aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/services/hostapd
Commit message (Collapse)AuthorAgeFilesLines
* hostapd: remove useless TLS provider selection override for ↵Felix Fietkau2016-01-281-2/+1
| | | | | | | | wpad-mesh/wpa_supplicant-mesh Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@48537 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: fix mesh interface bridge handlingFelix Fietkau2016-01-285-10/+22
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@48529 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: fix wpad-mesh and wpa-supplicant-mesh configuration issuesFelix Fietkau2016-01-282-417/+9
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@48528 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: update to version 2016-01-15Felix Fietkau2016-01-2842-945/+243
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@48527 3c298f89-4303-0410-b956-a3cf2f4a3e73
* wpa_supplicant: add support for EAP-TLS phase2Felix Fietkau2016-01-191-2/+12
| | | | | | | | | Introduce config options client_cert2, priv_key2 and priv_key2_pwd used for EAP-TLS phase2 authentication in WPA-EAP client mode. Signed-off-by: Daniel Golle <daniel@makrotopia.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@48345 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostap/wpa_supplicant: enable EAP-FAST in -full buildsFelix Fietkau2016-01-192-0/+6
| | | | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@48344 3c298f89-4303-0410-b956-a3cf2f4a3e73
* wpa_supplicant: improve generating phase2 config line for WPA-EAPFelix Fietkau2016-01-181-2/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | WPA-EAP supports several phase2 (=inner) authentication methods when using EAP-TTLS, EAP-PEAP or EAP-FAST (the latter is added as a first step towards the UCI model supporting EAP-FAST by this commit) The value of the auth config variable was previously expected to be directly parseable as the content of the 'phase2' option of wpa_supplicant. This exposed wpa_supplicant's internals, leaving it to view-level to set the value properly. Unfortunately, this is currently not the case, as LuCI currently allows values like 'PAP', 'CHAP', 'MSCHAPV2'. Users thus probably diverged and set auth to values like 'auth=MSCHAPV2' as a work-around. This behaviour isn't explicitely documented anywhere and is not quite intuitive... The phase2-string is now generated according to $eap_type and $auth, following the scheme also found in hostap's test-cases: http://w1.fi/cgit/hostap/tree/tests/hwsim/test_ap_eap.py The old behaviour is also still supported for the sake of not breaking existing, working configurations. Examples: eap_type auth 'ttls' 'EAP-MSCHAPV2' -> phase2="autheap=MSCHAPV2" 'ttls' 'MSCHAPV2' -> phase2="auth=MSCHAPV2" 'peap' 'EAP-GTC' -> phase2="auth=GTC" Deprecated syntax supported for compatibility: 'ttls' 'autheap=MSCHAPV2' -> phase2="autheap=MSCHAPV2" I will suggest a patch to LuCI adding EAP-MSCHAPV2, EAP-GTC, ... to the list of Authentication methods available. Signed-off-by: Daniel Golle <daniel@makrotopia.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@48309 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: fix disassociation with FullMAC drivers and multi-BSSRafał Miłecki2016-01-111-0/+67
| | | | | | Signed-off-by: Rafał Miłecki <zajec5@gmail.com> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@48202 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: fix post v2.4 security issuesFelix Fietkau2016-01-1011-0/+554
| | | | | | | | | | | | | | | | | | | | | | | - WPS: Fix HTTP chunked transfer encoding parser (CVE-2015-4141) - EAP-pwd peer: Fix payload length validation for Commit and Confirm (CVE-2015-4143) - EAP-pwd server: Fix payload length validation for Commit and Confirm (CVE-2015-4143) - EAP-pwd peer: Fix Total-Length parsing for fragment reassembly (CVE-2015-4144, CVE-2015-4145) - EAP-pwd server: Fix Total-Length parsing for fragment reassembly (CVE-2015-4144, CVE-2015-4145) - EAP-pwd peer: Fix asymmetric fragmentation behavior (CVE-2015-4146) - NFC: Fix payload length validation in NDEF record parser (CVE-2015-8041) - WNM: Ignore Key Data in WNM Sleep Mode Response frame if no PMF in use (CVE-2015-5310) - EAP-pwd peer: Fix last fragment length validation (CVE-2015-5315) - EAP-pwd server: Fix last fragment length validation (CVE-2015-5314) - EAP-pwd peer: Fix error path for unexpected Confirm message (CVE-2015-5316) Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@48185 3c298f89-4303-0410-b956-a3cf2f4a3e73
* wpa_supplicant: set regulatory domain the same way as hostapdFelix Fietkau2016-01-031-0/+6
