aboutsummaryrefslogtreecommitdiffstats
path: root/package/network
diff options
context:
space:
mode:
authorHauke Mehrtens <hauke@hauke-m.de>2018-12-10 23:13:42 +0100
committerHauke Mehrtens <hauke@hauke-m.de>2019-01-02 15:47:13 +0100
commit99956528dfc703043ce927797ecd9af1032a180a (patch)
treea27bb98bb5d771726cabf481d4f7091748916661 /package/network
parent5c4277ec376541b10f1acbea734aa29900eb5722 (diff)
downloadupstream-99956528dfc703043ce927797ecd9af1032a180a.tar.gz
upstream-99956528dfc703043ce927797ecd9af1032a180a.tar.bz2
upstream-99956528dfc703043ce927797ecd9af1032a180a.zip
hostapd: update to version 2018-12-02 (2.7)
This updates hostapd to version the git version from 2018-12-02 which matches the 2.7 release. The removed patches were are already available in the upstream code, one additional backport is needed to fix a compile problem. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Diffstat (limited to 'package/network')
-rw-r--r--package/network/services/hostapd/Makefile8
-rw-r--r--package/network/services/hostapd/patches/000-0001-Reduce-undesired-logging-of-ACL-rejection.patch39
-rw-r--r--package/network/services/hostapd/patches/000-0002-Drop-logging-priority-for-handle_auth_cb.patch28
-rw-r--r--package/network/services/hostapd/patches/0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch43
-rw-r--r--package/network/services/hostapd/patches/001-mesh-factor-out-mesh-join-function.patch2
-rw-r--r--package/network/services/hostapd/patches/006-mesh-inform-kernel-driver-DFS-handler-in-userspace.patch4
-rw-r--r--package/network/services/hostapd/patches/010-mesh-consider-mesh-interface-on-dfs-event-handler.patch20
-rw-r--r--package/network/services/hostapd/patches/011-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch10
-rw-r--r--package/network/services/hostapd/patches/012-mesh-allow-mesh-to-send-channel-switch-request.patch25
-rw-r--r--package/network/services/hostapd/patches/014-mesh-do-not-allow-scan-result-to-swap-pri-sec.patch2
-rw-r--r--package/network/services/hostapd/patches/015-mesh-do-not-use-offchan-mgmt-tx-on-DFS.patch6
-rw-r--r--package/network/services/hostapd/patches/018-mesh-make-forwarding-configurable.patch18
-rw-r--r--package/network/services/hostapd/patches/022-mesh-fix-crash-with-CONFIG_TAXONOMY-enabled.patch23
-rw-r--r--package/network/services/hostapd/patches/031-mesh-add-VHT_CHANWIDTH_USE_HT-to-max_oper_chwidth.patch4
-rw-r--r--package/network/services/hostapd/patches/032-mesh-implement-use-of-VHT20-config-in-mesh-mode.patch8
-rw-r--r--package/network/services/hostapd/patches/033-mesh-fix-parsing-of-max_oper_chwidth.patch45
-rw-r--r--package/network/services/hostapd/patches/040-FT-Fix-CONFIG_IEEE80211X-y-build-without-CONFIG_FILS.patch33
-rw-r--r--package/network/services/hostapd/patches/040-OWE-Fix-build-error-in-AP-code-without-CONFIG_IEEE80.patch29
-rw-r--r--package/network/services/hostapd/patches/110-no_eapol_fix.patch2
-rw-r--r--package/network/services/hostapd/patches/130-SAE-Do-not-ignore-option-sae_require_mfp.patch26
-rw-r--r--package/network/services/hostapd/patches/200-multicall.patch18
-rw-r--r--package/network/services/hostapd/patches/300-noscan.patch4
-rw-r--r--package/network/services/hostapd/patches/301-mesh-noscan.patch6
-rw-r--r--package/network/services/hostapd/patches/310-rescan_immediately.patch2
-rw-r--r--package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch2
-rw-r--r--package/network/services/hostapd/patches/340-reload_freq_change.patch8
-rw-r--r--package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch10
-rw-r--r--package/network/services/hostapd/patches/360-ctrl_iface_reload.patch2
-rw-r--r--package/network/services/hostapd/patches/370-ap_sta_support.patch14
-rw-r--r--package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch28
-rw-r--r--package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch4
-rw-r--r--package/network/services/hostapd/patches/410-limit_debug_messages.patch12
-rw-r--r--package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch8
-rw-r--r--package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch4
-rw-r--r--package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch6
-rw-r--r--package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch2
-rw-r--r--package/network/services/hostapd/patches/600-ubus_support.patch58
-rw-r--r--package/network/services/hostapd/patches/700-fix-openssl11.patch35
38 files changed, 169 insertions, 429 deletions
diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile
index 9623f54de1..8c4c438bed 100644
--- a/package/network/services/hostapd/Makefile
+++ b/package/network/services/hostapd/Makefile
@@ -7,13 +7,13 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=hostapd
-PKG_RELEASE:=7
+PKG_RELEASE:=1
PKG_SOURCE_URL:=http://w1.fi/hostap.git
PKG_SOURCE_PROTO:=git
-PKG_SOURCE_DATE:=2018-05-21
-PKG_SOURCE_VERSION:=62566bc23d041e88f8e35933d5fd8c2fd0f7cf2a
-PKG_MIRROR_HASH:=f234b24f9471ae9cb34460feec6d6614641691544101535673595272c91448eb
+PKG_SOURCE_DATE:=2018-12-02
+PKG_SOURCE_VERSION:=c2c6c01bb8b6fafc2074b46a53c4eab2c145ac6f
+PKG_MIRROR_HASH:=d381123fe42059b553d96122a03c35e7d1709153c3aaf10fa4e74fe59be243dd
PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
PKG_LICENSE:=BSD-3-Clause
diff --git a/package/network/services/hostapd/patches/000-0001-Reduce-undesired-logging-of-ACL-rejection.patch b/package/network/services/hostapd/patches/000-0001-Reduce-undesired-logging-of-ACL-rejection.patch
deleted file mode 100644
index 3fc80a01d7..0000000000
--- a/package/network/services/hostapd/patches/000-0001-Reduce-undesired-logging-of-ACL-rejection.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From 6588f712220797c69dbd019daa19b82a50d92782 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Sun, 14 Oct 2018 19:57:22 +0300
-Subject: Reduce undesired logging of ACL rejection events from AP mode
-
-When Probe Request frame handling was extended to use MAC ACL through
-ieee802_11_allowed_address(), the MSG_INFO level log print ("Station
-<addr> not allowed to authenticate") from that function ended up getting
-printed even for Probe Request frames. That was not by design and it can
-result in excessive logging and MSG_INFO level if MAC ACL is used.
-
-Fix this by printing this log entry only for authentication and
-association frames. In addition, drop the priority of that log entry to
-MSG_DEBUG since this is not really an unexpected behavior in most MAC
-ACL use cases.
-
-Fixes: 92eb00aec2a0 ("Extend ACL check for Probe Request frames")
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/ap/ieee802_11.c | 8 +++++---
- 1 file changed, 5 insertions(+), 3 deletions(-)
-
---- a/src/ap/ieee802_11.c
-+++ b/src/ap/ieee802_11.c
-@@ -1636,9 +1636,11 @@ ieee802_11_allowed_address(struct hostap
- is_probe_req);
-
- if (res == HOSTAPD_ACL_REJECT) {
-- wpa_printf(MSG_INFO,
-- "Station " MACSTR " not allowed to authenticate",
-- MAC2STR(addr));
-+ if (!is_probe_req)
-+ wpa_printf(MSG_DEBUG,
-+ "Station " MACSTR
-+ " not allowed to authenticate",
-+ MAC2STR(addr));
- return HOSTAPD_ACL_REJECT;
- }
-
diff --git a/package/network/services/hostapd/patches/000-0002-Drop-logging-priority-for-handle_auth_cb.patch b/package/network/services/hostapd/patches/000-0002-Drop-logging-priority-for-handle_auth_cb.patch
deleted file mode 100644
index 82165a94f9..0000000000
--- a/package/network/services/hostapd/patches/000-0002-Drop-logging-priority-for-handle_auth_cb.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From dc1b1c8db7905639be6f4de8173e2d97bf6df90d Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Sun, 14 Oct 2018 20:03:55 +0300
-Subject: Drop logging priority for handle_auth_cb no-STA-match messages
-
-This message was printed and MSG_INFO level which would be more
-reasonable for error cases where hostapd has accepted authentication.
-However, this is not really an error case for the cases where
-authentication was rejected (e.g., due to MAC ACL). Drop this to use
-MSG_DEBUG level.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/ap/ieee802_11.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
---- a/src/ap/ieee802_11.c
-+++ b/src/ap/ieee802_11.c
-@@ -4018,7 +4018,8 @@ static void handle_auth_cb(struct hostap
-
- sta = ap_get_sta(hapd, mgmt->da);
- if (!sta) {
-- wpa_printf(MSG_INFO, "handle_auth_cb: STA " MACSTR " not found",
-+ wpa_printf(MSG_DEBUG, "handle_auth_cb: STA " MACSTR
-+ " not found",
- MAC2STR(mgmt->da));
- return;
- }
diff --git a/package/network/services/hostapd/patches/0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch b/package/network/services/hostapd/patches/0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch
deleted file mode 100644
index 633ab58623..0000000000
--- a/package/network/services/hostapd/patches/0001-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 3e34cfdff6b192fe337c6fb3f487f73e96582961 Mon Sep 17 00:00:00 2001
-From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
-Date: Sun, 15 Jul 2018 01:25:53 +0200
-Subject: [PATCH] WPA: Ignore unauthenticated encrypted EAPOL-Key data
-
-Ignore unauthenticated encrypted EAPOL-Key data in supplicant
-processing. When using WPA2, these are frames that have the Encrypted
-flag set, but not the MIC flag.
-
-When using WPA2, EAPOL-Key frames that had the Encrypted flag set but
-not the MIC flag, had their data field decrypted without first verifying
-the MIC. In case the data field was encrypted using RC4 (i.e., when
-negotiating TKIP as the pairwise cipher), this meant that
-unauthenticated but decrypted data would then be processed. An adversary
-could abuse this as a decryption oracle to recover sensitive information
-in the data field of EAPOL-Key messages (e.g., the group key).
