scottk/wlan-ap
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-ap.git synced 2025-10-29 17:42:41 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity

Compare commits

base: scottk:v3.2.0
Branches Tags
scottk:main scottk:staging-r4.0-memleak scottk:staging-WIFI-15216-ath12k-wifi-update-NWA130BE-BDF-files scottk:staging-WIFI-15175-Add-emplus-wap588m-to-support-kernel-6.6-at-staging-upstream-mediatek scottk:staging-WIFI-14996-Support-NAT-Logging scottk:next scottk:release/v4.1.0 scottk:staging-WIFI-14583-Support-Edgecore-OAP106 scottk:staging-WIFI-14822 scottk:staging-WIFI-14998-reworked scottk:staging-WIFI-14179 scottk:staging-WIFI-15164-ath12k-wifi-update-NWA50BE-BDF-files scottk:staging-WIFI-15163-LAN-switch-exposes-single-eth1-instead-of-per-port-interfaces-for-RAP750W-311A scottk:staging-upstream-mediatek scottk:staging-linux-6.6-EAP111-disable-ubi-auto-attach scottk:staging-WIFI-15027 scottk:staging-WIFI-14859-hostapd_cli-chan_switch-NOHT scottk:staging-WIFI-14987-EAP112-support-AN8801SB scottk:staging-WIFI-14917-log-backup-helper scottk:cloud_discovery_fix_improv scottk:WIFI-15123 scottk:WIFI-15155-CIG189H-wifi-status-and-iwinfo-show-empty-after-upgrade-to-latest-main scottk:staging-WIFI-15139-support-dhcp-opt138-opt224 scottk:WIFI-15138-rap7110c-341x-thermal-setting scottk:staging-WIFI-15146-qca-ssdk-remove-the-unused-patch-of-pinctrl scottk:staging-WIFI-14742 scottk:staging-WIFI-15125-Support-multiple-upstream scottk:WIFI-15130-WF672-Update-FCC-BDF scottk:staging-WIFI-14998-3 scottk:staging-WIFI-14998-2 scottk:release/v4.0.0 scottk:for-4.0 scottk:for-4.1 scottk:staging-WIFI-15127-zyxel_nwa130be-use-LED-of-DTS-instead-of-ssdk-cmd scottk:staging-WIFI-15126-Zyxel-NWA130BE-save-crash-log-into-pstore scottk:staging-WIFI-14676-Support-Zyxel-NWA50BE scottk:staging-WIFI-15124-Add-KERNEL-flag-IPQ_MEM_PROFILE-for-IPQ53XX scottk:WIFI-15120-Sonicfi-squashfs-certification-backup-improve scottk:staging-v4.1 scottk:staging-WIFI-14998 scottk:staging-WIFI-14998-1 scottk:staging-WIFI-14999 scottk:origin/WIFI-15000-WF672A-Check-Wi-Fi-mode-at-boot scottk:WIFI-14997-Multi-country-BDF-support scottk:staging-WIFI-14994-EAP111-support-AN8801SB-PHY scottk:WIFI-14993-enable-pstore-for-SonicFi-Wi-Fi-6-models scottk:14493 scottk:WIFI-15000-WF672A-Check-Wi-Fi-mode-at-boot scottk:led_respect_config scottk:staging-WIFI-14986-EAP112-an8801sb-disable-surge-protection-mode scottk:staging-fix-cloud-discovery-typo-dhcp138 scottk:staging-fix-cloud-discovery-typo scottk:uci_defaults_sync scottk:WIFI-14966 scottk:staging-WIFI-14869-Ramoops-Not-Initialized-on-Cybertan_rap7110c-341x scottk:staging-WIFI-14957-fix-bootbank-switch-upgrade scottk:staging-remove-extra-lines-mtk-sr-scene scottk:staging-WIFI-14951-Store-PKI2.0-key-for-RAP6x-production scottk:staging-WIFI-14901-improve-rrm-with-chanutil-fix scottk:staging-WIFI-14427-afc-use-curl-add-cert scottk:staging-WIFI-14427-afc-use-curl-wifi7 scottk:staging-WIFI-14427-afc-use-curl scottk:staging-mtk-update scottk:staging-WIFI-14904-PKI1.0-to-PKI2.0-enrollment-does-not-complete-properly-on-squashfs-based-certificate-storage-SonicFi-RAP6-series- scottk:staging-WIFI-14901-improve-rrm-with-chanutil scottk:staging-WIFI-14906-add-sync-after-file-generation scottk:WIFI-14896-support-HaLow-Mesh scottk:staging-WIFI-14895-add-support-for-EMPLUS-WAP7635 scottk:WIFI-14890-CIG-Support-dual-BDF scottk:WIFI-14884 scottk:staging-WIFI-14594 scottk:feeds_use_git scottk:WIFI-14873-add-smp-affinity-for-wf186h-and-wf186w scottk:staging-WIFI-14837-support-rrm-EAP11X scottk:staging-mtk-ramoops scottk:staging-WIFI-14847 scottk:WIFI-14545-EAP112-LTE-handle-username-password scottk:staging-add-hostapd_cli-to-hostapd-mtk scottk:staging-WIFI-14849-When-device-is-booting-it-causes-lan-wan-ports-bridge-together scottk:staging-WIFI-14858-ath12k-wifi-update-NWA130BE-BDF-files scottk:staging-WIFI-14848-zyxel_nwa130be-fine-tune-thermal-setting scottk:staging-WIFI-14842-save-crash-log-eap105 scottk:WIFI-14840-6G-CBP-Test-Will-fail-Sometimes scottk:WIFI-14751-EAP112-LTE-auto-connect-after-reboot scottk:WIFI-14817-6G-CBP-fail-on-20M-BW scottk:WIFI-14825-Enable-mpstats-and-iperf3-On-CIG-WiFi-7-Products scottk:WIFI-14631-CIG-WiFi-7-Product-Save-crash-log-into-pstore scottk:staging-WIFI-14824-zyxel_nwa130be-fine-tune-thermal-setting scottk:nwa50be-dev scottk:staging-WIFI-14823-change-patches-zyxel_nwa130be-path scottk:staging-WIFI-14791-add-EMPLUS-WAP380C-support scottk:origin/WIFI-14788-CIG-WF189W-H-Add-temperature-control scottk:WIFI-14789-update-WF672A-configuration scottk:WIFI-14788-CIG-WF189W-H-Add-temperature-control scottk:staging-WIFI-14723-Add-Support-for-EMPLUS-WAP581 scottk:WIFI-14728-ipq50xx-add-sonicfi-rap630e scottk:staging-WIFI-14740-adjust-the-amplitude-level-of-SGMII-for-Zyxel-NWA130BE scottk:staging-WIFI-14615-fix-halow-client-cannot-access-network scottk:wifi-14697 scottk:staging-pki2.0 scottk:WIFI-14697-Implement-API-to-query-negotiated-PoE-class scottk:staging-WIFI-14588-cloud-package-manager scottk:staging-WIFI-14484-WIFI-14544 scottk:WIFI-14699-RAP630-serials-PWM-LED-max-brightness-range-open scottk:WIFI-14574-update-BDF-for-SonicFi-RAP650C scottk:staging-WIFI-14684-add-EMPLUS-WAP385C-support scottk:silent_reboot_fix scottk:WIFI-14666 scottk:staging-WIFI-14668-Add-thermal-protection-for-EMPLUS-WAP588M-model scottk:staging-WIFI-14667-Fix-image-upgrade-fail-for-EMPLUS-WAP588M scottk:staging-WIFI-14579-enable-dualboot-eap111-eap112 scottk:WIFI-14650-CIG-WF-189-CIG-WF-189H-LAN-and-WAN-Ports-Swapped-After-Upgrading-to-TIP-devel-14a0c2d-Image scottk:staging-WIFI-14632-Add-Support-for-EMPLUS-WAP386V2 scottk:WIFI-14644-AP72TIP-support-dual-image-and-fix-reset-button-issue scottk:WIFI-14630-Add-WF189W-WF189H-WF672-into-build-list scottk:staging-WIFI-14645-add-hostapd-patch-eap112 scottk:staging-WIFI-14579-dualboot-in-eap111-eap112 scottk:staging-eap-105-fixes scottk:WIFI-14603-Default-TC-fq_codel-queue-on-GRE-cause-low-GRE-RX-throughput scottk:WIFI-14623-WF188n-WF196-lost-the-certificates-files-after-upgrade scottk:WIFI-14509-CIG-WiFi7-WF-672A-bring-up scottk:staging-WIFI-14605-Swiitch-LAN-and-WAN-port-for-EMPLUS-WAP588M scottk:staging-WIFI-14580-Support-Zyxel-NWA130BE scottk:staging-WIFI-14576-support-phy-AN8801-EAP111 scottk:WIFI-14582-WF189-Save-crash-log-into-pstore scottk:staging-WIFI-14575-rrm-chanutil-fix-radio-status-check scottk:staging-WIFI-14549-Add-Support-for-EMPLUS-WAP588M scottk:WIFI-14567-WF189-10G-PHY-code-optimization scottk:staging-WIFI-14564-Multiple-ssids scottk:WIFI-14546-WF189-ETH-port-issue-start-from-12.5 scottk:staging-WIFI-14560-fix-rrmd-init-script scottk:WIFI-14547-Bringup-Sercomm-AP72TIP-on-v4.x scottk:WIFI-14538-WF189-Reset-button-does-not-work scottk:staging-WIFI-14536-update-chanutil-calculation-in-rrm scottk:staging-WIFI-14459 scottk:staging-WIFI-14529-udhcpinject-missing scottk:WIFI-14524-WF189-W-H-Add-189H-support scottk:WIFI-14526-CIG-smp-affinity-for-supporting-53XX-platform-with-wikiki-and-pebble scottk:staging-test-chuiyeh scottk:release/4.0.0 scottk:staging-test-fridayhung-ec scottk:staging-test-jacky1100002 scottk:staging-WIFI-14522 scottk:staging-testjoe scottk:staging-WIFI-14018-DHCP-82 scottk:WIFI-14456-CIG-WiFi7-WF-189W-H-bring-up scottk:staging-WIFI-14507 scottk:staging-WIFI-14326 scottk:staging-WIFI-14454-support-for-indio-525axm-wifi6-ap scottk:staging-WIFI-14457 scottk:release/v3.2.0 scottk:release/v3.1.0 scottk:release/v3.0.0 scottk:release/v2.11.0 scottk:release/v2.10.0 scottk:release/v2.9.0 scottk:release/v2.8.0 scottk:release/v2.7.0 scottk:release/v2.6.0 scottk:release/v2.5.0 scottk:release/v2.4.0 scottk:pending scottk:release/v2.3.0 scottk:release/v2.3.00 scottk:release/v2.2.0 scottk:release/v2.1.0 scottk:uCentral-trunk scottk:release/v1.2 scottk:trunk scottk:release/v2.0.0 scottk:staging-eap101-usb-storage scottk:release/v1.1 scottk:release/v1.0.0
scottk:v4.1.1 scottk:v4.1.1-RC1 scottk:v4.1.0 scottk:v4.1.0-rc3 scottk:v4.1.0-rc2 scottk:v4.1.0-rc1 scottk:v4.0.0-rc3 scottk:v4.0.0 scottk:v4.0.0-rc2 scottk:v4.0.0-rc1 scottk:v3.2.1 scottk:v3.2.1-rc3 scottk:v3.2.1-rc2 scottk:v3.2.1-rc1 scottk:v3.2.0 scottk:v3.2.0-rc3 scottk:v3.2.0-rc2 scottk:v3.2.0-rc1 scottk:v3.1.0-rc4 scottk:v3.1.0 scottk:v3.1.0-rc3 scottk:v3.1.0-rc2 scottk:v3.1.0-rc1 scottk:v3.0.2-rc3 scottk:v3.0.2 scottk:v3.0.2-rc2 scottk:v3.0.2-rc1 scottk:v3.0.1 scottk:v3.0.1-rc1 scottk:v3.0.0-rc3 scottk:v3.0.0 scottk:v3.0.0-rc2 scottk:v3.0.0-rc1 scottk:v2.11.0-rc3 scottk:v2.11.0 scottk:v2.11.0-rc2 scottk:v2.11.0-rc1 scottk:v2.10.0-rc3 scottk:v2.10.0 scottk:v2.10.0-rc2 scottk:v2.10.0-rc1 scottk:v2.9.1 scottk:v2.9.0 scottk:v2.9.0-rc5 scottk:v2.9.0-rc3 scottk:v2.9.0-rc4 scottk:v2.9.0-rc2 scottk:v2.9.0-rc1 scottk:v2.8.0-rc6 scottk:v2.8.0 scottk:v2.8.0-rc5 scottk:v2.8.0-rc4 scottk:v2.8.0-rc3 scottk:v2.8.0-rc2 scottk:v2.8.0-rc1 scottk:v2.7.2 scottk:v2.7.2-rc2 scottk:v2.7.2-rc1 scottk:v2.7.1 scottk:v2.7.1-rc2 scottk:v2.7.1-rc1 scottk:v2.7.0 scottk:v2.7.0-rc2 scottk:v2.7.0-rc1 scottk:v2.6.0 scottk:v2.6.0-rc5 scottk:v2.6.0-rc4 scottk:v2.6.0-rc3 scottk:v2.6.0-rc2 scottk:v2.6.0-rc1 scottk:v2.5.0 scottk:v2.5.0-rc4 scottk:v2.5.0-rc3 scottk:v2.5.0-rc2 scottk:v2.5.0-rc1 scottk:v2.4.1 scottk:v2.4.0 scottk:v2.4.0-rc3 scottk:v2.4.0-rc2 scottk:v2.4.0-rc1 scottk:v2.3.0-rc3 scottk:v2.3.0-rc2 scottk:v2.3.0-rc1 scottk:v2.2.0-rc2 scottk:v2.2.0-rc1 scottk:v2.1.0-rc3 scottk:v2.1.0-rc2 scottk:v2.1.0-rc1 scottk:v1.2.0 scottk:v1.2.0-rc2 scottk:v1.2.0-rc1 scottk:v2.0.0 scottk:v2.0.0-rc3 scottk:v2.0.0-rc2 scottk:v2.0.0-rc1 scottk:v1.1.1-rc1 scottk:v1.1.0 scottk:v1.1.0-rc4 scottk:v1.1.0-rc3 scottk:v1.0.4 scottk:v1.0.4-rc5 scottk:v1.0.4-rc4 scottk:v1.0.4-rc3 scottk:v1.0.4-rc2 scottk:v1.0.4-rc1 scottk:v1.1.0-rc2 scottk:v1.1.0-rc1 scottk:v1.0.3 scottk:v1.0.2 scottk:v1.0.1 scottk:v1.0.0-rc2 scottk:v1.0.0 scottk:v1.0.0-rc1
..
compare: scottk:v2.11.0-rc2
Branches Tags
scottk:staging-r4.0-memleak scottk:staging-WIFI-15216-ath12k-wifi-update-NWA130BE-BDF-files scottk:staging-WIFI-15175-Add-emplus-wap588m-to-support-kernel-6.6-at-staging-upstream-mediatek scottk:main scottk:staging-WIFI-14996-Support-NAT-Logging scottk:next scottk:release/v4.1.0 scottk:staging-WIFI-14583-Support-Edgecore-OAP106 scottk:staging-WIFI-14822 scottk:staging-WIFI-14998-reworked scottk:staging-WIFI-14179 scottk:staging-WIFI-15164-ath12k-wifi-update-NWA50BE-BDF-files scottk:staging-WIFI-15163-LAN-switch-exposes-single-eth1-instead-of-per-port-interfaces-for-RAP750W-311A scottk:staging-upstream-mediatek scottk:staging-linux-6.6-EAP111-disable-ubi-auto-attach scottk:staging-WIFI-15027 scottk:staging-WIFI-14859-hostapd_cli-chan_switch-NOHT scottk:staging-WIFI-14987-EAP112-support-AN8801SB scottk:staging-WIFI-14917-log-backup-helper scottk:cloud_discovery_fix_improv scottk:WIFI-15123 scottk:WIFI-15155-CIG189H-wifi-status-and-iwinfo-show-empty-after-upgrade-to-latest-main scottk:staging-WIFI-15139-support-dhcp-opt138-opt224 scottk:WIFI-15138-rap7110c-341x-thermal-setting scottk:staging-WIFI-15146-qca-ssdk-remove-the-unused-patch-of-pinctrl scottk:staging-WIFI-14742 scottk:staging-WIFI-15125-Support-multiple-upstream scottk:WIFI-15130-WF672-Update-FCC-BDF scottk:staging-WIFI-14998-3 scottk:staging-WIFI-14998-2 scottk:release/v4.0.0 scottk:for-4.0 scottk:for-4.1 scottk:staging-WIFI-15127-zyxel_nwa130be-use-LED-of-DTS-instead-of-ssdk-cmd scottk:staging-WIFI-15126-Zyxel-NWA130BE-save-crash-log-into-pstore scottk:staging-WIFI-14676-Support-Zyxel-NWA50BE scottk:staging-WIFI-15124-Add-KERNEL-flag-IPQ_MEM_PROFILE-for-IPQ53XX scottk:WIFI-15120-Sonicfi-squashfs-certification-backup-improve scottk:staging-v4.1 scottk:staging-WIFI-14998 scottk:staging-WIFI-14998-1 scottk:staging-WIFI-14999 scottk:origin/WIFI-15000-WF672A-Check-Wi-Fi-mode-at-boot scottk:WIFI-14997-Multi-country-BDF-support scottk:staging-WIFI-14994-EAP111-support-AN8801SB-PHY scottk:WIFI-14993-enable-pstore-for-SonicFi-Wi-Fi-6-models scottk:14493 scottk:WIFI-15000-WF672A-Check-Wi-Fi-mode-at-boot scottk:led_respect_config scottk:staging-WIFI-14986-EAP112-an8801sb-disable-surge-protection-mode scottk:staging-fix-cloud-discovery-typo-dhcp138 scottk:staging-fix-cloud-discovery-typo scottk:uci_defaults_sync scottk:WIFI-14966 scottk:staging-WIFI-14869-Ramoops-Not-Initialized-on-Cybertan_rap7110c-341x scottk:staging-WIFI-14957-fix-bootbank-switch-upgrade scottk:staging-remove-extra-lines-mtk-sr-scene scottk:staging-WIFI-14951-Store-PKI2.0-key-for-RAP6x-production scottk:staging-WIFI-14901-improve-rrm-with-chanutil-fix scottk:staging-WIFI-14427-afc-use-curl-add-cert scottk:staging-WIFI-14427-afc-use-curl-wifi7 scottk:staging-WIFI-14427-afc-use-curl scottk:staging-mtk-update scottk:staging-WIFI-14904-PKI1.0-to-PKI2.0-enrollment-does-not-complete-properly-on-squashfs-based-certificate-storage-SonicFi-RAP6-series- scottk:staging-WIFI-14901-improve-rrm-with-chanutil scottk:staging-WIFI-14906-add-sync-after-file-generation scottk:WIFI-14896-support-HaLow-Mesh scottk:staging-WIFI-14895-add-support-for-EMPLUS-WAP7635 scottk:WIFI-14890-CIG-Support-dual-BDF scottk:WIFI-14884 scottk:staging-WIFI-14594 scottk:feeds_use_git scottk:WIFI-14873-add-smp-affinity-for-wf186h-and-wf186w scottk:staging-WIFI-14837-support-rrm-EAP11X scottk:staging-mtk-ramoops scottk:staging-WIFI-14847 scottk:WIFI-14545-EAP112-LTE-handle-username-password scottk:staging-add-hostapd_cli-to-hostapd-mtk scottk:staging-WIFI-14849-When-device-is-booting-it-causes-lan-wan-ports-bridge-together scottk:staging-WIFI-14858-ath12k-wifi-update-NWA130BE-BDF-files scottk:staging-WIFI-14848-zyxel_nwa130be-fine-tune-thermal-setting scottk:staging-WIFI-14842-save-crash-log-eap105 scottk:WIFI-14840-6G-CBP-Test-Will-fail-Sometimes scottk:WIFI-14751-EAP112-LTE-auto-connect-after-reboot scottk:WIFI-14817-6G-CBP-fail-on-20M-BW scottk:WIFI-14825-Enable-mpstats-and-iperf3-On-CIG-WiFi-7-Products scottk:WIFI-14631-CIG-WiFi-7-Product-Save-crash-log-into-pstore scottk:staging-WIFI-14824-zyxel_nwa130be-fine-tune-thermal-setting scottk:nwa50be-dev scottk:staging-WIFI-14823-change-patches-zyxel_nwa130be-path scottk:staging-WIFI-14791-add-EMPLUS-WAP380C-support scottk:origin/WIFI-14788-CIG-WF189W-H-Add-temperature-control scottk:WIFI-14789-update-WF672A-configuration scottk:WIFI-14788-CIG-WF189W-H-Add-temperature-control scottk:staging-WIFI-14723-Add-Support-for-EMPLUS-WAP581 scottk:WIFI-14728-ipq50xx-add-sonicfi-rap630e scottk:staging-WIFI-14740-adjust-the-amplitude-level-of-SGMII-for-Zyxel-NWA130BE scottk:staging-WIFI-14615-fix-halow-client-cannot-access-network scottk:wifi-14697 scottk:staging-pki2.0 scottk:WIFI-14697-Implement-API-to-query-negotiated-PoE-class scottk:staging-WIFI-14588-cloud-package-manager scottk:staging-WIFI-14484-WIFI-14544 scottk:WIFI-14699-RAP630-serials-PWM-LED-max-brightness-range-open scottk:WIFI-14574-update-BDF-for-SonicFi-RAP650C scottk:staging-WIFI-14684-add-EMPLUS-WAP385C-support scottk:silent_reboot_fix scottk:WIFI-14666 scottk:staging-WIFI-14668-Add-thermal-protection-for-EMPLUS-WAP588M-model scottk:staging-WIFI-14667-Fix-image-upgrade-fail-for-EMPLUS-WAP588M scottk:staging-WIFI-14579-enable-dualboot-eap111-eap112 scottk:WIFI-14650-CIG-WF-189-CIG-WF-189H-LAN-and-WAN-Ports-Swapped-After-Upgrading-to-TIP-devel-14a0c2d-Image scottk:staging-WIFI-14632-Add-Support-for-EMPLUS-WAP386V2 scottk:WIFI-14644-AP72TIP-support-dual-image-and-fix-reset-button-issue scottk:WIFI-14630-Add-WF189W-WF189H-WF672-into-build-list scottk:staging-WIFI-14645-add-hostapd-patch-eap112 scottk:staging-WIFI-14579-dualboot-in-eap111-eap112 scottk:staging-eap-105-fixes scottk:WIFI-14603-Default-TC-fq_codel-queue-on-GRE-cause-low-GRE-RX-throughput scottk:WIFI-14623-WF188n-WF196-lost-the-certificates-files-after-upgrade scottk:WIFI-14509-CIG-WiFi7-WF-672A-bring-up scottk:staging-WIFI-14605-Swiitch-LAN-and-WAN-port-for-EMPLUS-WAP588M scottk:staging-WIFI-14580-Support-Zyxel-NWA130BE scottk:staging-WIFI-14576-support-phy-AN8801-EAP111 scottk:WIFI-14582-WF189-Save-crash-log-into-pstore scottk:staging-WIFI-14575-rrm-chanutil-fix-radio-status-check scottk:staging-WIFI-14549-Add-Support-for-EMPLUS-WAP588M scottk:WIFI-14567-WF189-10G-PHY-code-optimization scottk:staging-WIFI-14564-Multiple-ssids scottk:WIFI-14546-WF189-ETH-port-issue-start-from-12.5 scottk:staging-WIFI-14560-fix-rrmd-init-script scottk:WIFI-14547-Bringup-Sercomm-AP72TIP-on-v4.x scottk:WIFI-14538-WF189-Reset-button-does-not-work scottk:staging-WIFI-14536-update-chanutil-calculation-in-rrm scottk:staging-WIFI-14459 scottk:staging-WIFI-14529-udhcpinject-missing scottk:WIFI-14524-WF189-W-H-Add-189H-support scottk:WIFI-14526-CIG-smp-affinity-for-supporting-53XX-platform-with-wikiki-and-pebble scottk:staging-test-chuiyeh scottk:release/4.0.0 scottk:staging-test-fridayhung-ec scottk:staging-test-jacky1100002 scottk:staging-WIFI-14522 scottk:staging-testjoe scottk:staging-WIFI-14018-DHCP-82 scottk:WIFI-14456-CIG-WiFi7-WF-189W-H-bring-up scottk:staging-WIFI-14507 scottk:staging-WIFI-14326 scottk:staging-WIFI-14454-support-for-indio-525axm-wifi6-ap scottk:staging-WIFI-14457 scottk:release/v3.2.0 scottk:release/v3.1.0 scottk:release/v3.0.0 scottk:release/v2.11.0 scottk:release/v2.10.0 scottk:release/v2.9.0 scottk:release/v2.8.0 scottk:release/v2.7.0 scottk:release/v2.6.0 scottk:release/v2.5.0 scottk:release/v2.4.0 scottk:pending scottk:release/v2.3.0 scottk:release/v2.3.00 scottk:release/v2.2.0 scottk:release/v2.1.0 scottk:uCentral-trunk scottk:release/v1.2 scottk:trunk scottk:release/v2.0.0 scottk:staging-eap101-usb-storage scottk:release/v1.1 scottk:release/v1.0.0
scottk:v4.1.1 scottk:v4.1.1-RC1 scottk:v4.1.0 scottk:v4.1.0-rc3 scottk:v4.1.0-rc2 scottk:v4.1.0-rc1 scottk:v4.0.0-rc3 scottk:v4.0.0 scottk:v4.0.0-rc2 scottk:v4.0.0-rc1 scottk:v3.2.1 scottk:v3.2.1-rc3 scottk:v3.2.1-rc2 scottk:v3.2.1-rc1 scottk:v3.2.0 scottk:v3.2.0-rc3 scottk:v3.2.0-rc2 scottk:v3.2.0-rc1 scottk:v3.1.0-rc4 scottk:v3.1.0 scottk:v3.1.0-rc3 scottk:v3.1.0-rc2 scottk:v3.1.0-rc1 scottk:v3.0.2-rc3 scottk:v3.0.2 scottk:v3.0.2-rc2 scottk:v3.0.2-rc1 scottk:v3.0.1 scottk:v3.0.1-rc1 scottk:v3.0.0-rc3 scottk:v3.0.0 scottk:v3.0.0-rc2 scottk:v3.0.0-rc1 scottk:v2.11.0-rc3 scottk:v2.11.0 scottk:v2.11.0-rc2 scottk:v2.11.0-rc1 scottk:v2.10.0-rc3 scottk:v2.10.0 scottk:v2.10.0-rc2 scottk:v2.10.0-rc1 scottk:v2.9.1 scottk:v2.9.0 scottk:v2.9.0-rc5 scottk:v2.9.0-rc3 scottk:v2.9.0-rc4 scottk:v2.9.0-rc2 scottk:v2.9.0-rc1 scottk:v2.8.0-rc6 scottk:v2.8.0 scottk:v2.8.0-rc5 scottk:v2.8.0-rc4 scottk:v2.8.0-rc3 scottk:v2.8.0-rc2 scottk:v2.8.0-rc1 scottk:v2.7.2 scottk:v2.7.2-rc2 scottk:v2.7.2-rc1 scottk:v2.7.1 scottk:v2.7.1-rc2 scottk:v2.7.1-rc1 scottk:v2.7.0 scottk:v2.7.0-rc2 scottk:v2.7.0-rc1 scottk:v2.6.0 scottk:v2.6.0-rc5 scottk:v2.6.0-rc4 scottk:v2.6.0-rc3 scottk:v2.6.0-rc2 scottk:v2.6.0-rc1 scottk:v2.5.0 scottk:v2.5.0-rc4 scottk:v2.5.0-rc3 scottk:v2.5.0-rc2 scottk:v2.5.0-rc1 scottk:v2.4.1 scottk:v2.4.0 scottk:v2.4.0-rc3 scottk:v2.4.0-rc2 scottk:v2.4.0-rc1 scottk:v2.3.0-rc3 scottk:v2.3.0-rc2 scottk:v2.3.0-rc1 scottk:v2.2.0-rc2 scottk:v2.2.0-rc1 scottk:v2.1.0-rc3 scottk:v2.1.0-rc2 scottk:v2.1.0-rc1 scottk:v1.2.0 scottk:v1.2.0-rc2 scottk:v1.2.0-rc1 scottk:v2.0.0 scottk:v2.0.0-rc3 scottk:v2.0.0-rc2 scottk:v2.0.0-rc1 scottk:v1.1.1-rc1 scottk:v1.1.0 scottk:v1.1.0-rc4 scottk:v1.1.0-rc3 scottk:v1.0.4 scottk:v1.0.4-rc5 scottk:v1.0.4-rc4 scottk:v1.0.4-rc3 scottk:v1.0.4-rc2 scottk:v1.0.4-rc1 scottk:v1.1.0-rc2 scottk:v1.1.0-rc1 scottk:v1.0.3 scottk:v1.0.2 scottk:v1.0.1 scottk:v1.0.0-rc2 scottk:v1.0.0 scottk:v1.0.0-rc1

1 Commits
v3.2.0 ... v2.11.0-rc

Author SHA1 Message Date
jaspreetsachdev
dd41f15987 Merge pull request #581 from Telecominfraproject/main 
Merge the latest changes from main
 2023-09-20 08:58:21 -04:00
7152 changed files with 1392784 additions and 808059 deletions
Expand all files Collapse all files

7
.github/workflows/build-dev.yml vendored
View File

@@ -21,16 +21,11 @@ jobs:
strategy:
fail-fast: false
matrix:
target: [ 'cig_wf186h', 'cig_wf186w', 'cig_wf188n', 'cig_wf196', 'cig_wf189', 'cybertan_eww631-a1', 'cybertan_eww631-b1','sonicfi_rap630c-311g', 'sonicfi_rap630w-311g', 'sonicfi_rap630w-211g', 'edgecore_eap101', 'edgecore_eap102', 'edgecore_eap104', 'edgecore_eap105', 'edgecore_eap111', 'edgecore_eap112', 'edgecore_oap101', 'edgecore_oap101-6e', 'edgecore_oap101e', 'edgecore_oap101e-6e', 'hfcl_ion4xe', 'hfcl_ion4xi', 'hfcl_ion4x', 'hfcl_ion4x_2', 'hfcl_ion4x_3', 'hfcl_ion4xi_w', 'hfcl_ion4x_w', 'indio_um-305ax', 'sercomm_ap72tip', 'udaya_a6-id2', 'wallys_dr5018', 'wallys_dr6018', 'wallys_dr6018-v4', 'yuncore_ax820', 'yuncore_ax840', 'yuncore_fap640', 'yuncore_fap650', 'yuncore_fap655' ]
target: [ 'cig_wf186w', 'cig_wf188n-ca', 'cig_wf188n-ca-ath12', 'cig_wf188n-us', 'cig_wf196-us', 'cig_wf196-ca', 'cig_wf196-ca-ath12', 'cig_wf610d', 'cig_wf660a', 'cig_wf808', 'cybertan_eww622-a1', 'cybertan_eww631-a1', 'cybertan_eww631-b1', 'edgecore_eap101', 'edgecore_eap101-ath12', 'edgecore_eap102', 'edgecore_eap102-ath12', 'edgecore_eap104', 'edgecore_eap104-ath12', 'liteon_wpx8324', 'edgecore_ecs4100-12ph', 'edgecore_ecw5211', 'edgecore_ecw5410', 'edgecore_oap100', 'edgecore_oap101-6e', 'edgecore_oap101e', 'hfcl_ion4','hfcl_ion4xi_wp', 'hfcl_ion4xe', 'hfcl_ion4xi', 'hfcl_ion4x', 'hfcl_ion4x_2', 'hfcl_ion4xi_w', 'hfcl_ion4xi_HMR', 'hfcl_ion4x_w', 'indio_um-305ac', 'indio_um-305ax', 'indio_um-325ac', 'indio_um-510ac-v3', 'indio_um-550ac', 'indio_um-310ax-v1', 'indio_um-510axp-v1', 'indio_um-510axm-v1', 'udaya_a5-id2', 'wallys_dr40x9', 'wallys_dr6018', 'wallys_dr6018_v4', 'x64_vm', 'yuncore_ax840', 'yuncore_fap640', 'yuncore_fap650', 'yuncore_fap655' ]
steps:
- uses: actions/checkout@v3
# Clean unnecessary files to save disk space
- name: clean unncessary files to save space
run: |
docker rmi `docker images -q`
- name: Build image for ${{ matrix.target }}
id: build
run: |

28
LICENSE
View File

@@ -1,28 +0,0 @@
BSD 3-Clause License
Copyright (c) 2024, Telecom Infra Project
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
3. Neither the name of the copyright holder nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

15
config.yml
View File

@@ -1,7 +1,16 @@
repo: https://github.com/openwrt/openwrt.git
branch: openwrt-23.05
revision: e92cf0c46ffe3ac7fca936c18577bfb19eb4ce9e
branch: openwrt-21.02
revision: c67509efd7d0c43eb3f622f06c8a31aa28d22f6e
output_dir: ./output
patch_folders:
- patches
- patches/backports/
- patches/base
- patches/wifi
- patches/ath79
- patches/ramips
- patches/ipq40xx
- patches/ipq806x
- patches/ipq807x
- patches/rest
- patches/x86

3
feeds/bluetooth/nrf52840/files/etc/init.d/nrf52840
View File

@@ -5,8 +5,7 @@ START=80
boot() {
. /lib/functions/system.sh
case $(board_name) in
edgecore,eap102|\
edgecore,oap102)
edgecore,eap102)
echo 54 > /sys/class/gpio/export
echo out > /sys/class/gpio/gpio54/direction
echo 0 > /sys/class/gpio/gpio54/value

29
feeds/hfcl/hfcl/Makefile
View File

@@ -1,29 +0,0 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=hfcl
PKG_VERSION:=1.0
PKG_BUILD_DIR:= $(BUILD_DIR)/$(PKG_NAME)
include $(INCLUDE_DIR)/package.mk
define Package/hfcl
SECTION:=base
CATEGORY:=Utilities
TITLE:=hfcl
endef
define Build/Prepare
mkdir -p $(PKG_BUILD_DIR)
endef
define Build/Compile/Default
endef
Build/Compile = $(Build/Compile/Default)
define Package/hfcl/install
cp -rf ./files/* $(1)
endef
$(eval $(call BuildPackage,hfcl))

43
feeds/hfcl/hfcl/files/etc/ucentral_check.sh
View File

@@ -1,43 +0,0 @@
#!/bin/sh
echo "Start Websocket check/recovery script"
ucentral_conn=$(netstat -atulpn | grep -i ucentral | awk '{print $6}')
hostname_AP=$(uci get system.@system[0].hostname)
uc_file_check=$(du /etc/config/ucentral | awk '{print $1}' )
sleep 20
curr_date=$(date)
if [[ "$uc_file_check" = 0 ]]
then
echo "[[$curr_date]] empty ucentral file found, need to factory reset"
ubi_mount=$(mount | grep ubifs | grep noatime | awk '{print $1}')
if [[ "$ubi_mount" != "/dev/ubi0_3" ]]
then
echo "[[$curr_date]] ubifs not mounted, need to reboot before factory reset, mount was $ubi_mount"
/sbin/reboot
else
/sbin/jffs2reset -y -r
fi
elif [[ "$hostname_AP" = "OpenWrt" ]]
then
echo "[[$curr_date]] hostname set to openwrt, doing ucentral and capabilities load"
/usr/share/ucentral/capabilities.uc
rlink=$(readlink -f /etc/ucentral/ucentral.active)
/usr/share/ucentral/ucentral.uc /etc/ucentral/ucentral.active
rm -rf /etc/ucentral/ucentral.active
ln -s $rlink /etc/ucentral/ucentral.active
sleep 60
ucentral_check=$(netstat -atulpn | grep -i ucentral | awk '{print $6}')
if [[ "$ucentral_check" != "ESTABLIHED" ]]
then
echo "[[$curr_date]] loading didn't work, need to factory reset"
/sbin/jffs2reset -y -r
fi
elif [[ "$ucentral_conn" != "ESTABLISHED" ]]
then
echo "[[$curr_date]] Ucentral either crashed or stopped, restarting the same"
/etc/init.d/ucentral restart
else
echo "[[$curr_date]] Ucentral working all fine, nothing to do"
fi

18
feeds/hfcl/hfcl/files/etc/uci-defaults/abc-hfcl-ucentral
View File

@@ -1,18 +0,0 @@
#!/bin/sh
#rm -f /etc/rc.local
#cp -f /etc/loop.local /etc/rc.local
crontab -r
/etc/init.d/cron enable
/etc/init.d/cron start
sleep 60
crontab -l | { cat; echo "*/3 * * * * /bin/sh /etc/ucentral_check.sh >> /tmp/ucentral_check";} | crontab -
crontab -l | { cat; echo "* */4 * * * rm -rf /tmp/ucentral_check";} | crontab -
/etc/init.d/cron restart

108
feeds/hostapd/hostapd/Config.in
View File

@@ -1,108 +0,0 @@
# wpa_supplicant config
config WPA_RFKILL_SUPPORT
bool "Add rfkill support"
depends on PACKAGE_wpa-supplicant || \
PACKAGE_wpa-supplicant-openssl || \
PACKAGE_wpa-supplicant-wolfssl || \
PACKAGE_wpa-supplicant-mbedtls || \
PACKAGE_wpa-supplicant-mesh-openssl || \
PACKAGE_wpa-supplicant-mesh-wolfssl || \
PACKAGE_wpa-supplicant-mesh-mbedtls || \
PACKAGE_wpa-supplicant-basic || \
PACKAGE_wpa-supplicant-mini || \
PACKAGE_wpa-supplicant-p2p || \
PACKAGE_wpad || \
PACKAGE_wpad-openssl || \
PACKAGE_wpad-wolfssl || \
PACKAGE_wpad-mbedtls || \
PACKAGE_wpad-basic || \
PACKAGE_wpad-basic-openssl || \
PACKAGE_wpad-basic-wolfssl || \
PACKAGE_wpad-basic-mbedtls || \
PACKAGE_wpad-mini || \
PACKAGE_wpad-mesh-openssl || \
PACKAGE_wpad-mesh-wolfssl || \
PACKAGE_wpad-mesh-mbedtls
default n
config WPA_MSG_MIN_PRIORITY
int "Minimum debug message priority"
depends on PACKAGE_wpa-supplicant || \
PACKAGE_wpa-supplicant-openssl || \
PACKAGE_wpa-supplicant-wolfssl || \
PACKAGE_wpa-supplicant-mbedtls || \
PACKAGE_wpa-supplicant-mesh-openssl || \
PACKAGE_wpa-supplicant-mesh-wolfssl || \
PACKAGE_wpa-supplicant-mesh-mbedtls || \
PACKAGE_wpa-supplicant-basic || \
PACKAGE_wpa-supplicant-mini || \
PACKAGE_wpa-supplicant-p2p || \
PACKAGE_wpad || \
PACKAGE_wpad-openssl || \
PACKAGE_wpad-wolfssl || \
PACKAGE_wpad-mbedtls || \
PACKAGE_wpad-basic || \
PACKAGE_wpad-basic-openssl || \
PACKAGE_wpad-basic-wolfssl || \
PACKAGE_wpad-basic-mbedtls || \
PACKAGE_wpad-mini || \
PACKAGE_wpad-mesh-openssl || \
PACKAGE_wpad-mesh-wolfssl || \
PACKAGE_wpad-mesh-mbedtls
default 3
help
Useful values are:
0 = all messages
1 = raw message dumps
2 = most debugging messages
3 = info messages
4 = warnings
5 = errors
config WPA_WOLFSSL
bool
default PACKAGE_wpa-supplicant-wolfssl ||\
PACKAGE_wpad-wolfssl ||\
PACKAGE_wpad-basic-wolfssl || \
PACKAGE_wpad-mesh-wolfssl ||\
PACKAGE_eapol-test-wolfssl
select WOLFSSL_HAS_AES_CCM
select WOLFSSL_HAS_ARC4
select WOLFSSL_HAS_DH
select WOLFSSL_HAS_OCSP
select WOLFSSL_HAS_SESSION_TICKET
select WOLFSSL_HAS_WPAS
config DRIVER_11AC_SUPPORT
bool
default n
config DRIVER_11AX_SUPPORT
bool
default n
select WPA_MBO_SUPPORT
config WPA_ENABLE_WEP
bool "Enable support for unsecure and obsolete WEP"
help
Wired equivalent privacy (WEP) is an obsolete cryptographic data
confidentiality algorithm that is not considered secure. It should not be used
for anything anymore. The functionality needed to use WEP is available in the
current hostapd release under this optional build parameter and completely
removed in a future release.
config WPA_MBO_SUPPORT
bool "Multi Band Operation (Agile Multiband)"
default PACKAGE_wpa-supplicant || \
PACKAGE_wpa-supplicant-openssl || \
PACKAGE_wpa-supplicant-wolfssl || \
PACKAGE_wpa-supplicant-mbedtls || \
PACKAGE_wpad || \
PACKAGE_wpad-openssl || \
PACKAGE_wpad-wolfssl || \
PACKAGE_wpad-mbedtls
help
Multi Band Operation aka (Agile Multiband) enables features
that facilitate efficient use of multiple frequency bands.
Enabling MBO on an AP using RSN requires 802.11w to be enabled.
Hostapd will refuse to start if MBO and RSN are enabled without 11w.

