aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/services/hostapd/patches/557-hostapd-support-Multi-AP-backhaul-STA-onboarding.patch
diff options
context:
space:
mode:
Diffstat (limited to 'package/network/services/hostapd/patches/557-hostapd-support-Multi-AP-backhaul-STA-onboarding.patch')
-rw-r--r--package/network/services/hostapd/patches/557-hostapd-support-Multi-AP-backhaul-STA-onboarding.patch339
1 files changed, 0 insertions, 339 deletions
diff --git a/package/network/services/hostapd/patches/557-hostapd-support-Multi-AP-backhaul-STA-onboarding.patch b/package/network/services/hostapd/patches/557-hostapd-support-Multi-AP-backhaul-STA-onboarding.patch
deleted file mode 100644
index c5785e50c3..0000000000
--- a/package/network/services/hostapd/patches/557-hostapd-support-Multi-AP-backhaul-STA-onboarding.patch
+++ /dev/null
@@ -1,339 +0,0 @@
-From 8b04a4cddbd6dbadb24279713af7ac677e80d342 Mon Sep 17 00:00:00 2001
-From: Davina Lu <ylu@quantenna.com>
-Date: Tue, 2 Oct 2018 18:34:14 -0700
-Subject: [PATCH] hostapd: support Multi-AP backhaul STA onboarding
-
-The Wi-Fi Alliance Multi-AP Specification v1.0 allows onboarding of a
-backhaul STA through WPS. To enable this, the WPS registrar offers a
-different set of credentials (backhaul credentials instead of fronthaul
-credentials) when the Multi-AP subelement is present in the WFA vendor
-extension element of the WSC M1 message.
-
-Add 3 new configuration options to specify the backhaul credentials for
-the hostapd internal registrar: multi_ap_backhaul_ssid,
-multi_ap_backhaul_wpa_psk, multi_ap_backhaul_wpa_passphrase. These are
-only relevant for a fronthaul SSID, i.e. where multi_ap is set to 2 or
-3. When these options are set, pass the backhaul credentials instead of
-the normal credentials when the Multi-AP subelement is present.
-
-Ignore the Multi-AP subelement if the backhaul config options are not
-set. Note that for an SSID which is fronthaul and backhaul at the same
-time (i.e., multi_ap == 3), this results in the correct credentials
-being sent anyway.
-
-The security to be used for the backaul BSS is fixed to WPA2PSK. The
-Multi-AP Specification only allows Open and WPA2PSK networks to be
-configured. Although not stated explicitly, the backhaul link is
-intended to be always encrypted, hence WPA2PSK.
-
-To build the credentials, the credential-building code is essentially
-copied and simplified. Indeed, the backhaul credentials are always
-WPA2PSK and never use per-device PSK. All the options set for the
-fronthaul BSS WPS are simply ignored.
-
-Signed-off-by: Davina Lu <ylu@quantenna.com>
-Signed-off-by: Igor Mitsyanko <igor.mitsyanko.os@quantenna.com>
-Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
----
-v4: no change
----
- hostapd/config_file.c | 47 ++++++++++++++++++++++++++++++++++++++++
- hostapd/hostapd.conf | 9 ++++++++
- src/ap/ap_config.c | 2 ++
- src/ap/ap_config.h | 1 +
- src/ap/wps_hostapd.c | 26 ++++++++++++++++++++++
- src/wps/wps.h | 32 +++++++++++++++++++++++++++
