Merge pull request #462 from Telecominfraproject/main

Fixes for WIFI-9962 and others
Merge pull request #461 from Telecominfraproject/next
2025-10-30 18:07:52 +00:00 · 2022-07-01 00:58:45 -04:00 · 2022-06-30 17:34:02 -04:00 · 2022-06-30 17:30:42 -04:00 · 2022-06-30 12:19:41 +02:00 · 2022-06-30 12:19:41 +02:00
7 changed files with 127 additions and 3 deletions
--- a/feeds/ucentral/radius-gw-proxy/src/main.c
+++ b/feeds/ucentral/radius-gw-proxy/src/main.c
@@ -23,6 +23,7 @@
 #define RAD_PROX_BUFLEN		(4 * 1024)
 #define TLV_NAS_IP		4
 #define TLV_PROXY_STATE		33
 struct radius_socket {
@@ -57,6 +58,7 @@ struct radius_proxy_state {
 static struct radius_socket *sock_auth;
 static struct radius_socket *sock_acct;
 static struct radius_socket *sock_dae;
 static int
 avl_memcmp(const void *k1, const void *k2, void *ptr)
@@ -134,6 +136,9 @@ radius_forward_gw(char *buf, enum socket_type type)
 	case RADIUS_ACCT:
 		blobmsg_add_string(&b, "radius", "acct");
 		break;
 	case RADIUS_DAS:
 		blobmsg_add_string(&b, "radius", "coa");
 		break;
 	default:
 		return;
 	}
@@ -154,6 +159,7 @@ radius_parse(char *buf, int len, int port, enum socket_type type, int tx)
 	char proxy_state_str[256] = {};
 	void *avp = hdr->avp;
 	int len_orig = ntohs(hdr->len);
 	uint8_t localhost[] = { 0x7f, 0, 0, 1 };
 	if (len_orig != len) {
 		ULOG_ERR("invalid header length, %d %d\n", len_orig, len);
@@ -175,11 +181,32 @@ radius_parse(char *buf, int len, int port, enum socket_type type, int tx)
 		if (tlv->id == TLV_PROXY_STATE)
 			proxy_state = tlv;
 		if (type == RADIUS_DAS && tlv->id == TLV_NAS_IP && tlv->len == 6)
 			memcpy(tlv->data, &localhost, 4);
 		printf("\tID:%d, len:%d\n", tlv->id, tlv->len);
 		avp += tlv->len;
 		len -= tlv->len;
 	}
 	if (type == RADIUS_DAS) {
 		if (tx) {
 			radius_forward_gw(buf, type);
 		} else {
 			struct sockaddr_in dest;
 			memset(&dest, 0, sizeof(dest));
 			dest.sin_family = AF_INET;
 			dest.sin_port = htons(3799);
 			inet_pton(AF_INET, "127.0.0.1", &(dest.sin_addr.s_addr));
 			if (sendto(sock_dae->fd.fd, buf, len_orig,
 				   MSG_DONTWAIT, (struct sockaddr*)&dest, sizeof(dest)) < 0)
 				ULOG_ERR("failed to deliver DAS frame to localhost\n");
 		}
 		return 0;
 	}
 	if (!proxy_state) {
 		ULOG_ERR("no proxy_state found\n");
 		return -1;
@@ -326,6 +353,7 @@ int main(int argc, char **argv)
 	sock_auth = sock_open("1812", RADIUS_AUTH);
 	sock_acct = sock_open("1813", RADIUS_ACCT);
 	sock_dae = sock_open("1814", RADIUS_DAS);
 	uloop_run();
 	uloop_end();
--- a/feeds/ucentral/radius-gw-proxy/src/ubus.c
+++ b/feeds/ucentral/radius-gw-proxy/src/ubus.c
@@ -40,6 +40,8 @@ static int ubus_frame_cb(struct ubus_context *ctx,
 		type = RADIUS_AUTH;
 	else if (!strcmp(radius, "acct"))
 		type = RADIUS_ACCT;
 	else if (!strcmp(radius, "coa"))
 		type = RADIUS_DAS;
 	else
 		return UBUS_STATUS_INVALID_ARGUMENT;
--- a/feeds/ucentral/ucentral-schema/Makefile
+++ b/feeds/ucentral/ucentral-schema/Makefile
@@ -4,10 +4,10 @@ PKG_NAME:=ucentral-schema
 PKG_RELEASE:=1
