[openwrt/openwrt] hostapd: update to version 2025-05-23
LEDE Commits
lede-commits at lists.infradead.org
Thu May 29 02:34:55 PDT 2025
robimarko pushed a commit to openwrt/openwrt.git, branch main:
https://git.openwrt.org/70505e0e517f6d0a5c6dc8c842f44be8d2d138a2
commit 70505e0e517f6d0a5c6dc8c842f44be8d2d138a2
Author: Agustin Lorenzo <agustin.lorenzo at thinco.es>
AuthorDate: Sun Apr 6 21:44:21 2025 +0200
hostapd: update to version 2025-05-23
Manually refreshed:
301-mesh-noscan.patch
601-ucode_support.patch
770-radius_server.patch
Automatically rebased all other patches.
Signed-off-by: Agustin Lorenzo <agustin.lorenzo at thinco.es>
Link: https://github.com/openwrt/openwrt/pull/18426
Signed-off-by: Robert Marko <robimarko at gmail.com>
---
package/network/services/hostapd/Makefile | 6 +-
...DFS-channels-to-be-selected-if-dfs-is-ena.patch | 83 +++++++++++----------
...e-deterministic-channel-on-channel-switch.patch | 2 +-
...021-fix-sta-add-after-previous-connection.patch | 4 +-
.../hostapd/patches/050-Fix-OpenWrt-13156.patch | 6 +-
...1-add-extra-ies-only-if-allowed-by-driver.patch | 4 +-
...10-mbedtls-TLS-crypto-option-initial-port.patch | 18 ++---
.../patches/120-mbedtls-fips186_2_prf.patch | 2 +-
...s-Makefile-make-run-tests-with-CONFIG_TLS.patch | 54 +++++++-------
...ULL-checks-encountered-during-tests-hwsim.patch | 2 +-
...0-hostapd-update-cfs0-and-cfs1-for-160MHz.patch | 10 +--
.../services/hostapd/patches/200-multicall.patch | 30 ++++----
.../patches/201-lto-jobserver-support.patch | 2 +-
...e-WNM_AP-functions-dependant-on-CONFIG_AP.patch | 4 +-
...finition-of-WLAN_SUPP_RATES_MAX-to-defs.h.patch | 2 +-
.../patches/252-disable_ctrl_iface_mib.patch | 28 +++----
.../services/hostapd/patches/300-noscan.patch | 4 +-
.../services/hostapd/patches/301-mesh-noscan.patch | 30 ++++----
.../hostapd/patches/310-rescan_immediately.patch | 2 +-
.../patches/350-nl80211_del_beacon_bss.patch | 4 +-
...ant-add-new-config-params-to-be-used-with.patch | 8 +-
.../patches/463-add-mcast_rate-to-11s.patch | 8 +-
.../hostapd/patches/464-fix-mesh-obss-check.patch | 2 +-
...5-hostapd-config-support-random-BSS-color.patch | 2 +-
.../hostapd/patches/600-ubus_support.patch | 52 ++++++-------
.../hostapd/patches/601-ucode_support.patch | 86 +++++++++++-----------
.../hostapd/patches/701-reload_config_inline.patch | 2 +-
.../hostapd/patches/710-vlan_no_bridge.patch | 4 +-
.../hostapd/patches/711-wds_bridge_force.patch | 4 +-
.../hostapd/patches/720-iface_max_num_sta.patch | 6 +-
.../services/hostapd/patches/730-ft_iface.patch | 6 +-
.../services/hostapd/patches/740-snoop_iface.patch | 10 +--
.../hostapd/patches/760-dynamic_own_ip.patch | 12 +--
...nore-probe-requests-with-invalid-DSSS-par.patch | 2 +-
.../hostapd/patches/763-radius-wispr.patch | 10 +--
.../hostapd/patches/770-radius_server.patch | 16 ++--
...Implement-APuP-Access-Point-Micro-Peering.patch | 18 ++---
.../patches/803-hostapd-fix-80211be-build.patch | 4 +-
38 files changed, 277 insertions(+), 272 deletions(-)
diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile
index 2e04540675..62c0a1952f 100644
--- a/package/network/services/hostapd/Makefile
+++ b/package/network/services/hostapd/Makefile
@@ -9,9 +9,9 @@ PKG_RELEASE:=2
PKG_SOURCE_URL:=https://w1.fi/hostap.git
PKG_SOURCE_PROTO:=git
-PKG_SOURCE_DATE:=2025-02-09
-PKG_SOURCE_VERSION:=c8c7d56a3d3c4ca79bcbb6a87f372ce4bc2e9f11
-PKG_MIRROR_HASH:=fafdef456a545bd1de0cbd7b68b520e5be7e70ad1aab7ef051b1fc5ccaaa012a
+PKG_SOURCE_DATE:=2025-05-23
+PKG_SOURCE_VERSION:=4b8ac10cb77c3d4dbf7ccefbe697dc0578da374c
+PKG_MIRROR_HASH:=25a77ae4b26adef9c0d71c3b175445f246a4530e63563e81b8e19c2436934100
PKG_MAINTAINER:=Felix Fietkau <nbd at nbd.name>
PKG_LICENSE:=BSD-3-Clause
diff --git a/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch b/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch
index 9eef846f82..fc54e9d785 100644
--- a/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch
+++ b/package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch
@@ -14,7 +14,7 @@ Signed-off-by: Peter Oh <peter.oh at bowerswilkins.com>
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -2972,7 +2972,7 @@ static int drv_supports_vht(struct wpa_s
+@@ -2963,7 +2963,7 @@ static int drv_supports_vht(struct wpa_s
}
@@ -23,7 +23,7 @@ Signed-off-by: Peter Oh <peter.oh at bowerswilkins.com>
{
int i;
-@@ -2981,7 +2981,10 @@ static bool ibss_mesh_is_80mhz_avail(int
+@@ -2972,7 +2972,10 @@ static bool ibss_mesh_is_80mhz_avail(int
chan = hw_get_channel_chan(mode, i, NULL);
if (!chan ||
@@ -35,42 +35,44 @@ Signed-off-by: Peter Oh <peter.oh at bowerswilkins.com>
return false;
}
-@@ -3108,7 +3111,7 @@ static void ibss_mesh_select_40mhz(struc
+@@ -3099,7 +3102,7 @@ static void ibss_mesh_select_40mhz(struc
const struct wpa_ssid *ssid,
struct hostapd_hw_modes *mode,
struct hostapd_freq_params *freq,
-- int obss_scan) {
-+ int obss_scan, bool dfs_enabled) {
+- int obss_scan, bool is_6ghz)
++ int obss_scan, bool is_6ghz, bool dfs_enabled)
+ {
int chan_idx;
struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
- int i, res;
-@@ -3132,8 +3135,11 @@ static void ibss_mesh_select_40mhz(struc
+@@ -3130,8 +3133,11 @@ static void ibss_mesh_select_40mhz(struc
return;
/* Check primary channel flags */
- if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
+- return;
+ if (pri_chan->flag & HOSTAPD_CHAN_DISABLED)
- return;
++ return;
+ if (pri_chan->flag & (HOSTAPD_CHAN_RADAR | HOSTAPD_CHAN_NO_IR))
+ if (!dfs_enabled)
+ return;
#ifdef CONFIG_HT_OVERRIDES
if (ssid->disable_ht40)
-@@ -3159,8 +3165,11 @@ static void ibss_mesh_select_40mhz(struc
+@@ -3166,8 +3172,11 @@ static void ibss_mesh_select_40mhz(struc
return;
/* Check secondary channel flags */
- if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
+- return;
+ if (sec_chan->flag & HOSTAPD_CHAN_DISABLED)
- return;
++ return;
+ if (sec_chan->flag & (HOSTAPD_CHAN_RADAR | HOSTAPD_CHAN_NO_IR))
+ if (!dfs_enabled)
+ return;
- if (ht40 == -1) {
- if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
-@@ -3236,7 +3245,7 @@ static bool ibss_mesh_select_80_160mhz(s
+ if (freq->ht_enabled) {
+ if (ht40 == -1) {
+@@ -3245,7 +3254,7 @@ static bool ibss_mesh_select_80_160mhz(s
const struct wpa_ssid *ssid,
struct hostapd_hw_modes *mode,
struct hostapd_freq_params *freq,
@@ -79,7 +81,7 @@ Signed-off-by: Peter Oh <peter.oh at bowerswilkins.com>
static const int bw80[] = {
5180, 5260, 5500, 5580, 5660, 5745, 5825,
5955, 6035, 6115, 6195, 6275, 6355, 6435,
-@@ -3286,7 +3295,7 @@ static bool ibss_mesh_select_80_160mhz(s
+@@ -3298,7 +3307,7 @@ static bool ibss_mesh_select_80_160mhz(s
goto skip_80mhz;
/* Use 40 MHz if channel not usable */
@@ -88,37 +90,40 @@ Signed-off-by: Peter Oh <peter.oh at bowerswilkins.com>
goto skip_80mhz;
chwidth = CONF_OPER_CHWIDTH_80MHZ;
-@@ -3300,7 +3309,7 @@ static bool ibss_mesh_select_80_160mhz(s
- if ((mode->he_capab[ieee80211_mode].phy_cap[
- HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] &
- HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz &&
-- ibss_mesh_is_80mhz_avail(channel + 16, mode)) {
-+ ibss_mesh_is_80mhz_avail(channel + 16, mode, dfs_enabled)) {
+@@ -3340,7 +3349,7 @@ static bool ibss_mesh_select_80_160mhz(s
+ HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) &&
+ (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_160MHZ ||
+ ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_320MHZ) &&
+- ibss_mesh_is_80mhz_avail(channel + 16 * offset_in_160, mode)) {
++ ibss_mesh_is_80mhz_avail(channel + 16 * offset_in_160, mode, dfs_enabled)) {
for (j = 0; j < ARRAY_SIZE(bw160); j++) {
- if (freq->freq == bw160[j]) {
- chwidth = CONF_OPER_CHWIDTH_160MHZ;
-@@ -3317,9 +3326,9 @@ static bool ibss_mesh_select_80_160mhz(s
- if ((mode->eht_capab[ieee80211_mode].phy_cap[
- EHT_PHYCAP_320MHZ_IN_6GHZ_SUPPORT_IDX] &
+ u8 start_chan;
+
+@@ -3363,11 +3372,11 @@ static bool ibss_mesh_select_80_160mhz(s
EHT_PHYCAP_320MHZ_IN_6GHZ_SUPPORT_MASK) && is_6ghz &&
-- ibss_mesh_is_80mhz_avail(channel + 16, mode) &&
-- ibss_mesh_is_80mhz_avail(channel + 32, mode) &&
-- ibss_mesh_is_80mhz_avail(channel + 48, mode)) {
-+ ibss_mesh_is_80mhz_avail(channel + 16, mode, dfs_enabled) &&
-+ ibss_mesh_is_80mhz_avail(channel + 32, mode, dfs_enabled) &&
-+ ibss_mesh_is_80mhz_avail(channel + 48, mode, dfs_enabled)) {
+ ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_320MHZ &&
+ ibss_mesh_is_80mhz_avail(channel + 16 -
+- 64 * ((offset_in_320 + 1) / 4), mode) &&
++ 64 * ((offset_in_320 + 1) / 4), mode, dfs_enabled) &&
+ ibss_mesh_is_80mhz_avail(channel + 32 -
+- 64 * ((offset_in_320 + 2) / 4), mode) &&
++ 64 * ((offset_in_320 + 2) / 4), mode, dfs_enabled) &&
+ ibss_mesh_is_80mhz_avail(channel + 48 -
+- 64 * ((offset_in_320 + 3) / 4), mode)) {
++ 64 * ((offset_in_320 + 3) / 4), mode, dfs_enabled)) {
for (j = 0; j < ARRAY_SIZE(bw320); j += 2) {
if (freq->freq >= bw320[j] &&
freq->freq <= bw320[j + 1]) {
-@@ -3348,10 +3357,12 @@ static bool ibss_mesh_select_80_160mhz(s
+@@ -3396,10 +3405,12 @@ static bool ibss_mesh_select_80_160mhz(s
if (!chan)
continue;
- if (chan->flag & (HOSTAPD_CHAN_DISABLED |
- HOSTAPD_CHAN_NO_IR |
- HOSTAPD_CHAN_RADAR))
+- continue;
+ if (chan->flag & HOSTAPD_CHAN_DISABLED)
- continue;
++ continue;
+ if (chan->flag & (HOSTAPD_CHAN_RADAR |
+ HOSTAPD_CHAN_NO_IR))
+ if (!dfs_enabled)
@@ -126,7 +131,7 @@ Signed-off-by: Peter Oh <peter.oh at bowerswilkins.com>
/* Found a suitable second segment for 80+80 */
chwidth = CONF_OPER_CHWIDTH_80P80MHZ;
-@@ -3406,6 +3417,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -3454,6 +3465,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
int obss_scan = 1;
u8 channel;
bool is_6ghz, is_24ghz;
@@ -134,12 +139,12 @@ Signed-off-by: Peter Oh <peter.oh at bowerswilkins.com>
freq->freq = ssid->frequency;
-@@ -3448,9 +3460,9 @@ void ibss_mesh_setup_freq(struct wpa_sup
- freq->channel = channel;
- /* Setup higher BW only for 5 GHz */
+@@ -3497,9 +3509,9 @@ void ibss_mesh_setup_freq(struct wpa_sup
+ /* Setup higher BW only for 5 and 6 GHz */
if (mode->mode == HOSTAPD_MODE_IEEE80211A) {
-- ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan);
-+ ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan, dfs_enabled);
+ ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan,
+- is_6ghz);
++ is_6ghz, dfs_enabled);
if (!ibss_mesh_select_80_160mhz(wpa_s, ssid, mode, freq,
- ieee80211_mode, is_6ghz))
+ ieee80211_mode, is_6ghz, dfs_enabled))
diff --git a/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch b/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch
index 9d925cd8c6..ea67d653a3 100644
--- a/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch
+++ b/package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch
@@ -68,7 +68,7 @@ Signed-off-by: Markus Theil <markus.theil at tu-ilmenau.de>
chan_idx, num_available_chandefs);
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -11656,6 +11656,10 @@ static int nl80211_switch_channel(void *
+@@ -11592,6 +11592,10 @@ static int nl80211_switch_channel(void *
if (ret)
goto error;
diff --git a/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch b/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch
index a5aa688efb..090df4d5c9 100644
--- a/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch
+++ b/package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch
@@ -4,7 +4,7 @@ Subject: [PATCH] fix adding back stations after a missed deauth/disassoc
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
-@@ -4894,6 +4894,13 @@ static int add_associated_sta(struct hos
+@@ -5033,6 +5033,13 @@ static int add_associated_sta(struct hos
* drivers to accept the STA parameter configuration. Since this is
* after a new FT-over-DS exchange, a new TK has been derived, so key
* reinstallation is not a concern for this case.