851
feeds/hostapd/hostapd/Makefile
View File

@@ -1,851 +0,0 @@
# SPDX-License-Identifier: GPL-2.0-only
#
# Copyright (C) 2006-2021 OpenWrt.org
include $(TOPDIR)/rules.mk
PKG_NAME:=hostapd
PKG_RELEASE:=4
PKG_SOURCE_URL:=http://w1.fi/hostap.git
PKG_SOURCE_PROTO:=git
PKG_SOURCE_DATE:=2023-09-08
PKG_SOURCE_VERSION:=e5ccbfc69ecf297590341ae8b461edba9d8e964c
PKG_MIRROR_HASH:=fcc6550f46c7f8bbdbf71e63f8f699b9a0878565ad1b90a17855f5ec21283b8f
PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
PKG_LICENSE:=BSD-3-Clause
PKG_CPE_ID:=cpe:/a:w1.fi:hostapd
PKG_BUILD_PARALLEL:=1
PKG_ASLR_PIE_REGULAR:=1
PKG_CONFIG_DEPENDS:= \
CONFIG_PACKAGE_hostapd \
CONFIG_PACKAGE_hostapd-basic \
CONFIG_PACKAGE_hostapd-mini \
CONFIG_WPA_RFKILL_SUPPORT \
CONFIG_DRIVER_11AC_SUPPORT \
CONFIG_DRIVER_11AX_SUPPORT \
CONFIG_WPA_ENABLE_WEP
PKG_BUILD_FLAGS:=gc-sections lto
EAPOL_TEST_PROVIDERS:=eapol-test eapol-test-openssl eapol-test-wolfssl
SUPPLICANT_PROVIDERS:=
HOSTAPD_PROVIDERS:=
LOCAL_TYPE=$(strip \
$(if $(findstring wpad,$(BUILD_VARIANT)),wpad, \
$(if $(findstring supplicant,$(BUILD_VARIANT)),supplicant, \
hostapd \
)))
LOCAL_AND_LIB_VARIANT=$(patsubst hostapd-%,%,\
$(patsubst wpad-%,%,\
$(patsubst supplicant-%,%,\
$(BUILD_VARIANT)\
)))
LOCAL_VARIANT=$(patsubst %-internal,%,\
$(patsubst %-openssl,%,\
$(patsubst %-wolfssl,%,\
$(patsubst %-mbedtls,%,\
$(LOCAL_AND_LIB_VARIANT)\
))))
SSL_VARIANT=$(strip \
$(if $(findstring openssl,$(LOCAL_AND_LIB_VARIANT)),openssl,\
$(if $(findstring wolfssl,$(LOCAL_AND_LIB_VARIANT)),wolfssl,\
$(if $(findstring mbedtls,$(LOCAL_AND_LIB_VARIANT)),mbedtls,\
internal\
))))
CONFIG_VARIANT:=$(LOCAL_VARIANT)
ifeq ($(LOCAL_VARIANT),mesh)
CONFIG_VARIANT:=full
endif
include $(INCLUDE_DIR)/package.mk
STAMP_CONFIGURED:=$(STAMP_CONFIGURED)_$(CONFIG_WPA_MSG_MIN_PRIORITY)
ifneq ($(CONFIG_DRIVER_11AC_SUPPORT),)
HOSTAPD_IEEE80211AC:=y
endif
ifneq ($(CONFIG_DRIVER_11AX_SUPPORT),)
HOSTAPD_IEEE80211AX:=y
endif
CORE_DEPENDS = +ucode +libubus +libucode +ucode-mod-fs +ucode-mod-nl80211 +ucode-mod-rtnl +ucode-mod-ubus +ucode-mod-uloop +libblobmsg-json
OPENSSL_DEPENDS = +PACKAGE_$(1):libopenssl +PACKAGE_$(1):libopenssl-legacy
DRIVER_MAKEOPTS= \
CONFIG_ACS=y CONFIG_DRIVER_NL80211=y \
CONFIG_IEEE80211AC=$(HOSTAPD_IEEE80211AC) \
CONFIG_IEEE80211AX=$(HOSTAPD_IEEE80211AX) \
CONFIG_MBO=$(CONFIG_WPA_MBO_SUPPORT) \
CONFIG_UCODE=y
ifeq ($(SSL_VARIANT),openssl)
DRIVER_MAKEOPTS += CONFIG_TLS=openssl CONFIG_SAE=y
TARGET_LDFLAGS += -lcrypto -lssl
ifeq ($(LOCAL_VARIANT),basic)
DRIVER_MAKEOPTS += CONFIG_OWE=y
endif
ifeq ($(LOCAL_VARIANT),mesh)
DRIVER_MAKEOPTS += CONFIG_AP=y CONFIG_MESH=y
endif
ifeq ($(LOCAL_VARIANT),full)
DRIVER_MAKEOPTS += CONFIG_OWE=y CONFIG_SUITEB192=y CONFIG_AP=y CONFIG_MESH=y
endif
endif
ifeq ($(SSL_VARIANT),wolfssl)
DRIVER_MAKEOPTS += CONFIG_TLS=wolfssl CONFIG_SAE=y
TARGET_LDFLAGS += -lwolfssl
ifeq ($(LOCAL_VARIANT),basic)
DRIVER_MAKEOPTS += CONFIG_OWE=y
endif
ifeq ($(LOCAL_VARIANT),mesh)
DRIVER_MAKEOPTS += CONFIG_AP=y CONFIG_MESH=y CONFIG_WPS_NFC=1
endif
ifeq ($(LOCAL_VARIANT),full)
DRIVER_MAKEOPTS += CONFIG_OWE=y CONFIG_SUITEB192=y CONFIG_AP=y CONFIG_MESH=y CONFIG_WPS_NFC=1
endif
endif
ifeq ($(SSL_VARIANT),mbedtls)
DRIVER_MAKEOPTS += CONFIG_TLS=mbedtls CONFIG_SAE=y
TARGET_LDFLAGS += -lmbedcrypto -lmbedx509 -lmbedtls
ifeq ($(LOCAL_VARIANT),basic)
DRIVER_MAKEOPTS += CONFIG_OWE=y
endif
ifeq ($(LOCAL_VARIANT),mesh)
DRIVER_MAKEOPTS += CONFIG_AP=y CONFIG_MESH=y CONFIG_WPS_NFC=1
endif
ifeq ($(LOCAL_VARIANT),full)
DRIVER_MAKEOPTS += CONFIG_OWE=y CONFIG_SUITEB192=y CONFIG_AP=y CONFIG_MESH=y CONFIG_WPS_NFC=1
endif
endif
ifneq ($(LOCAL_TYPE),hostapd)
ifdef CONFIG_WPA_RFKILL_SUPPORT
DRIVER_MAKEOPTS += NEED_RFKILL=y
endif
endif
DRV_DEPENDS:=+libnl-tiny
define Package/hostapd/Default
SECTION:=net
CATEGORY:=Network
SUBMENU:=WirelessAPD
TITLE:=IEEE 802.1x Authenticator
URL:=http://hostap.epitest.fi/
DEPENDS:=$(DRV_DEPENDS) +hostapd-common $(CORE_DEPENDS)
EXTRA_DEPENDS:=hostapd-common (=$(PKG_VERSION)-$(PKG_RELEASE))
USERID:=network=101:network=101
PROVIDES:=hostapd
CONFLICTS:=$(HOSTAPD_PROVIDERS)
HOSTAPD_PROVIDERS+=$(1)
endef
define Package/hostapd
$(call Package/hostapd/Default,$(1))
TITLE+= (built-in full)
VARIANT:=full-internal
endef
define Package/hostapd/description
This package contains a full featured IEEE 802.1x/WPA/EAP/RADIUS
Authenticator.
endef
define Package/hostapd-openssl
$(call Package/hostapd/Default,$(1))
TITLE+= (OpenSSL full)
VARIANT:=full-openssl
DEPENDS+=$(OPENSSL_DEPENDS)
endef
Package/hostapd-openssl/description = $(Package/hostapd/description)
define Package/hostapd-wolfssl
$(call Package/hostapd/Default,$(1))
TITLE+= (wolfSSL full)
VARIANT:=full-wolfssl
DEPENDS+=+PACKAGE_hostapd-wolfssl:libwolfssl
endef
Package/hostapd-wolfssl/description = $(Package/hostapd/description)
define Package/hostapd-mbedtls
$(call Package/hostapd/Default,$(1))
TITLE+= (mbedTLS full)
VARIANT:=full-mbedtls
DEPENDS+=+PACKAGE_hostapd-mbedtls:libmbedtls
endef
Package/hostapd-mbedtls/description = $(Package/hostapd/description)
define Package/hostapd-basic
$(call Package/hostapd/Default,$(1))
TITLE+= (WPA-PSK, 11r, 11w)
VARIANT:=basic
endef
define Package/hostapd-basic/description
This package contains a basic IEEE 802.1x/WPA Authenticator with WPA-PSK, 802.11r and 802.11w support.
endef
define Package/hostapd-basic-openssl
$(call Package/hostapd/Default,$(1))
TITLE+= (WPA-PSK, 11r and 11w)
VARIANT:=basic-openssl
DEPENDS+=+PACKAGE_hostapd-basic-openssl:libopenssl
endef
define Package/hostapd-basic-openssl/description
This package contains a basic IEEE 802.1x/WPA Authenticator with WPA-PSK, 802.11r and 802.11w support.
endef
define Package/hostapd-basic-wolfssl
$(call Package/hostapd/Default,$(1))
TITLE+= (WPA-PSK, 11r and 11w)
VARIANT:=basic-wolfssl
DEPENDS+=+PACKAGE_hostapd-basic-wolfssl:libwolfssl
endef
define Package/hostapd-basic-wolfssl/description
This package contains a basic IEEE 802.1x/WPA Authenticator with WPA-PSK, 802.11r and 802.11w support.
endef
define Package/hostapd-basic-mbedtls
$(call Package/hostapd/Default,$(1))
TITLE+= (WPA-PSK, 11r and 11w)
VARIANT:=basic-mbedtls
DEPENDS+=+PACKAGE_hostapd-basic-mbedtls:libmbedtls
endef
define Package/hostapd-basic-mbedtls/description
This package contains a basic IEEE 802.1x/WPA Authenticator with WPA-PSK, 802.11r and 802.11w support.
endef
define Package/hostapd-mini
$(call Package/hostapd/Default,$(1))
TITLE+= (WPA-PSK only)
VARIANT:=mini
endef
define Package/hostapd-mini/description
This package contains a minimal IEEE 802.1x/WPA Authenticator (WPA-PSK only).
endef
define Package/wpad/Default
SECTION:=net
CATEGORY:=Network
SUBMENU:=WirelessAPD
TITLE:=IEEE 802.1x Auth/Supplicant
DEPENDS:=$(DRV_DEPENDS) +hostapd-common $(CORE_DEPENDS)
EXTRA_DEPENDS:=hostapd-common (=$(PKG_VERSION)-$(PKG_RELEASE))
USERID:=network=101:network=101
URL:=http://hostap.epitest.fi/
PROVIDES:=hostapd wpa-supplicant
CONFLICTS:=$(HOSTAPD_PROVIDERS) $(SUPPLICANT_PROVIDERS)
HOSTAPD_PROVIDERS+=$(1)
SUPPLICANT_PROVIDERS+=$(1)
endef
define Package/wpad
$(call Package/wpad/Default,$(1))
TITLE+= (built-in full)
VARIANT:=wpad-full-internal
endef
define Package/wpad/description
This package contains a full featured IEEE 802.1x/WPA/EAP/RADIUS
Authenticator and Supplicant
endef
define Package/wpad-openssl
$(call Package/wpad/Default,$(1))
TITLE+= (OpenSSL full)
VARIANT:=wpad-full-openssl
DEPENDS+=$(OPENSSL_DEPENDS)
endef
Package/wpad-openssl/description = $(Package/wpad/description)
define Package/wpad-wolfssl
$(call Package/wpad/Default,$(1))
TITLE+= (wolfSSL full)
VARIANT:=wpad-full-wolfssl
DEPENDS+=+PACKAGE_wpad-wolfssl:libwolfssl
endef
Package/wpad-wolfssl/description = $(Package/wpad/description)
define Package/wpad-mbedtls
$(call Package/wpad/Default,$(1))
TITLE+= (mbedTLS full)
VARIANT:=wpad-full-mbedtls
DEPENDS+=+PACKAGE_wpad-mbedtls:libmbedtls
endef
Package/wpad-mbedtls/description = $(Package/wpad/description)
define Package/wpad-basic
$(call Package/wpad/Default,$(1))
TITLE+= (WPA-PSK, 11r, 11w)
VARIANT:=wpad-basic
endef
define Package/wpad-basic/description
This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, 802.11r and 802.11w support.
endef
define Package/wpad-basic-openssl
$(call Package/wpad/Default,$(1))
TITLE+= (OpenSSL, 11r, 11w)
VARIANT:=wpad-basic-openssl
DEPENDS+=$(OPENSSL_DEPENDS)
endef
define Package/wpad-basic-openssl/description
This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w support.
endef
define Package/wpad-basic-wolfssl
$(call Package/wpad/Default,$(1))
TITLE+= (wolfSSL, 11r, 11w)
VARIANT:=wpad-basic-wolfssl
DEPENDS+=+PACKAGE_wpad-basic-wolfssl:libwolfssl
endef
define Package/wpad-basic-wolfssl/description
This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w support.
endef
define Package/wpad-basic-mbedtls
$(call Package/wpad/Default,$(1))
TITLE+= (mbedTLS, 11r, 11w)
VARIANT:=wpad-basic-mbedtls
DEPENDS+=+PACKAGE_wpad-basic-mbedtls:libmbedtls
endef
define Package/wpad-basic-mbedtls/description
This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w support.
endef
define Package/wpad-mini
$(call Package/wpad/Default,$(1))
TITLE+= (WPA-PSK only)
VARIANT:=wpad-mini
endef
define Package/wpad-mini/description
This package contains a minimal IEEE 802.1x/WPA Authenticator and Supplicant (WPA-PSK only).
endef
define Package/wpad-mesh
$(call Package/wpad/Default,$(1))
DEPENDS+=@(!TARGET_uml||BROKEN)
PROVIDES+=wpa-supplicant-mesh wpad-mesh
endef
define Package/wpad-mesh/description
This package contains a minimal IEEE 802.1x/WPA Authenticator and Supplicant (with 802.11s mesh and SAE support).
endef
define Package/wpad-mesh-openssl
$(call Package/wpad-mesh,$(1))
TITLE+= (OpenSSL, 11s, SAE)
DEPENDS+=$(OPENSSL_DEPENDS)
VARIANT:=wpad-mesh-openssl
endef
Package/wpad-mesh-openssl/description = $(Package/wpad-mesh/description)
define Package/wpad-mesh-wolfssl
$(call Package/wpad-mesh,$(1))
TITLE+= (wolfSSL, 11s, SAE)
DEPENDS+=+PACKAGE_wpad-mesh-wolfssl:libwolfssl
VARIANT:=wpad-mesh-wolfssl
endef
Package/wpad-mesh-wolfssl/description = $(Package/wpad-mesh/description)
define Package/wpad-mesh-mbedtls
$(call Package/wpad-mesh,$(1))
TITLE+= (mbedTLS, 11s, SAE)
DEPENDS+=+PACKAGE_wpad-mesh-mbedtls:libmbedtls
VARIANT:=wpad-mesh-mbedtls
endef
Package/wpad-mesh-mbedtls/description = $(Package/wpad-mesh/description)
define Package/wpa-supplicant/Default
SECTION:=net
CATEGORY:=Network
SUBMENU:=WirelessAPD
TITLE:=WPA Supplicant
URL:=http://hostap.epitest.fi/wpa_supplicant/
DEPENDS:=$(DRV_DEPENDS) +hostapd-common $(CORE_DEPENDS)
EXTRA_DEPENDS:=hostapd-common (=$(PKG_VERSION)-$(PKG_RELEASE))
USERID:=network=101:network=101
PROVIDES:=wpa-supplicant
CONFLICTS:=$(SUPPLICANT_PROVIDERS)
SUPPLICANT_PROVIDERS+=$(1)
endef
define Package/wpa-supplicant
$(call Package/wpa-supplicant/Default,$(1))
TITLE+= (built-in full)
VARIANT:=supplicant-full-internal
endef
define Package/wpa-supplicant-openssl
$(call Package/wpa-supplicant/Default,$(1))
TITLE+= (OpenSSL full)
VARIANT:=supplicant-full-openssl
DEPENDS+=$(OPENSSL_DEPENDS)
endef
define Package/wpa-supplicant-wolfssl
$(call Package/wpa-supplicant/Default,$(1))
TITLE+= (wolfSSL full)
VARIANT:=supplicant-full-wolfssl
DEPENDS+=+PACKAGE_wpa-supplicant-wolfssl:libwolfssl
endef
define Package/wpa-supplicant-mbedtls
$(call Package/wpa-supplicant/Default,$(1))
TITLE+= (mbedTLS full)
VARIANT:=supplicant-full-mbedtls
DEPENDS+=+PACKAGE_wpa-supplicant-mbedtls:libmbedtls
endef
define Package/wpa-supplicant/config
source "$(SOURCE)/Config.in"
endef
define Package/wpa-supplicant-p2p
$(call Package/wpa-supplicant/Default,$(1))
TITLE+= (Wi-Fi P2P support)
VARIANT:=supplicant-p2p-internal
endef
define Package/wpa-supplicant-mesh/Default
$(call Package/wpa-supplicant/Default,$(1))
DEPENDS+=@(!TARGET_uml||BROKEN)
PROVIDES+=wpa-supplicant-mesh
endef
define Package/wpa-supplicant-mesh-openssl
$(call Package/wpa-supplicant-mesh/Default,$(1))
TITLE+= (OpenSSL, 11s, SAE)
VARIANT:=supplicant-mesh-openssl
DEPENDS+=$(OPENSSL_DEPENDS)
endef
define Package/wpa-supplicant-mesh-wolfssl
$(call Package/wpa-supplicant-mesh/Default,$(1))
TITLE+= (wolfSSL, 11s, SAE)
VARIANT:=supplicant-mesh-wolfssl
DEPENDS+=+PACKAGE_wpa-supplicant-mesh-wolfssl:libwolfssl
endef
define Package/wpa-supplicant-mesh-mbedtls
$(call Package/wpa-supplicant-mesh/Default,$(1))
TITLE+= (mbedTLS, 11s, SAE)
VARIANT:=supplicant-mesh-mbedtls
DEPENDS+=+PACKAGE_wpa-supplicant-mesh-mbedtls:libmbedtls
endef
define Package/wpa-supplicant-basic
$(call Package/wpa-supplicant/Default,$(1))
TITLE+= (11r, 11w)
VARIANT:=supplicant-basic
endef
define Package/wpa-supplicant-mini
$(call Package/wpa-supplicant/Default,$(1))
TITLE+= (minimal)
VARIANT:=supplicant-mini
endef
define Package/hostapd-common
TITLE:=hostapd/wpa_supplicant common support files
SECTION:=net
CATEGORY:=Network
SUBMENU:=WirelessAPD
endef
define Package/hostapd-utils
SECTION:=net
CATEGORY:=Network
SUBMENU:=WirelessAPD
TITLE:=IEEE 802.1x Authenticator (utils)
URL:=http://hostap.epitest.fi/
DEPENDS:=@$(subst $(space),||,$(foreach pkg,$(HOSTAPD_PROVIDERS),PACKAGE_$(pkg)))
VARIANT:=*
endef
define Package/hostapd-utils/description
This package contains a command line utility to control the
IEEE 802.1x/WPA/EAP/RADIUS Authenticator.
endef
define Package/wpa-cli
SECTION:=net
CATEGORY:=Network
SUBMENU:=WirelessAPD
DEPENDS:=@$(subst $(space),||,$(foreach pkg,$(SUPPLICANT_PROVIDERS),PACKAGE_$(pkg)))
TITLE:=WPA Supplicant command line control utility
VARIANT:=*
endef
define Package/eapol-test/Default
TITLE:=802.1x auth test utility
SECTION:=net
SUBMENU:=WirelessAPD
CATEGORY:=Network
DEPENDS:=$(DRV_DEPENDS) $(CORE_DEPENDS)
endef
define Package/eapol-test
$(call Package/eapol-test/Default,$(1))
TITLE+= (built-in full)
VARIANT:=supplicant-full-internal
endef
define Package/eapol-test-openssl
$(call Package/eapol-test/Default,$(1))
TITLE+= (OpenSSL full)
VARIANT:=supplicant-full-openssl
CONFLICTS:=$(filter-out eapol-test-openssl ,$(EAPOL_TEST_PROVIDERS))
DEPENDS+=$(OPENSSL_DEPENDS)
PROVIDES:=eapol-test
endef
define Package/eapol-test-wolfssl
$(call Package/eapol-test/Default,$(1))
TITLE+= (wolfSSL full)
VARIANT:=supplicant-full-wolfssl
CONFLICTS:=$(filter-out eapol-test-openssl ,$(filter-out eapol-test-wolfssl ,$(EAPOL_TEST_PROVIDERS)))
DEPENDS+=+PACKAGE_eapol-test-wolfssl:libwolfssl
PROVIDES:=eapol-test
endef
define Package/eapol-test-mbedtls
$(call Package/eapol-test/Default,$(1))
TITLE+= (mbedTLS full)
VARIANT:=supplicant-full-mbedtls
CONFLICTS:=$(filter-out eapol-test-openssl ,$(filter-out eapol-test-mbedtls ,$(EAPOL_TEST_PROVIDERS)))
DEPENDS+=+PACKAGE_eapol-test-mbedtls:libmbedtls
PROVIDES:=eapol-test
endef
ifneq ($(wildcard $(PKG_BUILD_DIR)/.config_*),$(subst .configured_,.config_,$(STAMP_CONFIGURED)))
define Build/Configure/rebuild
$(FIND) $(PKG_BUILD_DIR) -name \*.o -or -name \*.a | $(XARGS) rm -f
rm -f $(PKG_BUILD_DIR)/hostapd/hostapd
rm -f $(PKG_BUILD_DIR)/wpa_supplicant/wpa_supplicant
rm -f $(PKG_BUILD_DIR)/.config_*
touch $(subst .configured_,.config_,$(STAMP_CONFIGURED))
endef
endif
define Build/Configure
$(Build/Configure/rebuild)
$(if $(wildcard ./files/hostapd-$(CONFIG_VARIANT).config), \
$(CP) ./files/hostapd-$(CONFIG_VARIANT).config $(PKG_BUILD_DIR)/hostapd/.config \
)
$(if $(wildcard ./files/wpa_supplicant-$(CONFIG_VARIANT).config), \
$(CP) ./files/wpa_supplicant-$(CONFIG_VARIANT).config $(PKG_BUILD_DIR)/wpa_supplicant/.config
)
endef
TARGET_CPPFLAGS := \
-I$(STAGING_DIR)/usr/include/libnl-tiny \
-I$(PKG_BUILD_DIR)/src/crypto \
$(TARGET_CPPFLAGS) \
-DCONFIG_LIBNL20 \
-D_GNU_SOURCE \
$(if $(CONFIG_WPA_MSG_MIN_PRIORITY),-DCONFIG_MSG_MIN_PRIORITY=$(CONFIG_WPA_MSG_MIN_PRIORITY))
TARGET_LDFLAGS += -lubox -lubus -lblobmsg_json -lucode -lm -lnl-tiny
ifdef CONFIG_WPA_ENABLE_WEP
DRIVER_MAKEOPTS += CONFIG_WEP=y
endif
define Build/RunMake
CFLAGS="$(TARGET_CPPFLAGS) $(TARGET_CFLAGS)" \
$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/$(1) \
$(TARGET_CONFIGURE_OPTS) \
$(DRIVER_MAKEOPTS) \
LIBS="$(TARGET_LDFLAGS)" \
LIBS_c="$(TARGET_LDFLAGS_C)" \
AR="$(TARGET_CROSS)gcc-ar" \
BCHECK= \
$(if $(findstring s,$(OPENWRT_VERBOSE)),V=1) \
$(2)
endef
define Build/Compile/wpad
echo ` \
$(call Build/RunMake,hostapd,-s MULTICALL=1 dump_cflags); \
$(call Build/RunMake,wpa_supplicant,-s MULTICALL=1 dump_cflags) | \
sed -e 's,-n ,,g' -e 's^$(TARGET_CFLAGS)^^' \
` > $(PKG_BUILD_DIR)/.cflags
sed -i 's/"/\\"/g' $(PKG_BUILD_DIR)/.cflags
+$(call Build/RunMake,hostapd, \
CFLAGS="$$$$(cat $(PKG_BUILD_DIR)/.cflags)" \
MULTICALL=1 \
hostapd_cli hostapd_multi.a \
)
+$(call Build/RunMake,wpa_supplicant, \
CFLAGS="$$$$(cat $(PKG_BUILD_DIR)/.cflags)" \
MULTICALL=1 \
wpa_cli wpa_supplicant_multi.a \
)
+export MAKEFLAGS="$(MAKE_JOBSERVER)"; $(TARGET_CC) -o $(PKG_BUILD_DIR)/wpad \
$(TARGET_CFLAGS) \
./files/multicall.c \
$(PKG_BUILD_DIR)/hostapd/hostapd_multi.a \
$(PKG_BUILD_DIR)/wpa_supplicant/wpa_supplicant_multi.a \
$(TARGET_LDFLAGS)
endef
define Build/Compile/hostapd
+$(call Build/RunMake,hostapd, \
hostapd hostapd_cli \
)
endef
define Build/Compile/supplicant
+$(call Build/RunMake,wpa_supplicant, \
wpa_cli wpa_supplicant \
)
endef
define Build/Compile/supplicant-full-internal
+$(call Build/RunMake,wpa_supplicant, \
eapol_test \
)
endef
define Build/Compile/supplicant-full-openssl
+$(call Build/RunMake,wpa_supplicant, \
eapol_test \
)
endef
define Build/Compile/supplicant-full-wolfssl
+$(call Build/RunMake,wpa_supplicant, \
eapol_test \
)
endef
define Build/Compile/supplicant-full-mbedtls
+$(call Build/RunMake,wpa_supplicant, \
eapol_test \
)
endef
define Build/Compile
$(Build/Compile/$(LOCAL_TYPE))
$(Build/Compile/$(BUILD_VARIANT))
endef
define Install/hostapd/full
$(INSTALL_DIR) $(1)/etc/init.d $(1)/etc/config $(1)/etc/radius
ln -sf hostapd $(1)/usr/sbin/hostapd-radius
$(INSTALL_BIN) ./files/radius.init $(1)/etc/init.d/radius
$(INSTALL_DATA) ./files/radius.config $(1)/etc/config/radius
$(INSTALL_DATA) ./files/radius.clients $(1)/etc/radius/clients
$(INSTALL_DATA) ./files/radius.users $(1)/etc/radius/users
endef
define Package/hostapd-full/conffiles
/etc/config/radius
/etc/radius
endef
ifeq ($(CONFIG_VARIANT),full)
Package/wpad-mesh-openssl/conffiles = $(Package/hostapd-full/conffiles)
Package/wpad-mesh-wolfssl/conffiles = $(Package/hostapd-full/conffiles)
Package/wpad-mesh-mbedtls/conffiles = $(Package/hostapd-full/conffiles)
Package/wpad/conffiles = $(Package/hostapd-full/conffiles)
Package/wpad-openssl/conffiles = $(Package/hostapd-full/conffiles)
Package/wpad-wolfssl/conffiles = $(Package/hostapd-full/conffiles)
Package/wpad-mbedtls/conffiles = $(Package/hostapd-full/conffiles)
Package/hostapd/conffiles = $(Package/hostapd-full/conffiles)
Package/hostapd-openssl/conffiles = $(Package/hostapd-full/conffiles)
Package/hostapd-wolfssl/conffiles = $(Package/hostapd-full/conffiles)
Package/hostapd-mbedtls/conffiles = $(Package/hostapd-full/conffiles)
endif
define Install/hostapd
$(INSTALL_DIR) $(1)/usr/sbin $(1)/usr/share/hostap
$(INSTALL_DATA) ./files/hostapd.uc $(1)/usr/share/hostap/
$(if $(findstring full,$(CONFIG_VARIANT)),$(Install/hostapd/full))
endef
define Install/supplicant
$(INSTALL_DIR) $(1)/usr/sbin $(1)/usr/share/hostap
$(INSTALL_DATA) ./files/wpa_supplicant.uc $(1)/usr/share/hostap/
endef
define Package/hostapd-common/install
$(INSTALL_DIR) $(1)/etc/capabilities $(1)/etc/rc.button $(1)/etc/hotplug.d/ieee80211 $(1)/etc/init.d $(1)/lib/netifd $(1)/usr/share/acl.d $(1)/usr/share/hostap
$(INSTALL_BIN) ./files/dhcp-get-server.sh $(1)/lib/netifd/dhcp-get-server.sh
$(INSTALL_DATA) ./files/hostapd.sh $(1)/lib/netifd/hostapd.sh
$(INSTALL_BIN) ./files/wpad.init $(1)/etc/init.d/wpad
$(INSTALL_BIN) ./files/wps-hotplug.sh $(1)/etc/rc.button/wps
$(INSTALL_DATA) ./files/wpad_acl.json $(1)/usr/share/acl.d
$(INSTALL_DATA) ./files/wpad.json $(1)/etc/capabilities
$(INSTALL_DATA) ./files/common.uc $(1)/usr/share/hostap/
$(INSTALL_DATA) ./files/wdev.uc $(1)/usr/share/hostap/
endef
define Package/hostapd/install
$(call Install/hostapd,$(1))
$(INSTALL_BIN) $(PKG_BUILD_DIR)/hostapd/hostapd $(1)/usr/sbin/
endef
Package/hostapd-basic/install = $(Package/hostapd/install)
Package/hostapd-basic-openssl/install = $(Package/hostapd/install)
Package/hostapd-basic-wolfssl/install = $(Package/hostapd/install)
Package/hostapd-basic-mbedtls/install = $(Package/hostapd/install)
Package/hostapd-mini/install = $(Package/hostapd/install)
Package/hostapd-openssl/install = $(Package/hostapd/install)
Package/hostapd-wolfssl/install = $(Package/hostapd/install)
Package/hostapd-mbedtls/install = $(Package/hostapd/install)
ifneq ($(LOCAL_TYPE),supplicant)
define Package/hostapd-utils/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/hostapd/hostapd_cli $(1)/usr/sbin/
endef
endif
define Package/wpad/install
$(call Install/hostapd,$(1))
$(call Install/supplicant,$(1))
$(INSTALL_BIN) $(PKG_BUILD_DIR)/wpad $(1)/usr/sbin/
$(LN) wpad $(1)/usr/sbin/hostapd
$(LN) wpad $(1)/usr/sbin/wpa_supplicant
endef
Package/wpad-basic/install = $(Package/wpad/install)
Package/wpad-basic-openssl/install = $(Package/wpad/install)
Package/wpad-basic-wolfssl/install = $(Package/wpad/install)
Package/wpad-basic-mbedtls/install = $(Package/wpad/install)
Package/wpad-mini/install = $(Package/wpad/install)
Package/wpad-openssl/install = $(Package/wpad/install)
Package/wpad-wolfssl/install = $(Package/wpad/install)
Package/wpad-mbedtls/install = $(Package/wpad/install)
Package/wpad-mesh-openssl/install = $(Package/wpad/install)
Package/wpad-mesh-wolfssl/install = $(Package/wpad/install)
Package/wpad-mesh-mbedtls/install = $(Package/wpad/install)
define Package/wpa-supplicant/install
$(call Install/supplicant,$(1))
$(INSTALL_BIN) $(PKG_BUILD_DIR)/wpa_supplicant/wpa_supplicant $(1)/usr/sbin/
endef
Package/wpa-supplicant-basic/install = $(Package/wpa-supplicant/install)
Package/wpa-supplicant-mini/install = $(Package/wpa-supplicant/install)
Package/wpa-supplicant-p2p/install = $(Package/wpa-supplicant/install)
Package/wpa-supplicant-openssl/install = $(Package/wpa-supplicant/install)
Package/wpa-supplicant-wolfssl/install = $(Package/wpa-supplicant/install)
Package/wpa-supplicant-mbedtls/install = $(Package/wpa-supplicant/install)
Package/wpa-supplicant-mesh-openssl/install = $(Package/wpa-supplicant/install)
Package/wpa-supplicant-mesh-wolfssl/install = $(Package/wpa-supplicant/install)
Package/wpa-supplicant-mesh-mbedtls/install = $(Package/wpa-supplicant/install)
ifneq ($(LOCAL_TYPE),hostapd)
define Package/wpa-cli/install
$(INSTALL_DIR) $(1)/usr/sbin
$(CP) $(PKG_BUILD_DIR)/wpa_supplicant/wpa_cli $(1)/usr/sbin/
endef
endif
ifeq ($(BUILD_VARIANT),supplicant-full-internal)
define Package/eapol-test/install
$(INSTALL_DIR) $(1)/usr/sbin
$(CP) $(PKG_BUILD_DIR)/wpa_supplicant/eapol_test $(1)/usr/sbin/
endef
endif
ifeq ($(BUILD_VARIANT),supplicant-full-openssl)
define Package/eapol-test-openssl/install
$(INSTALL_DIR) $(1)/usr/sbin
$(CP) $(PKG_BUILD_DIR)/wpa_supplicant/eapol_test $(1)/usr/sbin/
endef
endif
ifeq ($(BUILD_VARIANT),supplicant-full-wolfssl)
define Package/eapol-test-wolfssl/install
$(INSTALL_DIR) $(1)/usr/sbin
$(CP) $(PKG_BUILD_DIR)/wpa_supplicant/eapol_test $(1)/usr/sbin/
endef
endif
ifeq ($(BUILD_VARIANT),supplicant-full-mbedtls)
define Package/eapol-test-mbedtls/install
$(INSTALL_DIR) $(1)/usr/sbin
$(CP) $(PKG_BUILD_DIR)/wpa_supplicant/eapol_test $(1)/usr/sbin/
endef
endif
# Build hostapd-common before its dependents, to avoid
# spurious rebuilds when building multiple variants.
$(eval $(call BuildPackage,hostapd-common))
$(eval $(call BuildPackage,hostapd))
$(eval $(call BuildPackage,hostapd-basic))
$(eval $(call BuildPackage,hostapd-basic-openssl))
$(eval $(call BuildPackage,hostapd-basic-wolfssl))
$(eval $(call BuildPackage,hostapd-basic-mbedtls))
$(eval $(call BuildPackage,hostapd-mini))
$(eval $(call BuildPackage,hostapd-openssl))
$(eval $(call BuildPackage,hostapd-wolfssl))
$(eval $(call BuildPackage,hostapd-mbedtls))
$(eval $(call BuildPackage,wpad))
$(eval $(call BuildPackage,wpad-mesh-openssl))
$(eval $(call BuildPackage,wpad-mesh-wolfssl))
$(eval $(call BuildPackage,wpad-mesh-mbedtls))
$(eval $(call BuildPackage,wpad-basic))
$(eval $(call BuildPackage,wpad-basic-openssl))
$(eval $(call BuildPackage,wpad-basic-wolfssl))
$(eval $(call BuildPackage,wpad-basic-mbedtls))
$(eval $(call BuildPackage,wpad-mini))
$(eval $(call BuildPackage,wpad-openssl))
$(eval $(call BuildPackage,wpad-wolfssl))
$(eval $(call BuildPackage,wpad-mbedtls))
$(eval $(call BuildPackage,wpa-supplicant))
$(eval $(call BuildPackage,wpa-supplicant-mesh-openssl))
$(eval $(call BuildPackage,wpa-supplicant-mesh-wolfssl))
$(eval $(call BuildPackage,wpa-supplicant-mesh-mbedtls))
$(eval $(call BuildPackage,wpa-supplicant-basic))
$(eval $(call BuildPackage,wpa-supplicant-mini))
$(eval $(call BuildPackage,wpa-supplicant-p2p))
$(eval $(call BuildPackage,wpa-supplicant-openssl))
$(eval $(call BuildPackage,wpa-supplicant-wolfssl))
$(eval $(call BuildPackage,wpa-supplicant-mbedtls))
$(eval $(call BuildPackage,wpa-cli))
$(eval $(call BuildPackage,hostapd-utils))
$(eval $(call BuildPackage,eapol-test))
$(eval $(call BuildPackage,eapol-test-openssl))
$(eval $(call BuildPackage,eapol-test-wolfssl))
$(eval $(call BuildPackage,eapol-test-mbedtls))

419
feeds/hostapd/hostapd/README.md
View File

@@ -1,419 +0,0 @@
# UBUS methods - hostapd
## bss_mgmt_enable
Enable 802.11k/v features.
### arguments
| Name | Type | Required | Description |
|---|---|---|---|
| neighbor_report | bool | no | enable 802.11k neighbor reports |
| beacon_report | bool | no | enable 802.11k beacon reports |
| link_measurements | bool | no | enable 802.11k link measurements |
| bss_transition | bool | no | enable 802.11v BSS transition support |
### example
`ubus call hostapd.wl5-fb bss_mgmt_enable '{ "neighbor_report": true, "beacon_report": true, "link_measurements": true, "bss_transition": true
}'`
## bss_transition_request
Initiate an 802.11v transition request.
### arguments
| Name | Type | Required | Description |
|---|---|---|---|
| addr | string | yes | client MAC address |
| disassociation_imminent | bool | no | set Disassociation Imminent bit |
| disassociation_timer | int32 | no | disassociate client if it doesn't roam after this time |
| validity_period | int32 | no | validity of the BSS Transition Candiate List |
| neighbors | array | no | BSS Transition Candidate List |
| abridged | bool | no | prefer APs in the BSS Transition Candidate List |
| dialog_token | int32 | no | identifier for the request/report transaction |
| mbo_reason | int32 | no | MBO Transition Reason Code Attribute |
| cell_pref | int32 | no | MBO Cellular Data Connection Preference Attribute |
| reassoc_delay | int32 | no | MBO Re-association retry delay |
### example
`ubus call hostapd.wl5-fb bss_transition_request '{ "addr": "68:2F:67:8B:98:ED", "disassociation_imminent": false, "disassociation_timer": 0, "validity_period": 30, "neighbors": ["b6a7b9cbeebabf5900008064090603026a00"], "abridged": 1 }'`
## config_add
Dynamically load a BSS configuration from a file. This is used by netifd's mac80211 support script to configure BSSes on multiple PHYs in a single hostapd instance.
### arguments
| Name | Type | Required | Description |
|---|---|---|---|
| iface | string | yes | WiFi interface name |
| config | string | yes | path to hostapd config file |
## config_remove
Dynamically remove a BSS configuration.
### arguments
| Name | Type | Required | Description |
|---|---|---|---|
| iface | string | yes | WiFi interface name |
## del_client
Kick a client off the network.
### arguments
| Name | Type | Required | Description |
|---|---|---|---|
| addr | string | yes | client MAC address |
| reason | int32 | no | 802.11 reason code |
| deauth | bool | no | deauthenticates client instead of disassociating |
| ban_time | int32 | no | ban client for N milliseconds |
### example
`ubus call hostapd.wl5-fb del_client '{ "addr": "68:2f:67:8b:98:ed", "reason": 5, "deauth": true, "ban_time": 10000 }'`
## get_clients
Show associated clients.
### example
`ubus call hostapd.wl5-fb get_clients`
### output
```json
{
"freq": 5260,
"clients": {
"68:2f:67:8b:98:ed": {
"auth": true,
"assoc": true,
"authorized": true,
"preauth": false,
"wds": false,
"wmm": true,
"ht": true,
"vht": true,
"he": false,
"wps": false,
"mfp": true,
"rrm": [
0,
0,
0,
0,
0
],
"extended_capabilities": [
0,
0,
0,
0,
0,
0,
0,
64
],
"aid": 3,
"signature": "wifi4|probe:0,1,45,127,107,191,221(0017f2,10),221(001018,2),htcap:006f,htagg:1b,htmcs:0000ffff,vhtcap:0f825832,vhtrxmcs:0000ffea,vhttxmcs:0000ffea,extcap:0000008000000040|assoc:0,1,33,36,48,45,127,191,221(0017f2,10),221(001018,2),221(0050f2,2),htcap:006f,htagg:1b,htmcs:0000ffff,vhtcap:0f825832,vhtrxmcs:0000ffea,vhttxmcs:0000ffea,txpow:14f9,extcap:0000000000000040",
"bytes": {
"rx": 1933667,
"tx": 746805
},
"airtime": {
"rx": 208863,
"tx": 9037883
},
"packets": {
"rx": 3587,
"tx": 2185
},
"rate": {
"rx": 866700,
"tx": 866700
},
"signal": -50,
"capabilities": {
"vht": {
"su_beamformee": true,
"mu_beamformee": false,
"mcs_map": {
"rx": {
"1ss": 9,
"2ss": 9,
"3ss": 9,
"4ss": -1,
"5ss": -1,
"6ss": -1,
"7ss": -1,
"8ss": -1
},
"tx": {
"1ss": 9,
"2ss": 9,
"3ss": 9,
"4ss": -1,
"5ss": -1,
"6ss": -1,
"7ss": -1,
"8ss": -1
}
}
}
}
}
}
}
```
## get_features
Show HT/VHT support.
### example
`ubus call hostapd.wl5-fb get_features`
### output
```json
{
"ht_supported": true,
"vht_supported": true
}
```
## get_status
Get BSS status.
### example
`ubus call hostapd.wl5-fb get_status`
### output
```json
{
"status": "ENABLED",
"bssid": "b6:a7:b9:cb:ee:bc",
"ssid": "fb",
"freq": 5260,
"channel": 52,
"op_class": 128,
"beacon_interval": 100,
"phy": "wl5-lan",
"rrm": {
"neighbor_report_tx": 0
},
"wnm": {
"bss_transition_query_rx": 0,
"bss_transition_request_tx": 0,
"bss_transition_response_rx": 0
},
"airtime": {
"time": 259561738,
"time_busy": 2844249,
"utilization": 0
},
"dfs": {
"cac_seconds": 60,
"cac_active": false,
"cac_seconds_left": 0
}
}
```
## link_measurement_req
Initiate an 802.11k Link Measurement Request.
### arguments
| Name | Type | Required | Description |
|---|---|---|---|
| addr | string | yes | client MAC address |
| tx-power-used | int32 | no | transmit power used to transmit the Link Measurement Request frame |
| tx-power-max | int32 | no | upper limit of transmit power to be used by the client |
## list_bans
List banned clients.
### example
`ubus call hostapd.wl5-fb list_bans`
### output
```json
{
"clients": [
"68:2f:67:8b:98:ed"
]
}
```
## notify_response
When enabled, hostapd will send a ubus notification and wait for a response before responding to various requests. This is used by e.g. usteer to make it possible to ignore probe requests.
:warning: enabling this will cause hostapd to stop responding to probe requests unless a ubus subscriber responds to the ubus notifications.
### arguments
| Name | Type | Required | Description |
|---|---|---|---|
| notify_response | int32 | yes | disable (0) or enable (!0) |
### example
`ubus call hostapd.wl5-fb notify_response '{ "notify_response": 1 }'`
## reload
Reload BSS configuration.
:warning: this can cause problems for certain configurations:
```
Mon May 16 16:09:08 2022 daemon.warn hostapd: Failed to check if DFS is required; ret=-1
Mon May 16 16:09:08 2022 daemon.warn hostapd: Failed to check if DFS is required; ret=-1
Mon May 16 16:09:08 2022 daemon.err hostapd: Wrong coupling between HT and VHT/HE channel setting
```
### example
`ubus call hostapd.wl5-fb reload`
## rrm_beacon_req
Send a Beacon Measurement Request to a client.
### arguments
| Name | Type | Required | Description |
|---|---|---|---|
| addr | string | yes | client MAC address |
| op_class | int32 | yes | the Regulatory Class for which this Measurement Request applies |
| channel | int32 | yes | channel to measure |
| duration | int32 | yes | compile Beacon Measurement Report after N TU |
| mode | int32 | yes | mode to be used for measurement (0: passive, 1: active, 2: beacon table) |
| bssid | string | no | filter BSSes in Beacon Measurement Report by BSSID |
| ssid | string | no | filter BSSes in Beacon Measurement Report by SSID|
## rrm_nr_get_own
Show Neighbor Report Element for this BSS.
### example
`ubus call hostapd.wl5-fb rrm_nr_get_own`
### output
```json
{
"value": [
"b6:a7:b9:cb:ee:bc",
"fb",
"b6a7b9cbeebcaf5900008095090603029b00"
]
}
```
## rrm_nr_list
Show Neighbor Report Elements for other BSSes in this ESS.
### example
`ubus call hostapd.wl5-fb rrm_nr_list`
### output
```json
{
"list": [
[
"b6:a7:b9:cb:ee:ba",
"fb",
"b6a7b9cbeebabf5900008064090603026a00"
]
]
}
```
## rrm_nr_set
Set the Neighbor Report Elements. An element for the node on which this command is executed will always be added.
### arguments
| Name | Type | Required | Description |
|---|---|---|---|
| list | array | yes | array of Neighbor Report Elements in the format of the rrm_nr_list output |
### example
`ubus call hostapd.wl5-fb rrm_nr_set '{ "list": [ [ "b6:a7:b9:cb:ee:ba", "fb", "b6a7b9cbeebabf5900008064090603026a00" ] ] }'`
## set_vendor_elements
Configure Vendor-specific Information Elements for BSS.
### arguments
| Name | Type | Required | Description |
|---|---|---|---|
| vendor_elements | string | yes | Vendor-specific Information Elements as hex string |
### example
`ubus call hostapd.wl5-fb set_vendor_elements '{ "vendor_elements": "dd054857dd6662" }'`
## switch_chan
Initiate a channel switch.
:warning: trying to switch to the channel that is currently in use will fail: `Command failed: Operation not supported`
### arguments
| Name | Type | Required | Description |
|---|---|---|---|
| freq | int32 | yes | frequency in MHz to switch to |
| bcn_count | int32 | no | count in Beacon frames (TBTT) to perform the switch |
| center_freq1 | int32 | no | segment 0 center frequency in MHz (valid for HT and VHT) |
| center_freq2 | int32 | no | segment 1 center frequency in MHz (valid only for 80 MHz channel width and an 80+80 channel) |
| bandwidth | int32 | no | channel width to use |
| sec_channel_offset| int32 | no | secondary channel offset for HT40 (0 = disabled, 1 = HT40+, -1 = HT40-) |
| ht | bool | no | enable 802.11n |
| vht | bool | no | enable 802.11ac |
| he | bool | no | enable 802.11ax |
| block_tx | bool | no | block transmission during CSA period |
| csa_force | bool | no | restart the interface in case the CSA fails |
## example
`ubus call hostapd.wl5-fb switch_chan '{ "freq": 5180, "bcn_count": 10, "center_freq1": 5210, "bandwidth": 80, "he": 1, "block_tx": 1, "csa_force": 0 }'`
## update_airtime
Set dynamic airtime weight for client.
### arguments
| Name | Type | Required | Description |
|---|---|---|---|
| sta | string | yes | client MAC address |
| weight | int32 | yes | airtime weight |
## update_beacon
Force beacon frame content to be updated and to start beaconing on an interface that uses start_disabled=1.
### example
`ubus call hostapd.wl5-fb update_beacon`
## wps_status
Get WPS status for BSS.
### example
`ubus call hostapd.wl5-fb wps_status`
### output
```json
{
"pbc_status": "Disabled",
"last_wps_result": "None"
}
```
## wps_cancel
Cancel WPS Push Button Configuration.
### example
`ubus call hostapd.wl5-fb wps_cancel`
## wps_start
Start WPS Push Button Configuration.
### example
`ubus call hostapd.wl5-fb wps_start`

2
feeds/hostapd/hostapd/files/dhcp-get-server.sh
View File

@@ -1,2 +0,0 @@
#!/bin/sh
[ "$1" = bound ] && echo "$serverid"

