@ -2326,7 +2326,7 @@ static int wpa_supplicant_ctrl_iface_sta +@@ -2355,7 +2355,7 @@ static int wpa_supplicant_ctrl_iface_sta pos += ret; } @@ -51,7 +51,7 @@ if (wpa_s->ap_iface) { pos += ap_ctrl_iface_wpa_get_status(wpa_s, pos, end - pos, -@@ -12087,6 +12087,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -12542,6 +12542,7 @@ char * wpa_supplicant_ctrl_iface_process reply_len = -1; } else if (os_strncmp(buf, "NOTE ", 5) == 0) { wpa_printf(MSG_INFO, "NOTE: %s", buf + 5); @@ -59,7 +59,7 @@ } else if (os_strcmp(buf, "MIB") == 0) { reply_len = wpa_sm_get_mib(wpa_s->wpa, reply, reply_size); if (reply_len >= 0) { -@@ -12099,6 +12100,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -12554,6 +12555,7 @@ char * wpa_supplicant_ctrl_iface_process reply_size - reply_len); #endif /* CONFIG_MACSEC */ } @@ -67,7 +67,7 @@ } else if (os_strncmp(buf, "STATUS", 6) == 0) { reply_len = wpa_supplicant_ctrl_iface_status( wpa_s, buf + 6, reply, reply_size); -@@ -12587,6 +12589,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -13042,6 +13044,7 @@ char * wpa_supplicant_ctrl_iface_process reply_len = wpa_supplicant_ctrl_iface_bss( wpa_s, buf + 4, reply, reply_size); #ifdef CONFIG_AP @@ -75,7 +75,7 @@ } else if (os_strcmp(buf, "STA-FIRST") == 0) { reply_len = ap_ctrl_iface_sta_first(wpa_s, reply, reply_size); } else if (os_strncmp(buf, "STA ", 4) == 0) { -@@ -12595,12 +12598,15 @@ char * wpa_supplicant_ctrl_iface_process +@@ -13050,12 +13053,15 @@ char * wpa_supplicant_ctrl_iface_process } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) { reply_len = ap_ctrl_iface_sta_next(wpa_s, buf + 9, reply, reply_size); @@ -147,7 +147,7 @@ static int hostapd_ctrl_iface_sta_mib(struct hostapd_data *hapd, struct sta_info *sta, char *buf, size_t buflen) -@@ -493,6 +493,7 @@ int hostapd_ctrl_iface_sta_next(struct h +@@ -539,6 +539,7 @@ int hostapd_ctrl_iface_sta_next(struct h return hostapd_ctrl_iface_sta_mib(hapd, sta->next, buf, buflen); } @@ -155,7 +155,7 @@ #ifdef CONFIG_P2P_MANAGER static int p2p_manager_disconnect(struct hostapd_data *hapd, u16 stype, -@@ -884,12 +885,12 @@ int hostapd_ctrl_iface_status(struct hos +@@ -951,12 +952,12 @@ int hostapd_ctrl_iface_status(struct hos return len; len += ret; } @@ -172,7 +172,7 @@ if (os_snprintf_error(buflen - len, ret)) --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c -@@ -2834,6 +2834,7 @@ static const char * bool_txt(bool val) +@@ -2837,6 +2837,7 @@ static const char * bool_txt(bool val) return val ? "TRUE" : "FALSE"; } @@ -180,7 +180,7 @@ int ieee802_1x_get_mib(struct hostapd_data *hapd, char *buf, size_t buflen) { -@@ -3020,6 +3021,7 @@ int ieee802_1x_get_mib_sta(struct hostap +@@ -3023,6 +3024,7 @@ int ieee802_1x_get_mib_sta(struct hostap return len; } @@ -190,7 +190,7 @@ static void ieee802_1x_wnm_notif_send(void *eloop_ctx, void *timeout_ctx) --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c -@@ -5328,6 +5328,7 @@ static const char * wpa_bool_txt(int val +@@ -5583,6 +5583,7 @@ static const char * wpa_bool_txt(int val return val ? "TRUE" : "FALSE"; } @@ -198,7 +198,7 @@ #define RSN_SUITE "%02x-%02x-%02x-%d" #define RSN_SUITE_ARG(s) \ -@@ -5480,7 +5481,7 @@ int wpa_get_mib_sta(struct wpa_state_mac +@@ -5735,7 +5736,7 @@ int wpa_get_mib_sta(struct wpa_state_mac return len; } @@ -209,7 +209,7 @@ { --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c -@@ -3834,6 +3834,8 @@ static u32 wpa_key_mgmt_suite(struct wpa +@@ -3943,6 +3943,8 @@ static u32 wpa_key_mgmt_suite(struct wpa } @@ -218,7 +218,7 @@ #define RSN_SUITE "%02x-%02x-%02x-%d" #define RSN_SUITE_ARG(s) \ ((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff -@@ -3915,6 +3917,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch +@@ -4024,6 +4026,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch return (int) len; } @@ -228,7 +228,7 @@ --- a/wpa_supplicant/ap.c +++ b/wpa_supplicant/ap.c -@@ -1499,7 +1499,7 @@ int wpas_ap_wps_nfc_report_handover(stru +@@ -1520,7 +1520,7 @@ int wpas_ap_wps_nfc_report_handover(stru #endif /* CONFIG_WPS */ diff --git a/package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch b/package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch index 4592c34127..de72738a2f 100644 --- a/package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch +++ b/package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch @@ -1,6 +1,6 @@ --- a/src/common/wpa_common.c +++ b/src/common/wpa_common.c -@@ -2841,6 +2841,31 @@ u32 wpa_akm_to_suite(int akm) +@@ -2856,6 +2856,31 @@ u32 wpa_akm_to_suite(int akm) } @@ -32,7 +32,7 @@ int wpa_compare_rsn_ie(int ft_initial_assoc, const u8 *ie1, size_t ie1len, const u8 *ie2, size_t ie2len) -@@ -2848,8 +2873,19 @@ int wpa_compare_rsn_ie(int ft_initial_as +@@ -2863,8 +2888,19 @@ int wpa_compare_rsn_ie(int ft_initial_as if (ie1 == NULL || ie2 == NULL) return -1; diff --git a/package/network/services/hostapd/patches/420-indicate-features.patch b/package/network/services/hostapd/patches/420-indicate-features.patch index 07df8e5a9a..0a457c6905 100644 --- a/package/network/services/hostapd/patches/420-indicate-features.patch +++ b/package/network/services/hostapd/patches/420-indicate-features.patch @@ -9,7 +9,7 @@ struct hapd_global { void **drv_priv; -@@ -799,7 +799,7 @@ int main(int argc, char *argv[]) +@@ -806,7 +806,7 @@ int main(int argc, char *argv[]) wpa_supplicant_event = hostapd_wpa_event; wpa_supplicant_event_global = hostapd_wpa_event_global; for (;;) { @@ -18,7 +18,7 @@ if (c < 0) break; switch (c) { -@@ -836,6 +836,8 @@ int main(int argc, char *argv[]) +@@ -843,6 +843,8 @@ int main(int argc, char *argv[]) break; #endif /* CONFIG_DEBUG_LINUX_TRACING */ case 'v': diff --git a/package/network/services/hostapd/patches/430-hostapd_cli_ifdef.patch b/package/network/services/hostapd/patches/430-hostapd_cli_ifdef.patch index a21f0bf7ce..6183c1f941 100644 --- a/package/network/services/hostapd/patches/430-hostapd_cli_ifdef.patch +++ b/package/network/services/hostapd/patches/430-hostapd_cli_ifdef.patch @@ -32,7 +32,7 @@ static int hostapd_cli_cmd_disassoc_imminent(struct wpa_ctrl *ctrl, int argc, -@@ -1610,13 +1606,10 @@ static const struct hostapd_cli_cmd host +@@ -1670,13 +1666,10 @@ static const struct hostapd_cli_cmd host { "disassociate", hostapd_cli_cmd_disassociate, hostapd_complete_stations, " = disassociate a station" }, @@ -46,7 +46,7 @@ { "wps_pin", hostapd_cli_cmd_wps_pin, NULL, " [timeout] [addr] = add WPS Enrollee PIN" }, { "wps_check_pin", hostapd_cli_cmd_wps_check_pin, NULL, -@@ -1641,7 +1634,6 @@ static const struct hostapd_cli_cmd host +@@ -1701,7 +1694,6 @@ static const struct hostapd_cli_cmd host " = configure AP" }, { "wps_get_status", hostapd_cli_cmd_wps_get_status, NULL, "= show current WPS status" }, diff --git a/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch b/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch index dc19553e26..db561b8c20 100644 --- a/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch +++ b/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch @@ -22,7 +22,7 @@ Signed-hostap: Antonio Quartulli #include "common/defs.h" #include "common/ieee802_11_defs.h" #include "common/wpa_common.h" -@@ -953,6 +954,9 @@ struct wpa_driver_associate_params { +@@ -971,6 +972,9 @@ struct wpa_driver_associate_params { * responsible for selecting with which BSS to associate. */ const u8 *bssid; @@ -42,7 +42,7 @@ Signed-hostap: Antonio Quartulli #include "config.h" -@@ -2389,6 +2390,97 @@ static char * wpa_config_write_mac_value +@@ -2421,6 +2422,97 @@ static char * wpa_config_write_mac_value #endif /* NO_CONFIG_WRITE */ @@ -140,7 +140,7 @@ Signed-hostap: Antonio Quartulli /* Helper macros for network block parser */ #ifdef OFFSET -@@ -2674,6 +2766,8 @@ static const struct parse_data ssid_fiel +@@ -2713,6 +2805,8 @@ static const struct parse_data ssid_fiel { INT(ap_max_inactivity) }, { INT(dtim_period) }, { INT(beacon_int) }, @@ -174,7 +174,7 @@ Signed-hostap: Antonio Quartulli * macsec_policy - Determines the policy for MACsec secure session --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -4177,6 +4177,12 @@ static void wpas_start_assoc_cb(struct w +@@ -4249,6 +4249,12 @@ static void wpas_start_assoc_cb(struct w params.beacon_int = ssid->beacon_int; else params.beacon_int = wpa_s->conf->beacon_int; diff --git a/package/network/services/hostapd/patches/461-Move-definition-of-WLAN_SUPP_RATES_MAX-to-defs.h.patch b/package/network/services/hostapd/patches/461-Move-definition-of-WLAN_SUPP_RATES_MAX-to-defs.h.patch new file mode 100644 index 0000000000..daff60a8ad --- /dev/null +++ b/package/network/services/hostapd/patches/461-Move-definition-of-WLAN_SUPP_RATES_MAX-to-defs.h.patch @@ -0,0 +1,76 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Eneas U de Queiroz +Date: Mon, 12 Feb 2024 14:18:24 -0300 +Subject: [PATCH] Move definition of WLAN_SUPP_RATES_MAX to defs.h + +Patch 460-wpa_supplicant-add-new-config-params-to-be-used-with.patch +("wpa_supplicant: add new config params to be used with the ibss join +command") adds the definition of unsigned char +rates[WLAN_SUPP_RATES_MAX] to driver.h, which needs to have +WLAN_SUPP_RATES_MAX defined. So it includes sta_info.h to get the +definition. + +Commit c74739250a ("AP MLD: Use a helper function to check if a STA is a +non-AP MLD") makes sta_info.h include driver.h before +it defines WLAN_SUPP_RATES_MAX, causing an error: + +src/drivers/driver.h:969:29: error: 'WLAN_SUPP_RATES_MAX' undeclared here (not in a function) + +Move the definition of WLAN_SUPP_RATES_MAX to defs.h to ensure it gets +defined before other headers are included. The inclusion of sta_info.h +in driver.h can be reverted as well. + +Signed-off-by: Eneas U de Queiroz +--- + src/ap/sta_info.h | 4 ---- + src/common/defs.h | 4 ++++ + src/drivers/driver.h | 1 - + wpa_supplicant/config_ssid.h | 1 - + 4 files changed, 4 insertions(+), 6 deletions(-) + +--- a/src/ap/sta_info.h ++++ b/src/ap/sta_info.h +@@ -49,10 +49,6 @@ + #define WLAN_STA_PENDING_DEAUTH_CB BIT(30) + #define WLAN_STA_NONERP BIT(31) + +-/* Maximum number of supported rates (from both Supported Rates and Extended +- * Supported Rates IEs). */ +-#define WLAN_SUPP_RATES_MAX 32 +- + struct hostapd_data; + + struct mbo_non_pref_chan_info { +--- a/src/common/defs.h ++++ b/src/common/defs.h +@@ -63,6 +63,10 @@ + WPA_KEY_MGMT_FT_FILS_SHA256 | \ + WPA_KEY_MGMT_FT_FILS_SHA384) + ++/* Maximum number of supported rates (from both Supported Rates and Extended ++ * Supported Rates IEs). */ ++#define WLAN_SUPP_RATES_MAX 32 ++ + static inline int wpa_key_mgmt_wpa_ieee8021x(int akm) + { + return !!(akm & (WPA_KEY_MGMT_IEEE8021X | +--- a/src/drivers/driver.h ++++ b/src/drivers/driver.h +@@ -19,7 +19,6 @@ + + #define WPA_SUPPLICANT_DRIVER_VERSION 4 + +-#include "ap/sta_info.h" + #include "common/defs.h" + #include "common/ieee802_11_defs.h" + #include "common/wpa_common.h" +--- a/wpa_supplicant/config_ssid.h ++++ b/wpa_supplicant/config_ssid.h +@@ -10,7 +10,6 @@ + #define CONFIG_SSID_H + + #include "common/defs.h" +-#include "ap/sta_info.h" + #include "utils/list.h" + #include "eap_peer/eap_config.h" + #include "drivers/nl80211_copy.h" diff --git a/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch b/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch index daa36c2f35..c24ca46e96 100644 --- a/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch +++ b/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch @@ -19,7 +19,7 @@ Tested-by: Simon Wunderlich --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -1827,6 +1827,7 @@ struct wpa_driver_mesh_join_params { +@@ -1876,6 +1876,7 @@ struct wpa_driver_mesh_join_params { #define WPA_DRIVER_MESH_FLAG_AMPE 0x00000008 unsigned int flags; bool handle_dfs; @@ -29,7 +29,7 @@ Tested-by: Simon Wunderlich struct wpa_driver_set_key_params { --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -11667,6 +11667,18 @@ static int nl80211_put_mesh_id(struct nl +@@ -11850,6 +11850,18 @@ static int nl80211_put_mesh_id(struct nl } @@ -48,7 +48,7 @@ Tested-by: Simon Wunderlich static int nl80211_put_mesh_config(struct nl_msg *msg, struct wpa_driver_mesh_bss_params *params) { -@@ -11728,6 +11740,7 @@ static int nl80211_join_mesh(struct i802 +@@ -11911,6 +11923,7 @@ static int nl80211_join_mesh(struct i802 nl80211_put_basic_rates(msg, params->basic_rates) || nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) || nl80211_put_beacon_int(msg, params->beacon_int) || diff --git a/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch b/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch index 4d7d85f4ab..2d7ca0191d 100644 --- a/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch +++ b/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch @@ -1,6 +1,6 @@ --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -3040,6 +3040,10 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -3100,6 +3100,10 @@ void ibss_mesh_setup_freq(struct wpa_sup freq->freq = ssid->frequency; diff --git a/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch b/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch index 7d3d94648e..8da7a2948e 100644 --- a/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch +++ b/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch @@ -13,7 +13,7 @@ Signed-off-by: David Bauer --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3500,6 +3500,8 @@ static int hostapd_config_fill(struct ho +@@ -3708,6 +3708,8 @@ static int hostapd_config_fill(struct ho } else if (os_strcmp(buf, "he_bss_color") == 0) { conf->he_op.he_bss_color = atoi(pos) & 0x3f; conf->he_op.he_bss_color_disabled = 0; diff --git a/package/network/services/hostapd/patches/470-survey_data_fallback.patch b/package/network/services/hostapd/patches/470-survey_data_fallback.patch index 79ab48c5c2..20877345df 100644 --- a/package/network/services/hostapd/patches/470-survey_data_fallback.patch +++ b/package/network/services/hostapd/patches/470-survey_data_fallback.patch @@ -1,6 +1,6 @@ --- a/src/ap/acs.c +++ b/src/ap/acs.c -@@ -455,17 +455,17 @@ static int acs_get_bw_center_chan(int fr +@@ -467,17 +467,17 @@ static int acs_get_bw_center_chan(int fr static int acs_survey_is_sufficient(struct freq_survey *survey) { if (!(survey->filled & SURVEY_HAS_NF)) { @@ -20,7 +20,7 @@ } if (!(survey->filled & SURVEY_HAS_CHAN_TIME_BUSY) && -@@ -473,7 +473,6 @@ static int acs_survey_is_sufficient(stru +@@ -485,7 +485,6 @@ static int acs_survey_is_sufficient(stru wpa_printf(MSG_INFO, "ACS: Survey for freq %d is missing RX and busy time (at least one is required)", survey->freq); diff --git a/package/network/services/hostapd/patches/500-lto-jobserver-support.patch b/package/network/services/hostapd/patches/500-lto-jobserver-support.patch index 67312c5004..98ded1f009 100644 --- a/package/network/services/hostapd/patches/500-lto-jobserver-support.patch +++ b/package/network/services/hostapd/patches/500-lto-jobserver-support.patch @@ -1,6 +1,6 @@ --- a/hostapd/Makefile +++ b/hostapd/Makefile -@@ -1396,7 +1396,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS) +@@ -1409,7 +1409,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS) @$(AR) cr $@ hostapd_multi.o $(OBJS) hostapd: $(OBJS) @@ -9,7 +9,7 @@ @$(E) " LD " $@ ifdef CONFIG_WPA_TRACE -@@ -1407,7 +1407,7 @@ _OBJS_VAR := OBJS_c +@@ -1420,7 +1420,7 @@ _OBJS_VAR := OBJS_c include ../src/objs.mk hostapd_cli: $(OBJS_c) @@ -20,7 +20,7 @@ NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS) --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -2037,31 +2037,31 @@ wpa_supplicant_multi.a: .config $(BCHECK +@@ -2107,31 +2107,31 @@ wpa_supplicant_multi.a: .config $(BCHECK @$(AR) cr $@ wpa_supplicant_multi.o $(OBJS) wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs) diff --git a/package/network/services/hostapd/patches/590-rrm-wnm-statistics.patch b/package/network/services/hostapd/patches/590-rrm-wnm-statistics.patch index 