aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/services/hostapd/Makefile
Commit message (Collapse)AuthorAgeFilesLines
* hostapd: update to git snapshot of 2018-03-26Daniel Golle2018-03-271-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The following patches were merged upstream: 000-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch replaced by commit 0e3bd7ac6 001-Prevent-reinstallation-of-an-already-in-use-group-ke.patch replaced by commit cb5132bb3 002-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch replaced by commit 87e2db16b 003-Prevent-installation-of-an-all-zero-TK.patch replaced by commit 53bb18cc8 004-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch replaced by commit 0adc9b28b 005-TDLS-Reject-TPK-TK-reconfiguration.patch replaced by commit ff89af96e 006-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch replaced by commit adae51f8b 007-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch replaced by commit 2a9c5217b 008-WPA-Extra-defense-against-PTK-reinstalls-in-4-way-ha.patch replaced by commit a00e946c1 009-Clear-PMK-length-and-check-for-this-when-deriving-PT.patch replaced by commit b488a1294 010-Optional-AP-side-workaround-for-key-reinstallation-a.patch replaced by commit 6f234c1e2 011-Additional-consistentcy-checks-for-PTK-component-len.patch replaced by commit a6ea66530 012-Clear-BSSID-information-in-supplicant-state-machine-.patch replaced by commit c0fe5f125 013-WNM-Ignore-WNM-Sleep-Mode-Request-in-wnm_sleep_mode-.patch replaced by commit 114f2830d Some patches had to be modified to work with changed upstream source: 380-disable_ctrl_iface_mib.patch (adding more ifdef'ery) plus some minor knits needed for other patches to apply which are not worth being explicitely listed here. For SAE key management in mesh mode, use the newly introduce sae_password parameter instead of the psk parameter to also support SAE keys which would fail the checks applied on the psk field (ie. length and such). This fixes compatibility issues for users migrating from authsae. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* hostapd: bump PKG_RELEASE after 802.11w changesJo-Philipp Wich2018-01-071-1/+1
| | | | | Fixes: 8a57531855 "hostapd: set group_mgmt_cipher when ieee80211w is enabled" Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* hostapd: backport fix for wnm_sleep_mode=0Timo Sigurdsson2017-12-071-1/+1
| | | | | | | | | | | | | wpa_disable_eapol_key_retries can't prevent attacks against the Wireless Network Management (WNM) Sleep Mode handshake. Currently, hostapd processes WNM Sleep Mode requests from clients regardless of the setting wnm_sleep_mode. Backport Jouni Malinen's upstream patch 114f2830 in order to ignore such requests by clients when wnm_sleep_mode is disabled (which is the default). Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de> [rewrite commit subject (<= 50 characters), bump PKG_RELEASE] Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* add PKG_CPE_ID ids to package and toolsAlexander Couzens2017-11-171-0/+1
| | | | | | | | | | | CPE ids helps to tracks CVE in packages. https://cpe.mitre.org/specification/ Thanks to swalker for CPE to package mapping and keep tracking CVEs. Acked-by: Jo-Philipp Wich <jo@mein.io> Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* Revert "wpa_supplicant: log to syslog instead of stdout"Jo-Philipp Wich2017-10-271-1/+1
| | | | | | | | | | | | | | This reverts commit e7373e489d8a215402d6b0c408a26188342c7c17. Support of "-s" depends on the CONFIG_DEBUG_SYSLOG compile time flag which is not enabled for all build variants. Revert the change for now until we can properly examine the size impact of CONFIG_DEBUG_SYSLOG. Fixes FS#1117. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* hostapd: bump PKG_RELEASEStijn Tintel2017-10-181-1/+1
| | | | | | | | | | The previous commit did not adjust PKG_RELEASE, therefore the hostapd/wpad/wpa_supplicant packages containing the AP-side workaround for KRACK do not appear as opkg update. Bump the PKG_RELEASE to signify upgrades to downstream users. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* hostapd: bump PKG_RELEASEStijn Tintel2017-10-171-1/+1