@@ -18,7 +18,7 @@ Subject: [PATCH] fix adding back stations after a missed deauth/disassoc
*/
wpa_printf(MSG_DEBUG, "Add associated STA " MACSTR
" (added_unassoc=%d auth_alg=%u ft_over_ds=%u reassoc=%d authorized=%d ft_tk=%d fils_tk=%d)",
-@@ -4907,7 +4914,8 @@ static int add_associated_sta(struct hos
+@@ -5046,7 +5053,8 @@ static int add_associated_sta(struct hos
(!(sta->flags & WLAN_STA_AUTHORIZED) ||
(reassoc && sta->ft_over_ds && sta->auth_alg == WLAN_AUTH_FT) ||
(!wpa_auth_sta_ft_tk_already_set(sta->wpa_sm) &&
diff --git a/package/network/services/hostapd/patches/050-Fix-OpenWrt-13156.patch b/package/network/services/hostapd/patches/050-Fix-OpenWrt-13156.patch
index 584dd3b2f8..252929a64d 100644
--- a/package/network/services/hostapd/patches/050-Fix-OpenWrt-13156.patch
+++ b/package/network/services/hostapd/patches/050-Fix-OpenWrt-13156.patch
@@ -20,7 +20,7 @@ Signed-off-by: Stijn Tintel <stijn at linux-ipv6.be>
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
-@@ -4075,6 +4075,8 @@ int hostapd_remove_iface(struct hapd_int
+@@ -4091,6 +4091,8 @@ int hostapd_remove_iface(struct hapd_int
void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta,
int reassoc)
{
@@ -29,7 +29,7 @@ Signed-off-by: Stijn Tintel <stijn at linux-ipv6.be>
if (hapd->tkip_countermeasures) {
hostapd_drv_sta_deauth(hapd, sta->addr,
WLAN_REASON_MICHAEL_MIC_FAILURE);
-@@ -4082,10 +4084,16 @@ void hostapd_new_assoc_sta(struct hostap
+@@ -4098,10 +4100,16 @@ void hostapd_new_assoc_sta(struct hostap
}
#ifdef CONFIG_IEEE80211BE
@@ -51,7 +51,7 @@ Signed-off-by: Stijn Tintel <stijn at linux-ipv6.be>
ap_sta_clear_assoc_timeout(hapd, sta);
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
-@@ -1552,9 +1552,6 @@ bool ap_sta_set_authorized_flag(struct h
+@@ -1553,9 +1553,6 @@ bool ap_sta_set_authorized_flag(struct h
mld_assoc_link_id = -2;
}
#endif /* CONFIG_IEEE80211BE */
diff --git a/package/network/services/hostapd/patches/051-nl80211-add-extra-ies-only-if-allowed-by-driver.patch b/package/network/services/hostapd/patches/051-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
index cba6614633..b4709cf504 100644
--- a/package/network/services/hostapd/patches/051-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
+++ b/package/network/services/hostapd/patches/051-nl80211-add-extra-ies-only-if-allowed-by-driver.patch
@@ -26,7 +26,7 @@ Signed-off-by: David Bauer <mail at david-bauer.net>
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -2411,6 +2411,9 @@ struct wpa_driver_capa {
+@@ -2441,6 +2441,9 @@ struct wpa_driver_capa {
/** Maximum number of iterations in a single scan plan */
u32 max_sched_scan_plan_iterations;
@@ -38,7 +38,7 @@ Signed-off-by: David Bauer <mail at david-bauer.net>
--- a/src/drivers/driver_nl80211_capa.c
+++ b/src/drivers/driver_nl80211_capa.c
-@@ -984,6 +984,10 @@ static int wiphy_info_handler(struct nl_
+@@ -981,6 +981,10 @@ static int wiphy_info_handler(struct nl_
nla_get_u32(tb[NL80211_ATTR_MAX_SCAN_PLAN_ITERATIONS]);
}
diff --git a/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch b/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch
index ab05c92d36..d90298c97d 100644
--- a/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch
+++ b/package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch
@@ -7772,7 +7772,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
CONFIG_SIM_SIMULATOR=y
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
-@@ -1232,6 +1232,29 @@ endif
+@@ -1234,6 +1234,29 @@ endif
CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\"
endif
@@ -7802,7 +7802,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
ifeq ($(CONFIG_TLS), gnutls)
ifndef CONFIG_CRYPTO
# default to libgcrypt
-@@ -1424,9 +1447,11 @@ endif
+@@ -1426,9 +1449,11 @@ endif
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
@@ -7814,7 +7814,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
ifdef CONFIG_OPENSSL_INTERNAL_AES_WRAP
# Seems to be needed at least with BoringSSL
NEED_INTERNAL_AES_WRAP=y
-@@ -1440,9 +1465,11 @@ endif
+@@ -1442,9 +1467,11 @@ endif
ifdef NEED_INTERNAL_AES_WRAP
ifneq ($(CONFIG_TLS), linux)
@@ -7826,7 +7826,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
ifdef NEED_AES_EAX
AESOBJS += ../src/crypto/aes-eax.o
NEED_AES_CTR=y
-@@ -1452,35 +1479,45 @@ AESOBJS += ../src/crypto/aes-siv.o
+@@ -1454,35 +1481,45 @@ AESOBJS += ../src/crypto/aes-siv.o
NEED_AES_CTR=y
endif
ifdef NEED_AES_CTR
@@ -7872,7 +7872,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
ifdef NEED_AES_ENC
ifdef CONFIG_INTERNAL_AES
AESOBJS += ../src/crypto/aes-internal-enc.o
-@@ -1495,12 +1532,16 @@ ifneq ($(CONFIG_TLS), openssl)
+@@ -1497,12 +1534,16 @@ ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
@@ -7889,7 +7889,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
ifdef CONFIG_INTERNAL_SHA1
SHA1OBJS += ../src/crypto/sha1-internal.o
ifdef NEED_FIPS186_2_PRF
-@@ -1512,29 +1553,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2
+@@ -1514,29 +1555,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2
else
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
@@ -7927,7 +7927,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
ifdef NEED_MD5
ifdef CONFIG_INTERNAL_MD5
MD5OBJS += ../src/crypto/md5-internal.o
-@@ -1589,12 +1638,17 @@ ifneq ($(CONFIG_TLS), openssl)
+@@ -1591,12 +1640,17 @@ ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
@@ -7945,7 +7945,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
ifdef CONFIG_INTERNAL_SHA256
SHA256OBJS += ../src/crypto/sha256-internal.o
endif
-@@ -1607,50 +1661,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512
+@@ -1609,50 +1663,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512
SHA256OBJS += ../src/crypto/sha512-internal.o
endif
ifdef NEED_TLS_PRF_SHA256
@@ -8014,7 +8014,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
ifdef NEED_ASN1
OBJS += ../src/tls/asn1.o
-@@ -1825,10 +1897,12 @@ ifdef CONFIG_FIPS
+@@ -1827,10 +1899,12 @@ ifdef CONFIG_FIPS
CFLAGS += -DCONFIG_FIPS
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
diff --git a/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch b/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch
index 5534de7efa..71b06401cd 100644
--- a/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch
+++ b/package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch
@@ -101,7 +101,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
-@@ -1243,10 +1243,6 @@ endif
+@@ -1245,10 +1245,6 @@ endif
OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
OBJS_p += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
OBJS_priv += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
diff --git a/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch b/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch
index babc2a568d..548358db38 100644
--- a/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch
+++ b/package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch
@@ -739,7 +739,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
hostapd.add_ap(apdev[0], params)
-@@ -3581,7 +3626,7 @@ def test_ap_wpa2_eap_ikev2_oom(dev, apde
+@@ -3588,7 +3633,7 @@ def test_ap_wpa2_eap_ikev2_oom(dev, apde
dev[0].request("REMOVE_NETWORK all")
tls = dev[0].request("GET tls_library")
@@ -748,7 +748,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
tests = [(1, "os_get_random;dh_init")]
else:
tests = [(1, "crypto_dh_init;dh_init")]
-@@ -4901,7 +4946,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
+@@ -4908,7 +4953,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
params["private_key"] = "auth_serv/iCA-server/server.key"
hostapd.add_ap(apdev[0], params)
tls = dev[0].request("GET tls_library")
@@ -757,7 +757,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
ca_cert = "auth_serv/iCA-user/ca-and-root.pem"
client_cert = "auth_serv/iCA-user/user_and_ica.pem"
else:
-@@ -4967,6 +5012,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
+@@ -4974,6 +5019,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
run_ap_wpa2_eap_tls_intermediate_ca_ocsp(dev, apdev, params, "-sha1")
def run_ap_wpa2_eap_tls_intermediate_ca_ocsp(dev, apdev, params, md):
@@ -765,7 +765,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
params = int_eap_server_params()
params["ca_cert"] = "auth_serv/iCA-server/ca-and-root.pem"
params["server_cert"] = "auth_serv/iCA-server/server.pem"
-@@ -4976,7 +5022,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_
+@@ -4983,7 +5029,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_
try:
hostapd.add_ap(apdev[0], params)
tls = dev[0].request("GET tls_library")
@@ -774,7 +774,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
ca_cert = "auth_serv/iCA-user/ca-and-root.pem"
client_cert = "auth_serv/iCA-user/user_and_ica.pem"
else:
-@@ -5012,7 +5058,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_
+@@ -5019,7 +5065,7 @@ def run_ap_wpa2_eap_tls_intermediate_ca_
try:
hostapd.add_ap(apdev[0], params)
tls = dev[0].request("GET tls_library")
@@ -783,7 +783,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
ca_cert = "auth_serv/iCA-user/ca-and-root.pem"
client_cert = "auth_serv/iCA-user/user_and_ica.pem"
else:
-@@ -5062,7 +5108,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
+@@ -5069,7 +5115,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
try:
hostapd.add_ap(apdev[0], params)
tls = dev[0].request("GET tls_library")
@@ -792,7 +792,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
ca_cert = "auth_serv/iCA-user/ca-and-root.pem"
client_cert = "auth_serv/iCA-user/user_and_ica.pem"
else:
-@@ -5129,7 +5175,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
+@@ -5136,7 +5182,7 @@ def test_ap_wpa2_eap_tls_intermediate_ca
hostapd.add_ap(apdev[0], params)
tls = dev[0].request("GET tls_library")
@@ -801,7 +801,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
ca_cert = "auth_serv/iCA-user/ca-and-root.pem"
client_cert = "auth_serv/iCA-user/user_and_ica.pem"
else:
-@@ -5387,6 +5433,7 @@ def test_ap_wpa2_eap_ttls_server_cert_ek
+@@ -5394,6 +5440,7 @@ def test_ap_wpa2_eap_ttls_server_cert_ek
def test_ap_wpa2_eap_ttls_server_pkcs12(dev, apdev):
"""WPA2-Enterprise using EAP-TTLS and server PKCS#12 file"""
@@ -809,7 +809,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
skip_with_fips(dev[0])
params = int_eap_server_params()
del params["server_cert"]
-@@ -5399,6 +5446,7 @@ def test_ap_wpa2_eap_ttls_server_pkcs12(
+@@ -5406,6 +5453,7 @@ def test_ap_wpa2_eap_ttls_server_pkcs12(
def test_ap_wpa2_eap_ttls_server_pkcs12_extra(dev, apdev):
"""EAP-TTLS and server PKCS#12 file with extra certs"""
@@ -817,7 +817,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
skip_with_fips(dev[0])
params = int_eap_server_params()
del params["server_cert"]
-@@ -5421,6 +5469,7 @@ def test_ap_wpa2_eap_ttls_dh_params_serv
+@@ -5428,6 +5476,7 @@ def test_ap_wpa2_eap_ttls_dh_params_serv
def test_ap_wpa2_eap_ttls_dh_params_dsa_server(dev, apdev):
"""WPA2-Enterprise using EAP-TTLS and alternative server dhparams (DSA)"""
@@ -825,7 +825,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
params = int_eap_server_params()
params["dh_file"] = "auth_serv/dsaparam.pem"
hapd = hostapd.add_ap(apdev[0], params)
-@@ -5732,8 +5781,8 @@ def test_ap_wpa2_eap_non_ascii_identity2
+@@ -5739,8 +5788,8 @@ def test_ap_wpa2_eap_non_ascii_identity2
