From 395afc4c581ee8c06110774e3b769fbcd2d543d2 Mon Sep 17 00:00:00 2001 From: Ivan Pavlov Date: Thu, 15 Aug 2024 21:47:25 +0300 Subject: [PATCH] hostapd: update to 2.11 release tag Release 2.11 has been quite a few new features and fixes since the 2.10 release. The following ChangeLog entries highlight some of the main changes: * Wi-Fi Easy Connect - add support for DPP release 3 - allow Configurator parameters to be provided during config exchange * HE/IEEE 802.11ax/Wi-Fi 6 - various fixes * EHT/IEEE 802.11be/Wi-Fi 7 - add preliminary support * SAE: add support for fetching the password from a RADIUS server * support OpenSSL 3.0 API changes * support background radar detection and CAC with some additional drivers * support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3) * EAP-SIM/AKA: support IMSI privacy * improve 4-way handshake operations - use Secure=1 in message 3 during PTK rekeying ...and many more Remove upstreamed patches: 023-ndisc_snoop-call-dl_list_del-before-freeing-ipv6-add.patch 030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch 040-mesh-allow-processing-authentication-frames-in-block.patch 181-driver_nl80211-update-drv-ifindex-on-removing-the-fi.patch 182-nl80211-move-nl80211_put_freq_params-call-outside-of.patch 183-hostapd-cancel-channel_list_update_timeout-in-hostap.patch 210-build-de-duplicate-_DIRS-before-calling-mkdir.patch 253-qos_map_set_without_interworking.patch 751-qos_map_ignore_when_unsupported.patch 800-SAE-Check-for-invalid-Rejected-Groups-element-length.patch 801-SAE-Check-for-invalid-Rejected-Groups-element-length.patch 802-SAE-Reject-invalid-Rejected-Groups-element-in-the-pa.patch Other patches has been updated. Signed-off-by: Ivan Pavlov Link: https://github.com/openwrt/openwrt/pull/16338 Signed-off-by: Robert Marko --- package/network/services/hostapd/Makefile | 8 +- ...hannels-to-be-selected-if-dfs-is-ena.patch | 24 +- ...erministic-channel-on-channel-switch.patch | 8 +- ...ix-sta-add-after-previous-connection.patch | 4 +- ...-dl_list_del-before-freeing-ipv6-add.patch | 19 -- ...ewrite-neigh-code-to-not-depend-on-l.patch | 275 ------------------ ...ssing-authentication-frames-in-block.patch | 34 --- .../patches/050-Fix-OpenWrt-13156.patch | 6 +- ...-extra-ies-only-if-allowed-by-driver.patch | 4 +- ...ull-pointer-check-in-hostapd_free_ha.patch | 2 +- ...crash-when-adding-an-interface-fails.patch | 2 +- ...edtls-TLS-crypto-option-initial-port.patch | 22 +- .../patches/120-mbedtls-fips186_2_prf.patch | 2 +- ...efile-make-run-tests-with-CONFIG_TLS.patch | 22 +- ...tapd-update-cfs0-and-cfs1-for-160MHz.patch | 2 +- ...pdate-drv-ifindex-on-removing-the-fi.patch | 18 -- ...0211_put_freq_params-call-outside-of.patch | 34 --- ...hannel_list_update_timeout-in-hostap.patch | 28 -- .../hostapd/patches/200-multicall.patch | 56 ++-- .../patches/201-lto-jobserver-support.patch | 6 +- ...duplicate-_DIRS-before-calling-mkdir.patch | 23 -- ..._AP-functions-dependant-on-CONFIG_AP.patch | 4 +- .../patches/220-indicate-features.patch | 4 +- .../patches/250-hostapd_cli_ifdef.patch | 4 +- .../patches/252-disable_ctrl_iface_mib.patch | 32 +- ...253-qos_map_set_without_interworking.patch | 103 ------- .../services/hostapd/patches/300-noscan.patch | 6 +- .../hostapd/patches/301-mesh-noscan.patch | 12 +- .../patches/310-rescan_immediately.patch | 2 +- .../patches/330-nl80211_fix_set_freq.patch | 2 +- .../patches/350-nl80211_del_beacon_bss.patch | 26 +- ...dd-new-config-params-to-be-used-with.patch | 4 +- .../patches/463-add-mcast_rate-to-11s.patch | 6 +- .../patches/464-fix-mesh-obss-check.patch | 2 +- ...tapd-config-support-random-BSS-color.patch | 2 +- .../patches/470-survey_data_fallback.patch | 4 +- .../patches/590-rrm-wnm-statistics.patch | 6 +- .../hostapd/patches/600-ubus_support.patch | 85 +++--- .../hostapd/patches/601-ucode_support.patch | 76 ++--- .../patches/701-reload_config_inline.patch | 2 +- .../hostapd/patches/710-vlan_no_bridge.patch | 2 +- .../patches/711-wds_bridge_force.patch | 2 +- .../patches/720-iface_max_num_sta.patch | 8 +- .../hostapd/patches/730-ft_iface.patch | 4 +- .../hostapd/patches/740-snoop_iface.patch | 8 +- .../751-qos_map_ignore_when_unsupported.patch | 19 -- .../hostapd/patches/760-dynamic_own_ip.patch | 6 +- .../hostapd/patches/761-shared_das_port.patch | 28 +- ...probe-requests-with-invalid-DSSS-par.patch | 7 +- .../hostapd/patches/770-radius_server.patch | 8 +- ...ment-APuP-Access-Point-Micro-Peering.patch | 51 +--- ...us-notification-when-a-peer-comes-up.patch | 15 +- ...-ucode-hook-for-when-a-peer-comes-up.patch | 15 +- ...valid-Rejected-Groups-element-length.patch | 43 --- ...valid-Rejected-Groups-element-length.patch | 42 --- ...id-Rejected-Groups-element-in-the-pa.patch | 30 -- 56 files changed, 263 insertions(+), 1006 deletions(-) delete mode 100644 package/network/services/hostapd/patches/023-ndisc_snoop-call-dl_list_del-before-freeing-ipv6-add.patch delete mode 100644 package/network/services/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch delete mode 100644 package/network/services/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch delete mode 100644 package/network/services/hostapd/patches/181-driver_nl80211-update-drv-ifindex-on-removing-the-fi.patch delete mode 100644 package/network/services/hostapd/patches/182-nl80211-move-nl80211_put_freq_params-call-outside-of.patch delete mode 100644 package/network/services/hostapd/patches/183-hostapd-cancel-channel_list_update_timeout-in-hostap.patch delete mode 100644 package/network/services/hostapd/patches/210-build-de-duplicate-_DIRS-before-calling-mkdir.patch delete mode 100644 package/network/services/hostapd/patches/253-qos_map_set_without_interworking.patch delete mode 100644 package/network/services/hostapd/patches/751-qos_map_ignore_when_unsupported.patch delete mode 100644 package/network/services/hostapd/patches/800-SAE-Check-for-invalid-Rejected-Groups-element-length.patch delete mode 100644 package/network/services/hostapd/patches/801-SAE-Check-for-invalid-Rejected-Groups-element-length.patch delete mode 100644 package/network/services/hostapd/patches/802-SAE-Reject-invalid-Rejected-Groups-element-in-the-pa.patch diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile index 01a17291681..c3667303367 100644 --- a/package/network/services/hostapd/Makefile +++ b/package/network/services/hostapd/Makefile @@ -5,13 +5,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=hostapd -PKG_RELEASE:=4 +PKG_RELEASE:=1 PKG_SOURCE_URL:=https://w1.fi/hostap.git PKG_SOURCE_PROTO:=git -PKG_SOURCE_DATE:=2024-03-09 -PKG_SOURCE_VERSION:=695277a5b3da08b9a8a4e7117b933deb8b4950a7 -PKG_MIRROR_HASH:=57b8e64d24707e37e0df3359cee15dd5184b824b8622568833a5b8a0cae163ae +PKG_SOURCE_DATE:=2024-07-20 +PKG_SOURCE_VERSION:=d945ddd368085f255e68328f2d3b020ceea359af +PKG_MIRROR_HASH:=647508a242f2969d8a815edb69d47b107f10d2415604e44b0451c48875ae46bd PKG_MAINTAINER:=Felix Fietkau PKG_LICENSE:=BSD-3-Clause diff --git a/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch b/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch index 4291f015180..cbb91ddeabf 100644 --- a/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch +++ b/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch @@ -14,7 +14,7 @@ Signed-off-by: Peter Oh --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -2698,7 +2698,7 @@ static int drv_supports_vht(struct wpa_s +@@ -2809,7 +2809,7 @@ static int drv_supports_vht(struct wpa_s } @@ -23,7 +23,7 @@ Signed-off-by: Peter Oh { int i; -@@ -2707,7 +2707,10 @@ static bool ibss_mesh_is_80mhz_avail(int +@@ -2818,7 +2818,10 @@ static bool ibss_mesh_is_80mhz_avail(int chan = hw_get_channel_chan(mode, i, NULL); if (!chan || @@ -35,7 +35,7 @@ Signed-off-by: Peter Oh return false; } -@@ -2834,7 +2837,7 @@ static void ibss_mesh_select_40mhz(struc +@@ -2945,7 +2948,7 @@ static void ibss_mesh_select_40mhz(struc const struct wpa_ssid *ssid, struct hostapd_hw_modes *mode, struct hostapd_freq_params *freq, @@ -44,7 +44,7 @@ Signed-off-by: Peter Oh int chan_idx; struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL; int i, res; -@@ -2858,8 +2861,11 @@ static void ibss_mesh_select_40mhz(struc +@@ -2969,8 +2972,11 @@ static void ibss_mesh_select_40mhz(struc return; /* Check primary channel flags */ @@ -57,7 +57,7 @@ Signed-off-by: Peter Oh #ifdef CONFIG_HT_OVERRIDES if (ssid->disable_ht40) -@@ -2885,8 +2891,11 @@ static void ibss_mesh_select_40mhz(struc +@@ -2996,8 +3002,11 @@ static void ibss_mesh_select_40mhz(struc return; /* Check secondary channel flags */ @@ -70,7 +70,7 @@ Signed-off-by: Peter Oh if (ht40 == -1) { if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS)) -@@ -2940,7 +2949,7 @@ static bool ibss_mesh_select_80_160mhz(s +@@ -3052,7 +3061,7 @@ static bool ibss_mesh_select_80_160mhz(s const struct wpa_ssid *ssid, struct hostapd_hw_modes *mode, struct hostapd_freq_params *freq, @@ -79,7 +79,7 @@ Signed-off-by: Peter Oh static const int bw80[] = { 5180, 5260, 5500, 5580, 5660, 5745, 5825, 5955, 6035, 6115, 6195, 6275, 6355, 6435, -@@ -2985,7 +2994,7 @@ static bool ibss_mesh_select_80_160mhz(s +@@ -3097,7 +3106,7 @@ static bool ibss_mesh_select_80_160mhz(s goto skip_80mhz; /* Use 40 MHz if channel not usable */ @@ -88,7 +88,7 @@ Signed-off-by: Peter Oh goto skip_80mhz; chwidth = CONF_OPER_CHWIDTH_80MHZ; -@@ -2999,7 +3008,7 @@ static bool ibss_mesh_select_80_160mhz(s +@@ -3111,7 +3120,7 @@ static bool ibss_mesh_select_80_160mhz(s if ((mode->he_capab[ieee80211_mode].phy_cap[ HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] & HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz && @@ -97,7 +97,7 @@ Signed-off-by: Peter Oh for (j = 0; j < ARRAY_SIZE(bw160); j++) { if (freq->freq == bw160[j]) { chwidth = CONF_OPER_CHWIDTH_160MHZ; -@@ -3027,10 +3036,12 @@ static bool ibss_mesh_select_80_160mhz(s +@@ -3139,10 +3148,12 @@ static bool ibss_mesh_select_80_160mhz(s if (!chan) continue; @@ -113,15 +113,15 @@ Signed-off-by: Peter Oh /* Found a suitable second segment for 80+80 */ chwidth = CONF_OPER_CHWIDTH_80P80MHZ; -@@ -3085,6 +3096,7 @@ void ibss_mesh_setup_freq(struct wpa_sup - int i, obss_scan = 1; +@@ -3197,6 +3208,7 @@ void ibss_mesh_setup_freq(struct wpa_sup + int obss_scan = 1; u8 channel; bool is_6ghz, is_24ghz; + bool dfs_enabled = wpa_s->conf->country[0] && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR); freq->freq = ssid->frequency; -@@ -3133,9 +3145,9 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -3239,9 +3251,9 @@ void ibss_mesh_setup_freq(struct wpa_sup freq->channel = channel; /* Setup higher BW only for 5 GHz */ if (mode->mode == HOSTAPD_MODE_IEEE80211A) { diff --git a/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch b/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch index a53fcc480c6..f22841c63ba 100644 --- a/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch +++ b/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch @@ -21,7 +21,7 @@ Signed-off-by: Markus Theil --- a/src/ap/dfs.c +++ b/src/ap/dfs.c -@@ -17,6 +17,7 @@ +@@ -18,6 +18,7 @@ #include "ap_drv_ops.h" #include "drivers/driver.h" #include "dfs.h" @@ -29,7 +29,7 @@ Signed-off-by: Markus Theil enum dfs_channel_type { -@@ -526,9 +527,14 @@ dfs_get_valid_channel(struct hostapd_ifa +@@ -527,9 +528,14 @@ dfs_get_valid_channel(struct hostapd_ifa int num_available_chandefs; int chan_idx, chan_idx2; int sec_chan_idx_80p80 = -1; @@ -44,7 +44,7 @@ Signed-off-by: Markus Theil wpa_printf(MSG_DEBUG, "DFS: Selecting random channel"); *secondary_channel = 0; *oper_centr_freq_seg0_idx = 0; -@@ -548,8 +554,20 @@ dfs_get_valid_channel(struct hostapd_ifa +@@ -549,8 +555,20 @@ dfs_get_valid_channel(struct hostapd_ifa if (num_available_chandefs == 0) return NULL; @@ -68,7 +68,7 @@ Signed-off-by: Markus Theil chan_idx, num_available_chandefs); --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -11195,6 +11195,10 @@ static int nl80211_switch_channel(void * +@@ -11306,6 +11306,10 @@ static int nl80211_switch_channel(void * if (ret) goto error; diff --git a/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch b/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch index a4a90933b17..a39f03c0f1e 100644 --- a/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch +++ b/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch @@ -4,7 +4,7 @@ Subject: [PATCH] fix adding back stations after a missed deauth/disassoc --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c -@@ -4659,6 +4659,13 @@ static int add_associated_sta(struct hos +@@ -4756,6 +4756,13 @@ static int add_associated_sta(struct hos * drivers to accept the STA parameter configuration. Since this is * after a new FT-over-DS exchange, a new TK has been derived, so key * reinstallation is not a concern for this case. @@ -18,7 +18,7 @@ Subject: [PATCH] fix adding back stations after a missed deauth/disassoc */ wpa_printf(MSG_DEBUG, "Add associated STA " MACSTR " (added_unassoc=%d auth_alg=%u ft_over_ds=%u reassoc=%d authorized=%d ft_tk=%d fils_tk=%d)", -@@ -4672,7 +4679,8 @@ static int add_associated_sta(struct hos +@@ -4769,7 +4776,8 @@ static int add_associated_sta(struct hos (!(sta->flags & WLAN_STA_AUTHORIZED) || (reassoc && sta->ft_over_ds && sta->auth_alg == WLAN_AUTH_FT) || (!wpa_auth_sta_ft_tk_already_set(sta->wpa_sm) && diff --git a/package/network/services/hostapd/patches/023-ndisc_snoop-call-dl_list_del-before-freeing-ipv6-add.patch b/package/network/services/hostapd/patches/023-ndisc_snoop-call-dl_list_del-before-freeing-ipv6-add.patch deleted file mode 100644 index 9ff9b2398de..00000000000 --- a/package/network/services/hostapd/patches/023-ndisc_snoop-call-dl_list_del-before-freeing-ipv6-add.patch +++ /dev/null @@ -1,19 +0,0 @@ -From: Felix Fietkau -Date: Wed, 28 Jul 2021 05:43:29 +0200 -Subject: [PATCH] ndisc_snoop: call dl_list_del before freeing ipv6 addresses - -Fixes a segmentation fault on sta disconnect - -Signed-off-by: Felix Fietkau ---- - ---- a/src/ap/ndisc_snoop.c -+++ b/src/ap/ndisc_snoop.c -@@ -61,6 +61,7 @@ void sta_ip6addr_del(struct hostapd_data - dl_list_for_each_safe(ip6addr, prev, &sta->ip6addr, struct ip6addr, - list) { - hostapd_drv_br_delete_ip_neigh(hapd, 6, (u8 *) &ip6addr->addr); -+ dl_list_del(&ip6addr->list); - os_free(ip6addr); - } - } diff --git a/package/network/services/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch b/package/network/services/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch deleted file mode 100644 index c5cf8b1b798..00000000000 --- a/package/network/services/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch +++ /dev/null @@ -1,275 +0,0 @@ -From: Felix Fietkau -Date: Wed, 28 Jul 2021 05:49:46 +0200 -Subject: [PATCH] driver_nl80211: rewrite neigh code to not depend on - libnl3-route - -Removes an unnecessary dependency and also makes the code smaller - -Signed-off-by: Felix Fietkau ---- - ---- a/src/drivers/driver_nl80211.c -+++ b/src/drivers/driver_nl80211.c -@@ -18,9 +18,6 @@ - #include - #include - #include --#ifdef CONFIG_LIBNL3_ROUTE --#include --#endif /* CONFIG_LIBNL3_ROUTE */ - #include - #include - #include -@@ -5859,26 +5856,29 @@ fail: - - static void rtnl_neigh_delete_fdb_entry(struct i802_bss *bss, const u8 *addr) - { --#ifdef CONFIG_LIBNL3_ROUTE - struct wpa_driver_nl80211_data *drv = bss->drv; -- struct rtnl_neigh *rn; -- struct nl_addr *nl_addr; -+ struct ndmsg nhdr = { -+ .ndm_state = NUD_PERMANENT, -+ .ndm_ifindex = bss->ifindex, -+ .ndm_family = AF_BRIDGE, -+ }; -+ struct nl_msg *msg; - int err; - -- rn = rtnl_neigh_alloc(); -- if (!rn) -+ msg = nlmsg_alloc_simple(RTM_DELNEIGH, NLM_F_CREATE); -+ if (!msg) - return; - -- rtnl_neigh_set_family(rn, AF_BRIDGE); -- rtnl_neigh_set_ifindex(rn, bss->ifindex); -- nl_addr = nl_addr_build(AF_BRIDGE, (void *) addr, ETH_ALEN); -- if (!nl_addr) { -- rtnl_neigh_put(rn); -- return; -- } -- rtnl_neigh_set_lladdr(rn, nl_addr); -+ if (nlmsg_append(msg, &nhdr, sizeof(nhdr), NLMSG_ALIGNTO) < 0) -+ goto errout; -+ -+ if (nla_put(msg, NDA_LLADDR, ETH_ALEN, (void *)addr)) -+ goto errout; -+ -+ if (nl_send_auto_complete(drv->rtnl_sk, msg) < 0) -+ goto errout; - -- err = rtnl_neigh_delete(drv->rtnl_sk, rn, 0); -+ err = nl_wait_for_ack(drv->rtnl_sk); - if (err < 0) { - wpa_printf(MSG_DEBUG, "nl80211: bridge FDB entry delete for " - MACSTR " ifindex=%d failed: %s", MAC2STR(addr), -@@ -5888,9 +5888,8 @@ static void rtnl_neigh_delete_fdb_entry( - MACSTR, MAC2STR(addr)); - } - -- nl_addr_put(nl_addr); -- rtnl_neigh_put(rn); --#endif /* CONFIG_LIBNL3_ROUTE */ -+errout: -+ nlmsg_free(msg); - } - - -@@ -8615,7 +8614,6 @@ static void *i802_init(struct hostapd_da - (params->num_bridge == 0 || !params->bridge[0])) - add_ifidx(drv, br_ifindex, drv->ifindex); - --#ifdef CONFIG_LIBNL3_ROUTE - if (bss->added_if_into_bridge || bss->already_in_bridge) { - int err; - -@@ -8632,7 +8630,6 @@ static void *i802_init(struct hostapd_da - goto failed; - } - } --#endif /* CONFIG_LIBNL3_ROUTE */ - - if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) { - wpa_printf(MSG_DEBUG, -@@ -12071,13 +12068,14 @@ static int wpa_driver_br_add_ip_neigh(vo - const u8 *ipaddr, int prefixlen, - const u8 *addr) - { --#ifdef CONFIG_LIBNL3_ROUTE - struct i802_bss *bss = priv; - struct wpa_driver_nl80211_data *drv = bss->drv; -- struct rtnl_neigh *rn; -- struct nl_addr *nl_ipaddr = NULL; -- struct nl_addr *nl_lladdr = NULL; -- int family, addrsize; -+ struct ndmsg nhdr = { -+ .ndm_state = NUD_PERMANENT, -+ .ndm_ifindex = bss->br_ifindex, -+ }; -+ struct nl_msg *msg; -+ int addrsize; - int res; - - if (!ipaddr || prefixlen == 0 || !addr) -@@ -12096,85 +12094,66 @@ static int wpa_driver_br_add_ip_neigh(vo - } - - if (version == 4) { -- family = AF_INET; -+ nhdr.ndm_family = AF_INET; - addrsize = 4; - } else if (version == 6) { -- family = AF_INET6; -+ nhdr.ndm_family = AF_INET6; - addrsize = 16; - } else { - return -EINVAL; - } - -- rn = rtnl_neigh_alloc(); -- if (rn == NULL) -+ msg = nlmsg_alloc_simple(RTM_NEWNEIGH, NLM_F_CREATE); -+ if (!msg) - return -ENOMEM; - -- /* set the destination ip address for neigh */ -- nl_ipaddr = nl_addr_build(family, (void *) ipaddr, addrsize); -- if (nl_ipaddr == NULL) { -- wpa_printf(MSG_DEBUG, "nl80211: nl_ipaddr build failed"); -- res = -ENOMEM; -+ res = -ENOMEM; -+ if (nlmsg_append(msg, &nhdr, sizeof(nhdr), NLMSG_ALIGNTO) < 0) - goto errout; -- } -- nl_addr_set_prefixlen(nl_ipaddr, prefixlen); -- res = rtnl_neigh_set_dst(rn, nl_ipaddr); -- if (res) { -- wpa_printf(MSG_DEBUG, -- "nl80211: neigh set destination addr failed"); -+ -+ if (nla_put(msg, NDA_DST, addrsize, (void *)ipaddr)) - goto errout; -- } - -- /* set the corresponding lladdr for neigh */ -- nl_lladdr = nl_addr_build(AF_BRIDGE, (u8 *) addr, ETH_ALEN); -- if (nl_lladdr == NULL) { -- wpa_printf(MSG_DEBUG, "nl80211: neigh set lladdr failed"); -- res = -ENOMEM; -+ if (nla_put(msg, NDA_LLADDR, ETH_ALEN, (void *)addr)) - goto errout; -- } -- rtnl_neigh_set_lladdr(rn, nl_lladdr); - -- rtnl_neigh_set_ifindex(rn, bss->br_ifindex); -- rtnl_neigh_set_state(rn, NUD_PERMANENT); -+ res = nl_send_auto_complete(drv->rtnl_sk, msg); -+ if (res < 0) -+ goto errout; - -- res = rtnl_neigh_add(drv->rtnl_sk, rn, NLM_F_CREATE); -+ res = nl_wait_for_ack(drv->rtnl_sk); - if (res) { - wpa_printf(MSG_DEBUG, - "nl80211: Adding bridge ip neigh failed: %s", - nl_geterror(res)); - } - errout: -- if (nl_lladdr) -- nl_addr_put(nl_lladdr); -- if (nl_ipaddr) -- nl_addr_put(nl_ipaddr); -- if (rn) -- rtnl_neigh_put(rn); -+ nlmsg_free(msg); - return res; --#else /* CONFIG_LIBNL3_ROUTE */ -- return -1; --#endif /* CONFIG_LIBNL3_ROUTE */ - } - - - static int wpa_driver_br_delete_ip_neigh(void *priv, u8 version, - const u8 *ipaddr) - { --#ifdef CONFIG_LIBNL3_ROUTE - struct i802_bss *bss = priv; - struct wpa_driver_nl80211_data *drv = bss->drv; -- struct rtnl_neigh *rn; -- struct nl_addr *nl_ipaddr; -- int family, addrsize; -+ struct ndmsg nhdr = { -+ .ndm_state = NUD_PERMANENT, -+ .ndm_ifindex = bss->br_ifindex, -+ }; -+ struct nl_msg *msg; -+ int addrsize; - int res; - - if (!ipaddr) - return -EINVAL; - - if (version == 4) { -- family = AF_INET; -+ nhdr.ndm_family = AF_INET; - addrsize = 4; - } else if (version == 6) { -- family = AF_INET6; -+ nhdr.ndm_family = AF_INET6; - addrsize = 16; - } else { - return -EINVAL; -@@ -12192,41 +12171,30 @@ static int wpa_driver_br_delete_ip_neigh - return -1; - } - -- rn = rtnl_neigh_alloc(); -- if (rn == NULL) -+ msg = nlmsg_alloc_simple(RTM_DELNEIGH, NLM_F_CREATE); -+ if (!msg) - return -ENOMEM; - -- /* set the destination ip address for neigh */ -- nl_ipaddr = nl_addr_build(family, (void *) ipaddr, addrsize); -- if (nl_ipaddr == NULL) { -- wpa_printf(MSG_DEBUG, "nl80211: nl_ipaddr build failed"); -- res = -ENOMEM; -+ res = -ENOMEM; -+ if (nlmsg_append(msg, &nhdr, sizeof(nhdr), NLMSG_ALIGNTO) < 0) - goto errout; -- } -- res = rtnl_neigh_set_dst(rn, nl_ipaddr); -- if (res) { -- wpa_printf(MSG_DEBUG, -- "nl80211: neigh set destination addr failed"); -+ -+ if (nla_put(msg, NDA_DST, addrsize, (void *)ipaddr)) - goto errout; -- } - -- rtnl_neigh_set_ifindex(rn, bss->br_ifindex); -+ res = nl_send_auto_complete(drv->rtnl_sk, msg); -+ if (res < 0) -+ goto errout; - -- res = rtnl_neigh_delete(drv->rtnl_sk, rn, 0); -+ res = nl_wait_for_ack(drv->rtnl_sk); - if (res) { - wpa_printf(MSG_DEBUG, - "nl80211: Deleting bridge ip neigh failed: %s", - nl_geterror(res)); - } - errout: -- if (nl_ipaddr) -- nl_addr_put(nl_ipaddr); -- if (rn) -- rtnl_neigh_put(rn); -+ nlmsg_free(msg); - return res; --#else /* CONFIG_LIBNL3_ROUTE */ -- return -1; --#endif /* CONFIG_LIBNL3_ROUTE */ - } - - diff --git a/package/network/services/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch b/package/network/services/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch deleted file mode 100644 index 636ec2d9c8b..00000000000 --- a/package/network/services/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch +++ /dev/null @@ -1,34 +0,0 @@ -From: Felix Fietkau -Date: Mon, 18 Feb 2019 12:57:11 +0100 -Subject: [PATCH] mesh: allow processing authentication frames in blocked state - -If authentication fails repeatedly e.g. because of a weak signal, the link -can end up in blocked state. If one of the nodes tries to establish a link -again before it is unblocked on the other side, it will block the link to -that other side. The same happens on the other side when it unblocks the -link. In that scenario, the link never recovers on its own. - -To fix this, allow restarting authentication even if the link is in blocked -state, but don't initiate the attempt until the blocked period is over. - -Signed-off-by: Felix Fietkau ---- - ---- a/src/ap/ieee802_11.c -+++ b/src/ap/ieee802_11.c -@@ -3032,15 +3032,6 @@ static void handle_auth(struct hostapd_d - seq_ctrl); - return; - } --#ifdef CONFIG_MESH -- if ((hapd->conf->mesh & MESH_ENABLED) && -- sta->plink_state == PLINK_BLOCKED) { -- wpa_printf(MSG_DEBUG, "Mesh peer " MACSTR -- " is blocked - drop Authentication frame", -- MAC2STR(sa)); -- return; -- } --#endif /* CONFIG_MESH */ - #ifdef CONFIG_PASN - if (auth_alg == WLAN_AUTH_PASN && - (sta->flags & WLAN_STA_ASSOC)) { diff --git a/package/network/services/hostapd/patches/050-Fix-OpenWrt-13156.patch b/package/network/services/hostapd/patches/050-Fix-OpenWrt-13156.patch index a044409d2d8..0456ef20b1b 100644 --- a/package/network/services/hostapd/patches/050-Fix-OpenWrt-13156.patch +++ b/package/network/services/hostapd/patches/050-Fix-OpenWrt-13156.patch @@ -20,7 +20,7 @@ Signed-off-by: Stijn Tintel --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -3646,6 +3646,8 @@ int hostapd_remove_iface(struct hapd_int +@@ -3993,6 +3993,8 @@ int hostapd_remove_iface(struct hapd_int void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta, int reassoc) { @@ -29,7 +29,7 @@ Signed-off-by: Stijn Tintel if (hapd->tkip_countermeasures) { hostapd_drv_sta_deauth(hapd, sta->addr, WLAN_REASON_MICHAEL_MIC_FAILURE); -@@ -3653,10 +3655,16 @@ void hostapd_new_assoc_sta(struct hostap +@@ -4000,10 +4002,16 @@ void hostapd_new_assoc_sta(struct hostap } #ifdef CONFIG_IEEE80211BE @@ -51,7 +51,7 @@ Signed-off-by: Stijn Tintel sta->post_csa_sa_query = 0; --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c -@@ -1412,9 +1412,6 @@ bool ap_sta_set_authorized_flag(struct h +@@ -1485,9 +1485,6 @@ bool ap_sta_set_authorized_flag(struct h mld_assoc_link_id = -2; } #endif /* CONFIG_IEEE80211BE */ diff --git a/package/network/services/hostapd/patches/051-nl80211-add-extra-ies-only-if-allowed-by-driver.patch b/package/network/services/hostapd/patches/051-nl80211-add-extra-ies-only-if-allowed-by-driver.patch index de4d4ad3c24..d3c261d077b 100644 --- a/package/network/services/hostapd/patches/051-nl80211-add-extra-ies-only-if-allowed-by-driver.patch +++ b/package/network/services/hostapd/patches/051-nl80211-add-extra-ies-only-if-allowed-by-driver.patch @@ -26,7 +26,7 @@ Signed-off-by: David Bauer --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -2340,6 +2340,9 @@ struct wpa_driver_capa { +@@ -2355,6 +2355,9 @@ struct wpa_driver_capa { /** Maximum number of iterations in a single scan plan */ u32 max_sched_scan_plan_iterations; @@ -38,7 +38,7 @@ Signed-off-by: David Bauer --- a/src/drivers/driver_nl80211_capa.c +++ b/src/drivers/driver_nl80211_capa.c -@@ -972,6 +972,10 @@ static int wiphy_info_handler(struct nl_ +@@ -976,6 +976,10 @@ static int wiphy_info_handler(struct nl_ nla_get_u32(tb[NL80211_ATTR_MAX_SCAN_PLAN_ITERATIONS]); } diff --git a/package/network/services/hostapd/patches/052-AP-add-missing-null-pointer-check-in-hostapd_free_ha.patch b/package/network/services/hostapd/patches/052-AP-add-missing-null-pointer-check-in-hostapd_free_ha.patch index 85d5127f600..01a0fba600e 100644 --- a/package/network/services/hostapd/patches/052-AP-add-missing-null-pointer-check-in-hostapd_free_ha.patch +++ b/package/network/services/hostapd/patches/052-AP-add-missing-null-pointer-check-in-hostapd_free_ha.patch @@ -9,7 +9,7 @@ Signed-off-by: Felix Fietkau --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -502,7 +502,7 @@ void hostapd_free_hapd_data(struct hosta +@@ -485,7 +485,7 @@ void hostapd_free_hapd_data(struct hosta struct hapd_interfaces *ifaces = hapd->iface->interfaces; size_t i; diff --git a/package/network/services/hostapd/patches/060-nl80211-fix-crash-when-adding-an-interface-fails.patch b/package/network/services/hostapd/patches/060-nl80211-fix-crash-when-adding-an-interface-fails.patch index 1df2eff3875..028d3563c36 100644 --- a/package/network/services/hostapd/patches/060-nl80211-fix-crash-when-adding-an-interface-fails.patch +++ b/package/network/services/hostapd/patches/060-nl80211-fix-crash-when-adding-an-interface-fails.patch @@ -10,7 +10,7 @@ Signed-off-by: Felix Fietkau --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -3071,7 +3071,7 @@ static int wpa_driver_nl80211_del_beacon +@@ -3083,7 +3083,7 @@ static int wpa_driver_nl80211_del_beacon struct wpa_driver_nl80211_data *drv = bss->drv; struct i802_link *link = nl80211_get_link(bss, link_id); diff --git a/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch b/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch index b55c0b1f845..ca56b38f686 100644 --- a/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch +++ b/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch @@ -273,7 +273,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_RADIUS_SERVER CFLAGS += -DRADIUS_SERVER -@@ -1341,7 +1426,9 @@ NOBJS += ../src/utils/trace.o +@@ -1342,7 +1427,9 @@ NOBJS += ../src/utils/trace.o endif HOBJS += hlr_auc_gw.o ../src/utils/common.o ../src/utils/wpa_debug.o ../src/utils/os_$(CONFIG_OS).o ../src/utils/wpabuf.o ../src/crypto/milenage.o @@ -283,7 +283,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_INTERNAL_AES HOBJS += ../src/crypto/aes-internal.o HOBJS += ../src/crypto/aes-internal-enc.o -@@ -1364,13 +1451,17 @@ SOBJS += ../src/common/sae.o +@@ -1365,13 +1452,17 @@ SOBJS += ../src/common/sae.o SOBJS += ../src/common/sae_pk.o SOBJS += ../src/common/dragonfly.o SOBJS += $(AESOBJS) @@ -7765,7 +7765,7 @@ Signed-off-by: Glenn Strauss CONFIG_SIM_SIMULATOR=y --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -1229,6 +1229,29 @@ endif +@@ -1230,6 +1230,29 @@ endif CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\" endif @@ -7795,7 +7795,7 @@ Signed-off-by: Glenn Strauss ifeq ($(CONFIG_TLS), gnutls) ifndef CONFIG_CRYPTO # default to libgcrypt -@@ -1421,9 +1444,11 @@ endif +@@ -1422,9 +1445,11 @@ endif ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), wolfssl) @@ -7807,7 +7807,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_OPENSSL_INTERNAL_AES_WRAP # Seems to be needed at least with BoringSSL NEED_INTERNAL_AES_WRAP=y -@@ -1437,9 +1462,11 @@ endif +@@ -1438,9 +1463,11 @@ endif ifdef NEED_INTERNAL_AES_WRAP ifneq ($(CONFIG_TLS), linux) @@ -7819,7 +7819,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_AES_EAX AESOBJS += ../src/crypto/aes-eax.o NEED_AES_CTR=y -@@ -1449,35 +1476,45 @@ AESOBJS += ../src/crypto/aes-siv.o +@@ -1450,35 +1477,45 @@ AESOBJS += ../src/crypto/aes-siv.o NEED_AES_CTR=y endif ifdef NEED_AES_CTR @@ -7865,7 +7865,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_AES_ENC ifdef CONFIG_INTERNAL_AES AESOBJS += ../src/crypto/aes-internal-enc.o -@@ -1492,12 +1529,16 @@ ifneq ($(CONFIG_TLS), openssl) +@@ -1493,12 +1530,16 @@ ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), linux) ifneq ($(CONFIG_TLS), gnutls) ifneq ($(CONFIG_TLS), wolfssl) @@ -7882,7 +7882,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_INTERNAL_SHA1 SHA1OBJS += ../src/crypto/sha1-internal.o ifdef NEED_FIPS186_2_PRF -@@ -1509,29 +1550,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2 +@@ -1510,29 +1551,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2 else ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), wolfssl) @@ -7920,7 +7920,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_MD5 ifdef CONFIG_INTERNAL_MD5 MD5OBJS += ../src/crypto/md5-internal.o -@@ -1586,12 +1635,17 @@ ifneq ($(CONFIG_TLS), openssl) +@@ -1587,12 +1636,17 @@ ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), linux) ifneq ($(CONFIG_TLS), gnutls) ifneq ($(CONFIG_TLS), wolfssl) @@ -7938,7 +7938,7 @@ Signed-off-by: Glenn Strauss ifdef CONFIG_INTERNAL_SHA256 SHA256OBJS += ../src/crypto/sha256-internal.o endif -@@ -1604,50 +1658,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512 +@@ -1605,50 +1659,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512 SHA256OBJS += ../src/crypto/sha512-internal.o endif ifdef NEED_TLS_PRF_SHA256 @@ -8007,7 +8007,7 @@ Signed-off-by: Glenn Strauss ifdef NEED_ASN1 OBJS += ../src/tls/asn1.o -@@ -1822,10 +1894,12 @@ ifdef CONFIG_FIPS +@@ -1823,10 +1895,12 @@ ifdef CONFIG_FIPS CFLAGS += -DCONFIG_FIPS ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), wolfssl) diff --git a/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch b/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch index c101fbf75ff..ebb7b51be6e 100644 --- a/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch +++ b/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch @@ -101,7 +101,7 @@ Signed-off-by: Glenn Strauss --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -1240,10 +1240,6 @@ endif +@@ -1241,10 +1241,6 @@ endif OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o OBJS_p += ../src/crypto/crypto_$(CONFIG_CRYPTO).o OBJS_priv += ../src/crypto/crypto_$(CONFIG_CRYPTO).o diff --git a/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch b/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch index 32e8ec3a89a..fd6055d2911 100644 --- a/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch +++ b/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch @@ -696,7 +696,7 @@ Signed-off-by: Glenn Strauss + if tls.startswith("mbed TLS"): + raise HwsimSkip("TLS v1.3 not supported") ok = ['run=OpenSSL 1.1.1', 'run=OpenSSL 3.0', 'run=OpenSSL 3.1', - 'run=OpenSSL 3.2', 'wolfSSL'] + 'run=OpenSSL 3.2', 'run=OpenSSL 3.3', 'wolfSSL'] for s in ok: @@ -122,11 +161,15 @@ def check_pkcs12_support(dev): # raise HwsimSkip("PKCS#12 not supported with this TLS library: " + tls) @@ -935,7 +935,7 @@ Signed-off-by: Glenn Strauss --- a/tests/hwsim/test_ap_ft.py +++ b/tests/hwsim/test_ap_ft.py -@@ -2486,11 +2486,11 @@ def test_ap_ft_ap_oom5(dev, apdev): +@@ -2494,11 +2494,11 @@ def test_ap_ft_ap_oom5(dev, apdev): # This will fail to roam dev[0].roam(bssid1, check_bssid=False) @@ -1079,7 +1079,7 @@ Signed-off-by: Glenn Strauss dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS", --- a/tests/hwsim/test_fils.py +++ b/tests/hwsim/test_fils.py -@@ -1472,6 +1472,10 @@ def check_ec_group(dev, group): +@@ -1477,6 +1477,10 @@ def check_ec_group(dev, group): tls = dev.request("GET tls_library") if tls.startswith("wolfSSL"): return @@ -1124,7 +1124,7 @@ Signed-off-by: Glenn Strauss heavy_groups = [14, 15, 16] suitable_groups = [15, 16, 17, 18, 19, 20, 21] groups = [str(g) for g in sae_groups] -@@ -2194,6 +2199,8 @@ def run_sae_pwe_group(dev, apdev, group) +@@ -2232,6 +2237,8 @@ def run_sae_pwe_group(dev, apdev, group) logger.info("Add Brainpool EC groups since OpenSSL is new enough") elif tls.startswith("wolfSSL"): logger.info("Make sure Brainpool EC groups were enabled when compiling wolfSSL") @@ -1154,7 +1154,7 @@ Signed-off-by: Glenn Strauss ca_cert="auth_serv/rsa3072-ca.pem", --- a/tests/hwsim/test_wpas_ctrl.py +++ b/tests/hwsim/test_wpas_ctrl.py -@@ -1842,7 +1842,7 @@ def _test_wpas_ctrl_oom(dev): +@@ -1856,7 +1856,7 @@ def _test_wpas_ctrl_oom(dev): tls = dev[0].request("GET tls_library") if not tls.startswith("internal"): tests.append(('NFC_GET_HANDOVER_SEL NDEF P2P-CR-TAG', 'FAIL', @@ -1294,7 +1294,7 @@ Signed-off-by: Glenn Strauss if (need_more_data) { --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -1188,6 +1188,7 @@ TLS_FUNCS=y +@@ -1189,6 +1189,7 @@ TLS_FUNCS=y endif ifeq ($(CONFIG_TLS), wolfssl) @@ -1302,7 +1302,7 @@ Signed-off-by: Glenn Strauss ifdef TLS_FUNCS CFLAGS += -DWOLFSSL_DER_LOAD OBJS += ../src/crypto/tls_wolfssl.o -@@ -1203,6 +1204,7 @@ LIBS_p += -lwolfssl -lm +@@ -1204,6 +1205,7 @@ LIBS_p += -lwolfssl -lm endif ifeq ($(CONFIG_TLS), openssl) @@ -1310,7 +1310,7 @@ Signed-off-by: Glenn Strauss CFLAGS += -DCRYPTO_RSA_OAEP_SHA256 ifdef TLS_FUNCS CFLAGS += -DEAP_TLS_OPENSSL -@@ -1230,6 +1232,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF +@@ -1231,6 +1233,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF endif ifeq ($(CONFIG_TLS), mbedtls) @@ -1318,7 +1318,7 @@ Signed-off-by: Glenn Strauss ifndef CONFIG_CRYPTO CONFIG_CRYPTO=mbedtls endif -@@ -1249,6 +1252,7 @@ endif +@@ -1250,6 +1253,7 @@ endif endif ifeq ($(CONFIG_TLS), gnutls) @@ -1326,7 +1326,7 @@ Signed-off-by: Glenn Strauss ifndef CONFIG_CRYPTO # default to libgcrypt CONFIG_CRYPTO=gnutls -@@ -1279,6 +1283,7 @@ endif +@@ -1280,6 +1284,7 @@ endif endif ifeq ($(CONFIG_TLS), internal) @@ -1334,7 +1334,7 @@ Signed-off-by: Glenn Strauss ifndef CONFIG_CRYPTO CONFIG_CRYPTO=internal endif -@@ -1359,6 +1364,7 @@ endif +@@ -1360,6 +1365,7 @@ endif endif ifeq ($(CONFIG_TLS), linux) diff --git a/package/network/services/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch b/package/network/services/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch index 96f674a77d5..0f7b8ef7f78 100644 --- a/package/network/services/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch +++ b/package/network/services/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch @@ -130,7 +130,7 @@ Signed-off-by: P Praneesh #undef VHT_CAP_CHECK_MAX --- a/src/common/ieee802_11_defs.h +++ b/src/common/ieee802_11_defs.h -@@ -1397,6 +1397,8 @@ struct ieee80211_ampe_ie { +@@ -1398,6 +1398,8 @@ struct ieee80211_ampe_ie { #define VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB ((u32) BIT(26) | BIT(27)) #define VHT_CAP_RX_ANTENNA_PATTERN ((u32) BIT(28)) #define VHT_CAP_TX_ANTENNA_PATTERN ((u32) BIT(29)) diff --git a/package/network/services/hostapd/patches/181-driver_nl80211-update-drv-ifindex-on-removing-the-fi.patch b/package/network/services/hostapd/patches/181-driver_nl80211-update-drv-ifindex-on-removing-the-fi.patch deleted file mode 100644 index b54abecc4f7..00000000000 --- a/package/network/services/hostapd/patches/181-driver_nl80211-update-drv-ifindex-on-removing-the-fi.patch +++ /dev/null @@ -1,18 +0,0 @@ -From: Felix Fietkau -Date: Thu, 14 Sep 2023 11:28:03 +0200 -Subject: [PATCH] driver_nl80211: update drv->ifindex on removing the first - BSS - -Signed-off-by: Felix Fietkau ---- - ---- a/src/drivers/driver_nl80211.c -+++ b/src/drivers/driver_nl80211.c -@@ -8985,6 +8985,7 @@ static int wpa_driver_nl80211_if_remove( - if (drv->first_bss->next) { - drv->first_bss = drv->first_bss->next; - drv->ctx = drv->first_bss->ctx; -+ drv->ifindex = drv->first_bss->ifindex; - os_free(bss); - } else { - wpa_printf(MSG_DEBUG, "nl80211: No second BSS to reassign context to"); diff --git a/package/network/services/hostapd/patches/182-nl80211-move-nl80211_put_freq_params-call-outside-of.patch b/package/network/services/hostapd/patches/182-nl80211-move-nl80211_put_freq_params-call-outside-of.patch deleted file mode 100644 index e875a82aea7..00000000000 --- a/package/network/services/hostapd/patches/182-nl80211-move-nl80211_put_freq_params-call-outside-of.patch +++ /dev/null @@ -1,34 +0,0 @@ -From: Felix Fietkau -Date: Mon, 18 Sep 2023 16:47:41 +0200 -Subject: [PATCH] nl80211: move nl80211_put_freq_params call outside of - 802.11ax #ifdef - -The relevance of this call is not specific to 802.11ax, so it should be done -even with CONFIG_IEEE80211AX disabled. - -Fixes: b3921db426ea ("nl80211: Add frequency info in start AP command") -Signed-off-by: Felix Fietkau ---- - ---- a/src/drivers/driver_nl80211.c -+++ b/src/drivers/driver_nl80211.c -@@ -5315,6 +5315,9 @@ static int wpa_driver_nl80211_set_ap(voi - nla_nest_end(msg, ftm); - } - -+ if (params->freq && nl80211_put_freq_params(msg, params->freq) < 0) -+ goto fail; -+ - #ifdef CONFIG_IEEE80211AX - if (params->he_spr_ctrl) { - struct nlattr *spr; -@@ -5349,9 +5352,6 @@ static int wpa_driver_nl80211_set_ap(voi - nla_nest_end(msg, spr); - } - -- if (params->freq && nl80211_put_freq_params(msg, params->freq) < 0) -- goto fail; -- - if (params->freq && params->freq->he_enabled && - nl80211_attr_supported(drv, NL80211_ATTR_HE_BSS_COLOR)) { - struct nlattr *bss_color; diff --git a/package/network/services/hostapd/patches/183-hostapd-cancel-channel_list_update_timeout-in-hostap.patch b/package/network/services/hostapd/patches/183-hostapd-cancel-channel_list_update_timeout-in-hostap.patch deleted file mode 100644 index 4d1af1f5c0c..00000000000 --- a/package/network/services/hostapd/patches/183-hostapd-cancel-channel_list_update_timeout-in-hostap.patch +++ /dev/null @@ -1,28 +0,0 @@ -From: Felix Fietkau -Date: Wed, 20 Sep 2023 13:41:10 +0200 -Subject: [PATCH] hostapd: cancel channel_list_update_timeout in - hostapd_cleanup_iface_partial - -Fixes a crash when disabling an interface during channel list update - -Signed-off-by: Felix Fietkau ---- - ---- a/src/ap/hostapd.c -+++ b/src/ap/hostapd.c -@@ -656,6 +656,7 @@ static void sta_track_deinit(struct host - void hostapd_cleanup_iface_partial(struct hostapd_iface *iface) - { - wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface); -+ eloop_cancel_timeout(channel_list_update_timeout, iface, NULL); - #ifdef NEED_AP_MLME - hostapd_stop_setup_timers(iface); - #endif /* NEED_AP_MLME */ -@@ -685,7 +686,6 @@ void hostapd_cleanup_iface_partial(struc - static void hostapd_cleanup_iface(struct hostapd_iface *iface) - { - wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface); -- eloop_cancel_timeout(channel_list_update_timeout, iface, NULL); - eloop_cancel_timeout(hostapd_interface_setup_failure_handler, iface, - NULL); - diff --git a/package/network/services/hostapd/patches/200-multicall.patch b/package/network/services/hostapd/patches/200-multicall.patch index 1a193b51bb1..8bb3d8de6cf 100644 --- a/package/network/services/hostapd/patches/200-multicall.patch +++ b/package/network/services/hostapd/patches/200-multicall.patch @@ -15,7 +15,7 @@ This allows building both hostapd and wpa_supplicant as a single binary include ../src/build.rules ifdef LIBS -@@ -199,7 +200,8 @@ endif +@@ -200,7 +201,8 @@ endif ifdef CONFIG_NO_VLAN CFLAGS += -DCONFIG_NO_VLAN @@ -25,7 +25,7 @@ This allows building both hostapd and wpa_supplicant as a single binary OBJS += ../src/ap/vlan_init.o OBJS += ../src/ap/vlan_ifconfig.o OBJS += ../src/ap/vlan.o -@@ -358,10 +360,14 @@ CFLAGS += -DCONFIG_MBO +@@ -359,10 +361,14 @@ CFLAGS += -DCONFIG_MBO OBJS += ../src/ap/mbo_ap.o endif @@ -43,7 +43,7 @@ This allows building both hostapd and wpa_supplicant as a single binary LIBS += $(DRV_AP_LIBS) ifdef CONFIG_L2_PACKET -@@ -1392,6 +1398,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR) +@@ -1393,6 +1399,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR) _OBJS_VAR := OBJS include ../src/objs.mk @@ -56,7 +56,7 @@ This allows building both hostapd and wpa_supplicant as a single binary hostapd: $(OBJS) $(Q)$(CC) $(LDFLAGS) -o hostapd $(OBJS) $(LIBS) @$(E) " LD " $@ -@@ -1472,6 +1484,12 @@ include ../src/objs.mk +@@ -1473,6 +1485,12 @@ include ../src/objs.mk _OBJS_VAR := SOBJS include ../src/objs.mk @@ -71,7 +71,7 @@ This allows building both hostapd and wpa_supplicant as a single binary @$(E) " LD " $@ --- a/hostapd/main.c +++ b/hostapd/main.c -@@ -705,6 +705,11 @@ fail: +@@ -692,6 +692,11 @@ fail: return -1; } @@ -83,7 +83,7 @@ This allows building both hostapd and wpa_supplicant as a single binary #ifdef CONFIG_WPS static int gen_uuid(const char *txt_addr) -@@ -798,6 +803,8 @@ int main(int argc, char *argv[]) +@@ -808,6 +813,8 @@ int main(int argc, char *argv[]) return -1; #endif /* CONFIG_DPP */ @@ -94,8 +94,8 @@ This allows building both hostapd and wpa_supplicant as a single binary if (c < 0) --- a/src/ap/drv_callbacks.c +++ b/src/ap/drv_callbacks.c -@@ -2341,8 +2341,8 @@ err: - #endif /* CONFIG_OWE */ +@@ -2409,8 +2409,8 @@ static void hostapd_event_color_change(s + #endif /* CONFIG_IEEE80211AX */ -void wpa_supplicant_event(void *ctx, enum wpa_event_type event, @@ -105,7 +105,7 @@ This allows building both hostapd and wpa_supplicant as a single binary { struct hostapd_data *hapd = ctx; struct sta_info *sta; -@@ -2674,7 +2674,7 @@ void wpa_supplicant_event(void *ctx, enu +@@ -2769,7 +2769,7 @@ void wpa_supplicant_event(void *ctx, enu } @@ -116,7 +116,7 @@ This allows building both hostapd and wpa_supplicant as a single binary struct hapd_interfaces *interfaces = ctx; --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -6763,8 +6763,8 @@ union wpa_event_data { +@@ -6847,8 +6847,8 @@ union wpa_event_data { * Driver wrapper code should call this function whenever an event is received * from the driver. */ @@ -127,7 +127,7 @@ This allows building both hostapd and wpa_supplicant as a single binary /** * wpa_supplicant_event_global - Report a driver event for wpa_supplicant -@@ -6776,7 +6776,7 @@ void wpa_supplicant_event(void *ctx, enu +@@ -6860,7 +6860,7 @@ void wpa_supplicant_event(void *ctx, enu * Same as wpa_supplicant_event(), but we search for the interface in * wpa_global. */ @@ -159,7 +159,7 @@ This allows building both hostapd and wpa_supplicant as a single binary include ../src/build.rules ifdef CONFIG_BUILD_PASN_SO -@@ -388,7 +389,9 @@ endif +@@ -389,7 +390,9 @@ endif ifdef CONFIG_IBSS_RSN NEED_RSN_AUTHENTICATOR=y CFLAGS += -DCONFIG_IBSS_RSN @@ -169,7 +169,7 @@ This allows building both hostapd and wpa_supplicant as a single binary OBJS += ibss_rsn.o endif -@@ -980,6 +983,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS +@@ -981,6 +984,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS CFLAGS += -DCONFIG_DYNAMIC_EAP_METHODS LIBS += -ldl -rdynamic endif @@ -180,7 +180,7 @@ This allows building both hostapd and wpa_supplicant as a single binary endif ifdef CONFIG_AP -@@ -987,9 +994,11 @@ NEED_EAP_COMMON=y +@@ -988,9 +995,11 @@ NEED_EAP_COMMON=y NEED_RSN_AUTHENTICATOR=y CFLAGS += -DCONFIG_AP OBJS += ap.o @@ -192,7 +192,7 @@ This allows building both hostapd and wpa_supplicant as a single binary OBJS += ../src/ap/hostapd.o OBJS += ../src/ap/wpa_auth_glue.o OBJS += ../src/ap/utils.o -@@ -1080,6 +1089,12 @@ endif +@@ -1081,6 +1090,12 @@ endif ifdef CONFIG_HS20 OBJS += ../src/ap/hs20.o endif @@ -205,7 +205,7 @@ This allows building both hostapd and wpa_supplicant as a single binary endif ifdef CONFIG_MBO -@@ -1089,7 +1104,9 @@ NEED_GAS=y +@@ -1090,7 +1105,9 @@ NEED_GAS=y endif ifdef NEED_RSN_AUTHENTICATOR @@ -215,7 +215,7 @@ This allows building both hostapd and wpa_supplicant as a single binary NEED_AES_WRAP=y OBJS += ../src/ap/wpa_auth.o OBJS += ../src/ap/wpa_auth_ie.o -@@ -2079,6 +2096,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv) +@@ -2080,6 +2097,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv) _OBJS_VAR := OBJS include ../src/objs.mk @@ -228,7 +228,7 @@ This allows building both hostapd and wpa_supplicant as a single binary wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs) $(Q)$(LDO) $(LDFLAGS) -o wpa_supplicant $(OBJS) $(LIBS) $(EXTRALIBS) @$(E) " LD " $@ -@@ -2211,6 +2234,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK) +@@ -2212,6 +2235,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK) $(Q)sed -e 's|\@BINDIR\@|$(BINDIR)|g' $< >$@ @$(E) " sed" $< @@ -256,7 +256,7 @@ This allows building both hostapd and wpa_supplicant as a single binary const struct wpa_driver_ops *const wpa_drivers[] = { NULL }; -@@ -1325,6 +1330,10 @@ static void usage(void) +@@ -1328,6 +1333,10 @@ static void usage(void) "option several times.\n"); } @@ -267,7 +267,7 @@ This allows building both hostapd and wpa_supplicant as a single binary int main(int argc, char *argv[]) { -@@ -1348,6 +1357,8 @@ int main(int argc, char *argv[]) +@@ -1351,6 +1360,8 @@ int main(int argc, char *argv[]) if (os_program_init()) return -1; @@ -278,7 +278,7 @@ This allows building both hostapd and wpa_supplicant as a single binary os_memset(&eapol_test, 0, sizeof(eapol_test)); --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c -@@ -5919,8 +5919,8 @@ static void wpas_link_reconfig(struct wp +@@ -5979,8 +5979,8 @@ static void wpas_link_reconfig(struct wp } @@ -289,7 +289,7 @@ This allows building both hostapd and wpa_supplicant as a single binary { struct wpa_supplicant *wpa_s = ctx; int resched; -@@ -6872,7 +6872,7 @@ void wpa_supplicant_event(void *ctx, enu +@@ -6932,7 +6932,7 @@ void wpa_supplicant_event(void *ctx, enu } @@ -300,7 +300,7 @@ This allows building both hostapd and wpa_supplicant as a single binary struct wpa_supplicant *wpa_s; --- a/wpa_supplicant/wpa_priv.c +++ b/wpa_supplicant/wpa_priv.c -@@ -1039,8 +1039,8 @@ static void wpa_priv_send_ft_response(st +@@ -1042,8 +1042,8 @@ static void wpa_priv_send_ft_response(st } @@ -311,7 +311,7 @@ This allows building both hostapd and wpa_supplicant as a single binary { struct wpa_priv_interface *iface = ctx; -@@ -1103,7 +1103,7 @@ void wpa_supplicant_event(void *ctx, enu +@@ -1106,7 +1106,7 @@ void wpa_supplicant_event(void *ctx, enu } @@ -320,7 +320,7 @@ This allows building both hostapd and wpa_supplicant as a single binary union wpa_event_data *data) { struct wpa_priv_global *global = ctx; -@@ -1217,6 +1217,8 @@ int main(int argc, char *argv[]) +@@ -1220,6 +1220,8 @@ int main(int argc, char *argv[]) if (os_program_init()) return -1; @@ -331,7 +331,7 @@ This allows building both hostapd and wpa_supplicant as a single binary os_memset(&global, 0, sizeof(global)); --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -7583,7 +7583,6 @@ struct wpa_interface * wpa_supplicant_ma +@@ -7714,7 +7714,6 @@ struct wpa_interface * wpa_supplicant_ma return NULL; } @@ -339,7 +339,7 @@ This allows building both hostapd and wpa_supplicant as a single binary /** * wpa_supplicant_match_existing - Match existing interfaces * @global: Pointer to global data from wpa_supplicant_init() -@@ -7618,6 +7617,11 @@ static int wpa_supplicant_match_existing +@@ -7749,6 +7748,11 @@ static int wpa_supplicant_match_existing #endif /* CONFIG_MATCH_IFACE */ @@ -351,7 +351,7 @@ This allows building both hostapd and wpa_supplicant as a single binary /** * wpa_supplicant_add_iface - Add a new network interface -@@ -7874,6 +7878,8 @@ struct