| | | | | | | | | | | | | In sta-only configuration, wpa_supplicant needs correct regulatory domain because otherwise it may skip channel of its AP during scan. Another alternative is to fix "iw reg set" in mac80211 netifd script. Currently it fails if some phy has private regulatory domain which matches configured one. Signed-off-by: Dmitry Ivanov <dima@ubnt.com> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@48099 3c298f89-4303-0410-b956-a3cf2f4a3e73
* wpa-supplicant: Get 802.11s ssid information from option mesh_idJohn Crispin2015-11-241-0/+3
| | | | | | | | | | | | The scripts for authsae and iw use the option mesh_id to get set the "meshid" during a mesh join. But the script for wpad-mesh ignores the option mesh_id and instead uses the option ssid. Unify the mesh configuration and let the wpa_supplicant script also use the mesh_id from the configuration. Signed-off-by: Sven Eckelmann <sven@open-mesh.com> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@47615 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: Use network_get_device instead of uci_get_stateFelix Fietkau2015-11-113-5/+13
| | | | | | | | This fixes the IAPP functionality. Signed-off-by: Petko Bordjukov <bordjukov@gmail.com> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@47455 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: add default value to eapol_version (#20641)Felix Fietkau2015-11-021-0/+1
| | | | | | | | | | | | | | r46861 introduced a new option eapol_version to hostapd, but did not provide a default value. When the option value is evaluated, the non-existing value causes errors to the systen log: "netifd: radio0: sh: out of range" Add a no-op default value 0 for eapol_version. Only values 1 or 2 are actually passed on, so 0 will not change the default action in hostapd. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@47361 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: wait longer for inactive client probe (empty data frame)Felix Fietkau2015-10-061-0/+11
| | | | | | | | | | | One second is not enough for some devices to ackowledge null data frame which is sent at the end of ap_max_inactivity interval. In particular, this causes severe Wi-Fi instability with Apple iPhone which may take up to 3 seconds to respond. Signed-off-by: Dmitry Ivanov <dima@ubnt.com> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@47149 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: check for banned client on association eventRafał Miłecki2015-09-281-0/+26
| | | | | | | | | | | When using FullMAC drivers (e.g. brcmfmac) we don't get mgmt frames so check for banned client in probe request handler won't ever be used. Since cfg80211 provides us info about STA associating let's put a check there. Signed-off-by: Rafał Miłecki <zajec5@gmail.com> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@47064 3c298f89-4303-0410-b956-a3cf2f4a3e73
* mac80211/hostapd: rework 802.11w driver support selection, do not hardcode ↵Felix Fietkau2015-09-142-1/+5
| | | | | | | | drivers in hostapd makefile Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@46903 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: Add eapol_version config optionFelix Fietkau2015-09-111-1/+6
| | | | | | | | | | | | | Add eapol_version to the openwrt wireless config ssid section. Only eapol_version=1 and 2 will get passed to hostapd, the default in hostapd is 2. This is only useful for really old client devices that don't accept eapol_version=2. Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@46861 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: work around unconditional libopenssl build dependencyFelix Fietkau2015-09-111-1/+1
| | | | | | | | | | | As the OpenWrt build system only resolves build dependencies per directory, all hostapd variants were causing libopenssl to be downloaded and built, not only wpad-mesh. Fix this by applying the same workaround as in ustream-ssl. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@46851 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: properly enable 802.11w supportFelix Fietkau2015-08-271-1/+1
| | | | | | | | | | | Add CONFIG_IEEE80211W variable to DRIVER_MAKEOPTS so that 802.11w support is properly compiled in full variant. This fixes #20179 Signed-off-by: Janusz Dziemidowicz <rraptorr@nails.eu.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@46737 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: Add vlan_file option to netifd.shJohn Crispin2015-08-171-1/+6
| | | | | | | | | | | | | Other VLAN related options are already being processed in netifd.sh but the vlan_file option is missing. This option allows the mapping of vlan IDs to network interfaces and will be used in dynamic VLAN feature for binding stations to interfaces based on VLAN assignments. The change is done similarly to the wpa_psk_file option. Signed-off-by: Gong Cheng <chengg11@yahoo.com> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@46652 3c298f89-4303-0410-b956-a3cf2f4a3e73
* buttons: make all button handler scripts return 0John Crispin2015-07-241-0/+2