def test_openssl_cipher_suite_config_wpas(dev, apdev):
"""OpenSSL cipher suite configuration on wpa_supplicant"""
tls = dev[0].request("GET tls_library")
@@ -836,7 +836,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
hapd = hostapd.add_ap(apdev[0], params)
eap_connect(dev[0], hapd, "TTLS", "pap user",
-@@ -5759,14 +5808,14 @@ def test_openssl_cipher_suite_config_wpa
+@@ -5766,14 +5815,14 @@ def test_openssl_cipher_suite_config_wpa
def test_openssl_cipher_suite_config_hapd(dev, apdev):
"""OpenSSL cipher suite configuration on hostapd"""
tls = dev[0].request("GET tls_library")
@@ -855,7 +855,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
eap_connect(dev[0], hapd, "TTLS", "pap user",
anonymous_identity="ttls", password="password",
ca_cert="auth_serv/ca.pem", phase2="auth=PAP")
-@@ -6209,13 +6258,17 @@ def test_ap_wpa2_eap_tls_versions(dev, a
+@@ -6216,13 +6265,17 @@ def test_ap_wpa2_eap_tls_versions(dev, a
if tls.startswith("wolfSSL"):
check_tls_ver(dev[0], hapd,
"tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=1", "TLSv1.2")
@@ -878,7 +878,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
if "run=OpenSSL 1.1.1" in tls or "run=OpenSSL 3." in tls or \
tls.startswith("wolfSSL"):
check_tls_ver(dev[0], hapd,
-@@ -6238,6 +6291,11 @@ def test_ap_wpa2_eap_tls_versions_server
+@@ -6245,6 +6298,11 @@ def test_ap_wpa2_eap_tls_versions_server
tests = [("TLSv1", "[ENABLE-TLSv1.0][DISABLE-TLSv1.1][DISABLE-TLSv1.2][DISABLE-TLSv1.3]"),
("TLSv1.1", "[ENABLE-TLSv1.0][ENABLE-TLSv1.1][DISABLE-TLSv1.2][DISABLE-TLSv1.3]"),
("TLSv1.2", "[ENABLE-TLSv1.0][ENABLE-TLSv1.1][ENABLE-TLSv1.2][DISABLE-TLSv1.3]")]
@@ -890,7 +890,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
for exp, flags in tests:
hapd.disable()
hapd.set("tls_flags", flags)
-@@ -7318,6 +7376,7 @@ def test_ap_wpa2_eap_assoc_rsn(dev, apde
+@@ -7325,6 +7383,7 @@ def test_ap_wpa2_eap_assoc_rsn(dev, apde
def test_eap_tls_ext_cert_check(dev, apdev):
"""EAP-TLS and external server certification validation"""
# With internal server certificate chain validation
@@ -898,7 +898,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
id = dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TLS",
identity="tls user",
ca_cert="auth_serv/ca.pem",
-@@ -7330,6 +7389,7 @@ def test_eap_tls_ext_cert_check(dev, apd
+@@ -7337,6 +7396,7 @@ def test_eap_tls_ext_cert_check(dev, apd
def test_eap_ttls_ext_cert_check(dev, apdev):
"""EAP-TTLS and external server certification validation"""
# Without internal server certificate chain validation
@@ -906,7 +906,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
id = dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS",
identity="pap user", anonymous_identity="ttls",
password="password", phase2="auth=PAP",
-@@ -7340,6 +7400,7 @@ def test_eap_ttls_ext_cert_check(dev, ap
+@@ -7347,6 +7407,7 @@ def test_eap_ttls_ext_cert_check(dev, ap
def test_eap_peap_ext_cert_check(dev, apdev):
"""EAP-PEAP and external server certification validation"""
# With internal server certificate chain validation
@@ -914,7 +914,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
id = dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="PEAP",
identity="user", anonymous_identity="peap",
ca_cert="auth_serv/ca.pem",
-@@ -7350,6 +7411,7 @@ def test_eap_peap_ext_cert_check(dev, ap
+@@ -7357,6 +7418,7 @@ def test_eap_peap_ext_cert_check(dev, ap
def test_eap_fast_ext_cert_check(dev, apdev):
"""EAP-FAST and external server certification validation"""
@@ -922,7 +922,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
check_eap_capa(dev[0], "FAST")
# With internal server certificate chain validation
dev[0].request("SET blob fast_pac_auth_ext ")
-@@ -7364,10 +7426,6 @@ def test_eap_fast_ext_cert_check(dev, ap
+@@ -7371,10 +7433,6 @@ def test_eap_fast_ext_cert_check(dev, ap
run_ext_cert_check(dev, apdev, id)
def run_ext_cert_check(dev, apdev, net_id):
@@ -1124,7 +1124,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
heavy_groups = [14, 15, 16]
suitable_groups = [15, 16, 17, 18, 19, 20, 21]
groups = [str(g) for g in sae_groups]
-@@ -2248,6 +2253,8 @@ def run_sae_pwe_group(dev, apdev, group)
+@@ -2285,6 +2290,8 @@ def run_sae_pwe_group(dev, apdev, group)
logger.info("Add Brainpool EC groups since OpenSSL is new enough")
elif tls.startswith("wolfSSL"):
logger.info("Make sure Brainpool EC groups were enabled when compiling wolfSSL")
@@ -1144,7 +1144,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
if not tls.startswith("OpenSSL"):
raise HwsimSkip("TLS library not supported for Suite B: " + tls)
supported = False
-@@ -520,6 +522,7 @@ def test_suite_b_192_rsa_insufficient_dh
+@@ -539,6 +541,7 @@ def test_suite_b_192_rsa_insufficient_dh
dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192",
ieee80211w="2",
@@ -1289,7 +1289,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
if (need_more_data) {
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
-@@ -1190,6 +1190,7 @@ TLS_FUNCS=y
+@@ -1192,6 +1192,7 @@ TLS_FUNCS=y
endif
ifeq ($(CONFIG_TLS), wolfssl)
@@ -1297,7 +1297,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
CFLAGS += -DCRYPTO_RSA_OAEP_SHA256
ifdef TLS_FUNCS
CFLAGS += -DWOLFSSL_DER_LOAD
-@@ -1206,6 +1207,7 @@ LIBS_p += -lwolfssl -lm
+@@ -1208,6 +1209,7 @@ LIBS_p += -lwolfssl -lm
endif
ifeq ($(CONFIG_TLS), openssl)
@@ -1305,7 +1305,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
CFLAGS += -DCRYPTO_RSA_OAEP_SHA256
ifdef TLS_FUNCS
CFLAGS += -DEAP_TLS_OPENSSL
-@@ -1233,6 +1235,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF
+@@ -1235,6 +1237,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF
endif
ifeq ($(CONFIG_TLS), mbedtls)
@@ -1313,7 +1313,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
ifndef CONFIG_CRYPTO
CONFIG_CRYPTO=mbedtls
endif
-@@ -1252,6 +1255,7 @@ endif
+@@ -1254,6 +1257,7 @@ endif
endif
ifeq ($(CONFIG_TLS), gnutls)
@@ -1321,7 +1321,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
ifndef CONFIG_CRYPTO
# default to libgcrypt
CONFIG_CRYPTO=gnutls
-@@ -1282,6 +1286,7 @@ endif
+@@ -1284,6 +1288,7 @@ endif
endif
ifeq ($(CONFIG_TLS), internal)
@@ -1329,7 +1329,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
ifndef CONFIG_CRYPTO
CONFIG_CRYPTO=internal
endif
-@@ -1362,6 +1367,7 @@ endif
+@@ -1364,6 +1369,7 @@ endif
endif
ifeq ($(CONFIG_TLS), linux)
diff --git a/package/network/services/hostapd/patches/150-add-NULL-checks-encountered-during-tests-hwsim.patch b/package/network/services/hostapd/patches/150-add-NULL-checks-encountered-during-tests-hwsim.patch
index e562c2dd2a..0b0737e760 100644
--- a/package/network/services/hostapd/patches/150-add-NULL-checks-encountered-during-tests-hwsim.patch
+++ b/package/network/services/hostapd/patches/150-add-NULL-checks-encountered-during-tests-hwsim.patch
@@ -29,7 +29,7 @@ Signed-off-by: Glenn Strauss <gstrauss at gluelogic.com>
wpa_printf(MSG_DEBUG, "DPP: Generating a keypair");
--- a/src/common/sae.c
+++ b/src/common/sae.c
-@@ -1284,6 +1284,13 @@ void sae_deinit_pt(struct sae_pt *pt)
+@@ -1287,6 +1287,13 @@ void sae_deinit_pt(struct sae_pt *pt)
static int sae_derive_commit_element_ecc(struct sae_data *sae,
struct crypto_bignum *mask)
{
diff --git a/package/network/services/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch b/package/network/services/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch
index d9cdb1d3eb..8ad4bae33c 100644
--- a/package/network/services/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch
+++ b/package/network/services/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch
@@ -29,7 +29,7 @@ Signed-off-by: P Praneesh <ppranees at codeaurora.org>
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -1229,6 +1229,8 @@ static int hostapd_config_vht_capab(stru
+@@ -1225,6 +1225,8 @@ static int hostapd_config_vht_capab(stru
conf->vht_capab |= VHT_CAP_RX_ANTENNA_PATTERN;
if (os_strstr(capab, "[TX-ANTENNA-PATTERN]"))
conf->vht_capab |= VHT_CAP_TX_ANTENNA_PATTERN;
@@ -100,7 +100,7 @@ Signed-off-by: P Praneesh <ppranees at codeaurora.org>
u8 *pos = eid;
enum oper_chan_width oper_chwidth =
hostapd_get_oper_chwidth(hapd->iconf);
-@@ -110,6 +123,7 @@ u8 * hostapd_eid_vht_operation(struct ho
+@@ -113,6 +126,7 @@ u8 * hostapd_eid_vht_operation(struct ho
oper->vht_op_info_chan_center_freq_seg1_idx = seg1;
oper->vht_op_info_chwidth = oper_chwidth;
@@ -108,7 +108,7 @@ Signed-off-by: P Praneesh <ppranees at codeaurora.org>
if (oper_chwidth == CONF_OPER_CHWIDTH_160MHZ) {
/*
* Convert 160 MHz channel width to new style as interop
-@@ -123,6 +137,9 @@ u8 * hostapd_eid_vht_operation(struct ho
+@@ -126,6 +140,9 @@ u8 * hostapd_eid_vht_operation(struct ho
oper->vht_op_info_chan_center_freq_seg0_idx -= 8;
else
oper->vht_op_info_chan_center_freq_seg0_idx += 8;
@@ -120,7 +120,7 @@ Signed-off-by: P Praneesh <ppranees at codeaurora.org>
* Convert 80+80 MHz channel width to new style as interop
--- a/src/common/hw_features_common.c
+++ b/src/common/hw_features_common.c
-@@ -923,6 +923,7 @@ int ieee80211ac_cap_check(u32 hw, u32 co
+@@ -924,6 +924,7 @@ int ieee80211ac_cap_check(u32 hw, u32 co
VHT_CAP_CHECK(VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB);
VHT_CAP_CHECK(VHT_CAP_RX_ANTENNA_PATTERN);
VHT_CAP_CHECK(VHT_CAP_TX_ANTENNA_PATTERN);
@@ -130,7 +130,7 @@ Signed-off-by: P Praneesh <ppranees at codeaurora.org>
#undef VHT_CAP_CHECK_MAX
--- a/src/common/ieee802_11_defs.h
+++ b/src/common/ieee802_11_defs.h
-@@ -1420,6 +1420,8 @@ struct ieee80211_ampe_ie {
+@@ -1421,6 +1421,8 @@ struct ieee80211_ampe_ie {
#define VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB ((u32) BIT(26) | BIT(27))
#define VHT_CAP_RX_ANTENNA_PATTERN ((u32) BIT(28))
#define VHT_CAP_TX_ANTENNA_PATTERN ((u32) BIT(29))
diff --git a/package/network/services/hostapd/patches/200-multicall.patch b/package/network/services/hostapd/patches/200-multicall.patch
index 7472dc63e6..85c9180576 100644
--- a/package/network/services/hostapd/patches/200-multicall.patch
+++ b/package/network/services/hostapd/patches/200-multicall.patch
@@ -94,7 +94,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
if (c < 0)
--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
-@@ -2537,8 +2537,8 @@ static void hostapd_mld_iface_disable(st
+@@ -2523,8 +2523,8 @@ static void hostapd_mld_iface_disable(st
#endif /* CONFIG_IEEE80211BE */
@@ -105,7 +105,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
{
struct hostapd_data *hapd = ctx;
struct sta_info *sta;
-@@ -2896,7 +2896,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -2882,7 +2882,7 @@ void wpa_supplicant_event(void *ctx, enu
}
@@ -116,7 +116,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
struct hapd_interfaces *interfaces = ctx;
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -7072,8 +7072,8 @@ union wpa_event_data {
+@@ -7105,8 +7105,8 @@ union wpa_event_data {
* Driver wrapper code should call this function whenever an event is received
* from the driver.
*/
@@ -127,7 +127,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
/**
* wpa_supplicant_event_global - Report a driver event for wpa_supplicant
-@@ -7085,7 +7085,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -7118,7 +7118,7 @@ void wpa_supplicant_event(void *ctx, enu
* Same as wpa_supplicant_event(), but we search for the interface in
* wpa_global.