wpa_global * wpa_supplicant_init( +@@ -8005,6 +8009,8 @@ struct wpa_global * wpa_supplicant_init( #ifndef CONFIG_NO_WPA_MSG wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb); #endif /* CONFIG_NO_WPA_MSG */ diff --git a/package/network/services/hostapd/patches/201-lto-jobserver-support.patch b/package/network/services/hostapd/patches/201-lto-jobserver-support.patch index ea0dc290813..7473cbef968 100644 --- a/package/network/services/hostapd/patches/201-lto-jobserver-support.patch +++ b/package/network/services/hostapd/patches/201-lto-jobserver-support.patch @@ -5,7 +5,7 @@ Subject: [PATCH] hostapd: build with LTO enabled (using jobserver for parallel --- a/hostapd/Makefile +++ b/hostapd/Makefile -@@ -1405,7 +1405,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS) +@@ -1406,7 +1406,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS) @$(AR) cr $@ hostapd_multi.o $(OBJS) hostapd: $(OBJS) @@ -14,7 +14,7 @@ Subject: [PATCH] hostapd: build with LTO enabled (using jobserver for parallel @$(E) " LD " $@ ifdef CONFIG_WPA_TRACE -@@ -1416,7 +1416,7 @@ _OBJS_VAR := OBJS_c +@@ -1417,7 +1417,7 @@ _OBJS_VAR := OBJS_c include ../src/objs.mk hostapd_cli: $(OBJS_c) @@ -25,7 +25,7 @@ Subject: [PATCH] hostapd: build with LTO enabled (using jobserver for parallel NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS) --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -2103,31 +2103,31 @@ wpa_supplicant_multi.a: .config $(BCHECK +@@ -2104,31 +2104,31 @@ wpa_supplicant_multi.a: .config $(BCHECK @$(AR) cr $@ wpa_supplicant_multi.o $(OBJS) wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs) diff --git a/package/network/services/hostapd/patches/210-build-de-duplicate-_DIRS-before-calling-mkdir.patch b/package/network/services/hostapd/patches/210-build-de-duplicate-_DIRS-before-calling-mkdir.patch deleted file mode 100644 index 08d4393c906..00000000000 --- a/package/network/services/hostapd/patches/210-build-de-duplicate-_DIRS-before-calling-mkdir.patch +++ /dev/null @@ -1,23 +0,0 @@ -From: Felix Fietkau -Date: Thu, 4 Apr 2024 12:59:41 +0200 -Subject: [PATCH] build: de-duplicate _DIRS before calling mkdir - -If the build path is long, the contents of the _DIRS variable can be very long, -since it repeats the same directories very often. -In some cases, this has triggered an "Argument list too long" build error. - -Suggested-by: Eneas U de Queiroz -Signed-off-by: Felix Fietkau ---- - ---- a/src/build.rules -+++ b/src/build.rules -@@ -80,7 +80,7 @@ endif - _DIRS := $(BUILDDIR)/$(PROJ) - .PHONY: _make_dirs - _make_dirs: -- @mkdir -p $(_DIRS) -+ @mkdir -p $(sort $(_DIRS)) - - $(BUILDDIR)/$(PROJ)/src/%.o: $(ROOTDIR)src/%.c $(CONFIG_FILE) | _make_dirs - $(Q)$(CC) -c -o $@ $(CFLAGS) $< diff --git a/package/network/services/hostapd/patches/211-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch b/package/network/services/hostapd/patches/211-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch index 84fdea8c785..475a50b87e5 100644 --- a/package/network/services/hostapd/patches/211-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch +++ b/package/network/services/hostapd/patches/211-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch @@ -13,7 +13,7 @@ Signed-off-by: David Bauer --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c -@@ -13214,7 +13214,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -13233,7 +13233,7 @@ char * wpa_supplicant_ctrl_iface_process if (wpas_ctrl_iface_coloc_intf_report(wpa_s, buf + 18)) reply_len = -1; #endif /* CONFIG_WNM */ @@ -22,7 +22,7 @@ Signed-off-by: David Bauer } else if (os_strncmp(buf, "DISASSOC_IMMINENT ", 18) == 0) { if (ap_ctrl_iface_disassoc_imminent(wpa_s, buf + 18)) reply_len = -1; -@@ -13224,7 +13224,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -13243,7 +13243,7 @@ char * wpa_supplicant_ctrl_iface_process } else if (os_strncmp(buf, "BSS_TM_REQ ", 11) == 0) { if (ap_ctrl_iface_bss_tm_req(wpa_s, buf + 11)) reply_len = -1; diff --git a/package/network/services/hostapd/patches/220-indicate-features.patch b/package/network/services/hostapd/patches/220-indicate-features.patch index 006a567c338..ab0af9593e3 100644 --- a/package/network/services/hostapd/patches/220-indicate-features.patch +++ b/package/network/services/hostapd/patches/220-indicate-features.patch @@ -15,7 +15,7 @@ Subject: [PATCH] hostapd: support optional argument for the -v switch of struct hapd_global { void **drv_priv; -@@ -806,7 +806,7 @@ int main(int argc, char *argv[]) +@@ -816,7 +816,7 @@ int main(int argc, char *argv[]) wpa_supplicant_event = hostapd_wpa_event; wpa_supplicant_event_global = hostapd_wpa_event_global; for (;;) { @@ -24,7 +24,7 @@ Subject: [PATCH] hostapd: support optional argument for the -v switch of if (c < 0) break; switch (c) { -@@ -843,6 +843,8 @@ int main(int argc, char *argv[]) +@@ -853,6 +853,8 @@ int main(int argc, char *argv[]) break; #endif /* CONFIG_DEBUG_LINUX_TRACING */ case 'v': diff --git a/package/network/services/hostapd/patches/250-hostapd_cli_ifdef.patch b/package/network/services/hostapd/patches/250-hostapd_cli_ifdef.patch index b6421e9d759..58143020ce0 100644 --- a/package/network/services/hostapd/patches/250-hostapd_cli_ifdef.patch +++ b/package/network/services/hostapd/patches/250-hostapd_cli_ifdef.patch @@ -37,7 +37,7 @@ Subject: [PATCH] hostapd: support wps in hostapd_cli even when built from the static int hostapd_cli_cmd_disassoc_imminent(struct wpa_ctrl *ctrl, int argc, -@@ -1670,13 +1666,10 @@ static const struct hostapd_cli_cmd host +@@ -1686,13 +1682,10 @@ static const struct hostapd_cli_cmd host { "disassociate", hostapd_cli_cmd_disassociate, hostapd_complete_stations, " = disassociate a station" }, @@ -51,7 +51,7 @@ Subject: [PATCH] hostapd: support wps in hostapd_cli even when built from the { "wps_pin", hostapd_cli_cmd_wps_pin, NULL, " [timeout] [addr] = add WPS Enrollee PIN" }, { "wps_check_pin", hostapd_cli_cmd_wps_check_pin, NULL, -@@ -1701,7 +1694,6 @@ static const struct hostapd_cli_cmd host +@@ -1717,7 +1710,6 @@ static const struct hostapd_cli_cmd host " = configure AP" }, { "wps_get_status", hostapd_cli_cmd_wps_get_status, NULL, "= show current WPS status" }, diff --git a/package/network/services/hostapd/patches/252-disable_ctrl_iface_mib.patch b/package/network/services/hostapd/patches/252-disable_ctrl_iface_mib.patch index c65b2b181e3..fd63ff08bee 100644 --- a/package/network/services/hostapd/patches/252-disable_ctrl_iface_mib.patch +++ b/package/network/services/hostapd/patches/252-disable_ctrl_iface_mib.patch @@ -4,7 +4,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality --- a/hostapd/Makefile +++ b/hostapd/Makefile -@@ -221,6 +221,9 @@ endif +@@ -222,6 +222,9 @@ endif ifdef CONFIG_NO_CTRL_IFACE CFLAGS += -DCONFIG_NO_CTRL_IFACE else @@ -16,7 +16,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality else --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c -@@ -3897,6 +3897,7 @@ static int hostapd_ctrl_iface_receive_pr +@@ -4005,6 +4005,7 @@ static int hostapd_ctrl_iface_receive_pr reply_size); } else if (os_strcmp(buf, "STATUS-DRIVER") == 0) { reply_len = hostapd_drv_status(hapd, reply, reply_size); @@ -24,7 +24,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality } else if (os_strcmp(buf, "MIB") == 0) { reply_len = ieee802_11_get_mib(hapd, reply, reply_size); if (reply_len >= 0) { -@@ -3938,6 +3939,7 @@ static int hostapd_ctrl_iface_receive_pr +@@ -4046,6 +4047,7 @@ static int hostapd_ctrl_iface_receive_pr } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) { reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply, reply_size); @@ -88,7 +88,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality static int hostapd_ctrl_iface_sta_mib(struct hostapd_data *hapd, struct sta_info *sta, char *buf, size_t buflen) -@@ -539,6 +539,7 @@ int hostapd_ctrl_iface_sta_next(struct h +@@ -562,6 +562,7 @@ int hostapd_ctrl_iface_sta_next(struct h return hostapd_ctrl_iface_sta_mib(hapd, sta->next, buf, buflen); } @@ -96,7 +96,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality #ifdef CONFIG_P2P_MANAGER static int p2p_manager_disconnect(struct hostapd_data *hapd, u16 stype, -@@ -951,12 +952,12 @@ int hostapd_ctrl_iface_status(struct hos +@@ -1010,12 +1011,12 @@ int hostapd_ctrl_iface_status(struct hos return len; len += ret; } @@ -113,7 +113,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality if (os_snprintf_error(buflen - len, ret)) --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c -@@ -2837,6 +2837,7 @@ static const char * bool_txt(bool val) +@@ -2848,6 +2848,7 @@ static const char * bool_txt(bool val) return val ? "TRUE" : "FALSE"; } @@ -121,7 +121,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality int ieee802_1x_get_mib(struct hostapd_data *hapd, char *buf, size_t buflen) { -@@ -3023,6 +3024,7 @@ int ieee802_1x_get_mib_sta(struct hostap +@@ -3034,6 +3035,7 @@ int ieee802_1x_get_mib_sta(struct hostap return len; } @@ -131,7 +131,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality static void ieee802_1x_wnm_notif_send(void *eloop_ctx, void *timeout_ctx) --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c -@@ -5583,6 +5583,7 @@ static const char * wpa_bool_txt(int val +@@ -5956,6 +5956,7 @@ static const char * wpa_bool_txt(int val return val ? "TRUE" : "FALSE"; } @@ -139,7 +139,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality #define RSN_SUITE "%02x-%02x-%02x-%d" #define RSN_SUITE_ARG(s) \ -@@ -5735,7 +5736,7 @@ int wpa_get_mib_sta(struct wpa_state_mac +@@ -6108,7 +6109,7 @@ int wpa_get_mib_sta(struct wpa_state_mac return len; } @@ -150,7 +150,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality { --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c -@@ -3943,6 +3943,8 @@ static u32 wpa_key_mgmt_suite(struct wpa +@@ -3974,6 +3974,8 @@ static u32 wpa_key_mgmt_suite(struct wpa } @@ -159,7 +159,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality #define RSN_SUITE "%02x-%02x-%02x-%d" #define RSN_SUITE_ARG(s) \ ((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff -@@ -4024,6 +4026,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch +@@ -4055,6 +4057,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch return (int) len; } @@ -169,7 +169,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -1038,6 +1038,9 @@ ifdef CONFIG_FILS +@@ -1039,6 +1039,9 @@ ifdef CONFIG_FILS OBJS += ../src/ap/fils_hlp.o endif ifdef CONFIG_CTRL_IFACE @@ -201,7 +201,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality if (wpa_s->ap_iface) { pos += ap_ctrl_iface_wpa_get_status(wpa_s, pos, end - pos, -@@ -12542,6 +12542,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -12561,6 +12561,7 @@ char * wpa_supplicant_ctrl_iface_process reply_len = -1; } else if (os_strncmp(buf, "NOTE ", 5) == 0) { wpa_printf(MSG_INFO, "NOTE: %s", buf + 5); @@ -209,7 +209,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality } else if (os_strcmp(buf, "MIB") == 0) { reply_len = wpa_sm_get_mib(wpa_s->wpa, reply, reply_size); if (reply_len >= 0) { -@@ -12554,6 +12555,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -12573,6 +12574,7 @@ char * wpa_supplicant_ctrl_iface_process reply_size - reply_len); #endif /* CONFIG_MACSEC */ } @@ -217,7 +217,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality } else if (os_strncmp(buf, "STATUS", 6) == 0) { reply_len = wpa_supplicant_ctrl_iface_status( wpa_s, buf + 6, reply, reply_size); -@@ -13042,6 +13044,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -13061,6 +13063,7 @@ char * wpa_supplicant_ctrl_iface_process reply_len = wpa_supplicant_ctrl_iface_bss( wpa_s, buf + 4, reply, reply_size); #ifdef CONFIG_AP @@ -225,7 +225,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality } else if (os_strcmp(buf, "STA-FIRST") == 0) { reply_len = ap_ctrl_iface_sta_first(wpa_s, reply, reply_size); } else if (os_strncmp(buf, "STA ", 4) == 0) { -@@ -13050,12 +13053,15 @@ char * wpa_supplicant_ctrl_iface_process +@@ -13069,12 +13072,15 @@ char * wpa_supplicant_ctrl_iface_process } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) { reply_len = ap_ctrl_iface_sta_next(wpa_s, buf + 9, reply, reply_size); diff --git a/package/network/services/hostapd/patches/253-qos_map_set_without_interworking.patch b/package/network/services/hostapd/patches/253-qos_map_set_without_interworking.patch deleted file mode 100644 index 4072ff56645..00000000000 --- a/package/network/services/hostapd/patches/253-qos_map_set_without_interworking.patch +++ /dev/null @@ -1,103 +0,0 @@ -From: Felix Fietkau -Date: Thu, 4 Nov 2021 11:45:18 +0100 -Subject: [PATCH] hostapd: support qos_map_set without CONFIG_INTERWORKING - -This feature is useful on its own even without full interworking support - ---- a/hostapd/config_file.c -+++ b/hostapd/config_file.c -@@ -1680,6 +1680,8 @@ static int parse_anqp_elem(struct hostap - return 0; - } - -+#endif /* CONFIG_INTERWORKING */ -+ - - static int parse_qos_map_set(struct hostapd_bss_config *bss, - char *buf, int line) -@@ -1721,8 +1723,6 @@ static int parse_qos_map_set(struct host - return 0; - } - --#endif /* CONFIG_INTERWORKING */ -- - - #ifdef CONFIG_HS20 - static int hs20_parse_conn_capab(struct hostapd_bss_config *bss, char *buf, -@@ -4260,10 +4260,10 @@ static int hostapd_config_fill(struct ho - bss->gas_frag_limit = val; - } else if (os_strcmp(buf, "gas_comeback_delay") == 0) { - bss->gas_comeback_delay = atoi(pos); -+#endif /* CONFIG_INTERWORKING */ - } else if (os_strcmp(buf, "qos_map_set") == 0) { - if (parse_qos_map_set(bss, pos, line) < 0) - return 1; --#endif /* CONFIG_INTERWORKING */ - #ifdef CONFIG_RADIUS_TEST - } else if (os_strcmp(buf, "dump_msk_file") == 0) { - os_free(bss->dump_msk_file); ---- a/src/ap/hostapd.c -+++ b/src/ap/hostapd.c -@@ -1548,6 +1548,7 @@ static int hostapd_setup_bss(struct host - wpa_printf(MSG_ERROR, "GAS server initialization failed"); - return -1; - } -+#endif /* CONFIG_INTERWORKING */ - - if (conf->qos_map_set_len && - hostapd_drv_set_qos_map(hapd, conf->qos_map_set, -@@ -1555,7 +1556,6 @@ static int hostapd_setup_bss(struct host - wpa_printf(MSG_ERROR, "Failed to initialize QoS Map"); - return -1; - } --#endif /* CONFIG_INTERWORKING */ - - if (conf->bss_load_update_period && bss_load_update_init(hapd)) { - wpa_printf(MSG_ERROR, "BSS Load initialization failed"); ---- a/src/ap/ieee802_11_shared.c -+++ b/src/ap/ieee802_11_shared.c -@@ -1138,13 +1138,11 @@ u8 * hostapd_eid_rsnxe(struct hostapd_da - u16 check_ext_capab(struct hostapd_data *hapd, struct sta_info *sta, - const u8 *ext_capab_ie, size_t ext_capab_ie_len) - { --#ifdef CONFIG_INTERWORKING - /* check for QoS Map support */ - if (ext_capab_ie_len >= 5) { - if (ext_capab_ie[4] & 0x01) - sta->qos_map_enabled = 1; - } --#endif /* CONFIG_INTERWORKING */ - - if (ext_capab_ie_len > 0) { - sta->ecsa_supported = !!