- src/wps/wps_attr_parse.c | 11 ++++++++++
- src/wps/wps_attr_parse.h | 1 +
- src/wps/wps_dev_attr.c | 5 +++++
- src/wps/wps_dev_attr.h | 1 +
- src/wps/wps_registrar.c | 25 ++++++++++++++++++++-
- 11 files changed, 159 insertions(+), 1 deletion(-)
-
---- a/hostapd/config_file.c
-+++ b/hostapd/config_file.c
-@@ -3479,6 +3479,53 @@ static int hostapd_config_fill(struct ho
- line, pos);
- return 1;
- }
-+ } else if (os_strcmp(buf, "multi_ap_backhaul_ssid") == 0) {
-+ size_t slen;
-+ char *str = wpa_config_parse_string(pos, &slen);
-+
-+ if (str == NULL || slen < 1 || slen > SSID_MAX_LEN) {
-+ wpa_printf(MSG_ERROR, "Line %d: invalid SSID '%s'",
-+ line, pos);
-+ os_free(str);
-+ return 1;
-+ }
-+ os_memcpy(bss->multi_ap_backhaul_ssid.ssid, str, slen);
-+ bss->multi_ap_backhaul_ssid.ssid_len = slen;
-+ bss->multi_ap_backhaul_ssid.ssid_set = 1;
-+ os_free(str);
-+ } else if (os_strcmp(buf, "multi_ap_backhaul_wpa_passphrase") == 0) {
-+ int len = os_strlen(pos);
-+
-+ if (len < 8 || len > 63) {
-+ wpa_printf(MSG_ERROR,
-+ "Line %d: invalid WPA passphrase length %d (expected 8..63)",
-+ line, len);
-+ return 1;
-+ }
-+ os_free(bss->multi_ap_backhaul_ssid.wpa_passphrase);
-+ bss->multi_ap_backhaul_ssid.wpa_passphrase = os_strdup(pos);
-+ if (bss->multi_ap_backhaul_ssid.wpa_passphrase) {
-+ hostapd_config_clear_wpa_psk(&bss->multi_ap_backhaul_ssid.wpa_psk);
-+ bss->multi_ap_backhaul_ssid.wpa_passphrase_set = 1;
-+ }
-+ } else if (os_strcmp(buf, "multi_ap_backhaul_wpa_psk") == 0) {
-+ hostapd_config_clear_wpa_psk(&bss->multi_ap_backhaul_ssid.wpa_psk);
-+ bss->multi_ap_backhaul_ssid.wpa_psk =
-+ os_zalloc(sizeof(struct hostapd_wpa_psk));
-+ if (bss->multi_ap_backhaul_ssid.wpa_psk == NULL)
-+ return 1;
-+ if (hexstr2bin(pos, bss->multi_ap_backhaul_ssid.wpa_psk->psk,
-+ PMK_LEN) ||
-+ pos[PMK_LEN * 2] != '\0') {
-+ wpa_printf(MSG_ERROR, "Line %d: Invalid PSK '%s'.",
-+ line, pos);
-+ hostapd_config_clear_wpa_psk(&bss->multi_ap_backhaul_ssid.wpa_psk);
-+ return 1;
-+ }
-+ bss->multi_ap_backhaul_ssid.wpa_psk->group = 1;
-+ os_free(bss->multi_ap_backhaul_ssid.wpa_passphrase);
-+ bss->multi_ap_backhaul_ssid.wpa_passphrase = NULL;
-+ bss->multi_ap_backhaul_ssid.wpa_psk_set = 1;
- } else if (os_strcmp(buf, "upnp_iface") == 0) {
- os_free(bss->upnp_iface);
- bss->upnp_iface = os_strdup(pos);
---- a/hostapd/hostapd.conf
-+++ b/hostapd/hostapd.conf
-@@ -1852,6 +1852,15 @@ own_ip_addr=127.0.0.1
- # attribute.
- #ap_settings=hostapd.ap_settings
-
-+# Multi-AP backhaul BSS config
-+# Used in WPS when multi_ap=2 or 3. Defines "backhaul BSS" credentials.
-+# These are passed in WPS M8 instead of the normal (fronthaul) credentials
-+# if the enrollee has the Multi-AP subelement set. Backhaul SSID is formatted
-+# like ssid2. The key is set like wpa_psk or wpa_passphrase.
-+#multi_ap_backhaul_ssid="backhaul"
-+#multi_ap_backhaul_wpa_psk=0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
-+#multi_ap_backhaul_wpa_passphrase=secret passphrase
-+
- # WPS UPnP interface
- # If set, support for external Registrars is enabled.