*/
@@ -169,7 +169,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
OBJS += ibss_rsn.o
endif
-@@ -982,6 +985,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS
+@@ -984,6 +987,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS
CFLAGS += -DCONFIG_DYNAMIC_EAP_METHODS
LIBS += -ldl -rdynamic
endif
@@ -180,7 +180,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
endif
ifdef CONFIG_AP
-@@ -989,9 +996,11 @@ NEED_EAP_COMMON=y
+@@ -991,9 +998,11 @@ NEED_EAP_COMMON=y
NEED_RSN_AUTHENTICATOR=y
CFLAGS += -DCONFIG_AP
OBJS += ap.o
@@ -192,7 +192,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
OBJS += ../src/ap/hostapd.o
OBJS += ../src/ap/wpa_auth_glue.o
OBJS += ../src/ap/utils.o
-@@ -1082,6 +1091,12 @@ endif
+@@ -1084,6 +1093,12 @@ endif
ifdef CONFIG_HS20
OBJS += ../src/ap/hs20.o
endif
@@ -205,7 +205,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
endif
ifdef CONFIG_MBO
-@@ -1091,7 +1106,9 @@ NEED_GAS=y
+@@ -1093,7 +1108,9 @@ NEED_GAS=y
endif
ifdef NEED_RSN_AUTHENTICATOR
@@ -215,7 +215,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
NEED_AES_WRAP=y
OBJS += ../src/ap/wpa_auth.o
OBJS += ../src/ap/wpa_auth_ie.o
-@@ -2082,6 +2099,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
+@@ -2084,6 +2101,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
_OBJS_VAR := OBJS
include ../src/objs.mk
@@ -228,7 +228,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
$(Q)$(LDO) $(LDFLAGS) -o wpa_supplicant $(OBJS) $(LIBS) $(EXTRALIBS)
@$(E) " LD " $@
-@@ -2214,6 +2237,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK)
+@@ -2216,6 +2239,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK)
$(Q)sed -e 's|\@BINDIR\@|$(BINDIR)|g' $< >$@
@$(E) " sed" $<
@@ -278,7 +278,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
os_memset(&eapol_test, 0, sizeof(eapol_test));
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
-@@ -6170,8 +6170,8 @@ static int wpas_pasn_auth(struct wpa_sup
+@@ -6175,8 +6175,8 @@ static int wpas_pasn_auth(struct wpa_sup
#endif /* CONFIG_PASN */
@@ -289,7 +289,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
{
struct wpa_supplicant *wpa_s = ctx;
int resched;
-@@ -7134,7 +7134,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -7139,7 +7139,7 @@ void wpa_supplicant_event(void *ctx, enu
}
@@ -331,7 +331,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
os_memset(&global, 0, sizeof(global));
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -8062,7 +8062,6 @@ struct wpa_interface * wpa_supplicant_ma
+@@ -8100,7 +8100,6 @@ struct wpa_interface * wpa_supplicant_ma
return NULL;
}
@@ -339,7 +339,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
/**
* wpa_supplicant_match_existing - Match existing interfaces
* @global: Pointer to global data from wpa_supplicant_init()
-@@ -8097,6 +8096,11 @@ static int wpa_supplicant_match_existing
+@@ -8135,6 +8134,11 @@ static int wpa_supplicant_match_existing
#endif /* CONFIG_MATCH_IFACE */
@@ -351,7 +351,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
/**
* wpa_supplicant_add_iface - Add a new network interface
-@@ -8353,6 +8357,8 @@ struct wpa_global * wpa_supplicant_init(
+@@ -8391,6 +8395,8 @@ struct wpa_global * wpa_supplicant_init(
#ifndef CONFIG_NO_WPA_MSG
wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
#endif /* CONFIG_NO_WPA_MSG */
diff --git a/package/network/services/hostapd/patches/201-lto-jobserver-support.patch b/package/network/services/hostapd/patches/201-lto-jobserver-support.patch
index 7911071e0f..531852cf21 100644
--- a/package/network/services/hostapd/patches/201-lto-jobserver-support.patch
+++ b/package/network/services/hostapd/patches/201-lto-jobserver-support.patch
@@ -25,7 +25,7 @@ Subject: [PATCH] hostapd: build with LTO enabled (using jobserver for parallel
NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS)
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
-@@ -2106,31 +2106,31 @@ wpa_supplicant_multi.a: .config $(BCHECK
+@@ -2108,31 +2108,31 @@ wpa_supplicant_multi.a: .config $(BCHECK
@$(AR) cr $@ wpa_supplicant_multi.o $(OBJS)
wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
diff --git a/package/network/services/hostapd/patches/211-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch b/package/network/services/hostapd/patches/211-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch
index f7d3984c60..4e67a0a56c 100644
--- a/package/network/services/hostapd/patches/211-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch
+++ b/package/network/services/hostapd/patches/211-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch
@@ -13,7 +13,7 @@ Signed-off-by: David Bauer <mail at david-bauer.net>
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
-@@ -13566,7 +13566,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -13513,7 +13513,7 @@ char * wpa_supplicant_ctrl_iface_process
if (wpas_ctrl_iface_coloc_intf_report(wpa_s, buf + 18))
reply_len = -1;
#endif /* CONFIG_WNM */
@@ -22,7 +22,7 @@ Signed-off-by: David Bauer <mail at david-bauer.net>
} else if (os_strncmp(buf, "DISASSOC_IMMINENT ", 18) == 0) {
if (ap_ctrl_iface_disassoc_imminent(wpa_s, buf + 18))
reply_len = -1;
-@@ -13576,7 +13576,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -13523,7 +13523,7 @@ char * wpa_supplicant_ctrl_iface_process
} else if (os_strncmp(buf, "BSS_TM_REQ ", 11) == 0) {
if (ap_ctrl_iface_bss_tm_req(wpa_s, buf + 11))
reply_len = -1;
diff --git a/package/network/services/hostapd/patches/212-Move-definition-of-WLAN_SUPP_RATES_MAX-to-defs.h.patch b/package/network/services/hostapd/patches/212-Move-definition-of-WLAN_SUPP_RATES_MAX-to-defs.h.patch
index 2961749c39..cb3bea7771 100644
--- a/package/network/services/hostapd/patches/212-Move-definition-of-WLAN_SUPP_RATES_MAX-to-defs.h.patch
+++ b/package/network/services/hostapd/patches/212-Move-definition-of-WLAN_SUPP_RATES_MAX-to-defs.h.patch
@@ -43,7 +43,7 @@ Signed-off-by: Eneas U de Queiroz <cotequeiroz at gmail.com>
struct mbo_non_pref_chan_info {
--- a/src/common/defs.h
+++ b/src/common/defs.h
-@@ -63,6 +63,10 @@
+@@ -62,6 +62,10 @@
WPA_KEY_MGMT_FT_FILS_SHA256 | \
WPA_KEY_MGMT_FT_FILS_SHA384)
diff --git a/package/network/services/hostapd/patches/252-disable_ctrl_iface_mib.patch b/package/network/services/hostapd/patches/252-disable_ctrl_iface_mib.patch
index c5cf70d54d..eec53455b0 100644
--- a/package/network/services/hostapd/patches/252-disable_ctrl_iface_mib.patch
+++ b/package/network/services/hostapd/patches/252-disable_ctrl_iface_mib.patch
@@ -16,7 +16,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
else
--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
-@@ -4087,6 +4087,7 @@ static int hostapd_ctrl_iface_receive_pr
+@@ -4063,6 +4063,7 @@ static int hostapd_ctrl_iface_receive_pr
reply_size);
} else if (os_strcmp(buf, "STATUS-DRIVER") == 0) {
reply_len = hostapd_drv_status(hapd, reply, reply_size);
@@ -24,7 +24,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
} else if (os_strcmp(buf, "MIB") == 0) {
reply_len = ieee802_11_get_mib(hapd, reply, reply_size);
if (reply_len >= 0) {
-@@ -4128,6 +4129,7 @@ static int hostapd_ctrl_iface_receive_pr
+@@ -4104,6 +4105,7 @@ static int hostapd_ctrl_iface_receive_pr
} else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply,
reply_size);
@@ -113,7 +113,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
if (os_snprintf_error(buflen - len, ret))
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
-@@ -2867,6 +2867,7 @@ static const char * bool_txt(bool val)
+@@ -2831,6 +2831,7 @@ static const char * bool_txt(bool val)
return val ? "TRUE" : "FALSE";
}
@@ -121,7 +121,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
int ieee802_1x_get_mib(struct hostapd_data *hapd, char *buf, size_t buflen)
{
-@@ -3053,6 +3054,7 @@ int ieee802_1x_get_mib_sta(struct hostap
+@@ -3017,6 +3018,7 @@ int ieee802_1x_get_mib_sta(struct hostap
return len;
}
@@ -131,7 +131,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
static void ieee802_1x_wnm_notif_send(void *eloop_ctx, void *timeout_ctx)
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
-@@ -6178,6 +6178,7 @@ static const char * wpa_bool_txt(int val
+@@ -6233,6 +6233,7 @@ static const char * wpa_bool_txt(int val
return val ? "TRUE" : "FALSE";
}
@@ -139,7 +139,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
#define RSN_SUITE "%02x-%02x-%02x-%d"
#define RSN_SUITE_ARG(s) \
-@@ -6330,7 +6331,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
+@@ -6385,7 +6386,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
return len;
}
@@ -150,7 +150,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
{
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
-@@ -4195,6 +4195,8 @@ static u32 wpa_key_mgmt_suite(struct wpa
+@@ -4189,6 +4189,8 @@ static u32 wpa_key_mgmt_suite(struct wpa
}
@@ -159,7 +159,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
#define RSN_SUITE "%02x-%02x-%02x-%d"
#define RSN_SUITE_ARG(s) \
((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff
-@@ -4276,6 +4278,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch
+@@ -4270,6 +4272,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch
return (int) len;
}
@@ -169,7 +169,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
-@@ -1040,6 +1040,9 @@ ifdef CONFIG_FILS
+@@ -1042,6 +1042,9 @@ ifdef CONFIG_FILS
OBJS += ../src/ap/fils_hlp.o
endif
ifdef CONFIG_CTRL_IFACE
@@ -192,7 +192,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
char *buf, size_t buflen)
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
-@@ -2357,7 +2357,7 @@ static int wpa_supplicant_ctrl_iface_sta
+@@ -2374,7 +2374,7 @@ static int wpa_supplicant_ctrl_iface_sta
pos += ret;
}
@@ -201,7 +201,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
if (wpa_s->ap_iface) {
pos += ap_ctrl_iface_wpa_get_status(wpa_s, pos,
end - pos,
-@@ -12876,6 +12876,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -12842,6 +12842,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_len = -1;
} else if (os_strncmp(buf, "NOTE ", 5) == 0) {
wpa_printf(MSG_INFO, "NOTE: %s", buf + 5);
@@ -209,7 +209,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
} else if (os_strcmp(buf, "MIB") == 0) {
reply_len = wpa_sm_get_mib(wpa_s->wpa, reply, reply_size);
if (reply_len >= 0) {
-@@ -12888,6 +12889,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -12854,6 +12855,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_size - reply_len);
#endif /* CONFIG_MACSEC */
}
@@ -217,7 +217,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
} else if (os_strncmp(buf, "STATUS", 6) == 0) {
reply_len = wpa_supplicant_ctrl_iface_status(
wpa_s, buf + 6, reply, reply_size);
-@@ -13394,6 +13396,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -13341,6 +13343,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_len = wpa_supplicant_ctrl_iface_bss(
wpa_s, buf + 4, reply, reply_size);
#ifdef CONFIG_AP
@@ -225,7 +225,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
} else if (os_strcmp(buf, "STA-FIRST") == 0) {
reply_len = ap_ctrl_iface_sta_first(wpa_s, reply, reply_size);
} else if (os_strncmp(buf, "STA ", 4) == 0) {
-@@ -13402,12 +13405,15 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -13349,12 +13352,15 @@ char * wpa_supplicant_ctrl_iface_process
} else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
reply_len = ap_ctrl_iface_sta_next(wpa_s, buf + 9, reply,
reply_size);
diff --git a/package/network/services/hostapd/patches/300-noscan.patch b/package/network/services/hostapd/patches/300-noscan.patch
index ebedb2603c..6d97691855 100644
--- a/package/network/services/hostapd/patches/300-noscan.patch
+++ b/package/network/services/hostapd/patches/300-noscan.patch
@@ -5,7 +5,7 @@ Subject: [PATCH] Add noscan, no_ht_coex config options
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -3747,6 +3747,10 @@ static int hostapd_config_fill(struct ho
+@@ -3518,6 +3518,10 @@ static int hostapd_config_fill(struct ho
if (bss->ocv && !bss->ieee80211w)
bss->ieee80211w = 1;
#endif /* CONFIG_OCV */
@@ -18,7 +18,7 @@ Subject: [PATCH] Add noscan, no_ht_coex config options
} else if (os_strcmp(buf, "ht_capab") == 0) {
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
-@@ -1125,6 +1125,8 @@ struct hostapd_config {
+@@ -1105,6 +1105,8 @@ struct hostapd_config {
int ht_op_mode_fixed;
u16 ht_capab;
diff --git a/package/network/services/hostapd/patches/301-mesh-noscan.patch b/package/network/services/hostapd/patches/301-mesh-noscan.patch
index 175b76c60b..1c2eedda42 100644
--- a/package/network/services/hostapd/patches/301-mesh-noscan.patch
+++ b/package/network/services/hostapd/patches/301-mesh-noscan.patch
@@ -5,7 +5,7 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
-@@ -2668,6 +2668,7 @@ static const struct parse_data ssid_fiel
+@@ -2642,6 +2642,7 @@ static const struct parse_data ssid_fiel
#else /* CONFIG_MESH */
{ INT_RANGE(mode, 0, 4) },
#endif /* CONFIG_MESH */
@@ -15,17 +15,17 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
{ STR(id_str) },
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
-@@ -867,6 +867,7 @@ static void wpa_config_write_network(FIL
- #endif /* IEEE8021X_EAPOL */
+@@ -868,6 +868,7 @@ static void wpa_config_write_network(FIL
INT(mode);
+ #ifdef CONFIG_MESH
INT(no_auto_peer);
+ INT(noscan);
INT_DEF(mesh_fwding, DEFAULT_MESH_FWDING);
+ #endif /* CONFIG_MESH */
INT(frequency);
- INT(enable_edmg);
--- a/wpa_supplicant/config_ssid.h
+++ b/wpa_supplicant/config_ssid.h
-@@ -1063,6 +1063,8 @@ struct wpa_ssid {
+@@ -1071,6 +1071,8 @@ struct wpa_ssid {
*/
int no_auto_peer;
@@ -36,7 +36,7 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
*
--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
-@@ -509,6 +509,8 @@ static int wpa_supplicant_mesh_init(stru
+@@ -538,6 +538,8 @@ static int wpa_supplicant_mesh_init(stru
frequency);
goto out_free;
}
@@ -47,7 +47,7 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
/*
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -3044,7 +3044,7 @@ static bool ibss_mesh_can_use_vht(struct
+@@ -3035,7 +3035,7 @@ static bool ibss_mesh_can_use_vht(struct
const struct wpa_ssid *ssid,
struct hostapd_hw_modes *mode)
{
@@ -56,16 +56,16 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
return false;
if (!drv_supports_vht(wpa_s, ssid))
-@@ -3117,7 +3117,7 @@ static void ibss_mesh_select_40mhz(struc
+@@ -3109,7 +3109,7 @@ static void ibss_mesh_select_40mhz(struc
int i, res;