0efa6db908..8f97e54d08 100644 --- a/package/network/services/hostapd/patches/590-rrm-wnm-statistics.patch +++ b/package/network/services/hostapd/patches/590-rrm-wnm-statistics.patch @@ -34,7 +34,7 @@ #define STA_HASH_SIZE 256 --- a/src/ap/wnm_ap.c +++ b/src/ap/wnm_ap.c -@@ -386,6 +386,7 @@ static int ieee802_11_send_bss_trans_mgm +@@ -410,6 +410,7 @@ static int ieee802_11_send_bss_trans_mgm mgmt->u.action.u.bss_tm_req.validity_interval = 1; pos = mgmt->u.action.u.bss_tm_req.variable; @@ -42,7 +42,7 @@ wpa_printf(MSG_DEBUG, "WNM: Send BSS Transition Management Request to " MACSTR " dialog_token=%u req_mode=0x%x disassoc_timer=%u " "validity_interval=%u", -@@ -790,10 +791,12 @@ int ieee802_11_rx_wnm_action_ap(struct h +@@ -814,10 +815,12 @@ int ieee802_11_rx_wnm_action_ap(struct h plen); return 0; case WNM_BSS_TRANS_MGMT_QUERY: @@ -55,7 +55,7 @@ ieee802_11_rx_bss_trans_mgmt_resp(hapd, mgmt->sa, payload, plen); return 0; -@@ -840,6 +843,7 @@ int wnm_send_disassoc_imminent(struct ho +@@ -865,6 +868,7 @@ int wnm_send_disassoc_imminent(struct ho pos = mgmt->u.action.u.bss_tm_req.variable; @@ -63,7 +63,7 @@ wpa_printf(MSG_DEBUG, "WNM: Send BSS Transition Management Request frame to indicate imminent disassociation (disassoc_timer=%d) to " MACSTR, disassoc_timer, MAC2STR(sta->addr)); if (hostapd_drv_send_mlme(hapd, buf, pos - buf, 0, NULL, 0, 0) < 0) { -@@ -921,6 +925,7 @@ int wnm_send_ess_disassoc_imminent(struc +@@ -947,6 +951,7 @@ int wnm_send_ess_disassoc_imminent(struc return -1; } @@ -71,14 +71,14 @@ if (disassoc_timer) { /* send disassociation frame after time-out */ set_disassoc_timer(hapd, sta, disassoc_timer); -@@ -1001,6 +1006,7 @@ int wnm_send_bss_tm_req(struct hostapd_d +@@ -1028,6 +1033,7 @@ int wnm_send_bss_tm_req(struct hostapd_d } os_free(buf); + hapd->openwrt_stats.wnm.bss_transition_request_tx++; if (disassoc_timer) { - /* send disassociation frame after time-out */ - set_disassoc_timer(hapd, sta, disassoc_timer); + #ifdef CONFIG_IEEE80211BE + if (ap_sta_is_mld(hapd, sta)) { --- a/src/ap/rrm.c +++ b/src/ap/rrm.c @@ -269,6 +269,8 @@ static void hostapd_send_nei_report_resp diff --git a/package/network/services/hostapd/patches/600-ubus_support.patch b/package/network/services/hostapd/patches/600-ubus_support.patch index a6ccf83331..00f577caba 100644 --- a/package/network/services/hostapd/patches/600-ubus_support.patch +++ b/package/network/services/hostapd/patches/600-ubus_support.patch @@ -12,7 +12,7 @@ +endif ifdef CONFIG_CODE_COVERAGE - CFLAGS += -O0 -fprofile-arcs -ftest-coverage + CFLAGS += -O0 -fprofile-arcs -ftest-coverage -U_FORTIFY_SOURCE --- a/src/ap/hostapd.h +++ b/src/ap/hostapd.h @@ -18,6 +18,7 @@ @@ -31,7 +31,7 @@ int interface_added; /* virtual interface added for this BSS */ unsigned int started:1; unsigned int disabled:1; -@@ -695,6 +697,7 @@ hostapd_alloc_bss_data(struct hostapd_if +@@ -707,6 +709,7 @@ hostapd_alloc_bss_data(struct hostapd_if struct hostapd_bss_config *bss); int hostapd_setup_interface(struct hostapd_iface *iface); int hostapd_setup_interface_complete(struct hostapd_iface *iface, int err); @@ -41,7 +41,7 @@ struct hostapd_iface * hostapd_alloc_iface(void); --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -435,6 +435,7 @@ void hostapd_free_hapd_data(struct hosta +@@ -493,6 +493,7 @@ void hostapd_free_hapd_data(struct hosta hapd->beacon_set_done = 0; wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface); @@ -49,7 +49,7 @@ accounting_deinit(hapd); hostapd_deinit_wpa(hapd); vlan_deinit(hapd); -@@ -1187,6 +1188,8 @@ static int hostapd_start_beacon(struct h +@@ -1274,6 +1275,8 @@ static int hostapd_start_beacon(struct h if (hapd->driver && hapd->driver->set_operstate) hapd->driver->set_operstate(hapd->drv_priv, 1); @@ -58,7 +58,7 @@ return 0; } -@@ -2275,6 +2278,7 @@ static int hostapd_setup_interface_compl +@@ -2367,6 +2370,7 @@ static int hostapd_setup_interface_compl if (err) goto fail; @@ -66,7 +66,7 @@ wpa_printf(MSG_DEBUG, "Completing interface initialization"); if (iface->freq) { #ifdef NEED_AP_MLME -@@ -2494,6 +2498,7 @@ dfs_offload: +@@ -2586,6 +2590,7 @@ dfs_offload: fail: wpa_printf(MSG_ERROR, "Interface initialization failed"); @@ -74,7 +74,7 @@ if (iface->is_no_ir) { hostapd_set_state(iface, HAPD_IFACE_NO_IR); -@@ -2984,6 +2989,7 @@ void hostapd_interface_deinit_free(struc +@@ -3076,6 +3081,7 @@ void hostapd_interface_deinit_free(struc (unsigned int) iface->conf->num_bss); driver = iface->bss[0]->driver; drv_priv = iface->bss[0]->drv_priv; @@ -84,7 +84,7 @@ __func__, driver, drv_priv); --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c -@@ -2786,7 +2786,7 @@ static void handle_auth(struct hostapd_d +@@ -2798,7 +2798,7 @@ static void handle_auth(struct hostapd_d u16 auth_alg, auth_transaction, status_code; u16 resp = WLAN_STATUS_SUCCESS; struct sta_info *sta = NULL; @@ -93,7 +93,7 @@ u16 fc; const u8 *challenge = NULL; u8 resp_ies[2 + WLAN_AUTH_CHALLENGE_LEN]; -@@ -2795,6 +2795,11 @@ static void handle_auth(struct hostapd_d +@@ -2807,6 +2807,11 @@ static void handle_auth(struct hostapd_d struct radius_sta rad_info; const u8 *dst, *sa, *bssid; bool mld_sta = false; @@ -105,7 +105,7 @@ if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) { wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)", -@@ -2986,6 +2991,13 @@ static void handle_auth(struct hostapd_d +@@ -2998,6 +3003,13 @@ static void handle_auth(struct hostapd_d resp = WLAN_STATUS_UNSPECIFIED_FAILURE; goto fail; } @@ -119,7 +119,7 @@ if (res == HOSTAPD_ACL_PENDING) return; -@@ -5161,7 +5173,7 @@ static void handle_assoc(struct hostapd_ +@@ -5242,7 +5254,7 @@ static void handle_assoc(struct hostapd_ int resp = WLAN_STATUS_SUCCESS; u16 reply_res = WLAN_STATUS_UNSPECIFIED_FAILURE; const u8 *pos; @@ -128,7 +128,7 @@ struct sta_info *sta; u8 *tmp = NULL; #ifdef CONFIG_FILS -@@ -5374,6 +5386,11 @@ static void handle_assoc(struct hostapd_ +@@ -5484,6 +5496,11 @@ static void handle_assoc(struct hostapd_ left = res; } #endif /* CONFIG_FILS */ @@ -140,9 +140,9 @@ /* followed by SSID and Supported rates; and HT capabilities if 802.11n * is used */ -@@ -5472,6 +5489,13 @@ static void handle_assoc(struct hostapd_ - } - #endif /* CONFIG_FILS */ +@@ -5586,6 +5603,13 @@ static void handle_assoc(struct hostapd_ + if (set_beacon) + ieee802_11_set_beacons(hapd->iface); + ubus_resp = hostapd_ubus_handle_event(hapd, &req); + if (ubus_resp) { @@ -154,7 +154,7 @@ fail: /* -@@ -5753,6 +5777,7 @@ static void handle_disassoc(struct hosta +@@ -5836,6 +5860,7 @@ static void handle_disassoc(struct hosta (unsigned long) len); return; } @@ -162,7 +162,7 @@ sta = ap_get_sta(hapd, mgmt->sa); if (!sta) { -@@ -5784,6 +5809,8 @@ static void handle_deauth(struct hostapd +@@ -5867,6 +5892,8 @@ static void handle_deauth(struct hostapd /* Clear the PTKSA cache entries for PASN */ ptksa_cache_flush(hapd->ptksa, mgmt->sa, WPA_CIPHER_NONE); @@ -173,10 +173,10 @@ wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR --- a/src/ap/beacon.c +++ b/src/ap/beacon.c -@@ -1036,6 +1036,12 @@ void handle_probe_req(struct hostapd_dat - u16 csa_offs[2]; - size_t csa_offs_len; - struct radius_sta rad_info; +@@ -1351,6 +1351,12 @@ void handle_probe_req(struct hostapd_dat + int mld_id; + u16 links; + #endif /* CONFIG_IEEE80211BE */ + struct hostapd_ubus_request req = { + .type = HOSTAPD_UBUS_PROBE_REQ, + .mgmt_frame = mgmt, @@ -186,7 +186,7 @@ if (hapd->iconf->rssi_ignore_probe_request && ssi_signal && ssi_signal < hapd->iconf->rssi_ignore_probe_request) -@@ -1222,6 +1228,12 @@ void handle_probe_req(struct hostapd_dat +@@ -1537,6 +1543,12 @@ void handle_probe_req(struct hostapd_dat } #endif /* CONFIG_P2P */ @@ -201,10 +201,10 @@ --- a/src/ap/drv_callbacks.c +++ b/src/ap/drv_callbacks.c -@@ -260,6 +260,10 @@ int hostapd_notif_assoc(struct hostapd_d - u16 reason = WLAN_REASON_UNSPECIFIED; - int status = WLAN_STATUS_SUCCESS; - const u8 *p2p_dev_addr = NULL; +@@ -268,6 +268,10 @@ int hostapd_notif_assoc(struct hostapd_d + struct hostapd_iface *iface = hapd->iface; + #endif /* CONFIG_OWE */ + bool updated = false; + struct hostapd_ubus_request req = { + .type = HOSTAPD_UBUS_ASSOC_REQ, + .addr = addr, @@ -212,7 +212,7 @@ if (addr == NULL) { /* -@@ -396,6 +400,12 @@ int hostapd_notif_assoc(struct hostapd_d +@@ -412,6 +416,12 @@ int hostapd_notif_assoc(struct hostapd_d goto fail; } @@ -227,7 +227,7 @@ wpabuf_free(sta->p2p_ie); --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c -@@ -471,6 +471,7 @@ void ap_handle_timer(void *eloop_ctx, vo +@@ -476,6 +476,7 @@ void ap_handle_timer(void *eloop_ctx, vo hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_INFO, "deauthenticated due to " "local deauth request"); @@ -235,7 +235,7 @@ ap_free_sta(hapd, sta); return; } -@@ -626,6 +627,7 @@ skip_poll: +@@ -631,6 +632,7 @@ skip_poll: mlme_deauthenticate_indication( hapd, sta, WLAN_REASON_PREV_AUTH_NOT_VALID); @@ -243,8 +243,8 @@ ap_free_sta(hapd, sta); break; } -@@ -1344,15 +1346,28 @@ void ap_sta_set_authorized(struct hostap - sta->addr, authorized, dev_addr); +@@ -1451,15 +1453,28 @@ void ap_sta_set_authorized_event(struct + os_snprintf(buf, sizeof(buf), MACSTR, MAC2STR(sta->addr)); if (authorized) { + static const char * const auth_algs[] = { @@ -272,7 +272,7 @@ #ifdef CONFIG_P2P if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) { os_snprintf(ip_addr, sizeof(ip_addr), -@@ -1362,6 +1377,13 @@ void ap_sta_set_authorized(struct hostap +@@ -1470,6 +1485,13 @@ void ap_sta_set_authorized_event(struct } #endif /* CONFIG_P2P */ @@ -286,7 +286,7 @@ keyid = ap_sta_wpa_get_keyid(hapd, sta); if (keyid) { os_snprintf(keyid_buf, sizeof(keyid_buf), -@@ -1380,17 +1402,19 @@ void ap_sta_set_authorized(struct hostap +@@ -1488,17 +1510,19 @@ void ap_sta_set_authorized_event(struct dpp_pkhash, SHA256_MAC_LEN); } @@ -312,7 +312,7 @@ hapd->msg_ctx_parent != hapd->msg_ctx) --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c -@@ -269,6 +269,7 @@ static void hostapd_wpa_auth_psk_failure +@@ -275,6 +275,7 @@ static void hostapd_wpa_auth_psk_failure struct hostapd_data *hapd = ctx; wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_POSSIBLE_PSK_MISMATCH MACSTR, MAC2STR(addr)); @@ -322,7 +322,7 @@ --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -192,6 +192,13 @@ ifdef CONFIG_EAPOL_TEST +@@ -189,6 +189,13 @@ ifdef CONFIG_EAPOL_TEST CFLAGS += -Werror -DEAPOL_TEST endif @@ -334,9 +334,9 @@ +endif + ifdef CONFIG_CODE_COVERAGE - CFLAGS += -O0 -fprofile-arcs -ftest-coverage + CFLAGS += -O0 -fprofile-arcs -ftest-coverage -U_FORTIFY_SOURCE LIBS += -lgcov -@@ -987,6 +994,9 @@ ifdef CONFIG_CTRL_IFACE_MIB +@@ -1043,6 +1050,9 @@ ifdef CONFIG_CTRL_IFACE_MIB CFLAGS += -DCONFIG_CTRL_IFACE_MIB endif OBJS += ../src/ap/ctrl_iface_ap.o @@ -348,7 +348,7 @@ CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -7595,6 +7595,8 @@ struct wpa_supplicant * wpa_supplicant_a +@@ -7716,6 +7716,8 @@ struct wpa_supplicant * wpa_supplicant_a } #endif /* CONFIG_P2P */ @@ -357,7 +357,7 @@ return wpa_s; } -@@ -7621,6 +7623,8 @@ int wpa_supplicant_remove_iface(struct w +@@ -7742,6 +7744,8 @@ int wpa_supplicant_remove_iface(struct w struct wpa_supplicant *parent = wpa_s->parent; #endif /* CONFIG_MESH */ @@ -366,7 +366,7 @@ /* Remove interface from the global list of interfaces */ prev = global->ifaces; if (prev == wpa_s) { -@@ -7967,8 +7971,12 @@ int wpa_supplicant_run(struct wpa_global +@@ -8088,8 +8092,12 @@ int wpa_supplicant_run(struct wpa_global eloop_register_signal_terminate(wpa_supplicant_terminate, global); eloop_register_signal_reconfig(wpa_supplicant_reconfig, global); @@ -398,7 +398,7 @@ }; -@@ -685,6 +688,7 @@ struct wpa_supplicant { +@@ -693,6 +696,7 @@ struct wpa_supplicant { unsigned char own_addr[ETH_ALEN]; unsigned char perm_addr[ETH_ALEN]; char ifname[100]; @@ -416,7 +416,7 @@ #ifndef WPS_PIN_SCAN_IGNORE_SEL_REG -@@ -402,6 +403,8 @@ static int wpa_supplicant_wps_cred(void +@@ -401,6 +402,8 @@ static int wpa_supplicant_wps_cred(void wpa_hexdump_key(MSG_DEBUG, "WPS: Received Credential attribute", cred->cred_attr, cred->cred_attr_len); @@ -508,7 +508,7 @@ --- a/src/ap/dfs.c +++ b/src/ap/dfs.c -@@ -1216,6 +1216,8 @@ int hostapd_dfs_pre_cac_expired(struct h +@@ -1225,6 +1225,8 @@ int hostapd_dfs_pre_cac_expired(struct h "freq=%d ht_enabled=%d chan_offset=%d chan_width=%d cf1=%d cf2=%d", freq, ht_enabled, chan_offset, chan_width, cf1, cf2); @@ -550,7 +550,7 @@ } --- a/src/ap/sta_info.h +++ b/src/ap/sta_info.h -@@ -322,6 +322,7 @@ struct sta_info { +@@ -319,6 +319,7 @@ struct sta_info { #endif /* CONFIG_TESTING_OPTIONS */ #ifdef CONFIG_AIRTIME_POLICY unsigned int airtime_weight; @@ -560,7 +560,7 @@ --- a/src/ap/wnm_ap.c +++ b/src/ap/wnm_ap.c -@@ -455,7 +455,8 @@ static void ieee802_11_rx_bss_trans_mgmt +@@ -479,7 +479,8 @@ static void ieee802_11_rx_bss_trans_mgmt MAC2STR(addr), reason, hex ? " neighbor=" : "", hex); os_free(hex); @@ -570,7 +570,7 @@ } -@@ -477,7 +478,7 @@ static void ieee802_11_rx_bss_trans_mgmt +@@ -501,7 +502,7 @@ static void ieee802_11_rx_bss_trans_mgmt size_t len) { u8 dialog_token, status_code, bss_termination_delay; @@ -579,7 +579,7 @@ int enabled = hapd->conf->bss_transition; struct sta_info *sta; -@@ -524,6 +525,7 @@ static void ieee802_11_rx_bss_trans_mgmt +@@ -548,6 +549,7 @@ static void ieee802_11_rx_bss_trans_mgmt wpa_printf(MSG_DEBUG, "WNM: not enough room for Target BSSID field"); return; } @@ -587,7 +587,7 @@ sta->agreed_to_steer = 1; eloop_cancel_timeout(ap_sta_reset_steer_flag_timer, hapd, sta); eloop_register_timeout(2, 0, ap_sta_reset_steer_flag_timer, -@@ -543,6 +545,10 @@ static void ieee802_11_rx_bss_trans_mgmt +@@ -567,6 +569,10 @@ static void ieee802_11_rx_bss_trans_mgmt MAC2STR(addr), status_code, bss_termination_delay); } diff --git a/package/network/services/hostapd/patches/601-ucode_support.patch b/package/network/services/hostapd/patches/601-ucode_support.patch index cfdb51f356..e459721b89 100644 --- a/package/network/services/hostapd/patches/601-ucode_support.patch +++ b/package/network/services/hostapd/patches/601-ucode_support.patch @@ -26,7 +26,7 @@ ifdef CONFIG_CODE_COVERAGE --- a/hostapd/main.c +++ b/hostapd/main.c -@@ -1007,6 +1007,7 @@ int main(int argc, char *argv[]) +@@ -1014,6 +1014,7 @@ int main(int argc, char *argv[]) } hostapd_global_ctrl_iface_init(&interfaces); @@ -34,7 +34,7 @@ if (hostapd_global_run(&interfaces, daemonize, pid_file)) { wpa_printf(MSG_ERROR, "Failed to start eloop"); -@@ -1016,6 +1017,7 @@ int main(int argc, char *argv[]) +@@ -1023,6 +1024,7 @@ int main(int argc, char *argv[]) ret = 0; out: @@ -71,7 +71,7 @@ int interface_added; /* virtual interface added for this BSS */ unsigned int started:1; unsigned int disabled:1; -@@ -506,6 +512,7 @@ struct hostapd_sta_info { +@@ -518,6 +524,7 @@ struct hostapd_sta_info { */ struct hostapd_iface { struct hapd_interfaces *interfaces; @@ -79,7 +79,7 @@ void *owner; char *config_fname; struct hostapd_config *conf; -@@ -706,6 +713,8 @@ struct hostapd_iface * hostapd_init(stru +@@ -718,6 +725,8 @@ struct hostapd_iface * hostapd_init(stru struct hostapd_iface * hostapd_interface_init_bss(struct hapd_interfaces *interfaces, const char *phy, const char *config_fname, int debug); @@ -90,7 +90,7 @@ void hostapd_interface_deinit_free(struct hostapd_iface *iface); --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -252,6 +252,8 @@ int hostapd_reload_config(struct hostapd +@@ -255,6 +255,8 @@ int hostapd_reload_config(struct hostapd struct hostapd_config *newconf, *oldconf; size_t j; @@ -99,7 +99,7 @@ if (iface->config_fname == NULL) { /* Only in-memory config in use - assume it has been updated */ hostapd_clear_old(iface); -@@ -435,6 +437,7 @@ void hostapd_free_hapd_data(struct hosta +@@ -493,6 +495,7 @@ void hostapd_free_hapd_data(struct hosta hapd->beacon_set_done = 0; wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface); @@ -107,7 +107,7 @@ hostapd_ubus_free_bss(hapd); accounting_deinit(hapd); hostapd_deinit_wpa(hapd); -@@ -600,6 +603,7 @@ void hostapd_cleanup_iface_partial(struc +@@ -687,6 +690,7 @@ void hostapd_cleanup_iface_partial(struc static void hostapd_cleanup_iface(struct hostapd_iface *iface) { wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface); @@ -115,7 +115,7 @@ eloop_cancel_timeout(hostapd_interface_setup_failure_handler, iface, NULL); -@@ -1189,6 +1193,7 @@ static int hostapd_start_beacon(struct h +@@ -1276,6 +1280,7 @@ static int hostapd_start_beacon(struct h hapd->driver->set_operstate(hapd->drv_priv, 1); hostapd_ubus_add_bss(hapd); @@ -123,7 +123,7 @@ return 0; } -@@ -1211,8 +1216,7 @@ static int hostapd_start_beacon(struct h +@@ -1298,8 +1303,7 @@ static int hostapd_start_beacon(struct h * initialized. Most of the modules that are initialized here will be * deinitialized in hostapd_cleanup(). */ @@ -133,7 +133,7 @@ { struct hostapd_bss_config *conf = hapd->conf; u8 ssid[SSID_MAX_LEN + 1]; -@@ -2698,7 +2702,7 @@ hostapd_alloc_bss_data(struct hostapd_if +@@ -2790,7 +2794,7 @@ hostapd_alloc_bss_data(struct hostapd_if } @@ -142,7 +142,7 @@ { if (!hapd) return; -@@ -3491,7 +3495,8 @@ int hostapd_remove_iface(struct hapd_int +@@ -3608,7 +3612,8 @@ int hostapd_remove_iface(struct hapd_int hapd_iface = interfaces->iface[i]; if (hapd_iface == NULL) return -1; @@ -154,7 +154,7 @@ !!(hapd_iface->drv_flags & --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -195,8 +195,20 @@ endif +@@ -192,8 +192,20 @@ endif ifdef CONFIG_UBUS CFLAGS += -DUBUS_SUPPORT OBJS += ubus.o @@ -176,7 +176,7 @@ endif ifdef CONFIG_CODE_COVERAGE -@@ -997,6 +1009,9 @@ OBJS += ../src/ap/ctrl_iface_ap.o +@@ -1053,6 +1065,9 @@ OBJS += ../src/ap/ctrl_iface_ap.o ifdef CONFIG_UBUS OBJS += ../src/ap/ubus.o endif @@ -188,7 +188,7 @@ CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -1044,6 +1044,7 @@ void wpa_supplicant_set_state(struct wpa +@@ -1060,6 +1060,7 @@ void wpa_supplicant_set_state(struct wpa sme_sched_obss_scan(wpa_s, 0); } wpa_s->wpa_state = state; @@ -196,7 +196,7 @@ #ifdef CONFIG_BGSCAN if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid) -@@ -7594,6 +7595,7 @@ struct wpa_supplicant * wpa_supplicant_a +@@ -7717,6 +7718,7 @@ struct wpa_supplicant * wpa_supplicant_a #endif /* CONFIG_P2P */ wpas_ubus_add_bss(wpa_s); @@ -204,7 +204,7 @@ return wpa_s; } -@@ -7621,6 +7623,7 @@ int wpa_supplicant_remove_iface(struct w +@@ -7744,6 +7746,7 @@ int wpa_supplicant_remove_iface(struct w struct wpa_supplicant *parent = wpa_s->parent; #endif /* CONFIG_MESH */ @@ -212,7 +212,7 @@ wpas_ubus_free_bss(wpa_s); /* Remove interface from the global list of interfaces */ -@@ -7931,6 +7934,7 @@ struct wpa_global * wpa_supplicant_init( +@@ -8054,6 +8057,7 @@ struct wpa_global * wpa_supplicant_init( eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0, wpas_periodic, global, NULL); @@ -220,7 +220,7 @@ return global; } -@@ -7969,12 +7973,8 @@ int wpa_supplicant_run(struct wpa_global +@@ -8092,12 +8096,8 @@ int wpa_supplicant_run(struct wpa_global eloop_register_signal_terminate(wpa_supplicant_terminate, global); eloop_register_signal_reconfig(wpa_supplicant_reconfig, global); @@ -233,7 +233,7 @@ return 0; } -@@ -8007,6 +8007,8 @@ void wpa_supplicant_deinit(struct wpa_gl +@@ -8130,6 +8130,8 @@ void wpa_supplicant_deinit(struct wpa_gl wpas_notify_supplicant_deinitialized(global); @@ -252,7 +252,7 @@ extern const char *const wpa_supplicant_version; extern const char *const wpa_supplicant_license; -@@ -689,6 +690,7 @@ struct wpa_supplicant { +@@ -697,6 +698,7 @@ struct wpa_supplicant { unsigned char perm_addr[ETH_ALEN]; char ifname[100]; struct wpas_ubus_bss ubus; @@ -262,7 +262,7 @@ #endif /* CONFIG_MATCH_IFACE */ --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c -@@ -4856,6 +4856,7 @@ try_again: +@@ -5487,6 +5487,7 @@ try_again: return -1; } @@ -270,7 +270,7 @@ wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb); return 0; -@@ -4957,6 +4958,7 @@ fail: +@@ -5588,6 +5589,7 @@ fail: os_free(fname); interface->global_ctrl_sock = s; @@ -280,7 +280,7 @@ --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -3787,6 +3787,25 @@ struct wpa_driver_ops { +@@ -3853,6 +3853,25 @@ struct wpa_driver_ops { const char *ifname); /** @@ -306,7 +306,7 @@ * set_sta_vlan - Bind a station into a specific interface (AP only) * @priv: Private driver interface data * @ifname: Interface (main or virtual BSS or VLAN) -@@ -6440,6 +6459,7 @@ union wpa_event_data { +@@ -6507,6 +6526,7 @@ union wpa_event_data { /** * struct ch_switch @@ -314,7 +314,7 @@ * @freq: Frequency of new channel in MHz * @ht_enabled: Whether this is an HT channel * @ch_offset: Secondary channel offset -@@ -6450,6 +6470,7 @@ union wpa_event_data { +@@ -6517,6 +6537,7 @@ union wpa_event_data { * @punct_bitmap: Puncturing bitmap */ struct ch_switch { @@ -324,7 +324,7 @@ int ch_offset; --- a/src/drivers/driver_nl80211_event.c +++ b/src/drivers/driver_nl80211_event.c -@@ -1202,6 +1202,7 @@ static void mlme_event_ch_switch(struct +@@ -1196,6 +1196,7 @@ static void mlme_event_ch_switch(struct struct nlattr *bw, struct nlattr *cf1, struct nlattr *cf2, struct nlattr *punct_bitmap, @@ -332,7 +332,7 @@ int finished) { struct i802_bss *bss; -@@ -1265,6 +1266,8 @@ static void mlme_event_ch_switch(struct +@@ -1259,6 +1260,8 @@ static void mlme_event_ch_switch(struct data.ch_switch.cf1 = nla_get_u32(cf1); if (cf2) data.ch_switch.cf2 = nla_get_u32(cf2); @@ -341,7 +341,7 @@ if (finished) bss->flink->freq = data.ch_switch.freq; -@@ -3912,6 +3915,7 @@ static void do_process_drv_event(struct +@@ -3961,6 +3964,7 @@ static void do_process_drv_event(struct tb[NL80211_ATTR_CENTER_FREQ1], tb[NL80211_ATTR_CENTER_FREQ2], tb[NL80211_ATTR_PUNCT_BITMAP], @@ -349,7 +349,7 @@ 0); break; case NL80211_CMD_CH_SWITCH_NOTIFY: -@@ -3924,6 +3928,7 @@ static void do_process_drv_event(struct +@@ -3973,6 +3977,7 @@ static void do_process_drv_event(struct tb[NL80211_ATTR_CENTER_FREQ1], tb[NL80211_ATTR_CENTER_FREQ2], tb[NL80211_ATTR_PUNCT_BITMAP], @@ -359,7 +359,7 @@ case NL80211_CMD_DISCONNECT: --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c -@@ -5389,6 +5389,7 @@ void supplicant_event(void *ctx, enum wp +@@ -5955,6 +5955,7 @@ void supplicant_event(void *ctx, enum wp event_to_string(event), event); #endif /* CONFIG_NO_STDOUT_DEBUG */ @@ -369,8 +369,8 @@ #ifdef CONFIG_FST --- a/src/ap/ap_drv_ops.h +++ b/src/ap/ap_drv_ops.h -@@ -393,6 +393,23 @@ static inline int hostapd_drv_stop_ap(st - return hapd->driver->stop_ap(hapd->drv_priv); +@@ -399,6 +399,23 @@ static inline int hostapd_drv_stop_ap(st + return hapd->driver->stop_ap(hapd->drv_priv, link_id); } +static inline int hostapd_drv_if_rename(struct hostapd_data *hapd, @@ -395,7 +395,7 @@ { --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -73,6 +73,16 @@ enum nlmsgerr_attrs { +@@ -75,6 +75,16 @@ enum nlmsgerr_attrs { #endif /* ANDROID */ @@ -412,7 +412,7 @@ static struct nl_sock * nl_create_handle(struct nl_cb *cb, const char *dbg) { -@@ -379,6 +389,11 @@ static int no_seq_check(struct nl_msg *m +@@ -429,6 +439,11 @@ static int no_seq_check(struct nl_msg *m return NL_OK; } @@ -424,23 +424,24 @@ static void nl80211_nlmsg_clear(struct nl_msg *msg) { -@@ -415,6 +430,7 @@ static int send_and_recv(struct nl80211_ +@@ -502,6 +517,8 @@ int send_and_recv(struct nl80211_global if (!msg) return -ENOMEM; + handle_nl_debug_hook(msg, 1); - cb = nl_cb_clone(global->nl_cb); - if (!cb) - goto out; -@@ -443,6 +459,7 @@ static int send_and_recv(struct nl80211_ ++ + err.err = -ENOMEM; - err = 1; + s_nl_cb = nl_socket_get_cb(nl_handle); +@@ -536,6 +553,7 @@ int send_and_recv(struct nl80211_global + err.orig_msg = msg; + err.err_info = err_info; + nl_cb_set(cb, NL_CB_MSG_IN, NL_CB_CUSTOM, debug_handler, NULL); nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err); - nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err); + nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err.err); if (ack_handler_custom) { -@@ -919,6 +936,7 @@ nl80211_get_wiphy_data_ap(struct i802_bs +@@ -939,6 +957,7 @@ nl80211_get_wiphy_data_ap(struct i802_bs os_free(w); return NULL; } @@ -448,7 +449,7 @@ nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL); nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, -@@ -1333,7 +1351,7 @@ static void wpa_driver_nl80211_event_rtm +@@ -1353,7 +1372,7 @@ static void wpa_driver_nl80211_event_rtm } wpa_printf(MSG_DEBUG, "nl80211: Interface down (%s/%s)", namebuf, ifname); @@ -457,7 +458,7 @@ wpa_printf(MSG_DEBUG, "nl80211: Not the main interface (%s) - do not indicate interface down", drv->first_bss->ifname); -@@ -1369,7 +1387,7 @@ static void wpa_driver_nl80211_event_rtm +@@ -1389,7 +1408,7 @@ static void wpa_driver_nl80211_event_rtm } wpa_printf(MSG_DEBUG, "nl80211: Interface up (%s/%s)", namebuf, ifname); @@ -466,15 +467,15 @@ wpa_printf(MSG_DEBUG, "nl80211: Not the main interface (%s) - do not indicate interface up", drv->first_bss->ifname); -@@ -1992,6 +2010,7 @@ static int wpa_driver_nl80211_init_nl_gl - /* Continue without vendor events */ - } +@@ -2035,6 +2054,7 @@ static int wpa_driver_nl80211_init_nl_gl + genl_family_put(family); + nl_cache_free(cache); + nl_cb_set(global->nl_cb, NL_CB_MSG_IN, NL_CB_CUSTOM, debug_handler, NULL); nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL); nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, -@@ -2160,6 +2179,7 @@ static int nl80211_init_bss(struct i802_ +@@ -2205,6 +2225,7 @@ static int nl80211_init_bss(struct i802_ if (!bss->nl_cb) return -1; @@ -482,7 +483,7 @@ nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL); nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, -@@ -8432,6 +8452,7 @@ static void *i802_init(struct hostapd_da +@@ -8554,6 +8575,7 @@ static void *i802_init(struct hostapd_da char master_ifname[IFNAMSIZ]; int ifindex, br_ifindex = 0; int br_added = 0; @@ -490,7 +491,7 @@ bss = wpa_driver_nl80211_drv_init(hapd, params->ifname, params->global_priv, 1, -@@ -8491,21 +8512,17 @@ static void *i802_init(struct hostapd_da +@@ -8613,21 +8635,17 @@ static void *i802_init(struct hostapd_da (params->num_bridge == 0 || !params->bridge[0])) add_ifidx(drv, br_ifindex, drv->ifindex); @@ -522,7 +523,7 @@ } if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) { -@@ -8875,6 +8892,50 @@ static int wpa_driver_nl80211_if_remove( +@@ -8992,6 +9010,50 @@ static int wpa_driver_nl80211_if_remove( return 0; } @@ -573,7 +574,7 @@ static int cookie_handler(struct nl_msg *msg, void *arg) { -@@ -10513,6 +10574,37 @@ static int driver_nl80211_if_remove(void +@@ -10688,6 +10750,37 @@ static int driver_nl80211_if_remove(void } @@ -611,7 +612,7 @@ static int driver_nl80211_send_mlme(void *priv, const u8 *data, size_t data_len, int noack, unsigned int freq, -@@ -13697,6 +13789,8 @@ const struct wpa_driver_ops wpa_driver_n +@@ -13881,6 +13974,8 @@ const struct wpa_driver_ops wpa_driver_n .set_acl = wpa_driver_nl80211_set_acl, .if_add = wpa_driver_nl80211_if_add, .if_remove = driver_nl80211_if_remove, diff --git a/package/network/services/hostapd/patches/701-reload_config_inline.patch b/package/network/services/hostapd/patches/701-reload_config_inline.patch index 3c62bf670f..7d159a23c5 100644 --- a/package/network/services/hostapd/patches/701-reload_config_inline.patch +++ b/package/network/services/hostapd/patches/701-reload_config_inline.patch @@ -1,6 +1,6 @@ --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -4816,7 +4816,12 @@ struct hostapd_config * hostapd_config_r +@@ -5065,7 +5065,12 @@ struct hostapd_config * hostapd_config_r int errors = 0; size_t i; diff --git a/package/network/services/hostapd/patches/710-vlan_no_bridge.patch b/package/network/services/hostapd/patches/710-vlan_no_bridge.patch index 63d1b8a3b8..1be3f89242 100644 --- a/package/network/services/hostapd/patches/710-vlan_no_bridge.patch +++ b/package/network/services/hostapd/patches/710-vlan_no_bridge.patch @@ -30,7 +30,7 @@ --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3351,6 +3351,8 @@ static int hostapd_config_fill(struct ho +@@ -3559,6 +3559,8 @@ static int hostapd_config_fill(struct ho #ifndef CONFIG_NO_VLAN } else if (os_strcmp(buf, "dynamic_vlan") == 0) { bss->ssid.dynamic_vlan = atoi(pos); diff --git a/package/network/services/hostapd/patches/711-wds_bridge_force.patch b/package/network/services/hostapd/patches/711-wds_bridge_force.patch index c0f2c31c44..32f4eb5b02 100644 --- a/package/network/services/hostapd/patches/711-wds_bridge_force.patch +++ b/package/network/services/hostapd/patches/711-wds_bridge_force.patch @@ -1,6 +1,6 @@ --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -2318,6 +2318,8 @@ static int hostapd_config_fill(struct ho +@@ -2447,6 +2447,8 @@ static int hostapd_config_fill(struct ho sizeof(conf->bss[0]->iface)); } else if (os_strcmp(buf, "bridge") == 0) { os_strlcpy(bss->bridge, pos, sizeof(bss->bridge)); @@ -11,7 +11,7 @@ } else if (os_strcmp(buf, "vlan_bridge") == 0) { --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c -@@ -348,8 +348,6 @@ int hostapd_set_wds_sta(struct hostapd_d +@@ -387,8 +387,6 @@ int hostapd_set_wds_sta(struct hostapd_d return -1; if (hapd->conf->wds_bridge[0]) bridge = hapd->conf->wds_bridge; diff --git a/package/network/services/hostapd/patches/720-iface_max_num_sta.patch b/package/network/services/hostapd/patches/720-iface_max_num_sta.patch index 089c1ddc24..85dcd9f37a 100644 --- a/package/network/services/hostapd/patches/720-iface_max_num_sta.patch +++ b/package/network/services/hostapd/patches/720-iface_max_num_sta.patch @@ -1,6 +1,6 @@ --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -2848,6 +2848,14 @@ static int hostapd_config_fill(struct ho +@@ -3041,6 +3041,14 @@ static int hostapd_config_fill(struct ho line, bss->max_num_sta, MAX_STA_COUNT); return 1; } @@ -17,7 +17,7 @@ } else if (os_strcmp(buf, "extended_key_id") == 0) { --- a/src/ap/hostapd.h +++ b/src/ap/hostapd.h -@@ -742,6 +742,7 @@ void hostapd_cleanup_cs_params(struct ho +@@ -754,6 +754,7 @@ void hostapd_cleanup_cs_params(struct ho void hostapd_periodic_iface(struct hostapd_iface *iface); int hostapd_owe_trans_get_info(struct hostapd_data *hapd); void hostapd_ocv_check_csa_sa_query(void *eloop_ctx, void *timeout_ctx); @@ -27,7 +27,7 @@ void hostapd_cleanup_cca_params(struct hostapd_data *hapd); --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -244,6 +244,29 @@ static int hostapd_iface_conf_changed(st +@@ -247,6 +247,29 @@ static int hostapd_iface_conf_changed(st return 0; } @@ -59,7 +59,7 @@ { --- a/src/ap/beacon.c +++ b/src/ap/beacon.c -@@ -1252,7 +1252,7 @@ void handle_probe_req(struct hostapd_dat +@@ -1567,7 +1567,7 @@ void handle_probe_req(struct hostapd_dat if (hapd->conf->no_probe_resp_if_max_sta && is_multicast_ether_addr(mgmt->da) && is_multicast_ether_addr(mgmt->bssid) && @@ -70,7 +70,7 @@ " since no room for additional STA", --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h -@@ -1039,6 +1039,8 @@ struct hostapd_config { +@@ -1057,6 +1057,8 @@ struct hostapd_config { unsigned int track_sta_max_num; unsigned int track_sta_max_age; diff --git a/package/network/services/hostapd/patches/730-ft_iface.patch b/package/network/services/hostapd/patches/730-ft_iface.patch index 0795ed15a1..1d10756343 100644 --- a/package/network/services/hostapd/patches/730-ft_iface.patch +++ b/package/network/services/hostapd/patches/730-ft_iface.patch @@ -1,6 +1,6 @@ --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3007,6 +3007,8 @@ static int hostapd_config_fill(struct ho +@@ -3200,6 +3200,8 @@ static int hostapd_config_fill(struct ho wpa_printf(MSG_INFO, "Line %d: Obsolete peerkey parameter ignored", line); #ifdef CONFIG_IEEE80211R_AP @@ -21,7 +21,7 @@ int bridge_hairpin; /* hairpin_mode on bridge members */ --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c -@@ -1727,8 +1727,12 @@ int hostapd_setup_wpa(struct hostapd_dat +@@ -1777,8 +1777,12 @@ int hostapd_setup_wpa(struct hostapd_dat wpa_key_mgmt_ft(hapd->conf->wpa_key_mgmt)) { const