812
feeds/hostapd/hostapd/files/hostapd.uc
View File

@@ -1,812 +0,0 @@
let libubus = require("ubus");
import { open, readfile } from "fs";
import { wdev_create, wdev_remove, is_equal, vlist_new, phy_is_fullmac, phy_open } from "common";
let ubus = libubus.connect();
hostapd.data.config = {};
hostapd.data.file_fields = {
vlan_file: true,
wpa_psk_file: true,
accept_mac_file: true,
deny_mac_file: true,
eap_user_file: true,
ca_cert: true,
server_cert: true,
server_cert2: true,
private_key: true,
private_key2: true,
dh_file: true,
eap_sim_db: true,
};
function iface_remove(cfg)
{
if (!cfg || !cfg.bss || !cfg.bss[0] || !cfg.bss[0].ifname)
return;
for (let bss in cfg.bss)
wdev_remove(bss.ifname);
}
function iface_gen_config(phy, config, start_disabled)
{
let str = `data:
${join("\n", config.radio.data)}
channel=${config.radio.channel}
`;
for (let i = 0; i < length(config.bss); i++) {
let bss = config.bss[i];
let type = i > 0 ? "bss" : "interface";
let nasid = bss.nasid ?? replace(bss.bssid, ":", "");
str += `
${type}=${bss.ifname}
bssid=${bss.bssid}
${join("\n", bss.data)}
nas_identifier=${nasid}
`;
if (start_disabled)
str += `
start_disabled=1
`;
}
return str;
}
function iface_freq_info(iface, config, params)
{
let freq = params.frequency;
if (!freq)
return null;
let sec_offset = params.sec_chan_offset;
if (sec_offset != -1 && sec_offset != 1)
sec_offset = 0;
let width = 0;
for (let line in config.radio.data) {
if (!sec_offset && match(line, /^ht_capab=.*HT40/)) {
sec_offset = null; // auto-detect
continue;
}
let val = match(line, /^(vht_oper_chwidth|he_oper_chwidth)=(\d+)/);
if (!val)
continue;
val = int(val[2]);
if (val > width)
width = val;
}
if (freq < 4000)
width = 0;
return hostapd.freq_info(freq, sec_offset, width);
}
function iface_add(phy, config, phy_status)
{
let config_inline = iface_gen_config(phy, config, !!phy_status);
let bss = config.bss[0];
let ret = hostapd.add_iface(`bss_config=${phy}:${config_inline}`);
if (ret < 0)
return false;
if (!phy_status)
return true;
let iface = hostapd.interfaces[phy];
if (!iface)
return false;
let freq_info = iface_freq_info(iface, config, phy_status);
return iface.start(freq_info) >= 0;
}
function iface_config_macaddr_list(config)
{
let macaddr_list = {};
for (let i = 0; i < length(config.bss); i++) {
let bss = config.bss[i];
if (!bss.default_macaddr)
macaddr_list[bss.bssid] = i;
}
return macaddr_list;
}
function iface_update_supplicant_macaddr(phy, config)
{
let macaddr_list = [];
for (let i = 0; i < length(config.bss); i++)
push(macaddr_list, config.bss[i].bssid);
ubus.call("wpa_supplicant", "phy_set_macaddr_list", { phy: phy, macaddr: macaddr_list });
}
function iface_restart(phydev, config, old_config)
{
let phy = phydev.name;
hostapd.remove_iface(phy);
iface_remove(old_config);
iface_remove(config);
if (!config.bss || !config.bss[0]) {
hostapd.printf(`No bss for phy ${phy}`);
return;
}
phydev.macaddr_init(iface_config_macaddr_list(config));
for (let i = 0; i < length(config.bss); i++) {
let bss = config.bss[i];
if (bss.default_macaddr)
bss.bssid = phydev.macaddr_next();
}
iface_update_supplicant_macaddr(phy, config);
let bss = config.bss[0];
let err = wdev_create(phy, bss.ifname, { mode: "ap" });
if (err)
hostapd.printf(`Failed to create ${bss.ifname} on phy ${phy}: ${err}`);
let ubus = hostapd.data.ubus;
let phy_status = ubus.call("wpa_supplicant", "phy_status", { phy: phy });
if (phy_status && phy_status.state == "COMPLETED") {
if (iface_add(phy, config, phy_status))
return;
hostapd.printf(`Failed to bring up phy ${phy} ifname=${bss.ifname} with supplicant provided frequency`);
}
ubus.call("wpa_supplicant", "phy_set_state", { phy: phy, stop: true });
if (!iface_add(phy, config))
hostapd.printf(`hostapd.add_iface failed for phy ${phy} ifname=${bss.ifname}`);
ubus.call("wpa_supplicant", "phy_set_state", { phy: phy, stop: false });
}
function array_to_obj(arr, key, start)
{
let obj = {};
start ??= 0;
for (let i = start; i < length(arr); i++) {
let cur = arr[i];
obj[cur[key]] = cur;
}
return obj;
}
function find_array_idx(arr, key, val)
{
for (let i = 0; i < length(arr); i++)
if (arr[i][key] == val)
return i;
return -1;
}
function bss_reload_psk(bss, config, old_config)
{
if (is_equal(old_config.hash.wpa_psk_file, config.hash.wpa_psk_file))
return;
old_config.hash.wpa_psk_file = config.hash.wpa_psk_file;
if (!is_equal(old_config, config))
return;
let ret = bss.ctrl("RELOAD_WPA_PSK");
ret ??= "failed";
hostapd.printf(`Reload WPA PSK file for bss ${config.ifname}: ${ret}`);
}
function remove_file_fields(config)
{
return filter(config, (line) => !hostapd.data.file_fields[split(line, "=")[0]]);
}
function bss_remove_file_fields(config)
{
let new_cfg = {};
for (let key in config)
new_cfg[key] = config[key];
new_cfg.data = remove_file_fields(new_cfg.data);
new_cfg.hash = {};
for (let key in config.hash)
new_cfg.hash[key] = config.hash[key];
delete new_cfg.hash.wpa_psk_file;
delete new_cfg.hash.vlan_file;
return new_cfg;
}
function bss_config_hash(config)
{
return hostapd.sha1(remove_file_fields(config) + "");
}
function bss_find_existing(config, prev_config, prev_hash)
{
let hash = bss_config_hash(config.data);
for (let i = 0; i < length(prev_config.bss); i++) {
if (!prev_hash[i] || hash != prev_hash[i])
continue;
prev_hash[i] = null;
return i;
}
return -1;
}
function get_config_bss(config, idx)
{
if (!config.bss[idx]) {
hostapd.printf(`Invalid bss index ${idx}`);
return null;
}
let ifname = config.bss[idx].ifname;
if (!ifname)
hostapd.printf(`Could not find bss ${config.bss[idx].ifname}`);
return hostapd.bss[ifname];
}
function iface_reload_config(phydev, config, old_config)
{
let phy = phydev.name;
if (!old_config || !is_equal(old_config.radio, config.radio))
return false;
if (is_equal(old_config.bss, config.bss))
return true;
if (!old_config.bss || !old_config.bss[0])
return false;
let iface = hostapd.interfaces[phy];
if (!iface) {
hostapd.printf(`Could not find previous interface ${iface_name}`);
return false;
}
let iface_name = old_config.bss[0].ifname;
let first_bss = hostapd.bss[iface_name];
if (!first_bss) {
hostapd.printf(`Could not find bss of previous interface ${iface_name}`);
return false;
}
let macaddr_list = iface_config_macaddr_list(config);
let bss_list = [];
let bss_list_cfg = [];
let prev_bss_hash = [];
for (let bss in old_config.bss) {
let hash = bss_config_hash(bss.data);
push(prev_bss_hash, bss_config_hash(bss.data));
}
// Step 1: find (possibly renamed) interfaces with the same config
// and store them in the new order (with gaps)
for (let i = 0; i < length(config.bss); i++) {
let prev;
// For fullmac devices, the first interface needs to be preserved,
// since it's treated as the master
if (!i && phy_is_fullmac(phy)) {
prev = 0;
prev_bss_hash[0] = null;
} else {
prev = bss_find_existing(config.bss[i], old_config, prev_bss_hash);
}
if (prev < 0)
continue;
let cur_config = config.bss[i];
let prev_config = old_config.bss[prev];
let prev_bss = get_config_bss(old_config, prev);
if (!prev_bss)
return false;
// try to preserve MAC address of this BSS by reassigning another
// BSS if necessary
if (cur_config.default_macaddr &&
!macaddr_list[prev_config.bssid]) {
macaddr_list[prev_config.bssid] = i;
cur_config.bssid = prev_config.bssid;
}
bss_list[i] = prev_bss;
bss_list_cfg[i] = old_config.bss[prev];
}
if (config.mbssid && !bss_list_cfg[0]) {
hostapd.printf("First BSS changed with MBSSID enabled");
return false;
}
// Step 2: if none were found, rename and preserve the first one
if (length(bss_list) == 0) {
// can't change the bssid of the first bss
if (config.bss[0].bssid != old_config.bss[0].bssid) {
if (!config.bss[0].default_macaddr) {
hostapd.printf(`BSSID of first interface changed: ${lc(old_config.bss[0].bssid)} -> ${lc(config.bss[0].bssid)}`);
return false;
}
config.bss[0].bssid = old_config.bss[0].bssid;
}
let prev_bss = get_config_bss(old_config, 0);
if (!prev_bss)
return false;
macaddr_list[config.bss[0].bssid] = 0;
bss_list[0] = prev_bss;
bss_list_cfg[0] = old_config.bss[0];
prev_bss_hash[0] = null;
}
// Step 3: delete all unused old interfaces
for (let i = 0; i < length(prev_bss_hash); i++) {
if (!prev_bss_hash[i])
continue;
let prev_bss = get_config_bss(old_config, i);
if (!prev_bss)
return false;
let ifname = old_config.bss[i].ifname;
hostapd.printf(`Remove bss '${ifname}' on phy '${phy}'`);
prev_bss.delete();
wdev_remove(ifname);
}
// Step 4: rename preserved interfaces, use temporary name on duplicates
let rename_list = [];
for (let i = 0; i < length(bss_list); i++) {
if (!bss_list[i])
continue;
let old_ifname = bss_list_cfg[i].ifname;
let new_ifname = config.bss[i].ifname;
if (old_ifname == new_ifname)
continue;
if (hostapd.bss[new_ifname]) {
new_ifname = "tmp_" + substr(hostapd.sha1(new_ifname), 0, 8);
push(rename_list, i);
}
hostapd.printf(`Rename bss ${old_ifname} to ${new_ifname}`);
if (!bss_list[i].rename(new_ifname)) {
hostapd.printf(`Failed to rename bss ${old_ifname} to ${new_ifname}`);
return false;
}
bss_list_cfg[i].ifname = new_ifname;
}
// Step 5: rename interfaces with temporary names
for (let i in rename_list) {
let new_ifname = config.bss[i].ifname;
if (!bss_list[i].rename(new_ifname)) {
hostapd.printf(`Failed to rename bss to ${new_ifname}`);
return false;
}
bss_list_cfg[i].ifname = new_ifname;
}
// Step 6: assign BSSID for newly created interfaces
let macaddr_data = {
num_global: config.num_global_macaddr ?? 1,
mbssid: config.mbssid ?? 0,
};
macaddr_list = phydev.macaddr_init(macaddr_list, macaddr_data);
for (let i = 0; i < length(config.bss); i++) {
if (bss_list[i])
continue;
let bsscfg = config.bss[i];
let mac_idx = macaddr_list[bsscfg.bssid];
if (mac_idx < 0)
macaddr_list[bsscfg.bssid] = i;
if (mac_idx == i)
continue;
// statically assigned bssid of the new interface is in conflict
// with the bssid of a reused interface. reassign the reused interface
if (!bsscfg.default_macaddr) {
// can't update bssid of the first BSS, need to restart
if (!mac_idx < 0)
return false;
bsscfg = config.bss[mac_idx];
}
let addr = phydev.macaddr_next(i);
if (!addr) {
hostapd.printf(`Failed to generate mac address for phy ${phy}`);
return false;
}
bsscfg.bssid = addr;
}
let config_inline = iface_gen_config(phy, config);
// Step 7: fill in the gaps with new interfaces
for (let i = 0; i < length(config.bss); i++) {
let ifname = config.bss[i].ifname;
let bss = bss_list[i];
if (bss)
continue;
hostapd.printf(`Add bss ${ifname} on phy ${phy}`);
bss_list[i] = iface.add_bss(config_inline, i);
if (!bss_list[i]) {
hostapd.printf(`Failed to add new bss ${ifname} on phy ${phy}`);
return false;
}
}
// Step 8: update interface bss order
if (!iface.set_bss_order(bss_list)) {
hostapd.printf(`Failed to update BSS order on phy '${phy}'`);
return false;
}
// Step 9: update config
for (let i = 0; i < length(config.bss); i++) {
if (!bss_list_cfg[i])
continue;
let ifname = config.bss[i].ifname;
let bss = bss_list[i];
if (is_equal(config.bss[i], bss_list_cfg[i]))
continue;
if (is_equal(bss_remove_file_fields(config.bss[i]),
bss_remove_file_fields(bss_list_cfg[i]))) {
hostapd.printf(`Update config data files for bss ${ifname}`);
if (bss.set_config(config_inline, i, true) < 0) {
hostapd.printf(`Could not update config data files for bss ${ifname}`);
return false;
} else {
bss.ctrl("RELOAD_WPA_PSK");
continue;
}
}
bss_reload_psk(bss, config.bss[i], bss_list_cfg[i]);
if (is_equal(config.bss[i], bss_list_cfg[i]))
continue;
hostapd.printf(`Reload config for bss '${config.bss[0].ifname}' on phy '${phy}'`);
if (bss.set_config(config_inline, i) < 0) {
hostapd.printf(`Failed to set config for bss ${ifname}`);
return false;
}
}
return true;
}
function iface_set_config(phy, config)
{
let old_config = hostapd.data.config[phy];
hostapd.data.config[phy] = config;
if (!config) {
hostapd.remove_iface(phy);
return iface_remove(old_config);
}
let phydev = phy_open(phy);
if (!phydev) {
hostapd.printf(`Failed to open phy ${phy}`);
return false;
}
try {
let ret = iface_reload_config(phydev, config, old_config);
if (ret) {
iface_update_supplicant_macaddr(phy, config);
hostapd.printf(`Reloaded settings for phy ${phy}`);
return 0;
}
} catch (e) {
hostapd.printf(`Error reloading config: ${e}\n${e.stacktrace[0].context}`);
}
hostapd.printf(`Restart interface for phy ${phy}`);
let ret = iface_restart(phydev, config, old_config);
return ret;
}
function config_add_bss(config, name)
{
let bss = {
ifname: name,
data: [],
hash: {}
};
push(config.bss, bss);
return bss;
}
function iface_load_config(filename)
{
let f = open(filename, "r");
if (!f)
return null;
let config = {
radio: {
data: []
},
bss: [],
orig_file: filename,
};
let bss;
let line;
while ((line = trim(f.read("line"))) != null) {
let val = split(line, "=", 2);
if (!val[0])
continue;
if (val[0] == "interface") {
bss = config_add_bss(config, val[1]);
break;
}
if (val[0] == "channel") {
config.radio.channel = val[1];
continue;
}
if (val[0] == "#num_global_macaddr" ||
val[0] == "mbssid")
config[val[0]] = int(val[1]);
push(config.radio.data, line);
}
while ((line = trim(f.read("line"))) != null) {
if (line == "#default_macaddr")
bss.default_macaddr = true;
let val = split(line, "=", 2);
if (!val[0])
continue;
if (val[0] == "bssid") {
bss.bssid = lc(val[1]);
continue;
}
if (val[0] == "nas_identifier")
bss.nasid = val[1];
if (val[0] == "bss") {
bss = config_add_bss(config, val[1]);
continue;
}
if (hostapd.data.file_fields[val[0]])
bss.hash[val[0]] = hostapd.sha1(readfile(val[1]));
push(bss.data, line);
}
f.close();
return config;
}
function ex_wrap(func) {
return (req) => {
try {
let ret = func(req);
return ret;
} catch(e) {
hostapd.printf(`Exception in ubus function: ${e}\n${e.stacktrace[0].context}`);
}
return libubus.STATUS_UNKNOWN_ERROR;
};
}
let main_obj = {
reload: {
args: {
phy: "",
},
call: ex_wrap(function(req) {
let phy_list = req.args.phy ? [ req.args.phy ] : keys(hostapd.data.config);
for (let phy_name in phy_list) {
let phy = hostapd.data.config[phy_name];
let config = iface_load_config(phy.orig_file);
iface_set_config(phy_name, config);
}
return 0;
})
},
apsta_state: {
args: {
phy: "",
up: true,
frequency: 0,
sec_chan_offset: 0,
csa: true,
csa_count: 0,
},
call: ex_wrap(function(req) {
if (req.args.up == null || !req.args.phy)
return libubus.STATUS_INVALID_ARGUMENT;
let phy = req.args.phy;
let config = hostapd.data.config[phy];
if (!config || !config.bss || !config.bss[0] || !config.bss[0].ifname)
return 0;
let iface = hostapd.interfaces[phy];
if (!iface)
return 0;
if (!req.args.up) {
iface.stop();
return 0;
}
if (!req.args.frequency)
return libubus.STATUS_INVALID_ARGUMENT;
let freq_info = iface_freq_info(iface, config, req.args);
if (!freq_info)
return libubus.STATUS_UNKNOWN_ERROR;
let ret;
if (req.args.csa) {
freq_info.csa_count = req.args.csa_count ?? 10;
ret = iface.switch_channel(freq_info);
} else {
ret = iface.start(freq_info);
}
if (!ret)
return libubus.STATUS_UNKNOWN_ERROR;
return 0;
})
},
config_get_macaddr_list: {
args: {
phy: ""
},
call: ex_wrap(function(req) {
let phy = req.args.phy;
if (!phy)
return libubus.STATUS_INVALID_ARGUMENT;
let ret = {
macaddr: [],
};
let config = hostapd.data.config[phy];
if (!config)
return ret;
ret.macaddr = map(config.bss, (bss) => bss.bssid);
return ret;
})
},
config_set: {
args: {
phy: "",
config: "",
prev_config: "",
},
call: ex_wrap(function(req) {
let phy = req.args.phy;
let file = req.args.config;
let prev_file = req.args.prev_config;
if (!phy)
return libubus.STATUS_INVALID_ARGUMENT;
if (prev_file && !hostapd.data.config[phy]) {
let config = iface_load_config(prev_file);
if (config)
config.radio.data = [];
hostapd.data.config[phy] = config;
}
let config = iface_load_config(file);
hostapd.printf(`Set new config for phy ${phy}: ${file}`);
iface_set_config(phy, config);
return {
pid: hostapd.getpid()
};
})
},
config_add: {
args: {
iface: "",
config: "",
},
call: ex_wrap(function(req) {
if (!req.args.iface || !req.args.config)
return libubus.STATUS_INVALID_ARGUMENT;
if (hostapd.add_iface(`bss_config=${req.args.iface}:${req.args.config}`) < 0)
return libubus.STATUS_INVALID_ARGUMENT;
return {
pid: hostapd.getpid()
};
})
},
config_remove: {
args: {
iface: ""
},
call: ex_wrap(function(req) {
if (!req.args.iface)
return libubus.STATUS_INVALID_ARGUMENT;
hostapd.remove_iface(req.args.iface);
return 0;
})
},
};
hostapd.data.ubus = ubus;
hostapd.data.obj = ubus.publish("hostapd", main_obj);
function bss_event(type, name, data) {
let ubus = hostapd.data.ubus;
data ??= {};
data.name = name;
hostapd.data.obj.notify(`bss.${type}`, data, null, null, null, -1);
ubus.call("service", "event", { type: `hostapd.${name}.${type}`, data: {} });
}
return {
shutdown: function() {
for (let phy in hostapd.data.config)
iface_set_config(phy, null);
hostapd.ubus.disconnect();
},
bss_add: function(name, obj) {
bss_event("add", name);
},
bss_reload: function(name, obj, reconf) {
bss_event("reload", name, { reconf: reconf != 0 });
},
bss_remove: function(name, obj) {
bss_event("remove", name);
}
};

1
feeds/hostapd/hostapd/files/radius.clients
View File

@@ -1 +0,0 @@
0.0.0.0/0 radius

9
feeds/hostapd/hostapd/files/radius.config
View File

@@ -1,9 +0,0 @@
config radius
option disabled '1'
option ca_cert '/etc/radius/ca.pem'
option cert '/etc/radius/cert.pem'
option key '/etc/radius/key.pem'
option users '/etc/radius/users'
option clients '/etc/radius/clients'
option auth_port '1812'
option acct_port '1813'

42
feeds/hostapd/hostapd/files/radius.init
View File

@@ -1,42 +0,0 @@
#!/bin/sh /etc/rc.common
START=30
USE_PROCD=1
NAME=radius
radius_start() {
local cfg="$1"
config_get_bool disabled "$cfg" disabled 0
[ "$disabled" -gt 0 ] && return
config_get ca "$cfg" ca_cert
config_get key "$cfg" key
config_get cert "$cfg" cert
config_get users "$cfg" users
config_get clients "$cfg" clients
config_get auth_port "$cfg" auth_port 1812
config_get acct_port "$cfg" acct_port 1813
config_get identity "$cfg" identity "$(cat /proc/sys/kernel/hostname)"
procd_open_instance $cfg
procd_set_param command /usr/sbin/hostapd-radius \
-C "$ca" \
-c "$cert" -k "$key" \
-s "$clients" -u "$users" \
-p "$auth_port" -P "$acct_port" \
-i "$identity"
procd_close_instance
}
start_service() {
config_load radius
config_foreach radius_start radius
}
service_triggers()
{
procd_add_reload_trigger "radius"
}

14
feeds/hostapd/hostapd/files/radius.users
View File

@@ -1,14 +0,0 @@
{
"phase1": {
"wildcard": [
{
"name": "*",
"methods": [ "PEAP" ]
}
]
},
"phase2": {
"users": {
}
}
}

207
feeds/hostapd/hostapd/files/wdev.uc
View File

@@ -1,207 +0,0 @@
#!/usr/bin/env ucode
'use strict';
import { vlist_new, is_equal, wdev_create, wdev_remove, phy_open } from "/usr/share/hostap/common.uc";
import { readfile, writefile, basename, readlink, glob } from "fs";
let libubus = require("ubus");
let keep_devices = {};
let phy = shift(ARGV);
let command = shift(ARGV);
let phydev;
const mesh_params = [
"mesh_retry_timeout", "mesh_confirm_timeout", "mesh_holding_timeout", "mesh_max_peer_links",
"mesh_max_retries", "mesh_ttl", "mesh_element_ttl", "mesh_hwmp_max_preq_retries",
"mesh_path_refresh_time", "mesh_min_discovery_timeout", "mesh_hwmp_active_path_timeout",
"mesh_hwmp_preq_min_interval", "mesh_hwmp_net_diameter_traversal_time", "mesh_hwmp_rootmode",
"mesh_hwmp_rann_interval", "mesh_gate_announcements", "mesh_sync_offset_max_neighor",
"mesh_rssi_threshold", "mesh_hwmp_active_path_to_root_timeout", "mesh_hwmp_root_interval",
"mesh_hwmp_confirmation_interval", "mesh_awake_window", "mesh_plink_timeout",
"mesh_auto_open_plinks", "mesh_fwding", "mesh_power_mode"
];
function iface_stop(wdev)
{
if (keep_devices[wdev.ifname])
return;
wdev_remove(wdev.ifname);
}
function iface_start(wdev)
{
let ifname = wdev.ifname;
if (readfile(`/sys/class/net/${ifname}/ifindex`)) {
system([ "ip", "link", "set", "dev", ifname, "down" ]);
wdev_remove(ifname);
}
let wdev_config = {};
for (let key in wdev)
wdev_config[key] = wdev[key];
if (!wdev_config.macaddr && wdev.mode != "monitor")
wdev_config.macaddr = phydev.macaddr_next();
wdev_create(phy, ifname, wdev_config);
system([ "ip", "link", "set", "dev", ifname, "up" ]);
if (wdev.freq)
system(`iw dev ${ifname} set freq ${wdev.freq} ${wdev.htmode}`);
if (wdev.mode == "adhoc") {
let cmd = ["iw", "dev", ifname, "ibss", "join", wdev.ssid, wdev.freq, wdev.htmode, "fixed-freq" ];
if (wdev.bssid)
push(cmd, wdev.bssid);
for (let key in [ "beacon-interval", "basic-rates", "mcast-rate", "keys" ])
if (wdev[key])
push(cmd, key, wdev[key]);
system(cmd);
} else if (wdev.mode == "mesh") {
let cmd = [ "iw", "dev", ifname, "mesh", "join", wdev.ssid, "freq", wdev.freq, wdev.htmode ];
for (let key in [ "mcast-rate", "beacon-interval" ])
if (wdev[key])
push(cmd, key, wdev[key]);
system(cmd);
cmd = ["iw", "dev", ifname, "set", "mesh_param" ];
let len = length(cmd);
for (let param in mesh_params)
if (wdev[param])
push(cmd, param, wdev[param]);
if (len == length(cmd))
return;
system(cmd);
}
}
function iface_cb(new_if, old_if)
{
if (old_if && new_if && is_equal(old_if, new_if))
return;
if (old_if)
iface_stop(old_if);
if (new_if)
iface_start(new_if);
}
function drop_inactive(config)
{
for (let key in config) {
if (!readfile(`/sys/class/net/${key}/ifindex`))
delete config[key];
}
}
function add_ifname(config)
{
for (let key in config)
config[key].ifname = key;
}
function delete_ifname(config)
{
for (let key in config)
delete config[key].ifname;
}
function add_existing(phy, config)
{
let wdevs = glob(`/sys/class/ieee80211/${phy}/device/net/*`);
wdevs = map(wdevs, (arg) => basename(arg));
for (let wdev in wdevs) {
if (config[wdev])
continue;
if (basename(readlink(`/sys/class/net/${wdev}/phy80211`)) != phy)
continue;
if (trim(readfile(`/sys/class/net/${wdev}/operstate`)) == "down")
config[wdev] = {};
}
}
function usage()
{
warn(`Usage: ${basename(sourcepath())} <phy> <command> [<arguments>]
Commands:
set_config <config> [<device]...] - set phy configuration
get_macaddr <id> - get phy MAC address for vif index <id>
`);
exit(1);
}
const commands = {
set_config: function(args) {
let statefile = `/var/run/wdev-${phy}.json`;
let new_config = shift(args);
for (let dev in ARGV)
keep_devices[dev] = true;
if (!new_config)
usage();
new_config = json(new_config);
if (!new_config) {
warn("Invalid configuration\n");
exit(1);
}
let old_config = readfile(statefile);
if (old_config)
old_config = json(old_config);
let config = vlist_new(iface_cb);
if (type(old_config) == "object")
config.data = old_config;
add_existing(phy, config.data);
add_ifname(config.data);
drop_inactive(config.data);
let ubus = libubus.connect();
let data = ubus.call("hostapd", "config_get_macaddr_list", { phy: phy });
let macaddr_list = [];
if (type(data) == "object" && data.macaddr)
macaddr_list = data.macaddr;
ubus.disconnect();
phydev.macaddr_init(macaddr_list);
add_ifname(new_config);
config.update(new_config);
drop_inactive(config.data);
delete_ifname(config.data);
writefile(statefile, sprintf("%J", config.data));
},
get_macaddr: function(args) {
let data = {};
for (let arg in args) {
arg = split(arg, "=", 2);
data[arg[0]] = arg[1];
}
let macaddr = phydev.macaddr_generate(data);
if (!macaddr) {
warn(`Could not get MAC address for phy ${phy}\n`);
exit(1);
}
print(macaddr + "\n");
},
};
if (!phy || !command | !commands[command])
usage();
phydev = phy_open(phy);
if (!phydev) {
warn(`PHY ${phy} does not exist\n`);
exit(1);
}
commands[command](ARGV);

16
feeds/hostapd/hostapd/files/wpad_acl.json
View File

@@ -1,16 +0,0 @@
{
"user": "network",
"access": {
"service": {
"methods": [ "event" ]
},
"wpa_supplicant": {
"methods": [ "phy_set_state", "phy_set_macaddr_list", "phy_status" ]
},
"hostapd": {
"methods": [ "apsta_state" ]
}
},
"publish": [ "hostapd", "hostapd.*", "wpa_supplicant", "wpa_supplicant.*" ],
"send": [ "bss.*", "wps_credentials" ]
}

69
feeds/hostapd/hostapd/files/wps-hotplug.sh
View File

@@ -1,69 +0,0 @@
#!/bin/sh
wps_catch_credentials() {
local iface ifaces ifc ifname ssid encryption key radio radios
local found=0
. /usr/share/libubox/jshn.sh
ubus -S -t 30 listen wps_credentials | while read creds; do
json_init
json_load "$creds"
json_select wps_credentials || continue
json_get_vars ifname ssid key encryption
local ifcname="$ifname"
json_init
json_load "$(ubus -S call network.wireless status)"
json_get_keys radios
for radio in $radios; do
json_select $radio
json_select interfaces
json_get_keys ifaces
for ifc in $ifaces; do
json_select $ifc
json_get_vars ifname
[ "$ifname" = "$ifcname" ] && {
ubus -S call uci set "{\"config\":\"wireless\", \"type\":\"wifi-iface\", \
\"match\": { \"device\": \"$radio\", \"encryption\": \"wps\" }, \
\"values\": { \"encryption\": \"$encryption\", \
\"ssid\": \"$ssid\", \
\"key\": \"$key\" } }"
ubus -S call uci commit '{"config": "wireless"}'
ubus -S call uci apply
}
json_select ..
done
json_select ..
json_select ..
done
done
}
if [ "$ACTION" = "released" ] && [ "$BUTTON" = "wps" ]; then
# If the button was pressed for 3 seconds or more, trigger WPS on
# wpa_supplicant only, no matter if hostapd is running or not. If
# was pressed for less than 3 seconds, try triggering on
# hostapd. If there is no hostapd instance to trigger it on or WPS
# is not enabled on them, trigger it on wpa_supplicant.
if [ "$SEEN" -lt 3 ] ; then
wps_done=0
ubusobjs="$( ubus -S list hostapd.* )"
for ubusobj in $ubusobjs; do
ubus -S call $ubusobj wps_start && wps_done=1
done
[ $wps_done = 0 ] || return 0
fi
wps_done=0
ubusobjs="$( ubus -S list wpa_supplicant.* )"
for ubusobj in $ubusobjs; do
ifname="$(echo $ubusobj | cut -d'.' -f2 )"
multi_ap=""
if [ -e "/var/run/wpa_supplicant-${ifname}.conf.is_multiap" ]; then
ubus -S call $ubusobj wps_start '{ "multi_ap": true }' && wps_done=1
else
ubus -S call $ubusobj wps_start && wps_done=1
fi
done
[ $wps_done = 0 ] || wps_catch_credentials &
fi
return 0

43
feeds/hostapd/hostapd/patches/001-wolfssl-init-RNG-with-ECC-key.patch
View File

@@ -1,43 +0,0 @@
From 21ce83b4ae2b9563175fdb4fc4312096cc399cf8 Mon Sep 17 00:00:00 2001
From: David Bauer <mail@david-bauer.net>
Date: Wed, 5 May 2021 00:44:34 +0200
Subject: [PATCH] wolfssl: add RNG to EC key
Since upstream commit 6467de5a8840 ("Randomize z ordinates in
scalar mult when timing resistant") WolfSSL requires a RNG for
the EC key when built hardened which is the default.
Set the RNG for the EC key to fix connections for OWE clients.
Signed-off-by: David Bauer <mail@david-bauer.net>
---
src/crypto/crypto_wolfssl.c | 4 ++++
1 file changed, 4 insertions(+)
--- a/src/crypto/crypto_wolfssl.c
+++ b/src/crypto/crypto_wolfssl.c
@@ -1340,6 +1340,7 @@ int ecc_projective_add_point(ecc_point *
struct crypto_ec {
ecc_key key;
+ WC_RNG rng;
mp_int a;
mp_int prime;
mp_int order;
@@ -1394,6 +1395,8 @@ struct crypto_ec * crypto_ec_init(int gr
return NULL;
if (wc_ecc_init(&e->key) != 0 ||
+ wc_InitRng(&e->rng) != 0 ||
+ wc_ecc_set_rng(&e->key, &e->rng) != 0 ||
wc_ecc_set_curve(&e->key, 0, curve_id) != 0 ||
mp_init(&e->a) != MP_OKAY ||
mp_init(&e->prime) != MP_OKAY ||
@@ -1425,6 +1428,7 @@ void crypto_ec_deinit(struct crypto_ec*
mp_clear(&e->order);
mp_clear(&e->prime);
mp_clear(&e->a);
+ wc_FreeRng(&e->rng);
wc_ecc_free(&e->key);
os_free(e);
}

135
feeds/hostapd/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch
View File

@@ -1,135 +0,0 @@
From 8de8cd8380af0c43d4fde67a668d79ef73b26b26 Mon Sep 17 00:00:00 2001
From: Peter Oh <peter.oh@bowerswilkins.com>
Date: Tue, 30 Jun 2020 14:18:58 +0200
Subject: [PATCH 10/19] mesh: Allow DFS channels to be selected if dfs is
enabled
Note: DFS is assumed to be usable if a country code has been set
Signed-off-by: Benjamin Berg <benjamin@sipsolutions.net>
Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
---
wpa_supplicant/wpa_supplicant.c | 25 +++++++++++++++++++------
1 file changed, 19 insertions(+), 6 deletions(-)
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -2638,7 +2638,7 @@ static int drv_supports_vht(struct wpa_s
}
-static bool ibss_mesh_is_80mhz_avail(int channel, struct hostapd_hw_modes *mode)
+static bool ibss_mesh_is_80mhz_avail(int channel, struct hostapd_hw_modes *mode, bool dfs_enabled)
{
int i;
@@ -2647,7 +2647,10 @@ static bool ibss_mesh_is_80mhz_avail(int
chan = hw_get_channel_chan(mode, i, NULL);
if (!chan ||
- chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
+ chan->flag & HOSTAPD_CHAN_DISABLED)
+ return false;
+
+ if (!dfs_enabled && chan->flag & (HOSTAPD_CHAN_RADAR | HOSTAPD_CHAN_NO_IR))
return false;
}
@@ -2774,7 +2777,7 @@ static void ibss_mesh_select_40mhz(struc
const struct wpa_ssid *ssid,
struct hostapd_hw_modes *mode,
struct hostapd_freq_params *freq,
- int obss_scan) {
+ int obss_scan, bool dfs_enabled) {
int chan_idx;
struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
int i, res;
@@ -2798,8 +2801,11 @@ static void ibss_mesh_select_40mhz(struc
return;
/* Check primary channel flags */
- if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
+ if (pri_chan->flag & HOSTAPD_CHAN_DISABLED)
return;
+ if (pri_chan->flag & (HOSTAPD_CHAN_RADAR | HOSTAPD_CHAN_NO_IR))
+ if (!dfs_enabled)
+ return;
#ifdef CONFIG_HT_OVERRIDES
if (ssid->disable_ht40)
@@ -2825,8 +2831,11 @@ static void ibss_mesh_select_40mhz(struc
return;
/* Check secondary channel flags */
- if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
+ if (sec_chan->flag & HOSTAPD_CHAN_DISABLED)
return;
+ if (sec_chan->flag & (HOSTAPD_CHAN_RADAR | HOSTAPD_CHAN_NO_IR))
+ if (!dfs_enabled)
+ return;
if (ht40 == -1) {
if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
@@ -2880,7 +2889,7 @@ static bool ibss_mesh_select_80_160mhz(s
const struct wpa_ssid *ssid,
struct hostapd_hw_modes *mode,
struct hostapd_freq_params *freq,
- int ieee80211_mode, bool is_6ghz) {
+ int ieee80211_mode, bool is_6ghz, bool dfs_enabled) {
static const int bw80[] = {
5180, 5260, 5500, 5580, 5660, 5745, 5825,
5955, 6035, 6115, 6195, 6275, 6355, 6435,
@@ -2925,7 +2934,7 @@ static bool ibss_mesh_select_80_160mhz(s
goto skip_80mhz;
/* Use 40 MHz if channel not usable */
- if (!ibss_mesh_is_80mhz_avail(channel, mode))
+ if (!ibss_mesh_is_80mhz_avail(channel, mode, dfs_enabled))
goto skip_80mhz;
chwidth = CONF_OPER_CHWIDTH_80MHZ;
@@ -2939,7 +2948,7 @@ static bool ibss_mesh_select_80_160mhz(s
if ((mode->he_capab[ieee80211_mode].phy_cap[
HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] &
HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz &&
- ibss_mesh_is_80mhz_avail(channel + 16, mode)) {
+ ibss_mesh_is_80mhz_avail(channel + 16, mode, dfs_enabled)) {
for (j = 0; j < ARRAY_SIZE(bw160); j++) {
if (freq->freq == bw160[j]) {
chwidth = CONF_OPER_CHWIDTH_160MHZ;
@@ -2967,10 +2976,12 @@ static bool ibss_mesh_select_80_160mhz(s
if (!chan)
continue;
- if (chan->flag & (HOSTAPD_CHAN_DISABLED |
- HOSTAPD_CHAN_NO_IR |
- HOSTAPD_CHAN_RADAR))
+ if (chan->flag & HOSTAPD_CHAN_DISABLED)
continue;
+ if (chan->flag & (HOSTAPD_CHAN_RADAR |
+ HOSTAPD_CHAN_NO_IR))
+ if (!dfs_enabled)
+ continue;
/* Found a suitable second segment for 80+80 */
chwidth = CONF_OPER_CHWIDTH_80P80MHZ;
@@ -3025,6 +3036,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
int i, obss_scan = 1;
u8 channel;
bool is_6ghz;
+ bool dfs_enabled = wpa_s->conf->country[0] && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR);
freq->freq = ssid->frequency;
@@ -3070,9 +3082,9 @@ void ibss_mesh_setup_freq(struct wpa_sup
freq->channel = channel;
/* Setup higher BW only for 5 GHz */
if (mode->mode == HOSTAPD_MODE_IEEE80211A) {
- ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan);
+ ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan, dfs_enabled);
if (!ibss_mesh_select_80_160mhz(wpa_s, ssid, mode, freq,
- ieee80211_mode, is_6ghz))
+ ieee80211_mode, is_6ghz, dfs_enabled))
freq->he_enabled = freq->vht_enabled = false;
}

26
feeds/hostapd/hostapd/patches/021-fix-sta-add-after-previous-connection.patch
View File

@@ -1,26 +0,0 @@
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -4621,6 +4621,13 @@ static int add_associated_sta(struct hos
* drivers to accept the STA parameter configuration. Since this is
* after a new FT-over-DS exchange, a new TK has been derived, so key
* reinstallation is not a concern for this case.
+ *
+ * If the STA was associated and authorized earlier, but came for a new
+ * connection (!added_unassoc + !reassoc), remove the existing STA entry
+ * so that it can be re-added. This case is rarely seen when the AP could
+ * not receive the deauth/disassoc frame from the STA. And the STA comes
+ * back with new connection within a short period or before the inactive
+ * STA entry is removed from the list.
*/
wpa_printf(MSG_DEBUG, "Add associated STA " MACSTR
" (added_unassoc=%d auth_alg=%u ft_over_ds=%u reassoc=%d authorized=%d ft_tk=%d fils_tk=%d)",
@@ -4634,7 +4641,8 @@ static int add_associated_sta(struct hos
(!(sta->flags & WLAN_STA_AUTHORIZED) ||
(reassoc && sta->ft_over_ds && sta->auth_alg == WLAN_AUTH_FT) ||
(!wpa_auth_sta_ft_tk_already_set(sta->wpa_sm) &&
- !wpa_auth_sta_fils_tk_already_set(sta->wpa_sm)))) {
+ !wpa_auth_sta_fils_tk_already_set(sta->wpa_sm)) ||
+ (!reassoc && (sta->flags & WLAN_STA_AUTHORIZED)))) {
hostapd_drv_sta_remove(hapd, sta->addr);
wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
set = 0;

25
feeds/hostapd/hostapd/patches/022-hostapd-fix-use-of-uninitialized-stack-variables.patch
View File

@@ -1,25 +0,0 @@
From: Felix Fietkau <nbd@nbd.name>
Date: Thu, 8 Jul 2021 16:33:03 +0200
Subject: [PATCH] hostapd: fix use of uninitialized stack variables
When a CSA is performed on an 80 MHz channel, hostapd_change_config_freq
unconditionally calls hostapd_set_oper_centr_freq_seg0/1_idx with seg0/1
filled by ieee80211_freq_to_chan.
However, if ieee80211_freq_to_chan fails (because the freq is 0 or invalid),
seg0/1 remains uninitialized and filled with stack garbage, causing errors
such as "hostapd: 80 MHz: center segment 1 configured"
Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -3764,7 +3764,7 @@ static int hostapd_change_config_freq(st
struct hostapd_freq_params *old_params)
{
int channel;
- u8 seg0, seg1;
+ u8 seg0 = 0, seg1 = 0;
struct hostapd_hw_modes *mode;
if (!params->channel) {

34
feeds/hostapd/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch
View File

@@ -1,34 +0,0 @@
From: Felix Fietkau <nbd@nbd.name>
Date: Mon, 18 Feb 2019 12:57:11 +0100
Subject: [PATCH] mesh: allow processing authentication frames in blocked state
If authentication fails repeatedly e.g. because of a weak signal, the link
can end up in blocked state. If one of the nodes tries to establish a link
again before it is unblocked on the other side, it will block the link to
that other side. The same happens on the other side when it unblocks the
link. In that scenario, the link never recovers on its own.
To fix this, allow restarting authentication even if the link is in blocked
state, but don't initiate the attempt until the blocked period is over.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -3020,15 +3020,6 @@ static void handle_auth(struct hostapd_d
seq_ctrl);
return;
}
-#ifdef CONFIG_MESH
- if ((hapd->conf->mesh & MESH_ENABLED) &&
- sta->plink_state == PLINK_BLOCKED) {
- wpa_printf(MSG_DEBUG, "Mesh peer " MACSTR
- " is blocked - drop Authentication frame",
- MAC2STR(sa));
- return;
- }
-#endif /* CONFIG_MESH */
#ifdef CONFIG_PASN
if (auth_alg == WLAN_AUTH_PASN &&
(sta->flags & WLAN_STA_ASSOC)) {

20
feeds/hostapd/hostapd/patches/050-build_fix.patch
View File

@@ -1,20 +0,0 @@
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -324,6 +324,7 @@ ifdef CONFIG_FILS
CFLAGS += -DCONFIG_FILS
OBJS += ../src/ap/fils_hlp.o
NEED_SHA384=y
+NEED_HMAC_SHA384_KDF=y
NEED_AES_SIV=y
ifdef CONFIG_FILS_SK_PFS
CFLAGS += -DCONFIG_FILS_SK_PFS
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -331,6 +331,7 @@ endif
ifdef CONFIG_FILS
CFLAGS += -DCONFIG_FILS
NEED_SHA384=y
+NEED_HMAC_SHA384_KDF=y
NEED_AES_SIV=y
ifdef CONFIG_FILS_SK_PFS
CFLAGS += -DCONFIG_FILS_SK_PFS

8051
feeds/hostapd/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch
View File

File diff suppressed because it is too large Load Diff

114
feeds/hostapd/hostapd/patches/120-mbedtls-fips186_2_prf.patch
View File

@@ -1,114 +0,0 @@
From c8dba4bd750269bcc80fed3d546e2077cb4cdf0e Mon Sep 17 00:00:00 2001
From: Glenn Strauss <gstrauss@gluelogic.com>
Date: Tue, 19 Jul 2022 20:02:21 -0400
Subject: [PATCH 2/7] mbedtls: fips186_2_prf()
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
---
hostapd/Makefile | 4 ---
src/crypto/crypto_mbedtls.c | 60 +++++++++++++++++++++++++++++++++++++
wpa_supplicant/Makefile | 4 ---
3 files changed, 60 insertions(+), 8 deletions(-)
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -759,10 +759,6 @@ endif
OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
HOBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
SOBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
-ifdef NEED_FIPS186_2_PRF
-OBJS += ../src/crypto/fips_prf_internal.o
-SHA1OBJS += ../src/crypto/sha1-internal.o
-endif
ifeq ($(CONFIG_CRYPTO), mbedtls)
ifdef CONFIG_DPP
LIBS += -lmbedx509
--- a/src/crypto/crypto_mbedtls.c
+++ b/src/crypto/crypto_mbedtls.c
@@ -132,6 +132,12 @@
#define CRYPTO_MBEDTLS_HMAC_KDF_SHA512
#endif
+#if defined(EAP_SIM) || defined(EAP_SIM_DYNAMIC) || defined(EAP_SERVER_SIM) \
+ || defined(EAP_AKA) || defined(EAP_AKA_DYNAMIC) || defined(EAP_SERVER_AKA)
+/* EAP_SIM=y EAP_AKA=y */
+#define CRYPTO_MBEDTLS_FIPS186_2_PRF
+#endif
+
#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) \
|| defined(EAP_TEAP) || defined(EAP_TEAP_DYNAMIC) || defined(EAP_SERVER_FAST)
#define CRYPTO_MBEDTLS_SHA1_T_PRF
@@ -813,6 +819,60 @@ int sha1_t_prf(const u8 *key, size_t key
#endif /* CRYPTO_MBEDTLS_SHA1_T_PRF */
+#ifdef CRYPTO_MBEDTLS_FIPS186_2_PRF
+
+/* fips_prf_internal.c sha1-internal.c */
+
+/* used only by src/eap_common/eap_sim_common.c:eap_sim_prf()
+ * for eap_sim_derive_keys() and eap_sim_derive_keys_reauth()
+ * where xlen is 160 */
+
+int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen)
+{
+ /* FIPS 186-2 + change notice 1 */
+
+ mbedtls_sha1_context ctx;
+ u8 * const xkey = ctx.MBEDTLS_PRIVATE(buffer);
+ u32 * const xstate = ctx.MBEDTLS_PRIVATE(state);
+ const u32 xstate_init[] =
+ { 0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476, 0xC3D2E1F0 };
+
+ mbedtls_sha1_init(&ctx);
+ os_memcpy(xkey, seed, seed_len < 64 ? seed_len : 64);
+
+ /* note: does not fill extra bytes if (xlen % 20) (SHA1_MAC_LEN) */
+ for (; xlen >= 20; xlen -= 20) {
+ /* XSEED_j = 0 */
+ /* XVAL = (XKEY + XSEED_j) mod 2^b */
+
+ /* w_i = G(t, XVAL) */
+ os_memcpy(xstate, xstate_init, sizeof(xstate_init));
+ mbedtls_internal_sha1_process(&ctx, xkey);
+
+ #if __BYTE_ORDER == __LITTLE_ENDIAN
+ xstate[0] = host_to_be32(xstate[0]);
+ xstate[1] = host_to_be32(xstate[1]);
+ xstate[2] = host_to_be32(xstate[2]);
+ xstate[3] = host_to_be32(xstate[3]);
+ xstate[4] = host_to_be32(xstate[4]);
+ #endif
+ os_memcpy(x, xstate, 20);
+ if (xlen == 20) /*(done; skip prep for next loop)*/
+ break;
+
+ /* XKEY = (1 + XKEY + w_i) mod 2^b */
+ for (u32 carry = 1, k = 20; k-- > 0; carry >>= 8)
+ xkey[k] = (carry += xkey[k] + x[k]) & 0xff;
+ x += 20;
+ /* x_j = w_0|w_1 (each pair of iterations through loop)*/
+ }
+
+ mbedtls_sha1_free(&ctx);
+ return 0;
+}
+
+#endif /* CRYPTO_MBEDTLS_FIPS186_2_PRF */
+
#endif /* MBEDTLS_SHA1_C */
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -1174,10 +1174,6 @@ endif
OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
OBJS_p += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
OBJS_priv += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
-ifdef NEED_FIPS186_2_PRF
-OBJS += ../src/crypto/fips_prf_internal.o
-SHA1OBJS += ../src/crypto/sha1-internal.o
-endif
ifeq ($(CONFIG_CRYPTO), mbedtls)
LIBS += -lmbedcrypto
LIBS_p += -lmbedcrypto

421
feeds/hostapd/hostapd/patches/130-mbedtls-annotate-with-TEST_FAIL-for-hwsim-tests.patch
View File

@@ -1,421 +0,0 @@
From 31bd19e0e0254b910cccfd3ddc6a6a9222bbcfc0 Mon Sep 17 00:00:00 2001
From: Glenn Strauss <gstrauss@gluelogic.com>
Date: Sun, 9 Oct 2022 05:12:17 -0400
Subject: [PATCH 3/7] mbedtls: annotate with TEST_FAIL() for hwsim tests
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
---
src/crypto/crypto_mbedtls.c | 124 ++++++++++++++++++++++++++++++++++++
1 file changed, 124 insertions(+)
--- a/src/crypto/crypto_mbedtls.c
+++ b/src/crypto/crypto_mbedtls.c
@@ -280,6 +280,9 @@ __attribute_noinline__
static int md_vector(size_t num_elem, const u8 *addr[], const size_t *len,
u8 *mac, mbedtls_md_type_t md_type)
{
+ if (TEST_FAIL())
+ return -1;
+
mbedtls_md_context_t ctx;
mbedtls_md_init(&ctx);
if (mbedtls_md_setup(&ctx, mbedtls_md_info_from_type(md_type), 0) != 0){
@@ -343,6 +346,9 @@ __attribute_noinline__
static int sha384_512_vector(size_t num_elem, const u8 *addr[],
const size_t *len, u8 *mac, int is384)
{
+ if (TEST_FAIL())
+ return -1;
+
struct mbedtls_sha512_context ctx;
mbedtls_sha512_init(&ctx);
#if MBEDTLS_VERSION_MAJOR >= 3
@@ -375,6 +381,9 @@ int sha384_vector(size_t num_elem, const
#include <mbedtls/sha256.h>
int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
{
+ if (TEST_FAIL())
+ return -1;
+
struct mbedtls_sha256_context ctx;
mbedtls_sha256_init(&ctx);
#if MBEDTLS_VERSION_MAJOR >= 3
@@ -397,6 +406,9 @@ int sha256_vector(size_t num_elem, const
#include <mbedtls/sha1.h>
int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
{
+ if (TEST_FAIL())
+ return -1;
+
struct mbedtls_sha1_context ctx;
mbedtls_sha1_init(&ctx);
#if MBEDTLS_VERSION_MAJOR >= 3
@@ -419,6 +431,9 @@ int sha1_vector(size_t num_elem, const u
#include <mbedtls/md5.h>
int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
{
+ if (TEST_FAIL())
+ return -1;
+
struct mbedtls_md5_context ctx;
mbedtls_md5_init(&ctx);
#if MBEDTLS_VERSION_MAJOR >= 3
@@ -441,6 +456,9 @@ int md5_vector(size_t num_elem, const u8
#include <mbedtls/md4.h>
int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
{
+ if (TEST_FAIL())
+ return -1;
+
struct mbedtls_md4_context ctx;
mbedtls_md4_init(&ctx);
mbedtls_md4_starts_ret(&ctx);
@@ -460,6 +478,9 @@ static int hmac_vector(const u8 *key, si
const u8 *addr[], const size_t *len, u8 *mac,
mbedtls_md_type_t md_type)
{
+ if (TEST_FAIL())
+ return -1;
+
mbedtls_md_context_t ctx;
mbedtls_md_init(&ctx);
if (mbedtls_md_setup(&ctx, mbedtls_md_info_from_type(md_type), 1) != 0){
@@ -571,6 +592,9 @@ static int hmac_kdf_expand(const u8 *prk
const char *label, const u8 *info, size_t info_len,
u8 *okm, size_t okm_len, mbedtls_md_type_t md_type)
{
+ if (TEST_FAIL())
+ return -1;
+
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type);
#ifdef MBEDTLS_HKDF_C
if (label == NULL) /* RFC 5869 HKDF-Expand when (label == NULL) */
@@ -663,6 +687,9 @@ static int hmac_prf_bits(const u8 *key,
const u8 *data, size_t data_len, u8 *buf,
size_t buf_len_bits, mbedtls_md_type_t md_type)
{
+ if (TEST_FAIL())
+ return -1;
+
mbedtls_md_context_t ctx;
mbedtls_md_init(&ctx);
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type);
@@ -938,6 +965,9 @@ int pbkdf2_sha1(const char *passphrase,
static void *aes_crypt_init_mode(const u8 *key, size_t len, int mode)
{
+ if (TEST_FAIL())
+ return NULL;
+
mbedtls_aes_context *aes = os_malloc(sizeof(*aes));
if (!aes)
return NULL;
@@ -996,6 +1026,9 @@ void aes_decrypt_deinit(void *ctx)
/* aes-wrap.c */
int aes_wrap(const u8 *kek, size_t kek_len, int n, const u8 *plain, u8 *cipher)
{
+ if (TEST_FAIL())
+ return -1;
+
mbedtls_nist_kw_context ctx;
mbedtls_nist_kw_init(&ctx);
size_t olen;
@@ -1010,6 +1043,9 @@ int aes_wrap(const u8 *kek, size_t kek_l
/* aes-unwrap.c */
int aes_unwrap(const u8 *kek, size_t kek_len, int n, const u8 *cipher, u8 *plain)
{
+ if (TEST_FAIL())
+ return -1;
+
mbedtls_nist_kw_context ctx;
mbedtls_nist_kw_init(&ctx);
size_t olen;
@@ -1041,6 +1077,9 @@ int omac1_aes_vector(
const u8 *key, size_t key_len, size_t num_elem, const u8 *addr[],
const size_t *len, u8 *mac)
{
+ if (TEST_FAIL())
+ return -1;
+
mbedtls_cipher_type_t cipher_type;
switch (key_len) {
case 16: cipher_type = MBEDTLS_CIPHER_AES_128_ECB; break;
@@ -1103,6 +1142,9 @@ int omac1_aes_256(const u8 *key, const u
/* aes-encblock.c */
int aes_128_encrypt_block(const u8 *key, const u8 *in, u8 *out)
{
+ if (TEST_FAIL())
+ return -1;
+
mbedtls_aes_context aes;
mbedtls_aes_init(&aes);
int ret = mbedtls_aes_setkey_enc(&aes, key, 128)
@@ -1118,6 +1160,9 @@ int aes_128_encrypt_block(const u8 *key,
int aes_ctr_encrypt(const u8 *key, size_t key_len, const u8 *nonce,
u8 *data, size_t data_len)
{
+ if (TEST_FAIL())
+ return -1;
+
unsigned char counter[MBEDTLS_AES_BLOCK_SIZE];
unsigned char stream_block[MBEDTLS_AES_BLOCK_SIZE];
os_memcpy(counter, nonce, MBEDTLS_AES_BLOCK_SIZE);/*(must be writable)*/
@@ -1160,11 +1205,17 @@ static int aes_128_cbc_oper(const u8 *ke
int aes_128_cbc_encrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len)
{
+ if (TEST_FAIL())
+ return -1;
+
return aes_128_cbc_oper(key, iv, data, data_len, MBEDTLS_AES_ENCRYPT);
}
int aes_128_cbc_decrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len)
{
+ if (TEST_FAIL())
+ return -1;
+
return aes_128_cbc_oper(key, iv, data, data_len, MBEDTLS_AES_DECRYPT);
}
@@ -1407,6 +1458,10 @@ int crypto_hash_finish(struct crypto_has
}
mbedtls_md_free(mctx);
os_free(mctx);
+
+ if (TEST_FAIL())
+ return -1;
+
return 0;
}
@@ -1421,6 +1476,9 @@ int crypto_hash_finish(struct crypto_has
struct crypto_bignum *crypto_bignum_init(void)
{
+ if (TEST_FAIL())
+ return NULL;
+
mbedtls_mpi *bn = os_malloc(sizeof(*bn));
if (bn)
mbedtls_mpi_init(bn);
@@ -1429,6 +1487,9 @@ struct crypto_bignum *crypto_bignum_init
struct crypto_bignum *crypto_bignum_init_set(const u8 *buf, size_t len)
{
+ if (TEST_FAIL())
+ return NULL;
+
mbedtls_mpi *bn = os_malloc(sizeof(*bn));
if (bn) {
mbedtls_mpi_init(bn);
@@ -1442,6 +1503,9 @@ struct crypto_bignum *crypto_bignum_init
struct crypto_bignum *crypto_bignum_init_uint(unsigned int val)
{
+ if (TEST_FAIL())
+ return NULL;
+
#if 0 /*(hostap use of this interface passes int, not uint)*/
val = host_to_be32(val);
return crypto_bignum_init_set((const u8 *)&val, sizeof(val));
@@ -1467,6 +1531,9 @@ void crypto_bignum_deinit(struct crypto_
int crypto_bignum_to_bin(const struct crypto_bignum *a,
u8 *buf, size_t buflen, size_t padlen)
{
+ if (TEST_FAIL())
+ return -1;
+
size_t n = mbedtls_mpi_size((mbedtls_mpi *)a);
if (n < padlen)
n = padlen;
@@ -1477,6 +1544,9 @@ int crypto_bignum_to_bin(const struct cr
int crypto_bignum_rand(struct crypto_bignum *r, const struct crypto_bignum *m)
{
+ if (TEST_FAIL())
+ return -1;
+
/*assert(r != m);*//* r must not be same as m for mbedtls_mpi_random()*/
#if MBEDTLS_VERSION_NUMBER >= 0x021B0000 /* mbedtls 2.27.0 */
return mbedtls_mpi_random((mbedtls_mpi *)r, 0, (mbedtls_mpi *)m,
@@ -1513,6 +1583,9 @@ int crypto_bignum_exptmod(const struct c
const struct crypto_bignum *c,
struct crypto_bignum *d)
{
+ if (TEST_FAIL())
+ return -1;
+
/* (check if input params match d; d is the result) */
/* (a == d) is ok in current mbedtls implementation */
if (b == d || c == d) { /*(not ok; store result in intermediate)*/
@@ -1540,6 +1613,9 @@ int crypto_bignum_inverse(const struct c
const struct crypto_bignum *b,
struct crypto_bignum *c)
{
+ if (TEST_FAIL())
+ return -1;
+
return mbedtls_mpi_inv_mod((mbedtls_mpi *)c,
(const mbedtls_mpi *)a,
(const mbedtls_mpi *)b) ? -1 : 0;
@@ -1549,6 +1625,9 @@ int crypto_bignum_sub(const struct crypt
const struct crypto_bignum *b,
struct crypto_bignum *c)
{
+ if (TEST_FAIL())
+ return -1;
+
return mbedtls_mpi_sub_mpi((mbedtls_mpi *)c,
(const mbedtls_mpi *)a,
(const mbedtls_mpi *)b) ? -1 : 0;
@@ -1558,6 +1637,9 @@ int crypto_bignum_div(const struct crypt
const struct crypto_bignum *b,
struct crypto_bignum *c)
{
+ if (TEST_FAIL())
+ return -1;
+
/*(most current use of this crypto.h interface has a == c (result),
* so store result in an intermediate to avoid overwritten input)*/
mbedtls_mpi R;
@@ -1575,6 +1657,9 @@ int crypto_bignum_addmod(const struct cr
const struct crypto_bignum *c,
struct crypto_bignum *d)
{
+ if (TEST_FAIL())
+ return -1;
+
return mbedtls_mpi_add_mpi((mbedtls_mpi *)d,
(const mbedtls_mpi *)a,
(const mbedtls_mpi *)b)
@@ -1588,6 +1673,9 @@ int crypto_bignum_mulmod(const struct cr
const struct crypto_bignum *c,
struct crypto_bignum *d)
{
+ if (TEST_FAIL())
+ return -1;
+
return mbedtls_mpi_mul_mpi((mbedtls_mpi *)d,
(const mbedtls_mpi *)a,
(const mbedtls_mpi *)b)
@@ -1600,6 +1688,9 @@ int crypto_bignum_sqrmod(const struct cr
const struct crypto_bignum *b,
struct crypto_bignum *c)
{
+ if (TEST_FAIL())
+ return -1;
+
#if 1
return crypto_bignum_mulmod(a, a, b, c);
#else
@@ -1650,6 +1741,9 @@ int crypto_bignum_is_odd(const struct cr
int crypto_bignum_legendre(const struct crypto_bignum *a,
const struct crypto_bignum *p)
{
+ if (TEST_FAIL())
+ return -2;
+
/* Security Note:
* mbedtls_mpi_exp_mod() is not documented to run in constant time,
* though mbedtls/library/bignum.c uses constant_time_internal.h funcs.
@@ -1702,6 +1796,9 @@ int crypto_mod_exp(const u8 *base, size_
const u8 *modulus, size_t modulus_len,
u8 *result, size_t *result_len)
{
+ if (TEST_FAIL())
+ return -1;
+
mbedtls_mpi bn_base, bn_exp, bn_modulus, bn_result;
mbedtls_mpi_init(&bn_base);
mbedtls_mpi_init(&bn_exp);
@@ -1769,6 +1866,9 @@ static int crypto_mbedtls_dh_init_public
int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey,
u8 *pubkey)
{
+ if (TEST_FAIL())
+ return -1;
+
#if 0 /*(crypto_dh_init() duplicated (and identical) in crypto_*.c modules)*/
size_t pubkey_len, pad;
@@ -1810,6 +1910,9 @@ int crypto_dh_derive_secret(u8 generator
const u8 *pubkey, size_t pubkey_len,
u8 *secret, size_t *len)
{
+ if (TEST_FAIL())
+ return -1;
+
#if 0
if (pubkey_len > prime_len ||
(pubkey_len == prime_len &&
@@ -2512,6 +2615,9 @@ const struct crypto_ec_point * crypto_ec
struct crypto_ec_point *crypto_ec_point_init(struct crypto_ec *e)
{
+ if (TEST_FAIL())
+ return NULL;
+
mbedtls_ecp_point *p = os_malloc(sizeof(*p));
if (p != NULL)
mbedtls_ecp_point_init(p);
@@ -2536,6 +2642,9 @@ int crypto_ec_point_x(struct crypto_ec *
int crypto_ec_point_to_bin(struct crypto_ec *e,
const struct crypto_ec_point *point, u8 *x, u8 *y)
{
+ if (TEST_FAIL())
+ return -1;
+
/* crypto.h documents crypto_ec_point_to_bin() output is big-endian */
size_t len = CRYPTO_EC_plen(e);
if (x) {
@@ -2563,6 +2672,9 @@ int crypto_ec_point_to_bin(struct crypto
struct crypto_ec_point * crypto_ec_point_from_bin(struct crypto_ec *e,
const u8 *val)
{
+ if (TEST_FAIL())
+ return NULL;
+
size_t len = CRYPTO_EC_plen(e);
mbedtls_ecp_point *p = os_malloc(sizeof(*p));
u8 buf[1+MBEDTLS_MPI_MAX_SIZE*2];
@@ -2615,6 +2727,9 @@ int crypto_ec_point_add(struct crypto_ec
const struct crypto_ec_point *b,
struct crypto_ec_point *c)
{
+ if (TEST_FAIL())
+ return -1;
+
/* mbedtls does not provide an mbedtls_ecp_point add function */
mbedtls_mpi one;
mbedtls_mpi_init(&one);
@@ -2631,6 +2746,9 @@ int crypto_ec_point_mul(struct crypto_ec
const struct crypto_bignum *b,
struct crypto_ec_point *res)
{
+ if (TEST_FAIL())
+ return -1;
+
return mbedtls_ecp_mul(
(mbedtls_ecp_group *)e, (mbedtls_ecp_point *)res,
(const mbedtls_mpi *)b, (const mbedtls_ecp_point *)p,
@@ -2639,6 +2757,9 @@ int crypto_ec_point_mul(struct crypto_ec
int crypto_ec_point_invert(struct crypto_ec *e, struct crypto_ec_point *p)
{
+ if (TEST_FAIL())
+ return -1;
+
if (mbedtls_ecp_get_type((mbedtls_ecp_group *)e)
== MBEDTLS_ECP_TYPE_MONTGOMERY) {
/* e.g. MBEDTLS_ECP_DP_CURVE25519 and MBEDTLS_ECP_DP_CURVE448 */
@@ -2751,6 +2872,9 @@ struct crypto_bignum *
crypto_ec_point_compute_y_sqr(struct crypto_ec *e,
const struct crypto_bignum *x)
{
+ if (TEST_FAIL())
+ return NULL;
+
mbedtls_mpi *y2 = os_malloc(sizeof(*y2));
if (y2 == NULL)
return NULL;