-(CVE-2018-14526)
-
-Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
----
- src/rsn_supp/wpa.c | 11 +++++++++++
- 1 file changed, 11 insertions(+)
-
---- a/src/rsn_supp/wpa.c
-+++ b/src/rsn_supp/wpa.c
-@@ -2208,6 +2208,17 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, c
-
- if ((sm->proto == WPA_PROTO_RSN || sm->proto == WPA_PROTO_OSEN) &&
- (key_info & WPA_KEY_INFO_ENCR_KEY_DATA) && mic_len) {
-+ /*
-+ * Only decrypt the Key Data field if the frame's authenticity
-+ * was verified. When using AES-SIV (FILS), the MIC flag is not
-+ * set, so this check should only be performed if mic_len != 0
-+ * which is the case in this code branch.
-+ */
-+ if (!(key_info & WPA_KEY_INFO_MIC)) {
-+ wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
-+ "WPA: Ignore EAPOL-Key with encrypted but unauthenticated data");
-+ goto out;
-+ }
- if (wpa_supplicant_decrypt_key_data(sm, key, mic_len,
- ver, key_data,
- &key_data_len))
diff --git a/package/network/services/hostapd/patches/001-mesh-factor-out-mesh-join-function.patch b/package/network/services/hostapd/patches/001-mesh-factor-out-mesh-join-function.patch
index a1d668b283..de8d65b982 100644
--- a/package/network/services/hostapd/patches/001-mesh-factor-out-mesh-join-function.patch
+++ b/package/network/services/hostapd/patches/001-mesh-factor-out-mesh-join-function.patch
@@ -201,7 +201,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
-@@ -810,6 +810,7 @@ struct wpa_supplicant {
+@@ -814,6 +814,7 @@ struct wpa_supplicant {
unsigned int mesh_if_created:1;
unsigned int mesh_ht_enabled:1;
unsigned int mesh_vht_enabled:1;
diff --git a/package/network/services/hostapd/patches/006-mesh-inform-kernel-driver-DFS-handler-in-userspace.patch b/package/network/services/hostapd/patches/006-mesh-inform-kernel-driver-DFS-handler-in-userspace.patch
index fe2353cd81..5ec7aa0837 100644
--- a/package/network/services/hostapd/patches/006-mesh-inform-kernel-driver-DFS-handler-in-userspace.patch
+++ b/package/network/services/hostapd/patches/006-mesh-inform-kernel-driver-DFS-handler-in-userspace.patch
@@ -16,7 +16,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -1390,6 +1390,7 @@ struct wpa_driver_mesh_join_params {
+@@ -1402,6 +1402,7 @@ struct wpa_driver_mesh_join_params {
#define WPA_DRIVER_MESH_FLAG_SAE_AUTH 0x00000004
#define WPA_DRIVER_MESH_FLAG_AMPE 0x00000008
unsigned int flags;
@@ -26,7 +26,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
/**
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -9270,6 +9270,9 @@ static int nl80211_join_mesh(struct i802
+@@ -9375,6 +9375,9 @@ static int nl80211_join_mesh(struct i802
wpa_printf(MSG_DEBUG, " * flags=%08X", params->flags);
diff --git a/package/network/services/hostapd/patches/010-mesh-consider-mesh-interface-on-dfs-event-handler.patch b/package/network/services/hostapd/patches/010-mesh-consider-mesh-interface-on-dfs-event-handler.patch
index 3f5178a74b..0c82d84d6b 100644
--- a/package/network/services/hostapd/patches/010-mesh-consider-mesh-interface-on-dfs-event-handler.patch
+++ b/package/network/services/hostapd/patches/010-mesh-consider-mesh-interface-on-dfs-event-handler.patch
@@ -15,7 +15,7 @@ Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
--- a/wpa_supplicant/ap.c
+++ b/wpa_supplicant/ap.c
-@@ -1337,13 +1337,18 @@ int ap_ctrl_iface_chanswitch(struct wpa_
+@@ -1379,13 +1379,18 @@ int ap_ctrl_iface_chanswitch(struct wpa_
void wpas_ap_ch_switch(struct wpa_supplicant *wpa_s, int freq, int ht,
int offset, int width, int cf1, int cf2)
{
@@ -37,7 +37,7 @@ Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
offset, width, cf1, cf2);
}
-@@ -1540,10 +1545,16 @@ int wpas_ap_pmksa_cache_add_external(str
+@@ -1582,10 +1587,16 @@ int wpas_ap_pmksa_cache_add_external(str
void wpas_ap_event_dfs_radar_detected(struct wpa_supplicant *wpa_s,
struct dfs_event *radar)
{
@@ -57,7 +57,7 @@ Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
radar->ht_enabled, radar->chan_offset,
radar->chan_width,
radar->cf1, radar->cf2);
-@@ -1553,10 +1564,16 @@ void wpas_ap_event_dfs_radar_detected(st
+@@ -1595,10 +1606,16 @@ void wpas_ap_event_dfs_radar_detected(st
void wpas_ap_event_dfs_cac_started(struct wpa_supplicant *wpa_s,
struct dfs_event *radar)
{
@@ -77,7 +77,7 @@ Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
radar->ht_enabled, radar->chan_offset,
radar->chan_width, radar->cf1, radar->cf2);
}
-@@ -1565,10 +1582,16 @@ void wpas_ap_event_dfs_cac_started(struc
+@@ -1607,10 +1624,16 @@ void wpas_ap_event_dfs_cac_started(struc
void wpas_ap_event_dfs_cac_finished(struct wpa_supplicant *wpa_s,
struct dfs_event *radar)
{
@@ -97,7 +97,7 @@ Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
radar->ht_enabled, radar->chan_offset,
radar->chan_width, radar->cf1, radar->cf2);
}
-@@ -1577,10 +1600,16 @@ void wpas_ap_event_dfs_cac_finished(stru
+@@ -1619,10 +1642,16 @@ void wpas_ap_event_dfs_cac_finished(stru
void wpas_ap_event_dfs_cac_aborted(struct wpa_supplicant *wpa_s,
struct dfs_event *radar)
{
@@ -117,7 +117,7 @@ Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
radar->ht_enabled, radar->chan_offset,
radar->chan_width, radar->cf1, radar->cf2);
}
-@@ -1589,10 +1618,16 @@ void wpas_ap_event_dfs_cac_aborted(struc
+@@ -1631,10 +1660,16 @@ void wpas_ap_event_dfs_cac_aborted(struc
void wpas_ap_event_dfs_cac_nop_finished(struct wpa_supplicant *wpa_s,
struct dfs_event *radar)
{
@@ -139,7 +139,7 @@ Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
}
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
-@@ -3802,7 +3802,7 @@ static void wpas_event_dfs_cac_started(s
+@@ -3840,7 +3840,7 @@ static void wpas_event_dfs_cac_started(s
struct dfs_event *radar)
{
#if defined(NEED_AP_MLME) && defined(CONFIG_AP)
@@ -148,7 +148,7 @@ Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
wpas_ap_event_dfs_cac_started(wpa_s, radar);
} else
#endif /* NEED_AP_MLME && CONFIG_AP */
-@@ -3823,7 +3823,7 @@ static void wpas_event_dfs_cac_finished(
+@@ -3861,7 +3861,7 @@ static void wpas_event_dfs_cac_finished(
struct dfs_event *radar)
{
#if defined(NEED_AP_MLME) && defined(CONFIG_AP)
@@ -157,7 +157,7 @@ Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
wpas_ap_event_dfs_cac_finished(wpa_s, radar);
} else
#endif /* NEED_AP_MLME && CONFIG_AP */
-@@ -3839,7 +3839,7 @@ static void wpas_event_dfs_cac_aborted(s
+@@ -3877,7 +3877,7 @@ static void wpas_event_dfs_cac_aborted(s
struct dfs_event *radar)
{
#if defined(NEED_AP_MLME) && defined(CONFIG_AP)
@@ -166,7 +166,7 @@ Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
wpas_ap_event_dfs_cac_aborted(wpa_s, radar);
} else
#endif /* NEED_AP_MLME && CONFIG_AP */
-@@ -4278,6 +4278,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -4328,6 +4328,7 @@ void wpa_supplicant_event(void *ctx, enu
#ifdef CONFIG_AP
if (wpa_s->current_ssid->mode == WPAS_MODE_AP ||
wpa_s->current_ssid->mode == WPAS_MODE_P2P_GO ||
diff --git a/package/network/services/hostapd/patches/011-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch b/package/network/services/hostapd/patches/011-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch
index 8f2f6a78ee..184b6e9e9d 100644
--- a/package/network/services/hostapd/patches/011-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch
+++ b/package/network/services/hostapd/patches/011-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch
@@ -14,7 +14,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -2060,6 +2060,8 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2090,6 +2090,8 @@ void ibss_mesh_setup_freq(struct wpa_sup
struct hostapd_freq_params vht_freq;
int chwidth, seg0, seg1;
u32 vht_caps = 0;
@@ -23,7 +23,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
freq->freq = ssid->frequency;
-@@ -2136,8 +2138,11 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2166,8 +2168,11 @@ void ibss_mesh_setup_freq(struct wpa_sup
return;
/* Check primary channel flags */
@@ -36,7 +36,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
#ifdef CONFIG_HT_OVERRIDES
if (ssid->disable_ht40)
-@@ -2163,8 +2168,11 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2193,8 +2198,11 @@ void ibss_mesh_setup_freq(struct wpa_sup
return;
/* Check secondary channel flags */
@@ -49,7 +49,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
freq->channel = pri_chan->chan;
-@@ -2254,8 +2262,11 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2284,8 +2292,11 @@ void ibss_mesh_setup_freq(struct wpa_sup
return;
/* Back to HT configuration if channel not usable */
@@ -62,7 +62,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
}
chwidth = VHT_CHANWIDTH_80MHZ;
-@@ -2275,10 +2286,11 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2305,10 +2316,11 @@ void ibss_mesh_setup_freq(struct wpa_sup
if (!chan)
continue;
diff --git a/package/network/services/hostapd/patches/012-mesh-allow-mesh-to-send-channel-switch-request.patch b/package/network/services/hostapd/patches/012-mesh-allow-mesh-to-send-channel-switch-request.patch
deleted file mode 100644
index 793f4f5db1..0000000000
--- a/package/network/services/hostapd/patches/012-mesh-allow-mesh-to-send-channel-switch-request.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 4a8245ec2e9d48e464488477a3e7ed234009c216 Mon Sep 17 00:00:00 2001
-From: Peter Oh <peter.oh@bowerswilkins.com>
-Date: Tue, 29 May 2018 14:39:16 -0700
-Subject: [PATCH 12/18] mesh: allow mesh to send channel switch request
-
-add mesh type to nl80211 channel switch request,
-so mesh is able to send the request to kernel drivers.
