From a152752dc0bbebee89487222825b459f6d3f4a91 Mon Sep 17 00:00:00 2001 From: David Bauer Date: Mon, 17 Jan 2022 20:57:04 +0100 Subject: [PATCH] hostapd: update to v2.10 Upstreamed patches: 020-mesh-make-forwarding-configurable.patch e6db1bc5da3fd7d5f4dba24aa102543b4749912f 550-WNM-allow-specifying-dialog-token.patch 979f19716539362f8ce60a77bf1b88fdcf5ba8e5 720-ACS-fix-channel-100-frequency.patch 2341585c349231af00cdef8d51458df01bc6965f 741-proxyarp-fix-compilation-with-Hotspot-2.0-disabled.patch 08bdf4f90de61a84ed8f4dd918272dd9d36e2e1f Compile-tested: wpad-wolfssl hostapd-openssl Run-tested: ath79-generic Signed-off-by: David Bauer Tested-by: Stijn Tintel --- package/network/services/hostapd/Makefile | 12 +- .../services/hostapd/files/dhcp-get-server.sh | 2 + .../hostapd/files/hostapd-full.config | 2 +- .../network/services/hostapd/files/hostapd.sh | 74 +++++- .../hostapd/files/wpa_supplicant-full.config | 2 +- .../hostapd/files/wpa_supplicant-p2p.config | 2 +- .../services/hostapd/files/wps-hotplug.sh | 21 +- .../001-wolfssl-init-RNG-with-ECC-key.patch | 6 +- ...hannels-to-be-selected-if-dfs-is-ena.patch | 60 +++-- ...erministic-channel-on-channel-switch.patch | 6 +- ...20-mesh-make-forwarding-configurable.patch | 219 ------------------ ...ix-sta-add-after-previous-connection.patch | 4 +- ...ewrite-neigh-code-to-not-depend-on-l.patch | 14 +- ...ssing-authentication-frames-in-block.patch | 34 +++ .../hostapd/patches/050-build_fix.patch | 20 ++ .../hostapd/patches/200-multicall.patch | 38 +-- .../services/hostapd/patches/300-noscan.patch | 4 +- .../hostapd/patches/301-mesh-noscan.patch | 15 +- .../patches/310-rescan_immediately.patch | 2 +- .../patches/330-nl80211_fix_set_freq.patch | 2 +- .../341-mesh-ctrl-iface-channel-switch.patch | 2 +- .../patches/350-nl80211_del_beacon_bss.patch | 10 +- .../patches/360-ctrl_iface_reload.patch | 4 +- .../hostapd/patches/370-ap_sta_support.patch | 27 +-- .../patches/380-disable_ctrl_iface_mib.patch | 26 +-- .../400-wps_single_auth_enc_type.patch | 2 +- ...dd-new-config-params-to-be-used-with.patch | 6 +- ...-use-new-parameters-during-ibss-join.patch | 4 +- .../patches/463-add-mcast_rate-to-11s.patch | 8 +- .../patches/464-fix-mesh-obss-check.patch | 2 +- .../patches/470-survey_data_fallback.patch | 22 +- .../patches/500-lto-jobserver-support.patch | 6 +- .../patches/590-rrm-wnm-statistics.patch | 92 ++++++++ .../hostapd/patches/600-ubus_support.patch | 62 ++--- .../610-hostapd_cli_ujail_permission.patch | 33 +++ .../hostapd/patches/700-wifi-reload.patch | 16 +- .../hostapd/patches/710-vlan_no_bridge.patch | 2 +- .../patches/711-wds_bridge_force.patch | 2 +- .../720-ACS-fix-channel-100-frequency.patch | 30 --- .../patches/720-iface_max_num_sta.patch | 8 +- .../hostapd/patches/730-ft_iface.patch | 4 +- .../hostapd/patches/740-snoop_iface.patch | 2 +- ...ompilation-with-Hotspot-2.0-disabled.patch | 51 ---- ...750-qos_map_set_without_interworking.patch | 112 +++++++++ .../751-qos_map_ignore_when_unsupported.patch | 12 + .../services/hostapd/src/src/ap/ubus.c | 148 ++++++++++-- .../services/hostapd/src/src/ap/ubus.h | 10 + .../hostapd/src/src/utils/build_features.h | 4 + 48 files changed, 736 insertions(+), 510 deletions(-) create mode 100644 package/network/services/hostapd/files/dhcp-get-server.sh delete mode 100644 package/network/services/hostapd/patches/020-mesh-make-forwarding-configurable.patch create mode 100644 package/network/services/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch create mode 100644 package/network/services/hostapd/patches/050-build_fix.patch create mode 100644 package/network/services/hostapd/patches/590-rrm-wnm-statistics.patch create mode 100644 package/network/services/hostapd/patches/610-hostapd_cli_ujail_permission.patch delete mode 100644 package/network/services/hostapd/patches/720-ACS-fix-channel-100-frequency.patch delete mode 100644 package/network/services/hostapd/patches/741-proxyarp-fix-compilation-with-Hotspot-2.0-disabled.patch create mode 100644 package/network/services/hostapd/patches/750-qos_map_set_without_interworking.patch create mode 100644 package/network/services/hostapd/patches/751-qos_map_ignore_when_unsupported.patch diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile index 493085178..584695786 100644 --- a/package/network/services/hostapd/Makefile +++ b/package/network/services/hostapd/Makefile @@ -9,9 +9,9 @@ PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE_URL:=http://w1.fi/hostap.git PKG_SOURCE_PROTO:=git -PKG_SOURCE_DATE:=2021-05-22 -PKG_SOURCE_VERSION:=b102f19bcc53c7f7db3951424d4d46709b4f1986 -PKG_MIRROR_HASH:=cb3cb968883042fc582752be1607586696c18e6ecf9808c9a8ac50e204584367 +PKG_SOURCE_DATE:=2022-01-16 +PKG_SOURCE_VERSION:=cff80b4f7d3c0a47c052e8187d671710f48939e4 +PKG_MIRROR_HASH:=712965bfa11a2e601d3e1c9a51a2cf3cffc6db89abafb3df3eb0cfd83c64705b PKG_MAINTAINER:=Felix Fietkau PKG_LICENSE:=BSD-3-Clause @@ -143,6 +143,7 @@ define Package/hostapd/Default TITLE:=IEEE 802.1x Authenticator URL:=http://hostap.epitest.fi/ DEPENDS:=$(DRV_DEPENDS) +hostapd-common +libubus + EXTRA_DEPENDS:=hostapd-common (=$(PKG_VERSION)-$(PKG_RELEASE)) USERID:=network=101:network=101 PROVIDES:=hostapd CONFLICTS:=$(HOSTAPD_PROVIDERS) @@ -227,6 +228,7 @@ define Package/wpad/Default SUBMENU:=WirelessAPD TITLE:=IEEE 802.1x Auth/Supplicant DEPENDS:=$(DRV_DEPENDS) +hostapd-common +libubus + EXTRA_DEPENDS:=hostapd-common (=$(PKG_VERSION)-$(PKG_RELEASE)) USERID:=network=101:network=101 URL:=http://hostap.epitest.fi/ PROVIDES:=hostapd wpa-supplicant @@ -342,6 +344,7 @@ define Package/wpa-supplicant/Default TITLE:=WPA Supplicant URL:=http://hostap.epitest.fi/wpa_supplicant/ DEPENDS:=$(DRV_DEPENDS) +hostapd-common +libubus + EXTRA_DEPENDS:=hostapd-common (=$(PKG_VERSION)-$(PKG_RELEASE)) USERID:=network=101:network=101 PROVIDES:=wpa-supplicant CONFLICTS:=$(SUPPLICANT_PROVIDERS) @@ -426,6 +429,7 @@ define Package/hostapd-utils TITLE:=IEEE 802.1x Authenticator (utils) URL:=http://hostap.epitest.fi/ DEPENDS:=@$(subst $(space),||,$(foreach pkg,$(HOSTAPD_PROVIDERS),PACKAGE_$(pkg))) + VARIANT:=* endef define Package/hostapd-utils/description @@ -439,6 +443,7 @@ define Package/wpa-cli SUBMENU:=WirelessAPD DEPENDS:=@$(subst $(space),||,$(foreach pkg,$(SUPPLICANT_PROVIDERS),PACKAGE_$(pkg))) TITLE:=WPA Supplicant command line control utility + VARIANT:=* endef define Package/eapol-test/Default @@ -596,6 +601,7 @@ endef define Package/hostapd-common/install $(INSTALL_DIR) $(1)/etc/capabilities $(1)/etc/rc.button $(1)/etc/hotplug.d/ieee80211 $(1)/etc/init.d $(1)/lib/netifd $(1)/usr/share/acl.d + $(INSTALL_BIN) ./files/dhcp-get-server.sh $(1)/lib/netifd/dhcp-get-server.sh $(INSTALL_DATA) ./files/hostapd.sh $(1)/lib/netifd/hostapd.sh $(INSTALL_BIN) ./files/wpad.init $(1)/etc/init.d/wpad $(INSTALL_BIN) ./files/wps-hotplug.sh $(1)/etc/rc.button/wps diff --git a/package/network/services/hostapd/files/dhcp-get-server.sh b/package/network/services/hostapd/files/dhcp-get-server.sh new file mode 100644 index 000000000..a1509ace2 --- /dev/null +++ b/package/network/services/hostapd/files/dhcp-get-server.sh @@ -0,0 +1,2 @@ +#!/bin/sh +[ "$1" = bound ] && echo "$serverid" diff --git a/package/network/services/hostapd/files/hostapd-full.config b/package/network/services/hostapd/files/hostapd-full.config index 6d5e90cd4..dbc202255 100644 --- a/package/network/services/hostapd/files/hostapd-full.config +++ b/package/network/services/hostapd/files/hostapd-full.config @@ -60,7 +60,7 @@ CONFIG_RSN_PREAUTH=y CONFIG_EAP=y # EAP Re-authentication Protocol (ERP) in integrated EAP server -#CONFIG_ERP=y +CONFIG_ERP=y # EAP-MD5 for the integrated EAP server CONFIG_EAP_MD5=y diff --git a/package/network/services/hostapd/files/hostapd.sh b/package/network/services/hostapd/files/hostapd.sh index 1731eb999..df2587aa6 100644 --- a/package/network/services/hostapd/files/hostapd.sh +++ b/package/network/services/hostapd/files/hostapd.sh @@ -72,6 +72,15 @@ hostapd_append_wpa_key_mgmt() { ;; esac + [ "$fils" -gt 0 ] && { + case "$auth_type" in + eap*) + append wpa_key_mgmt FILS-SHA256 + [ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt FT-FILS-SHA256 + ;; + esac + } + [ "$auth_osen" = "1" ] && append wpa_key_mgmt "OSEN" } @@ -361,6 +370,9 @@ hostapd_common_add_bss_config() { config_add_int eap_server config_add_string eap_user_file ca_cert server_cert private_key private_key_passwd server_id + + config_add_boolean fils + config_add_string fils_dhcp } hostapd_set_vlan_file() { @@ -516,7 +528,7 @@ hostapd_set_bss_options() { wireless_vif_parse_encryption - local bss_conf bss_md5sum + local bss_conf bss_md5sum ft_key local wep_rekey wpa_group_rekey wpa_pair_rekey wpa_master_rekey wpa_key_mgmt json_get_vars \ @@ -533,13 +545,14 @@ hostapd_set_bss_options() { airtime_bss_weight airtime_bss_limit airtime_sta_weight \ multicast_to_unicast proxy_arp per_sta_vif \ eap_server eap_user_file ca_cert server_cert private_key private_key_passwd server_id \ - vendor_elements + vendor_elements fils + set_default fils 0 set_default isolate 0 set_default maxassoc 0 set_default max_inactivity 0 set_default short_preamble 1 - set_default disassoc_low_ack 0 + set_default disassoc_low_ack 1 set_default skip_inactivity_poll 0 set_default hidden 0 set_default wmm 1 @@ -556,6 +569,8 @@ hostapd_set_bss_options() { set_default airtime_bss_limit 0 set_default eap_server 0 + /usr/sbin/hostapd -vfils || fils=0 + append bss_conf "ctrl_interface=/var/run/hostapd" if [ "$isolate" -gt 0 ]; then append bss_conf "ap_isolate=$isolate" "$N" @@ -607,10 +622,12 @@ hostapd_set_bss_options() { sae|owe|eap192|eap-eap192) set_default ieee80211w 2 set_default sae_require_mfp 1 + set_default sae_pwe 2 ;; psk-sae) set_default ieee80211w 1 set_default sae_require_mfp 1 + set_default sae_pwe 2 ;; esac [ -n "$sae_require_mfp" ] && append bss_conf "sae_require_mfp=$sae_require_mfp" "$N" @@ -656,7 +673,9 @@ hostapd_set_bss_options() { auth_server auth_secret auth_port \ dae_client dae_secret dae_port \ ownip radius_client_addr \ - eap_reauth_period request_cui + eap_reauth_period request_cui \ + erp_domain mobility_domain \ + fils_realm fils_dhcp # radius can provide VLAN ID for clients vlan_possible=1 @@ -666,6 +685,30 @@ hostapd_set_bss_options() { [ -n "$auth_port" ] || json_get_var auth_port port [ -n "$auth_secret" ] || json_get_var auth_secret key + [ "$fils" -gt 0 ] && { + set_default erp_domain "$mobility_domain" + set_default erp_domain "$(echo "$ssid" | md5sum | head -c 8)" + set_default fils_realm "$erp_domain" + + append bss_conf "erp_send_reauth_start=1" "$N" + append bss_conf "erp_domain=$erp_domain" "$N" + append bss_conf "fils_realm=$fils_realm" "$N" + append bss_conf "fils_cache_id=$(echo "$fils_realm" | md5sum | head -c 4)" "$N" + + [ "$fils_dhcp" = "*" ] && { + json_get_values network network + fils_dhcp= + for net in $network; do + fils_dhcp="$(ifstatus "$net" | jsonfilter -e '@.data.dhcpserver')" + [ -n "$fils_dhcp" ] && break + done + + [ -z "$fils_dhcp" -a -n "$network_bridge" -a -n "$network_ifname" ] && \ + fils_dhcp="$(udhcpc -B -n -q -s /lib/netifd/dhcp-get-server.sh -t 1 -i "$network_ifname" 2>/dev/null)" + } + [ -n "$fils_dhcp" ] && append bss_conf "dhcp_server=$fils_dhcp" "$N" + } + set_default auth_port 1812 set_default dae_port 3799 set_default request_cui 0 @@ -837,10 +880,10 @@ hostapd_set_bss_options() { set_default pmk_r1_push 0 [ -n "$r0kh" -a -n "$r1kh" ] || { - key=`echo -n "$mobility_domain/$auth_secret" | md5sum | awk '{print $1}'` + ft_key=`echo -n "$mobility_domain/${auth_secret:-${key}}" | md5sum | awk '{print $1}'` - set_default r0kh "ff:ff:ff:ff:ff:ff,*,$key" - set_default r1kh "00:00:00:00:00:00,00:00:00:00:00:00,$key" + set_default r0kh "ff:ff:ff:ff:ff:ff,*,$ft_key" + set_default r1kh "00:00:00:00:00:00,00:00:00:00:00:00,$ft_key" } [ -n "$r1_key_holder" ] && append bss_conf "r1_key_holder=$r1_key_holder" "$N" @@ -855,6 +898,10 @@ hostapd_set_bss_options() { done fi fi + if [ "$fils" -gt 0 ]; then + json_get_vars fils_realm + set_default fils_realm "$(echo "$ssid" | md5sum | head -c 8)" + fi append bss_conf "wpa_disable_eapol_key_retries=$wpa_disable_eapol_key_retries" "$N" @@ -879,7 +926,7 @@ hostapd_set_bss_options() { fi append bss_conf "okc=$auth_cache" "$N" - [ "$auth_cache" = 0 ] && append bss_conf "disable_pmksa_caching=1" "$N" + [ "$auth_cache" = 0 -a "$fils" = 0 ] && append bss_conf "disable_pmksa_caching=1" "$N" # RSN -> allow management frame protection case "$ieee80211w" in @@ -975,7 +1022,6 @@ hostapd_set_bss_options() { [ -n "$iw_network_auth_type" ] && \ append bss_conf "network_auth_type=$iw_network_auth_type" "$N" [ -n "$iw_gas_address3" ] && append bss_conf "gas_address3=$iw_gas_address3" "$N" - [ -n "$iw_qos_map_set" ] && append bss_conf "qos_map_set=$iw_qos_map_set" "$N" json_for_each_item append_iw_roaming_consortium iw_roaming_consortium json_for_each_item append_iw_anqp_elem iw_anqp_elem @@ -994,6 +1040,12 @@ hostapd_set_bss_options() { append bss_conf "anqp_3gpp_cell_net=$iw_anqp_3gpp_cell_net_conf" "$N" fi + set_default iw_qos_map_set 0,0,2,16,1,1,255,255,18,22,24,38,40,40,44,46,48,56 + case "$iw_qos_map_set" in + *,*);; + *) iw_qos_map_set="";; + esac + [ -n "$iw_qos_map_set" ] && append bss_conf "qos_map_set=$iw_qos_map_set" "$N" local hs20 disable_dgaf osen anqp_domain_id hs20_deauth_req_timeout \ osu_ssid hs20_wan_metrics hs20_operating_class hs20_t_c_filename hs20_t_c_timestamp \ @@ -1028,6 +1080,7 @@ hostapd_set_bss_options() { if [ "$eap_server" = "1" ]; then append bss_conf "eap_server=1" "$N" + append bss_conf "eap_server_erp=1" "$N" [ -n "$eap_user_file" ] && append bss_conf "eap_user_file=$eap_user_file" "$N" [ -n "$ca_cert" ] && append bss_conf "ca_cert=$ca_cert" "$N" [ -n "$server_cert" ] && append bss_conf "server_cert=$server_cert" "$N" @@ -1194,7 +1247,7 @@ wpa_supplicant_add_network() { json_get_vars \ ssid bssid key \ basic_rate mcast_rate \ - ieee80211w ieee80211r \ + ieee80211w ieee80211r fils \ multi_ap \ default_disabled @@ -1286,6 +1339,7 @@ wpa_supplicant_add_network() { json_get_vars eap_type identity anonymous_identity ca_cert ca_cert_usesystem + [ "$fils" -gt 0 ] && append network_data "erp=1" "$N$T" if [ "$ca_cert_usesystem" -eq "1" -a -f "/etc/ssl/certs/ca-certificates.crt" ]; then append network_data "ca_cert=\"/etc/ssl/certs/ca-certificates.crt\"" "$N$T" else diff --git a/package/network/services/hostapd/files/wpa_supplicant-full.config b/package/network/services/hostapd/files/wpa_supplicant-full.config index b3e85d073..de3302c87 100644 --- a/package/network/services/hostapd/files/wpa_supplicant-full.config +++ b/package/network/services/hostapd/files/wpa_supplicant-full.config @@ -578,7 +578,7 @@ CONFIG_HS20=y #CONFIG_MBO=y # Fast Initial Link Setup (FILS) (IEEE 802.11ai) -#CONFIG_FILS=y +CONFIG_FILS=y # FILS shared key authentication with PFS #CONFIG_FILS_SK_PFS=y diff --git a/package/network/services/hostapd/files/wpa_supplicant-p2p.config b/package/network/services/hostapd/files/wpa_supplicant-p2p.config index b00847a25..48302bb4c 100644 --- a/package/network/services/hostapd/files/wpa_supplicant-p2p.config +++ b/package/network/services/hostapd/files/wpa_supplicant-p2p.config @@ -578,7 +578,7 @@ CONFIG_P2P=y #CONFIG_MBO=y # Fast Initial Link Setup (FILS) (IEEE 802.11ai) -#CONFIG_FILS=y +CONFIG_FILS=y # FILS shared key authentication with PFS #CONFIG_FILS_SK_PFS=y diff --git a/package/network/services/hostapd/files/wps-hotplug.sh b/package/network/services/hostapd/files/wps-hotplug.sh index d00939d76..073bdd186 100644 --- a/package/network/services/hostapd/files/wps-hotplug.sh +++ b/package/network/services/hostapd/files/wps-hotplug.sh @@ -38,13 +38,20 @@ wps_catch_credentials() { done } -if [ "$ACTION" = "pressed" -a "$BUTTON" = "wps" ]; then - wps_done=0 - ubusobjs="$( ubus -S list hostapd.* )" - for ubusobj in $ubusobjs; do - ubus -S call $ubusobj wps_start && wps_done=1 - done - [ $wps_done = 0 ] || return 0 +if [ "$ACTION" = "released" ] && [ "$BUTTON" = "wps" ]; then + # If the button was pressed for 3 seconds or more, trigger WPS on + # wpa_supplicant only, no matter if hostapd is running or not. If + # was pressed for less than 3 seconds, try triggering on + # hostapd. If there is no hostapd instance to trigger it on or WPS + # is not enabled on them, trigger it on wpa_supplicant. + if [ "$SEEN" -lt 3 ] ; then + wps_done=0 + ubusobjs="$( ubus -S list hostapd.* )" + for ubusobj in $ubusobjs; do + ubus -S call $ubusobj wps_start && wps_done=1 + done + [ $wps_done = 0 ] || return 0 + fi wps_done=0 ubusobjs="$( ubus -S list wpa_supplicant.* )" for ubusobj in $ubusobjs; do diff --git a/package/network/services/hostapd/patches/001-wolfssl-init-RNG-with-ECC-key.patch b/package/network/services/hostapd/patches/001-wolfssl-init-RNG-with-ECC-key.patch index 84fc1c935..994aa3062 100644 --- a/package/network/services/hostapd/patches/001-wolfssl-init-RNG-with-ECC-key.patch +++ b/package/network/services/hostapd/patches/001-wolfssl-init-RNG-with-ECC-key.patch @@ -16,7 +16,7 @@ Signed-off-by: David Bauer --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c -@@ -1303,6 +1303,7 @@ int ecc_projective_add_point(ecc_point * +@@ -1307,6 +1307,7 @@ int ecc_projective_add_point(ecc_point * struct crypto_ec { ecc_key key; @@ -24,7 +24,7 @@ Signed-off-by: David Bauer mp_int a; mp_int prime; mp_int order; -@@ -1357,6 +1358,8 @@ struct crypto_ec * crypto_ec_init(int gr +@@ -1361,6 +1362,8 @@ struct crypto_ec * crypto_ec_init(int gr return NULL; if (wc_ecc_init(&e->key) != 0 || @@ -33,7 +33,7 @@ Signed-off-by: David Bauer wc_ecc_set_curve(&e->key, 0, curve_id) != 0 || mp_init(&e->a) != MP_OKAY || mp_init(&e->prime) != MP_OKAY || -@@ -1388,6 +1391,7 @@ void crypto_ec_deinit(struct crypto_ec* +@@ -1392,6 +1395,7 @@ void crypto_ec_deinit(struct crypto_ec* mp_clear(&e->order); mp_clear(&e->prime); mp_clear(&e->a); diff --git a/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch b/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch index d948c41b3..16d24d100 100644 --- a/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch +++ b/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch @@ -14,16 +14,37 @@ Signed-off-by: Peter Oh --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -2395,6 +2395,8 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -2409,7 +2409,7 @@ static int drv_supports_vht(struct wpa_s + } + + +-static bool ibss_mesh_is_80mhz_avail(int channel, struct hostapd_hw_modes *mode) ++static bool ibss_mesh_is_80mhz_avail(int channel, struct hostapd_hw_modes *mode, bool dfs_enabled) + { + int i; + +@@ -2418,7 +2418,10 @@ static bool ibss_mesh_is_80mhz_avail(int + + chan = hw_get_channel_chan(mode, i, NULL); + if (!chan || +- chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) ++ chan->flag & HOSTAPD_CHAN_DISABLED) ++ return false; ++ ++ if (!dfs_enabled && chan->flag & (HOSTAPD_CHAN_RADAR | HOSTAPD_CHAN_NO_IR)) + return false; + } + +@@ -2447,6 +2450,8 @@ void ibss_mesh_setup_freq(struct wpa_sup int chwidth, seg0, seg1; u32 vht_caps = 0; - int is_24ghz; -+ int dfs_enabled = wpa_s->conf->country[0] && -+ (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR); + bool is_24ghz, is_6ghz; ++ bool dfs_enabled = wpa_s->conf->country[0] && ++ (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR); freq->freq = ssid->frequency; -@@ -2484,8 +2486,11 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -2543,8 +2548,11 @@ void ibss_mesh_setup_freq(struct wpa_sup return; /* Check primary channel flags */ @@ -36,7 +57,7 @@ Signed-off-by: Peter Oh freq->channel = pri_chan->chan; -@@ -2518,8 +2523,11 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -2577,8 +2585,11 @@ void ibss_mesh_setup_freq(struct wpa_sup return; /* Check secondary channel flags */ @@ -49,20 +70,25 @@ Signed-off-by: Peter Oh if (ht40 == -1) { if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS)) -@@ -2612,8 +2620,11 @@ skip_ht40: - return; +@@ -2667,7 +2678,7 @@ skip_to_6ghz: + return; - /* Back to HT configuration if channel not usable */ -- if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) -+ if (chan->flag & HOSTAPD_CHAN_DISABLED) - return; -+ if (chan->flag & (HOSTAPD_CHAN_RADAR | HOSTAPD_CHAN_NO_IR)) -+ if (!dfs_enabled) -+ return; - } + /* Back to HT configuration if channel not usable */ +- if (!ibss_mesh_is_80mhz_avail(channel, mode)) ++ if (!ibss_mesh_is_80mhz_avail(channel, mode, dfs_enabled)) + return; chwidth = CHANWIDTH_80MHZ; -@@ -2633,10 +2644,12 @@ skip_ht40: +@@ -2681,7 +2692,7 @@ skip_to_6ghz: + * above; check the remaining four 20 MHz channels for the total + * of 160 MHz bandwidth. + */ +- if (!ibss_mesh_is_80mhz_avail(channel + 16, mode)) ++ if (!ibss_mesh_is_80mhz_avail(channel + 16, mode, dfs_enabled)) + return; + + for (j = 0; j < ARRAY_SIZE(bw160); j++) { +@@ -2711,10 +2722,12 @@ skip_to_6ghz: if (!chan) continue; diff --git a/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch b/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch index 03a1e339a..1faeacf76 100644 --- a/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch +++ b/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch @@ -29,7 +29,7 @@ Signed-off-by: Markus Theil static int dfs_get_used_n_chans(struct hostapd_iface *iface, int *seg1) -@@ -480,9 +481,14 @@ dfs_get_valid_channel(struct hostapd_ifa +@@ -483,9 +484,14 @@ dfs_get_valid_channel(struct hostapd_ifa int num_available_chandefs; int chan_idx, chan_idx2; int sec_chan_idx_80p80 = -1; @@ -44,7 +44,7 @@ Signed-off-by: Markus Theil wpa_printf(MSG_DEBUG, "DFS: Selecting random channel"); *secondary_channel = 0; *oper_centr_freq_seg0_idx = 0; -@@ -502,8 +508,20 @@ dfs_get_valid_channel(struct hostapd_ifa +@@ -505,8 +511,20 @@ dfs_get_valid_channel(struct hostapd_ifa if (num_available_chandefs == 0) return NULL; @@ -68,7 +68,7 @@ Signed-off-by: Markus Theil if (!chan) { --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -9872,6 +9872,10 @@ static int nl80211_switch_channel(void * +@@ -9895,6 +9895,10 @@ static int nl80211_switch_channel(void * if (ret) goto error; diff --git a/package/network/services/hostapd/patches/020-mesh-make-forwarding-configurable.patch b/package/network/services/hostapd/patches/020-mesh-make-forwarding-configurable.patch deleted file mode 100644 index 75726a675..000000000 --- a/package/network/services/hostapd/patches/020-mesh-make-forwarding-configurable.patch +++ /dev/null @@ -1,219 +0,0 @@ -From 90fe6429624fc48bc0e5d2d7eeecb7498708b5e3 Mon Sep 17 00:00:00 2001 -From: Daniel Golle -Date: Wed, 18 Apr 2018 19:24:31 +0200 -Subject: [PATCH 18/18] mesh: make forwarding configurable - -Allow mesh_fwding to be specified in a mesh bss config, pass that -to the driver (only nl80211 implemented for now) and announce -forwarding capability accordingly. - -Signed-off-by: Daniel Golle ---- - src/ap/ap_config.h | 2 ++ - src/drivers/driver.h | 2 ++ - src/drivers/driver_nl80211.c | 3 +++ - wpa_supplicant/config.c | 4 ++++ - wpa_supplicant/config.h | 9 +++++++++ - wpa_supplicant/config_file.c | 4 ++++ - wpa_supplicant/config_ssid.h | 5 +++++ - wpa_supplicant/mesh.c | 6 ++++++ - wpa_supplicant/mesh_mpm.c | 4 ++-- - wpa_supplicant/wpa_supplicant.conf | 3 +++ - 10 files changed, 40 insertions(+), 2 deletions(-) - ---- a/src/ap/ap_config.h -+++ b/src/ap/ap_config.h -@@ -51,6 +51,7 @@ struct mesh_conf { - int dot11MeshRetryTimeout; /* msec */ - int dot11MeshConfirmTimeout; /* msec */ - int dot11MeshHoldingTimeout; /* msec */ -+ int mesh_fwding; - }; - - #define MAX_STA_COUNT 2007 -@@ -696,6 +697,7 @@ struct hostapd_bss_config { - - #define MESH_ENABLED BIT(0) - int mesh; -+ int mesh_fwding; - - u8 radio_measurements[RRM_CAPABILITIES_IE_LEN]; - ---- a/src/drivers/driver.h -+++ b/src/drivers/driver.h -@@ -1584,6 +1584,7 @@ struct wpa_driver_mesh_bss_params { - #define WPA_DRIVER_MESH_CONF_FLAG_MAX_PEER_LINKS 0x00000004 - #define WPA_DRIVER_MESH_CONF_FLAG_HT_OP_MODE 0x00000008 - #define WPA_DRIVER_MESH_CONF_FLAG_RSSI_THRESHOLD 0x00000010 -+#define WPA_DRIVER_MESH_CONF_FLAG_FORWARDING 0x00000020 - /* - * TODO: Other mesh configuration parameters would go here. - * See NL80211_MESHCONF_* for all the mesh config parameters. -@@ -1593,6 +1594,7 @@ struct wpa_driver_mesh_bss_params { - int peer_link_timeout; - int max_peer_links; - int rssi_threshold; -+ int forwarding; - u16 ht_opmode; - }; - ---- a/src/drivers/driver_nl80211.c -+++ b/src/drivers/driver_nl80211.c -@@ -10456,6 +10456,9 @@ static int nl80211_put_mesh_config(struc - if (((params->flags & WPA_DRIVER_MESH_CONF_FLAG_AUTO_PLINKS) && - nla_put_u8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, - params->auto_plinks)) || -+ ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_FORWARDING) && -+ nla_put_u8(msg, NL80211_MESHCONF_FORWARDING, -+ params->forwarding)) || - ((params->flags & WPA_DRIVER_MESH_CONF_FLAG_MAX_PEER_LINKS) && - nla_put_u16(msg, NL80211_MESHCONF_MAX_PEER_LINKS, - params->max_peer_links)) || ---- a/wpa_supplicant/config.c -+++ b/wpa_supplicant/config.c -@@ -2527,6 +2527,7 @@ static const struct parse_data ssid_fiel - #ifdef CONFIG_MESH - { INT_RANGE(mode, 0, 5) }, - { INT_RANGE(no_auto_peer, 0, 1) }, -+ { INT_RANGE(mesh_fwding, 0, 1) }, - { INT_RANGE(mesh_rssi_threshold, -255, 1) }, - #else /* CONFIG_MESH */ - { INT_RANGE(mode, 0, 4) }, -@@ -3106,6 +3107,7 @@ void wpa_config_set_network_defaults(str - ssid->dot11MeshRetryTimeout = DEFAULT_MESH_RETRY_TIMEOUT; - ssid->dot11MeshConfirmTimeout = DEFAULT_MESH_CONFIRM_TIMEOUT; - ssid->dot11MeshHoldingTimeout = DEFAULT_MESH_HOLDING_TIMEOUT; -+ ssid->mesh_fwding = DEFAULT_MESH_FWDING; - ssid->mesh_rssi_threshold = DEFAULT_MESH_RSSI_THRESHOLD; - #endif /* CONFIG_MESH */ - #ifdef CONFIG_HT_OVERRIDES -@@ -4347,6 +4349,7 @@ struct wpa_config * wpa_config_alloc_emp - config->user_mpm = DEFAULT_USER_MPM; - config->max_peer_links = DEFAULT_MAX_PEER_LINKS; - config->mesh_max_inactivity = DEFAULT_MESH_MAX_INACTIVITY; -+ config->mesh_fwding = DEFAULT_MESH_FWDING; - config->dot11RSNASAERetransPeriod = - DEFAULT_DOT11_RSNA_SAE_RETRANS_PERIOD; - config->fast_reauth = DEFAULT_FAST_REAUTH; -@@ -5047,6 +5050,7 @@ static const struct global_parse_data gl - { INT(user_mpm), 0 }, - { INT_RANGE(max_peer_links, 0, 255), 0 }, - { INT(mesh_max_inactivity), 0 }, -+ { INT_RANGE(mesh_fwding, 0, 1), 0 }, - { INT(dot11RSNASAERetransPeriod), 0 }, - #endif /* CONFIG_MESH */ - { INT(disable_scan_offload), 0 }, ---- a/wpa_supplicant/config.h -+++ b/wpa_supplicant/config.h -@@ -18,6 +18,7 @@ - #define DEFAULT_USER_MPM 1 - #define DEFAULT_MAX_PEER_LINKS 99 - #define DEFAULT_MESH_MAX_INACTIVITY 300 -+#define DEFAULT_MESH_FWDING 1 - /* - * The default dot11RSNASAERetransPeriod is defined as 40 ms in the standard, - * but use 1000 ms in practice to avoid issues on low power CPUs. -@@ -1378,6 +1379,14 @@ struct wpa_config { - int mesh_max_inactivity; - - /** -+ * mesh_fwding - Mesh network layer-2 forwarding -+ * -+ * This controls whether to enable layer-2 forwarding. -+ * By default: 1: enabled -+ */ -+ int mesh_fwding; -+ -+ /** - * dot11RSNASAERetransPeriod - Timeout to retransmit SAE Auth frame - * - * This timeout value is used in mesh STA to retransmit ---- a/wpa_supplicant/config_file.c -+++ b/wpa_supplicant/config_file.c -@@ -768,6 +768,7 @@ static void wpa_config_write_network(FIL - #endif /* IEEE8021X_EAPOL */ - INT(mode); - INT(no_auto_peer); -+ INT(mesh_fwding); - INT(frequency); - INT(enable_edmg); - INT(edmg_channel); -@@ -1449,6 +1450,9 @@ static void wpa_config_write_global(FILE - fprintf(f, "mesh_max_inactivity=%d\n", - config->mesh_max_inactivity); - -+ if (config->mesh_fwding != DEFAULT_MESH_FWDING) -+ fprintf(f, "mesh_fwding=%d\n", config->mesh_fwding); -+ - if (config->dot11RSNASAERetransPeriod != - DEFAULT_DOT11_RSNA_SAE_RETRANS_PERIOD) - fprintf(f, "dot11RSNASAERetransPeriod=%d\n", ---- a/wpa_supplicant/config_ssid.h -+++ b/wpa_supplicant/config_ssid.h -@@ -546,6 +546,11 @@ struct wpa_ssid { - int dot11MeshConfirmTimeout; /* msec */ - int dot11MeshHoldingTimeout; /* msec */ - -+ /** -+ * Mesh network layer-2 forwarding -+ */ -+ int mesh_fwding; -+ - int ht; - int ht40; - ---- a/wpa_supplicant/mesh.c -+++ b/wpa_supplicant/mesh.c -@@ -140,6 +140,7 @@ static struct mesh_conf * mesh_config_cr - conf->mesh_cc_id = 0; - conf->mesh_sp_id = MESH_SYNC_METHOD_NEIGHBOR_OFFSET; - conf->mesh_auth_id = (conf->security & MESH_CONF_SEC_AUTH) ? 1 : 0; -+ conf->mesh_fwding = ssid->mesh_fwding; - conf->dot11MeshMaxRetries = ssid->dot11MeshMaxRetries; - conf->dot11MeshRetryTimeout = ssid->dot11MeshRetryTimeout; - conf->dot11MeshConfirmTimeout = ssid->dot11MeshConfirmTimeout; -@@ -441,6 +442,7 @@ static int wpa_supplicant_mesh_init(stru - bss->conf->start_disabled = 1; - bss->conf->mesh = MESH_ENABLED; - bss->conf->ap_max_inactivity = wpa_s->conf->mesh_max_inactivity; -+ bss->conf->mesh_fwding = wpa_s->conf->mesh_fwding; - - if (ieee80211_is_dfs(ssid->frequency, wpa_s->hw.modes, - wpa_s->hw.num_modes) && wpa_s->conf->country[0]) { -@@ -655,6 +657,10 @@ int wpa_supplicant_join_mesh(struct wpa_ - } - params->conf.peer_link_timeout = wpa_s->conf->mesh_max_inactivity; - -+ /* always explicitely set forwarding to on or off for now */ -+ params->conf.flags |= WPA_DRIVER_MESH_CONF_FLAG_FORWARDING; -+ params->conf.forwarding = ssid->mesh_fwding; -+ - os_free(wpa_s->mesh_params); - wpa_s->mesh_params = params; - if (wpa_supplicant_mesh_init(wpa_s, ssid, ¶ms->freq)) { ---- a/wpa_supplicant/mesh_mpm.c -+++ b/wpa_supplicant/mesh_mpm.c -@@ -303,9 +303,9 @@ static void mesh_mpm_send_plink_action(s - info = (bss->num_plinks > 63 ? 63 : bss->num_plinks) << 1; - /* TODO: Add Connected to Mesh Gate/AS subfields */ - wpabuf_put_u8(buf, info); -- /* always forwarding & accepting plinks for now */ -+ /* set forwarding & always accepting plinks for now */ - wpabuf_put_u8(buf, MESH_CAP_ACCEPT_ADDITIONAL_PEER | -- MESH_CAP_FORWARDING); -+ (conf->mesh_fwding ? MESH_CAP_FORWARDING : 0)); - } else { /* Peer closing frame */ - /* IE: Mesh ID */ - wpabuf_put_u8(buf, WLAN_EID_MESH_ID); ---- a/wpa_supplicant/wpa_supplicant.conf -+++ b/wpa_supplicant/wpa_supplicant.conf -@@ -150,6 +150,9 @@ ap_scan=1 - # This timeout value is used in mesh STA to clean up inactive stations. - #mesh_max_inactivity=300 - -+# Enable 802.11s layer-2 routing and forwarding -+#mesh_fwding=1 -+ - # cert_in_cb - Whether to include a peer certificate dump in events - # This controls whether peer certificates for authentication server and - # its certificate chain are included in EAP peer certificate events. This is diff --git a/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch b/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch index 124fd8bdf..ac02ec5ab 100644 --- a/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch +++ b/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch @@ -1,6 +1,6 @@ --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c -@@ -4942,6 +4942,13 @@ static int add_associated_sta(struct hos +@@ -4944,6 +4944,13 @@ static int add_associated_sta(struct hos * drivers to accept the STA parameter configuration. Since this is * after a new FT-over-DS exchange, a new TK has been derived, so key * reinstallation is not a concern for this case. @@ -14,7 +14,7 @@ */ wpa_printf(MSG_DEBUG, "Add associated STA " MACSTR " (added_unassoc=%d auth_alg=%u ft_over_ds=%u reassoc=%d authorized=%d ft_tk=%d fils_tk=%d)", -@@ -4955,7 +4962,8 @@ static int add_associated_sta(struct hos +@@ -4957,7 +4964,8 @@ static int add_associated_sta(struct hos (!(sta->flags & WLAN_STA_AUTHORIZED) || (reassoc && sta->ft_over_ds && sta->auth_alg == WLAN_AUTH_FT) || (!wpa_auth_sta_ft_tk_already_set(sta->wpa_sm) && diff --git a/package/network/services/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch b/package/network/services/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch index e8a78e355..ade0b1131 100644 --- a/package/network/services/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch +++ b/package/network/services/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch @@ -20,7 +20,7 @@ Signed-off-by: Felix Fietkau #include #include #include -@@ -5284,26 +5281,29 @@ fail: +@@ -5300,26 +5297,29 @@ fail: static void rtnl_neigh_delete_fdb_entry(struct i802_bss *bss, const u8 *addr) { @@ -64,7 +64,7 @@ Signed-off-by: Felix Fietkau if (err < 0) { wpa_printf(MSG_DEBUG, "nl80211: bridge FDB entry delete for " MACSTR " ifindex=%d failed: %s", MAC2STR(addr), -@@ -5313,9 +5313,8 @@ static void rtnl_neigh_delete_fdb_entry( +@@ -5329,9 +5329,8 @@ static void rtnl_neigh_delete_fdb_entry( MACSTR, MAC2STR(addr)); } @@ -76,7 +76,7 @@ Signed-off-by: Felix Fietkau } -@@ -7691,7 +7690,6 @@ static void *i802_init(struct hostapd_da +@@ -7714,7 +7713,6 @@ static void *i802_init(struct hostapd_da (params->num_bridge == 0 || !params->bridge[0])) add_ifidx(drv, br_ifindex, drv->ifindex); @@ -84,7 +84,7 @@ Signed-off-by: Felix Fietkau if (bss->added_if_into_bridge || bss->already_in_bridge) { int err; -@@ -7708,7 +7706,6 @@ static void *i802_init(struct hostapd_da +@@ -7731,7 +7729,6 @@ static void *i802_init(struct hostapd_da goto failed; } } @@ -92,7 +92,7 @@ Signed-off-by: Felix Fietkau if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) { wpa_printf(MSG_DEBUG, -@@ -10655,13 +10652,14 @@ static int wpa_driver_br_add_ip_neigh(vo +@@ -10678,13 +10675,14 @@ static int wpa_driver_br_add_ip_neigh(vo const u8 *ipaddr, int prefixlen, const u8 *addr) { @@ -112,7 +112,7 @@ Signed-off-by: Felix Fietkau int res; if (!ipaddr || prefixlen == 0 || !addr) -@@ -10680,85 +10678,66 @@ static int wpa_driver_br_add_ip_neigh(vo +@@ -10703,85 +10701,66 @@ static int wpa_driver_br_add_ip_neigh(vo } if (version == 4) { @@ -220,7 +220,7 @@ Signed-off-by: Felix Fietkau addrsize = 16; } else { return -EINVAL; -@@ -10776,41 +10755,30 @@ static int wpa_driver_br_delete_ip_neigh +@@ -10799,41 +10778,30 @@ static int wpa_driver_br_delete_ip_neigh return -1; } diff --git a/package/network/services/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch b/package/network/services/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch new file mode 100644 index 000000000..6d9fd81ac --- /dev/null +++ b/package/network/services/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch @@ -0,0 +1,34 @@ +From: Felix Fietkau +Date: Mon, 18 Feb 2019 12:57:11 +0100 +Subject: [PATCH] mesh: allow processing authentication frames in blocked state + +If authentication fails repeatedly e.g. because of a weak signal, the link +can end up in blocked state. If one of the nodes tries to establish a link +again before it is unblocked on the other side, it will block the link to +that other side. The same happens on the other side when it unblocks the +link. In that scenario, the link never recovers on its own. + +To fix this, allow restarting authentication even if the link is in blocked +state, but don't initiate the attempt until the blocked period is over. + +Signed-off-by: Felix Fietkau +--- + +--- a/src/ap/ieee802_11.c ++++ b/src/ap/ieee802_11.c +@@ -3761,15 +3761,6 @@ static void handle_auth(struct hostapd_d + seq_ctrl); + return; + } +-#ifdef CONFIG_MESH +- if ((hapd->conf->mesh & MESH_ENABLED) && +- sta->plink_state == PLINK_BLOCKED) { +- wpa_printf(MSG_DEBUG, "Mesh peer " MACSTR +- " is blocked - drop Authentication frame", +- MAC2STR(mgmt->sa)); +- return; +- } +-#endif /* CONFIG_MESH */ + #ifdef CONFIG_PASN + if (auth_alg == WLAN_AUTH_PASN && + (sta->flags & WLAN_STA_ASSOC)) { diff --git a/package/network/services/hostapd/patches/050-build_fix.patch b/package/network/services/hostapd/patches/050-build_fix.patch new file mode 100644 index 000000000..2652a8331 --- /dev/null +++ b/package/network/services/hostapd/patches/050-build_fix.patch @@ -0,0 +1,20 @@ +--- a/hostapd/Makefile ++++ b/hostapd/Makefile +@@ -323,6 +323,7 @@ ifdef CONFIG_FILS + CFLAGS += -DCONFIG_FILS + OBJS += ../src/ap/fils_hlp.o + NEED_SHA384=y ++NEED_HMAC_SHA384_KDF=y + NEED_AES_SIV=y + ifdef CONFIG_FILS_SK_PFS + CFLAGS += -DCONFIG_FILS_SK_PFS +--- a/wpa_supplicant/Makefile ++++ b/wpa_supplicant/Makefile +@@ -312,6 +312,7 @@ endif + ifdef CONFIG_FILS + CFLAGS += -DCONFIG_FILS + NEED_SHA384=y ++NEED_HMAC_SHA384_KDF=y + NEED_AES_SIV=y + ifdef CONFIG_FILS_SK_PFS + CFLAGS += -DCONFIG_FILS_SK_PFS diff --git a/package/network/services/hostapd/patches/200-multicall.patch b/package/network/services/hostapd/patches/200-multicall.patch index 8dce26087..ad82e020f 100644 --- a/package/network/services/hostapd/patches/200-multicall.patch +++ b/package/network/services/hostapd/patches/200-multicall.patch @@ -18,7 +18,7 @@ OBJS += ../src/ap/vlan_init.o OBJS += ../src/ap/vlan_ifconfig.o OBJS += ../src/ap/vlan.o -@@ -349,10 +351,14 @@ CFLAGS += -DCONFIG_MBO +@@ -350,10 +352,14 @@ CFLAGS += -DCONFIG_MBO OBJS += ../src/ap/mbo_ap.o endif @@ -36,7 +36,7 @@ LIBS += $(DRV_AP_LIBS) ifdef CONFIG_L2_PACKET -@@ -1277,6 +1283,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR) +@@ -1281,6 +1287,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR) _OBJS_VAR := OBJS include ../src/objs.mk @@ -49,7 +49,7 @@ hostapd: $(OBJS) $(Q)$(CC) $(LDFLAGS) -o hostapd $(OBJS) $(LIBS) @$(E) " LD " $@ -@@ -1351,6 +1363,12 @@ include ../src/objs.mk +@@ -1355,6 +1367,12 @@ include ../src/objs.mk _OBJS_VAR := SOBJS include ../src/objs.mk @@ -72,7 +72,7 @@ include ../src/build.rules ifdef LIBS -@@ -359,7 +360,9 @@ endif +@@ -363,7 +364,9 @@ endif ifdef CONFIG_IBSS_RSN NEED_RSN_AUTHENTICATOR=y CFLAGS += -DCONFIG_IBSS_RSN @@ -82,7 +82,7 @@ OBJS += ibss_rsn.o endif -@@ -897,6 +900,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS +@@ -900,6 +903,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS CFLAGS += -DCONFIG_DYNAMIC_EAP_METHODS LIBS += -ldl -rdynamic endif @@ -93,7 +93,7 @@ endif ifdef CONFIG_AP -@@ -904,9 +911,11 @@ NEED_EAP_COMMON=y +@@ -907,9 +914,11 @@ NEED_EAP_COMMON=y NEED_RSN_AUTHENTICATOR=y CFLAGS += -DCONFIG_AP OBJS += ap.o @@ -105,7 +105,7 @@ OBJS += ../src/ap/hostapd.o OBJS += ../src/ap/wpa_auth_glue.o OBJS += ../src/ap/utils.o -@@ -986,6 +995,12 @@ endif +@@ -989,6 +998,12 @@ endif ifdef CONFIG_HS20 OBJS += ../src/ap/hs20.o endif @@ -118,7 +118,7 @@ endif ifdef CONFIG_MBO -@@ -994,7 +1009,9 @@ CFLAGS += -DCONFIG_MBO +@@ -997,7 +1012,9 @@ CFLAGS += -DCONFIG_MBO endif ifdef NEED_RSN_AUTHENTICATOR @@ -128,7 +128,7 @@ NEED_AES_WRAP=y OBJS += ../src/ap/wpa_auth.o OBJS += ../src/ap/wpa_auth_ie.o -@@ -1889,6 +1906,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv) +@@ -1891,6 +1908,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv) _OBJS_VAR := OBJS include ../src/objs.mk @@ -141,7 +141,7 @@ wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs) $(Q)$(LDO) $(LDFLAGS) -o wpa_supplicant $(OBJS) $(LIBS) $(EXTRALIBS) @$(E) " LD " $@ -@@ -2021,6 +2044,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK) +@@ -2023,6 +2046,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK) $(Q)sed -e 's|\@BINDIR\@|$(BINDIR)|g' $< >$@ @$(E) " sed" $< @@ -156,7 +156,7 @@ wpa_cli.exe: wpa_cli --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -6025,8 +6025,8 @@ union wpa_event_data { +@@ -6033,8 +6033,8 @@ union wpa_event_data { * Driver wrapper code should call this function whenever an event is received * from the driver. */ @@ -167,7 +167,7 @@ /** * wpa_supplicant_event_global - Report a driver event for wpa_supplicant -@@ -6038,7 +6038,7 @@ void wpa_supplicant_event(void *ctx, enu +@@ -6046,7 +6046,7 @@ void wpa_supplicant_event(void *ctx, enu * Same as wpa_supplicant_event(), but we search for the interface in * wpa_global. */ @@ -178,7 +178,7 @@ /* --- a/src/ap/drv_callbacks.c +++ b/src/ap/drv_callbacks.c -@@ -1836,8 +1836,8 @@ err: +@@ -1842,8 +1842,8 @@ err: #endif /* CONFIG_OWE */ @@ -189,7 +189,7 @@ { struct hostapd_data *hapd = ctx; #ifndef CONFIG_NO_STDOUT_DEBUG -@@ -2082,7 +2082,7 @@ void wpa_supplicant_event(void *ctx, enu +@@ -2088,7 +2088,7 @@ void wpa_supplicant_event(void *ctx, enu } @@ -231,7 +231,7 @@ os_memset(&global, 0, sizeof(global)); --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c -@@ -4665,8 +4665,8 @@ static void wpas_event_unprot_beacon(str +@@ -4891,8 +4891,8 @@ static void wpas_event_unprot_beacon(str } @@ -242,7 +242,7 @@ { struct wpa_supplicant *wpa_s = ctx; int resched; -@@ -5511,7 +5511,7 @@ void wpa_supplicant_event(void *ctx, enu +@@ -5745,7 +5745,7 @@ void wpa_supplicant_event(void *ctx, enu } @@ -253,7 +253,7 @@ struct wpa_supplicant *wpa_s; --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -6819,7 +6819,6 @@ struct wpa_interface * wpa_supplicant_ma +@@ -7043,7 +7043,6 @@ struct wpa_interface * wpa_supplicant_ma return NULL; } @@ -261,7 +261,7 @@ /** * wpa_supplicant_match_existing - Match existing interfaces * @global: Pointer to global data from wpa_supplicant_init() -@@ -6854,6 +6853,11 @@ static int wpa_supplicant_match_existing +@@ -7078,6 +7077,11 @@ static int wpa_supplicant_match_existing #endif /* CONFIG_MATCH_IFACE */ @@ -273,7 +273,7 @@ /** * wpa_supplicant_add_iface - Add a new network interface -@@ -7110,6 +7114,8 @@ struct wpa_global * wpa_supplicant_init( +@@ -7334,6 +7338,8 @@ struct wpa_global * wpa_supplicant_init( #ifndef CONFIG_NO_WPA_MSG wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb); #endif /* CONFIG_NO_WPA_MSG */ diff --git a/package/network/services/hostapd/patches/300-noscan.patch b/package/network/services/hostapd/patches/300-noscan.patch index 93b093428..01a33d0d0 100644 --- a/package/network/services/hostapd/patches/300-noscan.patch +++ b/package/network/services/hostapd/patches/300-noscan.patch @@ -1,6 +1,6 @@ --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3459,6 +3459,10 @@ static int hostapd_config_fill(struct ho +@@ -3474,6 +3474,10 @@ static int hostapd_config_fill(struct ho if (bss->ocv && !bss->ieee80211w) bss->ieee80211w = 1; #endif /* CONFIG_OCV */ @@ -13,7 +13,7 @@ } else if (os_strcmp(buf, "ht_capab") == 0) { --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h -@@ -1009,6 +1009,8 @@ struct hostapd_config { +@@ -1014,6 +1014,8 @@ struct hostapd_config { int ht_op_mode_fixed; u16 ht_capab; diff --git a/package/network/services/hostapd/patches/301-mesh-noscan.patch b/package/network/services/hostapd/patches/301-mesh-noscan.patch index 0d7832944..e682efb54 100644 --- a/package/network/services/hostapd/patches/301-mesh-noscan.patch +++ b/package/network/services/hostapd/patches/301-mesh-noscan.patch @@ -10,7 +10,7 @@ { STR(id_str) }, --- a/wpa_supplicant/config_file.c +++ b/wpa_supplicant/config_file.c -@@ -768,6 +768,7 @@ static void wpa_config_write_network(FIL +@@ -769,6 +769,7 @@ static void wpa_config_write_network(FIL #endif /* IEEE8021X_EAPOL */ INT(mode); INT(no_auto_peer); @@ -20,7 +20,7 @@ INT(enable_edmg); --- a/wpa_supplicant/mesh.c +++ b/wpa_supplicant/mesh.c -@@ -474,6 +474,8 @@ static int wpa_supplicant_mesh_init(stru +@@ -505,6 +505,8 @@ static int wpa_supplicant_mesh_init(stru frequency); goto out_free; } @@ -31,14 +31,17 @@ /* --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -2384,12 +2384,12 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -2436,7 +2436,7 @@ void ibss_mesh_setup_freq(struct wpa_sup int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode); enum hostapd_hw_mode hw_mode; struct hostapd_hw_modes *mode = NULL; - int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157, + int ht40plus[] = { 1, 2, 3, 4, 5, 6, 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157, 184, 192 }; - int vht80[] = { 36, 52, 100, 116, 132, 149 }; + int bw80[] = { 5180, 5260, 5500, 5580, 5660, 5745, 5955, + 6035, 6115, 6195, 6275, 6355, 6435, 6515, +@@ -2444,7 +2444,7 @@ void ibss_mesh_setup_freq(struct wpa_sup + int bw160[] = { 5955, 6115, 6275, 6435, 6595, 6755, 6915 }; struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL; u8 channel; - int i, chan_idx, ht40 = -1, res, obss_scan = 1; @@ -46,7 +49,7 @@ unsigned int j, k; struct hostapd_freq_params vht_freq; int chwidth, seg0, seg1; -@@ -2473,7 +2473,7 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -2535,7 +2535,7 @@ void ibss_mesh_setup_freq(struct wpa_sup #endif /* CONFIG_HE_OVERRIDES */ /* Setup higher BW only for 5 GHz */ @@ -57,7 +60,7 @@ for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) { --- a/wpa_supplicant/config_ssid.h +++ b/wpa_supplicant/config_ssid.h -@@ -971,6 +971,8 @@ struct wpa_ssid { +@@ -974,6 +974,8 @@ struct wpa_ssid { */ int no_auto_peer; diff --git a/package/network/services/hostapd/patches/310-rescan_immediately.patch b/package/network/services/hostapd/patches/310-rescan_immediately.patch index 7f5e20706..b0c1cb835 100644 --- a/package/network/services/hostapd/patches/310-rescan_immediately.patch +++ b/package/network/services/hostapd/patches/310-rescan_immediately.patch @@ -1,6 +1,6 @@ --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -5154,7 +5154,7 @@ wpa_supplicant_alloc(struct wpa_supplica +@@ -5377,7 +5377,7 @@ wpa_supplicant_alloc(struct wpa_supplica if (wpa_s == NULL) return NULL; wpa_s->scan_req = INITIAL_SCAN_REQ; diff --git a/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch b/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch index ca586d862..37033c303 100644 --- a/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch +++ b/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch @@ -1,6 +1,6 @@ --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -4970,7 +4970,7 @@ static int nl80211_set_channel(struct i8 +@@ -4986,7 +4986,7 @@ static int nl80211_set_channel(struct i8 freq->freq, freq->ht_enabled, freq->vht_enabled, freq->he_enabled, freq->bandwidth, freq->center_freq1, freq->center_freq2); diff --git a/package/network/services/hostapd/patches/341-mesh-ctrl-iface-channel-switch.patch b/package/network/services/hostapd/patches/341-mesh-ctrl-iface-channel-switch.patch index 73f81f65e..b13dcb067 100644 --- a/package/network/services/hostapd/patches/341-mesh-ctrl-iface-channel-switch.patch +++ b/package/network/services/hostapd/patches/341-mesh-ctrl-iface-channel-switch.patch @@ -1,6 +1,6 @@ --- a/wpa_supplicant/ap.c +++ b/wpa_supplicant/ap.c -@@ -1513,15 +1513,35 @@ int ap_switch_channel(struct wpa_supplic +@@ -1611,15 +1611,35 @@ int ap_switch_channel(struct wpa_supplic #ifdef CONFIG_CTRL_IFACE diff --git a/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch b/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch index 656b744aa..35567838f 100644 --- a/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch +++ b/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch @@ -1,6 +1,6 @@ --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -2915,10 +2915,15 @@ static int wpa_driver_nl80211_del_beacon +@@ -2931,10 +2931,15 @@ static int wpa_driver_nl80211_del_beacon struct nl_msg *msg; struct wpa_driver_nl80211_data *drv = bss->drv; @@ -18,7 +18,7 @@ return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); } -@@ -5601,7 +5606,7 @@ static void nl80211_teardown_ap(struct i +@@ -5617,7 +5622,7 @@ static void nl80211_teardown_ap(struct i nl80211_mgmt_unsubscribe(bss, "AP teardown"); nl80211_put_wiphy_data_ap(bss); @@ -27,7 +27,7 @@ } -@@ -8048,8 +8053,6 @@ static int wpa_driver_nl80211_if_remove( +@@ -8071,8 +8076,6 @@ static int wpa_driver_nl80211_if_remove( } else { wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context"); nl80211_teardown_ap(bss); @@ -36,7 +36,7 @@ nl80211_destroy_bss(bss); if (!bss->added_if) i802_set_iface_flags(bss, 0); -@@ -8446,7 +8449,6 @@ static int wpa_driver_nl80211_deinit_ap( +@@ -8469,7 +8472,6 @@ static int wpa_driver_nl80211_deinit_ap( if (!is_ap_interface(drv->nlmode)) return -1; wpa_driver_nl80211_del_beacon(bss); @@ -44,7 +44,7 @@ /* * If the P2P GO interface was dynamically added, then it is -@@ -8466,7 +8468,6 @@ static int wpa_driver_nl80211_stop_ap(vo +@@ -8489,7 +8491,6 @@ static int wpa_driver_nl80211_stop_ap(vo if (!is_ap_interface(drv->nlmode)) return -1; wpa_driver_nl80211_del_beacon(bss); diff --git a/package/network/services/hostapd/patches/360-ctrl_iface_reload.patch b/package/network/services/hostapd/patches/360-ctrl_iface_reload.patch index 349522e06..7f3aa9188 100644 --- a/package/network/services/hostapd/patches/360-ctrl_iface_reload.patch +++ b/package/network/services/hostapd/patches/360-ctrl_iface_reload.patch @@ -78,7 +78,7 @@ #ifdef NEED_AP_MLME static int hostapd_ctrl_iface_sa_query(struct hostapd_data *hapd, -@@ -3754,6 +3811,8 @@ static int hostapd_ctrl_iface_receive_pr +@@ -3771,6 +3828,8 @@ static int hostapd_ctrl_iface_receive_pr } else if (os_strncmp(buf, "VENDOR ", 7) == 0) { reply_len = hostapd_ctrl_iface_vendor(hapd, buf + 7, reply, reply_size); @@ -89,7 +89,7 @@ #ifdef RADIUS_SERVER --- a/src/ap/ctrl_iface_ap.c +++ b/src/ap/ctrl_iface_ap.c -@@ -919,7 +919,13 @@ int hostapd_parse_csa_settings(const cha +@@ -927,7 +927,13 @@ int hostapd_parse_csa_settings(const cha int hostapd_ctrl_iface_stop_ap(struct hostapd_data *hapd) { diff --git a/package/network/services/hostapd/patches/370-ap_sta_support.patch b/package/network/services/hostapd/patches/370-ap_sta_support.patch index c5cad3bb8..c81c841a4 100644 --- a/package/network/services/hostapd/patches/370-ap_sta_support.patch +++ b/package/network/services/hostapd/patches/370-ap_sta_support.patch @@ -154,7 +154,7 @@ #ifdef CONFIG_WEP /* Configure default/group WEP keys for static WEP */ -@@ -1007,6 +1055,8 @@ void wpa_supplicant_set_state(struct wpa +@@ -1015,6 +1063,8 @@ void wpa_supplicant_set_state(struct wpa sme_sched_obss_scan(wpa_s, 1); @@ -163,7 +163,7 @@ #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) if (!fils_hlp_sent && ssid && ssid->eap.erp) update_fils_connect_params = true; -@@ -1017,6 +1067,8 @@ void wpa_supplicant_set_state(struct wpa +@@ -1025,6 +1075,8 @@ void wpa_supplicant_set_state(struct wpa #endif /* CONFIG_OWE */ } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING || state == WPA_ASSOCIATED) { @@ -172,7 +172,7 @@ wpa_s->new_connection = 1; wpa_drv_set_operstate(wpa_s, 0); #ifndef IEEE8021X_EAPOL -@@ -2276,6 +2328,8 @@ void wpa_supplicant_associate(struct wpa +@@ -2308,6 +2360,8 @@ void wpa_supplicant_associate(struct wpa return; } wpa_s->current_bss = bss; @@ -181,7 +181,7 @@ #else /* CONFIG_MESH */ wpa_msg(wpa_s, MSG_ERROR, "mesh mode support not included in the build"); -@@ -6426,6 +6480,16 @@ static int wpa_supplicant_init_iface(str +@@ -6650,6 +6704,16 @@ static int wpa_supplicant_init_iface(str sizeof(wpa_s->bridge_ifname)); } @@ -198,7 +198,7 @@ /* RSNA Supplicant Key Management - INITIALIZE */ eapol_sm_notify_portEnabled(wpa_s->eapol, false); eapol_sm_notify_portValid(wpa_s->eapol, false); -@@ -6763,6 +6827,11 @@ static void wpa_supplicant_deinit_iface( +@@ -6987,6 +7051,11 @@ static void wpa_supplicant_deinit_iface( if (terminate) wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING); @@ -212,7 +212,7 @@ --- a/wpa_supplicant/wpa_supplicant_i.h +++ b/wpa_supplicant/wpa_supplicant_i.h -@@ -103,6 +103,11 @@ struct wpa_interface { +@@ -104,6 +104,11 @@ struct wpa_interface { const char *ifname; /** @@ -224,7 +224,7 @@ * bridge_ifname - Optional bridge interface name * * If the driver interface (ifname) is included in a Linux bridge -@@ -615,6 +620,8 @@ struct wpa_supplicant { +@@ -718,6 +723,8 @@ struct wpa_supplicant { #endif /* CONFIG_CTRL_IFACE_BINDER */ char bridge_ifname[16]; @@ -235,13 +235,14 @@ --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c -@@ -2883,6 +2883,11 @@ static int hostapd_ctrl_iface_chan_switc +@@ -2889,6 +2889,12 @@ static int hostapd_ctrl_iface_chan_switc return 0; } + if (os_strstr(pos, " auto-ht")) { + settings.freq_params.ht_enabled = iface->conf->ieee80211n; + settings.freq_params.vht_enabled = iface->conf->ieee80211ac; ++ settings.freq_params.he_enabled = iface->conf->ieee80211ax; + } + for (i = 0; i < iface->num_bss; i++) { @@ -249,7 +250,7 @@ /* Save CHAN_SWITCH VHT and HE config */ --- a/src/ap/beacon.c +++ b/src/ap/beacon.c -@@ -1758,11 +1758,6 @@ int ieee802_11_set_beacon(struct hostapd +@@ -1791,11 +1791,6 @@ static int __ieee802_11_set_beacon(struc return -1; } @@ -263,7 +264,7 @@ if (ieee802_11_build_ap_params(hapd, ¶ms) < 