Whenever the first bss is removed, any pending scan still keeps a reference
to it. Cancel it in order to prevent use-after-free bugs.
Reported-by: Chad Monroe <chad.monroe@adtran.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
When lots of events are waiting to be received, the default buffer size
is not enough, and hostapd can run into "No buffer space available" on
recvmsg. This will cause the netdev state tracking to go out of sync.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Can also be used for a client mode interface that is able to connect on
multiple bands individually, while handling hostapd state for the correct
band.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
33fb6c738bc4 P2P2: Enable some testing parameters without CONFIG_TESTING_OPTIONS
56616c4183a6 P2P2: Update device name with USD device found
1d791939dcdf Cancel pending connect radio work when network is removed
8235e21d7fe3 P2P: Fix preferred frequency list size handling in p2p_check_pref_chan()
4bc754d9c727 Add QCA vendor interface to enable/disable TX power limit
d65f5705df98 Add QCA vendor attribute to disable A-MSDU address check validation
74881765b7fb nl80211: Use i802_bss in qca_set_allowed_ap_freqs() to use correct ifindex
ca8303135cbb P2P2: Set P2P mode to the driver on P2P GO device
063ae7af68dc ACS: Fix incorrect index calculation for primary channel
4aa3a58377c1 ACS: Validate all channels in a segment before selection
02c9d3376224 ACS: Extend support to exclude 6 GHz non-PSC in non-offloaded ACS
307365eb57bb tests: Add test for ACS exclude 6 GHz non-PSC
0721e4886316 Add QCA vendor attribute to configure EHT RTWT support
76b39db44c77 QCA vendor attribute to configure BTM MLD Recommendation For Multiple APs support
2faeffdeca22 AP MLD: Properly deinit sm of non-ML STA connected to ML AP
e4f4e5a872a5 AP MLD: Fix STA's flag wrongly updated in SME-in-driver cases
ec6cade42c0f Increase buffer size to handle long freq_list entries in config
0522585da7b0 Write freq_list as per-network item in wpa_supplicant.conf
5e527704b912 Use SCS reconfiguration logic under CONFIG_NO_ROBUST_AV
5d6214a724c1 PASN: Clear driver/firwmare ranging context if PASN Auth 1 fails
14dc782d50db DPP: Avoid generating DPP shared secret(z) for non-association links
40326b60b17a RSNO: Allow OWE to be configured in RSN overrides in AP processing
acadef1b04d5 hostapd_cli: Open a new hostapd connection on ping failure when using -a
ac0d9bd80ec5 Add QCA vendor attributes to configure global TX chain mask
f5b8ef6c966a Add QCA vendor attributes for MSDU TX statistics
6c11fcefe4fc hostapd: Prevent blocking sends on control interface monitor socket
0bbb8a66f64c AP MLD: Remove redundant outer loop in hostapd_notif_disassoc_mld()
52fb5ccd91f3 AP MLD: Avoid using mld_id to identify partners
7bb930d50b5f wpa_supplicant: Add option to disable 80+80 MHz opclass advertisement
9001059bd6ad tests: Make dbus_connect_oom more robust
663fb1940231 AP MLD: Fix hostapd_is_mld_ap() check
590f3bdb4c61 AP MLD: Rename hostapd_is_mld_ap() to hostapd_is_multiple_link_mld()
b13b69a235f7 Add VLANID in the AP-STA-CONNECTED events
c1e8b1c6462b SAE: Assign VLAN when using PMKSA caching
9bc29dcdfdee SAE: Default password binding through control interface
9de127c31c40 tests: More testing coverage for SAE with multiple passwords
5ce1d4180386 nl80211: Fix crash by cancelling scan timeout before a BSS is removed
ca266cc24d87 nl80211: Fix crash by setting the drv->ctx properly
Signed-off-by: Felix Fietkau <nbd@nbd.name>
MLO interface config is provided in a separate ubus call before
adding regular per-phy interfaces.
Preparation for full MLO support.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
As discussed in openwrt#17517, there are contents of hostapd's configuration file logged in syslog.
This includes critical information like `passphrase`. To circumvent this condition,
this commit logs only "inline" if config_fname is inline data.
Otherwise the upstream logic of hostapd applies.
Fixes: openwrt#14049
Signed-off-by: Christian Korber <ck@dev.tdt.de>
Link: https://github.com/openwrt/openwrt/pull/17718
Signed-off-by: Robert Marko <robimarko@gmail.com>
nl80211 events were propagated to the wrong interfaces
Fixes: 2ac791e87d ("hostapd: update to version 2025-06-27")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Manually refreshed:
140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch
601-ucode_support.patch
Fixed in upstream:
804-hostapd-revert-ACS-Validate-6-GHz-AP-criteria-before.patch [1]
Automatically rebased all other patches.