unsigned int j;
- static const int ht40plus[] = {
+ static const int ht40plus_5ghz[] = {
- 36, 44, 52, 60, 100, 108, 116, 124, 132, 140,
+ 1, 2, 3, 4, 5, 6, 7, 36, 44, 52, 60, 100, 108, 116, 124, 132, 140,
149, 157, 165, 173, 184, 192
};
- int ht40 = -1;
-@@ -3414,7 +3414,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
+ static const int ht40plus_6ghz[] = {
+@@ -3462,7 +3462,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
enum hostapd_hw_mode hw_mode;
struct hostapd_hw_modes *mode = NULL;
@@ -74,12 +74,12 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
u8 channel;
bool is_6ghz, is_24ghz;
bool dfs_enabled = wpa_s->conf->country[0] && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR);
-@@ -3458,6 +3458,8 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -3506,6 +3506,8 @@ void ibss_mesh_setup_freq(struct wpa_sup
freq->he_enabled = ibss_mesh_can_use_he(wpa_s, ssid, mode,
ieee80211_mode);
freq->channel = channel;
+ if (mode->mode == HOSTAPD_MODE_IEEE80211G && ssid->noscan)
-+ ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan, dfs_enabled);
- /* Setup higher BW only for 5 GHz */
++ ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan, is_6ghz, dfs_enabled);
+ /* Setup higher BW only for 5 and 6 GHz */
if (mode->mode == HOSTAPD_MODE_IEEE80211A) {
- ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan, dfs_enabled);
+ ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan,
diff --git a/package/network/services/hostapd/patches/310-rescan_immediately.patch b/package/network/services/hostapd/patches/310-rescan_immediately.patch
index 83b616116f..15c74a71ae 100644
--- a/package/network/services/hostapd/patches/310-rescan_immediately.patch
+++ b/package/network/services/hostapd/patches/310-rescan_immediately.patch
@@ -5,7 +5,7 @@ Subject: [PATCH] rescan_immediately.patch
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -6342,7 +6342,7 @@ wpa_supplicant_alloc(struct wpa_supplica
+@@ -6381,7 +6381,7 @@ wpa_supplicant_alloc(struct wpa_supplica
if (wpa_s == NULL)
return NULL;
wpa_s->scan_req = INITIAL_SCAN_REQ;
diff --git a/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch b/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch
index 6b3baea558..814b15f819 100644
--- a/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch
+++ b/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch
@@ -4,8 +4,8 @@ Subject: [PATCH] nl80211_del_beacon_bss.patch
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -6381,8 +6381,7 @@ static void nl80211_teardown_ap(struct i
- nl80211_mgmt_unsubscribe(bss, "AP teardown");
+@@ -6340,8 +6340,7 @@ static void nl80211_teardown_ap(struct i
+ }
nl80211_put_wiphy_data_ap(bss);
- if (bss->flink)
diff --git a/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch b/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch
index bedac7f606..e22da80341 100644
--- a/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch
+++ b/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch
@@ -14,7 +14,7 @@ Signed-hostap: Antonio Quartulli <ordex at autistici.org>
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -1012,6 +1012,9 @@ struct wpa_driver_associate_params {
+@@ -1018,6 +1018,9 @@ struct wpa_driver_associate_params {
* responsible for selecting with which BSS to associate. */
const u8 *bssid;
@@ -34,7 +34,7 @@ Signed-hostap: Antonio Quartulli <ordex at autistici.org>
#include "config.h"
-@@ -2449,6 +2450,97 @@ static char * wpa_config_write_mac_value
+@@ -2423,6 +2424,97 @@ static char * wpa_config_write_mac_value
#endif /* NO_CONFIG_WRITE */
@@ -132,7 +132,7 @@ Signed-hostap: Antonio Quartulli <ordex at autistici.org>
/* Helper macros for network block parser */
#ifdef OFFSET
-@@ -2744,6 +2836,8 @@ static const struct parse_data ssid_fiel
+@@ -2718,6 +2810,8 @@ static const struct parse_data ssid_fiel
{ INT(ap_max_inactivity) },
{ INT(dtim_period) },
{ INT(beacon_int) },
@@ -155,7 +155,7 @@ Signed-hostap: Antonio Quartulli <ordex at autistici.org>
* macsec_policy - Determines the policy for MACsec secure session
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -4635,6 +4635,12 @@ static void wpas_start_assoc_cb(struct w
+@@ -4674,6 +4674,12 @@ static void wpas_start_assoc_cb(struct w
params.beacon_int = ssid->beacon_int;
else
params.beacon_int = wpa_s->conf->beacon_int;
diff --git a/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch b/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch
index b30e0409a6..917b4ac3b6 100644
--- a/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch
+++ b/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch
@@ -19,7 +19,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich at openmesh.com>
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -1932,6 +1932,7 @@ struct wpa_driver_mesh_join_params {
+@@ -1959,6 +1959,7 @@ struct wpa_driver_mesh_join_params {
#define WPA_DRIVER_MESH_FLAG_AMPE 0x00000008
unsigned int flags;
bool handle_dfs;
@@ -29,7 +29,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich at openmesh.com>
struct wpa_driver_set_key_params {
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -12333,6 +12333,18 @@ static int nl80211_put_mesh_id(struct nl
+@@ -12269,6 +12269,18 @@ static int nl80211_put_mesh_id(struct nl
}
@@ -48,7 +48,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich at openmesh.com>
static int nl80211_put_mesh_config(struct nl_msg *msg,
struct wpa_driver_mesh_bss_params *params)
{
-@@ -12394,6 +12406,7 @@ static int nl80211_join_mesh(struct i802
+@@ -12330,6 +12342,7 @@ static int nl80211_join_mesh(struct i802
nl80211_put_basic_rates(msg, params->basic_rates) ||
nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) ||
nl80211_put_beacon_int(msg, params->beacon_int) ||
@@ -58,7 +58,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich at openmesh.com>
--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
-@@ -636,6 +636,7 @@ int wpa_supplicant_join_mesh(struct wpa_
+@@ -665,6 +665,7 @@ int wpa_supplicant_join_mesh(struct wpa_
params->meshid = ssid->ssid;
params->meshid_len = ssid->ssid_len;
diff --git a/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch b/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch
index 1975c2b178..a60397ce12 100644
--- a/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch
+++ b/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch
@@ -5,7 +5,7 @@ Subject: [PATCH] Fix issues with disabling obss scan when using fixed_freq on
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -3421,6 +3421,10 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -3469,6 +3469,10 @@ void ibss_mesh_setup_freq(struct wpa_sup
freq->freq = ssid->frequency;
diff --git a/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch b/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch
index 1696202445..d14a4c63f7 100644
--- a/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch
+++ b/package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch
@@ -13,7 +13,7 @@ Signed-off-by: David Bauer <mail at david-bauer.net>
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -3801,6 +3801,8 @@ static int hostapd_config_fill(struct ho
+@@ -3572,6 +3572,8 @@ static int hostapd_config_fill(struct ho
} else if (os_strcmp(buf, "he_bss_color") == 0) {
conf->he_op.he_bss_color = atoi(pos) & 0x3f;
conf->he_op.he_bss_color_disabled = 0;
diff --git a/package/network/services/hostapd/patches/600-ubus_support.patch b/package/network/services/hostapd/patches/600-ubus_support.patch
index 9310fd2d15..90560b2124 100644
--- a/package/network/services/hostapd/patches/600-ubus_support.patch
+++ b/package/network/services/hostapd/patches/600-ubus_support.patch
@@ -53,7 +53,7 @@ probe/assoc/auth requests via object subscribe.
}
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
-@@ -1437,6 +1437,12 @@ void handle_probe_req(struct hostapd_dat
+@@ -1438,6 +1438,12 @@ void handle_probe_req(struct hostapd_dat
int mld_id;
u16 links;
#endif /* CONFIG_IEEE80211BE */
@@ -66,7 +66,7 @@ probe/assoc/auth requests via object subscribe.
if (hapd->iconf->rssi_ignore_probe_request && ssi_signal &&
ssi_signal < hapd->iconf->rssi_ignore_probe_request)
-@@ -1623,6 +1629,12 @@ void handle_probe_req(struct hostapd_dat
+@@ -1624,6 +1630,12 @@ void handle_probe_req(struct hostapd_dat
}
#endif /* CONFIG_P2P */
@@ -92,7 +92,7 @@ probe/assoc/auth requests via object subscribe.
return 0;
--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
-@@ -317,6 +317,10 @@ int hostapd_notif_assoc(struct hostapd_d
+@@ -330,6 +330,10 @@ int hostapd_notif_assoc(struct hostapd_d
struct hostapd_iface *iface = hapd->iface;
#endif /* CONFIG_OWE */
bool updated = false;
@@ -103,7 +103,7 @@ probe/assoc/auth requests via object subscribe.
if (addr == NULL) {
/*
-@@ -461,6 +465,12 @@ int hostapd_notif_assoc(struct hostapd_d
+@@ -468,6 +472,12 @@ int hostapd_notif_assoc(struct hostapd_d
goto fail;
}
@@ -116,7 +116,7 @@ probe/assoc/auth requests via object subscribe.
#ifdef CONFIG_P2P
if (elems.p2p) {
wpabuf_free(sta->p2p_ie);
-@@ -1385,6 +1395,7 @@ void hostapd_event_ch_switch(struct host
+@@ -1371,6 +1381,7 @@ void hostapd_event_ch_switch(struct host
wpa_msg(hapd->msg_ctx, MSG_INFO, AP_CSA_FINISHED
"freq=%d dfs=%d", freq, is_dfs);
@@ -159,7 +159,7 @@ probe/assoc/auth requests via object subscribe.
if (iface->is_no_ir) {
hostapd_set_state(iface, HAPD_IFACE_NO_IR);
-@@ -3501,6 +3506,7 @@ void hostapd_interface_deinit_free(struc
+@@ -3517,6 +3522,7 @@ void hostapd_interface_deinit_free(struc
(unsigned int) iface->conf->num_bss);
driver = iface->bss[0]->driver;
drv_priv = iface->bss[0]->drv_priv;
@@ -195,7 +195,7 @@ probe/assoc/auth requests via object subscribe.
struct hostapd_iface * hostapd_alloc_iface(void);
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
-@@ -2941,7 +2941,7 @@ static void handle_auth(struct hostapd_d
+@@ -3091,7 +3091,7 @@ static void handle_auth(struct hostapd_d
u16 auth_alg, auth_transaction, status_code;
u16 resp = WLAN_STATUS_SUCCESS;
struct sta_info *sta = NULL;
@@ -204,7 +204,7 @@ probe/assoc/auth requests via object subscribe.
u16 fc;
const u8 *challenge = NULL;
u8 resp_ies[2 + WLAN_AUTH_CHALLENGE_LEN];
-@@ -2952,6 +2952,11 @@ static void handle_auth(struct hostapd_d
+@@ -3102,6 +3102,11 @@ static void handle_auth(struct hostapd_d
#ifdef CONFIG_IEEE80211BE
bool mld_sta = false;
#endif /* CONFIG_IEEE80211BE */
@@ -216,7 +216,7 @@ probe/assoc/auth requests via object subscribe.
if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) {
wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)",
-@@ -3148,6 +3153,13 @@ static void handle_auth(struct hostapd_d
+@@ -3298,6 +3303,13 @@ static void handle_auth(struct hostapd_d
resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
goto fail;
}
@@ -230,7 +230,7 @@ probe/assoc/auth requests via object subscribe.
if (res == HOSTAPD_ACL_PENDING)
return;
-@@ -5477,7 +5489,7 @@ static void handle_assoc(struct hostapd_
+@@ -5616,7 +5628,7 @@ static void handle_assoc(struct hostapd_
int resp = WLAN_STATUS_SUCCESS;
u16 reply_res = WLAN_STATUS_UNSPECIFIED_FAILURE;
const u8 *pos;
@@ -239,7 +239,7 @@ probe/assoc/auth requests via object subscribe.
struct sta_info *sta;
u8 *tmp = NULL;
#ifdef CONFIG_FILS
-@@ -5719,6 +5731,11 @@ static void handle_assoc(struct hostapd_
+@@ -5858,6 +5870,11 @@ static void handle_assoc(struct hostapd_
left = res;
}
#endif /* CONFIG_FILS */
@@ -251,7 +251,7 @@ probe/assoc/auth requests via object subscribe.
/* followed by SSID and Supported rates; and HT capabilities if 802.11n
* is used */
-@@ -5826,6 +5843,13 @@ static void handle_assoc(struct hostapd_
+@@ -5965,6 +5982,13 @@ static void handle_assoc(struct hostapd_
if (set_beacon)
ieee802_11_update_beacons(hapd->iface);
@@ -265,7 +265,7 @@ probe/assoc/auth requests via object subscribe.
fail:
/*
-@@ -6055,6 +6079,7 @@ static void handle_disassoc(struct hosta
+@@ -6194,6 +6218,7 @@ static void handle_disassoc(struct hosta
(unsigned long) len);
return;
}
@@ -273,7 +273,7 @@ probe/assoc/auth requests via object subscribe.
sta = ap_get_sta(hapd, mgmt->sa);
if (!sta) {
-@@ -6086,6 +6111,8 @@ static void handle_deauth(struct hostapd
+@@ -6225,6 +6250,8 @@ static void handle_deauth(struct hostapd
/* Clear the PTKSA cache entries for PASN */
ptksa_cache_flush(hapd->ptksa, mgmt->sa, WPA_CIPHER_NONE);
@@ -305,7 +305,7 @@ probe/assoc/auth requests via object subscribe.
wpa_printf(MSG_DEBUG, "RRM action %u is not supported",
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
-@@ -543,6 +543,7 @@ void ap_handle_timer(void *eloop_ctx, vo
+@@ -544,6 +544,7 @@ void ap_handle_timer(void *eloop_ctx, vo
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_INFO, "deauthenticated due to "
"local deauth request");
@@ -313,7 +313,7 @@ probe/assoc/auth requests via object subscribe.
ap_free_sta(hapd, sta);
return;
}
-@@ -700,6 +701,7 @@ skip_poll:
+@@ -701,6 +702,7 @@ skip_poll:
mlme_deauthenticate_indication(
hapd, sta,
WLAN_REASON_PREV_AUTH_NOT_VALID);
@@ -321,7 +321,7 @@ probe/assoc/auth requests via object subscribe.
ap_free_sta(hapd, sta);
break;
}
-@@ -1588,15 +1590,28 @@ void ap_sta_set_authorized_event(struct
+@@ -1589,15 +1591,28 @@ void ap_sta_set_authorized_event(struct
os_snprintf(buf, sizeof(buf), MACSTR, MAC2STR(sta->addr));
if (authorized) {
@@ -350,7 +350,7 @@ probe/assoc/auth requests via object subscribe.
#ifdef CONFIG_P2P
if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) {
os_snprintf(ip_addr, sizeof(ip_addr),
-@@ -1607,6 +1622,13 @@ void ap_sta_set_authorized_event(struct
+@@ -1608,6 +1623,13 @@ void ap_sta_set_authorized_event(struct
}
#endif /* CONFIG_P2P */
@@ -364,7 +364,7 @@ probe/assoc/auth requests via object subscribe.
keyid = ap_sta_wpa_get_keyid(hapd, sta);
if (keyid) {
os_snprintf(keyid_buf, sizeof(keyid_buf),
-@@ -1625,17 +1647,19 @@ void ap_sta_set_authorized_event(struct
+@@ -1626,17 +1648,19 @@ void ap_sta_set_authorized_event(struct
dpp_pkhash, SHA256_MAC_LEN);
}
@@ -390,7 +390,7 @@ probe/assoc/auth requests via object subscribe.
hapd->msg_ctx_parent != hapd->msg_ctx)
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
-@@ -305,6 +305,7 @@ struct sta_info {
+@@ -302,6 +302,7 @@ struct sta_info {
#endif /* CONFIG_TESTING_OPTIONS */
#ifdef CONFIG_AIRTIME_POLICY
unsigned int airtime_weight;
@@ -478,7 +478,7 @@ probe/assoc/auth requests via object subscribe.