(ext_capab_ie[0] & BIT(2)); ---- a/wpa_supplicant/events.c -+++ b/wpa_supplicant/events.c -@@ -2935,8 +2935,6 @@ void wnm_bss_keep_alive_deinit(struct wp - } - - --#ifdef CONFIG_INTERWORKING -- - static int wpas_qos_map_set(struct wpa_supplicant *wpa_s, const u8 *qos_map, - size_t len) - { -@@ -2969,8 +2967,6 @@ static void interworking_process_assoc_r - } - } - --#endif /* CONFIG_INTERWORKING */ -- - - static void wpa_supplicant_set_4addr_mode(struct wpa_supplicant *wpa_s) - { -@@ -3350,10 +3346,8 @@ static int wpa_supplicant_event_associnf - wnm_process_assoc_resp(wpa_s, data->assoc_info.resp_ies, - data->assoc_info.resp_ies_len); - #endif /* CONFIG_WNM */ --#ifdef CONFIG_INTERWORKING - interworking_process_assoc_resp(wpa_s, data->assoc_info.resp_ies, - data->assoc_info.resp_ies_len); --#endif /* CONFIG_INTERWORKING */ - if (wpa_s->hw_capab == CAPAB_VHT && - get_ie(data->assoc_info.resp_ies, - data->assoc_info.resp_ies_len, WLAN_EID_VHT_CAP)) diff --git a/package/network/services/hostapd/patches/300-noscan.patch b/package/network/services/hostapd/patches/300-noscan.patch index 9b3f401b035..35a5abd2b23 100644 --- a/package/network/services/hostapd/patches/300-noscan.patch +++ b/package/network/services/hostapd/patches/300-noscan.patch @@ -5,7 +5,7 @@ Subject: [PATCH] Add noscan, no_ht_coex config options --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3656,6 +3656,10 @@ static int hostapd_config_fill(struct ho +@@ -3680,6 +3680,10 @@ static int hostapd_config_fill(struct ho if (bss->ocv && !bss->ieee80211w) bss->ieee80211w = 1; #endif /* CONFIG_OCV */ @@ -18,7 +18,7 @@ Subject: [PATCH] Add noscan, no_ht_coex config options } else if (os_strcmp(buf, "ht_capab") == 0) { --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h -@@ -1093,6 +1093,8 @@ struct hostapd_config { +@@ -1108,6 +1108,8 @@ struct hostapd_config { int ht_op_mode_fixed; u16 ht_capab; @@ -29,7 +29,7 @@ Subject: [PATCH] Add noscan, no_ht_coex config options int no_pri_sec_switch; --- a/src/ap/hw_features.c +++ b/src/ap/hw_features.c -@@ -544,7 +544,8 @@ static int ieee80211n_check_40mhz(struct +@@ -551,7 +551,8 @@ static int ieee80211n_check_40mhz(struct int ret; /* Check that HT40 is used and PRI / SEC switch is allowed */ diff --git a/package/network/services/hostapd/patches/301-mesh-noscan.patch b/package/network/services/hostapd/patches/301-mesh-noscan.patch index 64a2eed30e5..1f96a81eb03 100644 --- a/package/network/services/hostapd/patches/301-mesh-noscan.patch +++ b/package/network/services/hostapd/patches/301-mesh-noscan.patch @@ -47,7 +47,7 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also /* --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -2770,7 +2770,7 @@ static bool ibss_mesh_can_use_vht(struct +@@ -2881,7 +2881,7 @@ static bool ibss_mesh_can_use_vht(struct const struct wpa_ssid *ssid, struct hostapd_hw_modes *mode) { @@ -56,7 +56,7 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also return false; if (!drv_supports_vht(wpa_s, ssid)) -@@ -2843,7 +2843,7 @@ static void ibss_mesh_select_40mhz(struc +@@ -2954,7 +2954,7 @@ static void ibss_mesh_select_40mhz(struc int i, res; unsigned int j; static const int ht40plus[] = { @@ -65,16 +65,16 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also 149, 157, 165, 173, 184, 192 }; int ht40 = -1; -@@ -3093,7 +3093,7 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -3205,7 +3205,7 @@ void ibss_mesh_setup_freq(struct wpa_sup int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode); enum hostapd_hw_mode hw_mode; struct hostapd_hw_modes *mode = NULL; -- int i, obss_scan = 1; -+ int i, obss_scan = !(ssid->noscan); +- int obss_scan = 1; ++ int obss_scan = !(ssid->noscan); u8 channel; bool is_6ghz, is_24ghz; bool dfs_enabled = wpa_s->conf->country[0] && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR); -@@ -3143,6 +3143,8 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -3249,6 +3249,8 @@ void ibss_mesh_setup_freq(struct wpa_sup freq->he_enabled = ibss_mesh_can_use_he(wpa_s, ssid, mode, ieee80211_mode); freq->channel = channel; diff --git a/package/network/services/hostapd/patches/310-rescan_immediately.patch b/package/network/services/hostapd/patches/310-rescan_immediately.patch index 57e13dec8bd..637f5c31a8d 100644 --- a/package/network/services/hostapd/patches/310-rescan_immediately.patch +++ b/package/network/services/hostapd/patches/310-rescan_immediately.patch @@ -5,7 +5,7 @@ Subject: [PATCH] rescan_immediately.patch --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -5870,7 +5870,7 @@ wpa_supplicant_alloc(struct wpa_supplica +@@ -6001,7 +6001,7 @@ wpa_supplicant_alloc(struct wpa_supplica if (wpa_s == NULL) return NULL; wpa_s->scan_req = INITIAL_SCAN_REQ; diff --git a/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch b/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch index 70ec6dc63b0..e4cc33b5122 100644 --- a/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch +++ b/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch @@ -5,7 +5,7 @@ Subject: [PATCH] nl80211_fix_set_freq.patch --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -5483,7 +5483,7 @@ static int nl80211_set_channel(struct i8 +@@ -5494,7 +5494,7 @@ static int nl80211_set_channel(struct i8 freq->he_enabled, freq->eht_enabled, freq->bandwidth, freq->center_freq1, freq->center_freq2); diff --git a/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch b/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch index 5ad4d6387fb..e73f817248f 100644 --- a/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch +++ b/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch @@ -4,22 +4,7 @@ Subject: [PATCH] nl80211_del_beacon_bss.patch --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -3075,12 +3075,12 @@ static int wpa_driver_nl80211_del_beacon - return 0; - - wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)", -- drv->ifindex); -+ bss->ifindex); - link->beacon_set = 0; - link->freq = 0; - - nl80211_put_wiphy_data_ap(bss); -- msg = nl80211_drv_msg(drv, 0, NL80211_CMD_DEL_BEACON); -+ msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_BEACON); - if (!msg) - return -ENOBUFS; - -@@ -6176,8 +6176,7 @@ static void nl80211_teardown_ap(struct i +@@ -6183,8 +6183,7 @@ static void nl80211_teardown_ap(struct i nl80211_mgmt_unsubscribe(bss, "AP teardown"); nl80211_put_wiphy_data_ap(bss); @@ -29,12 +14,3 @@ Subject: [PATCH] nl80211_del_beacon_bss.patch } -@@ -8977,8 +8976,6 @@ static int wpa_driver_nl80211_if_remove( - } else { - wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context"); - nl80211_teardown_ap(bss); -- if (!bss->added_if && !drv->first_bss->next) -- wpa_driver_nl80211_del_beacon_all(bss); - nl80211_destroy_bss(bss); - if (!bss->added_if) - i802_set_iface_flags(bss, 0); diff --git a/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch b/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch index ac1c9280b75..9a2f58d52a0 100644 --- a/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch +++ b/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch @@ -14,7 +14,7 @@ Signed-hostap: Antonio Quartulli --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -971,6 +971,9 @@ struct wpa_driver_associate_params { +@@ -979,6 +979,9 @@ struct wpa_driver_associate_params { * responsible for selecting with which BSS to associate. */ const u8 *bssid; @@ -155,7 +155,7 @@ Signed-hostap: Antonio Quartulli * macsec_policy - Determines the policy for MACsec secure session --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -4249,6 +4249,12 @@ static void wpas_start_assoc_cb(struct w +@@ -4370,6 +4370,12 @@ static void wpas_start_assoc_cb(struct w params.beacon_int = ssid->beacon_int; else params.beacon_int = wpa_s->conf->beacon_int; diff --git a/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch b/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch index c24ca46e969..54ef753fc40 100644 --- a/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch +++ b/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch @@ -19,7 +19,7 @@ Tested-by: Simon Wunderlich --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -1876,6 +1876,7 @@ struct wpa_driver_mesh_join_params { +@@ -1889,6 +1889,7 @@ struct wpa_driver_mesh_join_params { #define WPA_DRIVER_MESH_FLAG_AMPE 0x00000008 unsigned int flags; bool handle_dfs; @@ -29,7 +29,7 @@ Tested-by: Simon Wunderlich struct wpa_driver_set_key_params { --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -11850,6 +11850,18 @@ static int nl80211_put_mesh_id(struct nl +@@ -11983,6 +11983,18 @@ static int nl80211_put_mesh_id(struct nl } @@ -48,7 +48,7 @@ Tested-by: Simon Wunderlich static int nl80211_put_mesh_config(struct nl_msg *msg, struct wpa_driver_mesh_bss_params *params) { -@@ -11911,6 +11923,7 @@ static int nl80211_join_mesh(struct i802 +@@ -12044,6 +12056,7 @@ static int nl80211_join_mesh(struct i802 nl80211_put_basic_rates(msg, params->basic_rates) || nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) || nl80211_put_beacon_int(msg, params->beacon_int) || diff --git a/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch b/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch index 664f27bd63a..3d995fe3b03 100644 --- a/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch +++ b/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch @@ -5,7 +5,7 @@ Subject: [PATCH] Fix issues with disabling obss scan when using fixed_freq on --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -3100,6 +3100,10 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -3212,6 +3212,10 @@ void ibss_mesh_setup_freq(struct wpa_sup freq->freq = ssid->frequency; diff --git a/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch b/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch index 8da7a2948ea..e291615526d 100644 --- a/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch +++ b/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch @@ -13,7 +13,7 @@ Signed-off-by: David Bauer --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3708,6 +3708,8 @@ static int hostapd_config_fill(struct ho +@@ -3734,6 +3734,8 @@ static int hostapd_config_fill(struct ho } else if (os_strcmp(buf, "he_bss_color") == 0) { conf->he_op.he_bss_color = atoi(pos) & 0x3f; conf->he_op.he_bss_color_disabled = 0; diff --git a/package/network/services/hostapd/patches/470-survey_data_fallback.patch b/package/network/services/hostapd/patches/470-survey_data_fallback.patch index 1ae2c599ebb..43e30b14e93 100644 --- a/package/network/services/hostapd/patches/470-survey_data_fallback.patch +++ b/package/network/services/hostapd/patches/470-survey_data_fallback.patch @@ -4,7 +4,7 @@ Subject: [PATCH] hostapd: implement fallback for incomplete survey data --- a/src/ap/acs.c +++ b/src/ap/acs.c -@@ -467,17 +467,17 @@ static int acs_get_bw_center_chan(int fr +@@ -471,17 +471,17 @@ static int acs_get_bw_center_chan(int fr static int acs_survey_is_sufficient(struct freq_survey *survey) { if (!(survey->filled & SURVEY_HAS_NF)) { @@ -24,7 +24,7 @@ Subject: [PATCH] hostapd: implement fallback for incomplete survey data } if (!(survey->filled & SURVEY_HAS_CHAN_TIME_BUSY) && -@@ -485,7 +485,6 @@ static int acs_survey_is_sufficient(stru +@@ -489,7 +489,6 @@ static int acs_survey_is_sufficient(stru wpa_printf(MSG_INFO, "ACS: Survey for freq %d is missing RX and busy time (at least one is required)", survey->freq); diff --git a/package/network/services/hostapd/patches/590-rrm-wnm-statistics.patch b/package/network/services/hostapd/patches/590-rrm-wnm-statistics.patch index e1bb37ea55f..999a2a37810 100644 --- a/package/network/services/hostapd/patches/590-rrm-wnm-statistics.patch +++ b/package/network/services/hostapd/patches/590-rrm-wnm-statistics.patch @@ -10,7 +10,7 @@ method. --- a/src/ap/hostapd.h +++ b/src/ap/hostapd.h -@@ -163,6 +163,21 @@ struct hostapd_sae_commit_queue { +@@ -168,6 +168,21 @@ struct hostapd_sae_commit_queue { }; /** @@ -32,9 +32,9 @@ method. * struct hostapd_data - hostapd per-BSS data structure */ struct hostapd_data { -@@ -182,6 +197,9 @@ struct hostapd_data { +@@ -181,6 +196,9 @@ struct hostapd_data { - struct hostapd_data *mld_first_bss; + u8 own_addr[ETH_ALEN]; + /* OpenWrt specific statistics */ + struct hostapd_openwrt_stats openwrt_stats; diff --git a/package/network/services/hostapd/patches/600-ubus_support.patch b/package/network/services/hostapd/patches/600-ubus_support.patch index 0457f37f74c..b4caabd8262 100644 --- a/package/network/services/hostapd/patches/600-ubus_support.patch +++ b/package/network/services/hostapd/patches/600-ubus_support.patch @@ -7,7 +7,7 @@ probe/assoc/auth requests via object subscribe. --- a/hostapd/Makefile +++ b/hostapd/Makefile -@@ -166,6 +166,12 @@ OBJS += ../src/common/hw_features_common +@@ -167,6 +167,12 @@ OBJS += ../src/common/hw_features_common OBJS += ../src/eapol_auth/eapol_auth_sm.o @@ -53,7 +53,7 @@ probe/assoc/auth requests via object subscribe. } --- a/src/ap/beacon.c +++ b/src/ap/beacon.c -@@ -1351,6 +1351,12 @@ void handle_probe_req(struct hostapd_dat +@@ -1357,6 +1357,12 @@ void handle_probe_req(struct hostapd_dat int mld_id; u16 links; #endif /* CONFIG_IEEE80211BE */ @@ -66,7 +66,7 @@ probe/assoc/auth requests via object subscribe. if (hapd->iconf->rssi_ignore_probe_request && ssi_signal && ssi_signal < hapd->iconf->rssi_ignore_probe_request) -@@ -1537,6 +1543,12 @@ void handle_probe_req(struct hostapd_dat +@@ -1543,6 +1549,12 @@ void handle_probe_req(struct hostapd_dat } #endif /* CONFIG_P2P */ @@ -81,7 +81,7 @@ probe/assoc/auth requests via object subscribe. --- a/src/ap/dfs.c +++ b/src/ap/dfs.c -@@ -1225,6 +1225,8 @@ int hostapd_dfs_pre_cac_expired(struct h +@@ -1236,6 +1236,8 @@ int hostapd_dfs_pre_cac_expired(struct h "freq=%d ht_enabled=%d chan_offset=%d chan_width=%d cf1=%d cf2=%d", freq, ht_enabled, chan_offset, chan_width, cf1, cf2); @@ -118,7 +118,7 @@ probe/assoc/auth requests via object subscribe. wpabuf_free(sta->p2p_ie); --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -493,6 +493,7 @@ void hostapd_free_hapd_data(struct hosta +@@ -475,6 +475,7 @@ void hostapd_free_hapd_data(struct hosta hapd->beacon_set_done = 0; wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface); @@ -126,7 +126,7 @@ probe/assoc/auth requests via object subscribe. accounting_deinit(hapd); hostapd_deinit_wpa(hapd); vlan_deinit(hapd); -@@ -1274,6 +1275,8 @@ static int hostapd_start_beacon(struct h +@@ -1303,6 +1304,8 @@ static int hostapd_start_beacon(struct h if (hapd->driver && hapd->driver->set_operstate) hapd->driver->set_operstate(hapd->drv_priv, 1); @@ -135,7 +135,7 @@ probe/assoc/auth requests via object subscribe. return 0; } -@@ -2367,6 +2370,7 @@ static int hostapd_setup_interface_compl +@@ -2481,6 +2484,7 @@ static int hostapd_setup_interface_compl if (err) goto fail; @@ -143,7 +143,7 @@ probe/assoc/auth requests via object subscribe. wpa_printf(MSG_DEBUG, "Completing interface initialization"); if (iface->freq) { #ifdef NEED_AP_MLME -@@ -2586,6 +2590,7 @@ dfs_offload: +@@ -2700,6 +2704,7 @@ dfs_offload: fail: wpa_printf(MSG_ERROR, "Interface initialization failed"); @@ -151,7 +151,7 @@ probe/assoc/auth requests via object subscribe. if (iface->is_no_ir) { hostapd_set_state(iface, HAPD_IFACE_NO_IR); -@@ -3076,6 +3081,7 @@ void hostapd_interface_deinit_free(struc +@@ -3416,6 +3421,7 @@ void hostapd_interface_deinit_free(struc (unsigned int) iface->conf->num_bss); driver = iface->bss[0]->driver; drv_priv = iface->bss[0]->drv_priv; @@ -169,7 +169,7 @@ probe/assoc/auth requests via object subscribe. #define OCE_STA_CFON_ENABLED(hapd) \ ((hapd->conf->oce & OCE_STA_CFON) && \ -@@ -184,6 +185,7 @@ struct hostapd_data { +@@ -189,6 +190,7 @@ struct hostapd_data { struct hostapd_iface *iface; struct hostapd_config *iconf; struct hostapd_bss_config *conf; @@ -177,7 +177,7 @@ probe/assoc/auth requests via object subscribe. int interface_added; /* virtual interface added for this BSS */ unsigned int started:1; unsigned int disabled:1; -@@ -707,6 +709,7 @@ hostapd_alloc_bss_data(struct hostapd_if +@@ -743,6 +745,7 @@ hostapd_alloc_bss_data(struct hostapd_if struct hostapd_bss_config *bss); int hostapd_setup_interface(struct hostapd_iface *iface); int hostapd_setup_interface_complete(struct hostapd_iface *iface, int err); @@ -187,7 +187,7 @@ probe/assoc/auth requests via object subscribe. struct hostapd_iface * hostapd_alloc_iface(void); --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c -@@ -2798,7 +2798,7 @@ static void handle_auth(struct hostapd_d +@@ -2874,7 +2874,7 @@ static void handle_auth(struct hostapd_d u16 auth_alg, auth_transaction, status_code; u16 resp = WLAN_STATUS_SUCCESS; struct sta_info *sta = NULL; @@ -196,10 +196,10 @@ probe/assoc/auth requests via object subscribe. u16 fc; const u8 *challenge = NULL; u8 resp_ies[2 + WLAN_AUTH_CHALLENGE_LEN]; -@@ -2807,6 +2807,11 @@ static void handle_auth(struct hostapd_d - struct radius_sta rad_info; - const u8 *dst, *sa, *bssid; +@@ -2885,6 +2885,11 @@ static void handle_auth(struct hostapd_d + #ifdef CONFIG_IEEE80211BE bool mld_sta = false; + #endif /* CONFIG_IEEE80211BE */ + struct hostapd_ubus_request req = { + .type = HOSTAPD_UBUS_AUTH_REQ, + .mgmt_frame = mgmt, @@ -208,7 +208,7 @@ probe/assoc/auth requests via object subscribe. if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) { wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)", -@@ -2998,6 +3003,13 @@ static void handle_auth(struct hostapd_d +@@ -3078,6 +3083,13 @@ static void handle_auth(struct hostapd_d resp = WLAN_STATUS_UNSPECIFIED_FAILURE; goto fail; } @@ -222,7 +222,7 @@ probe/assoc/auth requests via object subscribe. if (res == HOSTAPD_ACL_PENDING) return; -@@ -5242,7 +5254,7 @@ static void handle_assoc(struct hostapd_ +@@ -5338,7 +5350,7 @@ static void handle_assoc(struct hostapd_ int resp = WLAN_STATUS_SUCCESS; u16 reply_res = WLAN_STATUS_UNSPECIFIED_FAILURE; const u8 *pos; @@ -231,7 +231,7 @@ probe/assoc/auth requests via object subscribe. struct sta_info *sta; u8 *tmp = NULL; #ifdef CONFIG_FILS -@@ -5484,6 +5496,11 @@ static void handle_assoc(struct hostapd_ +@@ -5580,6 +5592,11 @@ static void handle_assoc(struct hostapd_ left = res; } #endif /* CONFIG_FILS */ @@ -243,9 +243,9 @@ probe/assoc/auth requests via object subscribe. /* followed by SSID and Supported rates; and HT capabilities if 802.11n * is used */ -@@ -5586,6 +5603,13 @@ static void handle_assoc(struct hostapd_ +@@ -5682,6 +5699,13 @@ static void handle_assoc(struct hostapd_ if (set_beacon) - ieee802_11_set_beacons(hapd->iface); + ieee802_11_update_beacons(hapd->iface); + ubus_resp = hostapd_ubus_handle_event(hapd, &req); + if (ubus_resp) { @@ -257,7 +257,7 @@ probe/assoc/auth requests via object subscribe. fail: /* -@@ -5836,6 +5860,7 @@ static void handle_disassoc(struct hosta +@@ -5911,6 +5935,7 @@ static void handle_disassoc(struct hosta (unsigned long) len); return; } @@ -265,7 +265,7 @@ probe/assoc/auth requests via object subscribe. sta = ap_get_sta(hapd, mgmt->sa); if (!sta) { -@@ -5867,6 +5892,8 @@ static void handle_deauth(struct hostapd +@@ -5942,6 +5967,8 @@ static void handle_deauth(struct hostapd /* Clear the PTKSA cache entries for PASN */ ptksa_cache_flush(hapd->ptksa, mgmt->sa, WPA_CIPHER_NONE); @@ -286,19 +286,18 @@ probe/assoc/auth requests via object subscribe. } -@@ -352,6 +355,9 @@ void hostapd_handle_radio_measurement(st - mgmt->u.action.u.rrm.action, MAC2STR(mgmt->sa)); - - switch (mgmt->u.action.u.rrm.action) { -+ case WLAN_RRM_LINK_MEASUREMENT_REPORT: -+ hostapd_ubus_handle_link_measurement(hapd, buf, len); -+ break; - case WLAN_RRM_RADIO_MEASUREMENT_REPORT: - hostapd_handle_radio_msmt_report(hapd, buf, len); +@@ -406,7 +409,7 @@ void hostapd_handle_radio_measurement(st + hostapd_handle_nei_report_req(hapd, buf, len); break; + case WLAN_RRM_LINK_MEASUREMENT_REPORT: +- hostapd_handle_link_mesr_report(hapd, buf, len); ++ hostapd_ubus_handle_link_measurement(hapd, buf, len); + break; + default: + wpa_printf(MSG_DEBUG, "RRM action %u is not supported", --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c -@@ -476,6 +476,7 @@ void ap_handle_timer(void *eloop_ctx, vo +@@ -542,6 +542,7 @@ void ap_handle_timer(void *eloop_ctx, vo hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_INFO, "deauthenticated due to " "local deauth request"); @@ -306,7 +305,7 @@ probe/assoc/auth requests via object subscribe. ap_free_sta(hapd, sta); return; } -@@ -631,6 +632,7 @@ skip_poll: +@@ -699,6 +700,7 @@ skip_poll: mlme_deauthenticate_indication( hapd, sta, WLAN_REASON_PREV_AUTH_NOT_VALID); @@ -314,7 +313,7 @@ probe/assoc/auth requests via object subscribe. ap_free_sta(hapd, sta); break; } -@@ -1448,15 +1450,28 @@ void ap_sta_set_authorized_event(struct +@@ -1521,15 +1523,28 @@ void ap_sta_set_authorized_event(struct os_snprintf(buf, sizeof(buf), MACSTR, MAC2STR(sta->addr)); if (authorized) { @@ -343,7 +342,7 @@ probe/assoc/auth requests via object subscribe. #ifdef CONFIG_P2P if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) { os_snprintf(ip_addr, sizeof(ip_addr), -@@ -1467,6 +1482,13 @@ void ap_sta_set_authorized_event(struct +@@ -1540,6 +1555,13 @@ void ap_sta_set_authorized_event(struct } #endif /* CONFIG_P2P */ @@ -357,7 +356,7 @@ probe/assoc/auth requests via object subscribe. keyid = ap_sta_wpa_get_keyid(hapd, sta); if (keyid) { os_snprintf(keyid_buf, sizeof(keyid_buf), -@@ -1485,17 +1507,19 @@ void ap_sta_set_authorized_event(struct +@@ -1558,17 +1580,19 @@ void ap_sta_set_authorized_event(struct dpp_pkhash, SHA256_MAC_LEN); } @@ -383,7 +382,7 @@ probe/assoc/auth requests via object subscribe. hapd->msg_ctx_parent != hapd->msg_ctx) --- a/src/ap/sta_info.h +++ b/src/ap/sta_info.h -@@ -319,6 +319,7 @@ struct sta_info { +@@ -317,6 +317,7 @@ struct sta_info { #endif /* CONFIG_TESTING_OPTIONS */ #ifdef CONFIG_AIRTIME_POLICY unsigned int airtime_weight; @@ -471,7 +470,7 @@ probe/assoc/auth requests via object subscribe. } --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c -@@ -275,6 +275,7 @@ static void hostapd_wpa_auth_psk_failure +@@ -279,6 +279,7 @@ static void hostapd_wpa_auth_psk_failure struct hostapd_data *hapd = ctx; wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_POSSIBLE_PSK_MISMATCH MACSTR, MAC2STR(addr)); @@ -629,7 +628,7 @@ probe/assoc/auth requests via object subscribe. +} --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -189,6 +189,13 @@ ifdef CONFIG_EAPOL_TEST +@@ -191,6 +191,13 @@ ifdef CONFIG_EAPOL_TEST CFLAGS += -Werror -DEAPOL_TEST endif @@ -643,7 +642,7 @@ probe/assoc/auth requests via object subscribe. ifdef CONFIG_CODE_COVERAGE CFLAGS += -O0 -fprofile-arcs -ftest-coverage -U_FORTIFY_SOURCE LIBS += -lgcov -@@ -1042,6 +1049,9 @@ ifdef CONFIG_CTRL_IFACE_MIB +@@ -1043,6 +1050,9 @@ ifdef CONFIG_CTRL_IFACE_MIB CFLAGS += -DCONFIG_CTRL_IFACE_MIB endif OBJS += ../src/ap/ctrl_iface_ap.o @@ -676,7 +675,7 @@ probe/assoc/auth requests via object subscribe. break; --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -7716,6 +7716,8 @@ struct wpa_supplicant * wpa_supplicant_a +@@ -7847,6 +7847,8 @@ struct wpa_supplicant * wpa_supplicant_a } #endif /* CONFIG_P2P */ @@ -685,7 +684,7 @@ probe/assoc/auth requests via object subscribe. return wpa_s; } -@@ -7742,6 +7744,8 @@ int wpa_supplicant_remove_iface(struct w +@@ -7873,6 +7875,8 @@ int wpa_supplicant_remove_iface(struct w struct wpa_supplicant *parent = wpa_s->parent; #endif /* CONFIG_MESH */ @@ -694,7 +693,7 @@ probe/assoc/auth requests via object subscribe. /* Remove interface from the global list of interfaces */ prev = global->ifaces; if (prev == wpa_s) { -@@ -8088,8 +8092,12 @@ int wpa_supplicant_run(struct wpa_global +@@ -8219,8 +8223,12 @@ int wpa_supplicant_run(struct wpa_global eloop_register_signal_terminate(wpa_supplicant_terminate, global); eloop_register_signal_reconfig(wpa_supplicant_reconfig, global); diff --git a/package/network/services/hostapd/patches/601-ucode_support.patch b/package/network/services/hostapd/patches/601-ucode_support.patch index b826363248a..e242e3ae503 100644 --- a/package/network/services/hostapd/patches/601-ucode_support.patch +++ b/package/network/services/hostapd/patches/601-ucode_support.patch @@ -8,7 +8,7 @@ as adding/removing interfaces. --- a/hostapd/Makefile +++ b/hostapd/Makefile -@@ -168,9 +168,21 @@ OBJS += ../src/eapol_auth/eapol_auth_sm. +@@ -169,9 +169,21 @@ OBJS += ../src/eapol_auth/eapol_auth_sm. ifdef CONFIG_UBUS CFLAGS += -DUBUS_SUPPORT @@ -34,7 +34,7 @@ as adding/removing interfaces. ifdef CONFIG_CODE_COVERAGE --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c -@@ -5487,6 +5487,7 @@ try_again: +@@ -5603,6 +5603,7 @@ try_again: return -1; } @@ -42,7 +42,7 @@ as adding/removing interfaces. wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb); return 0; -@@ -5588,6 +5589,7 @@ fail: +@@ -5704,6 +5705,7 @@ fail: os_free(fname); interface->global_ctrl_sock = s; @@ -52,7 +52,7 @@ as adding/removing interfaces. --- a/hostapd/main.c +++ b/hostapd/main.c -@@ -1014,6 +1014,7 @@ int main(int argc, char *argv[]) +@@ -1024,6 +1024,7 @@ int main(int argc, char *argv[]) } hostapd_global_ctrl_iface_init(&interfaces); @@ -60,7 +60,7 @@ as adding/removing interfaces. if (hostapd_global_run(&interfaces, daemonize, pid_file)) { wpa_printf(MSG_ERROR, "Failed to start eloop"); -@@ -1023,6 +1024,7 @@ int main(int argc, char *argv[]) +@@ -1033,6 +1034,7 @@ int main(int argc, char *argv[]) ret = 0; out: @@ -70,7 +70,7 @@ as adding/removing interfaces. for (i = 0; i < interfaces.count; i++) { --- a/src/ap/ap_drv_ops.h +++ b/src/ap/ap_drv_ops.h -@@ -399,6 +399,23 @@ static inline int hostapd_drv_stop_ap(st +@@ -404,6 +404,23 @@ static inline int hostapd_drv_stop_ap(st return hapd->driver->stop_ap(hapd->drv_priv, link_id); } @@ -105,7 +105,7 @@ as adding/removing interfaces. if (iface->config_fname == NULL) { /* Only in-memory config in use - assume it has been updated */ hostapd_clear_old(iface); -@@ -493,6 +495,7 @@ void hostapd_free_hapd_data(struct hosta +@@ -475,6 +477,7 @@ void hostapd_free_hapd_data(struct hosta hapd->beacon_set_done = 0; wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface); @@ -113,7 +113,7 @@ as adding/removing interfaces. hostapd_ubus_free_bss(hapd); accounting_deinit(hapd); hostapd_deinit_wpa(hapd); -@@ -687,6 +690,7 @@ void hostapd_cleanup_iface_partial(struc +@@ -716,6 +719,7 @@ void hostapd_cleanup_iface_partial(struc static void hostapd_cleanup_iface(struct hostapd_iface *iface) { wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface); @@ -121,7 +121,7 @@ as adding/removing interfaces. eloop_cancel_timeout(hostapd_interface_setup_failure_handler, iface, NULL); -@@ -1276,6 +1280,7 @@ static int hostapd_start_beacon(struct h +@@ -1305,6 +1309,7 @@ static int hostapd_start_beacon(struct h hapd->driver->set_operstate(hapd->drv_priv, 1); hostapd_ubus_add_bss(hapd); @@ -129,7 +129,7 @@ as adding/removing interfaces. return 0; } -@@ -1298,8 +1303,7 @@ static int hostapd_start_beacon(struct h +@@ -1380,8 +1385,7 @@ static int hostapd_bss_radius_init(struc * initialized. Most of the modules that are initialized here will be * deinitialized in hostapd_cleanup(). */ @@ -139,7 +139,7 @@ as adding/removing interfaces. { struct hostapd_bss_config *conf = hapd->conf; u8 ssid[SSID_MAX_LEN + 1]; -@@ -2790,7 +2794,7 @@ hostapd_alloc_bss_data(struct hostapd_if +@@ -2904,7 +2908,7 @@ hostapd_alloc_bss_data(struct hostapd_if } @@ -148,7 +148,7 @@ as adding/removing interfaces. { if (!hapd) return; -@@ -3608,7 +3612,8 @@ int hostapd_remove_iface(struct hapd_int +@@ -3953,7 +3957,8 @@ int hostapd_remove_iface(struct hapd_int hapd_iface = interfaces->iface[i]; if (hapd_iface == NULL) return -1; @@ -168,7 +168,7 @@ as adding/removing interfaces. #define OCE_STA_CFON_ENABLED(hapd) \ ((hapd->conf->oce & OCE_STA_CFON) && \ -@@ -51,6 +52,10 @@ struct hapd_interfaces { +@@ -52,6 +53,10 @@ struct hapd_interfaces { struct hostapd_config * (*config_read_cb)(const char *config_fname); int (*ctrl_iface_init)(struct hostapd_data *hapd); void (*ctrl_iface_deinit)(struct hostapd_data *hapd); @@ -179,7 +179,7 @@ as adding/removing interfaces. int (*for_each_interface)(struct hapd_interfaces *interfaces, int (*cb)(struct hostapd_iface *iface, void *ctx), void *ctx); -@@ -186,6 +191,7 @@ struct hostapd_data { +@@ -191,6 +196,7 @@ struct hostapd_data { struct hostapd_config *iconf; struct hostapd_bss_config *conf; struct hostapd_ubus_bss ubus; @@ -187,7 +187,7 @@ as adding/removing interfaces. int interface_added; /* virtual interface added for this BSS */ unsigned int started:1; unsigned int disabled:1; -@@ -518,6 +524,7 @@ struct hostapd_sta_info { +@@ -548,6 +554,7 @@ struct hostapd_mld { */ struct hostapd_iface { struct hapd_interfaces *interfaces; @@ -195,7 +195,7 @@ as adding/removing interfaces. void *owner; char *config_fname; struct hostapd_config *conf; -@@ -718,6 +725,8 @@ struct hostapd_iface * hostapd_init(stru +@@ -754,6 +761,8 @@ struct hostapd_iface * hostapd_init(stru struct hostapd_iface * hostapd_interface_init_bss(struct hapd_interfaces *interfaces, const char *phy, const char *config_fname, int debug); @@ -206,7 +206,7 @@ as adding/removing interfaces. void hostapd_interface_deinit_free(struct hostapd_iface *iface); --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -3856,6 +3856,25 @@ struct wpa_driver_ops { +@@ -3893,6 +3893,25 @@ struct wpa_driver_ops { const char *ifname); /** @@ -232,7 +232,7 @@ as adding/removing interfaces. * set_sta_vlan - Bind a station into a specific interface (AP only) * @priv: Private driver interface data * @ifname: Interface (main or virtual BSS or VLAN) -@@ -6510,6 +6529,7 @@ union wpa_event_data { +@@ -6593,6 +6612,7 @@ union wpa_event_data { /** * struct ch_switch @@ -240,7 +240,7 @@ as adding/removing interfaces. * @freq: Frequency of new channel in MHz * @ht_enabled: Whether this is an HT channel * @ch_offset: Secondary channel offset -@@ -6520,6 +6540,7 @@ union wpa_event_data { +@@ -6603,6 +6623,7 @@ union wpa_event_data { * @punct_bitmap: Puncturing bitmap */ struct ch_switch { @@ -338,7 +338,7 @@ as adding/removing interfaces. nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL); nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM, -@@ -8554,6 +8575,7 @@ static void *i802_init(struct hostapd_da +@@ -8573,6 +8594,7 @@ static void *i802_init(struct hostapd_da char master_ifname[IFNAMSIZ]; int ifindex, br_ifindex = 0; int br_added = 0; @@ -346,7 +346,7 @@ as adding/removing interfaces. bss = wpa_driver_nl80211_drv_init(hapd, params->ifname, params->global_priv, 1, -@@ -8613,21 +8635,17 @@ static void *i802_init(struct hostapd_da +@@ -8632,21 +8654,17 @@ static void *i802_init(struct hostapd_da (params->num_bridge == 0 || !params->bridge[0])) add_ifidx(drv, br_ifindex, drv->ifindex); @@ -378,7 +378,7 @@ as adding/removing interfaces. } if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) { -@@ -8992,6 +9010,50 @@ static int wpa_driver_nl80211_if_remove( +@@ -9015,6 +9033,50 @@ static int wpa_driver_nl80211_if_remove( return 0; } @@ -429,8 +429,8 @@ as adding/removing interfaces. static int cookie_handler(struct nl_msg *msg, void *arg) { -@@ -10688,6 +10750,37 @@ static int driver_nl80211_if_remove(void - } +@@ -10803,6 +10865,37 @@ static bool nl80211_is_drv_shared(void * + #endif /* CONFIG_IEEE80211BE */ +static int driver_nl80211_if_rename(void *priv, enum wpa_driver_if_type type, @@ -467,7 +467,7 @@ as adding/removing interfaces. static int driver_nl80211_send_mlme(void *priv, const u8 *data, size_t data_len, int noack, unsigned int freq, -@@ -13881,6 +13974,8 @@ const struct wpa_driver_ops wpa_driver_n +@@ -14040,6 +14133,8 @@ const struct wpa_driver_ops wpa_driver_n .set_acl = wpa_driver_nl80211_set_acl, .if_add = wpa_driver_nl80211_if_add, .if_remove = driver_nl80211_if_remove, @@ -493,9 +493,9 @@ as adding/removing interfaces. + if (count) + data.ch_switch.count = nla_get_u32(count); - if (finished) - bss->flink->freq = data.ch_switch.freq; -@@ -3961,6 +3964,7 @@ static void do_process_drv_event(struct + if (link) + data.ch_switch.link_id = nla_get_u8(link); +@@ -3999,6 +4002,7 @@ static void do_process_drv_event(struct tb[NL80211_ATTR_CENTER_FREQ1], tb[NL80211_ATTR_CENTER_FREQ2], tb[NL80211_ATTR_PUNCT_BITMAP], @@ -503,7 +503,7 @@ as adding/removing interfaces. 