- #upnp_iface=br0
---- a/src/ap/ap_config.c
-+++ b/src/ap/ap_config.c
-@@ -582,6 +582,8 @@ void hostapd_config_free_bss(struct host
- os_free(conf->ap_pin);
- os_free(conf->extra_cred);
- os_free(conf->ap_settings);
-+ hostapd_config_clear_wpa_psk(&conf->multi_ap_backhaul_ssid.wpa_psk);
-+ str_clear_free(conf->multi_ap_backhaul_ssid.wpa_passphrase);
- os_free(conf->upnp_iface);
- os_free(conf->friendly_name);
- os_free(conf->manufacturer_url);
---- a/src/ap/ap_config.h
-+++ b/src/ap/ap_config.h
-@@ -456,6 +456,7 @@ struct hostapd_bss_config {
- int force_per_enrollee_psk;
- u8 *ap_settings;
- size_t ap_settings_len;
-+ struct hostapd_ssid multi_ap_backhaul_ssid;
- char *upnp_iface;
- char *friendly_name;
- char *manufacturer_url;
---- a/src/ap/wps_hostapd.c
-+++ b/src/ap/wps_hostapd.c
-@@ -962,6 +962,7 @@ static void hostapd_free_wps(struct wps_
- wpabuf_free(wps->dev.vendor_ext[i]);
- wps_device_data_free(&wps->dev);
- os_free(wps->network_key);
-+ os_free(wps->multi_ap_backhaul_network_key);
- hostapd_wps_nfc_clear(wps);
- wpabuf_free(wps->dh_pubkey);
- wpabuf_free(wps->dh_privkey);
-@@ -1131,6 +1132,31 @@ int hostapd_init_wps(struct hostapd_data
- wps->encr_types_wpa = WPS_ENCR_AES | WPS_ENCR_TKIP;
- }
-
-+ if (hapd->conf->multi_ap & FRONTHAUL_BSS &&
-+ hapd->conf->multi_ap_backhaul_ssid.ssid_len) {
-+ wps->multi_ap_backhaul_ssid_len =
-+ hapd->conf->multi_ap_backhaul_ssid.ssid_len;
-+ os_memcpy(wps->multi_ap_backhaul_ssid,
-+ hapd->conf->multi_ap_backhaul_ssid.ssid,
-+ wps->multi_ap_backhaul_ssid_len);
-+ if (conf->multi_ap_backhaul_ssid.wpa_passphrase) {
-+ wps->multi_ap_backhaul_network_key =
-+ (u8 *) os_strdup(conf->multi_ap_backhaul_ssid.wpa_passphrase);
-+ wps->multi_ap_backhaul_network_key_len =
-+ os_strlen(conf->multi_ap_backhaul_ssid.wpa_passphrase);
-+ } else if (conf->multi_ap_backhaul_ssid.wpa_psk) {
-+ wps->multi_ap_backhaul_network_key =
-+ os_malloc(2 * PMK_LEN + 1);
-+ if (wps->multi_ap_backhaul_network_key == NULL)
-+ goto fail;
-+ wpa_snprintf_hex((char *) wps->multi_ap_backhaul_network_key,
-+ 2 * PMK_LEN + 1,
-+ conf->multi_ap_backhaul_ssid.wpa_psk->psk,
-+ PMK_LEN);
-+ wps->multi_ap_backhaul_network_key_len = 2 * PMK_LEN;
-+ }
-+ }
-+
- wps->ap_settings = conf->ap_settings;
- wps->ap_settings_len = conf->ap_settings_len;
-
---- a/src/wps/wps.h
-+++ b/src/wps/wps.h
-@@ -100,6 +100,7 @@ struct wps_device_data {
- struct wpabuf *vendor_ext[MAX_WPS_VENDOR_EXTENSIONS];
-
- int p2p;
-+ u8 multi_ap_ext;
- };
-
- /**
-@@ -730,6 +731,37 @@ struct wps_context {
- int psk_set;
-
- /**
-+ * multi_ap_backhaul_ssid - SSID to supply to a Multi-AP backhaul
-+ * enrollee
-+ *
-+ * This SSID is used by the Registrar to fill in information for
-+ * Credentials when the enrollee advertises it is a Multi-AP backhaul
-+ * STA.
-+ */
-+ u8 multi_ap_backhaul_ssid[SSID_MAX_LEN];
-+
-+ /**
-+ * multi_ap_backhaul_ssid_len - Length of multi_ap_backhaul_ssid in
-+ * octets
-+ */
-+ size_t multi_ap_backhaul_ssid_len;
-+
-+ /**
-+ * multi_ap_backhaul_network_key - The Network Key (PSK) for the
-+ * Multi-AP backhaul enrollee.
-+ *
-+ * This key can be either the ASCII passphrase (8..63 characters) or the
-+ * 32-octet PSK (64 hex characters).