}
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
-@@ -331,6 +331,7 @@ static void hostapd_wpa_auth_psk_failure
+@@ -320,6 +320,7 @@ static void hostapd_wpa_auth_psk_failure
struct hostapd_data *hapd = ctx;
wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_POSSIBLE_PSK_MISMATCH MACSTR,
MAC2STR(addr));
@@ -650,7 +650,7 @@ probe/assoc/auth requests via object subscribe.
ifdef CONFIG_CODE_COVERAGE
CFLAGS += -O0 -fprofile-arcs -ftest-coverage -U_FORTIFY_SOURCE
LIBS += -lgcov
-@@ -1044,6 +1051,9 @@ ifdef CONFIG_CTRL_IFACE_MIB
+@@ -1046,6 +1053,9 @@ ifdef CONFIG_CTRL_IFACE_MIB
CFLAGS += -DCONFIG_CTRL_IFACE_MIB
endif
OBJS += ../src/ap/ctrl_iface_ap.o
@@ -683,7 +683,7 @@ probe/assoc/auth requests via object subscribe.
break;
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -8195,6 +8195,8 @@ struct wpa_supplicant * wpa_supplicant_a
+@@ -8233,6 +8233,8 @@ struct wpa_supplicant * wpa_supplicant_a
}
#endif /* CONFIG_P2P */
@@ -692,7 +692,7 @@ probe/assoc/auth requests via object subscribe.
return wpa_s;
}
-@@ -8221,6 +8223,8 @@ int wpa_supplicant_remove_iface(struct w
+@@ -8259,6 +8261,8 @@ int wpa_supplicant_remove_iface(struct w
struct wpa_supplicant *parent = wpa_s->parent;
#endif /* CONFIG_MESH */
@@ -701,7 +701,7 @@ probe/assoc/auth requests via object subscribe.
/* Remove interface from the global list of interfaces */
prev = global->ifaces;
if (prev == wpa_s) {
-@@ -8567,8 +8571,12 @@ int wpa_supplicant_run(struct wpa_global
+@@ -8605,8 +8609,12 @@ int wpa_supplicant_run(struct wpa_global
eloop_register_signal_terminate(wpa_supplicant_terminate, global);
eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
@@ -733,7 +733,7 @@ probe/assoc/auth requests via object subscribe.
};
-@@ -705,6 +708,7 @@ struct wpa_supplicant {
+@@ -696,6 +699,7 @@ struct wpa_supplicant {
unsigned char own_addr[ETH_ALEN];
unsigned char perm_addr[ETH_ALEN];
char ifname[100];
diff --git a/package/network/services/hostapd/patches/601-ucode_support.patch b/package/network/services/hostapd/patches/601-ucode_support.patch
index cd713ea286..7bf464f2d9 100644
--- a/package/network/services/hostapd/patches/601-ucode_support.patch
+++ b/package/network/services/hostapd/patches/601-ucode_support.patch
@@ -34,7 +34,7 @@ as adding/removing interfaces.
ifdef CONFIG_CODE_COVERAGE
--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
-@@ -6031,6 +6031,7 @@ try_again:
+@@ -6004,6 +6004,7 @@ try_again:
return -1;
}
@@ -42,7 +42,7 @@ as adding/removing interfaces.
wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
return 0;
-@@ -6132,6 +6133,7 @@ fail:
+@@ -6105,6 +6106,7 @@ fail:
os_free(fname);
interface->global_ctrl_sock = s;
@@ -157,7 +157,7 @@ as adding/removing interfaces.
{
#ifdef CONFIG_OWE
/* Check whether the enabled BSS can complete OWE transition mode
-@@ -2975,7 +2981,7 @@ hostapd_alloc_bss_data(struct hostapd_if
+@@ -2976,7 +2982,7 @@ hostapd_alloc_bss_data(struct hostapd_if
}
@@ -166,7 +166,7 @@ as adding/removing interfaces.
{
if (!hapd)
return;
-@@ -4035,7 +4041,8 @@ int hostapd_remove_iface(struct hapd_int
+@@ -4051,7 +4057,8 @@ int hostapd_remove_iface(struct hapd_int
hapd_iface = interfaces->iface[i];
if (hapd_iface == NULL)
return -1;
@@ -232,7 +232,7 @@ as adding/removing interfaces.
void hostapd_switch_color(struct hostapd_data *hapd, u64 bitmap);
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -4003,6 +4003,25 @@ struct wpa_driver_ops {
+@@ -4036,6 +4036,25 @@ struct wpa_driver_ops {
const char *ifname);
/**
@@ -258,7 +258,7 @@ as adding/removing interfaces.
* set_sta_vlan - Bind a station into a specific interface (AP only)
* @priv: Private driver interface data
* @ifname: Interface (main or virtual BSS or VLAN)
-@@ -6818,6 +6837,7 @@ union wpa_event_data {
+@@ -6851,6 +6870,7 @@ union wpa_event_data {
/**
* struct ch_switch
@@ -266,7 +266,7 @@ as adding/removing interfaces.
* @freq: Frequency of new channel in MHz
* @ht_enabled: Whether this is an HT channel
* @ch_offset: Secondary channel offset
-@@ -6828,6 +6848,7 @@ union wpa_event_data {
+@@ -6861,6 +6881,7 @@ union wpa_event_data {
* @punct_bitmap: Puncturing bitmap
*/
struct ch_switch {
@@ -314,7 +314,7 @@ as adding/removing interfaces.
err.err = -ENOMEM;
s_nl_cb = nl_socket_get_cb(nl_handle);
-@@ -546,6 +563,7 @@ int send_and_recv_glb(struct nl80211_glo
+@@ -552,6 +569,7 @@ int send_and_recv_glb(struct nl80211_glo
err.err_info = err_info;
err.drv = drv;
@@ -322,7 +322,7 @@ as adding/removing interfaces.
nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err.err);
if (ack_handler_custom) {
-@@ -949,6 +967,7 @@ nl80211_get_wiphy_data_ap(struct i802_bs
+@@ -955,6 +973,7 @@ nl80211_get_wiphy_data_ap(struct i802_bs
os_free(w);
return NULL;
}
@@ -330,7 +330,7 @@ as adding/removing interfaces.
nl_cb_set(w->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
no_seq_check, NULL);
nl_cb_set(w->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
-@@ -1364,7 +1383,7 @@ static void wpa_driver_nl80211_event_rtm
+@@ -1370,7 +1389,7 @@ static void wpa_driver_nl80211_event_rtm
}
wpa_printf(MSG_DEBUG, "nl80211: Interface down (%s/%s)",
namebuf, ifname);
@@ -339,7 +339,7 @@ as adding/removing interfaces.
wpa_printf(MSG_DEBUG,
"nl80211: Not the main interface (%s) - do not indicate interface down",
drv->first_bss->ifname);
-@@ -1400,7 +1419,7 @@ static void wpa_driver_nl80211_event_rtm
+@@ -1406,7 +1425,7 @@ static void wpa_driver_nl80211_event_rtm
}
wpa_printf(MSG_DEBUG, "nl80211: Interface up (%s/%s)",
namebuf, ifname);
@@ -348,7 +348,7 @@ as adding/removing interfaces.
wpa_printf(MSG_DEBUG,
"nl80211: Not the main interface (%s) - do not indicate interface up",
drv->first_bss->ifname);
-@@ -2046,6 +2065,7 @@ static int wpa_driver_nl80211_init_nl_gl
+@@ -2052,6 +2071,7 @@ static int wpa_driver_nl80211_init_nl_gl
genl_family_put(family);
nl_cache_free(cache);
@@ -356,7 +356,7 @@ as adding/removing interfaces.
nl_cb_set(global->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
no_seq_check, NULL);
nl_cb_set(global->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
-@@ -2216,6 +2236,7 @@ static int nl80211_init_bss(struct i802_
+@@ -2222,6 +2242,7 @@ static int nl80211_init_bss(struct i802_
if (!bss->nl_cb)
return -1;
@@ -364,7 +364,7 @@ as adding/removing interfaces.
nl_cb_set(bss->nl_cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM,
no_seq_check, NULL);
nl_cb_set(bss->nl_cb, NL_CB_VALID, NL_CB_CUSTOM,
-@@ -8844,6 +8865,7 @@ static void *i802_init(struct hostapd_da
+@@ -8763,6 +8784,7 @@ static void *i802_init(struct hostapd_da
char master_ifname[IFNAMSIZ];
int ifindex, br_ifindex = 0;
int br_added = 0;
@@ -372,7 +372,7 @@ as adding/removing interfaces.
bss = wpa_driver_nl80211_drv_init(hapd, params->ifname,
params->global_priv, 1,
-@@ -8904,21 +8926,17 @@ static void *i802_init(struct hostapd_da
+@@ -8823,21 +8845,17 @@ static void *i802_init(struct hostapd_da
(params->num_bridge == 0 || !params->bridge[0]))
add_ifidx(drv, br_ifindex, drv->ifindex);
@@ -404,7 +404,7 @@ as adding/removing interfaces.
}
if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) {
-@@ -9287,6 +9305,50 @@ static int wpa_driver_nl80211_if_remove(
+@@ -9210,6 +9228,50 @@ static int wpa_driver_nl80211_if_remove(
return 0;
}
@@ -455,7 +455,7 @@ as adding/removing interfaces.
static int cookie_handler(struct nl_msg *msg, void *arg)
{
-@@ -11150,6 +11212,37 @@ static bool nl80211_is_drv_shared(void *
+@@ -11088,6 +11150,37 @@ static bool nl80211_is_drv_shared(void *
#endif /* CONFIG_IEEE80211BE */
@@ -493,7 +493,7 @@ as adding/removing interfaces.
static int driver_nl80211_send_mlme(void *priv, const u8 *data,
size_t data_len, int noack,
unsigned int freq,
-@@ -14874,6 +14967,8 @@ const struct wpa_driver_ops wpa_driver_n
+@@ -14813,6 +14906,8 @@ const struct wpa_driver_ops wpa_driver_n
.set_acl = wpa_driver_nl80211_set_acl,
.if_add = wpa_driver_nl80211_if_add,
.if_remove = driver_nl80211_if_remove,
@@ -504,7 +504,7 @@ as adding/removing interfaces.
.sta_add = wpa_driver_nl80211_sta_add,
--- a/src/drivers/driver_nl80211_event.c
+++ b/src/drivers/driver_nl80211_event.c
-@@ -1199,6 +1199,7 @@ static void mlme_event_ch_switch(struct
+@@ -1213,6 +1213,7 @@ static void mlme_event_ch_switch(struct
struct nlattr *bw, struct nlattr *cf1,
struct nlattr *cf2,
struct nlattr *punct_bitmap,
@@ -512,7 +512,7 @@ as adding/removing interfaces.
int finished)
{
struct i802_bss *bss;
-@@ -1262,6 +1263,8 @@ static void mlme_event_ch_switch(struct
+@@ -1278,6 +1279,8 @@ static void mlme_event_ch_switch(struct
data.ch_switch.cf1 = nla_get_u32(cf1);
if (cf2)
data.ch_switch.cf2 = nla_get_u32(cf2);
@@ -521,7 +521,7 @@ as adding/removing interfaces.
if (link) {
data.ch_switch.link_id = nla_get_u8(link);
-@@ -4114,6 +4117,7 @@ static void do_process_drv_event(struct
+@@ -4129,6 +4132,7 @@ static void do_process_drv_event(struct
tb[NL80211_ATTR_CENTER_FREQ1],
tb[NL80211_ATTR_CENTER_FREQ2],
tb[NL80211_ATTR_PUNCT_BITMAP],
@@ -529,7 +529,7 @@ as adding/removing interfaces.
0);
break;
case NL80211_CMD_CH_SWITCH_NOTIFY:
-@@ -4126,6 +4130,7 @@ static void do_process_drv_event(struct
+@@ -4141,6 +4145,7 @@ static void do_process_drv_event(struct
tb[NL80211_ATTR_CENTER_FREQ1],
tb[NL80211_ATTR_CENTER_FREQ2],
tb[NL80211_ATTR_PUNCT_BITMAP],
@@ -610,7 +610,7 @@ as adding/removing interfaces.
endif
ifdef CONFIG_CODE_COVERAGE
-@@ -1054,6 +1066,9 @@ OBJS += ../src/ap/ctrl_iface_ap.o
+@@ -1056,6 +1068,9 @@ OBJS += ../src/ap/ctrl_iface_ap.o
ifdef CONFIG_UBUS
OBJS += ../src/ap/ubus.o
endif
@@ -622,7 +622,7 @@ as adding/removing interfaces.
CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
-@@ -6206,6 +6206,7 @@ void supplicant_event(void *ctx, enum wp
+@@ -6211,6 +6211,7 @@ void supplicant_event(void *ctx, enum wp
event_to_string(event), event);
#endif /* CONFIG_NO_STDOUT_DEBUG */
@@ -632,7 +632,7 @@ as adding/removing interfaces.
#ifdef CONFIG_FST
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -1256,6 +1256,7 @@ void wpa_supplicant_set_state(struct wpa
+@@ -1271,6 +1271,7 @@ void wpa_supplicant_set_state(struct wpa
sme_sched_obss_scan(wpa_s, 0);
}
wpa_s->wpa_state = state;
@@ -640,7 +640,7 @@ as adding/removing interfaces.