0) --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c -@@ -4665,6 +4665,60 @@ static void wpas_event_unprot_beacon(str +@@ -4891,6 +4891,60 @@ static void wpas_event_unprot_beacon(str } @@ -324,7 +325,7 @@ void supplicant_event(void *ctx, enum wpa_event_type event, union wpa_event_data *data) { -@@ -4980,8 +5034,10 @@ void supplicant_event(void *ctx, enum wp +@@ -5206,8 +5260,10 @@ void supplicant_event(void *ctx, enum wp channel_width_to_string(data->ch_switch.ch_width), data->ch_switch.cf1, data->ch_switch.cf2); @@ -338,7 +339,7 @@ wpa_s->current_ssid->frequency = data->ch_switch.freq; --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -5829,6 +5829,7 @@ union wpa_event_data { +@@ -5837,6 +5837,7 @@ union wpa_event_data { /** * struct ch_switch @@ -346,7 +347,7 @@ * @freq: Frequency of new channel in MHz * @ht_enabled: Whether this is an HT channel * @ch_offset: Secondary channel offset -@@ -5837,6 +5838,7 @@ union wpa_event_data { +@@ -5845,6 +5846,7 @@ union wpa_event_data { * @cf2: Center frequency 2 */ struct ch_switch { diff --git a/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch b/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch index ca634077b..92b52a6d3 100644 --- a/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch +++ b/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch @@ -12,7 +12,7 @@ else --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c -@@ -3569,6 +3569,7 @@ static int hostapd_ctrl_iface_receive_pr +@@ -3587,6 +3587,7 @@ static int hostapd_ctrl_iface_receive_pr reply_size); } else if (os_strcmp(buf, "STATUS-DRIVER") == 0) { reply_len = hostapd_drv_status(hapd, reply, reply_size); @@ -20,7 +20,7 @@ } else if (os_strcmp(buf, "MIB") == 0) { reply_len = ieee802_11_get_mib(hapd, reply, reply_size); if (reply_len >= 0) { -@@ -3610,6 +3611,7 @@ static int hostapd_ctrl_iface_receive_pr +@@ -3628,6 +3629,7 @@ static int hostapd_ctrl_iface_receive_pr } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) { reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply, reply_size); @@ -30,7 +30,7 @@ reply_len = -1; --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -955,6 +955,9 @@ ifdef CONFIG_FILS +@@ -958,6 +958,9 @@ ifdef CONFIG_FILS OBJS += ../src/ap/fils_hlp.o endif ifdef CONFIG_CTRL_IFACE @@ -42,7 +42,7 @@ --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c -@@ -2308,7 +2308,7 @@ static int wpa_supplicant_ctrl_iface_sta +@@ -2314,7 +2314,7 @@ static int wpa_supplicant_ctrl_iface_sta pos += ret; } @@ -51,7 +51,7 @@ if (wpa_s->ap_iface) { pos += ap_ctrl_iface_wpa_get_status(wpa_s, pos, end - pos, -@@ -10919,6 +10919,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -11494,6 +11494,7 @@ char * wpa_supplicant_ctrl_iface_process reply_len = -1; } else if (os_strncmp(buf, "NOTE ", 5) == 0) { wpa_printf(MSG_INFO, "NOTE: %s", buf + 5); @@ -59,7 +59,7 @@ } else if (os_strcmp(buf, "MIB") == 0) { reply_len = wpa_sm_get_mib(wpa_s->wpa, reply, reply_size); if (reply_len >= 0) { -@@ -10931,6 +10932,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -11506,6 +11507,7 @@ char * wpa_supplicant_ctrl_iface_process reply_size - reply_len); #endif /* CONFIG_MACSEC */ } @@ -67,7 +67,7 @@ } else if (os_strncmp(buf, "STATUS", 6) == 0) { reply_len = wpa_supplicant_ctrl_iface_status( wpa_s, buf + 6, reply, reply_size); -@@ -11419,6 +11421,7 @@ char * wpa_supplicant_ctrl_iface_process +@@ -11994,6 +11996,7 @@ char * wpa_supplicant_ctrl_iface_process reply_len = wpa_supplicant_ctrl_iface_bss( wpa_s, buf + 4, reply, reply_size); #ifdef CONFIG_AP @@ -75,7 +75,7 @@ } else if (os_strcmp(buf, "STA-FIRST") == 0) { reply_len = ap_ctrl_iface_sta_first(wpa_s, reply, reply_size); } else if (os_strncmp(buf, "STA ", 4) == 0) { -@@ -11427,12 +11430,15 @@ char * wpa_supplicant_ctrl_iface_process +@@ -12002,12 +12005,15 @@ char * wpa_supplicant_ctrl_iface_process } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) { reply_len = ap_ctrl_iface_sta_next(wpa_s, buf + 9, reply, reply_size); @@ -101,7 +101,7 @@ static size_t hostapd_write_ht_mcs_bitmask(char *buf, size_t buflen, size_t curr_len, const u8 *mcs_set) -@@ -451,6 +452,7 @@ int hostapd_ctrl_iface_sta_next(struct h +@@ -459,6 +460,7 @@ int hostapd_ctrl_iface_sta_next(struct h return hostapd_ctrl_iface_sta_mib(hapd, sta->next, buf, buflen); } @@ -109,7 +109,7 @@ #ifdef CONFIG_P2P_MANAGER static int p2p_manager_disconnect(struct hostapd_data *hapd, u16 stype, -@@ -807,12 +809,12 @@ int hostapd_ctrl_iface_status(struct hos +@@ -815,12 +817,12 @@ int hostapd_ctrl_iface_status(struct hos return len; len += ret; } @@ -163,7 +163,7 @@ { --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c -@@ -2767,6 +2767,8 @@ static u32 wpa_key_mgmt_suite(struct wpa +@@ -2777,6 +2777,8 @@ static u32 wpa_key_mgmt_suite(struct wpa } @@ -172,7 +172,7 @@ #define RSN_SUITE "%02x-%02x-%02x-%d" #define RSN_SUITE_ARG(s) \ ((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff -@@ -2848,6 +2850,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch +@@ -2858,6 +2860,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch return (int) len; } @@ -182,7 +182,7 @@ --- a/wpa_supplicant/ap.c +++ b/wpa_supplicant/ap.c -@@ -1364,7 +1364,7 @@ int wpas_ap_wps_nfc_report_handover(stru +@@ -1462,7 +1462,7 @@ int wpas_ap_wps_nfc_report_handover(stru #endif /* CONFIG_WPS */ diff --git a/package/network/services/hostapd/patches/400-wps_single_auth_enc_type.patch b/package/network/services/hostapd/patches/400-wps_single_auth_enc_type.patch index 73a8c7694..f708bf39b 100644 --- a/package/network/services/hostapd/patches/400-wps_single_auth_enc_type.patch +++ b/package/network/services/hostapd/patches/400-wps_single_auth_enc_type.patch @@ -11,7 +11,7 @@ bss->wpa_pairwise |= WPA_CIPHER_TKIP; #endif /* CONFIG_NO_TKIP */ bss->rsn_pairwise = bss->wpa_pairwise; -@@ -1178,8 +1177,7 @@ int hostapd_init_wps(struct hostapd_data +@@ -1180,8 +1179,7 @@ int hostapd_init_wps(struct hostapd_data WPA_CIPHER_GCMP_256)) { wps->encr_types |= WPS_ENCR_AES; wps->encr_types_rsn |= WPS_ENCR_AES; diff --git a/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch b/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch index e0e687e16..28f07c7dc 100644 --- a/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch +++ b/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch @@ -22,7 +22,7 @@ Signed-hostap: Antonio Quartulli #include "common/defs.h" #include "common/ieee802_11_defs.h" #include "common/wpa_common.h" -@@ -851,6 +852,9 @@ struct wpa_driver_associate_params { +@@ -857,6 +858,9 @@ struct wpa_driver_associate_params { * responsible for selecting with which BSS to associate. */ const u8 *bssid; @@ -162,7 +162,7 @@ Signed-hostap: Antonio Quartulli #define DEFAULT_EAP_WORKAROUND ((unsigned int) -1) -@@ -843,6 +845,9 @@ struct wpa_ssid { +@@ -846,6 +848,9 @@ struct wpa_ssid { */ void *parent_cred; @@ -174,7 +174,7 @@ Signed-hostap: Antonio Quartulli * macsec_policy - Determines the policy for MACsec secure session --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -3726,6 +3726,12 @@ static void wpas_start_assoc_cb(struct w +@@ -3865,6 +3865,12 @@ static void wpas_start_assoc_cb(struct w params.beacon_int = ssid->beacon_int; else params.beacon_int = wpa_s->conf->beacon_int; diff --git a/package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch b/package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch index b3c8b2646..0be77f984 100644 --- a/package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch +++ b/package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch @@ -10,7 +10,7 @@ Signed-hostap: Antonio Quartulli --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -5950,7 +5950,7 @@ static int wpa_driver_nl80211_ibss(struc +@@ -5966,7 +5966,7 @@ static int wpa_driver_nl80211_ibss(struc struct wpa_driver_associate_params *params) { struct nl_msg *msg; @@ -19,7 +19,7 @@ Signed-hostap: Antonio Quartulli int count = 0; wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex); -@@ -5977,6 +5977,37 @@ retry: +@@ -5993,6 +5993,37 @@ retry: nl80211_put_beacon_int(msg, params->beacon_int)) goto fail; diff --git a/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch b/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch index d9a6e7414..bd1d4d756 100644 --- a/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch +++ b/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch @@ -19,7 +19,7 @@ Tested-by: Simon Wunderlich --- a/src/drivers/driver.h +++ b/src/drivers/driver.h -@@ -1618,6 +1618,7 @@ struct wpa_driver_mesh_join_params { +@@ -1624,6 +1624,7 @@ struct wpa_driver_mesh_join_params { #define WPA_DRIVER_MESH_FLAG_AMPE 0x00000008 unsigned int flags; bool handle_dfs; @@ -29,7 +29,7 @@ Tested-by: Simon Wunderlich struct wpa_driver_set_key_params { --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -10473,6 +10473,18 @@ static int nl80211_put_mesh_id(struct nl +@@ -10496,6 +10496,18 @@ static int nl80211_put_mesh_id(struct nl } @@ -48,7 +48,7 @@ Tested-by: Simon Wunderlich static int nl80211_put_mesh_config(struct nl_msg *msg, struct wpa_driver_mesh_bss_params *params) { -@@ -10534,6 +10546,7 @@ static int nl80211_join_mesh(struct i802 +@@ -10557,6 +10569,7 @@ static int nl80211_join_mesh(struct i802 nl80211_put_basic_rates(msg, params->basic_rates) || nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) || nl80211_put_beacon_int(msg, params->beacon_int) || @@ -58,7 +58,7 @@ Tested-by: Simon Wunderlich --- a/wpa_supplicant/mesh.c +++ b/wpa_supplicant/mesh.c -@@ -600,6 +600,7 @@ int wpa_supplicant_join_mesh(struct wpa_ +@@ -631,6 +631,7 @@ int wpa_supplicant_join_mesh(struct wpa_ params->meshid = ssid->ssid; params->meshid_len = ssid->ssid_len; diff --git a/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch b/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch index 4c7cb9ea3..4807727e0 100644 --- a/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch +++ b/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch @@ -1,6 +1,6 @@ --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -2457,11 +2457,13 @@ void ibss_mesh_setup_freq(struct wpa_sup +@@ -2512,11 +2512,13 @@ void ibss_mesh_setup_freq(struct wpa_sup for (j = 0; j < wpa_s->last_scan_res_used; j++) { struct wpa_bss *bss = wpa_s->last_scan_res[j]; diff --git a/package/network/services/hostapd/patches/470-survey_data_fallback.patch b/package/network/services/hostapd/patches/470-survey_data_fallback.patch index efd82599d..359b5f3ef 100644 --- a/package/network/services/hostapd/patches/470-survey_data_fallback.patch +++ b/package/network/services/hostapd/patches/470-survey_data_fallback.patch @@ -1,26 +1,6 @@ --- a/src/ap/acs.c +++ b/src/ap/acs.c -@@ -302,18 +302,12 @@ static void acs_fail(struct hostapd_ifac - static long double - acs_survey_interference_factor(struct freq_survey *survey, s8 min_nf) - { -- long double factor, busy, total; -+ long double factor, busy = 0, total; - - if (survey->filled & SURVEY_HAS_CHAN_TIME_BUSY) - busy = survey->channel_time_busy; - else if (survey->filled & SURVEY_HAS_CHAN_TIME_RX) - busy = survey->channel_time_rx; -- else { -- /* This shouldn't really happen as survey data is checked in -- * acs_sanity_check() */ -- wpa_printf(MSG_ERROR, "ACS: Survey data missing"); -- return 0; -- } - - total = survey->channel_time; - -@@ -422,20 +416,19 @@ static int acs_usable_bw160_chan(const s +@@ -420,20 +420,19 @@ static int acs_usable_bw160_chan(const s static int acs_survey_is_sufficient(struct freq_survey *survey) { if (!