1358
feeds/hostapd/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch
View File

File diff suppressed because it is too large Load Diff

45
feeds/hostapd/hostapd/patches/150-add-NULL-checks-encountered-during-tests-hwsim.patch
View File

@@ -1,45 +0,0 @@
From 33afce36c54b0cad38643629ded10ff5d727f077 Mon Sep 17 00:00:00 2001
From: Glenn Strauss <gstrauss@gluelogic.com>
Date: Fri, 12 Aug 2022 05:34:47 -0400
Subject: [PATCH 5/7] add NULL checks (encountered during tests/hwsim)
sae_derive_commit_element_ecc NULL pwe_ecc check
dpp_gen_keypair() NULL curve check
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
---
src/common/dpp_crypto.c | 6 ++++++
src/common/sae.c | 7 +++++++
2 files changed, 13 insertions(+)
--- a/src/common/dpp_crypto.c
+++ b/src/common/dpp_crypto.c
@@ -269,6 +269,12 @@ int dpp_get_pubkey_hash(struct crypto_ec
struct crypto_ec_key * dpp_gen_keypair(const struct dpp_curve_params *curve)
{
+ if (curve == NULL) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: %s curve must be initialized", __func__);
+ return NULL;
+ }
+
struct crypto_ec_key *key;
wpa_printf(MSG_DEBUG, "DPP: Generating a keypair");
--- a/src/common/sae.c
+++ b/src/common/sae.c
@@ -1278,6 +1278,13 @@ void sae_deinit_pt(struct sae_pt *pt)
static int sae_derive_commit_element_ecc(struct sae_data *sae,
struct crypto_bignum *mask)
{
+ if (sae->tmp->pwe_ecc == NULL) {
+ wpa_printf(MSG_DEBUG,
+ "SAE: %s sae->tmp->pwe_ecc must be initialized",
+ __func__);
+ return -1;
+ }
+
/* COMMIT-ELEMENT = inverse(scalar-op(mask, PWE)) */
if (!sae->tmp->own_commit_element_ecc) {
sae->tmp->own_commit_element_ecc =

26
feeds/hostapd/hostapd/patches/160-dpp_pkex-EC-point-mul-w-value-prime.patch
View File

@@ -1,26 +0,0 @@
From 54211caa2e0e5163aefef390daf88a971367a702 Mon Sep 17 00:00:00 2001
From: Glenn Strauss <gstrauss@gluelogic.com>
Date: Tue, 4 Oct 2022 17:09:24 -0400
Subject: [PATCH 6/7] dpp_pkex: EC point mul w/ value < prime
crypto_ec_point_mul() with mbedtls requires point
be multiplied by a multiplicand with value < prime
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
---
src/common/dpp_crypto.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
--- a/src/common/dpp_crypto.c
+++ b/src/common/dpp_crypto.c
@@ -1588,7 +1588,9 @@ dpp_pkex_derive_Qr(const struct dpp_curv
Pr = crypto_ec_key_get_public_key(Pr_key);
Qr = crypto_ec_point_init(ec);
hash_bn = crypto_bignum_init_set(hash, curve->hash_len);
- if (!Pr || !Qr || !hash_bn || crypto_ec_point_mul(ec, Pr, hash_bn, Qr))
+ if (!Pr || !Qr || !hash_bn ||
+ crypto_bignum_mod(hash_bn, crypto_ec_get_prime(ec), hash_bn) ||
+ crypto_ec_point_mul(ec, Pr, hash_bn, Qr))
goto fail;
if (crypto_ec_point_is_at_infinity(ec, Qr)) {

141
feeds/hostapd/hostapd/patches/170-hostapd-update-cfs0-and-cfs1-for-160MHz.patch
View File

@@ -1,141 +0,0 @@
From d4c4ef302f98fd6bce173b8636e7e350d8b44981 Mon Sep 17 00:00:00 2001
From: P Praneesh <ppranees@codeaurora.org>
Date: Fri, 19 Mar 2021 12:17:27 +0530
Subject: [PATCH] hostapd: update cfs0 and cfs1 for 160MHz
As per standard Draft P802.11ax_D8.0,( Table 26-9—Setting
of the VHT Channel Width and VHT NSS at an HE STA
transmitting the OM Control subfield ), center frequency of
160MHz should be published in HT information subset 2 of
HT information when EXT NSS BW field is enabled.
If the supported number of NSS in 160MHz is at least max NSS
support, then center_freq_seg0 indicates the center frequency of 80MHz and
center_freq_seg1 indicates the center frequency of 160MHz.
If the supported number of NSS in 160MHz is less than max NSS
support, then center_freq_seg0 indicates the center frequency of 80MHz and
center_freq_seg1 is 0. The center frequency of 160MHz is published in HT
operation information element instead.
Signed-off-by: P Praneesh <ppranees@codeaurora.org>
---
hostapd/config_file.c | 2 ++
src/ap/ieee802_11_ht.c | 7 +++++++
src/ap/ieee802_11_vht.c | 16 ++++++++++++++++
src/common/hw_features_common.c | 1 +
src/common/ieee802_11_defs.h | 1 +
5 files changed, 27 insertions(+)
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -1153,6 +1153,8 @@ static int hostapd_config_vht_capab(stru
conf->vht_capab |= VHT_CAP_RX_ANTENNA_PATTERN;
if (os_strstr(capab, "[TX-ANTENNA-PATTERN]"))
conf->vht_capab |= VHT_CAP_TX_ANTENNA_PATTERN;
+ if (os_strstr(capab, "[EXT-NSS-BW-SUPP]"))
+ conf->vht_capab |= VHT_CAP_EXTENDED_NSS_BW_SUPPORT;
return 0;
}
#endif /* CONFIG_IEEE80211AC */
--- a/src/ap/ieee802_11_ht.c
+++ b/src/ap/ieee802_11_ht.c
@@ -82,7 +82,9 @@ u8 * hostapd_eid_ht_capabilities(struct
u8 * hostapd_eid_ht_operation(struct hostapd_data *hapd, u8 *eid)
{
struct ieee80211_ht_operation *oper;
+ le32 vht_capabilities_info;
u8 *pos = eid;
+ u8 chwidth;
if (!hapd->iconf->ieee80211n || hapd->conf->disable_11n ||
is_6ghz_op_class(hapd->iconf->op_class))
@@ -103,6 +105,13 @@ u8 * hostapd_eid_ht_operation(struct hos
oper->ht_param |= HT_INFO_HT_PARAM_SECONDARY_CHNL_BELOW |
HT_INFO_HT_PARAM_STA_CHNL_WIDTH;
+ vht_capabilities_info = host_to_le32(hapd->iface->current_mode->vht_capab);
+ chwidth = hostapd_get_oper_chwidth(hapd->iconf);
+ if (vht_capabilities_info & VHT_CAP_EXTENDED_NSS_BW_SUPPORT
+ && ((chwidth == CHANWIDTH_160MHZ) || (chwidth == CHANWIDTH_80P80MHZ))) {
+ oper->operation_mode = host_to_le16(hapd->iconf->vht_oper_centr_freq_seg0_idx << 5);
+ }
+
pos += sizeof(*oper);
return pos;
--- a/src/ap/ieee802_11_vht.c
+++ b/src/ap/ieee802_11_vht.c
@@ -25,6 +25,7 @@ u8 * hostapd_eid_vht_capabilities(struct
struct ieee80211_vht_capabilities *cap;
struct hostapd_hw_modes *mode = hapd->iface->current_mode;
u8 *pos = eid;
+ u8 chwidth;
if (!mode || is_6ghz_op_class(hapd->iconf->op_class))
return eid;
@@ -62,6 +63,17 @@ u8 * hostapd_eid_vht_capabilities(struct
host_to_le32(nsts << VHT_CAP_BEAMFORMEE_STS_OFFSET);
}
+ chwidth = hostapd_get_oper_chwidth(hapd->iconf);
+ if (((host_to_le32(mode->vht_capab)) & VHT_CAP_EXTENDED_NSS_BW_SUPPORT)
+ && ((chwidth == CHANWIDTH_160MHZ) || (chwidth == CHANWIDTH_80P80MHZ))) {
+ cap->vht_capabilities_info |= VHT_CAP_EXTENDED_NSS_BW_SUPPORT;
+ cap->vht_capabilities_info &= ~(host_to_le32(VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ));
+ cap->vht_capabilities_info &= ~(host_to_le32(VHT_CAP_SUPP_CHAN_WIDTH_160MHZ));
+ cap->vht_capabilities_info &= ~(host_to_le32(VHT_CAP_SUPP_CHAN_WIDTH_MASK));
+ } else {
+ cap->vht_capabilities_info &= ~VHT_CAP_EXTENDED_NSS_BW_SUPPORT_MASK;
+ }
+
/* Supported MCS set comes from hw */
os_memcpy(&cap->vht_supported_mcs_set, mode->vht_mcs_set, 8);
@@ -74,6 +86,7 @@ u8 * hostapd_eid_vht_capabilities(struct
u8 * hostapd_eid_vht_operation(struct hostapd_data *hapd, u8 *eid)
{
struct ieee80211_vht_operation *oper;
+ le32 vht_capabilities_info;
u8 *pos = eid;
enum oper_chan_width oper_chwidth =
hostapd_get_oper_chwidth(hapd->iconf);
@@ -106,6 +119,7 @@ u8 * hostapd_eid_vht_operation(struct ho
oper->vht_op_info_chan_center_freq_seg1_idx = seg1;
oper->vht_op_info_chwidth = oper_chwidth;
+ vht_capabilities_info = host_to_le32(hapd->iface->current_mode->vht_capab);
if (oper_chwidth == CONF_OPER_CHWIDTH_160MHZ) {
/*
* Convert 160 MHz channel width to new style as interop
@@ -119,6 +133,9 @@ u8 * hostapd_eid_vht_operation(struct ho
oper->vht_op_info_chan_center_freq_seg0_idx -= 8;
else
oper->vht_op_info_chan_center_freq_seg0_idx += 8;
+
+ if (vht_capabilities_info & VHT_CAP_EXTENDED_NSS_BW_SUPPORT)
+ oper->vht_op_info_chan_center_freq_seg1_idx = 0;
} else if (oper_chwidth == CONF_OPER_CHWIDTH_80P80MHZ) {
/*
* Convert 80+80 MHz channel width to new style as interop
--- a/src/common/hw_features_common.c
+++ b/src/common/hw_features_common.c
@@ -811,6 +811,7 @@ int ieee80211ac_cap_check(u32 hw, u32 co
VHT_CAP_CHECK(VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB);
VHT_CAP_CHECK(VHT_CAP_RX_ANTENNA_PATTERN);
VHT_CAP_CHECK(VHT_CAP_TX_ANTENNA_PATTERN);
+ VHT_CAP_CHECK(VHT_CAP_EXTENDED_NSS_BW_SUPPORT);
#undef VHT_CAP_CHECK
#undef VHT_CAP_CHECK_MAX
--- a/src/common/ieee802_11_defs.h
+++ b/src/common/ieee802_11_defs.h
@@ -1349,6 +1349,8 @@ struct ieee80211_ampe_ie {
#define VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB ((u32) BIT(26) | BIT(27))
#define VHT_CAP_RX_ANTENNA_PATTERN ((u32) BIT(28))
#define VHT_CAP_TX_ANTENNA_PATTERN ((u32) BIT(29))
+#define VHT_CAP_EXTENDED_NSS_BW_SUPPORT ((u32) BIT(30))
+#define VHT_CAP_EXTENDED_NSS_BW_SUPPORT_MASK ((u32) BIT(30) | BIT(31))
#define VHT_OPMODE_CHANNEL_WIDTH_MASK ((u8) BIT(0) | BIT(1))
#define VHT_OPMODE_CHANNEL_RxNSS_MASK ((u8) BIT(4) | BIT(5) | \

20
feeds/hostapd/hostapd/patches/180-driver_nl80211-fix-setting-QoS-map-on-secondary-BSSs.patch
View File

@@ -1,20 +0,0 @@
From: Felix Fietkau <nbd@nbd.name>
Date: Thu, 14 Sep 2023 10:53:50 +0200
Subject: [PATCH] driver_nl80211: fix setting QoS map on secondary BSSs
The setting is per-BSS, not per PHY
Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -11341,7 +11341,7 @@ static int nl80211_set_qos_map(void *pri
wpa_hexdump(MSG_DEBUG, "nl80211: Setting QoS Map",
qos_map_set, qos_map_set_len);
- if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_SET_QOS_MAP)) ||
+ if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_QOS_MAP)) ||
nla_put(msg, NL80211_ATTR_QOS_MAP, qos_map_set_len, qos_map_set)) {
nlmsg_free(msg);
return -ENOBUFS;

18
feeds/hostapd/hostapd/patches/181-driver_nl80211-update-drv-ifindex-on-removing-the-fi.patch
View File

@@ -1,18 +0,0 @@
From: Felix Fietkau <nbd@nbd.name>
Date: Thu, 14 Sep 2023 11:28:03 +0200
Subject: [PATCH] driver_nl80211: update drv->ifindex on removing the first
BSS
Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -8867,6 +8867,7 @@ static int wpa_driver_nl80211_if_remove(
if (drv->first_bss->next) {
drv->first_bss = drv->first_bss->next;
drv->ctx = drv->first_bss->ctx;
+ drv->ifindex = drv->first_bss->ifindex;
os_free(bss);
} else {
wpa_printf(MSG_DEBUG, "nl80211: No second BSS to reassign context to");

34
feeds/hostapd/hostapd/patches/182-nl80211-move-nl80211_put_freq_params-call-outside-of.patch
View File

@@ -1,34 +0,0 @@
From: Felix Fietkau <nbd@nbd.name>
Date: Mon, 18 Sep 2023 16:47:41 +0200
Subject: [PATCH] nl80211: move nl80211_put_freq_params call outside of
802.11ax #ifdef
The relevance of this call is not specific to 802.11ax, so it should be done
even with CONFIG_IEEE80211AX disabled.
Fixes: b3921db426ea ("nl80211: Add frequency info in start AP command")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -5226,6 +5226,9 @@ static int wpa_driver_nl80211_set_ap(voi
nla_nest_end(msg, ftm);
}
+ if (params->freq && nl80211_put_freq_params(msg, params->freq) < 0)
+ goto fail;
+
#ifdef CONFIG_IEEE80211AX
if (params->he_spr_ctrl) {
struct nlattr *spr;
@@ -5260,9 +5263,6 @@ static int wpa_driver_nl80211_set_ap(voi
nla_nest_end(msg, spr);
}
- if (params->freq && nl80211_put_freq_params(msg, params->freq) < 0)
- goto fail;
-
if (params->freq && params->freq->he_enabled) {
struct nlattr *bss_color;

28
feeds/hostapd/hostapd/patches/183-hostapd-cancel-channel_list_update_timeout-in-hostap.patch
View File

@@ -1,28 +0,0 @@
From: Felix Fietkau <nbd@nbd.name>
Date: Wed, 20 Sep 2023 13:41:10 +0200
Subject: [PATCH] hostapd: cancel channel_list_update_timeout in
hostapd_cleanup_iface_partial
Fixes a crash when disabling an interface during channel list update
Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -569,6 +569,7 @@ static void sta_track_deinit(struct host
void hostapd_cleanup_iface_partial(struct hostapd_iface *iface)
{
wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface);
+ eloop_cancel_timeout(channel_list_update_timeout, iface, NULL);
#ifdef NEED_AP_MLME
hostapd_stop_setup_timers(iface);
#endif /* NEED_AP_MLME */
@@ -598,7 +599,6 @@ void hostapd_cleanup_iface_partial(struc
static void hostapd_cleanup_iface(struct hostapd_iface *iface)
{
wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface);
- eloop_cancel_timeout(channel_list_update_timeout, iface, NULL);
eloop_cancel_timeout(hostapd_interface_setup_failure_handler, iface,
NULL);

71
feeds/hostapd/hostapd/patches/301-mesh-noscan.patch
View File

@@ -1,71 +0,0 @@
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -2600,6 +2600,7 @@ static const struct parse_data ssid_fiel
#else /* CONFIG_MESH */
{ INT_RANGE(mode, 0, 4) },
#endif /* CONFIG_MESH */
+ { INT_RANGE(noscan, 0, 1) },
{ INT_RANGE(proactive_key_caching, 0, 1) },
{ INT_RANGE(disabled, 0, 2) },
{ STR(id_str) },
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
@@ -775,6 +775,7 @@ static void wpa_config_write_network(FIL
#endif /* IEEE8021X_EAPOL */
INT(mode);
INT(no_auto_peer);
+ INT(noscan);
INT(mesh_fwding);
INT(frequency);
INT(enable_edmg);
--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
@@ -506,6 +506,8 @@ static int wpa_supplicant_mesh_init(stru
frequency);
goto out_free;
}
+ if (ssid->noscan)
+ conf->noscan = 1;
if (ssid->mesh_basic_rates == NULL) {
/*
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -2710,7 +2710,7 @@ static bool ibss_mesh_can_use_vht(struct
const struct wpa_ssid *ssid,
struct hostapd_hw_modes *mode)
{
- if (mode->mode != HOSTAPD_MODE_IEEE80211A)
+ if (mode->mode != HOSTAPD_MODE_IEEE80211A && !(ssid->noscan))
return false;
if (!drv_supports_vht(wpa_s, ssid))
@@ -2783,7 +2783,7 @@ static void ibss_mesh_select_40mhz(struc
int i, res;
unsigned int j;
static const int ht40plus[] = {
- 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157, 165, 173,
+ 1, 2, 3, 4, 5, 6, 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157, 165, 173,
184, 192
};
int ht40 = -1;
@@ -3033,7 +3033,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
enum hostapd_hw_mode hw_mode;
struct hostapd_hw_modes *mode = NULL;
- int i, obss_scan = 1;
+ int i, obss_scan = !(ssid->noscan);
u8 channel;
bool is_6ghz;
bool dfs_enabled = wpa_s->conf->country[0] && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR);
--- a/wpa_supplicant/config_ssid.h
+++ b/wpa_supplicant/config_ssid.h
@@ -1035,6 +1035,8 @@ struct wpa_ssid {
*/
int no_auto_peer;
+ int noscan;
+
/**
* mesh_rssi_threshold - Set mesh parameter mesh_rssi_threshold (dBm)
*

11
feeds/hostapd/hostapd/patches/330-nl80211_fix_set_freq.patch
View File

@@ -1,11 +0,0 @@
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -5407,7 +5407,7 @@ static int nl80211_set_channel(struct i8
freq->he_enabled, freq->eht_enabled, freq->bandwidth,
freq->center_freq1, freq->center_freq2);
- msg = nl80211_drv_msg(drv, 0, set_chan ? NL80211_CMD_SET_CHANNEL :
+ msg = nl80211_bss_msg(bss, 0, set_chan ? NL80211_CMD_SET_CHANNEL :
NL80211_CMD_SET_WIPHY);
if (!msg || nl80211_put_freq_params(msg, freq) < 0) {
nlmsg_free(msg);

35
feeds/hostapd/hostapd/patches/350-nl80211_del_beacon_bss.patch
View File

@@ -1,35 +0,0 @@
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -3008,12 +3008,12 @@ static int wpa_driver_nl80211_del_beacon
return 0;
wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)",
- drv->ifindex);
+ bss->ifindex);
link->beacon_set = 0;
link->freq = 0;
nl80211_put_wiphy_data_ap(bss);
- msg = nl80211_drv_msg(drv, 0, NL80211_CMD_DEL_BEACON);
+ msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_BEACON);
if (!msg)
return -ENOBUFS;
@@ -6100,7 +6100,7 @@ static void nl80211_teardown_ap(struct i
nl80211_mgmt_unsubscribe(bss, "AP teardown");
nl80211_put_wiphy_data_ap(bss);
- bss->flink->beacon_set = 0;
+ wpa_driver_nl80211_del_beacon_all(bss);
}
@@ -8859,8 +8859,6 @@ static int wpa_driver_nl80211_if_remove(
} else {
wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context");
nl80211_teardown_ap(bss);
- if (!bss->added_if && !drv->first_bss->next)
- wpa_driver_nl80211_del_beacon_all(bss);
nl80211_destroy_bss(bss);
if (!bss->added_if)
i802_set_iface_flags(bss, 0);

239
feeds/hostapd/hostapd/patches/380-disable_ctrl_iface_mib.patch
View File

@@ -1,239 +0,0 @@
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -221,6 +221,9 @@ endif
ifdef CONFIG_NO_CTRL_IFACE
CFLAGS += -DCONFIG_NO_CTRL_IFACE
else
+ifdef CONFIG_CTRL_IFACE_MIB
+CFLAGS += -DCONFIG_CTRL_IFACE_MIB
+endif
ifeq ($(CONFIG_CTRL_IFACE), udp)
CFLAGS += -DCONFIG_CTRL_IFACE_UDP
else
--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
@@ -3314,6 +3314,7 @@ static int hostapd_ctrl_iface_receive_pr
reply_size);
} else if (os_strcmp(buf, "STATUS-DRIVER") == 0) {
reply_len = hostapd_drv_status(hapd, reply, reply_size);
+#ifdef CONFIG_CTRL_IFACE_MIB
} else if (os_strcmp(buf, "MIB") == 0) {
reply_len = ieee802_11_get_mib(hapd, reply, reply_size);
if (reply_len >= 0) {
@@ -3355,6 +3356,7 @@ static int hostapd_ctrl_iface_receive_pr
} else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply,
reply_size);
+#endif
} else if (os_strcmp(buf, "ATTACH") == 0) {
if (hostapd_ctrl_iface_attach(hapd, from, fromlen, NULL))
reply_len = -1;
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -983,6 +983,9 @@ ifdef CONFIG_FILS
OBJS += ../src/ap/fils_hlp.o
endif
ifdef CONFIG_CTRL_IFACE
+ifdef CONFIG_CTRL_IFACE_MIB
+CFLAGS += -DCONFIG_CTRL_IFACE_MIB
+endif
OBJS += ../src/ap/ctrl_iface_ap.o
endif
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -2326,7 +2326,7 @@ static int wpa_supplicant_ctrl_iface_sta
pos += ret;
}
-#ifdef CONFIG_AP
+#if defined(CONFIG_AP) && defined(CONFIG_CTRL_IFACE_MIB)
if (wpa_s->ap_iface) {
pos += ap_ctrl_iface_wpa_get_status(wpa_s, pos,
end - pos,
@@ -12087,6 +12087,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_len = -1;
} else if (os_strncmp(buf, "NOTE ", 5) == 0) {
wpa_printf(MSG_INFO, "NOTE: %s", buf + 5);
+#ifdef CONFIG_CTRL_IFACE_MIB
} else if (os_strcmp(buf, "MIB") == 0) {
reply_len = wpa_sm_get_mib(wpa_s->wpa, reply, reply_size);
if (reply_len >= 0) {
@@ -12099,6 +12100,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_size - reply_len);
#endif /* CONFIG_MACSEC */
}
+#endif
} else if (os_strncmp(buf, "STATUS", 6) == 0) {
reply_len = wpa_supplicant_ctrl_iface_status(
wpa_s, buf + 6, reply, reply_size);
@@ -12587,6 +12589,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_len = wpa_supplicant_ctrl_iface_bss(
wpa_s, buf + 4, reply, reply_size);
#ifdef CONFIG_AP
+#ifdef CONFIG_CTRL_IFACE_MIB
} else if (os_strcmp(buf, "STA-FIRST") == 0) {
reply_len = ap_ctrl_iface_sta_first(wpa_s, reply, reply_size);
} else if (os_strncmp(buf, "STA ", 4) == 0) {
@@ -12595,12 +12598,15 @@ char * wpa_supplicant_ctrl_iface_process
} else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
reply_len = ap_ctrl_iface_sta_next(wpa_s, buf + 9, reply,
reply_size);
+#endif
+#ifdef CONFIG_CTRL_IFACE_MIB
} else if (os_strncmp(buf, "DEAUTHENTICATE ", 15) == 0) {
if (ap_ctrl_iface_sta_deauthenticate(wpa_s, buf + 15))
reply_len = -1;
} else if (os_strncmp(buf, "DISASSOCIATE ", 13) == 0) {
if (ap_ctrl_iface_sta_disassociate(wpa_s, buf + 13))
reply_len = -1;
+#endif
} else if (os_strncmp(buf, "CHAN_SWITCH ", 12) == 0) {
if (ap_ctrl_iface_chanswitch(wpa_s, buf + 12))
reply_len = -1;
--- a/src/ap/ctrl_iface_ap.c
+++ b/src/ap/ctrl_iface_ap.c
@@ -26,6 +26,26 @@
#include "taxonomy.h"
#include "wnm_ap.h"
+static const char * hw_mode_str(enum hostapd_hw_mode mode)
+{
+ switch (mode) {
+ case HOSTAPD_MODE_IEEE80211B:
+ return "b";
+ case HOSTAPD_MODE_IEEE80211G:
+ return "g";
+ case HOSTAPD_MODE_IEEE80211A:
+ return "a";
+ case HOSTAPD_MODE_IEEE80211AD:
+ return "ad";
+ case HOSTAPD_MODE_IEEE80211ANY:
+ return "any";
+ case NUM_HOSTAPD_MODES:
+ return "invalid";
+ }
+ return "unknown";
+}
+
+#ifdef CONFIG_CTRL_IFACE_MIB
static size_t hostapd_write_ht_mcs_bitmask(char *buf, size_t buflen,
size_t curr_len, const u8 *mcs_set)
@@ -212,26 +232,6 @@ static const char * timeout_next_str(int
}
-static const char * hw_mode_str(enum hostapd_hw_mode mode)
-{
- switch (mode) {
- case HOSTAPD_MODE_IEEE80211B:
- return "b";
- case HOSTAPD_MODE_IEEE80211G:
- return "g";
- case HOSTAPD_MODE_IEEE80211A:
- return "a";
- case HOSTAPD_MODE_IEEE80211AD:
- return "ad";
- case HOSTAPD_MODE_IEEE80211ANY:
- return "any";
- case NUM_HOSTAPD_MODES:
- return "invalid";
- }
- return "unknown";
-}
-
-
static int hostapd_ctrl_iface_sta_mib(struct hostapd_data *hapd,
struct sta_info *sta,
char *buf, size_t buflen)
@@ -493,6 +493,7 @@ int hostapd_ctrl_iface_sta_next(struct h
return hostapd_ctrl_iface_sta_mib(hapd, sta->next, buf, buflen);
}
+#endif
#ifdef CONFIG_P2P_MANAGER
static int p2p_manager_disconnect(struct hostapd_data *hapd, u16 stype,
@@ -884,12 +885,12 @@ int hostapd_ctrl_iface_status(struct hos
return len;
len += ret;
}
-
+#ifdef CONFIG_CTRL_IFACE_MIB
if (iface->conf->ieee80211n && !hapd->conf->disable_11n && mode) {
len = hostapd_write_ht_mcs_bitmask(buf, buflen, len,
mode->mcs_set);
}
-
+#endif /* CONFIG_CTRL_IFACE_MIB */
if (iface->current_rates && iface->num_rates) {
ret = os_snprintf(buf + len, buflen - len, "supported_rates=");
if (os_snprintf_error(buflen - len, ret))
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
@@ -2834,6 +2834,7 @@ static const char * bool_txt(bool val)
return val ? "TRUE" : "FALSE";
}
+#ifdef CONFIG_CTRL_IFACE_MIB
int ieee802_1x_get_mib(struct hostapd_data *hapd, char *buf, size_t buflen)
{
@@ -3020,6 +3021,7 @@ int ieee802_1x_get_mib_sta(struct hostap
return len;
}
+#endif
#ifdef CONFIG_HS20
static void ieee802_1x_wnm_notif_send(void *eloop_ctx, void *timeout_ctx)
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -5328,6 +5328,7 @@ static const char * wpa_bool_txt(int val
return val ? "TRUE" : "FALSE";
}
+#ifdef CONFIG_CTRL_IFACE_MIB
#define RSN_SUITE "%02x-%02x-%02x-%d"
#define RSN_SUITE_ARG(s) \
@@ -5480,7 +5481,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
return len;
}
-
+#endif
void wpa_auth_countermeasures_start(struct wpa_authenticator *wpa_auth)
{
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -3834,6 +3834,8 @@ static u32 wpa_key_mgmt_suite(struct wpa
}
+#ifdef CONFIG_CTRL_IFACE_MIB
+
#define RSN_SUITE "%02x-%02x-%02x-%d"
#define RSN_SUITE_ARG(s) \
((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff
@@ -3915,6 +3917,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch
return (int) len;
}
+#endif
#endif /* CONFIG_CTRL_IFACE */
--- a/wpa_supplicant/ap.c
+++ b/wpa_supplicant/ap.c
@@ -1499,7 +1499,7 @@ int wpas_ap_wps_nfc_report_handover(stru
#endif /* CONFIG_WPS */
-#ifdef CONFIG_CTRL_IFACE
+#if defined(CONFIG_CTRL_IFACE) && defined(CONFIG_CTRL_IFACE_MIB)
int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s,
char *buf, size_t buflen)

63
feeds/hostapd/hostapd/patches/420-indicate-features.patch
View File

@@ -1,63 +0,0 @@
--- a/hostapd/main.c
+++ b/hostapd/main.c
@@ -31,7 +31,7 @@
#include "config_file.h"
#include "eap_register.h"
#include "ctrl_iface.h"
-
+#include "build_features.h"
struct hapd_global {
void **drv_priv;
@@ -799,7 +799,7 @@ int main(int argc, char *argv[])
wpa_supplicant_event = hostapd_wpa_event;
wpa_supplicant_event_global = hostapd_wpa_event_global;
for (;;) {
- c = getopt(argc, argv, "b:Bde:f:hi:KP:sSTtu:vg:G:q");
+ c = getopt(argc, argv, "b:Bde:f:hi:KP:sSTtu:g:G:qv::");
if (c < 0)
break;
switch (c) {
@@ -836,6 +836,8 @@ int main(int argc, char *argv[])
break;
#endif /* CONFIG_DEBUG_LINUX_TRACING */
case 'v':
+ if (optarg)
+ exit(!has_feature(optarg));
show_version();
exit(1);
case 'g':
--- a/wpa_supplicant/main.c
+++ b/wpa_supplicant/main.c
@@ -12,6 +12,7 @@
#endif /* __linux__ */
#include "common.h"
+#include "build_features.h"
#include "crypto/crypto.h"
#include "fst/fst.h"
#include "wpa_supplicant_i.h"
@@ -202,7 +203,7 @@ int main(int argc, char *argv[])
for (;;) {
c = getopt(argc, argv,
- "b:Bc:C:D:de:f:g:G:hi:I:KLMm:No:O:p:P:qsTtuvW");
+ "b:Bc:C:D:de:f:g:G:hi:I:KLMm:No:O:p:P:qsTtuv::W");
if (c < 0)
break;
switch (c) {
@@ -302,8 +303,12 @@ int main(int argc, char *argv[])
break;
#endif /* CONFIG_CTRL_IFACE_DBUS_NEW */
case 'v':
- printf("%s\n", wpa_supplicant_version);
- exitcode = 0;
+ if (optarg) {
+ exitcode = !has_feature(optarg);
+ } else {
+ printf("%s\n", wpa_supplicant_version);
+ exitcode = 0;
+ }
goto out;
case 'W':
params.wait_for_monitor++;

68
feeds/hostapd/hostapd/patches/463-add-mcast_rate-to-11s.patch
View File

@@ -1,68 +0,0 @@
From: Sven Eckelmann <sven.eckelmann@openmesh.com>
Date: Thu, 11 May 2017 08:21:45 +0200
Subject: [PATCH] set mcast_rate in mesh mode
The wpa_supplicant code for IBSS allows to set the mcast rate. It is
recommended to increase this value from 1 or 6 Mbit/s to something higher
when using a mesh protocol on top which uses the multicast packet loss as
indicator for the link quality.
This setting was unfortunately not applied for mesh mode. But it would be
beneficial when wpa_supplicant would behave similar to IBSS mode and set
this argument during mesh join like authsae already does. At least it is
helpful for companies/projects which are currently switching to 802.11s
(without mesh_fwding and with mesh_ttl set to 1) as replacement for IBSS
because newer drivers seem to support 802.11s but not IBSS anymore.
Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -1827,6 +1827,7 @@ struct wpa_driver_mesh_join_params {
#define WPA_DRIVER_MESH_FLAG_AMPE 0x00000008
unsigned int flags;
bool handle_dfs;
+ int mcast_rate;
};
struct wpa_driver_set_key_params {
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -11667,6 +11667,18 @@ static int nl80211_put_mesh_id(struct nl
}
+static int nl80211_put_mcast_rate(struct nl_msg *msg, int mcast_rate)
+{
+ if (mcast_rate > 0) {
+ wpa_printf(MSG_DEBUG, " * mcast_rate=%.1f",
+ (double)mcast_rate / 10);
+ return nla_put_u32(msg, NL80211_ATTR_MCAST_RATE, mcast_rate);
+ }
+
+ return 0;
+}
+
+
static int nl80211_put_mesh_config(struct nl_msg *msg,
struct wpa_driver_mesh_bss_params *params)
{
@@ -11728,6 +11740,7 @@ static int nl80211_join_mesh(struct i802
nl80211_put_basic_rates(msg, params->basic_rates) ||
nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) ||
nl80211_put_beacon_int(msg, params->beacon_int) ||
+ nl80211_put_mcast_rate(msg, params->mcast_rate) ||
nl80211_put_dtim_period(msg, params->dtim_period))
goto fail;
--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
@@ -632,6 +632,7 @@ int wpa_supplicant_join_mesh(struct wpa_
params->meshid = ssid->ssid;
params->meshid_len = ssid->ssid_len;
+ params->mcast_rate = ssid->mcast_rate;
ibss_mesh_setup_freq(wpa_s, ssid, &params->freq);
wpa_s->mesh_ht_enabled = !!params->freq.ht_enabled;
wpa_s->mesh_vht_enabled = !!params->freq.vht_enabled;

13
feeds/hostapd/hostapd/patches/464-fix-mesh-obss-check.patch
View File

@@ -1,13 +0,0 @@
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -3040,6 +3040,10 @@ void ibss_mesh_setup_freq(struct wpa_sup
freq->freq = ssid->frequency;
+ if (ssid->fixed_freq) {
+ obss_scan = 0;
+ }
+
if (ssid->mode == WPAS_MODE_IBSS && !ssid->fixed_freq) {
struct wpa_bss *bss = ibss_find_existing_bss(wpa_s, ssid);

24
feeds/hostapd/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch
View File

@@ -1,24 +0,0 @@
From c9304d3303d563ad6d2619f4e07864ed12f96889 Mon Sep 17 00:00:00 2001
From: David Bauer <mail@david-bauer.net>
Date: Sat, 14 May 2022 21:41:03 +0200
Subject: [PATCH] hostapd: config: support random BSS color
Configure the HE BSS color to a random value in case the config defines
a BSS color which exceeds the max BSS color (63).
Signed-off-by: David Bauer <mail@david-bauer.net>
---
hostapd/config_file.c | 2 ++
1 file changed, 2 insertions(+)
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -3500,6 +3500,8 @@ static int hostapd_config_fill(struct ho
} else if (os_strcmp(buf, "he_bss_color") == 0) {
conf->he_op.he_bss_color = atoi(pos) & 0x3f;
conf->he_op.he_bss_color_disabled = 0;
+ if (atoi(pos) > 63)
+ conf->he_op.he_bss_color = os_random() % 63 + 1;
} else if (os_strcmp(buf, "he_bss_color_partial") == 0) {
conf->he_op.he_bss_color_partial = atoi(pos);
} else if (os_strcmp(buf, "he_default_pe_duration") == 0) {

30
feeds/hostapd/hostapd/patches/470-survey_data_fallback.patch
View File

@@ -1,30 +0,0 @@
--- a/src/ap/acs.c
+++ b/src/ap/acs.c
@@ -455,17 +455,17 @@ static int acs_get_bw_center_chan(int fr
static int acs_survey_is_sufficient(struct freq_survey *survey)
{
if (!(survey->filled & SURVEY_HAS_NF)) {
+ survey->nf = -95;
wpa_printf(MSG_INFO,
"ACS: Survey for freq %d is missing noise floor",
survey->freq);
- return 0;
}
if (!(survey->filled & SURVEY_HAS_CHAN_TIME)) {
+ survey->channel_time = 0;
wpa_printf(MSG_INFO,
"ACS: Survey for freq %d is missing channel time",
survey->freq);
- return 0;
}
if (!(survey->filled & SURVEY_HAS_CHAN_TIME_BUSY) &&
@@ -473,7 +473,6 @@ static int acs_survey_is_sufficient(stru
wpa_printf(MSG_INFO,
"ACS: Survey for freq %d is missing RX and busy time (at least one is required)",
survey->freq);
- return 0;
}
return 1;