| | | | | | | | | The previous CVE bugfix commit did not adjust PKG_RELEASE, therefore the fixed hostapd/wpad/wpa_supplicant packages do not appear as opkg update. Bump the PKG_RELEASE to signify upgrades to downstream users. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* hostapd: escape double quoutes in wpad CFLAGSStijn Tintel2017-10-071-0/+1
| | | | | | | | | | | | | | | | | | A recent commit in hostapd added a build option to specify the default TLS ciphers. This build option is passed via CFLAGS. Due to the way CFLAGS are handled when building wpad, the compiler tries to recursively expand TLS_DEFAULT_CIPHERS, resulting in the following error: ../src/crypto/tls_openssl.c: In function 'tls_init': <command-line>:0:21: error: 'DEFAULT' undeclared (first use in this function) ../src/crypto/tls_openssl.c:1028:13: note: in expansion of macro 'TLS_DEFAULT_CIPHERS' ciphers = TLS_DEFAULT_CIPHERS; ^ Escape double quotes in the .cflags file to avoid this. Fixes: 2f78034c3ef ("hostapd: update to version 2017-08-24") Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* hostapd: update to version 2017-08-24Koen Vandeputte2017-10-071-4/+4
| | | | | | | | | | | | - Deleted upstreamed patches & parts - Refreshed all Compile tested: full-option package + tools (hostapd + wpa_supplicant) Run-tested: hostapd wpa2 hotspot & wpa_supplicant IBSS link Targets: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* treewide: fix shellscript syntax errors/typosLorenzo Santina2017-09-131-1/+1
| | | | | | | | | Fix multiple syntax errors in shelscripts (of packages only) These errors were causing many conditions to not working properly Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it> [increase PKG_RELEASE, drop command substitution from directip.sh] Signed-off-by: Mathias Kresin <dev@kresin.em>
* hostapd: add support for acs_chan_bias optionKevin Darbyshire-Bryant2017-06-241-1/+1
| | | | | | | | | | During auto channel selection we may wish to prefer certain channels over others. e.g. we can just squeeze 4 channels into europe so '1:0.8 5:0.8 9:0.8 13:0.8' does that. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* mac80211, hostapd: always explicitly set beacon intervalMatthias Schiffer2017-05-131-1/+1
| | | | | | | | | | | | | | | | One of the latest mac80211 updates added sanity checks, requiring the beacon intervals of all VIFs of the same radio to match. This often broke AP+11s setups, as these modes use different default intervals, at least in some configurations (observed on ath9k). Instead of relying on driver or hostapd defaults, change the scripts to always explicitly set the beacon interval, defaulting to 100. This also applies the beacon interval to 11s interfaces, which had been forgotten before. VIF-specific beacon_int setting is removed from hostapd.sh. Fixes FS#619. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* hostapd: mv netifd.sh hostapd.shDaniel Albers2017-02-151-1/+1
| | | | | | same name for the file on the host and target Signed-off-by: Daniel Albers <daniel.albers@public-files.de>
* Fix dependency for hostapdWilco Baan Hofman2017-01-261-1/+1
| | | | Signed-off-by: Wilco Baan Hofman <wilco@baanhofman.nl>
* hostapd: fix stray "out of range" shell errors in hostapd.shJo-Philipp Wich2017-01-231-1/+1
| | | | | | | | | | | | The hostapd_append_wpa_key_mgmt() procedure uses the possibly uninitialized $ieee80211r and $ieee80211w variables in a numerical comparisation, leading to stray "netifd: radio0 (0000): sh: out of range" errors in logread when WPA-PSK security is enabled. Ensure that those variables are substituted with a default value in order to avoid emitting this (harmless) shell error. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* hostapd: fix passing jobserver to hostapd/supplicant build processesFelix Fietkau2017-01-151-3/+3
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* treewide: clean up and unify PKG_VERSION for git based downloadsFelix Fietkau2016-12-221-7/+4
| | | | | | Also use default defintions for PKG_SOURCE_SUBDIR, PKG_SOURCE Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: update to version 2016-12-19Koen Vandeputte2016-12-201-3/+3