-
-Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
----
- src/drivers/driver_nl80211.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
---- a/src/drivers/driver_nl80211.c
-+++ b/src/drivers/driver_nl80211.c
-@@ -8685,7 +8685,8 @@ static int nl80211_switch_channel(void *
- }
-
- if ((drv->nlmode != NL80211_IFTYPE_AP) &&
-- (drv->nlmode != NL80211_IFTYPE_P2P_GO))
-+ (drv->nlmode != NL80211_IFTYPE_P2P_GO) &&
-+ (drv->nlmode != NL80211_IFTYPE_MESH_POINT) )
- return -EOPNOTSUPP;
-
- /*
diff --git a/package/network/services/hostapd/patches/014-mesh-do-not-allow-scan-result-to-swap-pri-sec.patch b/package/network/services/hostapd/patches/014-mesh-do-not-allow-scan-result-to-swap-pri-sec.patch
index b16e762bbc..afcbcbb0ad 100644
--- a/package/network/services/hostapd/patches/014-mesh-do-not-allow-scan-result-to-swap-pri-sec.patch
+++ b/package/network/services/hostapd/patches/014-mesh-do-not-allow-scan-result-to-swap-pri-sec.patch
@@ -13,7 +13,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -2185,7 +2185,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2215,7 +2215,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
}
freq->sec_channel_offset = ht40;
diff --git a/package/network/services/hostapd/patches/015-mesh-do-not-use-offchan-mgmt-tx-on-DFS.patch b/package/network/services/hostapd/patches/015-mesh-do-not-use-offchan-mgmt-tx-on-DFS.patch
index 148e90d859..c921436925 100644
--- a/package/network/services/hostapd/patches/015-mesh-do-not-use-offchan-mgmt-tx-on-DFS.patch
+++ b/package/network/services/hostapd/patches/015-mesh-do-not-use-offchan-mgmt-tx-on-DFS.patch
@@ -14,7 +14,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -7165,6 +7165,10 @@ static int wpa_driver_nl80211_send_actio
+@@ -7268,6 +7268,10 @@ static int wpa_driver_nl80211_send_actio
struct wpa_driver_nl80211_data *drv = bss->drv;
int ret = -1;
u8 *buf;
@@ -25,7 +25,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
struct ieee80211_hdr *hdr;
wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, "
-@@ -7189,7 +7193,11 @@ static int wpa_driver_nl80211_send_actio
+@@ -7292,7 +7296,11 @@ static int wpa_driver_nl80211_send_actio
} else {
os_memset(bss->rand_addr, 0, ETH_ALEN);
}
@@ -38,7 +38,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
if (is_ap_interface(drv->nlmode) &&
(!(drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) ||
(int) freq == bss->freq || drv->device_ap_sme ||
-@@ -7201,7 +7209,7 @@ static int wpa_driver_nl80211_send_actio
+@@ -7304,7 +7312,7 @@ static int wpa_driver_nl80211_send_actio
ret = nl80211_send_frame_cmd(bss, freq, wait_time, buf,
24 + data_len,
&drv->send_action_cookie,
diff --git a/package/network/services/hostapd/patches/018-mesh-make-forwarding-configurable.patch b/package/network/services/hostapd/patches/018-mesh-make-forwarding-configurable.patch
index e54bc5e155..2eb2d7de07 100644
--- a/package/network/services/hostapd/patches/018-mesh-make-forwarding-configurable.patch
+++ b/package/network/services/hostapd/patches/018-mesh-make-forwarding-configurable.patch
@@ -31,7 +31,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
};
#define MAX_STA_COUNT 2007
-@@ -624,6 +625,7 @@ struct hostapd_bss_config {
+@@ -628,6 +629,7 @@ struct hostapd_bss_config {
#define MESH_ENABLED BIT(0)
int mesh;
@@ -41,7 +41,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -1363,6 +1363,7 @@ struct wpa_driver_mesh_bss_params {
+@@ -1375,6 +1375,7 @@ struct wpa_driver_mesh_bss_params {
#define WPA_DRIVER_MESH_CONF_FLAG_MAX_PEER_LINKS 0x00000004
#define WPA_DRIVER_MESH_CONF_FLAG_HT_OP_MODE 0x00000008
#define WPA_DRIVER_MESH_CONF_FLAG_RSSI_THRESHOLD 0x00000010
@@ -49,7 +49,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
/*
* TODO: Other mesh configuration parameters would go here.
* See NL80211_MESHCONF_* for all the mesh config parameters.
-@@ -1372,6 +1373,7 @@ struct wpa_driver_mesh_bss_params {
+@@ -1384,6 +1385,7 @@ struct wpa_driver_mesh_bss_params {
int peer_link_timeout;
int max_peer_links;
int rssi_threshold;
@@ -59,7 +59,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -9228,6 +9228,9 @@ static int nl80211_put_mesh_config(struc
+@@ -9332,6 +9332,9 @@ static int nl80211_put_mesh_config(struc
if (((params->flags & WPA_DRIVER_MESH_CONF_FLAG_AUTO_PLINKS) &&
nla_put_u8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS,
params->auto_plinks)) ||
@@ -71,7 +71,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
params->max_peer_links)) ||
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
-@@ -2212,6 +2212,7 @@ static const struct parse_data ssid_fiel
+@@ -2228,6 +2228,7 @@ static const struct parse_data ssid_fiel
#ifdef CONFIG_MESH
{ INT_RANGE(mode, 0, 5) },
{ INT_RANGE(no_auto_peer, 0, 1) },
@@ -79,7 +79,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
{ INT_RANGE(mesh_rssi_threshold, -255, 1) },
#else /* CONFIG_MESH */
{ INT_RANGE(mode, 0, 4) },
-@@ -2763,6 +2764,7 @@ void wpa_config_set_network_defaults(str
+@@ -2779,6 +2780,7 @@ void wpa_config_set_network_defaults(str
ssid->dot11MeshRetryTimeout = DEFAULT_MESH_RETRY_TIMEOUT;
ssid->dot11MeshConfirmTimeout = DEFAULT_MESH_CONFIRM_TIMEOUT;
ssid->dot11MeshHoldingTimeout = DEFAULT_MESH_HOLDING_TIMEOUT;
@@ -87,7 +87,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
ssid->mesh_rssi_threshold = DEFAULT_MESH_RSSI_THRESHOLD;
#endif /* CONFIG_MESH */
#ifdef CONFIG_HT_OVERRIDES
-@@ -3978,6 +3980,7 @@ struct wpa_config * wpa_config_alloc_emp
+@@ -3996,6 +3998,7 @@ struct wpa_config * wpa_config_alloc_emp
config->user_mpm = DEFAULT_USER_MPM;
config->max_peer_links = DEFAULT_MAX_PEER_LINKS;
config->mesh_max_inactivity = DEFAULT_MESH_MAX_INACTIVITY;
@@ -95,7 +95,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
config->dot11RSNASAERetransPeriod =
DEFAULT_DOT11_RSNA_SAE_RETRANS_PERIOD;
config->fast_reauth = DEFAULT_FAST_REAUTH;
-@@ -4600,6 +4603,7 @@ static const struct global_parse_data gl
+@@ -4618,6 +4621,7 @@ static const struct global_parse_data gl
{ INT(user_mpm), 0 },
{ INT_RANGE(max_peer_links, 0, 255), 0 },
{ INT(mesh_max_inactivity), 0 },
@@ -193,7 +193,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
wpa_msg(wpa_s, MSG_ERROR, "Failed to init mesh");
--- a/wpa_supplicant/mesh_mpm.c
+++ b/wpa_supplicant/mesh_mpm.c
-@@ -288,9 +288,9 @@ static void mesh_mpm_send_plink_action(s
+@@ -289,9 +289,9 @@ static void mesh_mpm_send_plink_action(s
info = (bss->num_plinks > 63 ? 63 : bss->num_plinks) << 1;
/* TODO: Add Connected to Mesh Gate/AS subfields */
wpabuf_put_u8(buf, info);
diff --git a/package/network/services/hostapd/patches/022-mesh-fix-crash-with-CONFIG_TAXONOMY-enabled.patch b/package/network/services/hostapd/patches/022-mesh-fix-crash-with-CONFIG_TAXONOMY-enabled.patch
deleted file mode 100644
index 56554ef02f..0000000000
--- a/package/network/services/hostapd/patches/022-mesh-fix-crash-with-CONFIG_TAXONOMY-enabled.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-From: Felix Fietkau <nbd@nbd.name>
-Date: Thu, 3 May 2018 12:34:31 +0200
-Subject: [PATCH] mesh: fix crash with CONFIG_TAXONOMY enabled
-
-wpa_s->ifmsh needs to be allocated using hostapd_alloc_iface() instead
-of a direct call to os_zalloc, otherwise the linked list for station
-taxonomy items remains uninitialized, leading to a crash on the first
-attempt to traverse that list
-
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
----
-
---- a/wpa_supplicant/mesh.c
-+++ b/wpa_supplicant/mesh.c
-@@ -215,7 +215,7 @@ static int wpa_supplicant_mesh_init(stru
- return 0;
- }
-
-- wpa_s->ifmsh = ifmsh = os_zalloc(sizeof(*wpa_s->ifmsh));
-+ wpa_s->ifmsh = ifmsh = hostapd_alloc_iface();
- if (!ifmsh)
- return -ENOMEM;
-
diff --git a/package/network/services/hostapd/patches/031-mesh-add-VHT_CHANWIDTH_USE_HT-to-max_oper_chwidth.patch b/package/network/services/hostapd/patches/031-mesh-add-VHT_CHANWIDTH_USE_HT-to-max_oper_chwidth.patch
index 925a53818d..de64a59372 100644
--- a/package/network/services/hostapd/patches/031-mesh-add-VHT_CHANWIDTH_USE_HT-to-max_oper_chwidth.patch
+++ b/package/network/services/hostapd/patches/031-mesh-add-VHT_CHANWIDTH_USE_HT-to-max_oper_chwidth.patch
@@ -17,7 +17,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
-@@ -2802,6 +2802,7 @@ void wpa_config_set_network_defaults(str
+@@ -2818,6 +2818,7 @@ void wpa_config_set_network_defaults(str
ssid->mka_priority = DEFAULT_PRIO_NOT_KEY_SERVER;
#endif /* CONFIG_MACSEC */
ssid->mac_addr = -1;
@@ -37,7 +37,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
struct dl_list list;
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -2312,6 +2312,9 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2342,6 +2342,9 @@ void ibss_mesh_setup_freq(struct wpa_sup
vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
seg0 = 114;
}
diff --git a/package/network/services/hostapd/patches/032-mesh-implement-use-of-VHT20-config-in-mesh-mode.patch b/package/network/services/hostapd/patches/032-mesh-implement-use-of-VHT20-config-in-mesh-mode.patch
index 083bdfe1d1..4691a79404 100644
--- a/package/network/services/hostapd/patches/032-mesh-implement-use-of-VHT20-config-in-mesh-mode.patch
+++ b/package/network/services/hostapd/patches/032-mesh-implement-use-of-VHT20-config-in-mesh-mode.patch
@@ -33,7 +33,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -2144,9 +2144,15 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2174,9 +2174,15 @@ void ibss_mesh_setup_freq(struct wpa_sup
if (!dfs_enabled)
return;
@@ -51,7 +51,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
#endif /* CONFIG_HT_OVERRIDES */
/* Check/setup HT40+/HT40- */
-@@ -2174,8 +2180,6 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2204,8 +2210,6 @@ void ibss_mesh_setup_freq(struct wpa_sup
if (!dfs_enabled)
return;
@@ -60,7 +60,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
if (ht40 == -1) {
if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
return;
-@@ -2219,6 +2223,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2249,6 +2253,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
wpa_scan_results_free(scan_res);
}
@@ -68,7 +68,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
wpa_printf(MSG_DEBUG,
"IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
freq->channel, freq->sec_channel_offset);
-@@ -2314,7 +2319,10 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2344,7 +2349,10 @@ void ibss_mesh_setup_freq(struct wpa_sup
}
} else if (ssid->max_oper_chwidth == VHT_CHANWIDTH_USE_HT) {
chwidth = VHT_CHANWIDTH_USE_HT;
diff --git a/package/network/services/hostapd/patches/033-mesh-fix-parsing-of-max_oper_chwidth.patch b/package/network/services/hostapd/patches/033-mesh-fix-parsing-of-max_oper_chwidth.patch
deleted file mode 100644
index cb922ba1e2..0000000000
--- a/package/network/services/hostapd/patches/033-mesh-fix-parsing-of-max_oper_chwidth.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From 444adf78eeb129e415d53fcb2fa2f05b6a69abdc Mon Sep 17 00:00:00 2001
-From: Sven Eckelmann <sven.eckelmann@openmesh.com>
-Date: Mon, 7 May 2018 15:24:29 +0200
-Subject: wpa_supplicant: Fix parsing of max_oper_chwidth
-
-The max_oper_chwidth is parsed in wpa_config_set as INT_RANGE (see
-ssid_fields). The actual parsing for INT_RANGE is done by
-wpa_config_parse_int which can only store the result as full integer.
-
-max_oper_chwidth is stored as u8 (a single byte) in wpa_ssid. This means
-that on little endian systems, the least significant byte of the parsed
-value are really stored in the max_oper_chwidth. But on big endian system,
-the only most significant byte is stored as max_oper_chwidth. This means
-that 0 is always stored because the provided range doesn't allow any other
-value for systems with multi-byte-wide integers.
-
-This also means that for common systems with 4-byte-wide integers, the
-remaining 3 bytes were written after the actual member of the struct. This
-should not have influenced the behavior of succeeding members because these
-bytes would have been part of the padding between the members on most
-systems.
-
-Increasing its size to a full int fixes the write operations outside of the
-member and allows to use the max_oper_chwidth setting on big endian
-systems.
-
-Fixes: 0f29bc68d18e ("IBSS/mesh: Add support for VHT80P80 configuration")
-Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
-
-Forwarded: https://patchwork.ozlabs.org/patch/909751/
----
- wpa_supplicant/config_ssid.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/wpa_supplicant/config_ssid.h
-+++ b/wpa_supplicant/config_ssid.h
-@@ -511,7 +511,7 @@ struct wpa_ssid {
-
- int vht;
-
-- u8 max_oper_chwidth;
-+ int max_oper_chwidth;
-
- unsigned int vht_center_freq1;
- unsigned int vht_center_freq2;
diff --git a/package/network/services/hostapd/patches/040-FT-Fix-CONFIG_IEEE80211X-y-build-without-CONFIG_FILS.patch b/package/network/services/hostapd/patches/040-FT-Fix-CONFIG_IEEE80211X-y-build-without-CONFIG_FILS.patch
new file mode 100644
index 0000000000..66ffd9e48b
--- /dev/null
+++ b/package/network/services/hostapd/patches/040-FT-Fix-CONFIG_IEEE80211X-y-build-without-CONFIG_FILS.patch
@@ -0,0 +1,33 @@
+From f2973fa39d6109f0f34969e91551a98dc340d537 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Mon, 3 Dec 2018 12:00:26 +0200
+Subject: FT: Fix CONFIG_IEEE80211X=y build without CONFIG_FILS=y
+
+remove_ie() was defined within an ifdef CONFIG_FILS block while it is
+now needed even without CONFIG_FILS=y. Remove the CONFIG_FILS condition
+there.
+
+Fixes 8c41734e5de1 ("FT: Fix Reassociation Request IEs during FT protocol")
+Signed-off-by: Jouni Malinen <j@w1.fi>
+---
+ wpa_supplicant/sme.c | 2 --
+ 1 file changed, 2 deletions(-)
+
+--- a/wpa_supplicant/sme.c
++++ b/wpa_supplicant/sme.c
+@@ -1386,7 +1386,6 @@ void sme_event_auth(struct wpa_supplican
+ }
+
+
+-#ifdef CONFIG_FILS
+ #ifdef CONFIG_IEEE80211R
+ static void remove_ie(u8 *buf, size_t *len, u8 eid)
+ {
+@@ -1401,7 +1400,6 @@ static void remove_ie(u8 *buf, size_t *l
+ }
+ }
+ #endif /* CONFIG_IEEE80211R */
+-#endif /* CONFIG_FILS */
+
+
+ void sme_associate(struct wpa_supplicant *wpa_s, enum wpas_mode mode,
diff --git a/package/network/services/hostapd/patches/040-OWE-Fix-build-error-in-AP-code-without-CONFIG_IEEE80.patch b/package/network/services/hostapd/patches/040-OWE-Fix-build-error-in-AP-code-without-CONFIG_IEEE80.patch
deleted file mode 100644
index ae9733110b..0000000000
--- a/package/network/services/hostapd/patches/040-OWE-Fix-build-error-in-AP-code-without-CONFIG_IEEE80.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 410e2dd1d6b645bf5ed3ed55a9a415acbd993532 Mon Sep 17 00:00:00 2001
-From: Chaitanya T K <Chaitanya.Mgit@gmail.com>
-Date: Wed, 29 Aug 2018 02:14:33 +0530
-Subject: [PATCH] OWE: Fix build error in AP code without CONFIG_IEEE80211W=y
-
-When CONFIG_OWE is enabled but none of 11R/11W/FILS are enabled hostapd
-(and wpa_supplicant with AP mode support) build failed. Fix this by
-adding OWE to the list of conditions for including the local variables.
-
-Signed-off-by: Chaitanya T K <chaitanya.mgit@gmail.com>
----
- src/ap/drv_callbacks.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
---- a/src/ap/drv_callbacks.c
-+++ b/src/ap/drv_callbacks.c
-@@ -109,10 +109,10 @@ int hostapd_notif_assoc(struct hostapd_d
- struct ieee802_11_elems elems;
- const u8 *ie;
- size_t ielen;
--#if defined(CONFIG_IEEE80211R_AP) || defined(CONFIG_IEEE80211W) || defined(CONFIG_FILS)
-+#if defined(CONFIG_IEEE80211R_AP) || defined(CONFIG_IEEE80211W) || defined(CONFIG_FILS) || defined(CONFIG_OWE)
- u8 buf[sizeof(struct ieee80211_mgmt) + 1024];
- u8 *p = buf;
--#endif /* CONFIG_IEEE80211R_AP || CONFIG_IEEE80211W || CONFIG_FILS */
-+#endif /* CONFIG_IEEE80211R_AP || CONFIG_IEEE80211W || CONFIG_FILS || CONFIG_OWE */
- u16 reason = WLAN_REASON_UNSPECIFIED;
- u16 status = WLAN_STATUS_SUCCESS;
- const u8 *p2p_dev_addr = NULL;
diff --git a/package/network/services/hostapd/patches/110-no_eapol_fix.patch b/package/network/services/hostapd/patches/110-no_eapol_fix.patch
index ac53cbc92d..2a9c5ec807 100644
--- a/package/network/services/hostapd/patches/110-no_eapol_fix.patch
+++ b/package/network/services/hostapd/patches/110-no_eapol_fix.patch
@@ -1,6 +1,6 @@
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -292,9 +292,10 @@ void wpa_supplicant_cancel_auth_timeout(
+@@ -295,9 +295,10 @@ void wpa_supplicant_cancel_auth_timeout(
*/
void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
{
diff --git a/package/network/services/hostapd/patches/130-SAE-Do-not-ignore-option-sae_require_mfp.patch b/package/network/services/hostapd/patches/130-SAE-Do-not-ignore-option-sae_require_mfp.patch
deleted file mode 100644
index 8810774665..0000000000
--- a/package/network/services/hostapd/patches/130-SAE-Do-not-ignore-option-sae_require_mfp.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 54e0de1a9ee81477e9dfb93985c1fbf105b3d1d4 Mon Sep 17 00:00:00 2001
-From: Hauke Mehrtens <hauke@hauke-m.de>
-Date: Wed, 10 Oct 2018 23:22:23 +0200
-Subject: SAE: Do not ignore option sae_require_mfp
-
-Without this patch sae_require_mfp is always activate, when ieee80211w
-is set to optional all stations negotiating SAEs are being rejected when
-they do not support PMF. With this patch hostapd only rejects these
-stations in case sae_require_mfp is set to some value and not null.