738
feeds/hostapd/hostapd/patches/600-ubus_support.patch
View File

@@ -1,738 +0,0 @@
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -166,6 +166,12 @@ OBJS += ../src/common/hw_features_common
OBJS += ../src/eapol_auth/eapol_auth_sm.o
+ifdef CONFIG_UBUS
+CFLAGS += -DUBUS_SUPPORT
+OBJS += ../src/utils/uloop.o
+OBJS += ../src/ap/ubus.o
+LIBS += -lubox -lubus
+endif
ifdef CONFIG_CODE_COVERAGE
CFLAGS += -O0 -fprofile-arcs -ftest-coverage
--- a/src/ap/hostapd.h
+++ b/src/ap/hostapd.h
@@ -18,6 +18,7 @@
#include "utils/list.h"
#include "ap_config.h"
#include "drivers/driver.h"
+#include "ubus.h"
#define OCE_STA_CFON_ENABLED(hapd) \
((hapd->conf->oce & OCE_STA_CFON) && \
@@ -184,6 +185,7 @@ struct hostapd_data {
struct hostapd_iface *iface;
struct hostapd_config *iconf;
struct hostapd_bss_config *conf;
+ struct hostapd_ubus_bss ubus;
int interface_added; /* virtual interface added for this BSS */
unsigned int started:1;
unsigned int disabled:1;
@@ -695,6 +697,7 @@ hostapd_alloc_bss_data(struct hostapd_if
struct hostapd_bss_config *bss);
int hostapd_setup_interface(struct hostapd_iface *iface);
int hostapd_setup_interface_complete(struct hostapd_iface *iface, int err);
+void hostapd_set_own_neighbor_report(struct hostapd_data *hapd);
void hostapd_interface_deinit(struct hostapd_iface *iface);
void hostapd_interface_free(struct hostapd_iface *iface);
struct hostapd_iface * hostapd_alloc_iface(void);
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -435,6 +435,7 @@ void hostapd_free_hapd_data(struct hosta
hapd->beacon_set_done = 0;
wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface);
+ hostapd_ubus_free_bss(hapd);
accounting_deinit(hapd);
hostapd_deinit_wpa(hapd);
vlan_deinit(hapd);
@@ -1187,6 +1188,8 @@ static int hostapd_start_beacon(struct h
if (hapd->driver && hapd->driver->set_operstate)
hapd->driver->set_operstate(hapd->drv_priv, 1);
+ hostapd_ubus_add_bss(hapd);
+
return 0;
}
@@ -2275,6 +2278,7 @@ static int hostapd_setup_interface_compl
if (err)
goto fail;
+ hostapd_ubus_add_iface(iface);
wpa_printf(MSG_DEBUG, "Completing interface initialization");
if (iface->freq) {
#ifdef NEED_AP_MLME
@@ -2494,6 +2498,7 @@ dfs_offload:
fail:
wpa_printf(MSG_ERROR, "Interface initialization failed");
+ hostapd_ubus_free_iface(iface);
if (iface->is_no_ir) {
hostapd_set_state(iface, HAPD_IFACE_NO_IR);
@@ -2984,6 +2989,7 @@ void hostapd_interface_deinit_free(struc
(unsigned int) iface->conf->num_bss);
driver = iface->bss[0]->driver;
drv_priv = iface->bss[0]->drv_priv;
+ hostapd_ubus_free_iface(iface);
hostapd_interface_deinit(iface);
wpa_printf(MSG_DEBUG, "%s: driver=%p drv_priv=%p -> hapd_deinit",
__func__, driver, drv_priv);
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -2786,7 +2786,7 @@ static void handle_auth(struct hostapd_d
u16 auth_alg, auth_transaction, status_code;
u16 resp = WLAN_STATUS_SUCCESS;
struct sta_info *sta = NULL;
- int res, reply_res;
+ int res, reply_res, ubus_resp;
u16 fc;
const u8 *challenge = NULL;
u8 resp_ies[2 + WLAN_AUTH_CHALLENGE_LEN];
@@ -2795,6 +2795,11 @@ static void handle_auth(struct hostapd_d
struct radius_sta rad_info;
const u8 *dst, *sa, *bssid;
bool mld_sta = false;
+ struct hostapd_ubus_request req = {
+ .type = HOSTAPD_UBUS_AUTH_REQ,
+ .mgmt_frame = mgmt,
+ .ssi_signal = rssi,
+ };
if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) {
wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)",
@@ -2986,6 +2991,13 @@ static void handle_auth(struct hostapd_d
resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
goto fail;
}
+ ubus_resp = hostapd_ubus_handle_event(hapd, &req);
+ if (0 && ubus_resp) {
+ wpa_printf(MSG_DEBUG, "Station " MACSTR " rejected by ubus handler.\n",
+ MAC2STR(mgmt->sa));
+ resp = ubus_resp > 0 ? (u16) ubus_resp : WLAN_STATUS_UNSPECIFIED_FAILURE;
+ goto fail;
+ }
if (res == HOSTAPD_ACL_PENDING)
return;
@@ -5161,7 +5173,7 @@ static void handle_assoc(struct hostapd_
int resp = WLAN_STATUS_SUCCESS;
u16 reply_res = WLAN_STATUS_UNSPECIFIED_FAILURE;
const u8 *pos;
- int left, i;
+ int left, i, ubus_resp;
struct sta_info *sta;
u8 *tmp = NULL;
#ifdef CONFIG_FILS
@@ -5374,6 +5386,11 @@ static void handle_assoc(struct hostapd_
left = res;
}
#endif /* CONFIG_FILS */
+ struct hostapd_ubus_request req = {
+ .type = HOSTAPD_UBUS_ASSOC_REQ,
+ .mgmt_frame = mgmt,
+ .ssi_signal = rssi,
+ };
/* followed by SSID and Supported rates; and HT capabilities if 802.11n
* is used */
@@ -5472,6 +5489,13 @@ static void handle_assoc(struct hostapd_
}
#endif /* CONFIG_FILS */
+ ubus_resp = hostapd_ubus_handle_event(hapd, &req);
+ if (0 && ubus_resp) {
+ wpa_printf(MSG_DEBUG, "Station " MACSTR " assoc rejected by ubus handler.\n",
+ MAC2STR(mgmt->sa));
+ resp = ubus_resp > 0 ? (u16) ubus_resp : WLAN_STATUS_UNSPECIFIED_FAILURE;
+ goto fail;
+ }
fail:
/*
@@ -5753,6 +5777,7 @@ static void handle_disassoc(struct hosta
(unsigned long) len);
return;
}
+ hostapd_ubus_notify(hapd, "disassoc", mgmt->sa);
sta = ap_get_sta(hapd, mgmt->sa);
if (!sta) {
@@ -5784,6 +5809,8 @@ static void handle_deauth(struct hostapd
/* Clear the PTKSA cache entries for PASN */
ptksa_cache_flush(hapd->ptksa, mgmt->sa, WPA_CIPHER_NONE);
+ hostapd_ubus_notify(hapd, "deauth", mgmt->sa);
+
sta = ap_get_sta(hapd, mgmt->sa);
if (!sta) {
wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
@@ -1036,6 +1036,12 @@ void handle_probe_req(struct hostapd_dat
u16 csa_offs[2];
size_t csa_offs_len;
struct radius_sta rad_info;
+ struct hostapd_ubus_request req = {
+ .type = HOSTAPD_UBUS_PROBE_REQ,
+ .mgmt_frame = mgmt,
+ .ssi_signal = ssi_signal,
+ .elems = &elems,
+ };
if (hapd->iconf->rssi_ignore_probe_request && ssi_signal &&
ssi_signal < hapd->iconf->rssi_ignore_probe_request)
@@ -1222,6 +1228,12 @@ void handle_probe_req(struct hostapd_dat
}
#endif /* CONFIG_P2P */
+ if (hostapd_ubus_handle_event(hapd, &req)) {
+ wpa_printf(MSG_DEBUG, "Probe request for " MACSTR " rejected by ubus handler.\n",
+ MAC2STR(mgmt->sa));
+ return;
+ }
+
/* TODO: verify that supp_rates contains at least one matching rate
* with AP configuration */
--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
@@ -260,6 +260,10 @@ int hostapd_notif_assoc(struct hostapd_d
u16 reason = WLAN_REASON_UNSPECIFIED;
int status = WLAN_STATUS_SUCCESS;
const u8 *p2p_dev_addr = NULL;
+ struct hostapd_ubus_request req = {
+ .type = HOSTAPD_UBUS_ASSOC_REQ,
+ .addr = addr,
+ };
if (addr == NULL) {
/*
@@ -396,6 +400,12 @@ int hostapd_notif_assoc(struct hostapd_d
goto fail;
}
+ if (hostapd_ubus_handle_event(hapd, &req)) {
+ wpa_printf(MSG_DEBUG, "Station " MACSTR " assoc rejected by ubus handler.\n",
+ MAC2STR(req.addr));
+ goto fail;
+ }
+
#ifdef CONFIG_P2P
if (elems.p2p) {
wpabuf_free(sta->p2p_ie);
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
@@ -471,6 +471,7 @@ void ap_handle_timer(void *eloop_ctx, vo
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_INFO, "deauthenticated due to "
"local deauth request");
+ hostapd_ubus_notify(hapd, "local-deauth", sta->addr);
ap_free_sta(hapd, sta);
return;
}
@@ -626,6 +627,7 @@ skip_poll:
mlme_deauthenticate_indication(
hapd, sta,
WLAN_REASON_PREV_AUTH_NOT_VALID);
+ hostapd_ubus_notify(hapd, "inactive-deauth", sta->addr);
ap_free_sta(hapd, sta);
break;
}
@@ -1344,15 +1346,28 @@ void ap_sta_set_authorized(struct hostap
sta->addr, authorized, dev_addr);
if (authorized) {
+ static const char * const auth_algs[] = {
+ [WLAN_AUTH_OPEN] = "open",
+ [WLAN_AUTH_SHARED_KEY] = "shared",
+ [WLAN_AUTH_FT] = "ft",
+ [WLAN_AUTH_SAE] = "sae",
+ [WLAN_AUTH_FILS_SK] = "fils-sk",
+ [WLAN_AUTH_FILS_SK_PFS] = "fils-sk-pfs",
+ [WLAN_AUTH_FILS_PK] = "fils-pk",
+ [WLAN_AUTH_PASN] = "pasn",
+ };
+ const char *auth_alg = NULL;
const u8 *dpp_pkhash;
const char *keyid;
char dpp_pkhash_buf[100];
char keyid_buf[100];
char ip_addr[100];
+ char alg_buf[100];
dpp_pkhash_buf[0] = '\0';
keyid_buf[0] = '\0';
ip_addr[0] = '\0';
+ alg_buf[0] = '\0';
#ifdef CONFIG_P2P
if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) {
os_snprintf(ip_addr, sizeof(ip_addr),
@@ -1362,6 +1377,13 @@ void ap_sta_set_authorized(struct hostap
}
#endif /* CONFIG_P2P */
+ if (sta->auth_alg < ARRAY_SIZE(auth_algs))
+ auth_alg = auth_algs[sta->auth_alg];
+
+ if (auth_alg)
+ os_snprintf(alg_buf, sizeof(alg_buf),
+ " auth_alg=%s", auth_alg);
+
keyid = ap_sta_wpa_get_keyid(hapd, sta);
if (keyid) {
os_snprintf(keyid_buf, sizeof(keyid_buf),
@@ -1380,17 +1402,19 @@ void ap_sta_set_authorized(struct hostap
dpp_pkhash, SHA256_MAC_LEN);
}
- wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s%s%s",
- buf, ip_addr, keyid_buf, dpp_pkhash_buf);
+ hostapd_ubus_notify_authorized(hapd, sta);
+ wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s%s%s%s",
+ buf, ip_addr, keyid_buf, dpp_pkhash_buf, alg_buf);
if (hapd->msg_ctx_parent &&
hapd->msg_ctx_parent != hapd->msg_ctx)
wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO,
- AP_STA_CONNECTED "%s%s%s%s",
+ AP_STA_CONNECTED "%s%s%s%s%s",
buf, ip_addr, keyid_buf,
- dpp_pkhash_buf);
+ dpp_pkhash_buf, alg_buf);
} else {
wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf);
+ hostapd_ubus_notify(hapd, "disassoc", sta->addr);
if (hapd->msg_ctx_parent &&
hapd->msg_ctx_parent != hapd->msg_ctx)
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
@@ -269,6 +269,7 @@ static void hostapd_wpa_auth_psk_failure
struct hostapd_data *hapd = ctx;
wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_POSSIBLE_PSK_MISMATCH MACSTR,
MAC2STR(addr));
+ hostapd_ubus_notify(hapd, "key-mismatch", addr);
}
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -192,6 +192,13 @@ ifdef CONFIG_EAPOL_TEST
CFLAGS += -Werror -DEAPOL_TEST
endif
+ifdef CONFIG_UBUS
+CFLAGS += -DUBUS_SUPPORT
+OBJS += ubus.o
+OBJS += ../src/utils/uloop.o
+LIBS += -lubox -lubus
+endif
+
ifdef CONFIG_CODE_COVERAGE
CFLAGS += -O0 -fprofile-arcs -ftest-coverage
LIBS += -lgcov
@@ -987,6 +994,9 @@ ifdef CONFIG_CTRL_IFACE_MIB
CFLAGS += -DCONFIG_CTRL_IFACE_MIB
endif
OBJS += ../src/ap/ctrl_iface_ap.o
+ifdef CONFIG_UBUS
+OBJS += ../src/ap/ubus.o
+endif
endif
CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -7593,6 +7593,8 @@ struct wpa_supplicant * wpa_supplicant_a
}
#endif /* CONFIG_P2P */
+ wpas_ubus_add_bss(wpa_s);
+
return wpa_s;
}
@@ -7619,6 +7621,8 @@ int wpa_supplicant_remove_iface(struct w
struct wpa_supplicant *parent = wpa_s->parent;
#endif /* CONFIG_MESH */
+ wpas_ubus_free_bss(wpa_s);
+
/* Remove interface from the global list of interfaces */
prev = global->ifaces;
if (prev == wpa_s) {
@@ -7965,8 +7969,12 @@ int wpa_supplicant_run(struct wpa_global
eloop_register_signal_terminate(wpa_supplicant_terminate, global);
eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
+ wpas_ubus_add(global);
+
eloop_run();
+ wpas_ubus_free(global);
+
return 0;
}
--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
@@ -21,6 +21,7 @@
#include "config_ssid.h"
#include "wmm_ac.h"
#include "pasn/pasn_common.h"
+#include "ubus.h"
extern const char *const wpa_supplicant_version;
extern const char *const wpa_supplicant_license;
@@ -319,6 +320,8 @@ struct wpa_global {
#endif /* CONFIG_WIFI_DISPLAY */
struct psk_list_entry *add_psk; /* From group formation */
+
+ struct ubus_object ubus_global;
};
@@ -685,6 +688,7 @@ struct wpa_supplicant {
unsigned char own_addr[ETH_ALEN];
unsigned char perm_addr[ETH_ALEN];
char ifname[100];
+ struct wpas_ubus_bss ubus;
#ifdef CONFIG_MATCH_IFACE
int matched;
#endif /* CONFIG_MATCH_IFACE */
--- a/wpa_supplicant/wps_supplicant.c
+++ b/wpa_supplicant/wps_supplicant.c
@@ -33,6 +33,7 @@
#include "p2p/p2p.h"
#include "p2p_supplicant.h"
#include "wps_supplicant.h"
+#include "ubus.h"
#ifndef WPS_PIN_SCAN_IGNORE_SEL_REG
@@ -402,6 +403,8 @@ static int wpa_supplicant_wps_cred(void
wpa_hexdump_key(MSG_DEBUG, "WPS: Received Credential attribute",
cred->cred_attr, cred->cred_attr_len);
+ wpas_ubus_notify(wpa_s, cred);
+
if (wpa_s->conf->wps_cred_processing == 1)
return 0;
--- a/wpa_supplicant/main.c
+++ b/wpa_supplicant/main.c
@@ -203,7 +203,7 @@ int main(int argc, char *argv[])
for (;;) {
c = getopt(argc, argv,
- "b:Bc:C:D:de:f:g:G:hi:I:KLMm:No:O:p:P:qsTtuv::W");
+ "b:Bc:C:D:de:f:g:G:hi:I:KLMm:nNo:O:p:P:qsTtuv::W");
if (c < 0)
break;
switch (c) {
@@ -268,6 +268,9 @@ int main(int argc, char *argv[])
params.conf_p2p_dev = optarg;
break;
#endif /* CONFIG_P2P */
+ case 'n':
+ iface_count = 0;
+ break;
case 'o':
params.override_driver = optarg;
break;
--- a/src/ap/rrm.c
+++ b/src/ap/rrm.c
@@ -89,6 +89,9 @@ static void hostapd_handle_beacon_report
return;
wpa_msg(hapd->msg_ctx, MSG_INFO, BEACON_RESP_RX MACSTR " %u %02x %s",
MAC2STR(addr), token, rep_mode, report);
+ if (len < sizeof(struct rrm_measurement_beacon_report))
+ return;
+ hostapd_ubus_notify_beacon_report(hapd, addr, token, rep_mode, (struct rrm_measurement_beacon_report*) pos, len);
}
--- a/src/ap/vlan_init.c
+++ b/src/ap/vlan_init.c
@@ -22,6 +22,7 @@
static int vlan_if_add(struct hostapd_data *hapd, struct hostapd_vlan *vlan,
int existsok)
{
+ bool vlan_exists = iface_exists(vlan->ifname);
int ret;
#ifdef CONFIG_WEP
int i;
@@ -36,7 +37,7 @@ static int vlan_if_add(struct hostapd_da
}
#endif /* CONFIG_WEP */
- if (!iface_exists(vlan->ifname))
+ if (!vlan_exists)
ret = hostapd_vlan_if_add(hapd, vlan->ifname);
else if (!existsok)
return -1;
@@ -51,6 +52,9 @@ static int vlan_if_add(struct hostapd_da
if (hapd->wpa_auth)
ret = wpa_auth_ensure_group(hapd->wpa_auth, vlan->vlan_id);
+ if (!ret && !vlan_exists)
+ hostapd_ubus_add_vlan(hapd, vlan);
+
if (ret == 0)
return ret;
@@ -77,6 +81,8 @@ int vlan_if_remove(struct hostapd_data *
"WPA deinitialization for VLAN %d failed (%d)",
vlan->vlan_id, ret);
+ hostapd_ubus_remove_vlan(hapd, vlan);
+
return hostapd_vlan_if_remove(hapd, vlan->ifname);
}
--- a/src/ap/dfs.c
+++ b/src/ap/dfs.c
@@ -1216,6 +1216,8 @@ int hostapd_dfs_pre_cac_expired(struct h
"freq=%d ht_enabled=%d chan_offset=%d chan_width=%d cf1=%d cf2=%d",
freq, ht_enabled, chan_offset, chan_width, cf1, cf2);
+ hostapd_ubus_notify_radar_detected(iface, freq, chan_width, cf1, cf2);
+
/* Proceed only if DFS is not offloaded to the driver */
if (iface->drv_flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD)
return 0;
--- a/src/ap/airtime_policy.c
+++ b/src/ap/airtime_policy.c
@@ -112,8 +112,14 @@ static void set_sta_weights(struct hosta
{
struct sta_info *sta;
- for (sta = hapd->sta_list; sta; sta = sta->next)
- sta_set_airtime_weight(hapd, sta, weight);
+ for (sta = hapd->sta_list; sta; sta = sta->next) {
+ unsigned int sta_weight = weight;
+
+ if (sta->dyn_airtime_weight)
+ sta_weight = (weight * sta->dyn_airtime_weight) / 256;
+
+ sta_set_airtime_weight(hapd, sta, sta_weight);
+ }
}
@@ -244,7 +250,10 @@ int airtime_policy_new_sta(struct hostap
unsigned int weight;
if (hapd->iconf->airtime_mode == AIRTIME_MODE_STATIC) {
- weight = get_weight_for_sta(hapd, sta->addr);
+ if (sta->dyn_airtime_weight)
+ weight = sta->dyn_airtime_weight;
+ else
+ weight = get_weight_for_sta(hapd, sta->addr);
if (weight)
return sta_set_airtime_weight(hapd, sta, weight);
}
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
@@ -322,6 +322,7 @@ struct sta_info {
#endif /* CONFIG_TESTING_OPTIONS */
#ifdef CONFIG_AIRTIME_POLICY
unsigned int airtime_weight;
+ unsigned int dyn_airtime_weight;
struct os_reltime backlogged_until;
#endif /* CONFIG_AIRTIME_POLICY */
--- a/src/ap/wnm_ap.c
+++ b/src/ap/wnm_ap.c
@@ -455,7 +455,8 @@ static void ieee802_11_rx_bss_trans_mgmt
MAC2STR(addr), reason, hex ? " neighbor=" : "", hex);
os_free(hex);
- ieee802_11_send_bss_trans_mgmt_request(hapd, addr, dialog_token);
+ if (!hostapd_ubus_notify_bss_transition_query(hapd, addr, dialog_token, reason, pos, end - pos))
+ ieee802_11_send_bss_trans_mgmt_request(hapd, addr, dialog_token);
}
@@ -477,7 +478,7 @@ static void ieee802_11_rx_bss_trans_mgmt
size_t len)
{
u8 dialog_token, status_code, bss_termination_delay;
- const u8 *pos, *end;
+ const u8 *pos, *end, *target_bssid = NULL;
int enabled = hapd->conf->bss_transition;
struct sta_info *sta;
@@ -524,6 +525,7 @@ static void ieee802_11_rx_bss_trans_mgmt
wpa_printf(MSG_DEBUG, "WNM: not enough room for Target BSSID field");
return;
}
+ target_bssid = pos;
sta->agreed_to_steer = 1;
eloop_cancel_timeout(ap_sta_reset_steer_flag_timer, hapd, sta);
eloop_register_timeout(2, 0, ap_sta_reset_steer_flag_timer,
@@ -543,6 +545,10 @@ static void ieee802_11_rx_bss_trans_mgmt
MAC2STR(addr), status_code, bss_termination_delay);
}
+ hostapd_ubus_notify_bss_transition_response(hapd, sta->addr, dialog_token,
+ status_code, bss_termination_delay,
+ target_bssid, pos, end - pos);
+
wpa_hexdump(MSG_DEBUG, "WNM: BSS Transition Candidate List Entries",
pos, end - pos);
}
--- a/src/utils/eloop.c
+++ b/src/utils/eloop.c
@@ -77,6 +77,9 @@ struct eloop_sock_table {
struct eloop_data {
int max_sock;
+ eloop_timeout_poll_handler timeout_poll_cb;
+ eloop_poll_handler poll_cb;
+
size_t count; /* sum of all table counts */
#ifdef CONFIG_ELOOP_POLL
size_t max_pollfd_map; /* number of pollfds_map currently allocated */
@@ -1121,6 +1124,12 @@ void eloop_run(void)
os_reltime_sub(&timeout->time, &now, &tv);
else
tv.sec = tv.usec = 0;
+ }
+
+ if (eloop.timeout_poll_cb && eloop.timeout_poll_cb(&tv, !!timeout))
+ timeout = (void *)1;
+
+ if (timeout) {
#if defined(CONFIG_ELOOP_POLL) || defined(CONFIG_ELOOP_EPOLL)
timeout_ms = tv.sec * 1000 + tv.usec / 1000;
#endif /* defined(CONFIG_ELOOP_POLL) || defined(CONFIG_ELOOP_EPOLL) */
@@ -1190,7 +1199,8 @@ void eloop_run(void)
eloop.exceptions.changed = 0;
eloop_process_pending_signals();
-
+ if (eloop.poll_cb)
+ eloop.poll_cb();
/* check if some registered timeouts have occurred */
timeout = dl_list_first(&eloop.timeout, struct eloop_timeout,
@@ -1252,6 +1262,14 @@ out:
return;
}
+int eloop_register_cb(eloop_poll_handler poll_cb,
+ eloop_timeout_poll_handler timeout_cb)
+{
+ eloop.poll_cb = poll_cb;
+ eloop.timeout_poll_cb = timeout_cb;
+
+ return 0;
+}
void eloop_terminate(void)
{
--- a/src/utils/eloop.h
+++ b/src/utils/eloop.h
@@ -65,6 +65,9 @@ typedef void (*eloop_timeout_handler)(vo
*/
typedef void (*eloop_signal_handler)(int sig, void *signal_ctx);
+typedef bool (*eloop_timeout_poll_handler)(struct os_reltime *tv, bool tv_set);
+typedef void (*eloop_poll_handler)(void);
+
/**
* eloop_init() - Initialize global event loop data
* Returns: 0 on success, -1 on failure
@@ -73,6 +76,9 @@ typedef void (*eloop_signal_handler)(int
*/
int eloop_init(void);
+int eloop_register_cb(eloop_poll_handler poll_cb,
+ eloop_timeout_poll_handler timeout_cb);
+
/**
* eloop_register_read_sock - Register handler for read events
* @sock: File descriptor number for the socket
@@ -320,6 +326,8 @@ int eloop_register_signal_reconfig(eloop
*/
int eloop_sock_requeue(void);
+void eloop_add_uloop(void);
+
/**
* eloop_run - Start the event loop
*
--- /dev/null
+++ b/src/utils/uloop.c
@@ -0,0 +1,64 @@
+#include <libubox/uloop.h>
+#include "includes.h"
+#include "common.h"
+#include "eloop.h"
+
+static void eloop_uloop_event_cb(int sock, void *eloop_ctx, void *sock_ctx)
+{
+}
+
+static void eloop_uloop_fd_cb(struct uloop_fd *fd, unsigned int events)
+{
+ unsigned int changed = events ^ fd->flags;
+
+ if (changed & ULOOP_READ) {
+ if (events & ULOOP_READ)
+ eloop_register_sock(fd->fd, EVENT_TYPE_READ, eloop_uloop_event_cb, fd, fd);
+ else
+ eloop_unregister_sock(fd->fd, EVENT_TYPE_READ);
+ }
+
+ if (changed & ULOOP_WRITE) {
+ if (events & ULOOP_WRITE)
+ eloop_register_sock(fd->fd, EVENT_TYPE_WRITE, eloop_uloop_event_cb, fd, fd);
+ else
+ eloop_unregister_sock(fd->fd, EVENT_TYPE_WRITE);
+ }
+}
+
+static bool uloop_timeout_poll_handler(struct os_reltime *tv, bool tv_set)
+{
+ struct os_reltime tv_uloop;
+ int timeout_ms = uloop_get_next_timeout();
+
+ if (timeout_ms < 0)
+ return false;
+
+ tv_uloop.sec = timeout_ms / 1000;
+ tv_uloop.usec = (timeout_ms % 1000) * 1000;
+
+ if (!tv_set || os_reltime_before(&tv_uloop, tv)) {
+ *tv = tv_uloop;
+ return true;
+ }
+
+ return false;
+}
+
+static void uloop_poll_handler(void)
+{
+ uloop_run_timeout(0);
+}
+
+void eloop_add_uloop(void)
+{
+ static bool init_done = false;
+
+ if (!init_done) {
+ uloop_init();
+ uloop_fd_set_cb = eloop_uloop_fd_cb;
+ init_done = true;
+ }
+
+ eloop_register_cb(uloop_poll_handler, uloop_timeout_poll_handler);
+}

723
feeds/hostapd/hostapd/patches/601-ucode_support.patch
View File

@@ -1,723 +0,0 @@
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -168,9 +168,21 @@ OBJS += ../src/eapol_auth/eapol_auth_sm.
ifdef CONFIG_UBUS
CFLAGS += -DUBUS_SUPPORT
-OBJS += ../src/utils/uloop.o
OBJS += ../src/ap/ubus.o
-LIBS += -lubox -lubus
+LIBS += -lubus
+NEED_ULOOP:=y
+endif
+
+ifdef CONFIG_UCODE
+CFLAGS += -DUCODE_SUPPORT
+OBJS += ../src/utils/ucode.o
+OBJS += ../src/ap/ucode.o
+NEED_ULOOP:=y
+endif
+
+ifdef NEED_ULOOP
+OBJS += ../src/utils/uloop.o
+LIBS += -lubox
endif
ifdef CONFIG_CODE_COVERAGE
--- a/hostapd/main.c
+++ b/hostapd/main.c
@@ -1007,6 +1007,7 @@ int main(int argc, char *argv[])
}
hostapd_global_ctrl_iface_init(&interfaces);
+ hostapd_ucode_init(&interfaces);
if (hostapd_global_run(&interfaces, daemonize, pid_file)) {
wpa_printf(MSG_ERROR, "Failed to start eloop");
@@ -1016,6 +1017,7 @@ int main(int argc, char *argv[])
ret = 0;
out:
+ hostapd_ucode_free();
hostapd_global_ctrl_iface_deinit(&interfaces);
/* Deinitialize all interfaces */
for (i = 0; i < interfaces.count; i++) {
--- a/src/ap/hostapd.h
+++ b/src/ap/hostapd.h
@@ -19,6 +19,7 @@
#include "ap_config.h"
#include "drivers/driver.h"
#include "ubus.h"
+#include "ucode.h"
#define OCE_STA_CFON_ENABLED(hapd) \
((hapd->conf->oce & OCE_STA_CFON) && \
@@ -51,6 +52,10 @@ struct hapd_interfaces {
struct hostapd_config * (*config_read_cb)(const char *config_fname);
int (*ctrl_iface_init)(struct hostapd_data *hapd);
void (*ctrl_iface_deinit)(struct hostapd_data *hapd);
+ int (*ctrl_iface_recv)(struct hostapd_data *hapd,
+ char *buf, char *reply, int reply_size,
+ struct sockaddr_storage *from,
+ socklen_t fromlen);
int (*for_each_interface)(struct hapd_interfaces *interfaces,
int (*cb)(struct hostapd_iface *iface,
void *ctx), void *ctx);
@@ -186,6 +191,7 @@ struct hostapd_data {
struct hostapd_config *iconf;
struct hostapd_bss_config *conf;
struct hostapd_ubus_bss ubus;
+ struct hostapd_ucode_bss ucode;
int interface_added; /* virtual interface added for this BSS */
unsigned int started:1;
unsigned int disabled:1;
@@ -506,6 +512,7 @@ struct hostapd_sta_info {
*/
struct hostapd_iface {
struct hapd_interfaces *interfaces;
+ struct hostapd_ucode_iface ucode;
void *owner;
char *config_fname;
struct hostapd_config *conf;
@@ -706,6 +713,8 @@ struct hostapd_iface * hostapd_init(stru
struct hostapd_iface *
hostapd_interface_init_bss(struct hapd_interfaces *interfaces, const char *phy,
const char *config_fname, int debug);
+int hostapd_setup_bss(struct hostapd_data *hapd, int first, bool start_beacon);
+void hostapd_bss_deinit(struct hostapd_data *hapd);
void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta,
int reassoc);
void hostapd_interface_deinit_free(struct hostapd_iface *iface);
@@ -732,6 +741,7 @@ hostapd_switch_channel_fallback(struct h
void hostapd_cleanup_cs_params(struct hostapd_data *hapd);
void hostapd_periodic_iface(struct hostapd_iface *iface);
int hostapd_owe_trans_get_info(struct hostapd_data *hapd);
+void hostapd_owe_update_trans(struct hostapd_iface *iface);
void hostapd_ocv_check_csa_sa_query(void *eloop_ctx, void *timeout_ctx);
void hostapd_switch_color(struct hostapd_data *hapd, u64 bitmap);
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -252,6 +252,8 @@ int hostapd_reload_config(struct hostapd
struct hostapd_config *newconf, *oldconf;
size_t j;
+ hostapd_ucode_reload_bss(hapd);
+
if (iface->config_fname == NULL) {
/* Only in-memory config in use - assume it has been updated */
hostapd_clear_old(iface);
@@ -435,6 +437,7 @@ void hostapd_free_hapd_data(struct hosta
hapd->beacon_set_done = 0;
wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface);
+ hostapd_ucode_free_bss(hapd);
hostapd_ubus_free_bss(hapd);
accounting_deinit(hapd);
hostapd_deinit_wpa(hapd);
@@ -538,7 +541,7 @@ void hostapd_free_hapd_data(struct hosta
* Most of the modules that are initialized in hostapd_setup_bss() are
* deinitialized here.
*/
-static void hostapd_cleanup(struct hostapd_data *hapd)
+void hostapd_cleanup(struct hostapd_data *hapd)
{
wpa_printf(MSG_DEBUG, "%s(hapd=%p (%s))", __func__, hapd,
hapd->conf ? hapd->conf->iface : "N/A");
@@ -600,6 +603,7 @@ void hostapd_cleanup_iface_partial(struc
static void hostapd_cleanup_iface(struct hostapd_iface *iface)
{
wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface);
+ hostapd_ucode_free_iface(iface);
eloop_cancel_timeout(hostapd_interface_setup_failure_handler, iface,
NULL);
@@ -1189,6 +1193,7 @@ static int hostapd_start_beacon(struct h
hapd->driver->set_operstate(hapd->drv_priv, 1);
hostapd_ubus_add_bss(hapd);
+ hostapd_ucode_add_bss(hapd);
return 0;
}
@@ -1211,7 +1216,7 @@ static int hostapd_start_beacon(struct h
* initialized. Most of the modules that are initialized here will be
* deinitialized in hostapd_cleanup().
*/
-static int hostapd_setup_bss(struct hostapd_data *hapd, int first,
+int hostapd_setup_bss(struct hostapd_data *hapd, int first,
bool start_beacon)
{
struct hostapd_bss_config *conf = hapd->conf;
@@ -2237,7 +2242,7 @@ static int hostapd_owe_iface_iter2(struc
#endif /* CONFIG_OWE */
-static void hostapd_owe_update_trans(struct hostapd_iface *iface)
+void hostapd_owe_update_trans(struct hostapd_iface *iface)
{
#ifdef CONFIG_OWE
/* Check whether the enabled BSS can complete OWE transition mode
@@ -2698,7 +2703,7 @@ hostapd_alloc_bss_data(struct hostapd_if
}
-static void hostapd_bss_deinit(struct hostapd_data *hapd)
+void hostapd_bss_deinit(struct hostapd_data *hapd)
{
if (!hapd)
return;
@@ -3491,7 +3496,8 @@ int hostapd_remove_iface(struct hapd_int
hapd_iface = interfaces->iface[i];
if (hapd_iface == NULL)
return -1;
- if (!os_strcmp(hapd_iface->conf->bss[0]->iface, buf)) {
+ if (!os_strcmp(hapd_iface->phy, buf) ||
+ !os_strcmp(hapd_iface->conf->bss[0]->iface, buf)) {
wpa_printf(MSG_INFO, "Remove interface '%s'", buf);
hapd_iface->driver_ap_teardown =
!!(hapd_iface->drv_flags &
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -195,8 +195,20 @@ endif
ifdef CONFIG_UBUS
CFLAGS += -DUBUS_SUPPORT
OBJS += ubus.o
+LIBS += -lubus
+NEED_ULOOP:=y
+endif
+
+ifdef CONFIG_UCODE
+CFLAGS += -DUCODE_SUPPORT
+OBJS += ../src/utils/ucode.o
+OBJS += ucode.o
+NEED_ULOOP:=y
+endif
+
+ifdef NEED_ULOOP
OBJS += ../src/utils/uloop.o
-LIBS += -lubox -lubus
+LIBS += -lubox
endif
ifdef CONFIG_CODE_COVERAGE
@@ -997,6 +1009,9 @@ OBJS += ../src/ap/ctrl_iface_ap.o
ifdef CONFIG_UBUS
OBJS += ../src/ap/ubus.o
endif
+ifdef CONFIG_UCODE
+OBJS += ../src/ap/ucode.o
+endif
endif
CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -1044,6 +1044,7 @@ void wpa_supplicant_set_state(struct wpa
sme_sched_obss_scan(wpa_s, 0);
}
wpa_s->wpa_state = state;
+ wpas_ucode_update_state(wpa_s);
#ifdef CONFIG_BGSCAN
if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid)
@@ -7594,6 +7595,7 @@ struct wpa_supplicant * wpa_supplicant_a
#endif /* CONFIG_P2P */
wpas_ubus_add_bss(wpa_s);
+ wpas_ucode_add_bss(wpa_s);
return wpa_s;
}
@@ -7621,6 +7623,7 @@ int wpa_supplicant_remove_iface(struct w
struct wpa_supplicant *parent = wpa_s->parent;
#endif /* CONFIG_MESH */
+ wpas_ucode_free_bss(wpa_s);
wpas_ubus_free_bss(wpa_s);
/* Remove interface from the global list of interfaces */
@@ -7931,6 +7934,7 @@ struct wpa_global * wpa_supplicant_init(
eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
wpas_periodic, global, NULL);
+ wpas_ucode_init(global);
return global;
}
@@ -7969,12 +7973,8 @@ int wpa_supplicant_run(struct wpa_global
eloop_register_signal_terminate(wpa_supplicant_terminate, global);
eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
- wpas_ubus_add(global);
-
eloop_run();
- wpas_ubus_free(global);
-
return 0;
}
@@ -8007,6 +8007,8 @@ void wpa_supplicant_deinit(struct wpa_gl
wpas_notify_supplicant_deinitialized(global);
+ wpas_ucode_free();
+
eap_peer_unregister_methods();
#ifdef CONFIG_AP
eap_server_unregister_methods();
--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
@@ -22,6 +22,7 @@
#include "wmm_ac.h"
#include "pasn/pasn_common.h"
#include "ubus.h"
+#include "ucode.h"
extern const char *const wpa_supplicant_version;
extern const char *const wpa_supplicant_license;
@@ -689,6 +690,7 @@ struct wpa_supplicant {
unsigned char perm_addr[ETH_ALEN];
char ifname[100];
struct wpas_ubus_bss ubus;
+ struct wpas_ucode_bss ucode;
#ifdef CONFIG_MATCH_IFACE
int matched;
#endif /* CONFIG_MATCH_IFACE */
--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
@@ -4856,6 +4856,7 @@ try_again:
return -1;
}
+ interface->ctrl_iface_recv = hostapd_ctrl_iface_receive_process;
wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
return 0;
@@ -4957,6 +4958,7 @@ fail:
os_free(fname);
interface->global_ctrl_sock = s;
+ interface->ctrl_iface_recv = hostapd_ctrl_iface_receive_process;
eloop_register_read_sock(s, hostapd_global_ctrl_iface_receive,
interface, NULL);
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -3787,6 +3787,25 @@ struct wpa_driver_ops {
const char *ifname);
/**
+ * if_rename - Rename a virtual interface
+ * @priv: Private driver interface data
+ * @type: Interface type
+ * @ifname: Interface name of the virtual interface to be renamed
+ * (NULL when renaming the AP BSS interface)
+ * @new_name: New interface name of the virtual interface
+ * Returns: 0 on success, -1 on failure
+ */
+ int (*if_rename)(void *priv, enum wpa_driver_if_type type,
+ const char *ifname, const char *new_name);
+
+ /**
+ * set_first_bss - Make a virtual interface the first (primary) bss
+ * @priv: Private driver interface data
+ * Returns: 0 on success, -1 on failure
+ */
+ int (*set_first_bss)(void *priv);
+
+ /**
* set_sta_vlan - Bind a station into a specific interface (AP only)
* @priv: Private driver interface data
* @ifname: Interface (main or virtual BSS or VLAN)
@@ -6440,6 +6459,7 @@ union wpa_event_data {
/**
* struct ch_switch
+ * @count: Count until channel switch activates
* @freq: Frequency of new channel in MHz
* @ht_enabled: Whether this is an HT channel
* @ch_offset: Secondary channel offset
@@ -6450,6 +6470,7 @@ union wpa_event_data {
* @punct_bitmap: Puncturing bitmap
*/
struct ch_switch {
+ int count;
int freq;
int ht_enabled;
int ch_offset;
--- a/src/drivers/driver_nl80211_event.c
+++ b/src/drivers/driver_nl80211_event.c
@@ -1202,6 +1202,7 @@ static void mlme_event_ch_switch(struct
struct nlattr *bw, struct nlattr *cf1,
struct nlattr *cf2,
struct nlattr *punct_bitmap,
+ struct nlattr *count,
int finished)
{
struct i802_bss *bss;
@@ -1265,6 +1266,8 @@ static void mlme_event_ch_switch(struct
data.ch_switch.cf1 = nla_get_u32(cf1);
if (cf2)
data.ch_switch.cf2 = nla_get_u32(cf2);
+ if (count)
+ data.ch_switch.count = nla_get_u32(count);
if (finished)
bss->flink->freq = data.ch_switch.freq;
@@ -3912,6 +3915,7 @@ static void do_process_drv_event(struct
tb[NL80211_ATTR_CENTER_FREQ1],
tb[NL80211_ATTR_CENTER_FREQ2],
tb[NL80211_ATTR_PUNCT_BITMAP],
+ tb[NL80211_ATTR_CH_SWITCH_COUNT],
0);
break;
case NL80211_CMD_CH_SWITCH_NOTIFY:
@@ -3924,6 +3928,7 @@ static void do_process_drv_event(struct
tb[NL80211_ATTR_CENTER_FREQ1],
tb[NL80211_ATTR_CENTER_FREQ2],
tb[NL80211_ATTR_PUNCT_BITMAP],
+ NULL,
1);
break;
case NL80211_CMD_DISCONNECT:
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -5389,6 +5389,7 @@ void supplicant_event(void *ctx, enum wp
event_to_string(event), event);
#endif /* CONFIG_NO_STDOUT_DEBUG */
+ wpas_ucode_event(wpa_s, event, data);
switch (event) {
case EVENT_AUTH:
#ifdef CONFIG_FST
--- a/src/ap/ap_drv_ops.h
+++ b/src/ap/ap_drv_ops.h
@@ -393,6 +393,23 @@ static inline int hostapd_drv_stop_ap(st
return hapd->driver->stop_ap(hapd->drv_priv);
}
+static inline int hostapd_drv_if_rename(struct hostapd_data *hapd,
+ enum wpa_driver_if_type type,
+ const char *ifname,
+ const char *new_name)
+{
+ if (!hapd->driver || !hapd->driver->if_rename || !hapd->drv_priv)
+ return -1;
+ return hapd->driver->if_rename(hapd->drv_priv, type, ifname, new_name);
+}
+
+static inline int hostapd_drv_set_first_bss(struct hostapd_data *hapd)
+{
+ if (!hapd->driver || !hapd->driver->set_first_bss || !hapd->drv_priv)
+ return 0;
+ return hapd->driver->set_first_bss(hapd->drv_priv);
+}
+
static inline int hostapd_drv_channel_info(struct hostapd_data *hapd,
struct wpa_channel_info *ci)
{
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -1333,7 +1333,7 @@ static void wpa_driver_nl80211_event_rtm
}
wpa_printf(MSG_DEBUG, "nl80211: Interface down (%s/%s)",
namebuf, ifname);
- if (os_strcmp(drv->first_bss->ifname, ifname) != 0) {
+ if (drv->first_bss->ifindex != ifi->ifi_index) {
wpa_printf(MSG_DEBUG,
"nl80211: Not the main interface (%s) - do not indicate interface down",
drv->first_bss->ifname);
@@ -1369,7 +1369,7 @@ static void wpa_driver_nl80211_event_rtm
}
wpa_printf(MSG_DEBUG, "nl80211: Interface up (%s/%s)",
namebuf, ifname);
- if (os_strcmp(drv->first_bss->ifname, ifname) != 0) {
+ if (drv->first_bss->ifindex != ifi->ifi_index) {
wpa_printf(MSG_DEBUG,
"nl80211: Not the main interface (%s) - do not indicate interface up",
drv->first_bss->ifname);
@@ -8432,6 +8432,7 @@ static void *i802_init(struct hostapd_da
char master_ifname[IFNAMSIZ];
int ifindex, br_ifindex = 0;
int br_added = 0;
+ int err;
bss = wpa_driver_nl80211_drv_init(hapd, params->ifname,
params->global_priv, 1,
@@ -8491,21 +8492,17 @@ static void *i802_init(struct hostapd_da
(params->num_bridge == 0 || !params->bridge[0]))
add_ifidx(drv, br_ifindex, drv->ifindex);
- if (bss->added_if_into_bridge || bss->already_in_bridge) {
- int err;
-
- drv->rtnl_sk = nl_socket_alloc();
- if (drv->rtnl_sk == NULL) {
- wpa_printf(MSG_ERROR, "nl80211: Failed to allocate nl_sock");
- goto failed;
- }
+ drv->rtnl_sk = nl_socket_alloc();
+ if (drv->rtnl_sk == NULL) {
+ wpa_printf(MSG_ERROR, "nl80211: Failed to allocate nl_sock");
+ goto failed;
+ }
- err = nl_connect(drv->rtnl_sk, NETLINK_ROUTE);
- if (err) {
- wpa_printf(MSG_ERROR, "nl80211: Failed to connect nl_sock to NETLINK_ROUTE: %s",
- nl_geterror(err));
- goto failed;
- }
+ err = nl_connect(drv->rtnl_sk, NETLINK_ROUTE);
+ if (err) {
+ wpa_printf(MSG_ERROR, "nl80211: Failed to connect nl_sock to NETLINK_ROUTE: %s",
+ nl_geterror(err));
+ goto failed;
}
if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) {
@@ -8875,6 +8872,50 @@ static int wpa_driver_nl80211_if_remove(
return 0;
}
+static int wpa_driver_nl80211_if_rename(struct i802_bss *bss,
+ enum wpa_driver_if_type type,
+ const char *ifname, const char *new_name)
+{
+ struct wpa_driver_nl80211_data *drv = bss->drv;
+ struct ifinfomsg ifi = {
+ .ifi_family = AF_UNSPEC,
+ .ifi_index = bss->ifindex,
+ };
+ struct nl_msg *msg;
+ int res = -ENOMEM;
+
+ if (ifname)
+ ifi.ifi_index = if_nametoindex(ifname);
+
+ msg = nlmsg_alloc_simple(RTM_SETLINK, 0);
+ if (!msg)
+ return res;
+
+ if (nlmsg_append(msg, &ifi, sizeof(ifi), NLMSG_ALIGNTO) < 0)
+ goto out;
+
+ if (nla_put_string(msg, IFLA_IFNAME, new_name))
+ goto out;
+
+ res = nl_send_auto_complete(drv->rtnl_sk, msg);
+ if (res < 0)
+ goto out;
+
+ res = nl_wait_for_ack(drv->rtnl_sk);
+ if (res) {
+ wpa_printf(MSG_INFO,
+ "nl80211: Renaming device %s to %s failed: %s",
+ ifname ? ifname : bss->ifname, new_name, nl_geterror(res));
+ goto out;
+ }
+
+ if (type == WPA_IF_AP_BSS && !ifname)
+ os_strlcpy(bss->ifname, new_name, sizeof(bss->ifname));
+
+out:
+ nlmsg_free(msg);
+ return res;
+}
static int cookie_handler(struct nl_msg *msg, void *arg)
{
@@ -10513,6 +10554,37 @@ static int driver_nl80211_if_remove(void
}
+static int driver_nl80211_if_rename(void *priv, enum wpa_driver_if_type type,
+ const char *ifname, const char *new_name)
+{
+ struct i802_bss *bss = priv;
+ return wpa_driver_nl80211_if_rename(bss, type, ifname, new_name);
+}
+
+
+static int driver_nl80211_set_first_bss(void *priv)
+{
+ struct i802_bss *bss = priv, *tbss;
+ struct wpa_driver_nl80211_data *drv = bss->drv;
+
+ if (drv->first_bss == bss)
+ return 0;
+
+ for (tbss = drv->first_bss; tbss; tbss = tbss->next) {
+ if (tbss->next != bss)
+ continue;
+
+ tbss->next = bss->next;
+ bss->next = drv->first_bss;
+ drv->first_bss = bss;
+ drv->ctx = bss->ctx;
+ return 0;
+ }
+
+ return -1;
+}
+
+
static int driver_nl80211_send_mlme(void *priv, const u8 *data,
size_t data_len, int noack,
unsigned int freq,
@@ -13697,6 +13769,8 @@ const struct wpa_driver_ops wpa_driver_n
.set_acl = wpa_driver_nl80211_set_acl,
.if_add = wpa_driver_nl80211_if_add,
.if_remove = driver_nl80211_if_remove,
+ .if_rename = driver_nl80211_if_rename,
+ .set_first_bss = driver_nl80211_set_first_bss,
.send_mlme = driver_nl80211_send_mlme,
.get_hw_feature_data = nl80211_get_hw_feature_data,
.sta_add = wpa_driver_nl80211_sta_add,
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -547,11 +547,16 @@ static const char * sae_get_password(str
struct sae_pt **s_pt,
const struct sae_pk **s_pk)
{
+ struct hostapd_bss_config *conf = hapd->conf;
+ struct hostapd_ssid *ssid = &conf->ssid;
+ struct hostapd_sta_wpa_psk_short *psk;
const char *password = NULL;
- struct sae_password_entry *pw;
- struct sae_pt *pt = NULL;
- const struct sae_pk *pk = NULL;
- struct hostapd_sta_wpa_psk_short *psk = NULL;
+ struct sae_password_entry *pw = NULL;
+ struct sae_pt *pt = NULL;
+ const struct sae_pk *pk = NULL;
+
+ if (sta && sta->use_sta_psk)
+ goto use_sta_psk;
for (pw = hapd->conf->sae_passwords; pw; pw = pw->next) {
if (!is_broadcast_ether_addr(pw->peer_addr) &&
@@ -582,6 +587,31 @@ static const char * sae_get_password(str
}
}
+use_sta_psk:
+ if (!password && sta) {
+ for (psk = sta->psk; psk; psk = psk->next) {
+ if (!psk->is_passphrase)
+ continue;
+
+ password = psk->passphrase;
+ if (!sta->use_sta_psk)
+ break;
+
+ if (sta->sae_pt) {
+ pt = sta->sae_pt;
+ break;
+ }
+
+ pt = sae_derive_pt(conf->sae_groups, ssid->ssid,
+ ssid->ssid_len,
+ (const u8 *) password,
+ os_strlen(password),
+ NULL);
+ sta->sae_pt = pt;
+ break;
+ }
+ }
+
if (pw_entry)
*pw_entry = pw;
if (s_pt)
@@ -3105,6 +3135,12 @@ static void handle_auth(struct hostapd_d
goto fail;
}
+ res = hostapd_ucode_sta_auth(hapd, sta);
+ if (res) {
+ resp = res;
+ goto fail;
+ }
+
sta->flags &= ~WLAN_STA_PREAUTH;
ieee802_1x_notify_pre_auth(sta->eapol_sm, 0);
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
@@ -425,6 +425,9 @@ void ap_free_sta(struct hostapd_data *ha
forced_memzero(sta->last_tk, WPA_TK_MAX_LEN);
#endif /* CONFIG_TESTING_OPTIONS */
+ if (sta->sae_pt)
+ sae_deinit_pt(sta->sae_pt);
+
os_free(sta);
}
@@ -1326,6 +1329,8 @@ void ap_sta_set_authorized(struct hostap
sta->flags &= ~WLAN_STA_AUTHORIZED;
}
+ if (authorized)
+ hostapd_ucode_sta_connected(hapd, sta);
#ifdef CONFIG_P2P
if (hapd->p2p_group == NULL) {
if (sta->p2p_ie != NULL &&
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
@@ -198,6 +198,9 @@ struct sta_info {
int vlan_id_bound; /* updated by ap_sta_bind_vlan() */
/* PSKs from RADIUS authentication server */
struct hostapd_sta_wpa_psk_short *psk;
+ struct sae_pt *sae_pt;
+ int use_sta_psk;
+ int psk_idx;
char *identity; /* User-Name from RADIUS */
char *radius_cui; /* Chargeable-User-Identity from RADIUS */
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
@@ -341,6 +341,7 @@ static const u8 * hostapd_wpa_auth_get_p
struct sta_info *sta = ap_get_sta(hapd, addr);
const u8 *psk;
+ sta->psk_idx = 0;
if (vlan_id)
*vlan_id = 0;
if (psk_len)
@@ -387,13 +388,18 @@ static const u8 * hostapd_wpa_auth_get_p
* returned psk which should not be returned again.
* logic list (all hostapd_get_psk; all sta->psk)
*/
+ if (sta && sta->use_sta_psk)
+ psk = NULL;
if (sta && sta->psk && !psk) {
struct hostapd_sta_wpa_psk_short *pos;
+ int psk_idx;
if (vlan_id)
*vlan_id = 0;
psk = sta->psk->psk;
+ sta->psk_idx = psk_idx = 1;
for (pos = sta->psk; pos; pos = pos->next) {
+ psk_idx++;
if (pos->is_passphrase) {
if (pbkdf2_sha1(pos->passphrase,
hapd->conf->ssid.ssid,
@@ -406,10 +412,14 @@ static const u8 * hostapd_wpa_auth_get_p
pos->is_passphrase = 0;
}
if (pos->psk == prev_psk) {
+ sta->psk_idx = psk_idx;
psk = pos->next ? pos->next->psk : NULL;
break;
}
}
+
+ if (!psk)
+ sta->psk_idx = 0;
}
return psk;
}

33
feeds/hostapd/hostapd/patches/610-hostapd_cli_ujail_permission.patch
View File

@@ -1,33 +0,0 @@
--- a/src/common/wpa_ctrl.c
+++ b/src/common/wpa_ctrl.c
@@ -135,7 +135,7 @@ try_again:
return NULL;
}
tries++;
-#ifdef ANDROID
+
/* Set client socket file permissions so that bind() creates the client
* socket with these permissions and there is no need to try to change
* them with chmod() after bind() which would have potential issues with
@@ -147,7 +147,7 @@ try_again:
* operations to allow the response to go through. Those are using the
* no-deference-symlinks version to avoid races. */
fchmod(ctrl->s, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
-#endif /* ANDROID */
+
if (bind(ctrl->s, (struct sockaddr *) &ctrl->local,
sizeof(ctrl->local)) < 0) {
if (errno == EADDRINUSE && tries < 2) {
@@ -165,7 +165,11 @@ try_again:
return NULL;
}
-#ifdef ANDROID
+#ifndef ANDROID
+ /* Set group even if we do not have privileges to change owner */
+ lchown(ctrl->local.sun_path, -1, 101);
+ lchown(ctrl->local.sun_path, 101, 101);
+#else
/* Set group even if we do not have privileges to change owner */
lchown(ctrl->local.sun_path, -1, AID_WIFI);
lchown(ctrl->local.sun_path, AID_SYSTEM, AID_WIFI);

33
feeds/hostapd/hostapd/patches/701-reload_config_inline.patch
View File

@@ -1,33 +0,0 @@
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -4816,7 +4816,12 @@ struct hostapd_config * hostapd_config_r
int errors = 0;
size_t i;
- f = fopen(fname, "r");
+ if (!strncmp(fname, "data:", 5)) {
+ f = fmemopen((void *)(fname + 5), strlen(fname + 5), "r");
+ fname = "<inline>";
+ } else {
+ f = fopen(fname, "r");
+ }
if (f == NULL) {
wpa_printf(MSG_ERROR, "Could not open configuration file '%s' "
"for reading.", fname);
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
@@ -326,8 +326,13 @@ struct wpa_config * wpa_config_read(cons
while (cred_tail && cred_tail->next)
cred_tail = cred_tail->next;
+ if (!strncmp(name, "data:", 5)) {
+ f = fmemopen((void *)(name + 5), strlen(name + 5), "r");
+ name = "<inline>";
+ } else {
+ f = fopen(name, "r");
+ }
wpa_printf(MSG_DEBUG, "Reading configuration file '%s'", name);
- f = fopen(name, "r");
if (f == NULL) {
wpa_printf(MSG_ERROR, "Failed to open config file '%s', "
"error: %s", name, strerror(errno));