| | | | | | | | | | | | | | Update to latest upstream HEAD: - Refreshed all - Fixes 2 regressions: --> PeerKey: Fix STK 4-way handshake regression --> PeerKey: Fix EAPOL-Key processing Compile tested Full & Mini configs Run-tested Mini config Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* hostapd: Add ability to specify that that wireless driver supports 802.11acAlexis Green2016-12-201-1/+7
| | | | | Signed-off-by: Alexis Green <agreen@cococorp.com> Signed-off-by: Felix Fietkau <nbd@nbd.name> [make more generic]
* hostapd: update to version 2016-12-15Koen Vandeputte2016-12-201-3/+3
| | | | | | | | | | | | | Update to latest upstream HEAD: - Refreshed all - Delete patches and parts which made it upstream Compile tested Full & Mini configs Run-tested Mini config Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com> Signed-off-by: Felix Fietkau <nbd@nbd.name> [another update, remove broken patch]
* hostapd: remove never-used Package/<name>/DescriptionYousong Zhou2016-12-201-21/+1
| | | | | | | | The build system only accepts Package/<name>/description and since the typoed version virtually has the same content as the TITLE field, remove them altogether Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* treewide: clean up download hashesFelix Fietkau2016-12-161-1/+1
| | | | | | Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: fix PKG_CONFIG_DEPENDS for CONFIG_WPA_SUPPLICANT_*Matthias Schiffer2016-11-161-1/+1
| | | | | | These symbols don't affect wpa-supplicant only, but also wpad. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* hostapd: properly package wpa-supplicant-meshAlexis Green2016-10-311-1/+2
| | | | | | | | | Ensure that selecting the wpa-supplicant-mesh package actually packages the wpa_supplicant binary with SAE support and add missing dependency on OpenSSL. Signed-off-by: Alexis Green <alexis@cessp.it> [Jo-Philipp Wich: slightly reword commit message for clarity] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* source: Switch to xz for packages and tools where possibleDaniel Engberg2016-10-061-2/+2
| | | | | | | | | | | * Change git packages to xz * Update mirror checksums in packages where they are used * Change a few source tarballs to xz if available upstream * Remove unused lines in packages we're touching, requested by jow- and blogic * We're relying more on xz-utils so add official mirror as primary source, master site as secondary. * Add SHA256 checksums to multiple git tarball packages Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* hostapd: make -mesh and -p2p variants depend on the cfg80211 symbolFelix Fietkau2016-10-051-3/+3
| | | | | | Avoids build failures when the nl80211 driver is disabled Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: update to version 2016-09-05Felix Fietkau2016-09-081-2/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: remove unused hostapd-common-old packageFelix Fietkau2016-08-051-13/+0
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: remove hostap driverFelix Fietkau2016-07-311-2/+0
| | | | | | | It has been marked as broken for well over a month now and nobody has complained. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* packages: prefer http over git for git protocolHauke Mehrtens2016-06-221-1/+1
| | | | | | | | | In company networks everything except the http and https protocol is often causes problems, because the network administrators try to block everything else. To make it easier to use LEDE in company networks use the https/http protocol for git access when possible. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* hostapd: update to version 2016-06-15Felix Fietkau2016-06-151-2/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: Update to version 2016-05-05Michal Hrusecky2016-06-151-3/+3
| | | | | | Fixes CVE-2016-4476 and few possible memory leaks. Signed-off-by: Michal Hrusecky <Michal.Hrusecky@nic.cz>
* treewide: replace nbd@openwrt.org with nbd@nbd.nameFelix Fietkau2016-06-071-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: fix wpad-mesh and wpa-supplicant-mesh configuration issuesFelix Fietkau2016-01-281-10/+9
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48528
* hostapd: update to version 2016-01-15Felix Fietkau2016-01-281-2/+2
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48527
* hostapd: Use network_get_device instead of uci_get_stateFelix Fietkau2015-11-111-1/+1