 PKG_SOURCE_URL=https://github.com/Telecominfraproject/wlan-ucentral-schema.git
-PKG_MIRROR_HASH:=7ec098910bf4969da8ceb0f04aacd8af1cb0657dfb105bc8a499b98407a2c406
+PKG_MIRROR_HASH:=3603ddd26026d3a5b0febe7fbae22fd28fd6d7370793ecf979561d8886be2af4
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_DATE:=2022-05-29
-PKG_SOURCE_VERSION:=fc8fdcfed71e31e6def4d57d57acb2fa38d70253
+PKG_SOURCE_VERSION:=9691cc6860c25ba7d62142846da44bd09c17acc0
 PKG_MAINTAINER:=John Crispin <john@phrozen.org>
 PKG_LICENSE:=BSD-3-Clause
--- a/feeds/wifi-ax/hostapd/files/hostapd.sh
+++ b/feeds/wifi-ax/hostapd/files/hostapd.sh
@@ -355,6 +355,7 @@ hostapd_common_add_bss_config() {
 	config_add_int sae_pwe
 	config_add_string 'owe_transition_bssid:macaddr' 'owe_transition_ssid:string'
 	config_add_string owe_transition_ifname
 	config_add_boolean iw_enabled iw_internet iw_asra iw_esr iw_uesa
 	config_add_int iw_access_network_type iw_venue_group iw_venue_type
@@ -718,10 +719,11 @@ hostapd_set_bss_options() {
 	case "$auth_type" in
 		none|owe)
-			json_get_vars owe_transition_bssid owe_transition_ssid
+			json_get_vars owe_transition_bssid owe_transition_ssid owe_transition_ifname
 			[ -n "$owe_transition_ssid" ] && append bss_conf "owe_transition_ssid=\"$owe_transition_ssid\"" "$N"
 			[ -n "$owe_transition_bssid" ] && append bss_conf "owe_transition_bssid=$owe_transition_bssid" "$N"
 			[ -n "$owe_transition_ifname" ] && append bss_conf "owe_transition_ifname=$owe_transition_ifname" "$N"
 			wps_possible=1
 			# Here we make the assumption that if we're in open mode
--- a/feeds/wifi-ax/hostapd/patches/900-coa.patch
+++ b/feeds/wifi-ax/hostapd/patches/900-coa.patch
@@ -0,0 +1,24 @@
 Index: hostapd-2021-02-20-59e9794c/src/radius/radius_das.c
 ===================================================================
 --- hostapd-2021-02-20-59e9794c.orig/src/radius/radius_das.c
 +++ hostapd-2021-02-20-59e9794c/src/radius/radius_das.c
@@ -48,6 +48,8 @@ static struct radius_msg * radius_das_di
 		RADIUS_ATTR_EVENT_TIMESTAMP,
 		RADIUS_ATTR_MESSAGE_AUTHENTICATOR,
 		RADIUS_ATTR_CHARGEABLE_USER_IDENTITY,
 +		RADIUS_ATTR_VENDOR_SPECIFIC,
 +		RADIUS_ATTR_CALLED_STATION_ID,
 #ifdef CONFIG_IPV6
 		RADIUS_ATTR_NAS_IPV6_ADDRESS,
 #endif /* CONFIG_IPV6 */
@@ -205,9 +207,8 @@ static struct radius_msg * radius_das_co
 		RADIUS_ATTR_EVENT_TIMESTAMP,
 		RADIUS_ATTR_MESSAGE_AUTHENTICATOR,
 		RADIUS_ATTR_CHARGEABLE_USER_IDENTITY,
 -#ifdef CONFIG_HS20
 		RADIUS_ATTR_VENDOR_SPECIFIC,
 -#endif /* CONFIG_HS20 */
 +		RADIUS_ATTR_CALLED_STATION_ID,
 #ifdef CONFIG_IPV6
 		RADIUS_ATTR_NAS_IPV6_ADDRESS,
 #endif /* CONFIG_IPV6 */
--- a/patches/backports/0034-hostapd-add-owe_transition_ifname.patch
+++ b/patches/backports/0034-hostapd-add-owe_transition_ifname.patch
@@ -0,0 +1,66 @@
 From 574539ee2cdbb3dd54086423c6dfdd19bb1c06a6 Mon Sep 17 00:00:00 2001
 From: David Bauer <mail@david-bauer.net>
 Date: Thu, 16 Jun 2022 01:55:26 +0200
 Subject: [PATCH] hostapd: add owe_transition_ifname
 Add the owe_transition_ifname config option to wifi-ifaces.