-
-Fixes ba3d435fe43 ("SAE: Add option to require MFP for SAE associations")
-Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
----
- src/ap/wpa_auth_ie.c | 1 +
- 1 file changed, 1 insertion(+)
-
---- a/src/ap/wpa_auth_ie.c
-+++ b/src/ap/wpa_auth_ie.c
-@@ -721,6 +721,7 @@ int wpa_validate_wpa_ie(struct wpa_authe
-
- #ifdef CONFIG_SAE
- if (wpa_auth->conf.ieee80211w == MGMT_FRAME_PROTECTION_OPTIONAL &&
-+ wpa_auth->conf.sae_require_mfp &&
- wpa_key_mgmt_sae(sm->wpa_key_mgmt) &&
- !(data.capabilities & WPA_CAPABILITY_MFPC)) {
- wpa_printf(MSG_DEBUG,
diff --git a/package/network/services/hostapd/patches/200-multicall.patch b/package/network/services/hostapd/patches/200-multicall.patch
index 273af644c6..9c7936695a 100644
--- a/package/network/services/hostapd/patches/200-multicall.patch
+++ b/package/network/services/hostapd/patches/200-multicall.patch
@@ -156,7 +156,7 @@
wpa_cli.exe: wpa_cli
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -5449,8 +5449,8 @@ union wpa_event_data {
+@@ -5476,8 +5476,8 @@ union wpa_event_data {
* Driver wrapper code should call this function whenever an event is received
* from the driver.
*/
@@ -167,7 +167,7 @@
/**
* wpa_supplicant_event_global - Report a driver event for wpa_supplicant
-@@ -5462,7 +5462,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -5489,7 +5489,7 @@ void wpa_supplicant_event(void *ctx, enu
* Same as wpa_supplicant_event(), but we search for the interface in
* wpa_global.
*/
@@ -178,7 +178,7 @@
/*
--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
-@@ -1515,8 +1515,8 @@ static void hostapd_event_wds_sta_interf
+@@ -1527,8 +1527,8 @@ static void hostapd_event_wds_sta_interf
}
@@ -189,7 +189,7 @@
{
struct hostapd_data *hapd = ctx;
#ifndef CONFIG_NO_STDOUT_DEBUG
-@@ -1742,7 +1742,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -1757,7 +1757,7 @@ void wpa_supplicant_event(void *ctx, enu
}
@@ -231,7 +231,7 @@
os_memset(&global, 0, sizeof(global));
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
-@@ -3976,8 +3976,8 @@ static void wpas_event_assoc_reject(stru
+@@ -4026,8 +4026,8 @@ static void wpas_event_assoc_reject(stru
}
@@ -242,7 +242,7 @@
{
struct wpa_supplicant *wpa_s = ctx;
int resched;
-@@ -4745,7 +4745,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -4796,7 +4796,7 @@ void wpa_supplicant_event(void *ctx, enu
}
@@ -253,7 +253,7 @@
struct wpa_supplicant *wpa_s;
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -5797,7 +5797,6 @@ struct wpa_interface * wpa_supplicant_ma
+@@ -5861,7 +5861,6 @@ struct wpa_interface * wpa_supplicant_ma
return NULL;
}
@@ -261,7 +261,7 @@
/**
* wpa_supplicant_match_existing - Match existing interfaces
* @global: Pointer to global data from wpa_supplicant_init()
-@@ -5834,6 +5833,11 @@ static int wpa_supplicant_match_existing
+@@ -5898,6 +5897,11 @@ static int wpa_supplicant_match_existing
#endif /* CONFIG_MATCH_IFACE */
@@ -273,7 +273,7 @@
/**
* wpa_supplicant_add_iface - Add a new network interface
-@@ -6090,6 +6094,8 @@ struct wpa_global * wpa_supplicant_init(
+@@ -6154,6 +6158,8 @@ struct wpa_global * wpa_supplicant_init(
#ifndef CONFIG_NO_WPA_MSG
wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
#endif /* CONFIG_NO_WPA_MSG */
diff --git a/package/network/services/hostapd/patches/300-noscan.patch b/package/network/services/hostapd/patches/300-noscan.patch
index 4463c75c91..d055422969 100644
--- a/package/network/services/hostapd/patches/300-noscan.patch
+++ b/package/network/services/hostapd/patches/300-noscan.patch
@@ -1,6 +1,6 @@
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
-@@ -3214,6 +3214,10 @@ static int hostapd_config_fill(struct ho
+@@ -3317,6 +3317,10 @@ static int hostapd_config_fill(struct ho
}
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_IEEE80211N
@@ -13,7 +13,7 @@
} else if (os_strcmp(buf, "ht_capab") == 0) {
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
-@@ -775,6 +775,8 @@ struct hostapd_config {
+@@ -781,6 +781,8 @@ struct hostapd_config {
int ht_op_mode_fixed;
u16 ht_capab;
diff --git a/package/network/services/hostapd/patches/301-mesh-noscan.patch b/package/network/services/hostapd/patches/301-mesh-noscan.patch
index 0c42d2b110..ed4e91cae9 100644
--- a/package/network/services/hostapd/patches/301-mesh-noscan.patch
+++ b/package/network/services/hostapd/patches/301-mesh-noscan.patch
@@ -1,6 +1,6 @@
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
-@@ -2217,6 +2217,7 @@ static const struct parse_data ssid_fiel
+@@ -2233,6 +2233,7 @@ static const struct parse_data ssid_fiel
#else /* CONFIG_MESH */
{ INT_RANGE(mode, 0, 4) },
#endif /* CONFIG_MESH */
@@ -31,7 +31,7 @@
if (conf->hw_mode == HOSTAPD_MODE_IEEE80211A && ssid->vht) {
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -2051,12 +2051,12 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2081,12 +2081,12 @@ void ibss_mesh_setup_freq(struct wpa_sup
{
enum hostapd_hw_mode hw_mode;
struct hostapd_hw_modes *mode = NULL;
@@ -46,7 +46,7 @@
unsigned int j, k;
struct hostapd_freq_params vht_freq;
int chwidth, seg0, seg1;
-@@ -2126,7 +2126,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2156,7 +2156,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
return;
/* Setup higher BW only for 5 GHz */
diff --git a/package/network/services/hostapd/patches/310-rescan_immediately.patch b/package/network/services/hostapd/patches/310-rescan_immediately.patch
index 1fb05401f8..84eb252319 100644
--- a/package/network/services/hostapd/patches/310-rescan_immediately.patch
+++ b/package/network/services/hostapd/patches/310-rescan_immediately.patch
@@ -1,6 +1,6 @@
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -4248,7 +4248,7 @@ wpa_supplicant_alloc(struct wpa_supplica
+@@ -4312,7 +4312,7 @@ wpa_supplicant_alloc(struct wpa_supplica
if (wpa_s == NULL)
return NULL;
wpa_s->scan_req = INITIAL_SCAN_REQ;
diff --git a/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch b/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch
index 6aa8d1a3a7..e175bbc103 100644
--- a/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch
+++ b/package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch
@@ -1,6 +1,6 @@
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -4234,7 +4234,7 @@ static int nl80211_set_channel(struct i8
+@@ -4318,7 +4318,7 @@ static int nl80211_set_channel(struct i8
freq->freq, freq->ht_enabled, freq->vht_enabled,
freq->bandwidth, freq->center_freq1, freq->center_freq2);
diff --git a/package/network/services/hostapd/patches/340-reload_freq_change.patch b/package/network/services/hostapd/patches/340-reload_freq_change.patch
index d46f5144d0..81c20970e7 100644
--- a/package/network/services/hostapd/patches/340-reload_freq_change.patch
+++ b/package/network/services/hostapd/patches/340-reload_freq_change.patch
@@ -1,6 +1,6 @@
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
-@@ -93,6 +93,25 @@ static void hostapd_reload_bss(struct ho
+@@ -103,6 +103,25 @@ static void hostapd_reload_bss(struct ho
#endif /* CONFIG_NO_RADIUS */
ssid = &hapd->conf->ssid;
@@ -26,7 +26,7 @@
if (!ssid->wpa_psk_set && ssid->wpa_psk && !ssid->wpa_psk->next &&
ssid->wpa_passphrase_set && ssid->wpa_passphrase) {
/*
-@@ -171,6 +190,7 @@ int hostapd_reload_config(struct hostapd
+@@ -200,6 +219,7 @@ int hostapd_reload_config(struct hostapd
struct hostapd_data *hapd = iface->bss[0];
struct hostapd_config *newconf, *oldconf;
size_t j;
@@ -34,8 +34,8 @@
if (iface->config_fname == NULL) {
/* Only in-memory config in use - assume it has been updated */
-@@ -192,21 +212,20 @@ int hostapd_reload_config(struct hostapd
- oldconf = hapd->iconf;
+@@ -250,21 +270,20 @@ int hostapd_reload_config(struct hostapd
+ }
iface->conf = newconf;
+ for (i = 0; i < iface->num_hw_features; i++) {
diff --git a/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch b/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch
index 9d7a2a4431..836339f2e2 100644
--- a/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch
+++ b/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch
@@ -1,6 +1,6 @@
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -2566,10 +2566,15 @@ static int wpa_driver_nl80211_del_beacon
+@@ -2634,10 +2634,15 @@ static int wpa_driver_nl80211_del_beacon
struct nl_msg *msg;
struct wpa_driver_nl80211_data *drv = bss->drv;
@@ -18,7 +18,7 @@
return send_and_recv_msgs(drv, msg, NULL, NULL);
}
-@@ -4835,7 +4840,7 @@ static void nl80211_teardown_ap(struct i
+@@ -4919,7 +4924,7 @@ static void nl80211_teardown_ap(struct i
nl80211_mgmt_unsubscribe(bss, "AP teardown");
nl80211_put_wiphy_data_ap(bss);
@@ -27,7 +27,7 @@
}
-@@ -7057,8 +7062,6 @@ static int wpa_driver_nl80211_if_remove(
+@@ -7160,8 +7165,6 @@ static int wpa_driver_nl80211_if_remove(
} else {
wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context");
nl80211_teardown_ap(bss);
@@ -36,7 +36,7 @@
nl80211_destroy_bss(bss);
if (!bss->added_if)
i802_set_iface_flags(bss, 0);
-@@ -7437,7 +7440,6 @@ static int wpa_driver_nl80211_deinit_ap(
+@@ -7540,7 +7543,6 @@ static int wpa_driver_nl80211_deinit_ap(
if (!is_ap_interface(drv->nlmode))
return -1;
wpa_driver_nl80211_del_beacon(bss);
@@ -44,7 +44,7 @@
/*
* If the P2P GO interface was dynamically added, then it is
