Commit Graph

12 Commits

Author SHA1 Message Date
Andre Heider
8d7d9aa4a4 hostapd: update to 2023-06-22
Removed, merged upstream:
- 170-wpa_supplicant-fix-compiling-without-IEEE8021X_EAPOL.patch

Manually refreshed:
- 040-mesh-allow-processing-authentication-frames-in-block.patch
- 600-ubus_support.patch
- 761-shared_das_port.patch

Fixes: #12661
Fixes: 304423a4 ("hostapd: update to 2023-03-29")
Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit cd804c1ebb)
2023-07-20 08:04:11 +02:00
Nick Hainke
304423a4ff
hostapd: update to 2023-03-29
Add patches:
- 170-wpa_supplicant-fix-compiling-without-IEEE8021X_EAPOL.patch

Remove upstreamed:
- 170-DPP-fix-memleak-of-intro.peer_key.patch
- 461-driver_nl80211-use-new-parameters-during-ibss-join.patch
- 800-acs-don-t-select-indoor-channel-on-outdoor-operation.patch
- 992-openssl-include-rsa.patch

Automatically refreshed:
- 011-mesh-use-deterministic-channel-on-channel-switch.patch
- 021-fix-sta-add-after-previous-connection.patch
- 022-hostapd-fix-use-of-uninitialized-stack-variables.patch
- 030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch
- 040-mesh-allow-processing-authentication-frames-in-block.patch
- 050-build_fix.patch
- 110-mbedtls-TLS-crypto-option-initial-port.patch
- 120-mbedtls-fips186_2_prf.patch
- 140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch
- 150-add-NULL-checks-encountered-during-tests-hwsim.patch
- 160-dpp_pkex-EC-point-mul-w-value-prime.patch
- 200-multicall.patch
- 300-noscan.patch
- 310-rescan_immediately.patch
- 330-nl80211_fix_set_freq.patch
- 341-mesh-ctrl-iface-channel-switch.patch
- 360-ctrl_iface_reload.patch
- 381-hostapd_cli_UNKNOWN-COMMAND.patch
- 390-wpa_ie_cap_workaround.patch
- 410-limit_debug_messages.patch
- 420-indicate-features.patch
- 430-hostapd_cli_ifdef.patch
- 450-scan_wait.patch
- 460-wpa_supplicant-add-new-config-params-to-be-used-with.patch
- 463-add-mcast_rate-to-11s.patch
- 465-hostapd-config-support-random-BSS-color.patch
- 500-lto-jobserver-support.patch
- 590-rrm-wnm-statistics.patch
- 710-vlan_no_bridge.patch
- 720-iface_max_num_sta.patch
- 730-ft_iface.patch
- 750-qos_map_set_without_interworking.patch
- 751-qos_map_ignore_when_unsupported.patch
- 760-dynamic_own_ip.patch
- 761-shared_das_port.patch
- 990-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch

Manually refresh:
- 010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch
- 301-mesh-noscan.patch
- 340-reload_freq_change.patch
- 350-nl80211_del_beacon_bss.patch
- 370-ap_sta_support.patch
- 380-disable_ctrl_iface_mib.patch
- 464-fix-mesh-obss-check.patch
- 470-survey_data_fallback.patch
- 600-ubus_support.patch
- 700-wifi-reload.patch
- 711-wds_bridge_force.patch
- 740-snoop_iface.patch

Tested-by: Packet Please <pktpls@systemli.org> [Fritzbox 4040 (ipq40xx),
           EAP225-Outdoor (ath79); 802.11s, WPA3 OWE, and WPA3 PSK]
Tested-by: Andrew Sim <andrewsimz@gmail.com> [mediatek/filogic]
Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-04-22 23:18:15 +02:00
Petr Štetiar
0a3ec87a66 hostapd: update to latest Git hostap_2_9-1238-gdd2daf0848ed
Bump package to latest upstream Git HEAD which is commit dd2daf0848ed
("HE: Process HE 6 GHz band capab from associating HE STA"). Since last
update there was 1238 commits done in the upstream tree with 618 files
changed, 53399 insertions, 24928 deletions.

I didn't bothered to rebase mesh patches as the changes seems not
trivial and I don't have enough knowledge of those parts to do/test that
properly, so someone else has to forward port them, ideally upstream
them so we don't need to bother anymore. I've just deleted them for now:

 004-mesh-use-setup-completion-callback-to-complete-mesh-.patch
 005-mesh-update-ssid-frequency-as-pri-sec-channel-switch.patch
 006-mesh-inform-kernel-driver-DFS-handler-in-userspace.patch
 007-mesh-apply-channel-attributes-before-running-Mesh.patch
 011-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch
 013-mesh-do-not-allow-pri-sec-channel-switch.patch
 015-mesh-do-not-use-offchan-mgmt-tx-on-DFS.patch
 016-mesh-fix-channel-switch-error-during-CAC.patch
 018-mesh-make-forwarding-configurable.patch

Refreshed all other patches, removed upstreamed patches:

 051-wpa_supplicant-fix-race-condition-in-mesh-mpm-new-pe.patch
 067-0001-AP-Silently-ignore-management-frame-from-unexpected-.patch
 070-driver_nl80211-fix-WMM-queue-mapping-for-regulatory-.patch
 071-driver_nl80211-fix-regulatory-limits-for-wmm-cwmin-c.patch
 090-wolfssl-fix-crypto_bignum_sum.patch
 091-0001-wolfssl-Fix-compiler-warnings-on-size_t-printf-forma.patch
 091-0002-wolfssl-Fix-crypto_bignum_rand-implementation.patch
 091-0003-wolfssl-Do-not-hardcode-include-directory-in-wpa_sup.patch
 800-usleep.patch

Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> [ipq8065/NBG6817; ipq40xx/MAP-AC2200]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-05-21 08:18:01 +02:00
Hauke Mehrtens
8af79550e6 hostapd: Update to version 2.8 (2019-04-21)
This also syncs the configuration files with the default configuration
files, but no extra options are activated or deactivated.