(survey->filled & SURVEY_HAS_NF)) { diff --git a/package/network/services/hostapd/patches/500-lto-jobserver-support.patch b/package/network/services/hostapd/patches/500-lto-jobserver-support.patch index 1475590d0..c51db01fe 100644 --- a/package/network/services/hostapd/patches/500-lto-jobserver-support.patch +++ b/package/network/services/hostapd/patches/500-lto-jobserver-support.patch @@ -1,6 +1,6 @@ --- a/hostapd/Makefile +++ b/hostapd/Makefile -@@ -1293,7 +1293,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS) +@@ -1297,7 +1297,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS) @$(AR) cr $@ hostapd_multi.o $(OBJS) hostapd: $(OBJS) @@ -9,7 +9,7 @@ @$(E) " LD " $@ ifdef CONFIG_WPA_TRACE -@@ -1304,7 +1304,7 @@ _OBJS_VAR := OBJS_c +@@ -1308,7 +1308,7 @@ _OBJS_VAR := OBJS_c include ../src/objs.mk hostapd_cli: $(OBJS_c) @@ -20,7 +20,7 @@ NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS) --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -1918,31 +1918,31 @@ wpa_supplicant_multi.a: .config $(BCHECK +@@ -1920,31 +1920,31 @@ wpa_supplicant_multi.a: .config $(BCHECK @$(AR) cr $@ wpa_supplicant_multi.o $(OBJS) wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs) diff --git a/package/network/services/hostapd/patches/590-rrm-wnm-statistics.patch b/package/network/services/hostapd/patches/590-rrm-wnm-statistics.patch new file mode 100644 index 000000000..ee3ab7938 --- /dev/null +++ b/package/network/services/hostapd/patches/590-rrm-wnm-statistics.patch @@ -0,0 +1,92 @@ +--- a/src/ap/hostapd.h ++++ b/src/ap/hostapd.h +@@ -150,6 +150,21 @@ struct hostapd_sae_commit_queue { + }; + + /** ++ * struct hostapd_openwrt_stats - OpenWrt custom STA/AP statistics ++ */ ++struct hostapd_openwrt_stats { ++ struct { ++ u64 neighbor_report_tx; ++ } rrm; ++ ++ struct { ++ u64 bss_transition_query_rx; ++ u64 bss_transition_request_tx; ++ u64 bss_transition_response_rx; ++ } wnm; ++}; ++ ++/** + * struct hostapd_data - hostapd per-BSS data structure + */ + struct hostapd_data { +@@ -163,6 +178,9 @@ struct hostapd_data { + + u8 own_addr[ETH_ALEN]; + ++ /* OpenWrt specific statistics */ ++ struct hostapd_openwrt_stats openwrt_stats; ++ + int num_sta; /* number of entries in sta_list */ + struct sta_info *sta_list; /* STA info list head */ + #define STA_HASH_SIZE 256 +--- a/src/ap/wnm_ap.c ++++ b/src/ap/wnm_ap.c +@@ -386,6 +386,7 @@ static int ieee802_11_send_bss_trans_mgm + mgmt->u.action.u.bss_tm_req.validity_interval = 1; + pos = mgmt->u.action.u.bss_tm_req.variable; + ++ hapd->openwrt_stats.wnm.bss_transition_request_tx++; + wpa_printf(MSG_DEBUG, "WNM: Send BSS Transition Management Request to " + MACSTR " dialog_token=%u req_mode=0x%x disassoc_timer=%u " + "validity_interval=%u", +@@ -646,10 +647,12 @@ int ieee802_11_rx_wnm_action_ap(struct h + + switch (action) { + case WNM_BSS_TRANS_MGMT_QUERY: ++ hapd->openwrt_stats.wnm.bss_transition_query_rx++; + ieee802_11_rx_bss_trans_mgmt_query(hapd, mgmt->sa, payload, + plen); + return 0; + case WNM_BSS_TRANS_MGMT_RESP: ++ hapd->openwrt_stats.wnm.bss_transition_response_rx++; + ieee802_11_rx_bss_trans_mgmt_resp(hapd, mgmt->sa, payload, + plen); + return 0; +@@ -696,6 +699,7 @@ int wnm_send_disassoc_imminent(struct ho + + pos = mgmt->u.action.u.bss_tm_req.variable; + ++ hapd->openwrt_stats.wnm.bss_transition_request_tx++; + wpa_printf(MSG_DEBUG, "WNM: Send BSS Transition Management Request frame to indicate imminent disassociation (disassoc_timer=%d) to " + MACSTR, disassoc_timer, MAC2STR(sta->addr)); + if (hostapd_drv_send_mlme(hapd, buf, pos - buf, 0, NULL, 0, 0) < 0) { +@@ -777,6 +781,7 @@ int wnm_send_ess_disassoc_imminent(struc + return -1; + } + ++ hapd->openwrt_stats.wnm.bss_transition_request_tx++; + if (disassoc_timer) { + /* send disassociation frame after time-out */ + set_disassoc_timer(hapd, sta, disassoc_timer); +@@ -857,6 +862,7 @@ int wnm_send_bss_tm_req(struct hostapd_d + } + os_free(buf); + ++ hapd->openwrt_stats.wnm.bss_transition_request_tx++; + if (disassoc_timer) { + /* send disassociation frame after time-out */ + set_disassoc_timer(hapd, sta, disassoc_timer); +--- a/src/ap/rrm.c ++++ b/src/ap/rrm.c +@@ -269,6 +269,8 @@ static void hostapd_send_nei_report_resp + } + } + ++ hapd->openwrt_stats.rrm.neighbor_report_tx++; ++ + hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr, + wpabuf_head(buf), wpabuf_len(buf)); + wpabuf_free(buf); diff --git a/package/network/services/hostapd/patches/600-ubus_support.patch b/package/network/services/hostapd/patches/600-ubus_support.patch index ccf66be6b..6a0acbb31 100644 --- a/package/network/services/hostapd/patches/600-ubus_support.patch +++ b/package/network/services/hostapd/patches/600-ubus_support.patch @@ -31,7 +31,7 @@ }; enum hostapd_chan_status { -@@ -154,6 +155,7 @@ struct hostapd_data { +@@ -171,6 +172,7 @@ struct hostapd_data { struct hostapd_iface *iface; struct hostapd_config *iconf; struct hostapd_bss_config *conf; @@ -39,7 +39,7 @@ int interface_added; /* virtual interface added for this BSS */ unsigned int started:1; unsigned int disabled:1; -@@ -610,6 +612,7 @@ hostapd_alloc_bss_data(struct hostapd_if +@@ -630,6 +632,7 @@ hostapd_alloc_bss_data(struct hostapd_if struct hostapd_bss_config *bss); int hostapd_setup_interface(struct hostapd_iface *iface); int hostapd_setup_interface_complete(struct hostapd_iface *iface, int err); @@ -126,7 +126,7 @@ if (res == HOSTAPD_ACL_PENDING) return; -@@ -5454,7 +5466,7 @@ static void handle_assoc(struct hostapd_ +@@ -5447,7 +5459,7 @@ static void handle_assoc(struct hostapd_ int resp = WLAN_STATUS_SUCCESS; u16 reply_res = WLAN_STATUS_UNSPECIFIED_FAILURE; const u8 *pos; @@ -135,7 +135,7 @@ struct sta_info *sta; u8 *tmp = NULL; #ifdef CONFIG_FILS -@@ -5667,6 +5679,11 @@ static void handle_assoc(struct hostapd_ +@@ -5660,6 +5672,11 @@ static void handle_assoc(struct hostapd_ left = res; } #endif /* CONFIG_FILS */ @@ -147,7 +147,7 @@ /* followed by SSID and Supported rates; and HT capabilities if 802.11n * is used */ -@@ -5765,6 +5782,13 @@ static void handle_assoc(struct hostapd_ +@@ -5758,6 +5775,13 @@ static void handle_assoc(struct hostapd_ } #endif /* CONFIG_FILS */ @@ -161,7 +161,7 @@ fail: /* -@@ -5858,6 +5882,7 @@ static void handle_disassoc(struct hosta +@@ -5851,6 +5875,7 @@ static void handle_disassoc(struct hosta wpa_printf(MSG_DEBUG, "disassocation: STA=" MACSTR " reason_code=%d", MAC2STR(mgmt->sa), le_to_host16(mgmt->u.disassoc.reason_code)); @@ -169,7 +169,7 @@ sta = ap_get_sta(hapd, mgmt->sa); if (sta == NULL) { -@@ -5927,6 +5952,8 @@ static void handle_deauth(struct hostapd +@@ -5920,6 +5945,8 @@ static void handle_deauth(struct hostapd /* Clear the PTKSA cache entries for PASN */ ptksa_cache_flush(hapd->ptksa, mgmt->sa, WPA_CIPHER_NONE); @@ -180,7 +180,7 @@ wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR " trying " --- a/src/ap/beacon.c +++ b/src/ap/beacon.c -@@ -823,6 +823,12 @@ void handle_probe_req(struct hostapd_dat +@@ -852,6 +852,12 @@ void handle_probe_req(struct hostapd_dat u16 csa_offs[2]; size_t csa_offs_len; struct radius_sta rad_info; @@ -193,7 +193,7 @@ if (hapd->iconf->rssi_ignore_probe_request && ssi_signal && ssi_signal < hapd->iconf->rssi_ignore_probe_request) -@@ -1009,6 +1015,12 @@ void handle_probe_req(struct hostapd_dat +@@ -1038,6 +1044,12 @@ void handle_probe_req(struct hostapd_dat } #endif /* CONFIG_P2P */ @@ -234,22 +234,22 @@ wpabuf_free(sta->p2p_ie); --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c -@@ -459,6 +459,7 @@ void ap_handle_timer(void *eloop_ctx, vo +@@ -458,6 +458,7 @@ void ap_handle_timer(void *eloop_ctx, vo + hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_INFO, "deauthenticated due to " "local deauth request"); - ap_free_sta(hapd, sta); + hostapd_ubus_notify(hapd, "local-deauth", sta->addr); + ap_free_sta(hapd, sta); return; } - -@@ -614,6 +615,7 @@ skip_poll: +@@ -613,6 +614,7 @@ skip_poll: + mlme_deauthenticate_indication( hapd, sta, WLAN_REASON_PREV_AUTH_NOT_VALID); - ap_free_sta(hapd, sta); + hostapd_ubus_notify(hapd, "inactive-deauth", sta->addr); + ap_free_sta(hapd, sta); break; } - } @@ -1329,6 +1331,7 @@ void ap_sta_set_authorized(struct hostap buf, ip_addr, keyid_buf); } else { @@ -283,7 +283,7 @@ ifdef CONFIG_CODE_COVERAGE CFLAGS += -O0 -fprofile-arcs -ftest-coverage LIBS += -lgcov -@@ -959,6 +965,9 @@ ifdef CONFIG_CTRL_IFACE_MIB +@@ -962,6 +968,9 @@ ifdef CONFIG_CTRL_IFACE_MIB CFLAGS += -DCONFIG_CTRL_IFACE_MIB endif OBJS += ../src/ap/ctrl_iface_ap.o @@ -295,7 +295,7 @@ CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c -@@ -7017,6 +7017,8 @@ struct wpa_supplicant * wpa_supplicant_a +@@ -7241,6 +7241,8 @@ struct wpa_supplicant * wpa_supplicant_a } #endif /* CONFIG_P2P */ @@ -304,7 +304,7 @@ return wpa_s; } -@@ -7043,6 +7045,8 @@ int wpa_supplicant_remove_iface(struct w +@@ -7267,6 +7269,8 @@ int wpa_supplicant_remove_iface(struct w struct wpa_supplicant *parent = wpa_s->parent; #endif /* CONFIG_MESH */ @@ -313,7 +313,7 @@ /* Remove interface from the global list of interfaces */ prev = global->ifaces; if (prev == wpa_s) { -@@ -7346,8 +7350,12 @@ int wpa_supplicant_run(struct wpa_global +@@ -7570,8 +7574,12 @@ int wpa_supplicant_run(struct wpa_global eloop_register_signal_terminate(wpa_supplicant_terminate, global); eloop_register_signal_reconfig(wpa_supplicant_reconfig, global); @@ -336,7 +336,7 @@ extern const char *const wpa_supplicant_version; extern const char *const wpa_supplicant_license; -@@ -321,6 +322,8 @@ struct wpa_global { +@@ -322,6 +323,8 @@ struct wpa_global { #endif /* CONFIG_WIFI_DISPLAY */ struct psk_list_entry *add_psk; /* From group formation */ @@ -345,7 +345,7 @@ }; -@@ -605,6 +608,7 @@ struct wpa_supplicant { +@@ -708,6 +711,7 @@ struct wpa_supplicant { unsigned char own_addr[ETH_ALEN]; unsigned char perm_addr[ETH_ALEN]; char ifname[100]; @@ -363,7 +363,7 @@ #ifndef WPS_PIN_SCAN_IGNORE_SEL_REG -@@ -392,6 +393,8 @@ static int wpa_supplicant_wps_cred(void +@@ -393,6 +394,8 @@ static int wpa_supplicant_wps_cred(void wpa_hexdump_key(MSG_DEBUG, "WPS: Received Credential attribute", cred->cred_attr, cred->cred_attr_len); @@ -463,7 +463,7 @@ --- a/src/ap/dfs.c +++ b/src/ap/dfs.c -@@ -1193,6 +1193,8 @@ int hostapd_dfs_radar_detected(struct ho +@@ -1196,6 +1196,8 @@ int hostapd_dfs_radar_detected(struct ho "freq=%d ht_enabled=%d chan_offset=%d chan_width=%d cf1=%d cf2=%d", freq, ht_enabled, chan_offset, chan_width, cf1, cf2); @@ -515,7 +515,17 @@ --- a/src/ap/wnm_ap.c +++ b/src/ap/wnm_ap.c -@@ -463,7 +463,7 @@ static void ieee802_11_rx_bss_trans_mgmt +@@ -442,7 +442,8 @@ static void ieee802_11_rx_bss_trans_mgmt + wpa_hexdump(MSG_DEBUG, "WNM: BSS Transition Candidate List Entries", + pos, end - pos); + +- ieee802_11_send_bss_trans_mgmt_request(hapd, addr, dialog_token); ++ if (!hostapd_ubus_notify_bss_transition_query(hapd, addr, dialog_token, reason, pos, end - pos)) ++ ieee802_11_send_bss_trans_mgmt_request(hapd, addr, dialog_token); + } + + +@@ -464,7 +465,7 @@ static void ieee802_11_rx_bss_trans_mgmt size_t len) { u8 dialog_token, status_code, bss_termination_delay; @@ -524,7 +534,7 @@ int enabled = hapd->conf->bss_transition; struct sta_info *sta; -@@ -510,6 +510,7 @@ static void ieee802_11_rx_bss_trans_mgmt +@@ -511,6 +512,7 @@ static void ieee802_11_rx_bss_trans_mgmt wpa_printf(MSG_DEBUG, "WNM: not enough room for Target BSSID field"); return; } @@ -532,7 +542,7 @@ sta->agreed_to_steer = 1; eloop_cancel_timeout(ap_sta_reset_steer_flag_timer, hapd, sta); eloop_register_timeout(2, 0, ap_sta_reset_steer_flag_timer, -@@ -529,6 +530,10 @@ static void ieee802_11_rx_bss_trans_mgmt +@@ -530,6 +532,10 @@ static void ieee802_11_rx_bss_trans_mgmt MAC2STR(addr), status_code, bss_termination_delay); } diff --git a/package/network/services/hostapd/patches/610-hostapd_cli_ujail_permission.patch b/package/network/services/hostapd/patches/610-hostapd_cli_ujail_permission.patch new file mode 100644 index 000000000..a03fcc9f9 --- /dev/null +++ b/package/network/services/hostapd/patches/610-hostapd_cli_ujail_permission.patch @@ -0,0 +1,33 @@ +--- a/src/common/wpa_ctrl.c ++++ b/src/common/wpa_ctrl.c +@@ -135,7 +135,7 @@ try_again: + return NULL; + } + tries++; +-#ifdef ANDROID ++ + /* Set client socket file permissions so that bind() creates the client + * socket with these permissions and there is no need to try to change + * them with chmod() after bind() which would have potential issues with +@@ -147,7 +147,7 @@ try_again: + * operations to allow the response to go through. Those are using the + * no-deference-symlinks version to avoid races. */ + fchmod(ctrl->s, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP); +-#endif /* ANDROID */ ++ + if (bind(ctrl->s, (struct sockaddr *) &ctrl->local, + sizeof(ctrl->local)) < 0) { + if (errno == EADDRINUSE && tries < 2) { +@@ -165,7 +165,11 @@ try_again: + return NULL; + } + +-#ifdef ANDROID ++#ifndef ANDROID ++ /* Set group even if we do not have privileges to change owner */ ++ lchown(ctrl->local.sun_path, -1, 101); ++ lchown(ctrl->local.sun_path, 101, 101); ++#else + /* Set group even if we do not have privileges to change owner */ + lchown(ctrl->local.sun_path, -1, AID_WIFI); + lchown(ctrl->local.sun_path, AID_SYSTEM, AID_WIFI); diff --git a/package/network/services/hostapd/patches/700-wifi-reload.patch b/package/network/services/hostapd/patches/700-wifi-reload.patch index e51edd7da..e6d7c2f67 100644 --- a/package/network/services/hostapd/patches/700-wifi-reload.patch +++ b/package/network/services/hostapd/patches/700-wifi-reload.patch @@ -1,6 +1,6 @@ --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -2453,6 +2453,8 @@ static int hostapd_config_fill(struct ho +@@ -2458,6 +2458,8 @@ static int hostapd_config_fill(struct ho bss->isolate = atoi(pos); } else if (os_strcmp(buf, "ap_max_inactivity") == 0) { bss->ap_max_inactivity = atoi(pos); @@ -9,7 +9,7 @@ } else if (os_strcmp(buf, "skip_inactivity_poll") == 0) { bss->skip_inactivity_poll = atoi(pos); } else if (os_strcmp(buf, "country_code") == 0) { -@@ -3153,6 +3155,8 @@ static int hostapd_config_fill(struct ho +@@ -3158,6 +3160,8 @@ static int hostapd_config_fill(struct ho } } else if (os_strcmp(buf, "acs_exclude_dfs") == 0) { conf->acs_exclude_dfs = atoi(pos); @@ -20,7 +20,7 @@ } else if (os_strcmp(buf, "channel") == 0) { --- a/src/ap/ap_config.c +++ b/src/ap/ap_config.c -@@ -791,6 +791,7 @@ void hostapd_config_free_bss(struct host +@@ -792,6 +792,7 @@ void hostapd_config_free_bss(struct host os_free(conf->radius_req_attr_sqlite); os_free(conf->rsn_preauth_interfaces); os_free(conf->ctrl_interface); @@ -28,7 +28,7 @@ os_free(conf->ca_cert); os_free(conf->server_cert); os_free(conf->server_cert2); -@@ -987,6 +988,7 @@ void hostapd_config_free(struct hostapd_ +@@ -988,6 +989,7 @@ void hostapd_config_free(struct hostapd_ for (i = 0; i < conf->num_bss; i++) hostapd_config_free_bss(conf->bss[i]); @@ -47,7 +47,7 @@ enum hostapd_logger_level logger_syslog_level, logger_stdout_level; unsigned int logger_syslog; /* module bitfield */ -@@ -938,6 +940,7 @@ struct spatial_reuse { +@@ -942,6 +944,7 @@ struct spatial_reuse { struct hostapd_config { struct hostapd_bss_config **bss, *last_bss; size_t num_bss; @@ -156,7 +156,7 @@ struct hostapd_config * (*config_read_cb)(const char *config_fname); int (*ctrl_iface_init)(struct hostapd_data *hapd); void (*ctrl_iface_deinit)(struct hostapd_data *hapd); -@@ -156,6 +156,7 @@ struct hostapd_data { +@@ -173,6 +173,7 @@ struct hostapd_data { struct hostapd_config *iconf; struct hostapd_bss_config *conf; struct hostapd_ubus_bss ubus; @@ -164,7 +164,7 @@ int interface_added; /* virtual interface added for this BSS */ unsigned int started:1; unsigned int disabled:1; -@@ -604,7 +605,7 @@ struct hostapd_iface { +@@ -624,7 +625,7 @@ struct hostapd_iface { int hostapd_for_each_interface(struct hapd_interfaces *interfaces, int (*cb)(struct hostapd_iface *iface, void *ctx), void *ctx); @@ -175,7 +175,7 @@ hostapd_alloc_bss_data(struct hostapd_iface *hapd_iface, --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c -@@ -4817,6 +4817,9 @@ static int wpa_driver_nl80211_set_ap(voi +@@ -4833,6 +4833,9 @@ static int wpa_driver_nl80211_set_ap(voi if (ret) { wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)", ret, strerror(-ret)); diff --git a/package/network/services/hostapd/patches/710-vlan_no_bridge.patch b/package/network/services/hostapd/patches/710-vlan_no_bridge.patch index 73db32e54..856dc8ba8 100644 --- a/package/network/services/hostapd/patches/710-vlan_no_bridge.patch +++ b/package/network/services/hostapd/patches/710-vlan_no_bridge.patch @@ -30,7 +30,7 @@ --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3366,6 +3366,8 @@ static int hostapd_config_fill(struct ho +@@ -3381,6 +3381,8 @@ static int hostapd_config_fill(struct ho #ifndef CONFIG_NO_VLAN } else if (os_strcmp(buf, "dynamic_vlan") == 0) { bss->ssid.dynamic_vlan = atoi(pos); diff --git a/package/network/services/hostapd/patches/711-wds_bridge_force.patch b/package/network/services/hostapd/patches/711-wds_bridge_force.patch index d3f8864a7..a22580c35 100644 --- a/package/network/services/hostapd/patches/711-wds_bridge_force.patch +++ b/package/network/services/hostapd/patches/711-wds_bridge_force.patch @@ -1,6 +1,6 @@ --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -2357,6 +2357,8 @@ static int hostapd_config_fill(struct ho +@@ -2358,6 +2358,8 @@ static int hostapd_config_fill(struct ho sizeof(conf->bss[0]->iface)); } else if (os_strcmp(buf, "bridge") == 0) { os_strlcpy(bss->bridge, pos, sizeof(bss->bridge)); diff --git a/package/network/services/hostapd/patches/720-ACS-fix-channel-100-frequency.patch b/package/network/services/hostapd/patches/720-ACS-fix-channel-100-frequency.patch deleted file mode 100644 index 3ef19e529..000000000 --- a/package/network/services/hostapd/patches/720-ACS-fix-channel-100-frequency.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 5a24286ed6315e1fef755ca1970792554f59b1fc Mon Sep 17 00:00:00 2001 -From: David Bauer -Date: Wed, 26 May 2021 22:15:35 +0200 -Subject: [PATCH] ACS: fix channel 100 frequency - -Channel 100 is a valid channel to choose for 80MHz operation. However, -it's assigned to 5500 MHz, not 5550MHz. In fact, there is no channel -assigned to this frequency. - -Fix this obbvious typo to allow ACS to select channel 100 for 80 MHz -operation again. - -Fixes commit bef5eee4f7b2 ("Convert channel to frequency based selection for AP mode ACS") - -Signed-off-by: David Bauer ---- - src/ap/acs.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/src/ap/acs.c -+++ b/src/ap/acs.c -@@ -386,7 +386,7 @@ static int acs_usable_bw40_chan(const st - - static int acs_usable_bw80_chan(const struct hostapd_channel_data *chan) - { -- const int allowed[] = { 5180, 5260, 5550, 5580, 5660, 5745, 5955, 6035, -+ const int allowed[] = { 5180, 5260, 5500, 5580, 5660, 5745, 5955, 6035, - 6115, 6195, 6275, 6355, 6435, 6515, 6595, 6675, - 6755, 6835, 6915, 6995 }; - unsigned int i; diff --git a/package/network/services/hostapd/patches/720-iface_max_num_sta.patch b/package/network/services/hostapd/patches/720-iface_max_num_sta.patch index 72503b1aa..106f9d740 100644 --- a/package/network/services/hostapd/patches/720-iface_max_num_sta.patch +++ b/package/network/services/hostapd/patches/720-iface_max_num_sta.patch @@ -1,6 +1,6 @@ --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -2875,6 +2875,14 @@ static int hostapd_config_fill(struct ho +@@ -2880,6 +2880,14 @@ static int hostapd_config_fill(struct ho line, bss->max_num_sta, MAX_STA_COUNT); return 1; } @@ -17,7 +17,7 @@ } else if (os_strcmp(buf, "extended_key_id") == 0) { --- a/src/ap/hostapd.h +++ b/src/ap/hostapd.h -@@ -648,6 +648,7 @@ void hostapd_cleanup_cs_params(struct ho +@@ -668,6 +668,7 @@ void hostapd_cleanup_cs_params(struct ho void hostapd_periodic_iface(struct hostapd_iface *iface); int hostapd_owe_trans_get_info(struct hostapd_data *hapd); void hostapd_ocv_check_csa_sa_query(void *eloop_ctx, void *timeout_ctx); @@ -60,7 +60,7 @@ struct hapd_interfaces *interfaces = iface->interfaces; --- a/src/ap/beacon.c +++ b/src/ap/beacon.c -@@ -1039,7 +1039,7 @@ void handle_probe_req(struct hostapd_dat +@@ -1068,7 +1068,7 @@ void handle_probe_req(struct hostapd_dat if (hapd->conf->no_probe_resp_if_max_sta && is_multicast_ether_addr(mgmt->da) && is_multicast_ether_addr(mgmt->bssid) && @@ -71,7 +71,7 @@ " since no room for additional STA", --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h -@@ -976,6 +976,8 @@ struct hostapd_config { +@@ -981,6 +981,8 @@ struct hostapd_config { unsigned int track_sta_max_num; unsigned int track_sta_max_age; diff --git a/package/network/services/hostapd/patches/730-ft_iface.patch b/package/network/services/hostapd/patches/730-ft_iface.patch index 0a1a16d6e..b5809222d 100644 --- a/package/network/services/hostapd/patches/730-ft_iface.patch +++ b/package/network/services/hostapd/patches/730-ft_iface.patch @@ -1,6 +1,6 @@ --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -3033,6 +3033,8 @@ static int hostapd_config_fill(struct ho +@@ -3038,6 +3038,8 @@ static int hostapd_config_fill(struct ho wpa_printf(MSG_INFO, "Line %d: Obsolete peerkey parameter ignored", line); #ifdef CONFIG_IEEE80211R_AP @@ -21,7 +21,7 @@ --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c -@@ -1565,8 +1565,12 @@ int hostapd_setup_wpa(struct hostapd_dat +@@ -1566,8 +1566,12 @@ int hostapd_setup_wpa(struct hostapd_dat wpa_key_mgmt_ft(hapd->conf->wpa_key_mgmt)) { const char *ft_iface; diff --git a/package/network/services/hostapd/patches/740-snoop_iface.patch b/package/network/services/hostapd/patches/740-snoop_iface.patch index d206ed732..2ed73750c 100644 --- a/package/network/services/hostapd/patches/740-snoop_iface.patch +++ b/package/network/services/hostapd/patches/740-snoop_iface.patch @@ -55,7 +55,7 @@ "x_snoop: Failed to initialize L2 packet processing %s", --- a/hostapd/config_file.c +++ b/hostapd/config_file.c -@@ -2359,6 +2359,8 @@ static int hostapd_config_fill(struct ho +@@ -2360,6 +2360,8 @@ static int hostapd_config_fill(struct ho os_strlcpy(bss->bridge, pos, sizeof(bss->bridge)); if (!bss->wds_bridge[0]) os_strlcpy(bss->wds_bridge, pos, sizeof(bss->wds_bridge)); diff --git a/package/network/services/hostapd/patches/741-proxyarp-fix-compilation-with-Hotspot-2.0-disabled.patch b/package/network/services/hostapd/patches/741-proxyarp-fix-compilation-with-Hotspot-2.0-disabled.patch deleted file mode 100644 index 657ef5f2e..000000000 --- a/package/network/services/hostapd/patches/741-proxyarp-fix-compilation-with-Hotspot-2.0-disabled.patch +++ /dev/null @@ -1,51 +0,0 @@ -From ad694836b2ded6b97b426bf331627537cdbff591 Mon Sep 17 00:00:00 2001 -From: David Bauer -Date: Thu, 19 Aug 2021 00:52:04 +0200 -Subject: [PATCH] proxyarp: fix compilation with Hotspot 2.0 disabled - -The disable_dgaf config fiels is only available in case Hostapd is -compiled with Hotspot 2.0 support, however Proxy-ARP does not depend on -Hotspot 2.0. - -Only add the code related to this config field when Hotspot 2.0 is -enabled to fix compilation with the aformentioned preconditions. - -Signed-off-by: David Bauer ---- - src/ap/dhcp_snoop.c | 2 ++ - src/ap/ndisc_snoop.c | 2 ++ - 2 files changed, 4 insertions(+) - ---- a/src/ap/dhcp_snoop.c -+++ b/src/ap/dhcp_snoop.c -@@ -88,6 +88,7 @@ static void handle_dhcp(void *ctx, const - } - } - -+#ifdef CONFIG_HS20 - if (hapd->conf->disable_dgaf && is_broadcast_ether_addr(buf)) { - for (sta = hapd->sta_list; sta; sta = sta->next) { - if (!(sta->flags & WLAN_STA_AUTHORIZED)) -@@ -96,6 +97,7 @@ static void handle_dhcp(void *ctx, const - (u8 *) buf, len); - } - } -+#endif - - if (msgtype == DHCPACK) { - if (b->your_ip == 0) ---- a/src/ap/ndisc_snoop.c -+++ b/src/ap/ndisc_snoop.c -@@ -151,10 +151,12 @@ static void handle_ndisc(void *ctx, cons - return; - } - break; -+#ifdef CONFIG_HS20 - case ROUTER_ADVERTISEMENT: - if (hapd->conf->disable_dgaf) - ucast_to_stas(hapd, buf, len); - break; -+#endif - case NEIGHBOR_ADVERTISEMENT: - if (hapd->conf->na_mcast_to_ucast) - ucast_to_stas(hapd, buf, len); diff --git a/package/network/services/hostapd/patches/750-qos_map_set_without_interworking.patch b/package/network/services/hostapd/patches/750-qos_map_set_without_interworking.patch new file mode 100644 index 000000000..43a4ea73b --- /dev/null +++ b/package/network/services/hostapd/patches/750-qos_map_set_without_interworking.patch @@ -0,0 +1,112 @@ +--- a/hostapd/config_file.c ++++ b/hostapd/config_file.c +@@ -1644,6 +1644,8 @@ static int parse_anqp_elem(struct hostap + return 0; + } + ++#endif /* CONFIG_INTERWORKING */ ++ + + static int parse_qos_map_set(struct hostapd_bss_config *bss, + char *buf, int line) +@@ -1685,8 +1687,6 @@ static int parse_qos_map_set(struct host + return 0; + } + +-#endif /* CONFIG_INTERWORKING */ +- + + #ifdef CONFIG_HS20 + static int hs20_parse_conn_capab(struct hostapd_bss_config *bss, char *buf, +@@ -4077,10 +4077,10 @@ static int hostapd_config_fill(struct ho + bss->gas_frag_limit = val; + } else if (os_strcmp(buf, "gas_comeback_delay") == 0) { + bss->gas_comeback_delay = atoi(pos); ++#endif /* CONFIG_INTERWORKING */ + } else if (os_strcmp(buf, "qos_map_set") == 0) { + if (parse_qos_map_set(bss, pos, line) < 0) + return 1; +-#endif /* CONFIG_INTERWORKING */ + #ifdef CONFIG_RADIUS_TEST + } else if (os_strcmp(buf, "dump_msk_file") == 0) { + os_free(bss->dump_msk_file); +--- a/src/ap/hostapd.c ++++ b/src/ap/hostapd.c +@@ -1415,6 +1415,7 @@ static int hostapd_setup_bss(struct host + wpa_printf(MSG_ERROR, "GAS server initialization failed"); + return -1; + } ++#endif /* CONFIG_INTERWORKING */ + + if (conf->qos_map_set_len && + hostapd_drv_set_qos_map(hapd, conf->qos_map_set, +@@ -1422,7 +1423,6 @@ static int hostapd_setup_bss(struct host + wpa_printf(MSG_ERROR, "Failed to initialize QoS Map"); + return -1; + } +-#endif /* CONFIG_INTERWORKING */ + + if (conf->bss_load_update_period && bss_load_update_init(hapd)) { + wpa_printf(MSG_ERROR, "BSS Load initialization failed"); +--- a/src/ap/drv_callbacks.c ++++ b/src/ap/drv_callbacks.c +@@ -271,12 +271,10 @@ int hostapd_notif_assoc(struct hostapd_d + } + #endif /* NEED_AP_MLME */ + +-#ifdef CONFIG_INTERWORKING + if (elems.ext_capab && elems.ext_capab_len > 4) { + if (elems.ext_capab[4] & 0x01) + sta->qos_map_enabled = 1; + } +-#endif /* CONFIG_INTERWORKING */ + + #ifdef CONFIG_HS20 + wpabuf_free(sta->hs20_ie); +--- a/src/ap/ieee802_11.c ++++ b/src/ap/ieee802_11.c +@@ -4129,13 +4129,11 @@ static u16 copy_supp_rates(struct hostap + static u16 check_ext_capab(struct hostapd_data *hapd, struct sta_info *sta, + const u8 *ext_capab_ie, size_t ext_capab_ie_len) + { +-#ifdef CONFIG_INTERWORKING + /* check for QoS Map support */ + if (ext_capab_ie_len >= 5) { + if (ext_capab_ie[4] & 0x01) + sta->qos_map_enabled = 1; + } +-#endif /* CONFIG_INTERWORKING */ + + if (ext_capab_ie_len > 0) { + sta->ecsa_supported = !!