22
feeds/hostapd/hostapd/patches/711-wds_bridge_force.patch
View File

@@ -1,22 +0,0 @@
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -2318,6 +2318,8 @@ static int hostapd_config_fill(struct ho
sizeof(conf->bss[0]->iface));
} else if (os_strcmp(buf, "bridge") == 0) {
os_strlcpy(bss->bridge, pos, sizeof(bss->bridge));
+ if (!bss->wds_bridge[0])
+ os_strlcpy(bss->wds_bridge, pos, sizeof(bss->wds_bridge));
} else if (os_strcmp(buf, "bridge_hairpin") == 0) {
bss->bridge_hairpin = atoi(pos);
} else if (os_strcmp(buf, "vlan_bridge") == 0) {
--- a/src/ap/ap_drv_ops.c
+++ b/src/ap/ap_drv_ops.c
@@ -348,8 +348,6 @@ int hostapd_set_wds_sta(struct hostapd_d
return -1;
if (hapd->conf->wds_bridge[0])
bridge = hapd->conf->wds_bridge;
- else if (hapd->conf->bridge[0])
- bridge = hapd->conf->bridge;
return hapd->driver->set_wds_sta(hapd->drv_priv, addr, aid, val,
bridge, ifname_wds);
}

97
feeds/hostapd/hostapd/patches/750-qos_map_set_without_interworking.patch
View File

@@ -1,97 +0,0 @@
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -1604,6 +1604,8 @@ static int parse_anqp_elem(struct hostap
return 0;
}
+#endif /* CONFIG_INTERWORKING */
+
static int parse_qos_map_set(struct hostapd_bss_config *bss,
char *buf, int line)
@@ -1645,8 +1647,6 @@ static int parse_qos_map_set(struct host
return 0;
}
-#endif /* CONFIG_INTERWORKING */
-
#ifdef CONFIG_HS20
static int hs20_parse_conn_capab(struct hostapd_bss_config *bss, char *buf,
@@ -4062,10 +4062,10 @@ static int hostapd_config_fill(struct ho
bss->gas_frag_limit = val;
} else if (os_strcmp(buf, "gas_comeback_delay") == 0) {
bss->gas_comeback_delay = atoi(pos);
+#endif /* CONFIG_INTERWORKING */
} else if (os_strcmp(buf, "qos_map_set") == 0) {
if (parse_qos_map_set(bss, pos, line) < 0)
return 1;
-#endif /* CONFIG_INTERWORKING */
#ifdef CONFIG_RADIUS_TEST
} else if (os_strcmp(buf, "dump_msk_file") == 0) {
os_free(bss->dump_msk_file);
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -1486,6 +1486,7 @@ int hostapd_setup_bss(struct hostapd_dat
wpa_printf(MSG_ERROR, "GAS server initialization failed");
return -1;
}
+#endif /* CONFIG_INTERWORKING */
if (conf->qos_map_set_len &&
hostapd_drv_set_qos_map(hapd, conf->qos_map_set,
@@ -1493,7 +1494,6 @@ int hostapd_setup_bss(struct hostapd_dat
wpa_printf(MSG_ERROR, "Failed to initialize QoS Map");
return -1;
}
-#endif /* CONFIG_INTERWORKING */
if (conf->bss_load_update_period && bss_load_update_init(hapd)) {
wpa_printf(MSG_ERROR, "BSS Load initialization failed");
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -2683,8 +2683,6 @@ void wnm_bss_keep_alive_deinit(struct wp
}
-#ifdef CONFIG_INTERWORKING
-
static int wpas_qos_map_set(struct wpa_supplicant *wpa_s, const u8 *qos_map,
size_t len)
{
@@ -2717,8 +2715,6 @@ static void interworking_process_assoc_r
}
}
-#endif /* CONFIG_INTERWORKING */
-
static void wpa_supplicant_set_4addr_mode(struct wpa_supplicant *wpa_s)
{
@@ -3098,10 +3094,8 @@ static int wpa_supplicant_event_associnf
wnm_process_assoc_resp(wpa_s, data->assoc_info.resp_ies,
data->assoc_info.resp_ies_len);
#endif /* CONFIG_WNM */
-#ifdef CONFIG_INTERWORKING
interworking_process_assoc_resp(wpa_s, data->assoc_info.resp_ies,
data->assoc_info.resp_ies_len);
-#endif /* CONFIG_INTERWORKING */
if (wpa_s->hw_capab == CAPAB_VHT &&
get_ie(data->assoc_info.resp_ies,
data->assoc_info.resp_ies_len, WLAN_EID_VHT_CAP))
--- a/src/ap/ieee802_11_shared.c
+++ b/src/ap/ieee802_11_shared.c
@@ -1116,13 +1116,11 @@ u8 * hostapd_eid_rsnxe(struct hostapd_da
u16 check_ext_capab(struct hostapd_data *hapd, struct sta_info *sta,
const u8 *ext_capab_ie, size_t ext_capab_ie_len)
{
-#ifdef CONFIG_INTERWORKING
/* check for QoS Map support */
if (ext_capab_ie_len >= 5) {
if (ext_capab_ie[4] & 0x01)
sta->qos_map_enabled = 1;
}
-#endif /* CONFIG_INTERWORKING */
if (ext_capab_ie_len > 0) {
sta->ecsa_supported = !!(ext_capab_ie[0] & BIT(2));

113
feeds/hostapd/hostapd/patches/750-wispr.patch
View File

@@ -1,113 +0,0 @@
Index: hostapd-2021-02-20-59e9794c/src/ap/ieee802_1x.c
===================================================================
--- hostapd-2021-02-20-59e9794c.orig/src/ap/ieee802_1x.c
+++ hostapd-2021-02-20-59e9794c/src/ap/ieee802_1x.c
@@ -1904,6 +1904,25 @@ static int ieee802_1x_update_vlan(struct
}
#endif /* CONFIG_NO_VLAN */
+static int ieee802_1x_update_wispr(struct hostapd_data *hapd,
+ struct sta_info *sta,
+ struct radius_msg *msg)
+{
+ memset(sta->bandwidth, 0, sizeof(sta->bandwidth));
+
+ if (radius_msg_get_wispr(msg, &sta->bandwidth))
+ return 0;
+
+ if (!sta->bandwidth[0] && !sta->bandwidth[1])
+ return 0;
+
+ hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
+ HOSTAPD_LEVEL_INFO,
+ "received wispr bandwidth from RADIUS server %d/%d",
+ sta->bandwidth[0], sta->bandwidth[1]);
+
+ return 0;
+}
/**
* ieee802_1x_receive_auth - Process RADIUS frames from Authentication Server
@@ -2029,6 +2048,7 @@ ieee802_1x_receive_auth(struct radius_ms
ieee802_1x_check_hs20(hapd, sta, msg,
session_timeout_set ?
(int) session_timeout : -1);
+ ieee802_1x_update_wispr(hapd, sta, msg);
break;
case RADIUS_CODE_ACCESS_REJECT:
sm->eap_if->aaaFail = true;
Index: hostapd-2021-02-20-59e9794c/src/ap/sta_info.h
===================================================================
--- hostapd-2021-02-20-59e9794c.orig/src/ap/sta_info.h
+++ hostapd-2021-02-20-59e9794c/src/ap/sta_info.h
@@ -117,6 +117,7 @@ struct sta_info {
u8 supported_rates[WLAN_SUPP_RATES_MAX];
int supported_rates_len;
u8 qosinfo; /* Valid when WLAN_STA_WMM is set */
+ u32 bandwidth[2];
#ifdef CONFIG_MESH
enum mesh_plink_state plink_state;
Index: hostapd-2021-02-20-59e9794c/src/radius/radius.c
===================================================================
--- hostapd-2021-02-20-59e9794c.orig/src/radius/radius.c
+++ hostapd-2021-02-20-59e9794c/src/radius/radius.c
@@ -1182,6 +1182,35 @@ radius_msg_get_cisco_keys(struct radius_
return keys;
}
+#define RADIUS_VENDOR_ID_WISPR 14122
+#define RADIUS_WISPR_AV_BW_UP 7
+#define RADIUS_WISPR_AV_BW_DOWN 8
+
+int
+radius_msg_get_wispr(struct radius_msg *msg, u32 *bandwidth)
+{
+ int i;
+
+ if (msg == NULL || bandwidth == NULL)
+ return 1;
+
+ for (i = 0; i < 2; i++) {
+ size_t keylen;
+ u8 *key;
+
+ key = radius_msg_get_vendor_attr(msg, RADIUS_VENDOR_ID_WISPR,
+ RADIUS_WISPR_AV_BW_UP + i, &keylen);
+ if (!key)
+ continue;
+
+ if (keylen == 4)
+ bandwidth[i] = ntohl(*((u32 *)key));
+ os_free(key);
+ }
+
+ return 0;
+}
+
int radius_msg_add_mppe_keys(struct radius_msg *msg,
const u8 *req_authenticator,
Index: hostapd-2021-02-20-59e9794c/src/radius/radius.h
===================================================================
--- hostapd-2021-02-20-59e9794c.orig/src/radius/radius.h
+++ hostapd-2021-02-20-59e9794c/src/radius/radius.h
@@ -205,6 +205,10 @@ enum {
RADIUS_VENDOR_ATTR_WFA_HS20_T_C_URL = 10,
};
+#define RADIUS_VENDOR_ID_WISPR 14122
+#define RADIUS_WISPR_AV_BW_UP 7
+#define RADIUS_WISPR_AV_BW_DOWN 8
+
#ifdef _MSC_VER
#pragma pack(pop)
#endif /* _MSC_VER */
@@ -277,6 +281,7 @@ radius_msg_get_ms_keys(struct radius_msg
struct radius_ms_mppe_keys *
radius_msg_get_cisco_keys(struct radius_msg *msg, struct radius_msg *sent_msg,
const u8 *secret, size_t secret_len);
+int radius_msg_get_wispr(struct radius_msg *msg, u32 *bandwidth);
int radius_msg_add_mppe_keys(struct radius_msg *msg,
const u8 *req_authenticator,
const u8 *secret, size_t secret_len,

12
feeds/hostapd/hostapd/patches/751-qos_map_ignore_when_unsupported.patch
View File

@@ -1,12 +0,0 @@
--- a/src/ap/ap_drv_ops.c
+++ b/src/ap/ap_drv_ops.c
@@ -927,7 +927,8 @@ int hostapd_start_dfs_cac(struct hostapd
int hostapd_drv_set_qos_map(struct hostapd_data *hapd,
const u8 *qos_map_set, u8 qos_map_set_len)
{
- if (!hapd->driver || !hapd->driver->set_qos_map || !hapd->drv_priv)
+ if (!hapd->driver || !hapd->driver->set_qos_map || !hapd->drv_priv ||
+ !(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING))
return 0;
return hapd->driver->set_qos_map(hapd->drv_priv, qos_map_set,
qos_map_set_len);

539
feeds/hostapd/hostapd/patches/751-wispr-ft.patch
View File

@@ -1,539 +0,0 @@
--- a/src/ap/wpa_auth.h
+++ b/src/ap/wpa_auth.h
@@ -16,7 +16,11 @@
struct vlan_description;
struct mld_info;
-
+struct rate_description {
+ u32 rx;
+ u32 tx;
+};
+
#define MAX_OWN_IE_OVERRIDE 256
#ifdef _MSC_VER
@@ -88,6 +92,7 @@ struct ft_rrb_frame {
#define FT_RRB_IDENTITY 15
#define FT_RRB_RADIUS_CUI 16
#define FT_RRB_SESSION_TIMEOUT 17 /* le32 seconds */
+#define FT_RRB_RATE_LIMIT 18
struct ft_rrb_tlv {
le16 type;
@@ -368,6 +373,10 @@ struct wpa_auth_callbacks {
struct vlan_description *vlan);
int (*get_vlan)(void *ctx, const u8 *sta_addr,
struct vlan_description *vlan);
+ int (*set_rate_limit)(void *ctx, const u8 *sta_addr,
+ struct rate_description *rate);
+ int (*get_rate_limit)(void *ctx, const u8 *sta_addr,
+ struct rate_description *rate);
int (*set_identity)(void *ctx, const u8 *sta_addr,
const u8 *identity, size_t identity_len);
size_t (*get_identity)(void *ctx, const u8 *sta_addr, const u8 **buf);
@@ -536,7 +545,7 @@ int wpa_ft_fetch_pmk_r1(struct wpa_authe
struct vlan_description *vlan,
const u8 **identity, size_t *identity_len,
const u8 **radius_cui, size_t *radius_cui_len,
- int *session_timeout);
+ int *session_timeout, struct rate_description *rate);
#endif /* CONFIG_IEEE80211R_AP */
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
@@ -1200,6 +1200,40 @@ static int hostapd_wpa_auth_get_vlan(voi
}
+static int hostapd_wpa_auth_set_rate_limit(void *ctx, const u8 *sta_addr,
+ struct rate_description *rate)
+{
+ struct hostapd_data *hapd = ctx;
+ struct sta_info *sta;
+
+ sta = ap_get_sta(hapd, sta_addr);
+ if (!sta || !sta->wpa_sm)
+ return -1;
+
+ memcpy(sta->bandwidth, rate, sizeof(*rate));
+ hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
+ HOSTAPD_LEVEL_INFO, "rate-limit %d %d", sta->bandwidth[0], sta->bandwidth[1]);
+
+ return 0;
+}
+
+
+static int hostapd_wpa_auth_get_rate_limit(void *ctx, const u8 *sta_addr,
+ struct rate_description *rate)
+{
+ struct hostapd_data *hapd = ctx;
+ struct sta_info *sta;
+
+ sta = ap_get_sta(hapd, sta_addr);
+ if (!sta)
+ return -1;
+
+ memcpy(rate, sta->bandwidth, sizeof(*rate));
+
+ return 0;
+}
+
+
static int
hostapd_wpa_auth_set_identity(void *ctx, const u8 *sta_addr,
const u8 *identity, size_t identity_len)
@@ -1640,6 +1674,8 @@ int hostapd_setup_wpa(struct hostapd_dat
.add_tspec = hostapd_wpa_auth_add_tspec,
.set_vlan = hostapd_wpa_auth_set_vlan,
.get_vlan = hostapd_wpa_auth_get_vlan,
+ .set_rate_limit = hostapd_wpa_auth_set_rate_limit,
+ .get_rate_limit = hostapd_wpa_auth_get_rate_limit,
.set_identity = hostapd_wpa_auth_set_identity,
.get_identity = hostapd_wpa_auth_get_identity,
.set_radius_cui = hostapd_wpa_auth_set_radius_cui,
--- a/src/ap/wpa_auth_ft.c
+++ b/src/ap/wpa_auth_ft.c
@@ -379,6 +379,14 @@ static size_t wpa_ft_vlan_len(const stru
return tlv_len;
}
+static size_t wpa_ft_rate_limit_len(const struct rate_description *rate)
+{
+ if (!rate || (!rate->rx && !rate->tx))
+ return 0;
+
+ return (sizeof(struct ft_rrb_tlv) + 8);
+}
+
static size_t wpa_ft_vlan_lin(const struct vlan_description *vlan,
u8 *start, u8 *endpos)
@@ -434,10 +442,48 @@ static size_t wpa_ft_vlan_lin(const stru
}
+static size_t wpa_ft_rate_limit_lin(const struct rate_description *rate,
+ u8 *start, u8 *endpos)
+{
+ size_t tlv_len;
+ int i, len;
+ struct ft_rrb_tlv *hdr;
+ u8 *pos = start;
+
+ if (!rate)
+ return 0;
+
+ tlv_len = 0;
+ if (rate->rx || rate->tx) {
+ tlv_len += sizeof(*hdr);
+ if (start + tlv_len > endpos)
+ return tlv_len;
+ hdr = (struct ft_rrb_tlv *) pos;
+ hdr->type = host_to_le16(FT_RRB_RATE_LIMIT);
+ hdr->len = host_to_le16(2 * sizeof(le32));
+ pos = start + tlv_len;
+
+ tlv_len += sizeof(u32);
+ if (start + tlv_len > endpos)
+ return tlv_len;
+ WPA_PUT_LE32(pos, rate->rx);
+ pos = start + tlv_len;
+ tlv_len += sizeof(u32);
+ if (start + tlv_len > endpos)
+ return tlv_len;
+ WPA_PUT_LE32(pos, rate->tx);
+ pos = start + tlv_len;
+ }
+
+ return tlv_len;
+}
+
+
static int wpa_ft_rrb_lin(const struct tlv_list *tlvs1,
const struct tlv_list *tlvs2,
const struct vlan_description *vlan,
- u8 **plain, size_t *plain_len)
+ u8 **plain, size_t *plain_len,
+ const struct rate_description *rate)
{
u8 *pos, *endpos;
size_t tlv_len;
@@ -445,6 +491,7 @@ static int wpa_ft_rrb_lin(const struct t
tlv_len = wpa_ft_tlv_len(tlvs1);
tlv_len += wpa_ft_tlv_len(tlvs2);
tlv_len += wpa_ft_vlan_len(vlan);
+ tlv_len += wpa_ft_rate_limit_len(rate);
*plain_len = tlv_len;
*plain = os_zalloc(tlv_len);
@@ -458,6 +505,7 @@ static int wpa_ft_rrb_lin(const struct t
pos += wpa_ft_tlv_lin(tlvs1, pos, endpos);
pos += wpa_ft_tlv_lin(tlvs2, pos, endpos);
pos += wpa_ft_vlan_lin(vlan, pos, endpos);
+ pos += wpa_ft_rate_limit_lin(rate, pos, endpos);
/* validity check */
if (pos != endpos) {
@@ -526,7 +574,8 @@ static int wpa_ft_rrb_build(const u8 *ke
const struct tlv_list *tlvs_auth,
const struct vlan_description *vlan,
const u8 *src_addr, u8 type,
- u8 **packet, size_t *packet_len)
+ u8 **packet, size_t *packet_len,
+ const struct rate_description *rate)
{
u8 *plain = NULL, *auth = NULL, *pos, *tmp;
size_t plain_len = 0, auth_len = 0;
@@ -534,10 +583,10 @@ static int wpa_ft_rrb_build(const u8 *ke
size_t pad_len = 0;
*packet = NULL;
- if (wpa_ft_rrb_lin(tlvs_enc0, tlvs_enc1, vlan, &plain, &plain_len) < 0)
+ if (wpa_ft_rrb_lin(tlvs_enc0, tlvs_enc1, vlan, &plain, &plain_len, rate) < 0)
goto out;
- if (wpa_ft_rrb_lin(tlvs_auth, NULL, NULL, &auth, &auth_len) < 0)
+ if (wpa_ft_rrb_lin(tlvs_auth, NULL, NULL, &auth, &auth_len, NULL) < 0)
goto out;
*packet_len = sizeof(u16) + auth_len + plain_len;
@@ -700,6 +749,24 @@ static int wpa_ft_get_vlan(struct wpa_au
}
+static int wpa_ft_get_rate_limit(struct wpa_authenticator *wpa_auth,
+ const u8 *sta_addr, struct rate_description *rate)
+{
+ if (!wpa_auth->cb->get_rate_limit)
+ return -1;
+ return wpa_auth->cb->get_rate_limit(wpa_auth->cb_ctx, sta_addr, rate);
+}
+
+
+static int wpa_ft_set_rate_limit(struct wpa_authenticator *wpa_auth,
+ const u8 *sta_addr, struct rate_description *rate)
+{
+ if (!wpa_auth->cb->set_rate_limit)
+ return -1;
+ return wpa_auth->cb->set_rate_limit(wpa_auth->cb_ctx, sta_addr, rate);
+}
+
+
static int
wpa_ft_set_identity(struct wpa_authenticator *wpa_auth, const u8 *sta_addr,
const u8 *identity, size_t identity_len)
@@ -1025,7 +1092,7 @@ wpa_ft_rrb_seq_req(struct wpa_authentica
if (wpa_ft_rrb_build(key, key_len, NULL, NULL, seq_req_auth, NULL,
wpa_auth->addr, FT_PACKET_R0KH_R1KH_SEQ_REQ,
- &packet, &packet_len) < 0) {
+ &packet, &packet_len, NULL) < 0) {
item = NULL; /* some other seq resp might still accept this */
goto err;
}
@@ -1208,6 +1275,7 @@ struct wpa_ft_pmk_r0_sa {
u8 spa[ETH_ALEN];
int pairwise; /* Pairwise cipher suite, WPA_CIPHER_* */
struct vlan_description *vlan;
+ struct rate_description *rate;
os_time_t expiration; /* 0 for no expiration */
u8 *identity;
size_t identity_len;
@@ -1226,6 +1294,7 @@ struct wpa_ft_pmk_r1_sa {
u8 spa[ETH_ALEN];
int pairwise; /* Pairwise cipher suite, WPA_CIPHER_* */
struct vlan_description *vlan;
+ struct rate_description *rate;
u8 *identity;
size_t identity_len;
u8 *radius_cui;
@@ -1254,6 +1323,7 @@ static void wpa_ft_free_pmk_r0(struct wp
os_memset(r0->pmk_r0, 0, PMK_LEN_MAX);
os_free(r0->vlan);
+ os_free(r0->rate);
os_free(r0->identity);
os_free(r0->radius_cui);
os_free(r0);
@@ -1307,6 +1377,7 @@ static void wpa_ft_free_pmk_r1(struct wp
eloop_cancel_timeout(wpa_ft_expire_pmk_r1, r1, NULL);
os_memset(r1->pmk_r1, 0, PMK_LEN_MAX);
+ os_free(r1->rate);
os_free(r1->vlan);
os_free(r1->identity);
os_free(r1->radius_cui);
@@ -1360,7 +1431,8 @@ static int wpa_ft_store_pmk_r0(struct wp
const struct vlan_description *vlan,
int expires_in, int session_timeout,
const u8 *identity, size_t identity_len,
- const u8 *radius_cui, size_t radius_cui_len)
+ const u8 *radius_cui, size_t radius_cui_len,
+ struct rate_description *rate)
{
struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache;
struct wpa_ft_pmk_r0_sa *r0;
@@ -1388,6 +1460,14 @@ static int wpa_ft_store_pmk_r0(struct wp
}
*r0->vlan = *vlan;
}
+ if (rate) {
+ r0->rate = os_zalloc(sizeof(*rate));
+ if (!r0->rate) {
+ bin_clear_free(r0, sizeof(*r0));
+ return -1;
+ }
+ *r0->rate = *rate;
+ }
if (identity) {
r0->identity = os_malloc(identity_len);
if (r0->identity) {
@@ -1447,7 +1527,8 @@ static int wpa_ft_store_pmk_r1(struct wp
const struct vlan_description *vlan,
int expires_in, int session_timeout,
const u8 *identity, size_t identity_len,
- const u8 *radius_cui, size_t radius_cui_len)
+ const u8 *radius_cui, size_t radius_cui_len,
+ struct rate_description *rate)
{
struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache;
int max_expires_in = wpa_auth->conf.r1_max_key_lifetime;
@@ -1477,6 +1558,14 @@ static int wpa_ft_store_pmk_r1(struct wp
}
*r1->vlan = *vlan;
}
+ if (rate) {
+ r1->rate = os_zalloc(sizeof(*rate));
+ if (!r1->rate) {
+ bin_clear_free(r1, sizeof(*r1));
+ return -1;
+ }
+ *r1->rate = *rate;
+ }
if (identity) {
r1->identity = os_malloc(identity_len);
if (r1->identity) {
@@ -1513,7 +1602,7 @@ int wpa_ft_fetch_pmk_r1(struct wpa_authe
struct vlan_description *vlan,
const u8 **identity, size_t *identity_len,
const u8 **radius_cui, size_t *radius_cui_len,
- int *session_timeout)
+ int *session_timeout, struct rate_description *rate)
{
struct wpa_ft_pmk_cache *cache = wpa_auth->ft_pmk_cache;
struct wpa_ft_pmk_r1_sa *r1;
@@ -1533,6 +1622,12 @@ int wpa_ft_fetch_pmk_r1(struct wpa_authe
*vlan = *r1->vlan;
if (vlan && !r1->vlan)
os_memset(vlan, 0, sizeof(*vlan));
+ if (rate) {
+ if (r1->rate)
+ *rate = *r1->rate;
+ else
+ memset(rate, 0, sizeof(*rate));
+ }
if (identity && identity_len) {
*identity = r1->identity;
*identity_len = r1->identity_len;
@@ -2059,7 +2154,7 @@ static int wpa_ft_pull_pmk_r1(struct wpa
if (wpa_ft_rrb_build(key, key_len, req_enc, NULL, req_auth, NULL,
sm->wpa_auth->addr, FT_PACKET_R0KH_R1KH_PULL,
- &packet, &packet_len) < 0)
+ &packet, &packet_len, NULL) < 0)
return -1;
ft_pending_req_ies = wpabuf_alloc_copy(ies, ies_len);
@@ -2088,6 +2183,7 @@ int wpa_ft_store_pmk_fils(struct wpa_sta
{
int expires_in = sm->wpa_auth->conf.r0_key_lifetime;
struct vlan_description vlan;
+ struct rate_description rate;
const u8 *identity, *radius_cui;
size_t identity_len, radius_cui_len;
int session_timeout;
@@ -2099,6 +2195,7 @@ int wpa_ft_store_pmk_fils(struct wpa_sta
MAC2STR(sm->addr));
return -1;
}
+ wpa_ft_get_rate_limit(sm->wpa_auth, sm->addr, &rate);
identity_len = wpa_ft_get_identity(sm->wpa_auth, sm->addr, &identity);
radius_cui_len = wpa_ft_get_radius_cui(sm->wpa_auth, sm->addr,
@@ -2108,7 +2205,7 @@ int wpa_ft_store_pmk_fils(struct wpa_sta
return wpa_ft_store_pmk_r0(sm->wpa_auth, sm->addr, pmk_r0, pmk_r0_len,
pmk_r0_name, sm->pairwise, &vlan, expires_in,
session_timeout, identity, identity_len,
- radius_cui, radius_cui_len);
+ radius_cui, radius_cui_len, &rate);
}
@@ -2172,6 +2269,7 @@ void wpa_auth_ft_store_keys(struct wpa_s
int psk_local = sm->wpa_auth->conf.ft_psk_generate_local;
int expires_in = sm->wpa_auth->conf.r0_key_lifetime;
struct vlan_description vlan;
+ struct rate_description rate;
const u8 *identity, *radius_cui;
size_t identity_len, radius_cui_len;
int session_timeout;
@@ -2185,6 +2283,8 @@ void wpa_auth_ft_store_keys(struct wpa_s
return;
}
+ wpa_ft_get_rate_limit(sm->wpa_auth, sm->addr, &rate);
+
identity_len = wpa_ft_get_identity(sm->wpa_auth, sm->addr, &identity);
radius_cui_len = wpa_ft_get_radius_cui(sm->wpa_auth, sm->addr,
&radius_cui);
@@ -2195,11 +2295,12 @@ void wpa_auth_ft_store_keys(struct wpa_s
pmk_r0_name,
sm->pairwise, &vlan, expires_in,
session_timeout, identity, identity_len,
- radius_cui, radius_cui_len);
+ radius_cui, radius_cui_len, &rate);
wpa_ft_store_pmk_r1(sm->wpa_auth, sm->addr, pmk_r1, key_len,
sm->pmk_r1_name, sm->pairwise, &vlan,
expires_in, session_timeout, identity,
- identity_len, radius_cui, radius_cui_len);
+ identity_len, radius_cui, radius_cui_len,
+ &rate);
}
@@ -3100,7 +3201,8 @@ static int wpa_ft_local_derive_pmk_r1(st
const u8 **radius_cui,
size_t *radius_cui_len,
int *out_session_timeout,
- size_t *pmk_r1_len)
+ size_t *pmk_r1_len,
+ struct rate_description *rate)
{
struct wpa_auth_config *conf = &wpa_auth->conf;
const struct wpa_ft_pmk_r0_sa *r0;
@@ -3136,7 +3238,8 @@ static int wpa_ft_local_derive_pmk_r1(st
out_pmk_r1_name,
sm->pairwise, r0->vlan, expires_in, session_timeout,
r0->identity, r0->identity_len,
- r0->radius_cui, r0->radius_cui_len);
+ r0->radius_cui, r0->radius_cui_len,
+ r0->rate);
*out_pairwise = sm->pairwise;
if (vlan) {
@@ -3146,6 +3249,13 @@ static int wpa_ft_local_derive_pmk_r1(st
os_memset(vlan, 0, sizeof(*vlan));
}
+ if (rate) {
+ if (r0->rate)
+ *rate = *r0->rate;
+ else
+ os_memset(rate, 0, sizeof(*rate));
+ }
+
if (identity && identity_len) {
*identity = r0->identity;
*identity_len = r0->identity_len;
@@ -3178,6 +3288,7 @@ static int wpa_ft_process_auth_req(struc
u8 *pos, *end;
int pairwise, session_timeout = 0;
struct vlan_description vlan;
+ struct rate_description rate = {};
const u8 *identity, *radius_cui;
size_t identity_len = 0, radius_cui_len = 0;
size_t pmk_r1_len, kdk_len, len;
@@ -3274,7 +3385,7 @@ static int wpa_ft_process_auth_req(struc
pmk_r1, &pmk_r1_len, &pairwise, &vlan,
&identity, &identity_len, &radius_cui,
&radius_cui_len,
- &session_timeout) == 0) {
+ &session_timeout, &rate) == 0) {
wpa_printf(MSG_DEBUG,
"FT: Found PMKR1Name (using SHA%zu) from local cache",
pmk_r1_len * 8);
@@ -3290,7 +3401,7 @@ static int wpa_ft_process_auth_req(struc
pmk_r1_name, pmk_r1, &pairwise,
&vlan, &identity, &identity_len,
&radius_cui, &radius_cui_len,
- &session_timeout, &pmk_r1_len) == 0) {
+ &session_timeout, &pmk_r1_len, &rate) == 0) {
wpa_printf(MSG_DEBUG,
"FT: Generated PMK-R1 based on local PMK-R0");
goto pmk_r1_derived;
@@ -3392,6 +3503,7 @@ pmk_r1_derived:
wpa_printf(MSG_DEBUG, "FT: Failed to configure VLAN");
goto out;
}
+ wpa_ft_set_rate_limit(sm->wpa_auth, sm->addr, &rate);
if (wpa_ft_set_identity(sm->wpa_auth, sm->addr,
identity, identity_len) < 0 ||
wpa_ft_set_radius_cui(sm->wpa_auth, sm->addr,
@@ -3973,7 +4085,7 @@ static int wpa_ft_rrb_build_r0(const u8
ret = wpa_ft_rrb_build(key, key_len, tlvs, sess_tlv, tlv_auth,
pmk_r0->vlan, src_addr, type,
- packet, packet_len);
+ packet, packet_len, pmk_r0->rate);
forced_memzero(pmk_r1, sizeof(pmk_r1));
@@ -4113,7 +4225,7 @@ static int wpa_ft_rrb_rx_pull(struct wpa
ret = wpa_ft_rrb_build(key, key_len, resp, NULL, resp_auth,
NULL, wpa_auth->addr,
FT_PACKET_R0KH_R1KH_RESP,
- &packet, &packet_len);
+ &packet, &packet_len, NULL);
} else {
ret = wpa_ft_rrb_build_r0(key, key_len, resp, r0, f_r1kh_id,
f_s1kh_id, resp_auth, wpa_auth->addr,
@@ -4165,11 +4277,15 @@ static int wpa_ft_rrb_rx_r1(struct wpa_a
size_t f_expires_in_len;
size_t f_identity_len, f_radius_cui_len;
size_t f_session_timeout_len;
+ size_t f_rate_len;
+ const u8 *f_rate;
int pairwise;
int ret = -1;
int expires_in;
int session_timeout;
struct vlan_description vlan;
+ struct rate_description rate;
+ int has_rate = 0;
size_t pmk_r1_len;
RRB_GET_AUTH(FT_RRB_R0KH_ID, r0kh_id, msgtype, -1);
@@ -4279,6 +4395,13 @@ static int wpa_ft_rrb_rx_r1(struct wpa_a
wpa_printf(MSG_DEBUG, "FT: vlan %d%s",
le_to_host16(vlan.untagged), vlan.tagged[0] ? "+" : "");
+ RRB_GET_OPTIONAL(FT_RRB_RATE_LIMIT, rate, msgtype, 2 * sizeof(le32));
+ if (f_rate) {
+ memcpy(&rate, f_rate, sizeof(rate));
+ rate.rx = le_to_host32(rate.rx);
+ rate.tx = le_to_host32(rate.tx);
+ has_rate = 1;
+ };
RRB_GET_OPTIONAL(FT_RRB_IDENTITY, identity, msgtype, -1);
if (f_identity)
wpa_hexdump_ascii(MSG_DEBUG, "FT: Identity", f_identity,
@@ -4301,7 +4424,7 @@ static int wpa_ft_rrb_rx_r1(struct wpa_a
f_pmk_r1_name,
pairwise, &vlan, expires_in, session_timeout,
f_identity, f_identity_len, f_radius_cui,
- f_radius_cui_len) < 0)
+ f_radius_cui_len, has_rate ? &rate : 0) < 0)
goto out;
ret = 0;
@@ -4614,7 +4737,7 @@ static int wpa_ft_rrb_rx_seq_req(struct
if (wpa_ft_rrb_build(key, key_len, NULL, NULL, seq_resp_auth, NULL,
wpa_auth->addr, FT_PACKET_R0KH_R1KH_SEQ_RESP,
- &packet, &packet_len) < 0)
+ &packet, &packet_len, NULL) < 0)
goto out;
wpa_ft_rrb_oui_send(wpa_auth, src_addr,

298
feeds/hostapd/hostapd/patches/761-shared_das_port.patch
View File

@@ -1,298 +0,0 @@
--- a/src/radius/radius_das.h
+++ b/src/radius/radius_das.h
@@ -44,6 +44,7 @@ struct radius_das_attrs {
struct radius_das_conf {
int port;
const u8 *shared_secret;
+ const u8 *nas_identifier;
size_t shared_secret_len;
const struct hostapd_ip_addr *client_addr;
unsigned int time_window;
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -1423,6 +1423,7 @@ int hostapd_setup_bss(struct hostapd_dat
os_memset(&das_conf, 0, sizeof(das_conf));
das_conf.port = conf->radius_das_port;
+ das_conf.nas_identifier = conf->nas_identifier;
das_conf.shared_secret = conf->radius_das_shared_secret;
das_conf.shared_secret_len =
conf->radius_das_shared_secret_len;
--- a/src/radius/radius_das.c
+++ b/src/radius/radius_das.c
@@ -12,13 +12,26 @@
#include "utils/common.h"
#include "utils/eloop.h"
#include "utils/ip_addr.h"
+#include "utils/list.h"
#include "radius.h"
#include "radius_das.h"
-struct radius_das_data {
+static struct dl_list das_ports = DL_LIST_HEAD_INIT(das_ports);
+
+struct radius_das_port {
+ struct dl_list list;
+ struct dl_list das_data;
+
+ int port;
int sock;
+};
+
+struct radius_das_data {
+ struct dl_list list;
+ struct radius_das_port *port;
u8 *shared_secret;
+ u8 *nas_identifier;
size_t shared_secret_len;
struct hostapd_ip_addr client_addr;
unsigned int time_window;
@@ -378,56 +391,17 @@ fail:
}
-static void radius_das_receive(int sock, void *eloop_ctx, void *sock_ctx)
+static void
+radius_das_receive_msg(struct radius_das_data *das, struct radius_msg *msg,
+ struct sockaddr *from, socklen_t fromlen,
+ char *abuf, int from_port)
{
- struct radius_das_data *das = eloop_ctx;
- u8 buf[1500];
- union {
- struct sockaddr_storage ss;
- struct sockaddr_in sin;
-#ifdef CONFIG_IPV6
- struct sockaddr_in6 sin6;
-#endif /* CONFIG_IPV6 */
- } from;
- char abuf[50];
- int from_port = 0;
- socklen_t fromlen;
- int len;
- struct radius_msg *msg, *reply = NULL;
+ struct radius_msg *reply = NULL;
struct radius_hdr *hdr;
struct wpabuf *rbuf;
+ struct os_time now;
u32 val;
int res;
- struct os_time now;
-
- fromlen = sizeof(from);
- len = recvfrom(sock, buf, sizeof(buf), 0,
- (struct sockaddr *) &from.ss, &fromlen);
- if (len < 0) {
- wpa_printf(MSG_ERROR, "DAS: recvfrom: %s", strerror(errno));
- return;
- }
-
- os_strlcpy(abuf, inet_ntoa(from.sin.sin_addr), sizeof(abuf));
- from_port = ntohs(from.sin.sin_port);
-
- wpa_printf(MSG_DEBUG, "DAS: Received %d bytes from %s:%d",
- len, abuf, from_port);
- if (das->client_addr.u.v4.s_addr &&
- das->client_addr.u.v4.s_addr != from.sin.sin_addr.s_addr) {
- wpa_printf(MSG_DEBUG, "DAS: Drop message from unknown client");
- return;
- }
-
- msg = radius_msg_parse(buf, len);
- if (msg == NULL) {
- wpa_printf(MSG_DEBUG, "DAS: Parsing incoming RADIUS packet "
- "from %s:%d failed", abuf, from_port);
- return;
- }
-
- if (wpa_debug_level <= MSG_MSGDUMP)
- radius_msg_dump(msg);
if (radius_msg_verify_das_req(msg, das->shared_secret,
das->shared_secret_len,
@@ -494,9 +468,8 @@ static void radius_das_receive(int sock,
radius_msg_dump(reply);
rbuf = radius_msg_get_buf(reply);
- res = sendto(das->sock, wpabuf_head(rbuf),
- wpabuf_len(rbuf), 0,
- (struct sockaddr *) &from.ss, fromlen);
+ res = sendto(das->port->sock, wpabuf_head(rbuf),
+ wpabuf_len(rbuf), 0, from, fromlen);
if (res < 0) {
wpa_printf(MSG_ERROR, "DAS: sendto(to %s:%d): %s",
abuf, from_port, strerror(errno));
@@ -508,6 +481,72 @@ fail:
radius_msg_free(reply);
}
+static void radius_das_receive(int sock, void *eloop_ctx, void *sock_ctx)
+{
+ struct radius_das_port *p = eloop_ctx;
+ struct radius_das_data *das;
+ u8 buf[1500];
+ union {
+ struct sockaddr_storage ss;
+ struct sockaddr_in sin;
+#ifdef CONFIG_IPV6
+ struct sockaddr_in6 sin6;
+#endif /* CONFIG_IPV6 */
+ } from;
+ struct radius_msg *msg;
+ size_t nasid_len = 0;
+ u8 *nasid_buf = NULL;
+ char abuf[50];
+ int from_port = 0;
+ socklen_t fromlen;
+ int found = 0;
+ int len;
+
+ fromlen = sizeof(from);
+ len = recvfrom(sock, buf, sizeof(buf), 0,
+ (struct sockaddr *) &from.ss, &fromlen);
+ if (len < 0) {
+ wpa_printf(MSG_ERROR, "DAS: recvfrom: %s", strerror(errno));
+ return;
+ }
+
+ os_strlcpy(abuf, inet_ntoa(from.sin.sin_addr), sizeof(abuf));
+ from_port = ntohs(from.sin.sin_port);
+
+ msg = radius_msg_parse(buf, len);
+ if (msg == NULL) {
+ wpa_printf(MSG_DEBUG, "DAS: Parsing incoming RADIUS packet "
+ "from %s:%d failed", abuf, from_port);
+ return;
+ }
+
+ wpa_printf(MSG_DEBUG, "DAS: Received %d bytes from %s:%d",
+ len, abuf, from_port);
+
+ if (wpa_debug_level <= MSG_MSGDUMP)
+ radius_msg_dump(msg);
+
+ radius_msg_get_attr_ptr(msg, RADIUS_ATTR_NAS_IDENTIFIER,
+ &nasid_buf, &nasid_len, NULL);
+ dl_list_for_each(das, &p->das_data, struct radius_das_data, list) {
+ if (das->client_addr.u.v4.s_addr &&
+ das->client_addr.u.v4.s_addr != from.sin.sin_addr.s_addr)
+ continue;
+
+ if (das->nas_identifier && nasid_buf &&
+ (nasid_len != os_strlen(das->nas_identifier) ||
+ os_memcmp(das->nas_identifier, nasid_buf, nasid_len) != 0))
+ continue;
+
+ found = 1;
+ radius_das_receive_msg(das, msg, (struct sockaddr *)&from.ss,
+ fromlen, abuf, from_port);
+ }
+
+ if (!found)
+ wpa_printf(MSG_DEBUG, "DAS: Drop message from unknown client");
+}
+
static int radius_das_open_socket(int port)
{
@@ -533,6 +572,49 @@ static int radius_das_open_socket(int po
}
+static struct radius_das_port *
+radius_das_open_port(int port)
+{
+ struct radius_das_port *p;
+
+ dl_list_for_each(p, &das_ports, struct radius_das_port, list) {
+ if (p->port == port)
+ return p;
+ }
+
+ p = os_zalloc(sizeof(*p));
+ if (p == NULL)
+ return NULL;
+
+ dl_list_init(&p->das_data);
+ p->port = port;
+ p->sock = radius_das_open_socket(port);
+ if (p->sock < 0)
+ goto free_port;
+
+ if (eloop_register_read_sock(p->sock, radius_das_receive, p, NULL))
+ goto close_port;
+
+ dl_list_add(&das_ports, &p->list);
+
+ return p;
+
+close_port:
+ close(p->sock);
+free_port:
+ os_free(p);
+
+ return NULL;
+}
+
+static void radius_das_close_port(struct radius_das_port *p)
+{
+ dl_list_del(&p->list);
+ eloop_unregister_read_sock(p->sock);
+ close(p->sock);
+ free(p);
+}
+
struct radius_das_data *
radius_das_init(struct radius_das_conf *conf)
{
@@ -553,6 +635,8 @@ radius_das_init(struct radius_das_conf *
das->ctx = conf->ctx;
das->disconnect = conf->disconnect;
das->coa = conf->coa;
+ if (conf->nas_identifier)
+ das->nas_identifier = os_strdup(conf->nas_identifier);
os_memcpy(&das->client_addr, conf->client_addr,
sizeof(das->client_addr));
@@ -565,19 +649,15 @@ radius_das_init(struct radius_das_conf *
}
das->shared_secret_len = conf->shared_secret_len;
- das->sock = radius_das_open_socket(conf->port);
- if (das->sock < 0) {
+ das->port = radius_das_open_port(conf->port);
+ if (!das->port) {
wpa_printf(MSG_ERROR, "Failed to open UDP socket for RADIUS "
"DAS");
radius_das_deinit(das);
return NULL;
}
- if (eloop_register_read_sock(das->sock, radius_das_receive, das, NULL))
- {
- radius_das_deinit(das);
- return NULL;
- }
+ dl_list_add(&das->port->das_data, &das->list);
return das;
}
@@ -588,11 +668,14 @@ void radius_das_deinit(struct radius_das
if (das == NULL)
return;
- if (das->sock >= 0) {
- eloop_unregister_read_sock(das->sock);
- close(das->sock);
+ if (das->port) {
+ dl_list_del(&das->list);
+
+ if (dl_list_empty(&das->port->das_data))
+ radius_das_close_port(das->port);
}
+ os_free(das->nas_identifier);
os_free(das->shared_secret);
os_free(das);
}

154
feeds/hostapd/hostapd/patches/770-radius_server.patch
View File

@@ -1,154 +0,0 @@
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -63,6 +63,10 @@ endif
OBJS += main.o
OBJS += config_file.o
+ifdef CONFIG_RADIUS_SERVER
+OBJS += radius.o
+endif
+
OBJS += ../src/ap/hostapd.o
OBJS += ../src/ap/wpa_auth_glue.o
OBJS += ../src/ap/drv_callbacks.o
--- a/hostapd/main.c
+++ b/hostapd/main.c
@@ -40,6 +40,7 @@ struct hapd_global {
static struct hapd_global global;
+extern int radius_main(int argc, char **argv);
#ifndef CONFIG_NO_HOSTAPD_LOGGER
static void hostapd_logger_cb(void *ctx, const u8 *addr, unsigned int module,
@@ -771,6 +772,11 @@ int main(int argc, char *argv[])
if (os_program_init())
return -1;
+#ifdef RADIUS_SERVER
+ if (strstr(argv[0], "radius"))
+ return radius_main(argc, argv);
+#endif
+
os_memset(&interfaces, 0, sizeof(interfaces));
interfaces.reload_config = hostapd_reload_config;
interfaces.config_read_cb = hostapd_config_read;
--- a/src/radius/radius_server.c
+++ b/src/radius/radius_server.c
@@ -63,6 +63,12 @@ struct radius_server_counters {
u32 unknown_acct_types;
};
+struct radius_accept_attr {
+ u8 type;
+ u16 len;
+ void *data;
+};
+
/**
* struct radius_session - Internal RADIUS server data for a session
*/
@@ -90,7 +96,7 @@ struct radius_session {
unsigned int macacl:1;
unsigned int t_c_filtering:1;
- struct hostapd_radius_attr *accept_attr;
+ struct radius_accept_attr *accept_attr;
u32 t_c_timestamp; /* Last read T&C timestamp from user DB */
};
@@ -394,6 +400,7 @@ static void radius_server_session_free(s
radius_msg_free(sess->last_reply);
os_free(sess->username);
os_free(sess->nas_ip);
+ os_free(sess->accept_attr);
os_free(sess);
data->num_sess--;
}
@@ -554,6 +561,36 @@ radius_server_erp_find_key(struct radius
}
#endif /* CONFIG_ERP */
+static struct radius_accept_attr *
+radius_server_copy_attr(const struct hostapd_radius_attr *data)
+{
+ const struct hostapd_radius_attr *attr;
+ struct radius_accept_attr *attr_new;
+ size_t data_size = 0;
+ void *data_buf;
+ int n_attr = 1;
+
+ for (attr = data; attr; attr = attr->next) {
+ n_attr++;
+ data_size += wpabuf_len(attr->val);
+ }
+
+ attr_new = os_zalloc(n_attr * sizeof(*attr) + data_size);
+ if (!attr_new)
+ return NULL;
+
+ data_buf = &attr_new[n_attr];
+ for (n_attr = 0, attr = data; attr; attr = attr->next) {
+ struct radius_accept_attr *cur = &attr_new[n_attr++];
+
+ cur->type = attr->type;
+ cur->len = wpabuf_len(attr->val);
+ cur->data = memcpy(data_buf, wpabuf_head(attr->val), cur->len);
+ data_buf += cur->len;
+ }
+
+ return attr_new;
+}
static struct radius_session *
radius_server_get_new_session(struct radius_server_data *data,
@@ -607,7 +644,7 @@ radius_server_get_new_session(struct rad
eap_user_free(tmp);
return NULL;
}
- sess->accept_attr = tmp->accept_attr;
+ sess->accept_attr = radius_server_copy_attr(tmp->accept_attr);
sess->macacl = tmp->macacl;
eap_user_free(tmp);
@@ -1118,11 +1155,10 @@ radius_server_encapsulate_eap(struct rad
}
if (code == RADIUS_CODE_ACCESS_ACCEPT) {
- struct hostapd_radius_attr *attr;
- for (attr = sess->accept_attr; attr; attr = attr->next) {
- if (!radius_msg_add_attr(msg, attr->type,
- wpabuf_head(attr->val),
- wpabuf_len(attr->val))) {
+ struct radius_accept_attr *attr;
+ for (attr = sess->accept_attr; attr->data; attr++) {
+ if (!radius_msg_add_attr(msg, attr->type, attr->data,
+ attr->len)) {
wpa_printf(MSG_ERROR, "Could not add RADIUS attribute");
radius_msg_free(msg);
return NULL;
@@ -1211,11 +1247,10 @@ radius_server_macacl(struct radius_serve
}
if (code == RADIUS_CODE_ACCESS_ACCEPT) {
- struct hostapd_radius_attr *attr;
- for (attr = sess->accept_attr; attr; attr = attr->next) {
- if (!radius_msg_add_attr(msg, attr->type,
- wpabuf_head(attr->val),
- wpabuf_len(attr->val))) {
+ struct radius_accept_attr *attr;
+ for (attr = sess->accept_attr; attr->data; attr++) {
+ if (!radius_msg_add_attr(msg, attr->type, attr->data,
+ attr->len)) {
wpa_printf(MSG_ERROR, "Could not add RADIUS attribute");
radius_msg_free(msg);
return NULL;
@@ -2512,7 +2547,7 @@ static int radius_server_get_eap_user(vo
ret = data->get_eap_user(data->conf_ctx, identity, identity_len,
phase2, user);
if (ret == 0 && user) {
- sess->accept_attr = user->accept_attr;
+ sess->accept_attr = radius_server_copy_attr(user->accept_attr);
sess->remediation = user->remediation;
sess->macacl = user->macacl;
sess->t_c_timestamp = user->t_c_timestamp;