| | | | | | | | this is required by the new button timeout feature Signed-off-by: John Crispin <blogic@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@46471 3c298f89-4303-0410-b956-a3cf2f4a3e73
* wpa-supplicant: add 802.11r client supportFelix Fietkau2015-07-152-2/+7
| | | | | | | | | | | | Add 802.11r client support to wpa_supplicant. It's only enabled in wpa_supplicant-full. hostapd gained 802.11r support in commit r45051. Tested on a TP-Link TL-WR710N sta psk client with two 802.11r enabled openwrt accesspoints (TP-Link TL-WDR3600). Signed-off-by: Stefan Hellermann <stefan@the2masters.de> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@46377 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: move ht_coex variable to mac80211.sh, guarded by 802.11n supportFelix Fietkau2015-06-061-4/+2
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45917 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: add a new option to control HT coexistance separate from noscanFelix Fietkau2015-06-022-6/+11
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45873 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: fix remote denial of service vulnerability in WMM action frame parsingFelix Fietkau2015-05-061-0/+36
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45619 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: enable 802.11w only for the full variantsFelix Fietkau2015-05-061-1/+4
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45616 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: backport fix for CVE-2015-1863, refresh patchesFelix Fietkau2015-04-235-5/+42
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45567 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: mark wpa-supplicant & wpad-mesh as broken on umlNicolas Thill2015-04-221-2/+2
| | | | | | Signed-off-by: Nicolas Thill <nico@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45561 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd/netifd: encrypted mesh with wpa_supplicantFelix Fietkau2015-04-201-18/+29
| | | | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45519 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: Fix wps button hotplug script to handle multiple radiosJohn Crispin2015-04-181-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hostapd's control file location was changed in 2013, and that has apparently broken the wps button hotplug script in cases where there are multiple radios and wps is possibly configured also for the second radio. The current wps button hotplug script always handles only the first radio. https://dev.openwrt.org/browser/trunk/package/network/services/hostapd/files/wps-hotplug.sh The reason is that the button hotplug script seeks directories like /var/run/hostapd*, as the hostapd-phy0.conf files were earlier in per-interface subdirectories. Currently the *.conf files are directly in /var/run and the control sockets are in /var/run/hostapd, but there is no subdirectory for each radio. root@OpenWrt:/# ls /var/run/hostapd* /var/run/hostapd-phy0.conf /var/run/hostapd-phy1.conf /var/run/hostapd: wlan0 wlan1 The hotplug script was attempted to be fixed after the hostapd change by r38986 in Dec2013, but that change only unbroke the script for the first radio, but left it broken for multiple radios. https://dev.openwrt.org/changeset/38986/ The script fails to find subdirectories with [ -d "$dir" ], and passes just the only found directory /var/run/hostapd, leading into activating only the first radio, as hostapd_cli defaults to first socket found inthe passed directory: root@OpenWrt:/# hostapd_cli -? ... usage: hostapd_cli [-p<path>] [-i<ifname>] [-hvB] [-a<path>] \ [-G<ping interval>] [command..] ... -p<path> path to find control sockets (default: /var/run/hostapd) ... -i<ifname> Interface to listen on (default: first interface found in the socket path) Below is a run with the default script and with my proposed solution. Default script (with logging added): ================================== root@OpenWrt:/# cat /etc/rc.button/wps #!/bin/sh if [ "$ACTION" = "pressed" -a "$BUTTON" = "wps" ]; then for dir in /var/run/hostapd*; do [ -d "$dir" ] || continue logger "WPS activated for: $dir" hostapd_cli -p "$dir" wps_pbc done fi >>>> WPS BUTTON PRESSED <<<<< root@OpenWrt:/# hostapd_cli -p /var/run/hostapd -i wlan0 wps_get_status PBC Status: Active Last WPS result: None root@OpenWrt:/# hostapd_cli -p /var/run/hostapd -i wlan1 wps_get_status PBC Status: Timed-out Last WPS result: None root@OpenWrt:/# logread | grep WPS Tue Apr 14 18:38:50 2015 user.notice root: WPS activated for: /var/run/hostapd wlan0 got WPS activated, while wlan1 remained inactive. I have modified the script to search for sockets instead of directories and to use the "-i" option with hostapd_cli, and now the script properly activates wps for both radios. As "-i" needs the interface name instead of the full path, the script first changes dir to /var/run/hostapd to get simply the interface names. Modified script (with logging): =============================== root@OpenWrt:/# cat /etc/rc.button/wps #!