-@@ -7457,7 +7459,6 @@ static int wpa_driver_nl80211_stop_ap(vo
+@@ -7560,7 +7562,6 @@ static int wpa_driver_nl80211_stop_ap(vo
if (!is_ap_interface(drv->nlmode))
return -1;
wpa_driver_nl80211_del_beacon(bss);
diff --git a/package/network/services/hostapd/patches/360-ctrl_iface_reload.patch b/package/network/services/hostapd/patches/360-ctrl_iface_reload.patch
index 07faead2c5..537c0881c4 100644
--- a/package/network/services/hostapd/patches/360-ctrl_iface_reload.patch
+++ b/package/network/services/hostapd/patches/360-ctrl_iface_reload.patch
@@ -78,7 +78,7 @@
#ifdef CONFIG_IEEE80211W
#ifdef NEED_AP_MLME
-@@ -3031,6 +3088,8 @@ static int hostapd_ctrl_iface_receive_pr
+@@ -3084,6 +3141,8 @@ static int hostapd_ctrl_iface_receive_pr
} else if (os_strncmp(buf, "VENDOR ", 7) == 0) {
reply_len = hostapd_ctrl_iface_vendor(hapd, buf + 7, reply,
reply_size);
diff --git a/package/network/services/hostapd/patches/370-ap_sta_support.patch b/package/network/services/hostapd/patches/370-ap_sta_support.patch
index 58a0044849..ecb9460e95 100644
--- a/package/network/services/hostapd/patches/370-ap_sta_support.patch
+++ b/package/network/services/hostapd/patches/370-ap_sta_support.patch
@@ -30,7 +30,7 @@
#include "drivers/driver.h"
#include "eap_peer/eap.h"
#include "wpa_supplicant_i.h"
-@@ -292,6 +293,10 @@ void calculate_update_time(const struct
+@@ -294,6 +295,10 @@ void calculate_update_time(const struct
static void wpa_bss_copy_res(struct wpa_bss *dst, struct wpa_scan_res *src,
struct os_reltime *fetch_time)
{
@@ -41,7 +41,7 @@
dst->flags = src->flags;
os_memcpy(dst->bssid, src->bssid, ETH_ALEN);
dst->freq = src->freq;
-@@ -304,6 +309,15 @@ static void wpa_bss_copy_res(struct wpa_
+@@ -306,6 +311,15 @@ static void wpa_bss_copy_res(struct wpa_
dst->est_throughput = src->est_throughput;
dst->snr = src->snr;
@@ -59,7 +59,7 @@
--- a/wpa_supplicant/bss.h
+++ b/wpa_supplicant/bss.h
-@@ -81,6 +81,10 @@ struct wpa_bss {
+@@ -82,6 +82,10 @@ struct wpa_bss {
u8 ssid[SSID_MAX_LEN];
/** Length of SSID */
size_t ssid_len;
@@ -166,7 +166,7 @@
/* Configure default/group WEP keys for static WEP */
int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
{
-@@ -913,12 +962,16 @@ void wpa_supplicant_set_state(struct wpa
+@@ -920,12 +969,16 @@ void wpa_supplicant_set_state(struct wpa
sme_sched_obss_scan(wpa_s, 1);
@@ -183,7 +183,7 @@
wpa_s->new_connection = 1;
wpa_drv_set_operstate(wpa_s, 0);
#ifndef IEEE8021X_EAPOL
-@@ -1947,6 +2000,8 @@ void wpa_supplicant_associate(struct wpa
+@@ -1977,6 +2030,8 @@ void wpa_supplicant_associate(struct wpa
wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
ssid->id);
wpas_notify_mesh_group_started(wpa_s, ssid);
@@ -192,7 +192,7 @@
#else /* CONFIG_MESH */
wpa_msg(wpa_s, MSG_ERROR,
"mesh mode support not included in the build");
-@@ -5423,6 +5478,16 @@ static int wpa_supplicant_init_iface(str
+@@ -5487,6 +5542,16 @@ static int wpa_supplicant_init_iface(str
sizeof(wpa_s->bridge_ifname));
}
@@ -209,7 +209,7 @@
/* RSNA Supplicant Key Management - INITIALIZE */
eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
-@@ -5744,6 +5809,11 @@ static void wpa_supplicant_deinit_iface(
+@@ -5808,6 +5873,11 @@ static void wpa_supplicant_deinit_iface(
if (terminate)
wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
diff --git a/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch b/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch
index cd050fc0c9..e978fbc689 100644
--- a/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch
+++ b/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch
@@ -12,7 +12,7 @@
else
--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
-@@ -2857,6 +2857,7 @@ static int hostapd_ctrl_iface_receive_pr
+@@ -2907,6 +2907,7 @@ static int hostapd_ctrl_iface_receive_pr
reply_size);
} else if (os_strcmp(buf, "STATUS-DRIVER") == 0) {
reply_len = hostapd_drv_status(hapd, reply, reply_size);
@@ -20,7 +20,7 @@
} else if (os_strcmp(buf, "MIB") == 0) {
reply_len = ieee802_11_get_mib(hapd, reply, reply_size);
if (reply_len >= 0) {
-@@ -2898,6 +2899,7 @@ static int hostapd_ctrl_iface_receive_pr
+@@ -2948,6 +2949,7 @@ static int hostapd_ctrl_iface_receive_pr
} else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply,
reply_size);
@@ -42,7 +42,7 @@
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
-@@ -2108,7 +2108,7 @@ static int wpa_supplicant_ctrl_iface_sta
+@@ -2117,7 +2117,7 @@ static int wpa_supplicant_ctrl_iface_sta
pos += ret;
}
@@ -51,7 +51,7 @@
if (wpa_s->ap_iface) {
pos += ap_ctrl_iface_wpa_get_status(wpa_s, pos,
end - pos,
-@@ -9825,6 +9825,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -9852,6 +9852,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_len = -1;
} else if (os_strncmp(buf, "NOTE ", 5) == 0) {
wpa_printf(MSG_INFO, "NOTE: %s", buf + 5);
@@ -59,7 +59,7 @@
} else if (os_strcmp(buf, "MIB") == 0) {
reply_len = wpa_sm_get_mib(wpa_s->wpa, reply, reply_size);
if (reply_len >= 0) {
-@@ -9832,6 +9833,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -9859,6 +9860,7 @@ char * wpa_supplicant_ctrl_iface_process
reply + reply_len,
reply_size - reply_len);
}
@@ -67,7 +67,7 @@
} else if (os_strncmp(buf, "STATUS", 6) == 0) {
reply_len = wpa_supplicant_ctrl_iface_status(
wpa_s, buf + 6, reply, reply_size);
-@@ -10313,6 +10315,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -10340,6 +10342,7 @@ char * wpa_supplicant_ctrl_iface_process
reply_len = wpa_supplicant_ctrl_iface_bss(
wpa_s, buf + 4, reply, reply_size);
#ifdef CONFIG_AP
@@ -75,7 +75,7 @@
} else if (os_strcmp(buf, "STA-FIRST") == 0) {
reply_len = ap_ctrl_iface_sta_first(wpa_s, reply, reply_size);
} else if (os_strncmp(buf, "STA ", 4) == 0) {
-@@ -10321,12 +10324,15 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -10348,12 +10351,15 @@ char * wpa_supplicant_ctrl_iface_process
} else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
reply_len = ap_ctrl_iface_sta_next(wpa_s, buf + 9, reply,
reply_size);
@@ -126,7 +126,7 @@
if (os_snprintf_error(buflen - len, ret))
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
-@@ -2555,6 +2555,7 @@ static const char * bool_txt(Boolean val
+@@ -2581,6 +2581,7 @@ static const char * bool_txt(Boolean val
return val ? "TRUE" : "FALSE";
}
@@ -134,7 +134,7 @@
int ieee802_1x_get_mib(struct hostapd_data *hapd, char *buf, size_t buflen)
{
-@@ -2730,6 +2731,7 @@ int ieee802_1x_get_mib_sta(struct hostap
+@@ -2756,6 +2757,7 @@ int ieee802_1x_get_mib_sta(struct hostap
return len;
}
@@ -144,7 +144,7 @@
static void ieee802_1x_wnm_notif_send(void *eloop_ctx, void *timeout_ctx)
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
-@@ -3772,6 +3772,7 @@ static const char * wpa_bool_txt(int val
+@@ -3798,6 +3798,7 @@ static const char * wpa_bool_txt(int val
return val ? "TRUE" : "FALSE";
}
@@ -152,7 +152,7 @@
#define RSN_SUITE "%02x-%02x-%02x-%d"
#define RSN_SUITE_ARG(s) \
-@@ -3916,7 +3917,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
+@@ -3942,7 +3943,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
return len;
}
@@ -163,7 +163,7 @@
{
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
-@@ -2306,6 +2306,8 @@ static u32 wpa_key_mgmt_suite(struct wpa
+@@ -2319,6 +2319,8 @@ static u32 wpa_key_mgmt_suite(struct wpa
}
@@ -172,7 +172,7 @@
#define RSN_SUITE "%02x-%02x-%02x-%d"
#define RSN_SUITE_ARG(s) \
((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff
-@@ -2389,6 +2391,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch
+@@ -2402,6 +2404,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch
return (int) len;
}
@@ -182,7 +182,7 @@
--- a/wpa_supplicant/ap.c
+++ b/wpa_supplicant/ap.c
-@@ -1179,7 +1179,7 @@ int wpas_ap_wps_nfc_report_handover(stru
+@@ -1221,7 +1221,7 @@ int wpas_ap_wps_nfc_report_handover(stru
#endif /* CONFIG_WPS */
diff --git a/package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch b/package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch
index 1646627191..855fc808e9 100644
--- a/package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch
+++ b/package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch
@@ -1,6 +1,6 @@
--- a/src/common/wpa_common.c
+++ b/src/common/wpa_common.c
-@@ -1849,6 +1849,31 @@ u32 wpa_akm_to_suite(int akm)
+@@ -2042,6 +2042,31 @@ u32 wpa_akm_to_suite(int akm)
}
@@ -32,7 +32,7 @@
int wpa_compare_rsn_ie(int ft_initial_assoc,
const u8 *ie1, size_t ie1len,
const u8 *ie2, size_t ie2len)
-@@ -1856,8 +1881,19 @@ int wpa_compare_rsn_ie(int ft_initial_as
+@@ -2049,8 +2074,19 @@ int wpa_compare_rsn_ie(int ft_initial_as
if (ie1 == NULL || ie2 == NULL)
return -1;
diff --git a/package/network/services/hostapd/patches/410-limit_debug_messages.patch b/package/network/services/hostapd/patches/410-limit_debug_messages.patch
index b7dbbd0dc7..d182e8d986 100644
--- a/package/network/services/hostapd/patches/410-limit_debug_messages.patch
+++ b/package/network/services/hostapd/patches/410-limit_debug_messages.patch
@@ -1,6 +1,6 @@
--- a/src/utils/wpa_debug.c
+++ b/src/utils/wpa_debug.c
-@@ -201,7 +201,7 @@ void wpa_debug_close_linux_tracing(void)
+@@ -205,7 +205,7 @@ void wpa_debug_close_linux_tracing(void)
*
* Note: New line '\n' is added to the end of the text when printing to stdout.