#ifdef CONFIG_BGSCAN
if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid)
-@@ -8196,6 +8197,7 @@ struct wpa_supplicant * wpa_supplicant_a
+@@ -8234,6 +8235,7 @@ struct wpa_supplicant * wpa_supplicant_a
#endif /* CONFIG_P2P */
wpas_ubus_add_bss(wpa_s);
@@ -648,7 +648,7 @@ as adding/removing interfaces.
return wpa_s;
}
-@@ -8223,6 +8225,7 @@ int wpa_supplicant_remove_iface(struct w
+@@ -8261,6 +8263,7 @@ int wpa_supplicant_remove_iface(struct w
struct wpa_supplicant *parent = wpa_s->parent;
#endif /* CONFIG_MESH */
@@ -656,7 +656,7 @@ as adding/removing interfaces.
wpas_ubus_free_bss(wpa_s);
/* Remove interface from the global list of interfaces */
-@@ -8533,6 +8536,7 @@ struct wpa_global * wpa_supplicant_init(
+@@ -8571,6 +8574,7 @@ struct wpa_global * wpa_supplicant_init(
eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
wpas_periodic, global, NULL);
@@ -664,7 +664,7 @@ as adding/removing interfaces.
return global;
}
-@@ -8571,12 +8575,8 @@ int wpa_supplicant_run(struct wpa_global
+@@ -8609,12 +8613,8 @@ int wpa_supplicant_run(struct wpa_global
eloop_register_signal_terminate(wpa_supplicant_terminate, global);
eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
@@ -677,7 +677,7 @@ as adding/removing interfaces.
return 0;
}
-@@ -8609,6 +8609,8 @@ void wpa_supplicant_deinit(struct wpa_gl
+@@ -8647,6 +8647,8 @@ void wpa_supplicant_deinit(struct wpa_gl
wpas_notify_supplicant_deinitialized(global);
@@ -696,7 +696,7 @@ as adding/removing interfaces.
extern const char *const wpa_supplicant_version;
extern const char *const wpa_supplicant_license;
-@@ -709,6 +710,7 @@ struct wpa_supplicant {
+@@ -700,6 +701,7 @@ struct wpa_supplicant {
unsigned char perm_addr[ETH_ALEN];
char ifname[100];
struct wpas_ubus_bss ubus;
@@ -706,7 +706,7 @@ as adding/removing interfaces.
#endif /* CONFIG_MATCH_IFACE */
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
-@@ -555,12 +555,17 @@ const char * sae_get_password(struct hos
+@@ -631,12 +631,17 @@ const char * sae_get_password(struct hos
struct sae_pt **s_pt,
const struct sae_pk **s_pk)
{
@@ -722,10 +722,10 @@ as adding/removing interfaces.
+ if (sta && sta->use_sta_psk)
+ goto use_sta_psk;
+
- for (pw = hapd->conf->sae_passwords; pw; pw = pw->next) {
- if (!is_broadcast_ether_addr(pw->peer_addr) &&
- (!sta ||
-@@ -582,12 +587,30 @@ const char * sae_get_password(struct hos
+ /* With sae_track_password functionality enabled, try to first find the
+ * next viable wildcard-address password if a password identifier was
+ * not used. Select an wildcard-addr entry if the STA is known to have
+@@ -697,12 +702,30 @@ const char * sae_get_password(struct hos
pt = hapd->conf->ssid.pt;
}
@@ -758,7 +758,7 @@ as adding/removing interfaces.
}
}
-@@ -3273,6 +3296,12 @@ static void handle_auth(struct hostapd_d
+@@ -3429,6 +3452,12 @@ static void handle_auth(struct hostapd_d
goto fail;
}
@@ -773,7 +773,7 @@ as adding/removing interfaces.
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
-@@ -475,6 +475,11 @@ void ap_free_sta(struct hostapd_data *ha
+@@ -476,6 +476,11 @@ void ap_free_sta(struct hostapd_data *ha
forced_memzero(sta->last_tk, WPA_TK_MAX_LEN);
#endif /* CONFIG_TESTING_OPTIONS */
@@ -785,7 +785,7 @@ as adding/removing interfaces.
os_free(sta);
}
-@@ -1574,6 +1579,8 @@ void ap_sta_set_authorized_event(struct
+@@ -1575,6 +1580,8 @@ void ap_sta_set_authorized_event(struct
#endif /* CONFIG_P2P */
const u8 *ip_ptr = NULL;
@@ -796,7 +796,7 @@ as adding/removing interfaces.
if (sta->p2p_ie != NULL &&
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
-@@ -181,6 +181,9 @@ struct sta_info {
+@@ -180,6 +180,9 @@ struct sta_info {
int vlan_id_bound; /* updated by ap_sta_bind_vlan() */
/* PSKs from RADIUS authentication server */
struct hostapd_sta_wpa_psk_short *psk;
@@ -808,7 +808,7 @@ as adding/removing interfaces.
char *radius_cui; /* Chargeable-User-Identity from RADIUS */
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
-@@ -403,6 +403,7 @@ static const u8 * hostapd_wpa_auth_get_p
+@@ -392,6 +392,7 @@ static const u8 * hostapd_wpa_auth_get_p
struct sta_info *sta = ap_get_sta(hapd, addr);
const u8 *psk;
@@ -816,7 +816,7 @@ as adding/removing interfaces.
if (vlan_id)
*vlan_id = 0;
if (psk_len)
-@@ -449,13 +450,18 @@ static const u8 * hostapd_wpa_auth_get_p
+@@ -438,13 +439,18 @@ static const u8 * hostapd_wpa_auth_get_p
* returned psk which should not be returned again.
* logic list (all hostapd_get_psk; all sta->psk)
*/
@@ -836,7 +836,7 @@ as adding/removing interfaces.
if (pos->is_passphrase) {
if (pbkdf2_sha1(pos->passphrase,
hapd->conf->ssid.ssid,
-@@ -469,9 +475,13 @@ static const u8 * hostapd_wpa_auth_get_p
+@@ -458,9 +464,13 @@ static const u8 * hostapd_wpa_auth_get_p
}
if (pos->psk == prev_psk) {
psk = pos->next ? pos->next->psk : NULL;
diff --git a/package/network/services/hostapd/patches/701-reload_config_inline.patch b/package/network/services/hostapd/patches/701-reload_config_inline.patch
index 2c2b9d4c30..9c142d1ab6 100644
--- a/package/network/services/hostapd/patches/701-reload_config_inline.patch
+++ b/package/network/services/hostapd/patches/701-reload_config_inline.patch
@@ -8,7 +8,7 @@ as adding/removing interfaces.
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -5223,7 +5223,12 @@ struct hostapd_config * hostapd_config_r
+@@ -4981,7 +4981,12 @@ struct hostapd_config * hostapd_config_r
int errors = 0;
size_t i;
diff --git a/package/network/services/hostapd/patches/710-vlan_no_bridge.patch b/package/network/services/hostapd/patches/710-vlan_no_bridge.patch
index 750d159f8d..fb0a5d4a95 100644
--- a/package/network/services/hostapd/patches/710-vlan_no_bridge.patch
+++ b/package/network/services/hostapd/patches/710-vlan_no_bridge.patch
@@ -8,7 +8,7 @@ was provided by the config
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -3644,6 +3644,8 @@ static int hostapd_config_fill(struct ho
+@@ -3415,6 +3415,8 @@ static int hostapd_config_fill(struct ho
#ifndef CONFIG_NO_VLAN
} else if (os_strcmp(buf, "dynamic_vlan") == 0) {
bss->ssid.dynamic_vlan = atoi(pos);
@@ -19,7 +19,7 @@ was provided by the config
} else if (os_strcmp(buf, "vlan_file") == 0) {
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
-@@ -121,6 +121,7 @@ struct hostapd_ssid {
+@@ -120,6 +120,7 @@ struct hostapd_ssid {
#define DYNAMIC_VLAN_OPTIONAL 1
#define DYNAMIC_VLAN_REQUIRED 2
int dynamic_vlan;
diff --git a/package/network/services/hostapd/patches/711-wds_bridge_force.patch b/package/network/services/hostapd/patches/711-wds_bridge_force.patch
index 7c5a3998f0..c71318be85 100644
--- a/package/network/services/hostapd/patches/711-wds_bridge_force.patch
+++ b/package/network/services/hostapd/patches/711-wds_bridge_force.patch
@@ -11,7 +11,7 @@ instead rely entirely on netifd handling this properly
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -2472,6 +2472,8 @@ static int hostapd_config_fill(struct ho
+@@ -2241,6 +2241,8 @@ static int hostapd_config_fill(struct ho
sizeof(conf->bss[0]->iface));
} else if (os_strcmp(buf, "bridge") == 0) {
os_strlcpy(bss->bridge, pos, sizeof(bss->bridge));
@@ -22,7 +22,7 @@ instead rely entirely on netifd handling this properly
} else if (os_strcmp(buf, "vlan_bridge") == 0) {
--- a/src/ap/ap_drv_ops.c
+++ b/src/ap/ap_drv_ops.c
-@@ -394,8 +394,6 @@ int hostapd_set_wds_sta(struct hostapd_d
+@@ -390,8 +390,6 @@ int hostapd_set_wds_sta(struct hostapd_d
return -1;
if (hapd->conf->wds_bridge[0])
bridge = hapd->conf->wds_bridge;
diff --git a/package/network/services/hostapd/patches/720-iface_max_num_sta.patch b/package/network/services/hostapd/patches/720-iface_max_num_sta.patch
index 022b2d9621..6a22a610c5 100644
--- a/package/network/services/hostapd/patches/720-iface_max_num_sta.patch
+++ b/package/network/services/hostapd/patches/720-iface_max_num_sta.patch
@@ -8,7 +8,7 @@ full device, e.g. in order to deal with hardware/driver limitations
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -3088,6 +3088,14 @@ static int hostapd_config_fill(struct ho
+@@ -2857,6 +2857,14 @@ static int hostapd_config_fill(struct ho
line, bss->max_num_sta, MAX_STA_COUNT);
return 1;
}
@@ -25,7 +25,7 @@ full device, e.g. in order to deal with hardware/driver limitations
} else if (os_strcmp(buf, "extended_key_id") == 0) {
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
-@@ -1089,6 +1089,8 @@ struct hostapd_config {
+@@ -1069,6 +1069,8 @@ struct hostapd_config {
unsigned int track_sta_max_num;
unsigned int track_sta_max_age;
@@ -36,7 +36,7 @@ full device, e.g. in order to deal with hardware/driver limitations
* ' ' (ascii 32): all environments
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
-@@ -1653,7 +1653,7 @@ void handle_probe_req(struct hostapd_dat
+@@ -1654,7 +1654,7 @@ void handle_probe_req(struct hostapd_dat
if (hapd->conf->no_probe_resp_if_max_sta &&
is_multicast_ether_addr(mgmt->da) &&
is_multicast_ether_addr(mgmt->bssid) &&
diff --git a/package/network/services/hostapd/patches/730-ft_iface.patch b/package/network/services/hostapd/patches/730-ft_iface.patch
index 4226a59d66..e5d29c30f2 100644
--- a/package/network/services/hostapd/patches/730-ft_iface.patch
+++ b/package/network/services/hostapd/patches/730-ft_iface.patch
@@ -8,7 +8,7 @@ a VLAN interface on top of the bridge, instead of using the bridge directly
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -3285,6 +3285,8 @@ static int hostapd_config_fill(struct ho
+@@ -3054,6 +3054,8 @@ static int hostapd_config_fill(struct ho
wpa_printf(MSG_INFO,
"Line %d: Obsolete peerkey parameter ignored", line);
#ifdef CONFIG_IEEE80211R_AP
@@ -19,7 +19,7 @@ a VLAN interface on top of the bridge, instead of using the bridge directly
hexstr2bin(pos, bss->mobility_domain,
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
-@@ -283,6 +283,7 @@ struct airtime_sta_weight {
+@@ -285,6 +285,7 @@ struct airtime_sta_weight {
struct hostapd_bss_config {
char iface[IFNAMSIZ + 1];
char bridge[IFNAMSIZ + 1];
@@ -29,7 +29,7 @@ a VLAN interface on top of the bridge, instead of using the bridge directly
int bridge_hairpin; /* hairpin_mode on bridge members */
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
-@@ -1829,8 +1829,12 @@ int hostapd_setup_wpa(struct hostapd_dat
+@@ -1834,8 +1834,12 @@ int hostapd_setup_wpa(struct hostapd_dat
wpa_key_mgmt_ft(hapd->conf->wpa_key_mgmt)) {
const char *ft_iface;
diff --git a/package/network/services/hostapd/patches/740-snoop_iface.patch b/package/network/services/hostapd/patches/740-snoop_iface.patch
index 0d7024af8f..1933247f8c 100644
--- a/package/network/services/hostapd/patches/740-snoop_iface.patch
+++ b/package/network/services/hostapd/patches/740-snoop_iface.patch
@@ -8,7 +8,7 @@ untagged DHCP packets
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -2476,6 +2476,8 @@ static int hostapd_config_fill(struct ho
+@@ -2245,6 +2245,8 @@ static int hostapd_config_fill(struct ho
os_strlcpy(bss->wds_bridge, pos, sizeof(bss->wds_bridge));
} else if (os_strcmp(buf, "bridge_hairpin") == 0) {
bss->bridge_hairpin = atoi(pos);
@@ -19,7 +19,7 @@ untagged DHCP packets
} else if (os_strcmp(buf, "wds_bridge") == 0) {
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
-@@ -284,6 +284,7 @@ struct hostapd_bss_config {
+@@ -286,6 +286,7 @@ struct hostapd_bss_config {
char iface[IFNAMSIZ + 1];
char bridge[IFNAMSIZ + 1];
char ft_iface[IFNAMSIZ + 1];
@@ -112,7 +112,7 @@ untagged DHCP packets
hapd->x_snoop_initialized = false;
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -4429,7 +4429,7 @@ struct wpa_driver_ops {
+@@ -4462,7 +4462,7 @@ struct wpa_driver_ops {
* Returns: 0 on success, negative (<0) on failure
*/
int (*br_set_net_param)(void *priv, enum drv_br_net_param param,
@@ -123,7 +123,7 @@ untagged DHCP packets
* get_wowlan - Get wake-on-wireless status
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -12853,7 +12853,7 @@ static const char * drv_br_net_param_str
+@@ -12789,7 +12789,7 @@ static const char * drv_br_net_param_str
static int wpa_driver_br_set_net_param(void *priv, enum drv_br_net_param param,
@@ -132,7 +132,7 @@ untagged DHCP packets
{
struct i802_bss *bss = priv;
char path[128];
-@@ -12879,8 +12879,11 @@ static int wpa_driver_br_set_net_param(v
+@@ -12815,8 +12815,11 @@ static int wpa_driver_br_set_net_param(v
return -EINVAL;
}
diff --git a/package/network/services/hostapd/patches/760-dynamic_own_ip.patch b/package/network/services/hostapd/patches/760-dynamic_own_ip.patch
index 7f1dc11755..f46ba6b2e7 100644
--- a/package/network/services/hostapd/patches/760-dynamic_own_ip.patch
+++ b/package/network/services/hostapd/patches/760-dynamic_own_ip.patch
@@ -7,7 +7,7 @@ Some servers use the NAS-IP-Address attribute as a destination address
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -2863,6 +2863,8 @@ static int hostapd_config_fill(struct ho
+@@ -2632,6 +2632,8 @@ static int hostapd_config_fill(struct ho
} else if (os_strcmp(buf, "iapp_interface") == 0) {
wpa_printf(MSG_INFO, "DEPRECATED: iapp_interface not used");
#endif /* CONFIG_IAPP */
@@ -18,7 +18,7 @@ Some servers use the NAS-IP-Address attribute as a destination address
wpa_printf(MSG_ERROR,
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
-@@ -310,6 +310,7 @@ struct hostapd_bss_config {
+@@ -312,6 +312,7 @@ struct hostapd_bss_config {
unsigned int eap_sim_db_timeout;
int eap_server_erp; /* Whether ERP is enabled on internal EAP server */
struct hostapd_ip_addr own_ip_addr;
@@ -28,7 +28,7 @@ Some servers use the NAS-IP-Address attribute as a destination address
int radius_require_message_authenticator;
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
-@@ -598,6 +598,10 @@ int add_common_radius_attr(struct hostap
+@@ -597,6 +597,10 @@ int add_common_radius_attr(struct hostap
struct hostapd_radius_attr *attr;
int len;
@@ -50,7 +50,7 @@ Some servers use the NAS-IP-Address attribute as a destination address
/**
* conf - RADIUS client configuration (list of RADIUS servers to use)
*/
-@@ -819,6 +821,30 @@ static void radius_close_acct_socket(str
+@@ -822,6 +824,30 @@ static void radius_close_acct_socket(str
/**
@@ -81,7 +81,7 @@ Some servers use the NAS-IP-Address attribute as a destination address
* radius_client_send - Send a RADIUS request
* @radius: RADIUS client context from radius_client_init()
* @msg: RADIUS message to be sent
-@@ -1714,6 +1740,10 @@ radius_change_server(struct radius_clien
+@@ -1733,6 +1759,10 @@ radius_change_server(struct radius_clien
wpa_printf(MSG_DEBUG, "RADIUS local address: %s:%u",
inet_ntoa(claddr.sin_addr),
ntohs(claddr.sin_port));
@@ -92,7 +92,7 @@ Some servers use the NAS-IP-Address attribute as a destination address
}
break;
#ifdef CONFIG_IPV6
-@@ -1725,6 +1755,10 @@ radius_change_server(struct radius_clien
+@@ -1744,6 +1774,10 @@ radius_change_server(struct radius_clien
inet_ntop(AF_INET6, &claddr6.sin6_addr,
abuf, sizeof(abuf)),
ntohs(claddr6.sin6_port));
diff --git a/package/network/services/hostapd/patches/762-AP-don-t-ignore-probe-requests-with-invalid-DSSS-par.patch b/package/network/services/hostapd/patches/762-AP-don-t-ignore-probe-requests-with-invalid-DSSS-par.patch
index 03b333138a..e673002139 100644
--- a/package/network/services/hostapd/patches/762-AP-don-t-ignore-probe-requests-with-invalid-DSSS-par.patch
+++ b/package/network/services/hostapd/patches/762-AP-don-t-ignore-probe-requests-with-invalid-DSSS-par.patch
@@ -28,7 +28,7 @@ Signed-off-by: David Bauer <mail at david-bauer.net>
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
-@@ -1496,7 +1496,7 @@ void handle_probe_req(struct hostapd_dat
+@@ -1497,7 +1497,7 @@ void handle_probe_req(struct hostapd_dat
* is less likely to see them (Probe Request frame sent on a
* neighboring, but partially overlapping, channel).