/bin/sh if [ "$ACTION" = "pressed" -a "$BUTTON" = "wps" ]; then cd /var/run/hostapd for dir in *; do [ -S "$socket" ] || continue logger "WPS activated for: $socket" hostapd_cli -i "$socket" wps_pbc done fi >>>> WPS BUTTON PRESSED <<<<< root@OpenWrt:/# hostapd_cli -p /var/run/hostapd -i wlan0 wps_get_status PBC Status: Active Last WPS result: None root@OpenWrt:/# hostapd_cli -p /var/run/hostapd -i wlan1 wps_get_status PBC Status: Active Last WPS result: None root@OpenWrt:/# logread | grep WPS Tue Apr 14 18:53:06 2015 user.notice root: WPS activated for: wlan0 Tue Apr 14 18:53:06 2015 user.notice root: WPS activated for: wlan1 Both radios got their WPS activated properly. I am not sure if my solution is optimal, but it seems to work. WPS button is maybe not that often used functionality, but it might be fixed in any case. Routers with multiple radios are common now, so the bug is maybe more prominent than earlier. The modified script has been in a slightly different format in my community build since r42420 in September 2014. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45492 3c298f89-4303-0410-b956-a3cf2f4a3e73
* netifd: fix ieee80211r 'sh: bad number' in mac80211 setup (bug #19345)Felix Fietkau2015-04-111-0/+1
| | | | | | | | | | | | | | | | | | | Two errors "netifd: radio0: sh: bad number" have recently surfaced in system log in trunk when wifi interfaces come up. I tracked the errors to checking numerical values of some config options without ensuring that the option has any value. The errors I see have apparently been introduced by r45051 (ieee80211r in hostapd) and r45326 (start_disabled in mac80211). My patches fix two instances of "bad number", but there may be a third one, as the original report in bug 19345 pre-dates r45326 and already has two "bad number" errors for radio0. https://dev.openwrt.org/ticket/19345 Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45380 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: remove unused asprintf parameterJohn Crispin2015-04-101-1/+1
| | | | | | | | | | r45270 removed ieee80211n=%d from the format string but didn't remove the parameter itself. Though this probably doesn't cause any harm, it's quite confusing and unneeded. Signed-off-by: Daniel Golle <daniel@makrotopia.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45351 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: add update_beacon to ubus bindingJohn Crispin2015-04-091-3/+20
| | | | | | Signed-off-by: John Crispin <blogic@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45325 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: when running AP+STA, preserve the AP 802.11n-enabled settingFelix Fietkau2015-04-041-1/+1
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45270 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: fix compile errors with nl80211 disabled (#19325)Felix Fietkau2015-03-274-5/+6
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45063 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: fix a compiler warning in ap+station patchFelix Fietkau2015-03-271-2/+2
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45062 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: disable the bridge packet receive workaround, it is unnecessary on ↵Felix Fietkau2015-03-271-0/+12
| | | | | | | | openwrt and could potentially harm performance Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45060 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: add 802.11r supportFelix Fietkau2015-03-262-1/+65
| | | | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45051 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: allow multiple key management algorithmsFelix Fietkau2015-03-262-4/+8
| | | | | | | | | To enable 802.11r, wpa_key_mgmt should contain FT-EAP or FT-PSK. Allow multiple key management algorithms to make this possible. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45050 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: append nasid to config for all WPA typesFelix Fietkau2015-03-262-4/+12
| | | | | | | | | | The 802.11r implementation in hostapd uses nas_identifier as PMK-R0 Key Holder identifier. As 802.11r can also be used with WPA Personal, nasid should be appended to the hostapd config for all WPA types. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45049 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: add dependency to hostapd-commonFelix Fietkau2015-03-261-3/+3
