[openwrt/openwrt] hostapd: update to 2022-06-02

LEDE Commits lede-commits at lists.infradead.org
Sat Jun 18 13:12:05 PDT 2022 

blocktrron pushed a commit to openwrt/openwrt.git, branch master:
https://git.openwrt.org/dab91036d69bf1fd30400fcd9c3b96bf7f4f8c78

commit dab91036d69bf1fd30400fcd9c3b96bf7f4f8c78
Author: David Bauer <mail at david-bauer.net>
AuthorDate: Fri Jun 10 10:48:14 2022 +0200

    hostapd: update to 2022-06-02
    
    4383528e0 P2P: Use weighted preferred channel list for channel selection
    f2c5c8d38 QCA vendor attribute to configure RX link speed threshold for roaming
    94bc94b20 Add QCA vendor attribute for DO_ACS to allow using existing scan entries
    b9e2826b9 P2P: Filter 6 GHz channels if peer doesn't support them
    d5a9944b8 Reserve QCA vendor sub command id 206..212
    ed63c286f Remove space before tab in QCA vendor commands
    e4015440a ProxyARP: Clear bridge parameters on deinit only if hostapd set them
    02047e9c8 hs20-osu-client: Explicit checks for snprintf() result
    cd92f7f98 FIPS PRF: Avoid duplicate SHA1Init() functionality
    5c87fcc15 OpenSSL: Use internal FIPS 186-2 PRF with OpenSSL 3.0
    9e305878c SAE-PK: Fix build without AES-SIV
    c41004d86 OpenSSL: Convert more crypto_ec_key routines to new EVP API
    667a2959c OpenSSL: crypto_ec_key_get_public_key() using new EVP_PKEY API
    5b97395b3 OpenSSL: crypto_ec_key_get_private_key() using new EVP_PKEY API
    177ebfe10 crypto: Convert crypto_ec_key_get_public_key() to return new ec_point
    26780d92f crypto: Convert crypto_ec_key_get_private_key() to return new bignum
    c9c2c2d9c OpenSSL: Fix a memory leak on crypto_hash_init() error path
    6d19dccf9 OpenSSL: Free OSSL_DECODER_CTX in tls_global_dh()
    4f4479ef9 OpenSSL: crypto_ec_key_parse_{priv,pub}() without EC_KEY API
    b092d8ee6 tests: imsi_privacy_attr
    563699174 EAP-SIM/AKA peer: IMSI privacy attribute
    1004fb7ee tests: Testing functionality to discard DPP Public Action frames
    355069616 tests: Add forgotten files for expired IMSI privacy cert tests
    b9a222cdd tests: sigma_dut and DPP curve-from-URI special functionality
    fa36e7ee4 tests: sigma_dut controlled STA and EAP-AKA parameters
    99165cc4b Rename wpa_supplicant imsi_privacy_key configuration parameter
    dde7f90a4 tests: Update VM setup example to use Ubuntu 22.04 and UML
    426932f06 tests: EAP-AKA and expired imsi_privacy_key
    35eda6e70 EAP-SIM peer: Free imsi_privacy_key on an error path
    1328cdeb1 Do not try to use network profile with invalid imsi_privacy_key
    d1652dc7c OpenSSL: Refuse to accept expired RSA certificate
    866e7b745 OpenSSL: Include rsa.h for OpenSSL 3.0
    bc99366f9 OpenSSL: Drop security level to 0 with OpenSSL 3.0 when using TLS 1.0/1.1
    39e662308 tests: Work around reentrant logging issues due to __del__ misuse
    72641f924 tests: Clean up failed test list in parallel-vm.py
    e36a7c794 tests: Support pycryptodome
    a44744d3b tests: Set ECB mode for AES explicitly to work with cryptodome
    e90ea900a tests: sigma_dut DPP TCP Configurator as initiator with addr from URI
    ed325ff0f DPP: Allow TCP destination (address/port) to be used from peer URI
    e58dabbcf tests: DPP URI with host info
    37bb4178b DPP: Host information in bootstrapping URI
    1142b6e41 EHT: Do not check HE PHY capability info reserved fields
    7173992b9 tests: Flush scan table in ap_wps_priority to make it more robust
    b9313e17e tests: Update ap_wpa2_psk_ext_delayed_ptk_rekey to match implementation
    bc3699179 Use Secure=1 in PTK rekeying EAPOL-Key msg 1/4 and 2/4
    d2ce1b4d6 tests: Wait for request before responding in dscp_response
    
    Compile-tested: all versions / ath79-generic, ramips-mt7621
    Run-tested: hostapd-wolfssl / ath79-generic, ramips-mt7621
    
    Signed-off-by: David Bauer <mail at david-bauer.net>
---
 package/network/services/hostapd/Makefile             |  6 +++---
 .../services/hostapd/patches/991-fix-compile.patch    | 19 +++++++++++++++++++
 2 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile
index a4640f1197..a3274c8d4d 100644
--- a/package/network/services/hostapd/Makefile
+++ b/package/network/services/hostapd/Makefile
@@ -9,9 +9,9 @@ PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_SOURCE_URL:=http://w1.fi/hostap.git
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_DATE:=2022-05-08
-PKG_SOURCE_VERSION:=b859b9bceadccd882252ff0aa2fdba0d3b91764e
-PKG_MIRROR_HASH:=4655a747c197d7622b41865203d6601a080b9750fcd68073688cbb6076d13894
+PKG_SOURCE_DATE:=2022-06-02
+PKG_SOURCE_VERSION:=4383528e01955d995d3b3db201e4c0f9840e8236
+PKG_MIRROR_HASH:=1b533287661d4877d56aca8a5b2a53d84d2a90eebe246d8d9b3adf943da7f0a1
 
 PKG_MAINTAINER:=Felix Fietkau <nbd at nbd.name>
 PKG_LICENSE:=BSD-3-Clause
diff --git a/package/network/services/hostapd/patches/991-fix-compile.patch b/package/network/services/hostapd/patches/991-fix-compile.patch
new file mode 100644
index 0000000000..d08efa08bd
--- /dev/null
+++ b/package/network/services/hostapd/patches/991-fix-compile.patch
@@ -0,0 +1,19 @@
+--- a/wpa_supplicant/wpa_supplicant.c
++++ b/wpa_supplicant/wpa_supplicant.c
+@@ -8104,6 +8104,7 @@ int wpas_network_disabled(struct wpa_sup
+ 	    !ssid->mem_only_psk)
+ 		return 1;
+ 
++#ifdef CONFIG_IEEE8021X_EAPOL
+ #ifdef CRYPTO_RSA_OAEP_SHA256
+ 	if (ssid->eap.imsi_privacy_cert) {
+ 		struct crypto_rsa_key *key;
+@@ -8121,7 +8122,7 @@ int wpas_network_disabled(struct wpa_sup
+ 		}
+ 	}
+ #endif /* CRYPTO_RSA_OAEP_SHA256 */
+-
++#endif /* CONFIG_IEEE8021X_EAPOL */
+ 	return 0;
+ }
+

More information about the lede-commits mailing list