The mesh patches were partially merged into hostapd 2.8, the remaining
patches were extracted from patchwork and are now applied by OpenWrt.
The patches still have open questions which are not fixed by the author.
They were taken from this page:
https://patchwork.ozlabs.org/project/hostap/list/?series=62725&state=*

The changes in 007-mesh-apply-channel-attributes-before-running-Mesh.patch
where first applied to hostapd, but later reverted in hostapd commit
3e949655ccc5 because they caused memory leaks.

The size of the ipkgs increase a bit (between 1.3% and 2.3%):

old 2018-12-02 (2.7):
283337 wpad-basic_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
252857 wpad-mini_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
417473 wpad-openssl_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
415105 wpad-wolfssl_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk

new 2019-04-21 (2.8):
288264 wpad-basic_2019-04-21-63962824-1_mipsel_24kc.ipk
256188 wpad-mini_2019-04-21-63962824-1_mipsel_24kc.ipk
427475 wpad-openssl_2019-04-21-63962824-1_mipsel_24kc.ipk
423071 wpad-wolfssl_2019-04-21-63962824-1_mipsel_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
2019-09-22 17:39:26 +02:00
Daniel Golle
eba3b028e4 hostapd: update to git snapshot of 2018-03-26
The following patches were merged upstream:
000-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
 replaced by commit 0e3bd7ac6
001-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
 replaced by commit cb5132bb3
002-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
 replaced by commit 87e2db16b
003-Prevent-installation-of-an-all-zero-TK.patch
 replaced by commit 53bb18cc8
004-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
 replaced by commit 0adc9b28b
005-TDLS-Reject-TPK-TK-reconfiguration.patch
 replaced by commit ff89af96e
006-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
 replaced by commit adae51f8b
007-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
 replaced by commit 2a9c5217b
008-WPA-Extra-defense-against-PTK-reinstalls-in-4-way-ha.patch
 replaced by commit a00e946c1
009-Clear-PMK-length-and-check-for-this-when-deriving-PT.patch
 replaced by commit b488a1294
010-Optional-AP-side-workaround-for-key-reinstallation-a.patch
 replaced by commit 6f234c1e2
011-Additional-consistentcy-checks-for-PTK-component-len.patch
 replaced by commit a6ea66530
012-Clear-BSSID-information-in-supplicant-state-machine-.patch
 replaced by commit c0fe5f125
013-WNM-Ignore-WNM-Sleep-Mode-Request-in-wnm_sleep_mode-.patch
 replaced by commit 114f2830d

Some patches had to be modified to work with changed upstream source:
380-disable_ctrl_iface_mib.patch (adding more ifdef'ery)
plus some minor knits needed for other patches to apply which are not
worth being explicitely listed here.

For SAE key management in mesh mode, use the newly introduce
sae_password parameter instead of the psk parameter to also support
SAE keys which would fail the checks applied on the psk field (ie.
length and such). This fixes compatibility issues for users migrating
from authsae.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-03-27 19:25:32 +02:00
Rafał Miłecki
37b489fe04 hostapd: backport support for sending debug messages to the syslog
It wasn't possible to read hostapd wpa_printf messages unless running
hostapd manually. It was because hostapd was printing them using vprintf
and not directly to the syslog.

We were trying to workaround this problem by redirecting STDIN_FILENO
and STDOUT_FILENO but it was working only for the initialization phase.
As soon as hostapd did os_daemonize our solution stopped working.

Please note despite the subject this change doesn't affect debug level
messages only but just everything printed by hostapd with wpa_printf
including MSG_ERROR-s. This makes it even more important as reading
error messages can be quite useful for debugging.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-01-30 06:52:02 +01:00
Felix Fietkau
13b44abcff hostapd: update to version 2016-06-15
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-06-15 17:11:43 +02:00
Michal Hrusecky
b67af71181 hostapd: Update to version 2016-05-05
Fixes CVE-2016-4476 and few possible memory leaks.

Signed-off-by: Michal Hrusecky <Michal.Hrusecky@nic.cz>
2016-06-15 17:11:18 +02:00
Felix Fietkau
924407b253 hostapd: update to version 2016-01-15
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48527
2016-01-28 17:19:13 +00:00
Felix Fietkau
eba659cbba hostapd: backport fix for CVE-2015-1863, refresh patches
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45567
2015-04-23 08:01:51 +00:00
Felix Fietkau
9c7784e5f3 hostapd: update hostapd to 2015-03-25
madwifi was dropped upstream, can't find it anywhere in OpenWrt
either, thus finally burrying madwifi.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45045
2015-03-26 23:33:47 +00:00
Felix Fietkau
3c9fcd2526 hostapd: update to 2014-10-25
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43059
2014-10-25 16:48:45 +00:00