*/
@@ -9,7 +9,7 @@
{
va_list ap;
-@@ -248,8 +248,8 @@ void wpa_printf(int level, const char *f
+@@ -252,8 +252,8 @@ void wpa_printf(int level, const char *f
}
@@ -20,7 +20,7 @@
{
size_t i;
-@@ -375,20 +375,8 @@ static void _wpa_hexdump(int level, cons
+@@ -379,20 +379,8 @@ static void _wpa_hexdump(int level, cons
#endif /* CONFIG_ANDROID_LOG */
}
@@ -43,7 +43,7 @@
{
size_t i, llen;
const u8 *pos = buf;
-@@ -495,20 +483,6 @@ static void _wpa_hexdump_ascii(int level
+@@ -499,20 +487,6 @@ static void _wpa_hexdump_ascii(int level
}
@@ -64,7 +64,7 @@
#ifdef CONFIG_DEBUG_FILE
static char *last_path = NULL;
#endif /* CONFIG_DEBUG_FILE */
-@@ -604,7 +578,7 @@ void wpa_msg_register_ifname_cb(wpa_msg_
+@@ -628,7 +602,7 @@ void wpa_msg_register_ifname_cb(wpa_msg_
}
@@ -73,7 +73,7 @@
{
va_list ap;
char *buf;
-@@ -642,7 +616,7 @@ void wpa_msg(void *ctx, int level, const
+@@ -666,7 +640,7 @@ void wpa_msg(void *ctx, int level, const
}
diff --git a/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch b/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch
index 81ad81c39a..1bb5d6e620 100644
--- a/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch
+++ b/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch
@@ -22,7 +22,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
#include "common/defs.h"
#include "common/ieee802_11_defs.h"
#include "common/wpa_common.h"
-@@ -762,6 +763,9 @@ struct wpa_driver_associate_params {
+@@ -774,6 +775,9 @@ struct wpa_driver_associate_params {
* responsible for selecting with which BSS to associate. */
const u8 *bssid;
@@ -42,7 +42,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
#include "config.h"
-@@ -2037,6 +2038,97 @@ static char * wpa_config_write_peerkey(c
+@@ -2053,6 +2054,97 @@ static char * wpa_config_write_peerkey(c
#endif /* NO_CONFIG_WRITE */
@@ -140,7 +140,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
/* Helper macros for network block parser */
#ifdef OFFSET
-@@ -2282,6 +2374,8 @@ static const struct parse_data ssid_fiel
+@@ -2298,6 +2390,8 @@ static const struct parse_data ssid_fiel
{ INT(ap_max_inactivity) },
{ INT(dtim_period) },
{ INT(beacon_int) },
@@ -174,7 +174,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
* macsec_policy - Determines the policy for MACsec secure session
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -3061,6 +3061,12 @@ static void wpas_start_assoc_cb(struct w
+@@ -3117,6 +3117,12 @@ static void wpas_start_assoc_cb(struct w
params.beacon_int = ssid->beacon_int;
else
params.beacon_int = wpa_s->conf->beacon_int;
diff --git a/package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch b/package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch
index b56fa3d38e..287cd1dd2e 100644
--- a/package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch
+++ b/package/network/services/hostapd/patches/461-driver_nl80211-use-new-parameters-during-ibss-join.patch
@@ -10,7 +10,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -5094,7 +5094,7 @@ static int wpa_driver_nl80211_ibss(struc
+@@ -5178,7 +5178,7 @@ static int wpa_driver_nl80211_ibss(struc
struct wpa_driver_associate_params *params)
{
struct nl_msg *msg;
@@ -19,7 +19,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
int count = 0;
wpa_printf(MSG_DEBUG, "nl80211: Join IBSS (ifindex=%d)", drv->ifindex);
-@@ -5121,6 +5121,37 @@ retry:
+@@ -5205,6 +5205,37 @@ retry:
nl80211_put_beacon_int(msg, params->beacon_int))
goto fail;
diff --git a/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch b/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch
index 12cbd993a5..55a48b9733 100644
--- a/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch
+++ b/package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch
@@ -19,7 +19,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
-@@ -1397,6 +1397,7 @@ struct wpa_driver_mesh_join_params {
+@@ -1409,6 +1409,7 @@ struct wpa_driver_mesh_join_params {
#define WPA_DRIVER_MESH_FLAG_AMPE 0x00000008
unsigned int flags;
u8 handle_dfs;
@@ -29,7 +29,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
/**
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
-@@ -9248,6 +9248,18 @@ static int nl80211_put_mesh_id(struct nl
+@@ -9352,6 +9352,18 @@ static int nl80211_put_mesh_id(struct nl
}
@@ -48,7 +48,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
static int nl80211_put_mesh_config(struct nl_msg *msg,
struct wpa_driver_mesh_bss_params *params)
{
-@@ -9309,6 +9321,7 @@ static int nl80211_join_mesh(struct i802
+@@ -9413,6 +9425,7 @@ static int nl80211_join_mesh(struct i802
nl80211_put_basic_rates(msg, params->basic_rates) ||
nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) ||
nl80211_put_beacon_int(msg, params->beacon_int) ||
diff --git a/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch b/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch
index f630894c92..3d4946e0b0 100644
--- a/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch
+++ b/package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch
@@ -1,6 +1,6 @@
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -2124,11 +2124,13 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -2154,11 +2154,13 @@ void ibss_mesh_setup_freq(struct wpa_sup
for (j = 0; j < wpa_s->last_scan_res_used; j++) {
struct wpa_bss *bss = wpa_s->last_scan_res[j];
diff --git a/package/network/services/hostapd/patches/600-ubus_support.patch b/package/network/services/hostapd/patches/600-ubus_support.patch
index e22c8d91fc..a70f8861ac 100644
--- a/package/network/services/hostapd/patches/600-ubus_support.patch
+++ b/package/network/services/hostapd/patches/600-ubus_support.patch
@@ -20,9 +20,9 @@
#include "drivers/driver.h"
+#include "ubus.h"
- struct wpa_ctrl_dst;
- struct radius_server_data;
-@@ -129,6 +130,7 @@ struct hostapd_data {
+ #define OCE_STA_CFON_ENABLED(hapd) \
+ ((hapd->conf->oce & OCE_STA_CFON) && \
+@@ -136,6 +137,7 @@ struct hostapd_data {
struct hostapd_iface *iface;
struct hostapd_config *iconf;
struct hostapd_bss_config *conf;
@@ -30,7 +30,7 @@
int interface_added; /* virtual interface added for this BSS */
unsigned int started:1;
unsigned int disabled:1;
-@@ -544,6 +546,7 @@ hostapd_alloc_bss_data(struct hostapd_if
+@@ -547,6 +549,7 @@ hostapd_alloc_bss_data(struct hostapd_if
struct hostapd_bss_config *bss);
int hostapd_setup_interface(struct hostapd_iface *iface);
int hostapd_setup_interface_complete(struct hostapd_iface *iface, int err);
@@ -40,7 +40,7 @@
struct hostapd_iface * hostapd_alloc_iface(void);
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
-@@ -315,6 +315,7 @@ static void hostapd_free_hapd_data(struc
+@@ -373,6 +373,7 @@ static void hostapd_free_hapd_data(struc
hapd->started = 0;
wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface);
@@ -48,7 +48,7 @@
iapp_deinit(hapd->iapp);
hapd->iapp = NULL;
accounting_deinit(hapd);
-@@ -1237,6 +1238,8 @@ static int hostapd_setup_bss(struct host
+@@ -1295,6 +1296,8 @@ static int hostapd_setup_bss(struct host
if (hapd->driver && hapd->driver->set_operstate)
hapd->driver->set_operstate(hapd->drv_priv, 1);
@@ -57,7 +57,7 @@
return 0;
}
-@@ -1651,7 +1654,7 @@ static enum nr_chan_width hostapd_get_nr
+@@ -1709,7 +1712,7 @@ static enum nr_chan_width hostapd_get_nr
#endif /* NEED_AP_MLME */
@@ -66,7 +66,7 @@
{
#ifdef NEED_AP_MLME
u16 capab = hostapd_own_capab_info(hapd);
-@@ -1872,6 +1875,7 @@ static int hostapd_setup_interface_compl