33
feeds/hostapd/hostapd/patches/790-wired-dynamic-vlan.patch
View File

@@ -1,33 +0,0 @@
Index: hostapd-2021-02-20-59e9794c/src/ap/vlan_init.c
===================================================================
--- hostapd-2021-02-20-59e9794c.orig/src/ap/vlan_init.c
+++ hostapd-2021-02-20-59e9794c/src/ap/vlan_init.c
@@ -37,7 +37,14 @@ static int vlan_if_add(struct hostapd_da
}
#endif /* CONFIG_WEP */
- if (!vlan_exists)
+ if (!hapd->driver || !hapd->driver->if_add) {
+ char *dot = strstr(vlan->ifname, ".");
+ if (dot)
+ *dot = '\0';
+ ret = 0;
+ }
+
+ else if (!vlan_exists)
ret = hostapd_vlan_if_add(hapd, vlan->ifname);
else if (!existsok)
return -1;
Index: hostapd-2021-02-20-59e9794c/src/ap/vlan_init.c
===================================================================
--- hostapd-2021-02-20-59e9794c.orig/src/ap/vlan_init.c
+++ hostapd-2021-02-20-59e9794c/src/ap/vlan_init.c
@@ -59,7 +59,7 @@ static int vlan_if_add(struct hostapd_da
if (hapd->wpa_auth)
ret = wpa_auth_ensure_group(hapd->wpa_auth, vlan->vlan_id);
- if (!ret && !vlan_exists)
+ if (!ret && !vlan_exists && hapd->driver->if_add)
hostapd_ubus_add_vlan(hapd, vlan);
if (ret == 0)

37
feeds/hostapd/hostapd/patches/901-cfg-section.patch
View File

@@ -1,37 +0,0 @@
Index: hostapd-2023-09-08-e5ccbfc6/hostapd/config_file.c
===================================================================
--- hostapd-2023-09-08-e5ccbfc6.orig/hostapd/config_file.c
+++ hostapd-2023-09-08-e5ccbfc6/hostapd/config_file.c
@@ -2345,6 +2345,8 @@ static int hostapd_config_fill(struct ho
return 1;
}
conf->driver = driver;
+ } else if (os_strcmp(buf, "uci_section") == 0) {
+ bss->uci_section = os_strdup(pos);
} else if (os_strcmp(buf, "driver_params") == 0) {
os_free(conf->driver_params);
conf->driver_params = os_strdup(pos);
Index: hostapd-2023-09-08-e5ccbfc6/src/ap/ap_config.h
===================================================================
--- hostapd-2023-09-08-e5ccbfc6.orig/src/ap/ap_config.h
+++ hostapd-2023-09-08-e5ccbfc6/src/ap/ap_config.h
@@ -287,6 +287,7 @@ struct hostapd_bss_config {
char snoop_iface[IFNAMSIZ + 1];
char vlan_bridge[IFNAMSIZ + 1];
char wds_bridge[IFNAMSIZ + 1];
+ char *uci_section;
int bridge_hairpin; /* hairpin_mode on bridge members */
enum hostapd_logger_level logger_syslog_level, logger_stdout_level;
Index: hostapd-2023-09-08-e5ccbfc6/src/ap/ap_config.c
===================================================================
--- hostapd-2023-09-08-e5ccbfc6.orig/src/ap/ap_config.c
+++ hostapd-2023-09-08-e5ccbfc6/src/ap/ap_config.c
@@ -798,6 +798,7 @@ void hostapd_config_free_bss(struct host
os_free(conf->radius_req_attr_sqlite);
os_free(conf->rsn_preauth_interfaces);
os_free(conf->ctrl_interface);
+ os_free(conf->uci_section);
os_free(conf->config_id);
os_free(conf->ca_cert);
os_free(conf->server_cert);

28
feeds/hostapd/hostapd/patches/901-coa-ubus.patch
View File

@@ -1,28 +0,0 @@
Index: hostapd-2021-02-20-59e9794c/src/ap/hostapd.c
===================================================================
--- hostapd-2021-02-20-59e9794c.orig/src/ap/hostapd.c
+++ hostapd-2021-02-20-59e9794c/src/ap/hostapd.c
@@ -1034,6 +1034,23 @@ hostapd_das_disconnect(void *ctx, struct
struct hostapd_data *hapd = ctx;
struct sta_info *sta;
int multi;
+ int ubus_resp;
+ struct hostapd_ubus_request req = {
+ .type = HOSTAPD_UBUS_COA,
+ .mgmt_frame = 0,
+ .ssi_signal = 0,
+ .addr = attr->sta_addr,
+ };
+
+ if (hostapd_ubus_handle_event(hapd, &req)) {
+ wpa_printf(MSG_INFO, "DAS: disconnect due approved via ubus");
+ sta = ap_get_sta(hapd, attr->sta_addr);
+ if (sta) {
+ hostapd_drv_sta_deauth(hapd, attr->sta_addr, 2);
+ ap_sta_deauthenticate(hapd, sta, 2);
+ }
+ return RADIUS_DAS_SUCCESS;
+ }
if (hostapd_das_nas_mismatch(hapd, attr))
return RADIUS_DAS_NAS_MISMATCH;

33
feeds/hostapd/hostapd/patches/990-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch
View File

@@ -1,33 +0,0 @@
From f0e9f5aab52b3eab85d28338cc996972ced4c39c Mon Sep 17 00:00:00 2001
From: David Bauer <mail@david-bauer.net>
Date: Tue, 17 May 2022 23:07:59 +0200
Subject: [PATCH] ctrl: make WNM_AP functions dependant on CONFIG_AP
This fixes linking errors found when compiling wpa_supplicant with
CONFIG_WNM_AP enabled but CONFIG_AP disabled.
Signed-off-by: David Bauer <mail@david-bauer.net>
---
wpa_supplicant/ctrl_iface.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -12763,7 +12763,7 @@ char * wpa_supplicant_ctrl_iface_process
if (wpas_ctrl_iface_coloc_intf_report(wpa_s, buf + 18))
reply_len = -1;
#endif /* CONFIG_WNM */
-#ifdef CONFIG_WNM_AP
+#if defined(CONFIG_AP) && defined(CONFIG_WNM_AP)
} else if (os_strncmp(buf, "DISASSOC_IMMINENT ", 18) == 0) {
if (ap_ctrl_iface_disassoc_imminent(wpa_s, buf + 18))
reply_len = -1;
@@ -12773,7 +12773,7 @@ char * wpa_supplicant_ctrl_iface_process
} else if (os_strncmp(buf, "BSS_TM_REQ ", 11) == 0) {
if (ap_ctrl_iface_bss_tm_req(wpa_s, buf + 11))
reply_len = -1;
-#endif /* CONFIG_WNM_AP */
+#endif /* CONFIG_AP && CONFIG_WNM_AP */
} else if (os_strcmp(buf, "FLUSH") == 0) {
wpa_supplicant_ctrl_iface_flush(wpa_s);
} else if (os_strncmp(buf, "RADIO_WORK ", 11) == 0) {

63
feeds/hostapd/hostapd/patches/991-Fix-OpenWrt-13156.patch
View File

@@ -1,63 +0,0 @@
From 26cd9bafc1d25e602952ee86cd2a5b8c3a995490 Mon Sep 17 00:00:00 2001
From: Stijn Tintel <stijn@linux-ipv6.be>
Date: Fri, 28 Jul 2023 16:27:47 +0300
Subject: [PATCH] Revert "Do prune_association only after the STA is
authorized"
Commit e978072baaca ("Do prune_association only after the STA is
authorized") causes issues when an STA roams from one interface to
another interface on the same PHY. The mt7915 driver is not able to
handle this properly. While the commits fixes a DoS, there are other
devices and drivers with the same limitation, so revert to the orginal
behavior for now, until we have a better solution in place.
Ref: https://github.com/openwrt/openwrt/issues/13156
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
---
src/ap/hostapd.c | 14 +++++++++++---
src/ap/sta_info.c | 3 ---
2 files changed, 11 insertions(+), 6 deletions(-)
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -3564,6 +3564,8 @@ int hostapd_remove_iface(struct hapd_int
void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta,
int reassoc)
{
+ int mld_assoc_link_id = -1;
+
if (hapd->tkip_countermeasures) {
hostapd_drv_sta_deauth(hapd, sta->addr,
WLAN_REASON_MICHAEL_MIC_FAILURE);
@@ -3571,10 +3573,16 @@ void hostapd_new_assoc_sta(struct hostap
}
#ifdef CONFIG_IEEE80211BE
- if (hapd->conf->mld_ap && sta->mld_info.mld_sta &&
- sta->mld_assoc_link_id != hapd->mld_link_id)
- return;
+ if (hapd->conf->mld_ap && sta->mld_info.mld_sta) {
+ if (sta->mld_assoc_link_id == hapd->mld_link_id) {
+ mld_assoc_link_id = sta->mld_assoc_link_id;
+ } else {
+ return;
+ }
+ }
#endif /* CONFIG_IEEE80211BE */
+ if (mld_assoc_link_id != -2)
+ hostapd_prune_associations(hapd, sta->addr, mld_assoc_link_id);
ap_sta_clear_disconnect_timeouts(hapd, sta);
sta->post_csa_sa_query = 0;
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
@@ -1318,9 +1318,6 @@ void ap_sta_set_authorized(struct hostap
mld_assoc_link_id = -2;
}
#endif /* CONFIG_IEEE80211BE */
- if (mld_assoc_link_id != -2)
- hostapd_prune_associations(hapd, sta->addr,
- mld_assoc_link_id);
sta->flags |= WLAN_STA_AUTHORIZED;
} else {
sta->flags &= ~WLAN_STA_AUTHORIZED;

10
feeds/hostapd/hostapd/patches/999-ft-anonce.patch
View File

@@ -1,10 +0,0 @@
--- a/src/ap/wpa_auth_i.h
+++ b/src/ap/wpa_auth_i.h
@@ -54,6 +54,7 @@ struct wpa_state_machine {
bool MICVerified;
bool GUpdateStationKeys;
u8 ANonce[WPA_NONCE_LEN];
+ struct os_reltime ANonce_time;
u8 SNonce[WPA_NONCE_LEN];
u8 alt_SNonce[WPA_NONCE_LEN];
u8 alt_replay_counter[WPA_REPLAY_COUNTER_LEN];

49
feeds/hostapd/hostapd/patches/999-probe-request.patch
View File

@@ -1,49 +0,0 @@
Index: hostapd-2021-02-20-59e9794c/hostapd/config_file.c
===================================================================
--- hostapd-2021-02-20-59e9794c.orig/hostapd/config_file.c
+++ hostapd-2021-02-20-59e9794c/hostapd/config_file.c
@@ -3339,6 +3339,8 @@ static int hostapd_config_fill(struct ho
bss->ignore_broadcast_ssid = atoi(pos);
} else if (os_strcmp(buf, "no_probe_resp_if_max_sta") == 0) {
bss->no_probe_resp_if_max_sta = atoi(pos);
+ } else if (os_strcmp(buf, "dynamic_probe_resp") == 0) {
+ bss->dynamic_probe_resp = atoi(pos);
#ifdef CONFIG_WEP
} else if (os_strcmp(buf, "wep_default_key") == 0) {
bss->ssid.wep.idx = atoi(pos);
Index: hostapd-2021-02-20-59e9794c/src/ap/ap_config.h
===================================================================
--- hostapd-2021-02-20-59e9794c.orig/src/ap/ap_config.h
+++ hostapd-2021-02-20-59e9794c/src/ap/ap_config.h
@@ -460,6 +460,7 @@ struct hostapd_bss_config {
int ap_max_inactivity;
int ignore_broadcast_ssid;
int no_probe_resp_if_max_sta;
+ int dynamic_probe_resp;
int wmm_enabled;
int wmm_uapsd;
Index: hostapd-2021-02-20-59e9794c/src/ap/beacon.c
===================================================================
--- hostapd-2021-02-20-59e9794c.orig/src/ap/beacon.c
+++ hostapd-2021-02-20-59e9794c/src/ap/beacon.c
@@ -920,7 +920,8 @@ void handle_probe_req(struct hostapd_dat
}
#endif /* CONFIG_P2P */
- if (hapd->conf->ignore_broadcast_ssid && elems.ssid_len == 0 &&
+ if (!hapd->conf->dynamic_probe_resp &&
+ hapd->conf->ignore_broadcast_ssid && elems.ssid_len == 0 &&
elems.ssid_list_len == 0 && elems.short_ssid_list_len == 0) {
wpa_printf(MSG_MSGDUMP, "Probe Request from " MACSTR " for "
"broadcast SSID ignored", MAC2STR(mgmt->sa));
@@ -967,7 +968,8 @@ void handle_probe_req(struct hostapd_dat
return;
}
- if (hapd->conf->ignore_broadcast_ssid && res == WILDCARD_SSID_MATCH) {
+ if (!hapd->conf->dynamic_probe_resp &&
+ hapd->conf->ignore_broadcast_ssid && res == WILDCARD_SSID_MATCH) {
wpa_printf(MSG_MSGDUMP, "Probe Request from " MACSTR " for "
"broadcast SSID ignored", MAC2STR(mgmt->sa));
return;

147
feeds/hostapd/hostapd/patches/999-re-assoc-event.patch
View File

@@ -1,147 +0,0 @@
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -522,6 +522,7 @@ static void handle_auth_ft_finish(void *
hostapd_logger(hapd, dst, HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_DEBUG, "authentication OK (FT)");
+ hostapd_ubus_notify(hapd, "ft-finish", sta->addr);
sta->flags |= WLAN_STA_AUTH;
mlme_authenticate_indication(hapd, sta);
}
@@ -5273,6 +5274,8 @@ static void handle_assoc(struct hostapd_
}
sta = ap_get_sta(hapd, mgmt->sa);
+ if (sta && reassoc)
+ memcpy(sta->origin_ap, mgmt->u.reassoc_req.current_ap, 6);
#ifdef CONFIG_IEEE80211R_AP
if (sta && sta->auth_alg == WLAN_AUTH_FT &&
(sta->flags & WLAN_STA_AUTH) == 0) {
@@ -5426,6 +5429,7 @@ static void handle_assoc(struct hostapd_
.type = HOSTAPD_UBUS_ASSOC_REQ,
.mgmt_frame = mgmt,
.ssi_signal = rssi,
+ .reassoc = reassoc,
};
/* followed by SSID and Supported rates; and HT capabilities if 802.11n
@@ -6496,7 +6500,7 @@ static void handle_assoc_cb(struct hosta
* Open, static WEP, FT protocol, or FILS; no separate
* authorization step.
*/
- ap_sta_set_authorized(hapd, sta, 1);
+ _ap_sta_set_authorized(hapd, sta, 1, reassoc);
}
if (reassoc)
--- a/src/ap/ubus.c
+++ b/src/ap/ubus.c
@@ -1870,6 +1870,8 @@ int hostapd_ubus_handle_event(struct hos
if (req->ssi_signal)
blobmsg_add_u32(&b, "signal", req->ssi_signal);
blobmsg_add_u32(&b, "freq", hapd->iface->freq);
+ if (req->reassoc && req->mgmt_frame)
+ blobmsg_add_macaddr(&b, "origin", req->mgmt_frame->u.reassoc_req.current_ap);
if (req->elems) {
if(req->elems->ht_capabilities)
@@ -1940,6 +1942,7 @@ void hostapd_ubus_notify(struct hostapd_
blob_buf_init(&b, 0);
blobmsg_add_macaddr(&b, "address", addr);
blobmsg_add_string(&b, "ifname", hapd->conf->iface);
+ blobmsg_printf(&b, "target", MACSTR, MAC2STR(hapd->conf->bssid));
ubus_notify(ctx, &hapd->ubus.obj, type, b.head, -1);
}
@@ -1958,7 +1961,7 @@ void hostapd_ubus_notify_csa(struct host
}
-void hostapd_ubus_notify_authorized(struct hostapd_data *hapd, struct sta_info *sta)
+void hostapd_ubus_notify_authorized(struct hostapd_data *hapd, struct sta_info *sta, int reassoc)
{
if (!hapd->ubus.obj.has_subscribers)
return;
@@ -1975,6 +1978,9 @@ void hostapd_ubus_notify_authorized(stru
blobmsg_add_u32(&b, "", sta->bandwidth[1]);
blobmsg_close_array(&b, r);
}
+ if (reassoc)
+ blobmsg_add_macaddr(&b, "origin", sta->origin_ap);
+ blobmsg_printf(&b, "target", MACSTR, MAC2STR(hapd->conf->bssid));
ubus_notify(ctx, &hapd->ubus.obj, "sta-authorized", b.head, -1);
}
--- a/src/ap/ubus.h
+++ b/src/ap/ubus.h
@@ -22,6 +22,7 @@ struct hostapd_ubus_request {
const struct ieee802_11_elems *elems;
int ssi_signal; /* dBm */
const u8 *addr;
+ int reassoc;
};
struct hostapd_iface;
@@ -49,7 +50,7 @@ void hostapd_ubus_remove_vlan(struct hos
int hostapd_ubus_handle_event(struct hostapd_data *hapd, struct hostapd_ubus_request *req);
void hostapd_ubus_notify(struct hostapd_data *hapd, const char *type, const u8 *mac);
-void hostapd_ubus_notify_authorized(struct hostapd_data *hapd, struct sta_info *sta);
+void hostapd_ubus_notify_authorized(struct hostapd_data *hapd, struct sta_info *sta, int reassoc);
void hostapd_ubus_notify_beacon_report(struct hostapd_data *hapd,
const u8 *addr, u8 token, u8 rep_mode,
struct rrm_measurement_beacon_report *rep,
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
@@ -1297,8 +1297,8 @@ const u8 * ap_sta_wpa_get_dpp_pkhash(str
}
-void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta,
- int authorized)
+void _ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta,
+ int authorized, int reassoc)
{
const u8 *dev_addr = NULL;
char buf[100];
@@ -1404,7 +1404,7 @@ void ap_sta_set_authorized(struct hostap
dpp_pkhash, SHA256_MAC_LEN);
}
- hostapd_ubus_notify_authorized(hapd, sta);
+ hostapd_ubus_notify_authorized(hapd, sta, reassoc);
wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s%s%s%s",
buf, ip_addr, keyid_buf, dpp_pkhash_buf, alg_buf);
@@ -1434,6 +1434,11 @@ void ap_sta_set_authorized(struct hostap
}
#endif /* CONFIG_FST */
}
+void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta,
+ int authorized)
+{
+ _ap_sta_set_authorized(hapd, sta, authorized, 0);
+}
void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta,
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
@@ -102,6 +102,7 @@ struct sta_info {
struct sta_info *next; /* next entry in sta list */
struct sta_info *hnext; /* next entry in hash table list */
u8 addr[6];
+ u8 origin_ap[6];
be32 ipaddr;
struct dl_list ip6addr; /* list head for struct ip6addr */
u16 aid; /* STA's unique AID (1 .. 2007) or 0 if not yet assigned */
@@ -398,6 +399,9 @@ const u8 * ap_sta_wpa_get_dpp_pkhash(str
void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta,
const u8 *addr, u16 reason);
+void _ap_sta_set_authorized(struct hostapd_data *hapd,
+ struct sta_info *sta, int authorized,
+ int reassoc);
void ap_sta_set_authorized(struct hostapd_data *hapd,
struct sta_info *sta, int authorized);
static inline int ap_sta_is_authorized(struct sta_info *sta)

22
feeds/hostapd/hostapd/patches/999-s8-u8.patch
View File

@@ -1,22 +0,0 @@
Index: hostapd-2023-06-22-599d00be/src/drivers/driver_nl80211.c
===================================================================
--- hostapd-2023-06-22-599d00be.orig/src/drivers/driver_nl80211.c
+++ hostapd-2023-06-22-599d00be/src/drivers/driver_nl80211.c
@@ -7686,7 +7686,7 @@ static int get_sta_handler(struct nl_msg
[NL80211_STA_INFO_BEACON_SIGNAL_AVG] = { .type = NLA_U8},
[NL80211_STA_INFO_RX_DURATION] = { .type = NLA_U64 },
[NL80211_STA_INFO_ACK_SIGNAL] = { .type = NLA_U8 },
- [NL80211_STA_INFO_ACK_SIGNAL_AVG] = { .type = NLA_S8 },
+ [NL80211_STA_INFO_ACK_SIGNAL_AVG] = { .type = NLA_U8 },
[NL80211_STA_INFO_RX_MPDUS] = { .type = NLA_U32 },
[NL80211_STA_INFO_FCS_ERROR_COUNT] = { .type = NLA_U32 },
[NL80211_STA_INFO_TX_DURATION] = { .type = NLA_U64 },
@@ -7792,7 +7792,7 @@ static int get_sta_handler(struct nl_msg
}
if (stats[NL80211_STA_INFO_ACK_SIGNAL_AVG])
data->avg_ack_signal =
- nla_get_s8(stats[NL80211_STA_INFO_ACK_SIGNAL_AVG]);
+ nla_get_u8(stats[NL80211_STA_INFO_ACK_SIGNAL_AVG]);
if (stats[NL80211_STA_INFO_RX_MPDUS])
data->rx_mpdus = nla_get_u32(stats[NL80211_STA_INFO_RX_MPDUS]);
if (stats[NL80211_STA_INFO_FCS_ERROR_COUNT])

81
feeds/hostapd/hostapd/patches/999-ssi_signal.patch
View File

@@ -1,81 +0,0 @@
Index: hostapd-2023-09-08-e5ccbfc6/src/ap/ieee802_11.c
===================================================================
--- hostapd-2023-09-08-e5ccbfc6.orig/src/ap/ieee802_11.c
+++ hostapd-2023-09-08-e5ccbfc6/src/ap/ieee802_11.c
@@ -59,6 +59,17 @@
#include "pasn/pasn_common.h"
+static int
+ewma(int new, int old)
+{
+ #define ALPHA 10
+ if (!old)
+ return new;
+ if (new >= 0)
+ return old;
+ return ((ALPHA * new) + ((100 - ALPHA) * old)) / 100;
+}
+
#ifdef CONFIG_FILS
static struct wpabuf *
prepare_auth_resp_fils(struct hostapd_data *hapd,
@@ -5856,7 +5867,7 @@ static int robust_action_frame(u8 catego
static int handle_action(struct hostapd_data *hapd,
const struct ieee80211_mgmt *mgmt, size_t len,
- unsigned int freq)
+ unsigned int freq, int ssi_signal)
{
struct sta_info *sta;
u8 *action __maybe_unused;
@@ -5913,6 +5924,7 @@ static int handle_action(struct hostapd_
sta->last_seq_ctrl = seq_ctrl;
sta->last_subtype = WLAN_FC_STYPE_ACTION;
+ sta->signal_mgmt = ewma(ssi_signal, sta->signal_mgmt);;
}
switch (mgmt->u.action.category) {
@@ -6089,6 +6101,8 @@ int ieee802_11_mgmt(struct hostapd_data
unsigned int freq;
int ssi_signal = fi ? fi->ssi_signal : 0;
+ hapd->signal_mgmt = ewma(ssi_signal, hapd->signal_mgmt);;
+
if (len < 24)
return 0;
@@ -6196,7 +6210,7 @@ int ieee802_11_mgmt(struct hostapd_data
break;
case WLAN_FC_STYPE_ACTION:
wpa_printf(MSG_DEBUG, "mgmt::action");
- ret = handle_action(hapd, mgmt, len, freq);
+ ret = handle_action(hapd, mgmt, len, freq, ssi_signal);
break;
default:
hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211,
Index: hostapd-2023-09-08-e5ccbfc6/src/ap/sta_info.h
===================================================================
--- hostapd-2023-09-08-e5ccbfc6.orig/src/ap/sta_info.h
+++ hostapd-2023-09-08-e5ccbfc6/src/ap/sta_info.h
@@ -330,6 +330,7 @@ struct sta_info {
#ifdef CONFIG_PASN
struct pasn_data *pasn;
#endif /* CONFIG_PASN */
+ int signal_mgmt;
#ifdef CONFIG_IEEE80211BE
struct mld_info mld_info;
Index: hostapd-2023-09-08-e5ccbfc6/src/ap/hostapd.h
===================================================================
--- hostapd-2023-09-08-e5ccbfc6.orig/src/ap/hostapd.h
+++ hostapd-2023-09-08-e5ccbfc6/src/ap/hostapd.h
@@ -494,6 +494,7 @@ struct hostapd_data {
#ifdef CONFIG_CTRL_IFACE_UDP
unsigned char ctrl_iface_cookie[CTRL_IFACE_COOKIE_LEN];
#endif /* CONFIG_CTRL_IFACE_UDP */
+ int signal_mgmt;
};

86
feeds/hostapd/hostapd/patches/t00-010-ft_refresh.patch
View File

@@ -1,86 +0,0 @@
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -3152,6 +3152,8 @@ static int hostapd_config_fill(struct ho
bss->ft_over_ds = atoi(pos);
} else if (os_strcmp(buf, "ft_psk_generate_local") == 0) {
bss->ft_psk_generate_local = atoi(pos);
+ } else if (os_strcmp(buf, "ft_l2_refresh") == 0) {
+ bss->ft_l2_refresh = atoi(pos);
#endif /* CONFIG_IEEE80211R_AP */
#ifndef CONFIG_NO_CTRL_IFACE
} else if (os_strcmp(buf, "ctrl_interface") == 0) {
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -401,6 +401,7 @@ struct hostapd_bss_config {
int pmk_r1_push;
int ft_over_ds;
int ft_psk_generate_local;
+ int ft_l2_refresh;
int r1_max_key_lifetime;
#endif /* CONFIG_IEEE80211R_AP */
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
@@ -1495,6 +1495,28 @@ static void hostapd_request_radius_psk(v
#endif /* CONFIG_NO_RADIUS */
+static void wpa_ft_refresh(void *eloop_data, void *user_data)
+{
+ struct hostapd_data *hapd = eloop_data;
+ struct ft_rrb_frame *frame;
+ struct l2_ethhdr *buf;
+ size_t len;
+
+ len = sizeof(*buf) + sizeof(*frame);
+ buf = os_zalloc(len);
+ frame = (struct ft_rrb_frame *)(buf + 1);
+ frame->frame_type = RSN_REMOTE_FRAME_TYPE_FT_RRB;
+ frame->packet_type = FT_PACKET_REQUEST;
+ memset(buf->h_dest, 0xff, ETH_ALEN);
+ os_memcpy(buf->h_source, hapd->own_addr, ETH_ALEN);
+ buf->h_proto = host_to_be16(ETH_P_RRB);
+ l2_packet_send(hapd->l2, buf->h_dest, ETH_P_RRB, (u8 *) buf, len);
+ os_free(buf);
+
+ eloop_register_timeout(hapd->conf->ft_l2_refresh, 0, wpa_ft_refresh,
+ hapd, NULL);
+}
+
int hostapd_setup_wpa(struct hostapd_data *hapd)
{
struct wpa_auth_config _conf;
@@ -1640,6 +1662,9 @@ int hostapd_setup_wpa(struct hostapd_dat
"Failed to open ETH_P_OUI interface");
return -1;
}
+
+ if (hapd->conf->ft_l2_refresh)
+ wpa_ft_refresh(hapd, NULL);
}
#endif /* CONFIG_IEEE80211R_AP */
@@ -1655,7 +1680,6 @@ void hostapd_reconfig_wpa(struct hostapd
wpa_reconfig(hapd->wpa_auth, &wpa_auth_conf);
}
-
void hostapd_deinit_wpa(struct hostapd_data *hapd)
{
ieee80211_tkip_countermeasures_deinit(hapd);
@@ -1679,6 +1703,7 @@ void hostapd_deinit_wpa(struct hostapd_d
"information element from interface %s",
hapd->conf->iface);
}
+
}
ieee802_1x_deinit(hapd);
@@ -1687,6 +1712,7 @@ void hostapd_deinit_wpa(struct hostapd_d
hostapd_wpa_ft_rrb_rx_later(hapd, NULL); /* flush without delivering */
eloop_cancel_timeout(hostapd_oui_deliver_later, hapd, ELOOP_ALL_CTX);
hostapd_oui_deliver_later(hapd, NULL); /* flush without delivering */
+ eloop_cancel_timeout(wpa_ft_refresh, hapd, ELOOP_ALL_CTX);
l2_packet_deinit(hapd->l2);
hapd->l2 = NULL;
hostapd_wpa_unregister_ft_oui(hapd);

27
feeds/hostapd/hostapd/patches/t00-011-owe_ssid_update.patch
View File

@@ -1,27 +0,0 @@
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -1995,6 +1995,13 @@ static int hostapd_owe_iface_iter(struct
is_zero_ether_addr(bss->own_addr))
continue;
+ if (!os_memcmp(hapd->conf->owe_transition_bssid, bss->own_addr,
+ ETH_ALEN) &&
+ hapd->conf->owe_transition_ssid_len == bss->conf->ssid.ssid_len &&
+ !os_memcmp(hapd->conf->owe_transition_ssid, bss->conf->ssid.ssid,
+ bss->conf->ssid.ssid_len))
+ return 0;
+
os_memcpy(hapd->conf->owe_transition_bssid, bss->own_addr,
ETH_ALEN);
os_memcpy(hapd->conf->owe_transition_ssid,
@@ -2011,10 +2018,6 @@ static int hostapd_owe_iface_iter(struct
int hostapd_owe_trans_get_info(struct hostapd_data *hapd)
{
- if (hapd->conf->owe_transition_ssid_len > 0 &&
- !is_zero_ether_addr(hapd->conf->owe_transition_bssid))
- return 0;
-
/* Find transition mode SSID/BSSID information from a BSS operated by
* this hostapd instance. */
if (!hapd->iface->interfaces ||

53
feeds/hostapd/hostapd/patches/t00-012-hostapd-Fix-DVLAN-802.1x-issue.patch
View File

@@ -1,53 +0,0 @@
From 98b6503b87bb36bf2f5ae16e52e230e8870c867f Mon Sep 17 00:00:00 2001
From: Venkat Chimata <venkata@shasta.cloud>
Date: Fri, 28 Jun 2024 14:39:31 +0530
Subject: [PATCH] hostapd: Fix DVLAN + 802.1x issue
In case of swconfig switches, the basename of the interface should be based on the last dot.
Earlier it was done based on the first dot, which would result in incorrect basename.
For example if the interface name is eth0.4087 then the vlan->ifname would be eth0.4087. (A dot at the end) .
Before this patch, the basename was returned as eth0. It should be eth0.4087
Also fixed the return code by adding a default value of 0 and removed an unncessary check
for if_add before ubus add call.
Signed-off-by: Venkat Chimata <venkata@shasta.cloud>
---
src/ap/vlan_init.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/ap/vlan_init.c b/src/ap/vlan_init.c
index 3e27671..cfeb1e5 100644
--- a/src/ap/vlan_init.c
+++ b/src/ap/vlan_init.c
@@ -23,7 +23,8 @@ static int vlan_if_add(struct hostapd_data *hapd, struct hostapd_vlan *vlan,
int existsok)
{
bool vlan_exists = iface_exists(vlan->ifname);
- int ret;
+ int ret = 0;
+
#ifdef CONFIG_WEP
int i;
@@ -38,7 +39,7 @@ static int vlan_if_add(struct hostapd_data *hapd, struct hostapd_vlan *vlan,
#endif /* CONFIG_WEP */
if (!hapd->driver || !hapd->driver->if_add) {
- char *dot = strstr(vlan->ifname, ".");
+ char *dot = strrchr(vlan->ifname, '.');
if (dot)
*dot = '\0';
ret = 0;
@@ -59,7 +60,7 @@ static int vlan_if_add(struct hostapd_data *hapd, struct hostapd_vlan *vlan,
if (hapd->wpa_auth)
ret = wpa_auth_ensure_group(hapd->wpa_auth, vlan->vlan_id);
- if (!ret && !vlan_exists && hapd->driver->if_add)
+ if (!ret && !vlan_exists)
hostapd_ubus_add_vlan(hapd, vlan);
if (ret == 0)
--
2.34.1

11
feeds/hostapd/hostapd/patches/zzz-radius-extended-avp.patch
View File

@@ -1,11 +0,0 @@
--- a/src/radius/radius.c
+++ b/src/radius/radius.c
@@ -755,7 +755,7 @@ struct radius_attr_hdr * radius_msg_add_
ext->length = sizeof(*ext) + 1 + alen;
ext->ext_type = ext_type;
wpabuf_put_u8(msg->buf, data_len > alen ? 0x80 : 0);
- wpabuf_put_data(msg->buf, data, data_len);
+ wpabuf_put_data(msg->buf, data, alen);
data += alen;
data_len -= alen;
if (radius_msg_add_attr_to_array(

69
feeds/hostapd/hostapd/patches/zzz-roaming-key.patch
View File

@@ -1,69 +0,0 @@
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -3154,6 +3154,8 @@ static int hostapd_config_fill(struct ho
bss->ft_psk_generate_local = atoi(pos);
} else if (os_strcmp(buf, "ft_l2_refresh") == 0) {
bss->ft_l2_refresh = atoi(pos);
+ } else if (os_strcmp(buf, "ft_key") == 0) {
+ strncpy(bss->ft_key, pos, sizeof(bss->ft_key));
#endif /* CONFIG_IEEE80211R_AP */
#ifndef CONFIG_NO_CTRL_IFACE
} else if (os_strcmp(buf, "ctrl_interface") == 0) {
@@ -4996,8 +4998,22 @@ struct hostapd_config * hostapd_config_r
fclose(f);
- for (i = 0; i < conf->num_bss; i++)
+ for (i = 0; i < conf->num_bss; i++) {
+ if (*conf->bss[i]->ft_key) {
+ u8 buffer[128];
+ sprintf(buffer, "%02X:%02X:%02X:%02X:%02X:%02X %02X%02X%02X%02X%02X%02X %s", MAC2STR(conf->bss[i]->bssid), MAC2STR(conf->bss[i]->bssid), conf->bss[i]->ft_key);
+ add_r0kh(conf->bss[i], buffer);
+ sprintf(buffer, "%02X:%02X:%02X:%02X:%02X:%02X %02X:%02X:%02X:%02X:%02X:%02X %s", MAC2STR(conf->bss[i]->bssid), MAC2STR(conf->bss[i]->bssid), conf->bss[i]->ft_key);
+ add_r1kh(conf->bss[i], buffer);
+ sprintf(buffer, "ff:ff:ff:ff:ff:ff * %s", conf->bss[i]->ft_key);
+ add_r0kh(conf->bss[i], buffer);
+ sprintf(buffer, "00:00:00:00:00:00 00:00:00:00:00:00 %s", conf->bss[i]->ft_key);
+ add_r1kh(conf->bss[i], buffer);
+ hexstr2bin(conf->bss[i]->bssid, conf->bss[i]->r1_key_holder, FT_R1KH_ID_LEN);
+ conf->bss[i]->r0_key_holder_bssid = 1;
+ }
hostapd_set_security_params(conf->bss[i], 1);
+ }
if (hostapd_config_check(conf, 1))
errors++;
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -403,6 +403,7 @@ struct hostapd_bss_config {
int ft_psk_generate_local;
int ft_l2_refresh;
int r1_max_key_lifetime;
+ u8 ft_key[65];
#endif /* CONFIG_IEEE80211R_AP */
char *ctrl_interface; /* directory for UNIX domain sockets */
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -390,6 +390,7 @@ struct hostapd_bss_config {
/* IEEE 802.11r - Fast BSS Transition */
u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN];
u8 r1_key_holder[FT_R1KH_ID_LEN];
+ int r0_key_holder_bssid;
u32 r0_key_lifetime; /* PMK-R0 lifetime seconds */
int rkh_pos_timeout;
int rkh_neg_timeout;
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
@@ -80,7 +80,10 @@ static void hostapd_wpa_auth_conf(struct
os_memcpy(wconf->ssid, conf->ssid.ssid, wconf->ssid_len);
os_memcpy(wconf->mobility_domain, conf->mobility_domain,
MOBILITY_DOMAIN_ID_LEN);
- if (conf->nas_identifier &&
+ if (1 || conf->r0_key_holder_bssid) {
+ sprintf(wconf->r0_key_holder, "%02X%02X%02X%02X%02X%02X", MAC2STR(conf->bssid));
+ wconf->r0_key_holder_len = 12;
+ } else if (conf->nas_identifier &&
os_strlen(conf->nas_identifier) <= FT_R0KH_ID_MAX_LEN) {
wconf->r0_key_holder_len = os_strlen(conf->nas_identifier);
os_memcpy(wconf->r0_key_holder, conf->nas_identifier,

719
feeds/hostapd/hostapd/src/hostapd/radius.c
View File

@@ -1,719 +0,0 @@
#include "utils/includes.h"
#include "utils/common.h"
#include "utils/eloop.h"
#include "crypto/crypto.h"
#include "crypto/tls.h"
#include "ap/ap_config.h"
#include "eap_server/eap.h"
#include "radius/radius.h"
#include "radius/radius_server.h"
#include "eap_register.h"
#include <libubox/blobmsg_json.h>
#include <libubox/blobmsg.h>
#include <libubox/avl.h>
#include <libubox/avl-cmp.h>
#include <libubox/kvlist.h>
#include <sys/stat.h>
#include <fnmatch.h>
#define VENDOR_ID_WISPR 14122
#define VENDOR_ATTR_SIZE 6
struct radius_parse_attr_data {
unsigned int vendor;
u8 type;
int size;
char format;
const char *data;
};
struct radius_parse_attr_state {
struct hostapd_radius_attr *prev;
struct hostapd_radius_attr *attr;
struct wpabuf *buf;
void *attrdata;
};
struct radius_user_state {
struct avl_node node;
struct eap_user data;
};
struct radius_user_data {
struct kvlist users;
struct avl_tree user_state;
struct blob_attr *wildcard;
};
struct radius_state {
struct radius_server_data *radius;
struct eap_config eap;
struct radius_user_data phase1, phase2;
const char *user_file;
time_t user_file_ts;
int n_attrs;
struct hostapd_radius_attr *attrs;
};
struct radius_config {
struct tls_connection_params tls;
struct radius_server_conf radius;
};
enum {
USER_ATTR_PASSWORD,
USER_ATTR_HASH,
USER_ATTR_SALT,
USER_ATTR_METHODS,
USER_ATTR_RADIUS,
USER_ATTR_VLAN,
USER_ATTR_MAX_RATE_UP,
USER_ATTR_MAX_RATE_DOWN,
__USER_ATTR_MAX
};
static void radius_tls_event(void *ctx, enum tls_event ev,
union tls_event_data *data)
{
switch (ev) {
case TLS_CERT_CHAIN_SUCCESS:
wpa_printf(MSG_DEBUG, "radius: remote certificate verification success");
break;
case TLS_CERT_CHAIN_FAILURE:
wpa_printf(MSG_INFO, "radius: certificate chain failure: reason=%d depth=%d subject='%s' err='%s'",
data->cert_fail.reason,
data->cert_fail.depth,
data->cert_fail.subject,
data->cert_fail.reason_txt);
break;
case TLS_PEER_CERTIFICATE:
wpa_printf(MSG_DEBUG, "radius: peer certificate: depth=%d serial_num=%s subject=%s",
data->peer_cert.depth,
data->peer_cert.serial_num ? data->peer_cert.serial_num : "N/A",
data->peer_cert.subject);
break;
case TLS_ALERT:
if (data->alert.is_local)
wpa_printf(MSG_DEBUG, "radius: local TLS alert: %s",
data->alert.description);
else
wpa_printf(MSG_DEBUG, "radius: remote TLS alert: %s",
data->alert.description);
break;
case TLS_UNSAFE_RENEGOTIATION_DISABLED:
/* Not applicable to TLS server */
break;
}
}
static void radius_userdata_init(struct radius_user_data *u)
{
kvlist_init(&u->users, kvlist_blob_len);
avl_init(&u->user_state, avl_strcmp, false, NULL);
}
static void radius_userdata_free(struct radius_user_data *u)
{
struct radius_user_state *s, *tmp;
kvlist_free(&u->users);
free(u->wildcard);
u->wildcard = NULL;
avl_remove_all_elements(&u->user_state, s, node, tmp)
free(s);
}
static void
radius_userdata_load(struct radius_user_data *u, struct blob_attr *data)
{
enum {
USERSTATE_USERS,
USERSTATE_WILDCARD,
__USERSTATE_MAX,
};
static const struct blobmsg_policy policy[__USERSTATE_MAX] = {
[USERSTATE_USERS] = { "users", BLOBMSG_TYPE_TABLE },
[USERSTATE_WILDCARD] = { "wildcard", BLOBMSG_TYPE_ARRAY },
};
struct blob_attr *tb[__USERSTATE_MAX], *cur;
int rem;
if (!data)
return;
blobmsg_parse(policy, __USERSTATE_MAX, tb, blobmsg_data(data), blobmsg_len(data));
blobmsg_for_each_attr(cur, tb[USERSTATE_USERS], rem)
kvlist_set(&u->users, blobmsg_name(cur), cur);
if (tb[USERSTATE_WILDCARD])
u->wildcard = blob_memdup(tb[USERSTATE_WILDCARD]);
}
static void
load_userfile(struct radius_state *s)
{
enum {
USERDATA_PHASE1,
USERDATA_PHASE2,
__USERDATA_MAX
};
static const struct blobmsg_policy policy[__USERDATA_MAX] = {
[USERDATA_PHASE1] = { "phase1", BLOBMSG_TYPE_TABLE },
[USERDATA_PHASE2] = { "phase2", BLOBMSG_TYPE_TABLE },
};
struct blob_attr *tb[__USERDATA_MAX], *cur;
static struct blob_buf b;
struct stat st;
int rem;
if (stat(s->user_file, &st))
return;
if (s->user_file_ts == st.st_mtime)
return;
s->user_file_ts = st.st_mtime;
radius_userdata_free(&s->phase1);
radius_userdata_free(&s->phase2);
blob_buf_init(&b, 0);
blobmsg_add_json_from_file(&b, s->user_file);
blobmsg_parse(policy, __USERDATA_MAX, tb, blob_data(b.head), blob_len(b.head));
radius_userdata_load(&s->phase1, tb[USERDATA_PHASE1]);
radius_userdata_load(&s->phase2, tb[USERDATA_PHASE2]);
blob_buf_free(&b);
}
static struct blob_attr *
radius_user_get(struct radius_user_data *s, const char *name)
{
struct blob_attr *cur;
int rem;
cur = kvlist_get(&s->users, name);
if (cur)
return cur;
blobmsg_for_each_attr(cur, s->wildcard, rem) {
static const struct blobmsg_policy policy = {
"name", BLOBMSG_TYPE_STRING
};
struct blob_attr *pattern;
if (blobmsg_type(cur) != BLOBMSG_TYPE_TABLE)
continue;
blobmsg_parse(&policy, 1, &pattern, blobmsg_data(cur), blobmsg_len(cur));
if (!name)
continue;
if (!fnmatch(blobmsg_get_string(pattern), name, 0))
return cur;
}
return NULL;
}
static struct radius_parse_attr_data *
radius_parse_attr(struct blob_attr *attr)
{
static const struct blobmsg_policy policy[4] = {
{ .type = BLOBMSG_TYPE_INT32 },
{ .type = BLOBMSG_TYPE_INT32 },
{ .type = BLOBMSG_TYPE_STRING },
{ .type = BLOBMSG_TYPE_STRING },
};
static struct radius_parse_attr_data data;
struct blob_attr *tb[4];
const char *format;
blobmsg_parse_array(policy, ARRAY_SIZE(policy), tb, blobmsg_data(attr), blobmsg_len(attr));
if (!tb[0] || !tb[1] || !tb[2] || !tb[3])
return NULL;
format = blobmsg_get_string(tb[2]);
if (strlen(format) != 1)
return NULL;
data.vendor = blobmsg_get_u32(tb[0]);
data.type = blobmsg_get_u32(tb[1]);
data.format = format[0];
data.data = blobmsg_get_string(tb[3]);
data.size = strlen(data.data);
switch (data.format) {
case 's':
break;
case 'x':
if (data.size & 1)
return NULL;
data.size /= 2;
break;
case 'd':
data.size = 4;
break;
default:
return NULL;
}
return &data;
}
static void
radius_count_attrs(struct blob_attr **tb, int *n_attr, size_t *attr_size)
{
struct blob_attr *data = tb[USER_ATTR_RADIUS];
struct blob_attr *cur;
int rem;
blobmsg_for_each_attr(cur, data, rem) {
struct radius_parse_attr_data *data;
size_t prev = *attr_size;
data = radius_parse_attr(cur);
if (!data)
continue;
*attr_size += data->size;
if (data->vendor)
*attr_size += VENDOR_ATTR_SIZE;
(*n_attr)++;
}
*n_attr += !!tb[USER_ATTR_VLAN] * 3 +
!!tb[USER_ATTR_MAX_RATE_UP] +
!!tb[USER_ATTR_MAX_RATE_DOWN];
*attr_size += !!tb[USER_ATTR_VLAN] * (4 + 4 + 5) +
!!tb[USER_ATTR_MAX_RATE_UP] * (4 + VENDOR_ATTR_SIZE) +
!!tb[USER_ATTR_MAX_RATE_DOWN] * (4 + VENDOR_ATTR_SIZE);
}
static void *
radius_add_attr(struct radius_parse_attr_state *state,
u32 vendor, u8 type, u8 len)
{
struct hostapd_radius_attr *attr;
struct wpabuf *buf;
void *val;
val = state->attrdata;
buf = state->buf++;
buf->buf = val;
attr = state->attr++;
attr->val = buf;
attr->type = type;
if (state->prev)
state->prev->next = attr;
state->prev = attr;
if (vendor) {
u8 *vendor_hdr = val + 4;
WPA_PUT_BE32(val, vendor);
vendor_hdr[0] = type;
vendor_hdr[1] = len + 2;
len += VENDOR_ATTR_SIZE;
val += VENDOR_ATTR_SIZE;
attr->type = RADIUS_ATTR_VENDOR_SPECIFIC;
}
buf->size = buf->used = len;
state->attrdata += len;
return val;
}
static void
radius_parse_attrs(struct blob_attr **tb, struct radius_parse_attr_state *state)
{
struct blob_attr *data = tb[USER_ATTR_RADIUS];
struct hostapd_radius_attr *prev = NULL;
struct blob_attr *cur;
int len, rem;
void *val;
if ((cur = tb[USER_ATTR_VLAN]) != NULL && blobmsg_get_u32(cur) < 4096) {
char buf[5];
val = radius_add_attr(state, 0, RADIUS_ATTR_TUNNEL_TYPE, 4);
WPA_PUT_BE32(val, RADIUS_TUNNEL_TYPE_VLAN);
val = radius_add_attr(state, 0, RADIUS_ATTR_TUNNEL_MEDIUM_TYPE, 4);
WPA_PUT_BE32(val, RADIUS_TUNNEL_MEDIUM_TYPE_802);
len = snprintf(buf, sizeof(buf), "%d", blobmsg_get_u32(cur));
val = radius_add_attr(state, 0, RADIUS_ATTR_TUNNEL_PRIVATE_GROUP_ID, len);
memcpy(val, buf, len);
}
if ((cur = tb[USER_ATTR_MAX_RATE_UP]) != NULL) {
val = radius_add_attr(state, VENDOR_ID_WISPR, 7, 4);
WPA_PUT_BE32(val, blobmsg_get_u32(cur));
}
if ((cur = tb[USER_ATTR_MAX_RATE_DOWN]) != NULL) {
val = radius_add_attr(state, VENDOR_ID_WISPR, 8, 4);
WPA_PUT_BE32(val, blobmsg_get_u32(cur));
}
blobmsg_for_each_attr(cur, data, rem) {
struct radius_parse_attr_data *data;
void *val;
int size;
data = radius_parse_attr(cur);
if (!data)
continue;
val = radius_add_attr(state, data->vendor, data->type, data->size);
switch (data->format) {
case 's':
memcpy(val, data->data, data->size);
break;
case 'x':
hexstr2bin(data->data, val, data->size);
break;
case 'd':
WPA_PUT_BE32(val, atoi(data->data));
break;
}
}
}
static void
radius_user_parse_methods(struct eap_user *eap, struct blob_attr *data)
{
struct blob_attr *cur;
int rem, n = 0;
if (!data)
return;
blobmsg_for_each_attr(cur, data, rem) {
const char *method;
if (blobmsg_type(cur) != BLOBMSG_TYPE_STRING)
continue;
if (n == EAP_MAX_METHODS)
break;
method = blobmsg_get_string(cur);
eap->methods[n].method = eap_server_get_type(method, &eap->methods[n].vendor);
if (eap->methods[n].vendor == EAP_VENDOR_IETF &&
eap->methods[n].method == EAP_TYPE_NONE) {
if (!strcmp(method, "TTLS-PAP")) {
eap->ttls_auth |= EAP_TTLS_AUTH_PAP;
continue;
}
if (!strcmp(method, "TTLS-CHAP")) {
eap->ttls_auth |= EAP_TTLS_AUTH_CHAP;
continue;
}
if (!strcmp(method, "TTLS-MSCHAP")) {
eap->ttls_auth |= EAP_TTLS_AUTH_MSCHAP;
continue;
}
if (!strcmp(method, "TTLS-MSCHAPV2")) {
eap->ttls_auth |= EAP_TTLS_AUTH_MSCHAPV2;
continue;
}
if (!strcmp(method, "MACACL")) {
eap->macacl = 1;
continue;
}
}
n++;
}
}
static struct eap_user *
radius_user_get_state(struct radius_user_data *u, struct blob_attr *data,
const char *id)
{
static const struct blobmsg_policy policy[__USER_ATTR_MAX] = {
[USER_ATTR_PASSWORD] = { "password", BLOBMSG_TYPE_STRING },
[USER_ATTR_HASH] = { "hash", BLOBMSG_TYPE_STRING },
[USER_ATTR_SALT] = { "salt", BLOBMSG_TYPE_STRING },
[USER_ATTR_METHODS] = { "methods", BLOBMSG_TYPE_ARRAY },
[USER_ATTR_RADIUS] = { "radius", BLOBMSG_TYPE_ARRAY },
[USER_ATTR_VLAN] = { "vlan-id", BLOBMSG_TYPE_INT32 },
[USER_ATTR_MAX_RATE_UP] = { "max-rate-up", BLOBMSG_TYPE_INT32 },
[USER_ATTR_MAX_RATE_DOWN] = { "max-rate-down", BLOBMSG_TYPE_INT32 },
};
struct blob_attr *tb[__USER_ATTR_MAX], *cur;
char *password_buf, *salt_buf, *name_buf;
struct radius_parse_attr_state astate = {};
struct hostapd_radius_attr *attr;
struct radius_user_state *state;
int pw_len = 0, salt_len = 0;
struct eap_user *eap;
struct wpabuf *val;
size_t attrsize = 0;
void *attrdata;
int n_attr = 0;
state = avl_find_element(&u->user_state, id, state, node);
if (state)
return &state->data;
blobmsg_parse(policy, __USER_ATTR_MAX, tb, blobmsg_data(data), blobmsg_len(data));
if ((cur = tb[USER_ATTR_SALT]) != NULL)
salt_len = strlen(blobmsg_get_string(cur)) / 2;
if ((cur = tb[USER_ATTR_HASH]) != NULL)
pw_len = strlen(blobmsg_get_string(cur)) / 2;
else if ((cur = tb[USER_ATTR_PASSWORD]) != NULL)
pw_len = blobmsg_len(cur) - 1;
radius_count_attrs(tb, &n_attr, &attrsize);
state = calloc_a(sizeof(*state), &name_buf, strlen(id) + 1,
&password_buf, pw_len,
&salt_buf, salt_len,
&astate.attr, n_attr * sizeof(*astate.attr),
&astate.buf, n_attr * sizeof(*astate.buf),
&astate.attrdata, attrsize);
eap = &state->data;
eap->salt = salt_len ? salt_buf : NULL;
eap->salt_len = salt_len;
eap->password = pw_len ? password_buf : NULL;
eap->password_len = pw_len;
eap->force_version = -1;
if ((cur = tb[USER_ATTR_SALT]) != NULL)
hexstr2bin(blobmsg_get_string(cur), salt_buf, salt_len);
if ((cur = tb[USER_ATTR_PASSWORD]) != NULL)
memcpy(password_buf, blobmsg_get_string(cur), pw_len);
else if ((cur = tb[USER_ATTR_HASH]) != NULL) {
hexstr2bin(blobmsg_get_string(cur), password_buf, pw_len);
eap->password_hash = 1;
}
radius_user_parse_methods(eap, tb[USER_ATTR_METHODS]);
if (n_attr > 0) {
cur = tb[USER_ATTR_RADIUS];
eap->accept_attr = astate.attr;
radius_parse_attrs(tb, &astate);
}
state->node.key = strcpy(name_buf, id);
avl_insert(&u->user_state, &state->node);
return &state->data;
free:
free(state);
return NULL;
}
static int radius_get_eap_user(void *ctx, const u8 *identity,
size_t identity_len, int phase2,
struct eap_user *user)
{
struct radius_state *s = ctx;
struct radius_user_data *u = phase2 ? &s->phase2 : &s->phase1;
struct blob_attr *entry;
struct eap_user *data;
char *id;
if (identity_len > 512)
return -1;
load_userfile(s);
id = alloca(identity_len + 1);
memcpy(id, identity, identity_len);
id[identity_len] = 0;
entry = radius_user_get(u, id);
if (!entry)
return -1;
if (!user)
return 0;
data = radius_user_get_state(u, entry, id);
if (!data)
return -1;
*user = *data;
if (user->password_len > 0)
user->password = os_memdup(user->password, user->password_len);
if (user->salt_len > 0)
user->salt = os_memdup(user->salt, user->salt_len);
user->phase2 = phase2;
return 0;
}
static int radius_setup(struct radius_state *s, struct radius_config *c)
{
struct eap_config *eap = &s->eap;
struct tls_config conf = {
.event_cb = radius_tls_event,
.tls_flags = TLS_CONN_DISABLE_TLSv1_3,
.cb_ctx = s,
};
eap->eap_server = 1;
eap->max_auth_rounds = 100;
eap->max_auth_rounds_short = 50;
eap->ssl_ctx = tls_init(&conf);
if (!eap->ssl_ctx) {
wpa_printf(MSG_INFO, "TLS init failed\n");
return 1;
}
if (tls_global_set_params(eap->ssl_ctx, &c->tls)) {
wpa_printf(MSG_INFO, "failed to set TLS parameters\n");
return 1;
}
c->radius.eap_cfg = eap;
c->radius.conf_ctx = s;
c->radius.get_eap_user = radius_get_eap_user;
s->radius = radius_server_init(&c->radius);
if (!s->radius) {
wpa_printf(MSG_INFO, "failed to initialize radius server\n");
return 1;
}
return 0;
}
static int radius_init(struct radius_state *s)
{
memset(s, 0, sizeof(*s));
radius_userdata_init(&s->phase1);
radius_userdata_init(&s->phase2);
}
static void radius_deinit(struct radius_state *s)
{
if (s->radius)
radius_server_deinit(s->radius);
if (s->eap.ssl_ctx)
tls_deinit(s->eap.ssl_ctx);
radius_userdata_free(&s->phase1);
radius_userdata_free(&s->phase2);
}
static int usage(const char *progname)
{
fprintf(stderr, "Usage: %s <options>\n",
progname);
}
int radius_main(int argc, char **argv)
{
static struct radius_state state = {};
static struct radius_config config = {};
const char *progname = argv[0];
int ret = 0;
int ch;
wpa_debug_setup_stdout();
wpa_debug_level = 0;
if (eloop_init()) {
wpa_printf(MSG_ERROR, "Failed to initialize event loop");
return 1;
}
eap_server_register_methods();
radius_init(&state);
while ((ch = getopt(argc, argv, "6C:c:d:i:k:K:p:P:s:u:")) != -1) {
switch (ch) {
case '6':
config.radius.ipv6 = 1;
break;
case 'C':
config.tls.ca_cert = optarg;
break;
case 'c':
if (config.tls.client_cert2)
return usage(progname);
if (config.tls.client_cert)
config.tls.client_cert2 = optarg;
else
config.tls.client_cert = optarg;
break;
case 'd':
config.tls.dh_file = optarg;
break;
case 'i':
state.eap.server_id = optarg;
state.eap.server_id_len = strlen(optarg);
break;
case 'k':
if (config.tls.private_key2)
return usage(progname);
if (config.tls.private_key)
config.tls.private_key2 = optarg;
else
config.tls.private_key = optarg;
break;
case 'K':
if (config.tls.private_key_passwd2)
return usage(progname);
if (config.tls.private_key_passwd)
config.tls.private_key_passwd2 = optarg;
else
config.tls.private_key_passwd = optarg;
break;
case 'p':
config.radius.auth_port = atoi(optarg);
break;
case 'P':
config.radius.acct_port = atoi(optarg);
break;
case 's':
config.radius.client_file = optarg;
break;
case 'u':
state.user_file = optarg;
break;
default:
return usage(progname);
}
}
if (!config.tls.client_cert || !config.tls.private_key ||
!config.radius.client_file || !state.eap.server_id ||
!state.user_file) {
wpa_printf(MSG_INFO, "missing options\n");
goto out;
}
ret = radius_setup(&state, &config);
if (ret)
goto out;
load_userfile(&state);
eloop_run();
out:
radius_deinit(&state);
os_program_deinit();
return ret;
}