[1] https://w1.fi/cgit/hostap/commit/?id=0b60826a66885bffa2fd709ed5e48cd5fe241b6b
Signed-off-by: Agustin Lorenzo <agustin.lorenzo@thinco.es>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Fixes status information and scanning on extra BSS interfaces when operating
on multi-radio devices.
Reported-by: Chad Monroe <chad.monroe@adtran.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
When running ACS on multi-radio devices, ACS on one band can block another.
Increase the number of retries and prevent bouncing interfaces between AP
and STA mode during attempts.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
By OpenWrt's design, hostapd runs in a single global instance for all radios supported by the device, rather than one instance per radio like hostapd usually does.
Signed-off-by: Agustin Lorenzo <agustin.lorenzo@thinco.es>
Link: https://github.com/openwrt/openwrt/pull/18426
Signed-off-by: Robert Marko <robimarko@gmail.com>
Manually refreshed:
301-mesh-noscan.patch
601-ucode_support.patch
770-radius_server.patch
Automatically rebased all other patches.
Signed-off-by: Agustin Lorenzo <agustin.lorenzo@thinco.es>
Link: https://github.com/openwrt/openwrt/pull/18426
Signed-off-by: Robert Marko <robimarko@gmail.com>
Depending on the config / circumstances, the get_psk call can be called
multiple times from differnt places, which can lead to wrong sta->psk_idx
values. The correct call is the one that is also interested in the vlan_id,
so use the vlan_id pointer as indication of when to set sta->psk_idx.
Also fix off-by-one error for secondary PSKs
Fixes: b2a2c28617 ("hostapd: add support for authenticating with multiple PSKs via ubus helper")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Without this patch, we get the following error:
Mon Dec 23 11:35:44 2024 daemon.err hostapd: nl80211: kernel reports: integer out of range
As updating hostapd would be too complex and requires further testing,
we backport this simple upstream fix instead.
Fixes: https://github.com/openwrt/openwrt/issues/16680
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/17590
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This allows a radius server to send AVPs for client rate control inside the
accept message. Further add the ratelimits to the sta-authorized ubus
notification.
Signed-off-by: John Crispin <john@phrozen.org>
In file included from hostapd-wpad-basic-mbedtls/hostapd-2024.03.09~695277a5/src/ap/ubus.h:11,
from hostapd-wpad-basic-mbedtls/hostapd-2024.03.09~695277a5/src/ap/hostapd.h:21,
from main.c:26:
hostapd-2024.03.09~695277a5/src/ap/sta_info.h: In function 'ap_sta_is_mld':
hostapd-2024.03.09~695277a5/src/ap/sta_info.h:425:20: error: invalid use of undefined type 'struct hostapd_data'
425 | return hapd->conf->mld_ap && sta && sta->mld_info.mld_sta;
| ^~
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
Remove upstreamed from 2.11 release:
060-nl80211-fix-crash-when-adding-an-interface-fails.patch
Rebase all other patches
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16338
Signed-off-by: Robert Marko <robimarko@gmail.com>
Release 2.11 has been quite a few new features and fixes since the 2.10
release. The following ChangeLog entries highlight some of the main
changes:
* Wi-Fi Easy Connect
- add support for DPP release 3
- allow Configurator parameters to be provided during config exchange
* HE/IEEE 802.11ax/Wi-Fi 6
- various fixes
* EHT/IEEE 802.11be/Wi-Fi 7
- add preliminary support
* SAE: add support for fetching the password from a RADIUS server
* support OpenSSL 3.0 API changes
* support background radar detection and CAC with some additional
drivers
* support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3)
* EAP-SIM/AKA: support IMSI privacy
* improve 4-way handshake operations
- use Secure=1 in message 3 during PTK rekeying
...and many more
Remove upstreamed patches:
023-ndisc_snoop-call-dl_list_del-before-freeing-ipv6-add.patch
030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch
040-mesh-allow-processing-authentication-frames-in-block.patch
181-driver_nl80211-update-drv-ifindex-on-removing-the-fi.patch
182-nl80211-move-nl80211_put_freq_params-call-outside-of.patch
183-hostapd-cancel-channel_list_update_timeout-in-hostap.patch
210-build-de-duplicate-_DIRS-before-calling-mkdir.patch
253-qos_map_set_without_interworking.patch
751-qos_map_ignore_when_unsupported.patch
800-SAE-Check-for-invalid-Rejected-Groups-element-length.patch
801-SAE-Check-for-invalid-Rejected-Groups-element-length.patch
802-SAE-Reject-invalid-Rejected-Groups-element-in-the-pa.patch
Other patches has been updated.