char *ft_iface; diff --git a/package/network/services/hostapd/patches/740-snoop_iface.patch b/package/network/services/hostapd/patches/740-snoop_iface.patch index ce64513a42..b704f2eb25 100644 --- a/package/network/services/hostapd/patches/740-snoop_iface.patch +++ b/package/network/services/hostapd/patches/740-snoop_iface.patch @@ -76,7 +76,7 @@ hapd->x_snoop_initialized = false; --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -2322,6 +2322,8 @@ static int hostapd_config_fill(struct ho +@@ -2451,6 +2451,8 @@ static int hostapd_config_fill(struct ho os_strlcpy(bss->wds_bridge, pos, sizeof(bss->wds_bridge)); } else if (os_strcmp(buf, "bridge_hairpin") == 0) { bss->bridge_hairpin = atoi(pos); @@ -104,7 +104,7 @@ static inline int hostapd_drv_vendor_cmd(struct hostapd_data *hapd, --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -4209,7 +4209,7 @@ struct wpa_driver_ops { +@@ -4275,7 +4275,7 @@ struct wpa_driver_ops { * Returns: 0 on success, negative (<0) on failure */ int (*br_set_net_param)(void *priv, enum drv_br_net_param param, @@ -115,7 +115,7 @@ * get_wowlan - Get wake-on-wireless status --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -12168,7 +12168,7 @@ static const char * drv_br_net_param_str +@@ -12376,7 +12376,7 @@ static const char * drv_br_net_param_str static int wpa_driver_br_set_net_param(void *priv, enum drv_br_net_param param, @@ -124,7 +124,7 @@ { struct i802_bss *bss = priv; char path[128]; -@@ -12194,8 +12194,11 @@ static int wpa_driver_br_set_net_param(v +@@ -12402,8 +12402,11 @@ static int wpa_driver_br_set_net_param(v return -EINVAL; } diff --git a/package/network/services/hostapd/patches/750-qos_map_set_without_interworking.patch b/package/network/services/hostapd/patches/750-qos_map_set_without_interworking.patch index 97c32df704..c30d6a485d 100644 --- a/package/network/services/hostapd/patches/750-qos_map_set_without_interworking.patch +++ b/package/network/services/hostapd/patches/750-qos_map_set_without_interworking.patch @@ -1,6 +1,6 @@ --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -1604,6 +1604,8 @@ static int parse_anqp_elem(struct hostap +@@ -1680,6 +1680,8 @@ static int parse_anqp_elem(struct hostap return 0; } @@ -9,7 +9,7 @@ static int parse_qos_map_set(struct hostapd_bss_config *bss, char *buf, int line) -@@ -1645,8 +1647,6 @@ static int parse_qos_map_set(struct host +@@ -1721,8 +1723,6 @@ static int parse_qos_map_set(struct host return 0; } @@ -18,7 +18,7 @@ #ifdef CONFIG_HS20 static int hs20_parse_conn_capab(struct hostapd_bss_config *bss, char *buf, -@@ -4062,10 +4062,10 @@ static int hostapd_config_fill(struct ho +@@ -4282,10 +4282,10 @@ static int hostapd_config_fill(struct ho bss->gas_frag_limit = val; } else if (os_strcmp(buf, "gas_comeback_delay") == 0) { bss->gas_comeback_delay = atoi(pos); @@ -32,7 +32,7 @@ os_free(bss->dump_msk_file); --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -1486,6 +1486,7 @@ int hostapd_setup_bss(struct hostapd_dat +@@ -1578,6 +1578,7 @@ int hostapd_setup_bss(struct hostapd_dat wpa_printf(MSG_ERROR, "GAS server initialization failed"); return -1; } @@ -40,7 +40,7 @@ if (conf->qos_map_set_len && hostapd_drv_set_qos_map(hapd, conf->qos_map_set, -@@ -1493,7 +1494,6 @@ int hostapd_setup_bss(struct hostapd_dat +@@ -1585,7 +1586,6 @@ int hostapd_setup_bss(struct hostapd_dat wpa_printf(MSG_ERROR, "Failed to initialize QoS Map"); return -1; } @@ -50,7 +50,7 @@ wpa_printf(MSG_ERROR, "BSS Load initialization failed"); --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c -@@ -2683,8 +2683,6 @@ void wnm_bss_keep_alive_deinit(struct wp +@@ -2935,8 +2935,6 @@ void wnm_bss_keep_alive_deinit(struct wp } @@ -59,7 +59,7 @@ static int wpas_qos_map_set(struct wpa_supplicant *wpa_s, const u8 *qos_map, size_t len) { -@@ -2717,8 +2715,6 @@ static void interworking_process_assoc_r +@@ -2969,8 +2967,6 @@ static void interworking_process_assoc_r } } @@ -68,7 +68,7 @@ static void wpa_supplicant_set_4addr_mode(struct wpa_supplicant *wpa_s) { -@@ -3098,10 +3094,8 @@ static int wpa_supplicant_event_associnf +@@ -3350,10 +3346,8 @@ static int wpa_supplicant_event_associnf wnm_process_assoc_resp(wpa_s, data->assoc_info.resp_ies, data->assoc_info.resp_ies_len); #endif /* CONFIG_WNM */ @@ -81,7 +81,7 @@ data->assoc_info.resp_ies_len, WLAN_EID_VHT_CAP)) --- a/src/ap/ieee802_11_shared.c +++ b/src/ap/ieee802_11_shared.c -@@ -1116,13 +1116,11 @@ u8 * hostapd_eid_rsnxe(struct hostapd_da +@@ -1138,13 +1138,11 @@ u8 * hostapd_eid_rsnxe(struct hostapd_da u16 check_ext_capab(struct hostapd_data *hapd, struct sta_info *sta, const u8 *ext_capab_ie, size_t ext_capab_ie_len) { diff --git a/package/network/services/hostapd/patches/751-qos_map_ignore_when_unsupported.patch b/package/network/services/hostapd/patches/751-qos_map_ignore_when_unsupported.patch index f5ebab70d1..5428476b09 100644 --- a/package/network/services/hostapd/patches/751-qos_map_ignore_when_unsupported.patch +++ b/package/network/services/hostapd/patches/751-qos_map_ignore_when_unsupported.patch @@ -1,6 +1,6 @@ --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c -@@ -927,7 +927,8 @@ int hostapd_start_dfs_cac(struct hostapd +@@ -998,7 +998,8 @@ int hostapd_start_dfs_cac(struct hostapd int hostapd_drv_set_qos_map(struct hostapd_data *hapd, const u8 *qos_map_set, u8 qos_map_set_len) { diff --git a/package/network/services/hostapd/patches/760-dynamic_own_ip.patch b/package/network/services/hostapd/patches/760-dynamic_own_ip.patch index 2c705a68cf..7f1b5fc826 100644 --- a/package/network/services/hostapd/patches/760-dynamic_own_ip.patch +++ b/package/network/services/hostapd/patches/760-dynamic_own_ip.patch @@ -10,7 +10,7 @@ int acct_interim_interval; --- a/src/radius/radius_client.c +++ b/src/radius/radius_client.c -@@ -163,6 +163,8 @@ struct radius_client_data { +@@ -165,6 +165,8 @@ struct radius_client_data { */ void *ctx; @@ -19,7 +19,7 @@ /** * conf - RADIUS client configuration (list of RADIUS servers to use) */ -@@ -720,6 +722,30 @@ static void radius_client_list_add(struc +@@ -819,6 +821,30 @@ static void radius_close_acct_socket(str /** @@ -50,7 +50,7 @@ * radius_client_send - Send a RADIUS request * @radius: RADIUS client context from radius_client_init() * @msg: RADIUS message to be sent -@@ -1238,6 +1264,10 @@ radius_change_server(struct radius_clien +@@ -1711,6 +1737,10 @@ radius_change_server(struct radius_clien wpa_printf(MSG_DEBUG, "RADIUS local address: %s:%u", inet_ntoa(claddr.sin_addr), ntohs(claddr.sin_port)); @@ -61,7 +61,7 @@ } break; #ifdef CONFIG_IPV6 -@@ -1249,6 +1279,10 @@ radius_change_server(struct radius_clien +@@ -1722,6 +1752,10 @@ radius_change_server(struct radius_clien inet_ntop(AF_INET6, &claddr6.sin6_addr, abuf, sizeof(abuf)), ntohs(claddr6.sin6_port)); @@ -74,7 +74,7 @@ } --- a/src/radius/radius_client.h +++ b/src/radius/radius_client.h -@@ -249,6 +249,8 @@ int radius_client_register(struct radius +@@ -274,6 +274,8 @@ int radius_client_register(struct radius void radius_client_set_interim_error_cb(struct radius_client_data *radius, void (*cb)(const u8 *addr, void *ctx), void *ctx); @@ -85,7 +85,7 @@ RadiusType msg_type, const u8 *addr); --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c -@@ -598,6 +598,10 @@ int add_common_radius_attr(struct hostap +@@ -601,6 +601,10 @@ int add_common_radius_attr(struct hostap struct hostapd_radius_attr *attr; int len; @@ -98,7 +98,7 @@ hapd->conf->own_ip_addr.af == AF_INET && --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -2688,6 +2688,8 @@ static int hostapd_config_fill(struct ho +@@ -2819,6 +2819,8 @@ static int hostapd_config_fill(struct ho } else if (os_strcmp(buf, "iapp_interface") == 0) { wpa_printf(MSG_INFO, "DEPRECATED: iapp_interface not used"); #endif /* CONFIG_IAPP */ diff --git a/package/network/services/hostapd/patches/761-shared_das_port.patch b/package/network/services/hostapd/patches/761-shared_das_port.patch index cbb2a1be3c..333295bf22 