952
feeds/hostapd/hostapd/src/src/ap/ucode.c
View File

@@ -1,952 +0,0 @@
#include <sys/un.h>
#include "utils/includes.h"
#include "utils/common.h"
#include "utils/ucode.h"
#include "hostapd.h"
#include "beacon.h"
#include "hw_features.h"
#include "ap_drv_ops.h"
#include "dfs.h"
#include "acs.h"
#include "ieee802_11_auth.h"
#include <libubox/uloop.h>
static uc_resource_type_t *global_type, *bss_type, *iface_type;
static struct hapd_interfaces *interfaces;
static uc_value_t *global, *bss_registry, *iface_registry;
static uc_vm_t *vm;
static uc_value_t *
hostapd_ucode_bss_get_uval(struct hostapd_data *hapd)
{
uc_value_t *val;
if (hapd->ucode.idx)
return wpa_ucode_registry_get(bss_registry, hapd->ucode.idx);
val = uc_resource_new(bss_type, hapd);
hapd->ucode.idx = wpa_ucode_registry_add(bss_registry, val);
return val;
}
static uc_value_t *
hostapd_ucode_iface_get_uval(struct hostapd_iface *hapd)
{
uc_value_t *val;
if (hapd->ucode.idx)
return wpa_ucode_registry_get(iface_registry, hapd->ucode.idx);
val = uc_resource_new(iface_type, hapd);
hapd->ucode.idx = wpa_ucode_registry_add(iface_registry, val);
return val;
}
static void
hostapd_ucode_update_bss_list(struct hostapd_iface *iface, uc_value_t *if_bss, uc_value_t *bss)
{
uc_value_t *list;
int i;
list = ucv_array_new(vm);
for (i = 0; iface->bss && i < iface->num_bss; i++) {
struct hostapd_data *hapd = iface->bss[i];
uc_value_t *val = hostapd_ucode_bss_get_uval(hapd);
ucv_array_set(list, i, ucv_get(ucv_string_new(hapd->conf->iface)));
ucv_object_add(bss, hapd->conf->iface, ucv_get(val));
}
ucv_object_add(if_bss, iface->phy, ucv_get(list));
}
static void
hostapd_ucode_update_interfaces(void)
{
uc_value_t *ifs = ucv_object_new(vm);
uc_value_t *if_bss = ucv_array_new(vm);
uc_value_t *bss = ucv_object_new(vm);
int i;
for (i = 0; i < interfaces->count; i++) {
struct hostapd_iface *iface = interfaces->iface[i];
ucv_object_add(ifs, iface->phy, ucv_get(hostapd_ucode_iface_get_uval(iface)));
hostapd_ucode_update_bss_list(iface, if_bss, bss);
}
ucv_object_add(ucv_prototype_get(global), "interfaces", ucv_get(ifs));
ucv_object_add(ucv_prototype_get(global), "interface_bss", ucv_get(if_bss));
ucv_object_add(ucv_prototype_get(global), "bss", ucv_get(bss));
ucv_gc(vm);
}
static uc_value_t *
uc_hostapd_add_iface(uc_vm_t *vm, size_t nargs)
{
uc_value_t *iface = uc_fn_arg(0);
int ret;
if (ucv_type(iface) != UC_STRING)
return ucv_int64_new(-1);
ret = hostapd_add_iface(interfaces, ucv_string_get(iface));
hostapd_ucode_update_interfaces();
return ucv_int64_new(ret);
}
static uc_value_t *
uc_hostapd_remove_iface(uc_vm_t *vm, size_t nargs)
{
uc_value_t *iface = uc_fn_arg(0);
if (ucv_type(iface) != UC_STRING)
return NULL;
hostapd_remove_iface(interfaces, ucv_string_get(iface));
hostapd_ucode_update_interfaces();
return NULL;
}
static struct hostapd_vlan *
bss_conf_find_vlan(struct hostapd_bss_config *bss, int id)
{
struct hostapd_vlan *vlan;
for (vlan = bss->vlan; vlan; vlan = vlan->next)
if (vlan->vlan_id == id)
return vlan;
return NULL;
}
static int
bss_conf_rename_vlan(struct hostapd_data *hapd, struct hostapd_vlan *vlan,
const char *ifname)
{
if (!strcmp(ifname, vlan->ifname))
return 0;
hostapd_drv_if_rename(hapd, WPA_IF_AP_VLAN, vlan->ifname, ifname);
os_strlcpy(vlan->ifname, ifname, sizeof(vlan->ifname));
return 0;
}
static int
bss_reload_vlans(struct hostapd_data *hapd, struct hostapd_bss_config *bss)
{
struct hostapd_bss_config *old_bss = hapd->conf;
struct hostapd_vlan *vlan, *vlan_new, *wildcard;
char ifname[IFNAMSIZ + 1], vlan_ifname[IFNAMSIZ + 1], *pos;
int ret;
vlan = bss_conf_find_vlan(old_bss, VLAN_ID_WILDCARD);
wildcard = bss_conf_find_vlan(bss, VLAN_ID_WILDCARD);
if (!!vlan != !!wildcard)
return -1;
if (vlan && wildcard && strcmp(vlan->ifname, wildcard->ifname) != 0)
strcpy(vlan->ifname, wildcard->ifname);
else
wildcard = NULL;
for (vlan = bss->vlan; vlan; vlan = vlan->next) {
if (vlan->vlan_id == VLAN_ID_WILDCARD ||
vlan->dynamic_vlan > 0)
continue;
if (!bss_conf_find_vlan(old_bss, vlan->vlan_id))
return -1;
}
for (vlan = old_bss->vlan; vlan; vlan = vlan->next) {
if (vlan->vlan_id == VLAN_ID_WILDCARD)
continue;
if (vlan->dynamic_vlan == 0) {
vlan_new = bss_conf_find_vlan(bss, vlan->vlan_id);
if (!vlan_new)
return -1;
if (bss_conf_rename_vlan(hapd, vlan, vlan_new->ifname))
return -1;
continue;
}
if (!wildcard)
continue;
os_strlcpy(ifname, wildcard->ifname, sizeof(ifname));
pos = os_strchr(ifname, '#');
if (!pos)
return -1;
*pos++ = '\0';
ret = os_snprintf(vlan_ifname, sizeof(vlan_ifname), "%s%d%s",
ifname, vlan->vlan_id, pos);
if (os_snprintf_error(sizeof(vlan_ifname), ret))
return -1;
if (bss_conf_rename_vlan(hapd, vlan, vlan_ifname))
return -1;
}
return 0;
}
static uc_value_t *
uc_hostapd_bss_set_config(uc_vm_t *vm, size_t nargs)
{
struct hostapd_data *hapd = uc_fn_thisval("hostapd.bss");
struct hostapd_bss_config *old_bss;
struct hostapd_iface *iface;
struct hostapd_config *conf;
uc_value_t *file = uc_fn_arg(0);
uc_value_t *index = uc_fn_arg(1);
uc_value_t *files_only = uc_fn_arg(2);
unsigned int i, idx = 0;
int ret = -1;
if (!hapd || ucv_type(file) != UC_STRING)
goto out;
if (ucv_type(index) == UC_INTEGER)
idx = ucv_int64_get(index);
iface = hapd->iface;
conf = interfaces->config_read_cb(ucv_string_get(file));
if (!conf)
goto out;
if (idx > conf->num_bss || !conf->bss[idx])
goto free;
if (ucv_boolean_get(files_only)) {
struct hostapd_bss_config *bss = conf->bss[idx];
struct hostapd_bss_config *old_bss = hapd->conf;
#define swap_field(name) \
do { \
void *ptr = old_bss->name; \
old_bss->name = bss->name; \
bss->name = ptr; \
} while (0)
swap_field(ssid.wpa_psk_file);
ret = bss_reload_vlans(hapd, bss);
goto done;
}
hostapd_bss_deinit_no_free(hapd);
hostapd_drv_stop_ap(hapd);
hostapd_free_hapd_data(hapd);
old_bss = hapd->conf;
for (i = 0; i < iface->conf->num_bss; i++)
if (iface->conf->bss[i] == hapd->conf)
iface->conf->bss[i] = conf->bss[idx];
hapd->conf = conf->bss[idx];
conf->bss[idx] = old_bss;
hostapd_setup_bss(hapd, hapd == iface->bss[0], true);
hostapd_ucode_update_interfaces();
hostapd_owe_update_trans(iface);
done:
ret = 0;
free:
hostapd_config_free(conf);
out:
return ucv_int64_new(ret);
}
static void
hostapd_remove_iface_bss_conf(struct hostapd_config *iconf,
struct hostapd_bss_config *conf)
{
int i;
for (i = 0; i < iconf->num_bss; i++)
if (iconf->bss[i] == conf)
break;
if (i == iconf->num_bss)
return;
for (i++; i < iconf->num_bss; i++)
iconf->bss[i - 1] = iconf->bss[i];
iconf->num_bss--;
}
static uc_value_t *
uc_hostapd_bss_delete(uc_vm_t *vm, size_t nargs)
{
struct hostapd_data *hapd = uc_fn_thisval("hostapd.bss");
struct hostapd_iface *iface;
int i, idx;
if (!hapd)
return NULL;
iface = hapd->iface;
if (iface->num_bss == 1) {
wpa_printf(MSG_ERROR, "trying to delete last bss of an iface: %s\n", hapd->conf->iface);
return NULL;
}
for (idx = 0; idx < iface->num_bss; idx++)
if (iface->bss[idx] == hapd)
break;
if (idx == iface->num_bss)
return NULL;
for (i = idx + 1; i < iface->num_bss; i++)
iface->bss[i - 1] = iface->bss[i];
iface->num_bss--;
iface->bss[0]->interface_added = 0;
hostapd_drv_set_first_bss(iface->bss[0]);
hapd->interface_added = 1;
hostapd_drv_stop_ap(hapd);
hostapd_bss_deinit(hapd);
hostapd_remove_iface_bss_conf(iface->conf, hapd->conf);
hostapd_config_free_bss(hapd->conf);
os_free(hapd);
hostapd_ucode_update_interfaces();
ucv_gc(vm);
return NULL;
}
static uc_value_t *
uc_hostapd_iface_add_bss(uc_vm_t *vm, size_t nargs)
{
struct hostapd_iface *iface = uc_fn_thisval("hostapd.iface");
struct hostapd_bss_config *bss;
struct hostapd_config *conf;
struct hostapd_data *hapd;
uc_value_t *file = uc_fn_arg(0);
uc_value_t *index = uc_fn_arg(1);
unsigned int idx = 0;
uc_value_t *ret = NULL;
if (!iface || ucv_type(file) != UC_STRING)
goto out;
if (ucv_type(index) == UC_INTEGER)
idx = ucv_int64_get(index);
conf = interfaces->config_read_cb(ucv_string_get(file));
if (!conf || idx > conf->num_bss || !conf->bss[idx])
goto out;
bss = conf->bss[idx];
hapd = hostapd_alloc_bss_data(iface, iface->conf, bss);
if (!hapd)
goto out;
hapd->driver = iface->bss[0]->driver;
hapd->drv_priv = iface->bss[0]->drv_priv;
if (interfaces->ctrl_iface_init &&
interfaces->ctrl_iface_init(hapd) < 0)
goto free_hapd;
if (iface->state == HAPD_IFACE_ENABLED &&
hostapd_setup_bss(hapd, -1, true))
goto deinit_ctrl;
iface->bss = os_realloc_array(iface->bss, iface->num_bss + 1,
sizeof(*iface->bss));
iface->bss[iface->num_bss++] = hapd;
iface->conf->bss = os_realloc_array(iface->conf->bss,
iface->conf->num_bss + 1,
sizeof(*iface->conf->bss));
iface->conf->bss[iface->conf->num_bss] = bss;
conf->bss[idx] = NULL;
ret = hostapd_ucode_bss_get_uval(hapd);
hostapd_ucode_update_interfaces();
hostapd_owe_update_trans(iface);
goto out;
deinit_ctrl:
if (interfaces->ctrl_iface_deinit)
interfaces->ctrl_iface_deinit(hapd);
free_hapd:
hostapd_free_hapd_data(hapd);
os_free(hapd);
out:
hostapd_config_free(conf);
return ret;
}
static uc_value_t *
uc_hostapd_iface_set_bss_order(uc_vm_t *vm, size_t nargs)
{
struct hostapd_iface *iface = uc_fn_thisval("hostapd.iface");
uc_value_t *bss_list = uc_fn_arg(0);
struct hostapd_data **new_bss;
struct hostapd_bss_config **new_conf;
if (!iface)
return NULL;
if (ucv_type(bss_list) != UC_ARRAY ||
ucv_array_length(bss_list) != iface->num_bss)
return NULL;
new_bss = calloc(iface->num_bss, sizeof(*new_bss));
new_conf = calloc(iface->num_bss, sizeof(*new_conf));
for (size_t i = 0; i < iface->num_bss; i++) {
struct hostapd_data *bss;
bss = ucv_resource_data(ucv_array_get(bss_list, i), "hostapd.bss");
if (bss->iface != iface)
goto free;
for (size_t k = 0; k < i; k++)
if (new_bss[k] == bss)
goto free;
new_bss[i] = bss;
new_conf[i] = bss->conf;
}
new_bss[0]->interface_added = 0;
for (size_t i = 1; i < iface->num_bss; i++)
new_bss[i]->interface_added = 1;
free(iface->bss);
iface->bss = new_bss;
free(iface->conf->bss);
iface->conf->bss = new_conf;
iface->conf->num_bss = iface->num_bss;
hostapd_drv_set_first_bss(iface->bss[0]);
return ucv_boolean_new(true);
free:
free(new_bss);
free(new_conf);
return NULL;
}
static uc_value_t *
uc_hostapd_bss_ctrl(uc_vm_t *vm, size_t nargs)
{
struct hostapd_data *hapd = uc_fn_thisval("hostapd.bss");
uc_value_t *arg = uc_fn_arg(0);
struct sockaddr_storage from = {};
static char reply[4096];
int reply_len;
if (!hapd || !interfaces->ctrl_iface_recv ||
ucv_type(arg) != UC_STRING)
return NULL;
reply_len = interfaces->ctrl_iface_recv(hapd, ucv_string_get(arg),
reply, sizeof(reply),
&from, sizeof(from));
if (reply_len < 0)
return NULL;
if (reply_len && reply[reply_len - 1] == '\n')
reply_len--;
return ucv_string_new_length(reply, reply_len);
}
static void
uc_hostapd_disable_iface(struct hostapd_iface *iface)
{
switch (iface->state) {
case HAPD_IFACE_DISABLED:
break;
#ifdef CONFIG_ACS
case HAPD_IFACE_ACS:
acs_cleanup(iface);
iface->scan_cb = NULL;
/* fallthrough */
#endif
default:
hostapd_disable_iface(iface);
break;
}
}
static uc_value_t *
uc_hostapd_iface_stop(uc_vm_t *vm, size_t nargs)
{
struct hostapd_iface *iface = uc_fn_thisval("hostapd.iface");
int i;
if (!iface)
return NULL;
if (iface->state != HAPD_IFACE_ENABLED)
uc_hostapd_disable_iface(iface);
for (i = 0; i < iface->num_bss; i++) {
struct hostapd_data *hapd = iface->bss[i];
hostapd_drv_stop_ap(hapd);
hapd->beacon_set_done = 0;
}
return NULL;
}
static uc_value_t *
uc_hostapd_iface_start(uc_vm_t *vm, size_t nargs)
{
struct hostapd_iface *iface = uc_fn_thisval("hostapd.iface");
uc_value_t *info = uc_fn_arg(0);
struct hostapd_config *conf;
bool changed = false;
uint64_t intval;
int i;
if (!iface)
return NULL;
if (!info) {
iface->freq = 0;
goto out;
}
if (ucv_type(info) != UC_OBJECT)
return NULL;
#define UPDATE_VAL(field, name) \
if ((intval = ucv_int64_get(ucv_object_get(info, name, NULL))) && \
!errno && intval != conf->field) do { \
conf->field = intval; \
changed = true; \
} while(0)
conf = iface->conf;
UPDATE_VAL(op_class, "op_class");
UPDATE_VAL(hw_mode, "hw_mode");
UPDATE_VAL(channel, "channel");
UPDATE_VAL(secondary_channel, "sec_channel");
if (!changed &&
(iface->bss[0]->beacon_set_done ||
iface->state == HAPD_IFACE_DFS))
return ucv_boolean_new(true);
intval = ucv_int64_get(ucv_object_get(info, "center_seg0_idx", NULL));
if (!errno)
hostapd_set_oper_centr_freq_seg0_idx(conf, intval);
intval = ucv_int64_get(ucv_object_get(info, "center_seg1_idx", NULL));
if (!errno)
hostapd_set_oper_centr_freq_seg1_idx(conf, intval);
intval = ucv_int64_get(ucv_object_get(info, "oper_chwidth", NULL));
if (!errno)
hostapd_set_oper_chwidth(conf, intval);
intval = ucv_int64_get(ucv_object_get(info, "frequency", NULL));
if (!errno)
iface->freq = intval;
else
iface->freq = 0;
conf->acs = 0;
out:
switch (iface->state) {
case HAPD_IFACE_ENABLED:
if (!hostapd_is_dfs_required(iface) ||
hostapd_is_dfs_chan_available(iface))
break;
wpa_printf(MSG_INFO, "DFS CAC required on new channel, restart interface");
/* fallthrough */
default:
uc_hostapd_disable_iface(iface);
break;
}
if (conf->channel && !iface->freq)
iface->freq = hostapd_hw_get_freq(iface->bss[0], conf->channel);
if (iface->state != HAPD_IFACE_ENABLED) {
hostapd_enable_iface(iface);
return ucv_boolean_new(true);
}
for (i = 0; i < iface->num_bss; i++) {
struct hostapd_data *hapd = iface->bss[i];
int ret;
hapd->conf->start_disabled = 0;
hostapd_set_freq(hapd, conf->hw_mode, iface->freq,
conf->channel,
conf->enable_edmg,
conf->edmg_channel,
conf->ieee80211n,
conf->ieee80211ac,
conf->ieee80211ax,
conf->ieee80211be,
conf->secondary_channel,
hostapd_get_oper_chwidth(conf),
hostapd_get_oper_centr_freq_seg0_idx(conf),
hostapd_get_oper_centr_freq_seg1_idx(conf));
ieee802_11_set_beacon(hapd);
}
hostapd_owe_update_trans(iface);
return ucv_boolean_new(true);
}
static uc_value_t *
uc_hostapd_iface_switch_channel(uc_vm_t *vm, size_t nargs)
{
struct hostapd_iface *iface = uc_fn_thisval("hostapd.iface");
uc_value_t *info = uc_fn_arg(0);
struct hostapd_config *conf;
struct csa_settings csa = {};
uint64_t intval;
int i, ret = 0;
if (!iface || ucv_type(info) != UC_OBJECT)
return NULL;
conf = iface->conf;
if ((intval = ucv_int64_get(ucv_object_get(info, "csa_count", NULL))) && !errno)
csa.cs_count = intval;
if ((intval = ucv_int64_get(ucv_object_get(info, "sec_channel", NULL))) && !errno)
csa.freq_params.sec_channel_offset = intval;
csa.freq_params.ht_enabled = conf->ieee80211n;
csa.freq_params.vht_enabled = conf->ieee80211ac;
csa.freq_params.he_enabled = conf->ieee80211ax;
#ifdef CONFIG_IEEE80211BE
csa.freq_params.eht_enabled = conf->ieee80211be;
#endif
intval = ucv_int64_get(ucv_object_get(info, "oper_chwidth", NULL));
if (errno)
intval = hostapd_get_oper_chwidth(conf);
if (intval)
csa.freq_params.bandwidth = 40 << intval;
else
csa.freq_params.bandwidth = csa.freq_params.sec_channel_offset ? 40 : 20;
if ((intval = ucv_int64_get(ucv_object_get(info, "frequency", NULL))) && !errno)
csa.freq_params.freq = intval;
if ((intval = ucv_int64_get(ucv_object_get(info, "center_freq1", NULL))) && !errno)
csa.freq_params.center_freq1 = intval;
if ((intval = ucv_int64_get(ucv_object_get(info, "center_freq2", NULL))) && !errno)
csa.freq_params.center_freq2 = intval;
for (i = 0; i < iface->num_bss; i++)
ret = hostapd_switch_channel(iface->bss[i], &csa);
return ucv_boolean_new(!ret);
}
static uc_value_t *
uc_hostapd_bss_rename(uc_vm_t *vm, size_t nargs)
{
struct hostapd_data *hapd = uc_fn_thisval("hostapd.bss");
uc_value_t *ifname_arg = uc_fn_arg(0);
char prev_ifname[IFNAMSIZ + 1];
struct sta_info *sta;
const char *ifname;
int ret;
if (!hapd || ucv_type(ifname_arg) != UC_STRING)
return NULL;
os_strlcpy(prev_ifname, hapd->conf->iface, sizeof(prev_ifname));
ifname = ucv_string_get(ifname_arg);
hostapd_ubus_free_bss(hapd);
if (interfaces->ctrl_iface_deinit)
interfaces->ctrl_iface_deinit(hapd);
ret = hostapd_drv_if_rename(hapd, WPA_IF_AP_BSS, NULL, ifname);
if (ret)
goto out;
for (sta = hapd->sta_list; sta; sta = sta->next) {
char cur_name[IFNAMSIZ + 1], new_name[IFNAMSIZ + 1];
if (!(sta->flags & WLAN_STA_WDS) || sta->pending_wds_enable)
continue;
snprintf(cur_name, sizeof(cur_name), "%s.sta%d", prev_ifname, sta->aid);
snprintf(new_name, sizeof(new_name), "%s.sta%d", ifname, sta->aid);
hostapd_drv_if_rename(hapd, WPA_IF_AP_VLAN, cur_name, new_name);
}
if (!strncmp(hapd->conf->ssid.vlan, hapd->conf->iface, sizeof(hapd->conf->ssid.vlan)))
os_strlcpy(hapd->conf->ssid.vlan, ifname, sizeof(hapd->conf->ssid.vlan));
os_strlcpy(hapd->conf->iface, ifname, sizeof(hapd->conf->iface));
hostapd_ubus_add_bss(hapd);
hostapd_ucode_update_interfaces();
hostapd_owe_update_trans(hapd->iface);
out:
if (interfaces->ctrl_iface_init)
interfaces->ctrl_iface_init(hapd);
return ret ? NULL : ucv_boolean_new(true);
}
int hostapd_ucode_sta_auth(struct hostapd_data *hapd, struct sta_info *sta)
{
char addr[sizeof(MACSTR)];
uc_value_t *val, *cur;
int ret = 0;
if (wpa_ucode_call_prepare("sta_auth"))
return 0;
uc_value_push(ucv_get(ucv_string_new(hapd->conf->iface)));
snprintf(addr, sizeof(addr), MACSTR, MAC2STR(sta->addr));
val = ucv_string_new(addr);
uc_value_push(ucv_get(val));
val = wpa_ucode_call(2);
cur = ucv_object_get(val, "psk", NULL);
if (ucv_type(cur) == UC_ARRAY) {
struct hostapd_sta_wpa_psk_short *p, **next;
size_t len = ucv_array_length(cur);
next = &sta->psk;
hostapd_free_psk_list(*next);
*next = NULL;
for (size_t i = 0; i < len; i++) {
uc_value_t *cur_psk;
const char *str;
size_t str_len;
cur_psk = ucv_array_get(cur, i);
str = ucv_string_get(cur_psk);
str_len = strlen(str);
if (!str || str_len < 8 || str_len > 64)
continue;
p = os_zalloc(sizeof(*p));
if (len == 64) {
if (hexstr2bin(str, p->psk, PMK_LEN) < 0) {
free(p);
continue;
}
} else {
p->is_passphrase = 1;
memcpy(p->passphrase, str, str_len + 1);
}
*next = p;
next = &p->next;
}
}
cur = ucv_object_get(val, "force_psk", NULL);
sta->use_sta_psk = ucv_is_truish(cur);
cur = ucv_object_get(val, "status", NULL);
if (ucv_type(cur) == UC_INTEGER)
ret = ucv_int64_get(cur);
ucv_put(val);
ucv_gc(vm);
return ret;
}
void hostapd_ucode_sta_connected(struct hostapd_data *hapd, struct sta_info *sta)
{
struct hostapd_sta_wpa_psk_short *psk = sta->psk;
char addr[sizeof(MACSTR)];
uc_value_t *val, *cur;
int ret = 0;
if (wpa_ucode_call_prepare("sta_connected"))
return;
uc_value_push(ucv_get(ucv_string_new(hapd->conf->iface)));
snprintf(addr, sizeof(addr), MACSTR, MAC2STR(sta->addr));
val = ucv_string_new(addr);
uc_value_push(ucv_get(val));
val = ucv_object_new(vm);
if (sta->psk_idx)
ucv_object_add(val, "psk_idx", ucv_int64_new(sta->psk_idx - 1));
if (sta->psk)
ucv_object_add(val, "psk", ucv_string_new(sta->psk->passphrase));
uc_value_push(ucv_get(val));
val = wpa_ucode_call(3);
if (ucv_type(val) != UC_OBJECT)
goto out;
cur = ucv_object_get(val, "vlan", NULL);
if (ucv_type(cur) == UC_INTEGER) {
struct vlan_description vdesc = {
.notempty = 1,
.untagged = ucv_int64_get(cur),
};
ap_sta_set_vlan(hapd, sta, &vdesc);
ap_sta_bind_vlan(hapd, sta);
}
out:
ucv_put(val);
}
int hostapd_ucode_init(struct hapd_interfaces *ifaces)
{
static const uc_function_list_t global_fns[] = {
{ "printf", uc_wpa_printf },
{ "getpid", uc_wpa_getpid },
{ "sha1", uc_wpa_sha1 },
{ "freq_info", uc_wpa_freq_info },
{ "add_iface", uc_hostapd_add_iface },
{ "remove_iface", uc_hostapd_remove_iface },
};
static const uc_function_list_t bss_fns[] = {
{ "ctrl", uc_hostapd_bss_ctrl },
{ "set_config", uc_hostapd_bss_set_config },
{ "rename", uc_hostapd_bss_rename },
{ "delete", uc_hostapd_bss_delete },
};
static const uc_function_list_t iface_fns[] = {
{ "set_bss_order", uc_hostapd_iface_set_bss_order },
{ "add_bss", uc_hostapd_iface_add_bss },
{ "stop", uc_hostapd_iface_stop },
{ "start", uc_hostapd_iface_start },
{ "switch_channel", uc_hostapd_iface_switch_channel },
};
uc_value_t *data, *proto;
interfaces = ifaces;
vm = wpa_ucode_create_vm();
global_type = uc_type_declare(vm, "hostapd.global", global_fns, NULL);
bss_type = uc_type_declare(vm, "hostapd.bss", bss_fns, NULL);
iface_type = uc_type_declare(vm, "hostapd.iface", iface_fns, NULL);
bss_registry = ucv_array_new(vm);
uc_vm_registry_set(vm, "hostap.bss_registry", bss_registry);
iface_registry = ucv_array_new(vm);
uc_vm_registry_set(vm, "hostap.iface_registry", iface_registry);
global = wpa_ucode_global_init("hostapd", global_type);
if (wpa_ucode_run(HOSTAPD_UC_PATH "hostapd.uc"))
goto free_vm;
ucv_gc(vm);
return 0;
free_vm:
wpa_ucode_free_vm();
return -1;
}
void hostapd_ucode_free(void)
{
if (wpa_ucode_call_prepare("shutdown") == 0)
ucv_put(wpa_ucode_call(0));
wpa_ucode_free_vm();
}
void hostapd_ucode_free_iface(struct hostapd_iface *iface)
{
wpa_ucode_registry_remove(iface_registry, iface->ucode.idx);
}
int hostapd_ucode_afc_request(struct hostapd_iface *iface, const char *request,
char *buf, size_t len)
{
uc_value_t *val;
size_t ret_len;
int ret = -1;
if (wpa_ucode_call_prepare("afc_request"))
return -1;
uc_value_push(ucv_get(ucv_string_new(iface->phy)));
uc_value_push(ucv_get(ucv_string_new(request)));
val = wpa_ucode_call(2);
if (ucv_type(val) != UC_STRING)
goto out;
ret_len = ucv_string_length(val);
if (ret_len >= len)
goto out;
memcpy(buf, ucv_string_get(val), ret_len + 1);
ret = (int)ret_len;
out:
ucv_put(val);
return ret;
}
void hostapd_ucode_add_bss(struct hostapd_data *hapd)
{
uc_value_t *val;
if (wpa_ucode_call_prepare("bss_add"))
return;
val = hostapd_ucode_bss_get_uval(hapd);
uc_value_push(ucv_get(ucv_string_new(hapd->conf->iface)));
uc_value_push(ucv_get(val));
ucv_put(wpa_ucode_call(2));
ucv_gc(vm);
}
void hostapd_ucode_reload_bss(struct hostapd_data *hapd)
{
uc_value_t *val;
if (wpa_ucode_call_prepare("bss_reload"))
return;
val = hostapd_ucode_bss_get_uval(hapd);
uc_value_push(ucv_get(ucv_string_new(hapd->conf->iface)));
uc_value_push(ucv_get(val));
ucv_put(wpa_ucode_call(2));
ucv_gc(vm);
}
void hostapd_ucode_free_bss(struct hostapd_data *hapd)
{
uc_value_t *val;
val = wpa_ucode_registry_remove(bss_registry, hapd->ucode.idx);
if (!val)
return;
hapd->ucode.idx = 0;
if (wpa_ucode_call_prepare("bss_remove"))
return;
uc_value_push(ucv_string_new(hapd->conf->iface));
uc_value_push(ucv_get(val));
ucv_put(wpa_ucode_call(2));
ucv_gc(vm);
}

65
feeds/hostapd/hostapd/src/src/ap/ucode.h
View File

@@ -1,65 +0,0 @@
#ifndef __HOSTAPD_AP_UCODE_H
#define __HOSTAPD_AP_UCODE_H
#include "utils/ucode.h"
struct hostapd_data;
struct hostapd_ucode_bss {
#ifdef UCODE_SUPPORT
int idx;
#endif
};
struct hostapd_ucode_iface {
#ifdef UCODE_SUPPORT
int idx;
#endif
};
#ifdef UCODE_SUPPORT
int hostapd_ucode_init(struct hapd_interfaces *ifaces);
void hostapd_ucode_free(void);
void hostapd_ucode_free_iface(struct hostapd_iface *iface);
int hostapd_ucode_sta_auth(struct hostapd_data *hapd, struct sta_info *sta);
void hostapd_ucode_sta_connected(struct hostapd_data *hapd, struct sta_info *sta);
void hostapd_ucode_add_bss(struct hostapd_data *hapd);
void hostapd_ucode_free_bss(struct hostapd_data *hapd);
void hostapd_ucode_reload_bss(struct hostapd_data *hapd);
int hostapd_ucode_afc_request(struct hostapd_iface *iface, const char *request,
char *buf, size_t len);
#else
static inline int hostapd_ucode_init(struct hapd_interfaces *ifaces)
{
return -EINVAL;
}
static inline void hostapd_ucode_free(void)
{
}
static inline void hostapd_ucode_free_iface(struct hostapd_iface *iface)
{
}
static inline void hostapd_ucode_reload_bss(struct hostapd_data *hapd)
{
}
static inline int hostapd_ucode_sta_auth(struct hostapd_data *hapd, struct sta_info *sta)
{
return 0;
}
static inline void hostapd_ucode_sta_connected(struct hostapd_data *hapd, struct sta_info *sta)
{
}
static inline void hostapd_ucode_add_bss(struct hostapd_data *hapd)
{
}
static inline void hostapd_ucode_free_bss(struct hostapd_data *hapd)
{
}
#endif
#endif

151
feeds/ipq40xx/ipq-wifi/Makefile
View File

@@ -1,151 +0,0 @@
include $(TOPDIR)/rules.mk
include $(INCLUDE_DIR)/version.mk
PKG_NAME:=ipq-wifi
PKG_RELEASE:=1
PKG_FLAGS:=nonshared
include $(INCLUDE_DIR)/package.mk
define Build/Prepare
mkdir -p $(PKG_BUILD_DIR)
endef
define Build/Compile
endef
# Use ath10k-bdencoder from https://github.com/qca/qca-swiss-army-knife.git
# to generate the board-* files here.
#
# This is intended to be used on an interim basis until device-specific
# board data for new devices is available through the upstream compilation
#
# Please send a mail with your device-specific board files upstream.
# You can find instructions and examples on the linux-wireless wiki:
# <https://wireless.wiki.kernel.org/en/users/drivers/ath10k/boardfiles>
ALLWIFIBOARDS:= \
8dev_habanero-dvk \
aruba_ap-303 \
avm_fritzrepeater-1200 \
buffalo_wtr-m2133hp \
cellc_rtl30vw \
devolo_magic-2-wifi-next \
dlink_dap2610 \
edgecore_ecw5410 \
edgecore_ssw2ac2600 \
edgecore_oap100 \
engenius_eap2200 \
engenius_emd1 \
engenius_emr3500 \
ezviz_cs-w3-wd1200g-eup \
glinet_gl-ap1300 \
glinet_gl-s1300 \
linksys_ea8300 \
linksys_mr8300-v0 \
luma_wrtq-329acn \
mikrotik_hap-ac2 \
mikrotik_sxtsq-5-ac \
mobipromo_cm520-79f \
nec_wg2600hp3 \
plasmacloud_pa1200 \
plasmacloud_pa2200 \
qxwlan_e2600ac \
cig_wf610d \
wallys_dr40x9 \
tp-link_ec420-g1 \
udaya-a5-id2 \
hfcl_ion4
ALLWIFIPACKAGES:=$(foreach BOARD,$(ALLWIFIBOARDS),ipq-wifi-$(BOARD))
define Package/ipq-wifi-default
SUBMENU:=ath10k Board-Specific Overrides
SECTION:=firmware
CATEGORY:=Firmware
DEPENDS:=@(TARGET_ipq40xx||TARGET_ipq806x)
TITLE:=Custom Board
endef
define ipq-wifi-install-one-to
$(INSTALL_DIR) $(2)/lib/firmware/ath10k/$(3)/
$(INSTALL_DATA) $(1) $(2)/lib/firmware/ath10k/$(3)/board-2.bin
endef
define ipq-wifi-install-one
$(if $(filter $(suffix $(1)),.QCA4019 .qca4019),\
$(call ipq-wifi-install-one-to,$(1),$(2),QCA4019/hw1.0),\
$(if $(filter $(suffix $(1)),.QCA9888 .qca9888),\
$(call ipq-wifi-install-one-to,$(1),$(2),QCA9888/hw2.0),\
$(if $(filter $(suffix $(1)),.QCA9984 .qca9984),\
$(call ipq-wifi-install-one-to,$(1),$(2),QCA9984/hw1.0),\
$(error Unrecognized board-file suffix '$(suffix $(1))' for '$(1)')\
)))
endef
# Blank line required at end of above define due to foreach context
define generate-ipq-wifi-package
define Package/ipq-wifi-$(1)
$(call Package/ipq-wifi-default)
TITLE:=board-2.bin Overrides for $(2)
CONFLICTS:=$(PREV_BOARD)
endef
define Package/ipq-wifi-$(1)/description
The $(2) requires board-specific, reference ("cal") data
that is not yet present in the upstream wireless firmware distribution.
This package supplies board-2.bin file(s) that, in the interim,
overwrite those supplied by the ath10k-firmware-* packages.
This is package is only necessary for the $(2).
Do not install it for any other device!
endef
define Package/ipq-wifi-$(1)/install-overlay
$$$$(foreach IPQ_WIFI_BOARD_FILE,$$$$(wildcard board-$(1).*),\
$$$$(call ipq-wifi-install-one,$$$$(IPQ_WIFI_BOARD_FILE),$$(1)))
endef
PREV_BOARD+=ipq-wifi-$(1)
endef
# Add board name to ALLWIFIBOARDS
# Place files in this directory as board-<devicename>.<qca4019|qca9888|qca9984>
# Add $(eval $(call generate-ipq-wifi-package,<devicename>,<display name>))
$(eval $(call generate-ipq-wifi-package,8dev_habanero-dvk,8devices Habanero DVK))
$(eval $(call generate-ipq-wifi-package,aruba_ap-303,Aruba AP-303))
$(eval $(call generate-ipq-wifi-package,avm_fritzrepeater-1200,AVM FRITZRepeater 1200))
$(eval $(call generate-ipq-wifi-package,buffalo_wtr-m2133hp,Buffalo WTR-M2133HP))
$(eval $(call generate-ipq-wifi-package,cellc_rtl30vw, Cell C RTL30VW))
$(eval $(call generate-ipq-wifi-package,devolo_magic-2-wifi-next,devolo Magic 2 WiFi next))
$(eval $(call generate-ipq-wifi-package,dlink_dap2610,D-Link DAP-2610))
$(eval $(call generate-ipq-wifi-package,edgecore_ecw5410,Edgecore ECW5410))
$(eval $(call generate-ipq-wifi-package,edgecore_ssw2ac2600,Edgecore SSW2AC2600))
$(eval $(call generate-ipq-wifi-package,edgecore_oap100,Edgecore OAP100))
$(eval $(call generate-ipq-wifi-package,engenius_eap2200,EnGenius EAP2200))
$(eval $(call generate-ipq-wifi-package,engenius_emd1,EnGenius EMD1))
$(eval $(call generate-ipq-wifi-package,engenius_emr3500,EnGenius EMR3500))
$(eval $(call generate-ipq-wifi-package,ezviz_cs-w3-wd1200g-eup,EZVIZ CS-W3-WD1200G EUP))
$(eval $(call generate-ipq-wifi-package,glinet_gl-ap1300,GL.iNet GL-AP1300))
$(eval $(call generate-ipq-wifi-package,glinet_gl-s1300,GL.iNet GL-S1300))
$(eval $(call generate-ipq-wifi-package,linksys_ea8300,Linksys EA8300))
$(eval $(call generate-ipq-wifi-package,linksys_mr8300-v0,Linksys MR8300))
$(eval $(call generate-ipq-wifi-package,luma_wrtq-329acn,Luma WRTQ-329ACN))
$(eval $(call generate-ipq-wifi-package,mikrotik_hap-ac2,Mikrotik hAP ac2))
$(eval $(call generate-ipq-wifi-package,mikrotik_sxtsq-5-ac,MikroTik SXTsq 5 ac))
$(eval $(call generate-ipq-wifi-package,mobipromo_cm520-79f,MobiPromo CM520-79F))
$(eval $(call generate-ipq-wifi-package,nec_wg2600hp3,NEC Platforms WG2600HP3))
$(eval $(call generate-ipq-wifi-package,plasmacloud_pa1200,Plasma Cloud PA1200))
$(eval $(call generate-ipq-wifi-package,plasmacloud_pa2200,Plasma Cloud PA2200))
$(eval $(call generate-ipq-wifi-package,qxwlan_e2600ac,Qxwlan E2600AC))
$(eval $(call generate-ipq-wifi-package,cig_wf610d,CIG WF_610D))
$(eval $(call generate-ipq-wifi-package,tp-link_ec420-g1,tp-link EC420-G1))
$(eval $(call generate-ipq-wifi-package,wallys_dr40x9,Wallys DR40X9))
$(eval $(call generate-ipq-wifi-package,hfcl_ion4,HFCL ION4))
$(eval $(call generate-ipq-wifi-package,udaya-a5-id2,udaya A5 ID2))
$(foreach PACKAGE,$(ALLWIFIPACKAGES),$(eval $(call BuildPackage,$(PACKAGE))))

BIN
feeds/ipq40xx/ipq-wifi/board-8dev_habanero-dvk.qca4019
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-aruba_ap-303.qca4019
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-avm_fritzrepeater-1200.qca4019
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-buffalo_wtr-m2133hp.qca4019
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-buffalo_wtr-m2133hp.qca9984
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-cellc_rtl30vw.qca4019
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-cig_wf610d.qca4019
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-devolo_magic-2-wifi-next.qca4019
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-dlink_dap2610.qca4019
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-edgecore_ecw5410.qca9984
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-edgecore_oap100.qca4019
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-edgecore_ssw2ac2600.qca9984
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-engenius_eap2200.qca4019
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-engenius_eap2200.qca9888
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-engenius_emd1.qca4019
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-engenius_emr3500.qca4019
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-ezviz_cs-w3-wd1200g-eup.qca4019
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-glinet_gl-ap1300.qca4019
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-glinet_gl-s1300.qca4019
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-linksys_ea8300.qca4019
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-linksys_ea8300.qca9888
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-linksys_mr8300-v0.qca4019
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-linksys_mr8300-v0.qca9888
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-luma_wrtq-329acn.qca4019
View File

Binary file not shown.

BIN
feeds/ipq40xx/ipq-wifi/board-mikrotik_hap-ac2.qca4019
View File

Binary file not shown.

Some files were not shown because too many files have changed in this diff Show More