0); break; case NL80211_CMD_CH_SWITCH_NOTIFY: -@@ -3973,6 +3977,7 @@ static void do_process_drv_event(struct +@@ -4011,6 +4015,7 @@ static void do_process_drv_event(struct tb[NL80211_ATTR_CENTER_FREQ1], tb[NL80211_ATTR_CENTER_FREQ2], tb[NL80211_ATTR_PUNCT_BITMAP], @@ -562,7 +562,7 @@ as adding/removing interfaces. extern int wpa_debug_timestamp; --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -192,8 +192,20 @@ endif +@@ -194,8 +194,20 @@ endif ifdef CONFIG_UBUS CFLAGS += -DUBUS_SUPPORT OBJS += ubus.o @@ -584,7 +584,7 @@ as adding/removing interfaces. endif ifdef CONFIG_CODE_COVERAGE -@@ -1052,6 +1064,9 @@ OBJS += ../src/ap/ctrl_iface_ap.o +@@ -1053,6 +1065,9 @@ OBJS += ../src/ap/ctrl_iface_ap.o ifdef CONFIG_UBUS OBJS += ../src/ap/ubus.o endif @@ -596,7 +596,7 @@ as adding/removing interfaces. CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c -@@ -5949,6 +5949,7 @@ void supplicant_event(void *ctx, enum wp +@@ -6015,6 +6015,7 @@ void supplicant_event(void *ctx, enum wp event_to_string(event), event); #endif /* CONFIG_NO_STDOUT_DEBUG */ @@ -606,7 +606,7 @@ as adding/removing interfaces. #ifdef CONFIG_FST --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -1060,6 +1060,7 @@ void wpa_supplicant_set_state(struct wpa +@@ -1148,6 +1148,7 @@ void wpa_supplicant_set_state(struct wpa sme_sched_obss_scan(wpa_s, 0); } wpa_s->wpa_state = state; @@ -614,7 +614,7 @@ as adding/removing interfaces. #ifdef CONFIG_BGSCAN if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid) -@@ -7717,6 +7718,7 @@ struct wpa_supplicant * wpa_supplicant_a +@@ -7848,6 +7849,7 @@ struct wpa_supplicant * wpa_supplicant_a #endif /* CONFIG_P2P */ wpas_ubus_add_bss(wpa_s); @@ -622,7 +622,7 @@ as adding/removing interfaces. return wpa_s; } -@@ -7744,6 +7746,7 @@ int wpa_supplicant_remove_iface(struct w +@@ -7875,6 +7877,7 @@ int wpa_supplicant_remove_iface(struct w struct wpa_supplicant *parent = wpa_s->parent; #endif /* CONFIG_MESH */ @@ -630,7 +630,7 @@ as adding/removing interfaces. wpas_ubus_free_bss(wpa_s); /* Remove interface from the global list of interfaces */ -@@ -8054,6 +8057,7 @@ struct wpa_global * wpa_supplicant_init( +@@ -8185,6 +8188,7 @@ struct wpa_global * wpa_supplicant_init( eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0, wpas_periodic, global, NULL); @@ -638,7 +638,7 @@ as adding/removing interfaces. return global; } -@@ -8092,12 +8096,8 @@ int wpa_supplicant_run(struct wpa_global +@@ -8223,12 +8227,8 @@ int wpa_supplicant_run(struct wpa_global eloop_register_signal_terminate(wpa_supplicant_terminate, global); eloop_register_signal_reconfig(wpa_supplicant_reconfig, global); @@ -651,7 +651,7 @@ as adding/removing interfaces. return 0; } -@@ -8130,6 +8130,8 @@ void wpa_supplicant_deinit(struct wpa_gl +@@ -8261,6 +8261,8 @@ void wpa_supplicant_deinit(struct wpa_gl wpas_notify_supplicant_deinitialized(global); diff --git a/package/network/services/hostapd/patches/701-reload_config_inline.patch b/package/network/services/hostapd/patches/701-reload_config_inline.patch index 260e832ddba..f9bdfa1e92c 100644 --- a/package/network/services/hostapd/patches/701-reload_config_inline.patch +++ b/package/network/services/hostapd/patches/701-reload_config_inline.patch @@ -8,7 +8,7 @@ as adding/removing interfaces. --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -5065,7 +5065,12 @@ struct hostapd_config * hostapd_config_r +@@ -5132,7 +5132,12 @@ struct hostapd_config * hostapd_config_r int errors = 0; size_t i; diff --git a/package/network/services/hostapd/patches/710-vlan_no_bridge.patch b/package/network/services/hostapd/patches/710-vlan_no_bridge.patch index d3f797ed35a..2dc5eab65a0 100644 --- a/package/network/services/hostapd/patches/710-vlan_no_bridge.patch +++ b/package/network/services/hostapd/patches/710-vlan_no_bridge.patch @@ -8,7 +8,7 @@ was provided by the config --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3559,6 +3559,8 @@ static int hostapd_config_fill(struct ho +@@ -3583,6 +3583,8 @@ static int hostapd_config_fill(struct ho #ifndef CONFIG_NO_VLAN } else if (os_strcmp(buf, "dynamic_vlan") == 0) { bss->ssid.dynamic_vlan = atoi(pos); diff --git a/package/network/services/hostapd/patches/711-wds_bridge_force.patch b/package/network/services/hostapd/patches/711-wds_bridge_force.patch index dbd75658ae4..441a21e8d8e 100644 --- a/package/network/services/hostapd/patches/711-wds_bridge_force.patch +++ b/package/network/services/hostapd/patches/711-wds_bridge_force.patch @@ -22,7 +22,7 @@ instead rely entirely on netifd handling this properly } else if (os_strcmp(buf, "vlan_bridge") == 0) { --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c -@@ -387,8 +387,6 @@ int hostapd_set_wds_sta(struct hostapd_d +@@ -390,8 +390,6 @@ int hostapd_set_wds_sta(struct hostapd_d return -1; if (hapd->conf->wds_bridge[0]) bridge = hapd->conf->wds_bridge; diff --git a/package/network/services/hostapd/patches/720-iface_max_num_sta.patch b/package/network/services/hostapd/patches/720-iface_max_num_sta.patch index fb00313f3d9..fa59797c2ef 100644 --- a/package/network/services/hostapd/patches/720-iface_max_num_sta.patch +++ b/package/network/services/hostapd/patches/720-iface_max_num_sta.patch @@ -8,7 +8,7 @@ full device, e.g. in order to deal with hardware/driver limitations --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3041,6 +3041,14 @@ static int hostapd_config_fill(struct ho +@@ -3065,6 +3065,14 @@ static int hostapd_config_fill(struct ho line, bss->max_num_sta, MAX_STA_COUNT); return 1; } @@ -25,7 +25,7 @@ full device, e.g. in order to deal with hardware/driver limitations } else if (os_strcmp(buf, "extended_key_id") == 0) { --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h -@@ -1057,6 +1057,8 @@ struct hostapd_config { +@@ -1072,6 +1072,8 @@ struct hostapd_config { unsigned int track_sta_max_num; unsigned int track_sta_max_age; @@ -36,7 +36,7 @@ full device, e.g. in order to deal with hardware/driver limitations * ' ' (ascii 32): all environments --- a/src/ap/beacon.c +++ b/src/ap/beacon.c -@@ -1567,7 +1567,7 @@ void handle_probe_req(struct hostapd_dat +@@ -1573,7 +1573,7 @@ void handle_probe_req(struct hostapd_dat if (hapd->conf->no_probe_resp_if_max_sta && is_multicast_ether_addr(mgmt->da) && is_multicast_ether_addr(mgmt->bssid) && @@ -79,7 +79,7 @@ full device, e.g. in order to deal with hardware/driver limitations { --- a/src/ap/hostapd.h +++ b/src/ap/hostapd.h -@@ -754,6 +754,7 @@ void hostapd_cleanup_cs_params(struct ho +@@ -790,6 +790,7 @@ void hostapd_cleanup_cs_params(struct ho void hostapd_periodic_iface(struct hostapd_iface *iface); int hostapd_owe_trans_get_info(struct hostapd_data *hapd); void hostapd_ocv_check_csa_sa_query(void *eloop_ctx, void *timeout_ctx); diff --git a/package/network/services/hostapd/patches/730-ft_iface.patch b/package/network/services/hostapd/patches/730-ft_iface.patch index 2f47f17d969..9c17b809d16 100644 --- a/package/network/services/hostapd/patches/730-ft_iface.patch +++ b/package/network/services/hostapd/patches/730-ft_iface.patch @@ -8,7 +8,7 @@ a VLAN interface on top of the bridge, instead of using the bridge directly --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3200,6 +3200,8 @@ static int hostapd_config_fill(struct ho +@@ -3224,6 +3224,8 @@ static int hostapd_config_fill(struct ho wpa_printf(MSG_INFO, "Line %d: Obsolete peerkey parameter ignored", line); #ifdef CONFIG_IEEE80211R_AP @@ -29,7 +29,7 @@ a VLAN interface on top of the bridge, instead of using the bridge directly int bridge_hairpin; /* hairpin_mode on bridge members */ --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c -@@ -1777,8 +1777,12 @@ int hostapd_setup_wpa(struct hostapd_dat +@@ -1763,8 +1763,12 @@ int hostapd_setup_wpa(struct hostapd_dat wpa_key_mgmt_ft(hapd->conf->wpa_key_mgmt)) { const char *ft_iface; diff --git a/package/network/services/hostapd/patches/740-snoop_iface.patch b/package/network/services/hostapd/patches/740-snoop_iface.patch index f4b3ac33b10..c7baeedbfa0 100644 --- a/package/network/services/hostapd/patches/740-snoop_iface.patch +++ b/package/network/services/hostapd/patches/740-snoop_iface.patch @@ -29,7 +29,7 @@ untagged DHCP packets int bridge_hairpin; /* hairpin_mode on bridge members */ --- a/src/ap/ap_drv_ops.h +++ b/src/ap/ap_drv_ops.h -@@ -366,12 +366,12 @@ static inline int hostapd_drv_br_port_se +@@ -371,12 +371,12 @@ static inline int hostapd_drv_br_port_se static inline int hostapd_drv_br_set_net_param(struct hostapd_data *hapd, enum drv_br_net_param param, @@ -112,7 +112,7 @@ untagged DHCP packets hapd->x_snoop_initialized = false; --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -4278,7 +4278,7 @@ struct wpa_driver_ops { +@@ -4315,7 +4315,7 @@ struct wpa_driver_ops { * Returns: 0 on success, negative (<0) on failure */ int (*br_set_net_param)(void *priv, enum drv_br_net_param param, @@ -123,7 +123,7 @@ untagged DHCP packets * get_wowlan - Get wake-on-wireless status --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -12376,7 +12376,7 @@ static const char * drv_br_net_param_str +@@ -12503,7 +12503,7 @@ static const char * drv_br_net_param_str static int wpa_driver_br_set_net_param(void *priv, enum drv_br_net_param param, @@ -132,7 +132,7 @@ untagged DHCP packets { struct i802_bss *bss = priv; char path[128]; -@@ -12402,8 +12402,11 @@ static int wpa_driver_br_set_net_param(v +@@ -12529,8 +12529,11 @@ static int wpa_driver_br_set_net_param(v return -EINVAL; } diff --git a/package/network/services/hostapd/patches/751-qos_map_ignore_when_unsupported.patch b/package/network/services/hostapd/patches/751-qos_map_ignore_when_unsupported.patch deleted file mode 100644 index 86394d78a4d..00000000000 --- a/package/network/services/hostapd/patches/751-qos_map_ignore_when_unsupported.patch +++ /dev/null @@ -1,19 +0,0 @@ -From: Felix Fietkau -Date: Thu, 23 Dec 2021 19:18:33 +0100 -Subject: [PATCH] hostapd: only attempt to set qos map if supported by the - driver - -Fixes issues with brcmfmac - ---- a/src/ap/ap_drv_ops.c -+++ b/src/ap/ap_drv_ops.c -@@ -998,7 +998,8 @@ int hostapd_start_dfs_cac(struct hostapd - int hostapd_drv_set_qos_map(struct hostapd_data *hapd, - const u8 *qos_map_set, u8 qos_map_set_len) - { -- if (!hapd->driver || !hapd->driver->set_qos_map || !hapd->drv_priv) -+ if (!hapd->driver || !hapd->driver->set_qos_map || !hapd->drv_priv || -+ !(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)) - return 0; - return hapd->driver->set_qos_map(hapd->drv_priv, qos_map_set, - qos_map_set_len); diff --git a/package/network/services/hostapd/patches/760-dynamic_own_ip.patch b/package/network/services/hostapd/patches/760-dynamic_own_ip.patch index c4b14d41b00..40ea6566abe 100644 --- a/package/network/services/hostapd/patches/760-dynamic_own_ip.patch +++ b/package/network/services/hostapd/patches/760-dynamic_own_ip.patch @@ -7,7 +7,7 @@ Some servers use the NAS-IP-Address attribute as a destination address --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -2819,6 +2819,8 @@ static int hostapd_config_fill(struct ho +@@ -2840,6 +2840,8 @@ static int hostapd_config_fill(struct ho } else if (os_strcmp(buf, "iapp_interface") == 0) { wpa_printf(MSG_INFO, "DEPRECATED: iapp_interface not used"); #endif /* CONFIG_IAPP */ @@ -25,10 +25,10 @@ Some servers use the NAS-IP-Address attribute as a destination address + int dynamic_own_ip_addr; char *nas_identifier; struct hostapd_radius_servers *radius; - int acct_interim_interval; + int radius_require_message_authenticator; --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c -@@ -601,6 +601,10 @@ int add_common_radius_attr(struct hostap +@@ -600,6 +600,10 @@ int add_common_radius_attr(struct hostap struct hostapd_radius_attr *attr; int len; diff --git a/package/network/services/hostapd/patches/761-shared_das_port.patch b/package/network/services/hostapd/patches/761-shared_das_port.patch index 5ca10d23bdb..c200cad3c6d 100644 --- a/package/network/services/hostapd/patches/761-shared_das_port.patch +++ b/package/network/services/hostapd/patches/761-shared_das_port.patch @@ -7,14 +7,14 @@ Use the NAS identifier to find the right receiver context on incoming messages --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c -@@ -1510,6 +1510,7 @@ int hostapd_setup_bss(struct hostapd_dat +@@ -1366,6 +1366,7 @@ static int hostapd_bss_radius_init(struc - os_memset(&das_conf, 0, sizeof(das_conf)); - das_conf.port = conf->radius_das_port; -+ das_conf.nas_identifier = conf->nas_identifier; - das_conf.shared_secret = conf->radius_das_shared_secret; - das_conf.shared_secret_len = - conf->radius_das_shared_secret_len; + os_memset(&das_conf, 0, sizeof(das_conf)); + das_conf.port = conf->radius_das_port; ++ das_conf.nas_identifier = conf->nas_identifier; + das_conf.shared_secret = conf->radius_das_shared_secret; + das_conf.shared_secret_len = + conf->radius_das_shared_secret_len; --- a/src/radius/radius_das.c +++ b/src/radius/radius_das.c @@ -12,13 +12,26 @@ @@ -45,7 +45,7 @@ Use the NAS identifier to find the right receiver context on incoming messages size_t shared_secret_len; struct hostapd_ip_addr client_addr; unsigned int time_window; -@@ -378,56 +391,17 @@ fail: +@@ -388,56 +401,17 @@ fail: } @@ -108,7 +108,7 @@ Use the NAS identifier to find the right receiver context on incoming messages if (radius_msg_verify_das_req(msg, das->shared_secret, das->shared_secret_len, -@@ -494,9 +468,8 @@ static void radius_das_receive(int sock, +@@ -504,9 +478,8 @@ static void radius_das_receive(int sock, radius_msg_dump(reply); rbuf = radius_msg_get_buf(reply); @@ -120,7 +120,7 @@ Use the NAS identifier to find the right receiver context on incoming messages if (res < 0) { wpa_printf(MSG_ERROR, "DAS: sendto(to %s:%d): %s", abuf, from_port, strerror(errno)); -@@ -508,6 +481,72 @@ fail: +@@ -518,6 +491,72 @@ fail: radius_msg_free(reply); } @@ -193,7 +193,7 @@ Use the NAS identifier to find the right receiver context on incoming messages static int radius_das_open_socket(int port) { -@@ -533,6 +572,49 @@ static int radius_das_open_socket(int po +@@ -543,6 +582,49 @@ static int radius_das_open_socket(int po } @@ -243,7 +243,7 @@ Use the NAS identifier to find the right receiver context on incoming messages struct radius_das_data * radius_das_init(struct radius_das_conf *conf) { -@@ -553,6 +635,8 @@ radius_das_init(struct radius_das_conf * +@@ -563,6 +645,8 @@ radius_das_init(struct radius_das_conf * das->ctx = conf->ctx; das->disconnect = conf->disconnect; das->coa = conf->coa; @@ -252,7 +252,7 @@ Use the NAS identifier to find the right receiver context on incoming messages os_memcpy(&das->client_addr, conf->client_addr, sizeof(das->client_addr)); -@@ -565,19 +649,15 @@ radius_das_init(struct radius_das_conf * +@@ -575,19 +659,15 @@ radius_das_init(struct radius_das_conf * } das->shared_secret_len = conf->shared_secret_len; @@ -275,7 +275,7 @@ Use the NAS identifier to find the right receiver context on incoming messages return das; } -@@ -588,11 +668,14 @@ void radius_das_deinit(struct radius_das +@@ -598,11 +678,14 @@ void radius_das_deinit(struct radius_das if (das == NULL) return; diff --git a/package/network/services/hostapd/patches/762-AP-don-t-ignore-probe-requests-with-invalid-DSSS-par.patch b/package/network/services/hostapd/patches/762-AP-don-t-ignore-probe-requests-with-invalid-DSSS-par.patch index 3cb1abeb583..31e0de520b4 100644 --- a/package/network/services/hostapd/patches/762-AP-don-t-ignore-probe-requests-with-invalid-DSSS-par.patch +++ b/package/network/services/hostapd/patches/762-AP-don-t-ignore-probe-requests-with-invalid-DSSS-par.patch @@ -26,11 +26,9 @@ Signed-off-by: David Bauer src/ap/beacon.