| | | | | | | | This fixes the IAPP functionality. Signed-off-by: Petko Bordjukov <bordjukov@gmail.com> SVN-Revision: 47455
* mac80211/hostapd: rework 802.11w driver support selection, do not hardcode ↵Felix Fietkau2015-09-141-1/+1
| | | | | | | | drivers in hostapd makefile Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 46903
* hostapd: work around unconditional libopenssl build dependencyFelix Fietkau2015-09-111-1/+1
| | | | | | | | | | | As the OpenWrt build system only resolves build dependencies per directory, all hostapd variants were causing libopenssl to be downloaded and built, not only wpad-mesh. Fix this by applying the same workaround as in ustream-ssl. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> SVN-Revision: 46851
* hostapd: properly enable 802.11w supportFelix Fietkau2015-08-271-1/+1
| | | | | | | | | | | Add CONFIG_IEEE80211W variable to DRIVER_MAKEOPTS so that 802.11w support is properly compiled in full variant. This fixes #20179 Signed-off-by: Janusz Dziemidowicz <rraptorr@nails.eu.org> SVN-Revision: 46737
* hostapd: enable 802.11w only for the full variantsFelix Fietkau2015-05-061-1/+4
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45616
* hostapd: mark wpa-supplicant & wpad-mesh as broken on umlNicolas Thill2015-04-221-2/+2
| | | | | | Signed-off-by: Nicolas Thill <nico@openwrt.org> SVN-Revision: 45561
* hostapd: fix compile errors with nl80211 disabled (#19325)Felix Fietkau2015-03-271-0/+1
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45063
* hostapd: add dependency to hostapd-commonFelix Fietkau2015-03-261-3/+3
| | | | | | | | | 'hostapd-common' is needed by all of the variants for wifi to function correctly (a number of the target profiles simply select 'wpad-mini'). Signed-off-by: Nathan Hintz <nlhintz@hotmail.com> SVN-Revision: 45048
* hostapd: package wpad-mesh and wpa_supplicant-mesh variantsFelix Fietkau2015-03-261-8/+42
| | | | | | | | | | These new variants include support for mesh mode and SAE crypto. They always depend on openssl as EC operations are not provided by the internal crypto implementation. Signed-off-by: Daniel Golle <daniel@makrotopia.org> SVN-Revision: 45047
* hostapd: update hostapd to 2015-03-25Felix Fietkau2015-03-261-8/+2
| | | | | | | | | | madwifi was dropped upstream, can't find it anywhere in OpenWrt either, thus finally burrying madwifi. Signed-off-by: Daniel Golle <daniel@makrotopia.org> Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45045
* build: remove obsolete references to cris and avr32Felix Fietkau2015-03-241-1/+1
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 44965
* packages: some (e)glibc fixes after r44701Nicolas Thill2015-03-161-1/+1
| | | | | | Signed-off-by: Nicolas Thill <nico@openwrt.org> SVN-Revision: 44842
* hostapd: fix c&p typoJohn Crispin2015-02-171-1/+1
| | | | | | | | https://dev.openwrt.org/ticket/19010 Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 44484
* Support for building an hardened OpenWRTJohn Crispin2015-01-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Introduce configuration options to build an "hardened" OpenWRT. Options to enable Stack-Smashing Protection, FORTIFY_SOURCE and RELRO have been introduced. uClibc makefile now automatically detects if SSP support is necessary. hostapd makefile has been fixed to use "^" as sed separator since using a comma was problematic when using "-Wl,-z,now" and the like in TARGET_CFLAGS. Currently enabling SSP on user space depends on enabling SSP kernel side, this is due to the fact that TARGET_CFLAGS are used to build kernel modules (at least). Suggestions on how to avoid this are welcome. Using "select" instead of "depends on" doesn't seem to work with choice entries. Tested with a lantiq (WBMR) router, GCC 4.8, uClibc and a subset of the available packages. Needs to be tested with GCC 4.9 and the remaining packages. PIE not currently included. Signed-off-by: Alessandro Di Federico <ale+owrt@clearmind.me> SVN-Revision: 44005
* hostapd: fix build error on some variants with CONFIG_WPA_RFKILL_SUPPORT=y ↵Felix Fietkau2014-11-231-1/+3
| | | | | | | | (#17765) Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 43345
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-16 23:54:24 +0000