+@@ -1930,6 +1933,7 @@ static int hostapd_setup_interface_compl
if (err)
goto fail;
@@ -74,7 +74,7 @@
wpa_printf(MSG_DEBUG, "Completing interface initialization");
if (iface->conf->channel) {
#ifdef NEED_AP_MLME
-@@ -2052,6 +2056,7 @@ dfs_offload:
+@@ -2110,6 +2114,7 @@ dfs_offload:
fail:
wpa_printf(MSG_ERROR, "Interface initialization failed");
@@ -82,7 +82,7 @@
hostapd_set_state(iface, HAPD_IFACE_DISABLED);
wpa_msg(hapd->msg_ctx, MSG_INFO, AP_EVENT_DISABLED);
#ifdef CONFIG_FST
-@@ -2517,6 +2522,7 @@ void hostapd_interface_deinit_free(struc
+@@ -2576,6 +2581,7 @@ void hostapd_interface_deinit_free(struc
(unsigned int) iface->conf->num_bss);
driver = iface->bss[0]->driver;
drv_priv = iface->bss[0]->drv_priv;
@@ -92,7 +92,7 @@
__func__, driver, drv_priv);
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
-@@ -1714,12 +1714,13 @@ ieee802_11_set_radius_info(struct hostap
+@@ -1743,12 +1743,13 @@ ieee802_11_set_radius_info(struct hostap
static void handle_auth(struct hostapd_data *hapd,
@@ -108,7 +108,7 @@
u16 fc;
const u8 *challenge = NULL;
u32 session_timeout, acct_interim_interval;
-@@ -1730,6 +1731,11 @@ static void handle_auth(struct hostapd_d
+@@ -1759,6 +1760,11 @@ static void handle_auth(struct hostapd_d
char *identity = NULL;
char *radius_cui = NULL;
u16 seq_ctrl;
@@ -120,7 +120,7 @@
if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) {
wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)",
-@@ -1890,6 +1896,13 @@ static void handle_auth(struct hostapd_d
+@@ -1919,6 +1925,13 @@ static void handle_auth(struct hostapd_d
resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
goto fail;
}
@@ -134,7 +134,7 @@
if (res == HOSTAPD_ACL_PENDING)
return;
-@@ -3169,12 +3182,12 @@ void fils_hlp_timeout(void *eloop_ctx, v
+@@ -3210,12 +3223,12 @@ void fils_hlp_timeout(void *eloop_ctx, v
static void handle_assoc(struct hostapd_data *hapd,
const struct ieee80211_mgmt *mgmt, size_t len,
@@ -149,7 +149,7 @@
struct sta_info *sta;
u8 *tmp = NULL;
struct hostapd_sta_wpa_psk_short *psk = NULL;
-@@ -3183,6 +3196,11 @@ static void handle_assoc(struct hostapd_
+@@ -3224,6 +3237,11 @@ static void handle_assoc(struct hostapd_
#ifdef CONFIG_FILS
int delay_assoc = 0;
#endif /* CONFIG_FILS */
@@ -161,7 +161,7 @@
if (len < IEEE80211_HDRLEN + (reassoc ? sizeof(mgmt->u.reassoc_req) :
sizeof(mgmt->u.assoc_req))) {
-@@ -3354,6 +3372,14 @@ static void handle_assoc(struct hostapd_
+@@ -3395,6 +3413,14 @@ static void handle_assoc(struct hostapd_
}
#endif /* CONFIG_MBO */
@@ -176,7 +176,7 @@
/*
* sta->capability is used in check_assoc_ies() for RRM enabled
* capability element.
-@@ -3567,6 +3593,7 @@ static void handle_disassoc(struct hosta
+@@ -3608,6 +3634,7 @@ static void handle_disassoc(struct hosta
wpa_printf(MSG_DEBUG, "disassocation: STA=" MACSTR " reason_code=%d",
MAC2STR(mgmt->sa),
le_to_host16(mgmt->u.disassoc.reason_code));
@@ -184,7 +184,7 @@
sta = ap_get_sta(hapd, mgmt->sa);
if (sta == NULL) {
-@@ -3632,6 +3659,8 @@ static void handle_deauth(struct hostapd
+@@ -3673,6 +3700,8 @@ static void handle_deauth(struct hostapd
" reason_code=%d",
MAC2STR(mgmt->sa), le_to_host16(mgmt->u.deauth.reason_code));
@@ -193,7 +193,7 @@
sta = ap_get_sta(hapd, mgmt->sa);
if (sta == NULL) {
wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR " trying "
-@@ -3951,7 +3980,7 @@ int ieee802_11_mgmt(struct hostapd_data
+@@ -4000,7 +4029,7 @@ int ieee802_11_mgmt(struct hostapd_data
if (stype == WLAN_FC_STYPE_PROBE_REQ) {
@@ -202,7 +202,7 @@
return 1;
}
-@@ -3971,17 +4000,17 @@ int ieee802_11_mgmt(struct hostapd_data
+@@ -4020,17 +4049,17 @@ int ieee802_11_mgmt(struct hostapd_data
switch (stype) {
case WLAN_FC_STYPE_AUTH:
wpa_printf(MSG_DEBUG, "mgmt::auth");
@@ -225,7 +225,7 @@
case WLAN_FC_STYPE_DISASSOC:
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
-@@ -720,7 +720,7 @@ void sta_track_claim_taxonomy_info(struc
+@@ -725,7 +725,7 @@ void sta_track_claim_taxonomy_info(struc
void handle_probe_req(struct hostapd_data *hapd,
const struct ieee80211_mgmt *mgmt, size_t len,
@@ -234,7 +234,7 @@
{
u8 *resp;
struct ieee802_11_elems elems;
-@@ -729,6 +729,7 @@ void handle_probe_req(struct hostapd_dat
+@@ -734,6 +734,7 @@ void handle_probe_req(struct hostapd_dat
size_t i, resp_len;
int noack;
enum ssid_match_result res;
@@ -242,7 +242,7 @@
int ret;
u16 csa_offs[2];
size_t csa_offs_len;
-@@ -737,6 +738,12 @@ void handle_probe_req(struct hostapd_dat
+@@ -742,6 +743,12 @@ void handle_probe_req(struct hostapd_dat
struct hostapd_sta_wpa_psk_short *psk = NULL;
char *identity = NULL;
char *radius_cui = NULL;
@@ -255,7 +255,7 @@
if (len < IEEE80211_HDRLEN)
return;
-@@ -914,6 +921,12 @@ void handle_probe_req(struct hostapd_dat
+@@ -919,6 +926,12 @@ void handle_probe_req(struct hostapd_dat
}
#endif /* CONFIG_P2P */
@@ -307,7 +307,7 @@
wpabuf_free(sta->p2p_ie);
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
-@@ -415,6 +415,7 @@ void ap_handle_timer(void *eloop_ctx, vo
+@@ -416,6 +416,7 @@ void ap_handle_timer(void *eloop_ctx, vo
HOSTAPD_LEVEL_INFO, "deauthenticated due to "
"local deauth request");
ap_free_sta(hapd, sta);
@@ -315,7 +315,7 @@
return;
}
-@@ -562,6 +563,7 @@ skip_poll:
+@@ -563,6 +564,7 @@ skip_poll:
hapd, sta,
WLAN_REASON_PREV_AUTH_NOT_VALID);
ap_free_sta(hapd, sta);
@@ -323,7 +323,7 @@
break;
}
}
-@@ -1223,6 +1225,7 @@ void ap_sta_set_authorized(struct hostap
+@@ -1224,6 +1226,7 @@ void ap_sta_set_authorized(struct hostap
buf, ip_addr);
} else {
wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf);
@@ -368,7 +368,7 @@
CFLAGS += -DCONFIG_WNM_AP
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -5998,6 +5998,8 @@ struct wpa_supplicant * wpa_supplicant_a
+@@ -6062,6 +6062,8 @@ struct wpa_supplicant * wpa_supplicant_a
}
#endif /* CONFIG_P2P */
@@ -377,7 +377,7 @@
return wpa_s;
}
-@@ -6024,6 +6026,8 @@ int wpa_supplicant_remove_iface(struct w
+@@ -6088,6 +6090,8 @@ int wpa_supplicant_remove_iface(struct w
struct wpa_supplicant *parent = wpa_s->parent;
#endif /* CONFIG_MESH */
diff --git a/package/network/services/hostapd/patches/700-fix-openssl11.patch b/package/network/services/hostapd/patches/700-fix-openssl11.patch
deleted file mode 100644
index 86343c150b..0000000000
--- a/package/network/services/hostapd/patches/700-fix-openssl11.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From 672540d4ddbd24782b5c65b35d636bdfe8a90d0f Mon Sep 17 00:00:00 2001
-From: Rosen Penev <rosenp@gmail.com>
-Date: Fri, 15 Jun 2018 18:35:30 -0700
-Subject: [PATCH] Fix compile with OpenSSL 1.1.0 and deprecated APIs
-
-SSL_session_reused is the same as SSL_cache_hit. The engine load stuff is
-now handled by OPENSSL_init.
-
-Signed-off-by: Rosen Penev <rosenp@gmail.com>
----
- src/crypto/tls_openssl.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
---- a/src/crypto/tls_openssl.c
-+++ b/src/crypto/tls_openssl.c
-@@ -1024,8 +1024,10 @@ void * tls_init(const struct tls_config
-
- #ifndef OPENSSL_NO_ENGINE
- wpa_printf(MSG_DEBUG, "ENGINE: Loading dynamic engine");
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- ERR_load_ENGINE_strings();
- ENGINE_load_dynamic();
-+#endif /* OPENSSL_VERSION_NUMBER */
-
- if (conf &&
- (conf->opensc_engine_path || conf->pkcs11_engine_path ||
-@@ -3874,7 +3876,7 @@ struct wpabuf * tls_connection_decrypt(v
-
- int tls_connection_resumed(void *ssl_ctx, struct tls_connection *conn)
- {
-- return conn ? SSL_cache_hit(conn->ssl) : 0;
-+ return conn ? SSL_session_reused(conn->ssl) : 0;
- }
-
-