-+ */
-+ u8 *multi_ap_backhaul_network_key;
-+
-+ /**
-+ * multi_ap_backhaul_network_key_len - Length of
-+ * multi_ap_backhaul_network_key in octets
-+ */
-+ size_t multi_ap_backhaul_network_key_len;
-+
-+ /**
- * ap_settings - AP Settings override for M7 (only used at AP)
- *
- * If %NULL, AP Settings attributes will be generated based on the
---- a/src/wps/wps_attr_parse.c
-+++ b/src/wps/wps_attr_parse.c
-@@ -67,6 +67,17 @@ static int wps_set_vendor_ext_wfa_subele
- }
- attr->registrar_configuration_methods = pos;
- break;
-+ case WFA_ELEM_MULTI_AP:
-+ if (len != 1) {
-+ wpa_printf(MSG_DEBUG,
-+ "WPS: Invalid Multi-AP Extension length %u",
-+ len);
-+ return -1;
-+ }
-+ attr->multi_ap_ext = *pos;
-+ wpa_printf(MSG_DEBUG, "WPS: Multi-AP Extension 0x%02x",
-+ attr->multi_ap_ext);
-+ break;
- default:
- wpa_printf(MSG_MSGDUMP, "WPS: Skipped unknown WFA Vendor "
- "Extension subelement %u", id);
---- a/src/wps/wps_attr_parse.h
-+++ b/src/wps/wps_attr_parse.h
-@@ -97,6 +97,7 @@ struct wps_parse_attr {
- const u8 *cred[MAX_CRED_COUNT];
- const u8 *req_dev_type[MAX_REQ_DEV_TYPE_COUNT];
- const u8 *vendor_ext[MAX_WPS_PARSE_VENDOR_EXT];
-+ u8 multi_ap_ext;
- };
-
- int wps_parse_msg(const struct wpabuf *msg, struct wps_parse_attr *attr);
---- a/src/wps/wps_dev_attr.c
-+++ b/src/wps/wps_dev_attr.c
-@@ -389,6 +389,11 @@ int wps_process_os_version(struct wps_de
- return 0;
- }
-
-+void wps_process_vendor_ext_m1(struct wps_device_data *dev, const u8 ext)
-+{
-+ dev->multi_ap_ext = ext;
-+ wpa_printf(MSG_DEBUG, "WPS: Multi-AP extension value %02x", dev->multi_ap_ext);
-+}
-
- int wps_process_rf_bands(struct wps_device_data *dev, const u8 *bands)
- {
---- a/src/wps/wps_dev_attr.h
-+++ b/src/wps/wps_dev_attr.h
-@@ -29,6 +29,7 @@ int wps_build_dev_name(struct wps_device
- int wps_process_device_attrs(struct wps_device_data *dev,
- struct wps_parse_attr *attr);
- int wps_process_os_version(struct wps_device_data *dev, const u8 *ver);
-+void wps_process_vendor_ext_m1(struct wps_device_data *dev, const u8 ext);
- int wps_process_rf_bands(struct wps_device_data *dev, const u8 *bands);
- void wps_device_data_free(struct wps_device_data *dev);
- int wps_build_vendor_ext(struct wps_device_data *dev, struct wpabuf *msg);
---- a/src/wps/wps_registrar.c
-+++ b/src/wps/wps_registrar.c
-@@ -1588,7 +1588,6 @@ int wps_build_credential_wrap(struct wpa
- return 0;
- }
-
--
- int wps_build_cred(struct wps_data *wps, struct wpabuf *msg)
- {
- struct wpabuf *cred;
-@@ -1603,6 +1602,29 @@ int wps_build_cred(struct wps_data *wps,
- }
- os_memset(&wps->cred, 0, sizeof(wps->cred));
-
-+ if (wps->peer_dev.multi_ap_ext == MULTI_AP_BACKHAUL_STA &&
-+ wps->wps->multi_ap_backhaul_ssid_len) {
-+ wpa_printf(MSG_DEBUG, "WPS: Use backhaul STA credentials");
-+ os_memcpy(wps->cred.ssid, wps->wps->multi_ap_backhaul_ssid,
-+ wps->wps->multi_ap_backhaul_ssid_len);
-+ wps->cred.ssid_len = wps->wps->multi_ap_backhaul_ssid_len;
-+ /* Backhaul is always WPA2PSK */
-+ wps->cred.auth_type = WPS_AUTH_WPA2PSK;
-+ wps->cred.encr_type = WPS_ENCR_AES;
-+ /* Set MAC address in the Credential to be the Enrollee's MAC
-+ * address
-+ */
-+ os_memcpy(wps->cred.mac_addr, wps->mac_addr_e, ETH_ALEN);
-+ if (wps->wps->multi_ap_backhaul_network_key) {
-+ os_memcpy(wps->cred.key,
-+ wps->wps->multi_ap_backhaul_network_key,
-+ wps->wps->multi_ap_backhaul_network_key_len);
-+ wps->cred.key_len =
-+ wps->wps->multi_ap_backhaul_network_key_len;
-+ }
-+ goto use_provided;
-+ }
-+
- os_memcpy(wps->cred.ssid, wps->wps->ssid, wps->wps->ssid_len);
- wps->cred.ssid_len = wps->wps->ssid_len;
-
-@@ -2705,6 +2727,7 @@ static enum wps_process_res wps_process_
- wps->use_psk_key = 1;
- }
- #endif /* WPS_WORKAROUNDS */
-+ wps_process_vendor_ext_m1(&wps->peer_dev, attr->multi_ap_ext);
-
- wps->state = SEND_M2;
- return WPS_CONTINUE;
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-28 00:36:11 +0000