(ext_capab_ie[0] & BIT(2)); +--- a/wpa_supplicant/events.c ++++ b/wpa_supplicant/events.c +@@ -2540,8 +2540,6 @@ void wnm_bss_keep_alive_deinit(struct wp + } + + +-#ifdef CONFIG_INTERWORKING +- + static int wpas_qos_map_set(struct wpa_supplicant *wpa_s, const u8 *qos_map, + size_t len) + { +@@ -2574,8 +2572,6 @@ static void interworking_process_assoc_r + } + } + +-#endif /* CONFIG_INTERWORKING */ +- + + static void multi_ap_process_assoc_resp(struct wpa_supplicant *wpa_s, + const u8 *ies, size_t ies_len) +@@ -2908,10 +2904,8 @@ static int wpa_supplicant_event_associnf + wnm_process_assoc_resp(wpa_s, data->assoc_info.resp_ies, + data->assoc_info.resp_ies_len); + #endif /* CONFIG_WNM */ +-#ifdef CONFIG_INTERWORKING + interworking_process_assoc_resp(wpa_s, data->assoc_info.resp_ies, + data->assoc_info.resp_ies_len); +-#endif /* CONFIG_INTERWORKING */ + if (wpa_s->hw_capab == CAPAB_VHT && + get_ie(data->assoc_info.resp_ies, + data->assoc_info.resp_ies_len, WLAN_EID_VHT_CAP)) diff --git a/package/network/services/hostapd/patches/751-qos_map_ignore_when_unsupported.patch b/package/network/services/hostapd/patches/751-qos_map_ignore_when_unsupported.patch new file mode 100644 index 000000000..8af5a0a04 --- /dev/null +++ b/package/network/services/hostapd/patches/751-qos_map_ignore_when_unsupported.patch @@ -0,0 +1,12 @@ +--- a/src/ap/ap_drv_ops.c ++++ b/src/ap/ap_drv_ops.c +@@ -850,7 +850,8 @@ int hostapd_start_dfs_cac(struct hostapd + int hostapd_drv_set_qos_map(struct hostapd_data *hapd, + const u8 *qos_map_set, u8 qos_map_set_len) + { +- if (!hapd->driver || !hapd->driver->set_qos_map || !hapd->drv_priv) ++ if (!hapd->driver || !hapd->driver->set_qos_map || !hapd->drv_priv || ++ !(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)) + return 0; + return hapd->driver->set_qos_map(hapd->drv_priv, qos_map_set, + qos_map_set_len); diff --git a/package/network/services/hostapd/src/src/ap/ubus.c b/package/network/services/hostapd/src/src/ap/ubus.c index 69778596a..bdab8fa7b 100644 --- a/package/network/services/hostapd/src/src/ap/ubus.c +++ b/package/network/services/hostapd/src/src/ap/ubus.c @@ -11,6 +11,7 @@ #include "utils/eloop.h" #include "utils/wpabuf.h" #include "common/ieee802_11_defs.h" +#include "common/hw_features_common.h" #include "hostapd.h" #include "neighbor_db.h" #include "wps_hostapd.h" @@ -22,6 +23,7 @@ #include "wnm_ap.h" #include "taxonomy.h" #include "airtime_policy.h" +#include "hw_features.h" static struct ubus_context *ctx; static struct blob_buf b; @@ -320,6 +322,16 @@ hostapd_bss_get_clients(struct ubus_context *ctx, struct ubus_object *obj, for (i = 0; i < ARRAY_SIZE(sta->rrm_enabled_capa); i++) blobmsg_add_u32(&b, "", sta->rrm_enabled_capa[i]); blobmsg_close_array(&b, r); + + r = blobmsg_open_array(&b, "extended_capabilities"); + /* Check if client advertises extended capabilities */ + if (sta->ext_capability && sta->ext_capability[0] > 0) { + for (i = 0; i < sta->ext_capability[0]; i++) { + blobmsg_add_u32(&b, "", sta->ext_capability[1 + i]); + } + } + blobmsg_close_array(&b, r); + blobmsg_add_u32(&b, "aid", sta->aid); #ifdef CONFIG_TAXONOMY r = blobmsg_alloc_string_buffer(&b, "signature", 1024); @@ -406,14 +418,20 @@ hostapd_bss_get_status(struct ubus_context *ctx, struct ubus_object *obj, struct blob_attr *msg) { struct hostapd_data *hapd = container_of(obj, struct hostapd_data, ubus.obj); - void *airtime_table, *dfs_table; + void *airtime_table, *dfs_table, *rrm_table, *wnm_table; struct os_reltime now; char ssid[SSID_MAX_LEN + 1]; char phy_name[17]; size_t ssid_len = SSID_MAX_LEN; + u8 channel = 0, op_class = 0; if (hapd->conf->ssid.ssid_len < SSID_MAX_LEN) ssid_len = hapd->conf->ssid.ssid_len; + + ieee80211_freq_to_channel_ext(hapd->iface->freq, + hapd->iconf->secondary_channel, + hostapd_get_oper_chwidth(hapd->iconf), + &op_class, &channel); blob_buf_init(&b, 0); blobmsg_add_string(&b, "status", hostapd_state_text(hapd->iface->state)); @@ -424,11 +442,25 @@ hostapd_bss_get_status(struct ubus_context *ctx, struct ubus_object *obj, blobmsg_add_string(&b, "ssid", ssid); blobmsg_add_u32(&b, "freq", hapd->iface->freq); - blobmsg_add_u32(&b, "channel", ieee80211_frequency_to_channel(hapd->iface->freq)); + blobmsg_add_u32(&b, "channel", channel); + blobmsg_add_u32(&b, "op_class", op_class); + blobmsg_add_u32(&b, "beacon_interval", hapd->iconf->beacon_int); snprintf(phy_name, 17, "%s", hapd->iface->phy); blobmsg_add_string(&b, "phy", phy_name); + /* RRM */ + rrm_table = blobmsg_open_table(&b, "rrm"); + blobmsg_add_u64(&b, "neighbor_report_tx", hapd->openwrt_stats.rrm.neighbor_report_tx); + blobmsg_close_table(&b, rrm_table); + + /* WNM */ + wnm_table = blobmsg_open_table(&b, "wnm"); + blobmsg_add_u64(&b, "bss_transition_query_rx", hapd->openwrt_stats.wnm.bss_transition_query_rx); + blobmsg_add_u64(&b, "bss_transition_request_tx", hapd->openwrt_stats.wnm.bss_transition_request_tx); + blobmsg_add_u64(&b, "bss_transition_response_rx", hapd->openwrt_stats.wnm.bss_transition_response_rx); + blobmsg_close_table(&b, wnm_table); + /* Airtime */ airtime_table = blobmsg_open_table(&b, "airtime"); blobmsg_add_u64(&b, "time", hapd->iface->last_channel_time); @@ -781,6 +813,7 @@ hostapd_switch_chan(struct ubus_context *ctx, struct ubus_object *obj, struct hostapd_data *hapd = get_hapd_from_object(obj); struct hostapd_config *iconf = hapd->iface->conf; struct hostapd_freq_params *freq_params; + struct hostapd_hw_modes *mode = hapd->iface->current_mode; struct csa_settings css = { .freq_params = { .ht_enabled = iconf->ieee80211n, @@ -789,6 +822,8 @@ hostapd_switch_chan(struct ubus_context *ctx, struct ubus_object *obj, .sec_channel_offset = iconf->secondary_channel, } }; + u8 chwidth = hostapd_get_oper_chwidth(iconf); + u8 seg0 = 0, seg1 = 0; int ret = UBUS_STATUS_OK; int i; @@ -830,6 +865,35 @@ hostapd_switch_chan(struct ubus_context *ctx, struct ubus_object *obj, SET_CSA_SETTING(CSA_HE, freq_params.he_enabled, bool); SET_CSA_SETTING(CSA_BLOCK_TX, block_tx, bool); + css.freq_params.channel = hostapd_hw_get_channel(hapd, css.freq_params.freq); + if (!css.freq_params.channel) + return UBUS_STATUS_NOT_SUPPORTED; + + switch (css.freq_params.bandwidth) { + case 160: + chwidth = CHANWIDTH_160MHZ; + break; + case 80: + chwidth = css.freq_params.center_freq2 ? CHANWIDTH_80P80MHZ : CHANWIDTH_80MHZ; + break; + default: + chwidth = CHANWIDTH_USE_HT; + break; + } + + hostapd_set_freq_params(&css.freq_params, iconf->hw_mode, + css.freq_params.freq, + css.freq_params.channel, iconf->enable_edmg, + iconf->edmg_channel, + css.freq_params.ht_enabled, + css.freq_params.vht_enabled, + css.freq_params.he_enabled, + css.freq_params.sec_channel_offset, + chwidth, seg0, seg1, + iconf->vht_capab, + mode ? &mode->he_capab[IEEE80211_MODE_AP] : + NULL); + for (i = 0; i < hapd->iface->num_bss; i++) { struct hostapd_data *bss = hapd->iface->bss[i]; @@ -1175,7 +1239,7 @@ hostapd_rrm_nr_set(struct ubus_context *ctx, struct ubus_object *obj, memcpy(&ssid, s, ssid.ssid_len); } - hostapd_neighbor_set(hapd, bssid, &ssid, data, NULL, NULL, 0); + hostapd_neighbor_set(hapd, bssid, &ssid, data, NULL, NULL, 0, 0); wpabuf_free(data); continue; @@ -1278,7 +1342,8 @@ hostapd_rrm_beacon_req(struct ubus_context *ctx, struct ubus_object *obj, static int hostapd_bss_tr_send(struct hostapd_data *hapd, u8 *addr, bool disassoc_imminent, bool abridged, - u16 disassoc_timer, u8 validity_period, struct blob_attr *neighbors) + u16 disassoc_timer, u8 validity_period, u8 dialog_token, + struct blob_attr *neighbors) { struct blob_attr *cur; struct sta_info *sta; @@ -1338,7 +1403,7 @@ hostapd_bss_tr_send(struct hostapd_data *hapd, u8 *addr, bool disassoc_imminent, req_mode |= WNM_BSS_TM_REQ_DISASSOC_IMMINENT; if (wnm_send_bss_tm_req(hapd, sta, req_mode, disassoc_timer, validity_period, NULL, - NULL, nr, nr_len, NULL, 0)) + dialog_token, NULL, nr, nr_len, NULL, 0)) return UBUS_STATUS_UNKNOWN_ERROR; return 0; @@ -1351,6 +1416,7 @@ enum { BSS_TR_VALID_PERIOD, BSS_TR_NEIGHBORS, BSS_TR_ABRIDGED, + BSS_TR_DIALOG_TOKEN, __BSS_TR_DISASSOC_MAX }; @@ -1361,6 +1427,7 @@ static const struct blobmsg_policy bss_tr_policy[__BSS_TR_DISASSOC_MAX] = { [BSS_TR_VALID_PERIOD] = { "validity_period", BLOBMSG_TYPE_INT32 }, [BSS_TR_NEIGHBORS] = { "neighbors", BLOBMSG_TYPE_ARRAY }, [BSS_TR_ABRIDGED] = { "abridged", BLOBMSG_TYPE_BOOL }, + [BSS_TR_DIALOG_TOKEN] = { "dialog_token", BLOBMSG_TYPE_INT32 }, }; static int @@ -1374,6 +1441,7 @@ hostapd_bss_transition_request(struct ubus_context *ctx, struct ubus_object *obj u32 da_timer = 0; u32 valid_period = 0; u8 addr[ETH_ALEN]; + u32 dialog_token = 1; bool abridged; bool da_imminent; @@ -1391,11 +1459,14 @@ hostapd_bss_transition_request(struct ubus_context *ctx, struct ubus_object *obj if (tb[BSS_TR_VALID_PERIOD]) valid_period = blobmsg_get_u32(tb[BSS_TR_VALID_PERIOD]); + if (tb[BSS_TR_DIALOG_TOKEN]) + dialog_token = blobmsg_get_u32(tb[BSS_TR_DIALOG_TOKEN]); + da_imminent = !!(tb[BSS_TR_DA_IMMINENT] && blobmsg_get_bool(tb[BSS_TR_DA_IMMINENT])); abridged = !!(tb[BSS_TR_ABRIDGED] && blobmsg_get_bool(tb[BSS_TR_ABRIDGED])); return hostapd_bss_tr_send(hapd, addr, da_imminent, abridged, da_timer, valid_period, - tb[BSS_TR_NEIGHBORS]); + dialog_token, tb[BSS_TR_NEIGHBORS]); } enum { @@ -1439,7 +1510,7 @@ hostapd_wnm_disassoc_imminent(struct ubus_context *ctx, struct ubus_object *obj, abridged = !!(tb[WNM_DISASSOC_ABRIDGED] && blobmsg_get_bool(tb[WNM_DISASSOC_ABRIDGED])); return hostapd_bss_tr_send(hapd, addr, true, abridged, duration, duration, - tb[WNM_DISASSOC_NEIGHBORS]); + 1, tb[WNM_DISASSOC_NEIGHBORS]); } #endif @@ -1830,13 +1901,30 @@ void hostapd_ubus_notify_radar_detected(struct hostapd_iface *iface, int frequen } } +#ifdef CONFIG_WNM_AP +static void hostapd_ubus_notify_bss_transition_add_candidate_list( + const u8 *candidate_list, u16 candidate_list_len) +{ + char *cl_str; + int i; + + if (candidate_list_len == 0) + return; + + cl_str = blobmsg_alloc_string_buffer(&b, "candidate-list", candidate_list_len * 2 + 1); + for (i = 0; i < candidate_list_len; i++) + snprintf(&cl_str[i*2], 3, "%02X", candidate_list[i]); + blobmsg_add_string_buffer(&b); + +} +#endif + void hostapd_ubus_notify_bss_transition_response( struct hostapd_data *hapd, const u8 *addr, u8 dialog_token, u8 status_code, u8 bss_termination_delay, const u8 *target_bssid, const u8 *candidate_list, u16 candidate_list_len) { #ifdef CONFIG_WNM_AP - char *cl_str; u16 i; if (!hapd->ubus.obj.has_subscribers) @@ -1852,13 +1940,45 @@ void hostapd_ubus_notify_bss_transition_response( blobmsg_add_u8(&b, "bss-termination-delay", bss_termination_delay); if (target_bssid) blobmsg_add_macaddr(&b, "target-bssid", target_bssid); - if (candidate_list_len > 0) { - cl_str = blobmsg_alloc_string_buffer(&b, "candidate-list", candidate_list_len * 2 + 1); - for (i = 0; i < candidate_list_len; i++) - snprintf(&cl_str[i*2], 3, "%02X", candidate_list[i]); - blobmsg_add_string_buffer(&b); - } + + hostapd_ubus_notify_bss_transition_add_candidate_list(candidate_list, candidate_list_len); ubus_notify(ctx, &hapd->ubus.obj, "bss-transition-response", b.head, -1); #endif } + +int hostapd_ubus_notify_bss_transition_query( + struct hostapd_data *hapd, const u8 *addr, u8 dialog_token, u8 reason, + const u8 *candidate_list, u16 candidate_list_len) +{ +#ifdef CONFIG_WNM_AP + struct ubus_event_req ureq = {}; + char *cl_str; + u16 i; + + if (!hapd->ubus.obj.has_subscribers) + return 0; + + if (!addr) + return 0; + + blob_buf_init(&b, 0); + blobmsg_add_macaddr(&b, "address", addr); + blobmsg_add_u8(&b, "dialog-token", dialog_token); + blobmsg_add_u8(&b, "reason", reason); + hostapd_ubus_notify_bss_transition_add_candidate_list(candidate_list, candidate_list_len); + + if (!hapd->ubus.notify_response) { + ubus_notify(ctx, &hapd->ubus.obj, "bss-transition-query", b.head, -1); + return 0; + } + + if (ubus_notify_async(ctx, &hapd->ubus.obj, "bss-transition-query", b.head, &ureq.nreq)) + return 0; + + ureq.nreq.status_cb = ubus_event_cb; + ubus_complete_request(ctx, &ureq.nreq.req, 100); + + return ureq.resp; +#endif +} diff --git a/package/network/services/hostapd/src/src/ap/ubus.h b/package/network/services/hostapd/src/src/ap/ubus.h index 899b001dd..f1bc093e5 100644 --- a/package/network/services/hostapd/src/src/ap/ubus.h +++ b/package/network/services/hostapd/src/src/ap/ubus.h @@ -61,6 +61,9 @@ void hostapd_ubus_notify_bss_transition_response( const u8 *candidate_list, u16 candidate_list_len); void hostapd_ubus_add(struct hapd_interfaces *interfaces); void hostapd_ubus_free(struct hapd_interfaces *interfaces); +int hostapd_ubus_notify_bss_transition_query( + struct hostapd_data *hapd, const u8 *addr, u8 dialog_token, u8 reason, + const u8 *candidate_list, u16 candidate_list_len); #else @@ -125,6 +128,13 @@ static inline void hostapd_ubus_add(struct hapd_interfaces *interfaces) static inline void hostapd_ubus_free(struct hapd_interfaces *interfaces) { } + +static inline int hostapd_ubus_notify_bss_transition_query( + struct hostapd_data *hapd, const u8 *addr, u8 dialog_token, u8 reason, + const u8 *candidate_list, u16 candidate_list_len) +{ + return 0; +} #endif #endif diff --git a/package/network/services/hostapd/src/src/utils/build_features.h b/package/network/services/hostapd/src/src/utils/build_features.h index 3ab5246c7..cb7cb7273 100644 --- a/package/network/services/hostapd/src/src/utils/build_features.h +++ b/package/network/services/hostapd/src/src/utils/build_features.h @@ -50,6 +50,10 @@ static inline int has_feature(const char *feat) #ifdef CONFIG_WPS if (!strcmp(feat, "wps")) return 1; +#endif +#ifdef CONFIG_FILS + if (!strcmp(feat, "fils")) + return 1; #endif return 0; }