100644 --- a/package/network/services/hostapd/patches/761-shared_das_port.patch +++ b/package/network/services/hostapd/patches/761-shared_das_port.patch @@ -10,7 +10,7 @@ unsigned int time_window; --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -1423,6 +1423,7 @@ int hostapd_setup_bss(struct hostapd_dat +@@ -1510,6 +1510,7 @@ int hostapd_setup_bss(struct hostapd_dat os_memset(&das_conf, 0, sizeof(das_conf)); das_conf.port = conf->radius_das_port; diff --git a/package/network/services/hostapd/patches/770-radius_server.patch b/package/network/services/hostapd/patches/770-radius_server.patch index 8837a26257..488347eb63 100644 --- a/package/network/services/hostapd/patches/770-radius_server.patch +++ b/package/network/services/hostapd/patches/770-radius_server.patch @@ -21,7 +21,7 @@ #ifndef CONFIG_NO_HOSTAPD_LOGGER static void hostapd_logger_cb(void *ctx, const u8 *addr, unsigned int module, -@@ -771,6 +772,11 @@ int main(int argc, char *argv[]) +@@ -778,6 +779,11 @@ int main(int argc, char *argv[]) if (os_program_init()) return -1; diff --git a/package/network/services/hostapd/patches/990-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch b/package/network/services/hostapd/patches/990-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch index 5809a3b7e8..b57550ac8b 100644 --- a/package/network/services/hostapd/patches/990-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch +++ b/package/network/services/hostapd/patches/990-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch @@ -13,7 +13,7 @@ Signed-off-by: David Bauer --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c -@@ -12763,7 +12763,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -13220,7 +13220,7 @@ char * wpa_supplicant_ctrl_iface_process if (wpas_ctrl_iface_coloc_intf_report(wpa_s, buf + 18)) reply_len = -1; #endif /* CONFIG_WNM */ @@ -22,7 +22,7 @@ Signed-off-by: David Bauer } else if (os_strncmp(buf, "DISASSOC_IMMINENT ", 18) == 0) { if (ap_ctrl_iface_disassoc_imminent(wpa_s, buf + 18)) reply_len = -1; -@@ -12773,7 +12773,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -13230,7 +13230,7 @@ char * wpa_supplicant_ctrl_iface_process } else if (os_strncmp(buf, "BSS_TM_REQ ", 11) == 0) { if (ap_ctrl_iface_bss_tm_req(wpa_s, buf + 11)) reply_len = -1; diff --git a/package/network/services/hostapd/patches/991-Fix-OpenWrt-13156.patch b/package/network/services/hostapd/patches/991-Fix-OpenWrt-13156.patch index 097d62abc0..4cd8eaa4d9 100644 --- a/package/network/services/hostapd/patches/991-Fix-OpenWrt-13156.patch +++ b/package/network/services/hostapd/patches/991-Fix-OpenWrt-13156.patch @@ -20,7 +20,7 @@ Signed-off-by: Stijn Tintel --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -3564,6 +3564,8 @@ int hostapd_remove_iface(struct hapd_int +@@ -3681,6 +3681,8 @@ int hostapd_remove_iface(struct hapd_int void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta, int reassoc) { @@ -29,14 +29,14 @@ Signed-off-by: Stijn Tintel if (hapd->tkip_countermeasures) { hostapd_drv_sta_deauth(hapd, sta->addr, WLAN_REASON_MICHAEL_MIC_FAILURE); -@@ -3571,10 +3573,16 @@ void hostapd_new_assoc_sta(struct hostap +@@ -3688,10 +3690,16 @@ void hostapd_new_assoc_sta(struct hostap } #ifdef CONFIG_IEEE80211BE -- if (hapd->conf->mld_ap && sta->mld_info.mld_sta && +- if (ap_sta_is_mld(hapd, sta) && - sta->mld_assoc_link_id != hapd->mld_link_id) - return; -+ if (hapd->conf->mld_ap && sta->mld_info.mld_sta) { ++ if (ap_sta_is_mld(hapd, sta)) { + if (sta->mld_assoc_link_id == hapd->mld_link_id) { + mld_assoc_link_id = sta->mld_assoc_link_id; + } else { @@ -51,7 +51,7 @@ Signed-off-by: Stijn Tintel sta->post_csa_sa_query = 0; --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c -@@ -1318,9 +1318,6 @@ void ap_sta_set_authorized(struct hostap +@@ -1414,9 +1414,6 @@ bool ap_sta_set_authorized_flag(struct h mld_assoc_link_id = -2; } #endif /* CONFIG_IEEE80211BE */ diff --git a/package/network/services/hostapd/patches/992-nl80211-add-extra-ies-only-if-allowed-by-driver.patch b/package/network/services/hostapd/patches/992-nl80211-add-extra-ies-only-if-allowed-by-driver.patch index c7b595da57..ca17791d84 100644 --- a/package/network/services/hostapd/patches/992-nl80211-add-extra-ies-only-if-allowed-by-driver.patch +++ b/package/network/services/hostapd/patches/992-nl80211-add-extra-ies-only-if-allowed-by-driver.patch @@ -26,7 +26,7 @@ Signed-off-by: David Bauer --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -2283,6 +2283,9 @@ struct wpa_driver_capa { +@@ -2344,6 +2344,9 @@ struct wpa_driver_capa { /** Maximum number of iterations in a single scan plan */ u32 max_sched_scan_plan_iterations; @@ -38,7 +38,7 @@ Signed-off-by: David Bauer --- a/src/drivers/driver_nl80211_capa.c +++ b/src/drivers/driver_nl80211_capa.c -@@ -949,6 +949,10 @@ static int wiphy_info_handler(struct nl_ +@@ -972,6 +972,10 @@ static int wiphy_info_handler(struct nl_ nla_get_u32(tb[NL80211_ATTR_MAX_SCAN_PLAN_ITERATIONS]); } @@ -51,7 +51,7 @@ Signed-off-by: David Bauer nla_get_u8(tb[NL80211_ATTR_MAX_MATCH_SETS]); --- a/src/drivers/driver_nl80211_scan.c +++ b/src/drivers/driver_nl80211_scan.c -@@ -222,7 +222,7 @@ nl80211_scan_common(struct i802_bss *bss +@@ -221,7 +221,7 @@ nl80211_scan_common(struct i802_bss *bss wpa_printf(MSG_DEBUG, "nl80211: Passive scan requested"); } diff --git a/package/network/services/hostapd/patches/993-2023-10-28-ACS-Fix-typo-in-bw_40-frequency-array.patch b/package/network/services/hostapd/patches/993-2023-10-28-ACS-Fix-typo-in-bw_40-frequency-array.patch deleted file mode 100644 index 948c51b196..0000000000 --- a/package/network/services/hostapd/patches/993-2023-10-28-ACS-Fix-typo-in-bw_40-frequency-array.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 7a733993211ad46cf3032038c1e7e6bdc2322336 Mon Sep 17 00:00:00 2001 -From: Michael-CY Lee -Date: Tue, 5 Sep 2023 09:43:25 +0800 -Subject: [PATCH] ACS: Fix typo in bw_40 frequency array - -The range for the 5 GHz channel 118 was encoded with an incorrect -channel number. - -Fixes: ed8e13decc71 (ACS: Extract bw40/80/160 freqs out of acs_usable_bwXXX_chan()) -Signed-off-by: Michael Lee ---- - src/ap/acs.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/src/ap/acs.c -+++ b/src/ap/acs.c -@@ -256,7 +256,7 @@ struct bw_item { - static const struct bw_item bw_40[] = { - { 5180, 5200, 38 }, { 5220, 5240, 46 }, { 5260, 5280, 54 }, - { 5300, 5320, 62 }, { 5500, 5520, 102 }, { 5540, 5560, 110 }, -- { 5580, 5600, 110 }, { 5620, 5640, 126}, { 5660, 5680, 134 }, -+ { 5580, 5600, 118 }, { 5620, 5640, 126 }, { 5660, 5680, 134 }, - { 5700, 5720, 142 }, { 5745, 5765, 151 }, { 5785, 5805, 159 }, - { 5825, 5845, 167 }, { 5865, 5885, 175 }, - { 5955, 5975, 3 }, { 5995, 6015, 11 }, { 6035, 6055, 19 }, diff --git a/package/network/services/hostapd/src/src/ap/ubus.c b/package/network/services/hostapd/src/src/ap/ubus.c index 66eba99901..8689494bcf 100644 --- a/package/network/services/hostapd/src/src/ap/ubus.c +++ b/package/network/services/hostapd/src/src/ap/ubus.c @@ -774,7 +774,8 @@ hostapd_switch_chan(struct ubus_context *ctx, struct ubus_object *obj, mode ? &mode->he_capab[IEEE80211_MODE_AP] : NULL, mode ? &mode->eht_capab[IEEE80211_MODE_AP] : - NULL); + NULL, + hostapd_get_punct_bitmap(hapd)); for (i = 0; i < hapd->iface->num_bss; i++) { struct hostapd_data *bss = hapd->iface->bss[i]; diff --git a/package/network/services/hostapd/src/src/ap/ubus.h b/package/network/services/hostapd/src/src/ap/ubus.h index b0f7c44ab5..22767d67ee 100644 --- a/package/network/services/hostapd/src/src/ap/ubus.h +++ b/package/network/services/hostapd/src/src/ap/ubus.h @@ -8,6 +8,8 @@ #ifndef __HOSTAPD_UBUS_H #define __HOSTAPD_UBUS_H +#include "sta_info.h" + enum hostapd_ubus_event_type { HOSTAPD_UBUS_PROBE_REQ, HOSTAPD_UBUS_AUTH_REQ, @@ -27,6 +29,7 @@ struct hostapd_iface; struct hostapd_data; struct hapd_interfaces; struct rrm_measurement_beacon_report; +struct sta_info; #ifdef UBUS_SUPPORT -- 2.30.2