| | | | | | | | | 'hostapd-common' is needed by all of the variants for wifi to function correctly (a number of the target profiles simply select 'wpad-mini'). Signed-off-by: Nathan Hintz <nlhintz@hotmail.com> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45048 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: package wpad-mesh and wpa_supplicant-mesh variantsFelix Fietkau2015-03-263-11/+453
| | | | | | | | | | These new variants include support for mesh mode and SAE crypto. They always depend on openssl as EC operations are not provided by the internal crypto implementation. Signed-off-by: Daniel Golle <daniel@makrotopia.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45047 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: add switch_chan and set_vendor_elements ubus methodsFelix Fietkau2015-03-261-1/+83
| | | | | | | Signed-off-by: Zefir Kurtisi <zefir.kurtisi@neratec.com> Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45046 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: update hostapd to 2015-03-25Felix Fietkau2015-03-2640-3457/+244
| | | | | | | | | | madwifi was dropped upstream, can't find it anywhere in OpenWrt either, thus finally burrying madwifi. Signed-off-by: Daniel Golle <daniel@makrotopia.org> Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@45045 3c298f89-4303-0410-b956-a3cf2f4a3e73
* build: remove obsolete references to cris and avr32Felix Fietkau2015-03-241-1/+1
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@44965 3c298f89-4303-0410-b956-a3cf2f4a3e73
* packages: some (e)glibc fixes after r44701Nicolas Thill2015-03-161-1/+1
| | | | | | Signed-off-by: Nicolas Thill <nico@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@44842 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: fix c&p typoJohn Crispin2015-02-171-1/+1
| | | | | | | | https://dev.openwrt.org/ticket/19010 Signed-off-by: John Crispin <blogic@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@44484 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: backport BSSID black/whitelistsJohn Crispin2015-02-133-0/+687
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change adds the configuration options "bssid_whitelist" and "bssid_blacklist" used to limit the AP selection of a network to a specified (finite) set or discard certain APs. This can be useful for environments where multiple networks operate using the same SSID and roaming between those is not desired. It is also useful to ignore a faulty or otherwise unwanted AP. In many applications it is useful not just to enumerate a group of well known access points, but to use a address/mask notation to match an entire set of addresses (ca:ff:ee:00:00:00/ff:ff:ff:00:00:00). This is especially useful if an OpenWrt device with two radios is used to retransmit the same network (one in AP mode for other clients, one as STA for the uplink); the following configuration prevents the device from associating with itself, given that the own AP to be avoided is using the bssid 'C0:FF:EE:D0:0D:42': config wifi-iface option device 'radio2' option network 'uplink' option mode 'sta' option ssid 'MyNetwork' option encryption 'none' list bssid_blacklist 'C0:FF:EE:D0:0D:42/00:FF:FF:FF:FF:FF' This change consists of the following cherry-picked upstream commits: b3d6a0a8259002448a29f14855d58fe0a624ab76 b83e455451a875ba233b3b8ac29aff8b62f064f2 79cd993a623e101952b81fa6a29c674cd858504f (squashed to implement bssid_{white,black}lists) 0047306bc9ab7d46e8cc22ff9a3e876c47626473 (Add os_snprintf_error() helper) Signed-off-by: Stefan Tomanek <stefan.tomanek+openwrt@wertarbyte.de> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@44438 3c298f89-4303-0410-b956-a3cf2f4a3e73
* mac80211/hostapd: fix HT mode setup for RSN ad-hoc networksFelix Fietkau2015-01-241-1/+2
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@44100 3c298f89-4303-0410-b956-a3cf2f4a3e73
* Support for building an hardened OpenWRTJohn Crispin2015-01-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Introduce configuration options to build an "hardened" OpenWRT. Options to enable Stack-Smashing Protection, FORTIFY_SOURCE and RELRO have been introduced. uClibc makefile now automatically detects if SSP support is necessary. hostapd makefile has been fixed to use "^" as sed separator since using a comma was problematic when using "-Wl,-z,now" and the like in TARGET_CFLAGS. Currently enabling SSP on user space depends on enabling SSP kernel side, this is due to the fact that TARGET_CFLAGS are used to build kernel modules (at least). Suggestions on how to avoid this are welcome. Using "select" instead of "depends on" doesn't seem to work with choice entries. Tested with a lantiq (WBMR) router, GCC 4.8, uClibc and a subset of the available packages. Needs to be tested with GCC 4.9 and the remaining packages. PIE not currently included. Signed-off-by: Alessandro Di Federico <ale+owrt@clearmind.me> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@44005 3c298f89-4303-0410-b956-a3cf2f4a3e73