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16338
Signed-off-by: Robert Marko <robimarko@gmail.com>
Include hotfix suggested by Sebastian Gottschall to fix bug introduced
with APuP patchset
Signed-off-by: Gioacchino Mazzurco <gio@polymathes.cc>
Link: 0c3001a69e
Link: https://github.com/openwrt/openwrt/pull/16298
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This patch backports fixes for a security vulnerability impacting the
hostapd implementation of SAE H2E.
As upgrading hostapd would require more testing, the second mitigation
step which involves backporting several patches was adopted as outlined
in the official advisory[1].
An explanation of the impact of the vulnerability is provided from the
advisory[1]:
This vulnerability allows the attacker to downgrade the negotiated group
to another enabled group if both the AP and STA have enabled SAE H2E and
multiple groups. It should be noted that the H2E option is not enabled
by default and the attack is not applicable to the default option, i.e.,
hunting-and-pecking, since it does not have any downgrade protection for
group negotiation. In addition, the default configuration for enabled
SAE groups in hostapd is to enable only a single group, so the
vulnerability is not applicable unless hostapd has been explicitly
configured to enable more groups for SAE.
[1]: https://w1.fi/security/2024-2/sae-h2h-and-incomplete-downgrade-protection-for-group-negotiation.txt
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/16042
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Don't ignore probe requests which contain an invalid DS parameter for the
current operating channel.
As the comment outlines, the drop shall only apply if
dot11RadioMeasurementActivated is set to 1.
However, it was observed Linux clients (Debian 12 / NixOS 23.11)
with an Intel 8265 NIC may generate a probe request frame with
dot11RadioMeasurementActivated set to false and an invalid DSSS
parameter.
These were also dropped even though they should not have been. They
however should not have contained this parameter in the first place.
Don't drop Probe Requests which contain such an invalid field. This may
lead to more probe responses being sent, however it does fix very
frequent connection issues for these clients on 2.4 GHz.
Signed-off-by: David Bauer <mail@david-bauer.net>
- move build/ifdef related changes together to the 200 patch range
- reduce adding/removing include statements across patches
- move patches away from the 99x patch range to simplify maintenance
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This adds From:, Date: and Subject: to patches, allowing one to run 'git
am' to import the patches to a hostapd git repository.
From: and Date: fields were taken from the OpenWrt commit where the
patches were first introduced.
Most of the Subject: also followed suit, except for:
- 300-noscan.patch: Took the description from the LuCI web interface
- 350-nl80211_del_beacon_bss.patch: Used the file name
The order of the files in the patch was changed to match what git
format-patch does.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Patch 050-build_fix.patch fixes the abscence of sha384-kdf.o from the
list of needed objetct files when FILS is selected without any other
option that will select the .o file.
While it is a bug waiting to be fixes upstream, it is not needed for
OpenWrt use case, because OWE already selects sha384-kdf.o, and FILS is
selected along with OWE.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This brings many changes, including fixes for a couple of memory leaks,
and improved interoperability with 802.11r. There are also many changes
related to 802.11be, which is not enabled at this time.
Fixed upstream:
- 022-hostapd-fix-use-of-uninitialized-stack-variables.patch
- 180-driver_nl80211-fix-setting-QoS-map-on-secondary-BSSs.patch
- 993-2023-10-28-ACS-Fix-typo-in-bw_40-frequency-array.patch
Switch PKG_SOURCE_URL to https, since http is not currently working.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Tested-by: Ilya Katsnelson <me@0upti.me>
Tested by: Andrew Sim <andrewsimz@gmail.com>
Currently, both CI and local builds of wpa-supplicant will fail with:
/bin/sh: Argument list too long
Its happening as the argument list for mkdir in build.rules is too large
and over the MAX_ARG_STRLEN limit.
It seems that recent introduction of APK compatible version schema has
increased the argument size and thus pushed it over the limit uncovering
the issue.
Fixes: e8725a932e ("treewide: use APK compatible version schema")
Signed-off-by: Robert Marko <robimarko@gmail.com>
[Upstream Backport]
The range for the 5 GHz channel 118 was encoded with an incorrect
channel number.
Fixes: ed8e13decc71 (ACS: Extract bw40/80/160 freqs out of acs_usable_bwXXX_chan())
Signed-off-by: Michael Lee <michael-cy.lee@mediatek.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
This is not activated by default and must be explicitly enabled via ubus
It supports reporting log messages and netlink packets
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Currently for 802.1s only, for wifi 2.4GHz in g/n mode, 40MHz is never
permitted.
This is probably due to the complexity of setting periodic check for the
intolerant bit. When noscan option is set, we ignore the presence of the
intoleran bit in near AP, so we can enable 40MHz and ignore any complex
logic for checking.
Fixes: #13112
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