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -diff --git a/src/ap/beacon.c b/src/ap/beacon.c -index 8cd1c4170..bb9329085 100644 --- a/src/ap/beacon.c +++ b/src/ap/beacon.c -@@ -905,7 +905,7 @@ void handle_probe_req(struct hostapd_data *hapd, +@@ -1416,7 +1416,7 @@ void handle_probe_req(struct hostapd_dat * is less likely to see them (Probe Request frame sent on a * neighboring, but partially overlapping, channel). */ @@ -39,6 +37,3 @@ index 8cd1c4170..bb9329085 100644 hapd->iface->current_mode && (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G || hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211B) && --- -2.43.0 - diff --git a/package/network/services/hostapd/patches/770-radius_server.patch b/package/network/services/hostapd/patches/770-radius_server.patch index 73b2c8643ba..7df497811d6 100644 --- a/package/network/services/hostapd/patches/770-radius_server.patch +++ b/package/network/services/hostapd/patches/770-radius_server.patch @@ -29,7 +29,7 @@ handle reload. #ifndef CONFIG_NO_HOSTAPD_LOGGER static void hostapd_logger_cb(void *ctx, const u8 *addr, unsigned int module, -@@ -778,6 +779,11 @@ int main(int argc, char *argv[]) +@@ -788,6 +789,11 @@ int main(int argc, char *argv[]) if (os_program_init()) return -1; @@ -119,7 +119,7 @@ handle reload. sess->macacl = tmp->macacl; eap_user_free(tmp); -@@ -1118,11 +1155,10 @@ radius_server_encapsulate_eap(struct rad +@@ -1123,11 +1160,10 @@ radius_server_encapsulate_eap(struct rad } if (code == RADIUS_CODE_ACCESS_ACCEPT) { @@ -135,7 +135,7 @@ handle reload. wpa_printf(MSG_ERROR, "Could not add RADIUS attribute"); radius_msg_free(msg); return NULL; -@@ -1211,11 +1247,10 @@ radius_server_macacl(struct radius_serve +@@ -1221,11 +1257,10 @@ radius_server_macacl(struct radius_serve } if (code == RADIUS_CODE_ACCESS_ACCEPT) { @@ -151,7 +151,7 @@ handle reload. wpa_printf(MSG_ERROR, "Could not add RADIUS attribute"); radius_msg_free(msg); return NULL; -@@ -2512,7 +2547,7 @@ static int radius_server_get_eap_user(vo +@@ -2527,7 +2562,7 @@ static int radius_server_get_eap_user(vo ret = data->get_eap_user(data->conf_ctx, identity, identity_len, phase2, user); if (ret == 0 && user) { diff --git a/package/network/services/hostapd/patches/780-Implement-APuP-Access-Point-Micro-Peering.patch b/package/network/services/hostapd/patches/780-Implement-APuP-Access-Point-Micro-Peering.patch index b154a0d3cd6..9ecb9060d5e 100644 --- a/package/network/services/hostapd/patches/780-Implement-APuP-Access-Point-Micro-Peering.patch +++ b/package/network/services/hostapd/patches/780-Implement-APuP-Access-Point-Micro-Peering.patch @@ -37,11 +37,9 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6 create mode 100644 src/ap/apup.c create mode 100644 src/ap/apup.h -diff --git a/hostapd/Makefile b/hostapd/Makefile -index 73048c1297..c890a7f29c 100644 --- a/hostapd/Makefile +++ b/hostapd/Makefile -@@ -1415,6 +1415,11 @@ ifdef CONFIG_NO_TKIP +@@ -1416,6 +1416,11 @@ ifdef CONFIG_NO_TKIP CFLAGS += -DCONFIG_NO_TKIP endif @@ -53,11 +51,9 @@ index 73048c1297..c890a7f29c 100644 $(DESTDIR)$(BINDIR)/%: % install -D $(<) $(@) -diff --git a/hostapd/config_file.c b/hostapd/config_file.c -index bba5b19164..ef906199ec 100644 --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -5058,6 +5058,15 @@ static int hostapd_config_fill(struct hostapd_config *conf, +@@ -5125,6 +5125,15 @@ static int hostapd_config_fill(struct ho bss->mld_indicate_disabled = atoi(pos); #endif /* CONFIG_TESTING_OPTIONS */ #endif /* CONFIG_IEEE80211BE */ @@ -73,11 +69,9 @@ index bba5b19164..ef906199ec 100644 } else { wpa_printf(MSG_ERROR, "Line %d: unknown configuration item '%s'", -diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h -index 0e52a9990d..9102db5ed0 100644 --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h -@@ -970,6 +970,35 @@ struct hostapd_bss_config { +@@ -985,6 +985,35 @@ struct hostapd_bss_config { bool mld_indicate_disabled; #endif /* CONFIG_TESTING_OPTIONS */ #endif /* CONFIG_IEEE80211BE */ @@ -113,11 +107,9 @@ index 0e52a9990d..9102db5ed0 100644 }; /** -diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c -index e7396d9aea..0a49ae515e 100644 --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c -@@ -382,13 +382,39 @@ int hostapd_set_wds_sta(struct hostapd_data *hapd, char *ifname_wds, +@@ -385,13 +385,39 @@ int hostapd_set_wds_sta(struct hostapd_d const u8 *addr, int aid, int val) { const char *bridge = NULL; @@ -158,11 +150,9 @@ index e7396d9aea..0a49ae515e 100644 } -diff --git a/src/ap/ap_drv_ops.h b/src/ap/ap_drv_ops.h -index fa89d2398e..ab4dc8eb16 100644 --- a/src/ap/ap_drv_ops.h +++ b/src/ap/ap_drv_ops.h -@@ -33,6 +33,9 @@ int hostapd_set_drv_ieee8021x(struct hostapd_data *hapd, const char *ifname, +@@ -35,6 +35,9 @@ int hostapd_set_drv_ieee8021x(struct hos int enabled); int hostapd_vlan_if_add(struct hostapd_data *hapd, const char *ifname); int hostapd_vlan_if_remove(struct hostapd_data *hapd, const char *ifname); @@ -171,10 +161,7 @@ index fa89d2398e..ab4dc8eb16 100644 + */ int hostapd_set_wds_sta(struct hostapd_data *hapd, char *ifname_wds, const u8 *addr, int aid, int val); - -diff --git a/src/ap/apup.c b/src/ap/apup.c -new file mode 100644 -index 0000000000..3575f1b6c6 + int hostapd_sta_add(struct hostapd_data *hapd, --- /dev/null +++ b/src/ap/apup.c @@ -0,0 +1,152 @@ @@ -330,9 +317,6 @@ index 0000000000..3575f1b6c6 + " capabilities %d", + mIfname, sta_ret->flags, sta_ret->capability); +} -diff --git a/src/ap/apup.h b/src/ap/apup.h -new file mode 100644 -index 0000000000..a14a283bb4 --- /dev/null +++ b/src/ap/apup.h @@ -0,0 +1,24 @@ @@ -360,8 +344,6 @@ index 0000000000..a14a283bb4 +void apup_process_beacon(struct hostapd_data *hapd, + const struct ieee80211_mgmt *mgmt, size_t len, + const struct ieee802_11_elems *elems ); -diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c -index 1c4dd22da1..09254f18f2 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -59,6 +59,9 @@ @@ -374,7 +356,7 @@ index 1c4dd22da1..09254f18f2 100644 #ifdef CONFIG_FILS static struct wpabuf * -@@ -3469,8 +3472,8 @@ static u16 check_multi_ap(struct hostapd_data *hapd, struct sta_info *sta, +@@ -3562,8 +3565,8 @@ static u16 check_multi_ap(struct hostapd } @@ -385,7 +367,7 @@ index 1c4dd22da1..09254f18f2 100644 { /* Supported rates not used in IEEE 802.11ad/DMG */ if (hapd->iface->current_mode && -@@ -3855,7 +3858,7 @@ static int __check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, +@@ -3950,7 +3953,7 @@ static int __check_assoc_ies(struct host elems->ext_capab_len); if (resp != WLAN_STATUS_SUCCESS) return resp; @@ -394,7 +376,7 @@ index 1c4dd22da1..09254f18f2 100644 if (resp != WLAN_STATUS_SUCCESS) return resp; -@@ -5927,6 +5930,11 @@ static void handle_beacon(struct hostapd_data *hapd, +@@ -6002,6 +6005,11 @@ static void handle_beacon(struct hostapd 0); ap_list_process_beacon(hapd->iface, mgmt, &elems, fi); @@ -406,11 +388,9 @@ index 1c4dd22da1..09254f18f2 100644 } -diff --git a/src/ap/ieee802_11.h b/src/ap/ieee802_11.h -index a35486d464..0861bef82e 100644 --- a/src/ap/ieee802_11.h +++ b/src/ap/ieee802_11.h -@@ -108,6 +108,8 @@ int hostapd_process_ml_assoc_req_addr(struct hostapd_data *hapd, +@@ -108,6 +108,8 @@ int hostapd_process_ml_assoc_req_addr(st const u8 *basic_mle, size_t basic_mle_len, u8 *mld_addr); int hostapd_get_aid(struct hostapd_data *hapd, struct sta_info *sta); @@ -419,11 +399,9 @@ index a35486d464..0861bef82e 100644 u16 copy_sta_ht_capab(struct hostapd_data *hapd, struct sta_info *sta, const u8 *ht_capab); u16 copy_sta_vendor_vht(struct hostapd_data *hapd, struct sta_info *sta, -diff --git a/src/drivers/driver.h b/src/drivers/driver.h -index 1bbb9672cd..8d26561e97 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -3976,7 +3976,7 @@ struct wpa_driver_ops { +@@ -4013,7 +4013,7 @@ struct wpa_driver_ops { * Returns: 0 on success, -1 on failure */ int (*set_wds_sta)(void *priv, const u8 *addr, int aid, int val, @@ -432,11 +410,9 @@ index 1bbb9672cd..8d26561e97 100644 /** * send_action - Transmit an Action frame -diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c -index aeb1e6beef..b6e4ddd86d 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -8415,24 +8415,14 @@ static int have_ifidx(struct wpa_driver_nl80211_data *drv, int ifidx, +@@ -8434,24 +8434,14 @@ static int have_ifidx(struct wpa_driver_ static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val, @@ -463,6 +439,3 @@ index aeb1e6beef..b6e4ddd86d 100644 wpa_printf(MSG_DEBUG, "nl80211: Set WDS STA addr=" MACSTR " aid=%d val=%d name=%s", MAC2STR(addr), aid, val, name); if (val) { --- -2.44.2 - diff --git a/package/network/services/hostapd/patches/790-APuP-add-ubus-notification-when-a-peer-comes-up.patch b/package/network/services/hostapd/patches/790-APuP-add-ubus-notification-when-a-peer-comes-up.patch index 6a84aefdc41..389b5abbdc2 100644 --- a/package/network/services/hostapd/patches/790-APuP-add-ubus-notification-when-a-peer-comes-up.patch +++ b/package/network/services/hostapd/patches/790-APuP-add-ubus-notification-when-a-peer-comes-up.patch @@ -13,8 +13,6 @@ Signed-off-by: Gioacchino Mazzurco src/ap/ubus.h | 5 +++++ 3 files changed, 28 insertions(+) -diff --git a/src/ap/apup.c b/src/ap/apup.c -index 3575f1b6c6..3a3991f4d6 100644 --- a/src/ap/apup.c +++ b/src/ap/apup.c @@ -23,6 +23,10 @@ @@ -28,7 +26,7 @@ index 3575f1b6c6..3a3991f4d6 100644 void apup_process_beacon(struct hostapd_data *hapd, const struct ieee80211_mgmt *mgmt, size_t len, const struct ieee802_11_elems *elems ) -@@ -149,4 +153,8 @@ void apup_process_beacon(struct hostapd_data *hapd, +@@ -149,4 +153,8 @@ void apup_process_beacon(struct hostapd_ "apup_process_beacon(...) Added APuP peer at %s with flags: %d," " capabilities %d", mIfname, sta_ret->flags, sta_ret->capability); @@ -37,11 +35,9 @@ index 3575f1b6c6..3a3991f4d6 100644 + hostapd_ubus_notify_apup_newpeer(hapd, mgmt->bssid, mIfname); +#endif } -diff --git a/src/ap/ubus.c b/src/ap/ubus.c -index 8689494bcf..f21516fc3c 100644 --- a/src/ap/ubus.c +++ b/src/ap/ubus.c -@@ -2004,3 +2004,18 @@ int hostapd_ubus_notify_bss_transition_query( +@@ -2004,3 +2004,18 @@ int hostapd_ubus_notify_bss_transition_q return ureq.resp; #endif } @@ -60,11 +56,9 @@ index 8689494bcf..f21516fc3c 100644 + ubus_notify(ctx, &hapd->ubus.obj, "apup-newpeer", b.head, -1); +} +#endif // def CONFIG_APUP -diff --git a/src/ap/ubus.h b/src/ap/ubus.h -index 22767d67ee..1c65e4dcb9 100644 --- a/src/ap/ubus.h +++ b/src/ap/ubus.h -@@ -71,6 +71,11 @@ int hostapd_ubus_notify_bss_transition_query( +@@ -71,6 +71,11 @@ int hostapd_ubus_notify_bss_transition_q void hostapd_ubus_notify_authorized(struct hostapd_data *hapd, struct sta_info *sta, const char *auth_alg); @@ -76,6 +70,3 @@ index 22767d67ee..1c65e4dcb9 100644 #else struct hostapd_ubus_bss {}; --- -2.44.2 - diff --git a/package/network/services/hostapd/patches/800-APuP-add-ucode-hook-for-when-a-peer-comes-up.patch b/package/network/services/hostapd/patches/800-APuP-add-ucode-hook-for-when-a-peer-comes-up.patch index 6abddc70712..2f14b21a0cb 100644 --- a/package/network/services/hostapd/patches/800-APuP-add-ucode-hook-for-when-a-peer-comes-up.patch +++ b/package/network/services/hostapd/patches/800-APuP-add-ucode-hook-for-when-a-peer-comes-up.patch @@ -10,8 +10,6 @@ Signed-off-by: Gioacchino Mazzurco src/ap/ucode.h | 4 ++++ 3 files changed, 29 insertions(+) -diff --git a/src/ap/apup.c b/src/ap/apup.c -index 3a3991f4d6..f736ddc8e3 100644 --- a/src/ap/apup.c +++ b/src/ap/apup.c @@ -27,6 +27,10 @@ @@ -25,7 +23,7 @@ index 3a3991f4d6..f736ddc8e3 100644 void apup_process_beacon(struct hostapd_data *hapd, const struct ieee80211_mgmt *mgmt, size_t len, const struct ieee802_11_elems *elems ) -@@ -157,4 +161,8 @@ void apup_process_beacon(struct hostapd_data *hapd, +@@ -157,4 +161,8 @@ void apup_process_beacon(struct hostapd_ #ifdef UBUS_SUPPORT hostapd_ubus_notify_apup_newpeer(hapd, mgmt->bssid, mIfname); #endif @@ -34,11 +32,9 @@ index 3a3991f4d6..f736ddc8e3 100644 + hostapd_ucode_apup_newpeer(hapd, mIfname); +#endif } -diff --git a/src/ap/ucode.c b/src/ap/ucode.c -index d344190208..391002feae 100644 --- a/src/ap/ucode.c +++ b/src/ap/ucode.c -@@ -811,3 +811,20 @@ void hostapd_ucode_free_bss(struct hostapd_data *hapd) +@@ -815,3 +815,20 @@ void hostapd_ucode_free_bss(struct hosta ucv_put(wpa_ucode_call(2)); ucv_gc(vm); } @@ -59,11 +55,9 @@ index d344190208..391002feae 100644 + ucv_gc(vm); +} +#endif // def CONFIG_APUP -diff --git a/src/ap/ucode.h b/src/ap/ucode.h -index d00b787169..c9bdde6516 100644 --- a/src/ap/ucode.h +++ b/src/ap/ucode.h -@@ -27,6 +27,10 @@ void hostapd_ucode_add_bss(struct hostapd_data *hapd); +@@ -27,6 +27,10 @@ void hostapd_ucode_add_bss(struct hostap void hostapd_ucode_free_bss(struct hostapd_data *hapd); void hostapd_ucode_reload_bss(struct hostapd_data *hapd); @@ -74,6 +68,3 @@ index d00b787169..c9bdde6516 100644 #else static inline int hostapd_ucode_init(struct hapd_interfaces *ifaces) --- -2.44.2 - diff --git a/package/network/services/hostapd/patches/800-SAE-Check-for-invalid-Rejected-Groups-element-length.patch b/package/network/services/hostapd/patches/800-SAE-Check-for-invalid-Rejected-Groups-element-length.patch deleted file mode 100644 index 97402887bfe..00000000000 --- a/package/network/services/hostapd/patches/800-SAE-Check-for-invalid-Rejected-Groups-element-length.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 364c2da8741f0979dae497551e70b94c0e6c8636 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Sun, 7 Jul 2024 11:46:49 +0300 -Subject: [PATCH] SAE: Check for invalid Rejected Groups element length - explicitly - -Instead of practically ignoring an odd octet at the end of the element, -check for such invalid case explicitly. This is needed to avoid a -potential group downgrade attack. - -Signed-off-by: Jouni Malinen ---- - src/ap/ieee802_11.c | 12 ++++++++++-- - 1 file changed, 10 insertions(+), 2 deletions(-) - ---- a/src/ap/ieee802_11.c -+++ b/src/ap/ieee802_11.c -@@ -1229,7 +1229,7 @@ static int check_sae_rejected_groups(str - struct sae_data *sae) - { - const struct wpabuf *groups; -- size_t i, count; -+ size_t i, count, len; - const u8 *pos; - - if (!sae->tmp) -@@ -1239,7 +1239,15 @@ static int check_sae_rejected_groups(str - return 0; - - pos = wpabuf_head(groups); -- count = wpabuf_len(groups) / 2; -+ len = wpabuf_len(groups); -+ if (len & 1) { -+ wpa_printf(MSG_DEBUG, -+ "SAE: Invalid length of the Rejected Groups element payload: %zu", -+ len); -+ return 1; -+ } -+ -+ count = len / 2; - for (i = 0; i < count; i++) { - int enabled; - u16 group; diff --git a/package/network/services/hostapd/patches/801-SAE-Check-for-invalid-Rejected-Groups-element-length.patch b/package/network/services/hostapd/patches/801-SAE-Check-for-invalid-Rejected-Groups-element-length.patch deleted file mode 100644 index 8d88a4aa13a..00000000000 --- a/package/network/services/hostapd/patches/801-SAE-Check-for-invalid-Rejected-Groups-element-length.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 593a7c2f8c93edd6b552f2d42e28164464b4e6ff Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Tue, 9 Jul 2024 23:33:38 +0300 -Subject: [PATCH] SAE: Check for invalid Rejected Groups element length - explicitly on STA - -Instead of practically ignoring an odd octet at the end of the element, -check for such invalid case explicitly. This is needed to avoid a -potential group downgrade attack. - -Fixes: 444d76f74f65 ("SAE: Check that peer's rejected groups are not enabled") -Signed-off-by: Jouni Malinen ---- - wpa_supplicant/sme.c | 11 +++++++++-- - 1 file changed, 9 insertions(+), 2 deletions(-) - ---- a/wpa_supplicant/sme.c -+++ b/wpa_supplicant/sme.c -@@ -1561,14 +1561,21 @@ static int sme_sae_is_group_enabled(stru - static int sme_check_sae_rejected_groups(struct wpa_supplicant *wpa_s, - const struct wpabuf *groups) - { -- size_t i, count; -+ size_t i, count, len; - const u8 *pos; - - if (!groups) - return 0; - - pos = wpabuf_head(groups); -- count = wpabuf_len(groups) / 2; -+ len = wpabuf_len(groups); -+ if (len & 1) { -+ wpa_printf(MSG_DEBUG, -+ "SAE: Invalid length of the Rejected Groups element payload: %zu", -+ len); -+ return 1; -+ } -+ count = len / 2; - for (i = 0; i < count; i++) { - int enabled; - u16 group; diff --git a/package/network/services/hostapd/patches/802-SAE-Reject-invalid-Rejected-Groups-element-in-the-pa.patch b/package/network/services/hostapd/patches/802-SAE-Reject-invalid-Rejected-Groups-element-in-the-pa.patch deleted file mode 100644 index 572a3f721f3..00000000000 --- a/package/network/services/hostapd/patches/802-SAE-Reject-invalid-Rejected-Groups-element-in-the-pa.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 9716bf1160beb677e965d9e6475d6c9e162e8374 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen -Date: Tue, 9 Jul 2024 23:34:34 +0300 -Subject: [PATCH] SAE: Reject invalid Rejected Groups element in the parser - -There is no need to depend on all uses (i.e., both hostapd and -wpa_supplicant) to verify that the length of the Rejected Groups field -in the Rejected Groups element is valid (i.e., a multiple of two octets) -since the common parser can reject the message when detecting this. - -Signed-off-by: Jouni Malinen ---- - src/common/sae.c | 6 ++++++ - 1 file changed, 6 insertions(+) - ---- a/src/common/sae.c -+++ b/src/common/sae.c -@@ -2120,6 +2120,12 @@ static int sae_parse_rejected_groups(str - return WLAN_STATUS_UNSPECIFIED_FAILURE; - epos++; /* skip ext ID */ - len--; -+ if (len & 1) { -+ wpa_printf(MSG_DEBUG, -+ "SAE: Invalid length of the Rejected Groups element payload: %u", -+ len); -+ return WLAN_STATUS_UNSPECIFIED_FAILURE; -+ } - - wpabuf_free(sae->tmp->peer_rejected_groups); - sae->tmp->peer_rejected_groups = wpabuf_alloc(len);