 This allows to configure OWE transition VAPs without adding SSID / BSSID
 to the uci conifg but instead autodiscovering these parameters from
 other networks on the same PHY.
 The following configuration creates a OWE transition mode network
 constellation.
 config wifi-iface 'open0'
 	option device 'radio0'
 	option ifname 'open0'
 	option network 'lan'
 	option mode 'ap'
 	option ssid 'FreeNet'
 	option encryption 'none'
 	option owe_transition_ifname 'owe0'
 config wifi-iface 'owe0'
 	option device 'radio0'
 	option ifname 'owe0'
 	option network 'lan'
 	option mode 'ap'
 	option ssid 'owe_tm.FreeNet'
 	option encryption 'owe'
 	option hidden '1'
 	option owe_transition_ifname 'open0'
 Signed-off-by: David Bauer <mail@david-bauer.net>
 ---
 package/network/services/hostapd/files/hostapd.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)
 diff --git a/package/network/services/hostapd/files/hostapd.sh b/package/network/services/hostapd/files/hostapd.sh
 index e5f816a55b..fa344bd2dd 100644
 --- a/package/network/services/hostapd/files/hostapd.sh
 +++ b/package/network/services/hostapd/files/hostapd.sh
@@ -335,6 +335,7 @@ hostapd_common_add_bss_config() {
 	config_add_int sae_pwe
 	config_add_string 'owe_transition_bssid:macaddr' 'owe_transition_ssid:string'
 +	config_add_string owe_transition_ifname
 	config_add_boolean iw_enabled iw_internet iw_asra iw_esr iw_uesa
 	config_add_int iw_access_network_type iw_venue_group iw_venue_type
@@ -635,10 +636,11 @@ hostapd_set_bss_options() {
 	case "$auth_type" in
 		none|owe)
 -			json_get_vars owe_transition_bssid owe_transition_ssid
 +			json_get_vars owe_transition_bssid owe_transition_ssid owe_transition_ifname
 			[ -n "$owe_transition_ssid" ] && append bss_conf "owe_transition_ssid=\"$owe_transition_ssid\"" "$N"
 			[ -n "$owe_transition_bssid" ] && append bss_conf "owe_transition_bssid=$owe_transition_bssid" "$N"
 +			[ -n "$owe_transition_ifname" ] && append bss_conf "owe_transition_ifname=$owe_transition_ifname" "$N"
 			wps_possible=1
 			# Here we make the assumption that if we're in open mode
 -- 
 2.25.1
--- a/profiles/ucentral-ap.yml
+++ b/profiles/ucentral-ap.yml
@@ -17,6 +17,7 @@ packages:
  - atfpolicy
  - kmod-batman-adv
  - batctl-default
  - bind-dig
  - cJSON
  - curl
  - dnsmasq-full
@@ -52,6 +53,7 @@ packages:
  - libustream-openssl
  - udevmand
  - umdns
  - oping
  - vxlan
  - wpad-openssl
 diffconfig: |
Author	SHA1	Message	Date
jaspreetsachdev	4c21f5c4b6	Merge pull request #462 from Telecominfraproject/main Fixes for WIFI-9962 and others	2022-07-01 00:58:45 -04:00
jaspreetsachdev	cf657dbd94	Merge pull request #461 from Telecominfraproject/next Next	2022-06-30 17:34:02 -04:00
jaspreetsachdev	33c9876760	Merge pull request #460 from Telecominfraproject/release/v2.6.0 Release/v2.6.0	2022-06-30 17:30:42 -04:00
John Crispin	4d6d7405d6	ucentral-schema: update to latest HEAD 9691cc6 improve custom config handling b4a3a56 add support for OWE encryption Fixes: WIFI-9811 Signed-off-by: John Crispin <john@phrozen.org>	2022-06-30 12:19:41 +02:00
John Crispin	e249701c34	profile: add bind-dig to default package selection This makes openroaming NAPTR work Fixes: WIFI-9962 Signed-off-by: John Crispin <john@phrozen.org>	2022-06-30 12:19:41 +02:00
John Crispin	0d50975152	hostapd: backport OWE patches Fixes: WIFI-9811 Signed-off-by: John Crispin <john@phrozen.org>	2022-06-30 12:19:41 +02:00
John Crispin	6d87847d15	radius-gw-proxy: update to latest HEAD Fixes: WIFI-9620 Signed-off-by: John Crispin <john@phrozen.org>	2022-06-30 12:19:41 +02:00