*/
diff --git a/package/network/services/hostapd/patches/763-radius-wispr.patch b/package/network/services/hostapd/patches/763-radius-wispr.patch
index e8967a8547..1b1797318c 100644
--- a/package/network/services/hostapd/patches/763-radius-wispr.patch
+++ b/package/network/services/hostapd/patches/763-radius-wispr.patch
@@ -1,6 +1,6 @@
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
-@@ -2033,6 +2033,25 @@ static int ieee802_1x_update_vlan(struct
+@@ -2000,6 +2000,25 @@ static int ieee802_1x_update_vlan(struct
}
#endif /* CONFIG_NO_VLAN */
@@ -26,7 +26,7 @@
/**
* ieee802_1x_receive_auth - Process RADIUS frames from Authentication Server
-@@ -2149,6 +2168,7 @@ ieee802_1x_receive_auth(struct radius_ms
+@@ -2116,6 +2135,7 @@ ieee802_1x_receive_auth(struct radius_ms
ieee802_1x_check_hs20(hapd, sta, msg,
session_timeout_set ?
(int) session_timeout : -1);
@@ -46,7 +46,7 @@
enum mesh_plink_state plink_state;
--- a/src/radius/radius.c
+++ b/src/radius/radius.c
-@@ -1339,6 +1339,35 @@ radius_msg_get_cisco_keys(struct radius_
+@@ -1377,6 +1377,35 @@ radius_msg_get_cisco_keys(struct radius_
return keys;
}
@@ -84,7 +84,7 @@
const u8 *req_authenticator,
--- a/src/radius/radius.h
+++ b/src/radius/radius.h
-@@ -233,6 +233,10 @@ enum {
+@@ -232,6 +232,10 @@ enum {
RADIUS_VENDOR_ATTR_WFA_HS20_T_C_URL = 10,
};
@@ -95,7 +95,7 @@
#ifdef _MSC_VER
#pragma pack(pop)
#endif /* _MSC_VER */
-@@ -306,6 +310,7 @@ radius_msg_get_ms_keys(struct radius_msg
+@@ -304,6 +308,7 @@ radius_msg_get_ms_keys(struct radius_msg
struct radius_ms_mppe_keys *
radius_msg_get_cisco_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
const u8 *secret, size_t secret_len);
diff --git a/package/network/services/hostapd/patches/770-radius_server.patch b/package/network/services/hostapd/patches/770-radius_server.patch
index 53d162e916..d6fdb167f6 100644
--- a/package/network/services/hostapd/patches/770-radius_server.patch
+++ b/package/network/services/hostapd/patches/770-radius_server.patch
@@ -56,7 +56,7 @@ handle reload.
/**
* struct radius_session - Internal RADIUS server data for a session
*/
-@@ -90,7 +96,7 @@ struct radius_session {
+@@ -89,7 +95,7 @@ struct radius_session {
unsigned int macacl:1;
unsigned int t_c_filtering:1;
@@ -65,7 +65,7 @@ handle reload.
u32 t_c_timestamp; /* Last read T&C timestamp from user DB */
};
-@@ -394,6 +400,7 @@ static void radius_server_session_free(s
+@@ -373,6 +379,7 @@ static void radius_server_session_free(s
radius_msg_free(sess->last_reply);
os_free(sess->username);
os_free(sess->nas_ip);
@@ -73,7 +73,7 @@ handle reload.
os_free(sess);
data->num_sess--;
}
-@@ -554,6 +561,36 @@ radius_server_erp_find_key(struct radius
+@@ -533,6 +540,36 @@ radius_server_erp_find_key(struct radius
}
#endif /* CONFIG_ERP */
@@ -110,7 +110,7 @@ handle reload.
static struct radius_session *
radius_server_get_new_session(struct radius_server_data *data,
-@@ -607,7 +644,7 @@ radius_server_get_new_session(struct rad
+@@ -586,7 +623,7 @@ radius_server_get_new_session(struct rad
eap_user_free(tmp);
return NULL;
}
@@ -119,7 +119,7 @@ handle reload.
sess->macacl = tmp->macacl;
eap_user_free(tmp);
-@@ -1123,11 +1160,10 @@ radius_server_encapsulate_eap(struct rad
+@@ -923,11 +960,10 @@ radius_server_encapsulate_eap(struct rad
}
if (code == RADIUS_CODE_ACCESS_ACCEPT) {
@@ -135,7 +135,7 @@ handle reload.
wpa_printf(MSG_ERROR, "Could not add RADIUS attribute");
radius_msg_free(msg);
return NULL;
-@@ -1221,11 +1257,10 @@ radius_server_macacl(struct radius_serve
+@@ -1023,11 +1059,10 @@ radius_server_macacl(struct radius_serve
}
if (code == RADIUS_CODE_ACCESS_ACCEPT) {
@@ -151,12 +151,12 @@ handle reload.
wpa_printf(MSG_ERROR, "Could not add RADIUS attribute");
radius_msg_free(msg);
return NULL;
-@@ -2527,7 +2562,7 @@ static int radius_server_get_eap_user(vo
+@@ -2335,7 +2370,7 @@ static int radius_server_get_eap_user(vo
ret = data->get_eap_user(data->conf_ctx, identity, identity_len,
phase2, user);
if (ret == 0 && user) {
- sess->accept_attr = user->accept_attr;
+ sess->accept_attr = radius_server_copy_attr(user->accept_attr);
- sess->remediation = user->remediation;
sess->macacl = user->macacl;
sess->t_c_timestamp = user->t_c_timestamp;
+ }
diff --git a/package/network/services/hostapd/patches/780-Implement-APuP-Access-Point-Micro-Peering.patch b/package/network/services/hostapd/patches/780-Implement-APuP-Access-Point-Micro-Peering.patch
index d21027636a..72c48a3d00 100644
--- a/package/network/services/hostapd/patches/780-Implement-APuP-Access-Point-Micro-Peering.patch
+++ b/package/network/services/hostapd/patches/780-Implement-APuP-Access-Point-Micro-Peering.patch
@@ -53,7 +53,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -5216,6 +5216,15 @@ static int hostapd_config_fill(struct ho
+@@ -4974,6 +4974,15 @@ static int hostapd_config_fill(struct ho
bss->mld_indicate_disabled = atoi(pos);
#endif /* CONFIG_TESTING_OPTIONS */
#endif /* CONFIG_IEEE80211BE */
@@ -71,7 +71,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
"Line %d: unknown configuration item '%s'",
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
-@@ -1002,6 +1002,35 @@ struct hostapd_bss_config {
+@@ -982,6 +982,35 @@ struct hostapd_bss_config {
int mbssid_index;
bool spp_amsdu;
@@ -109,7 +109,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
/**
--- a/src/ap/ap_drv_ops.c
+++ b/src/ap/ap_drv_ops.c
-@@ -389,13 +389,39 @@ int hostapd_set_wds_sta(struct hostapd_d
+@@ -385,13 +385,39 @@ int hostapd_set_wds_sta(struct hostapd_d
const u8 *addr, int aid, int val)
{
const char *bridge = NULL;
@@ -373,7 +373,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
#ifdef CONFIG_FILS
static struct wpabuf *
-@@ -3664,8 +3667,8 @@ static u16 check_multi_ap(struct hostapd
+@@ -3820,8 +3823,8 @@ static u16 check_multi_ap(struct hostapd
}
@@ -384,7 +384,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
{
/* Supported rates not used in IEEE 802.11ad/DMG */
if (hapd->iface->current_mode &&
-@@ -4105,7 +4108,7 @@ static int __check_assoc_ies(struct host
+@@ -4263,7 +4266,7 @@ static int __check_assoc_ies(struct host
elems->ext_capab_len);
if (resp != WLAN_STATUS_SUCCESS)
return resp;
@@ -393,7 +393,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
if (resp != WLAN_STATUS_SUCCESS)
return resp;
-@@ -6175,6 +6178,11 @@ static void handle_beacon(struct hostapd
+@@ -6314,6 +6317,11 @@ static void handle_beacon(struct hostapd
0);
ap_list_process_beacon(hapd->iface, mgmt, &elems, fi);
@@ -407,7 +407,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
--- a/src/ap/ieee802_11.h
+++ b/src/ap/ieee802_11.h
-@@ -108,6 +108,8 @@ int hostapd_process_ml_assoc_req_addr(st
+@@ -114,6 +114,8 @@ int hostapd_process_ml_assoc_req_addr(st
const u8 *basic_mle, size_t basic_mle_len,
u8 *mld_addr);
int hostapd_get_aid(struct hostapd_data *hapd, struct sta_info *sta);
@@ -418,7 +418,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
u16 copy_sta_vendor_vht(struct hostapd_data *hapd, struct sta_info *sta,
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -4123,7 +4123,7 @@ struct wpa_driver_ops {
+@@ -4156,7 +4156,7 @@ struct wpa_driver_ops {
* Returns: 0 on success, -1 on failure
*/
int (*set_wds_sta)(void *priv, const u8 *addr, int aid, int val,
@@ -429,7 +429,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
* send_action - Transmit an Action frame
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -8699,25 +8699,15 @@ static int have_ifidx(struct wpa_driver_
+@@ -8615,25 +8615,15 @@ static int have_ifidx(struct wpa_driver_
static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val,
diff --git a/package/network/services/hostapd/patches/803-hostapd-fix-80211be-build.patch b/package/network/services/hostapd/patches/803-hostapd-fix-80211be-build.patch
index 85c745d187..d2b7b0b414 100644
--- a/package/network/services/hostapd/patches/803-hostapd-fix-80211be-build.patch
+++ b/package/network/services/hostapd/patches/803-hostapd-fix-80211be-build.patch
@@ -1,6 +1,6 @@
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
-@@ -1970,3 +1970,22 @@ void ap_sta_free_sta_profile(struct mld_
+@@ -1971,3 +1971,22 @@ void ap_sta_free_sta_profile(struct mld_
}
}
#endif /* CONFIG_IEEE80211BE */
@@ -25,7 +25,7 @@
+
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
-@@ -414,23 +414,8 @@ int ap_sta_re_add(struct hostapd_data *h
+@@ -411,23 +411,8 @@ int ap_sta_re_add(struct hostapd_data *h
void ap_free_sta_pasn(struct hostapd_data *hapd, struct sta_info *sta);
More information about the lede-commits
mailing list