Removing the last remaining link from an MLD AP interface removes the
interface as well. Re-create the interface if necessary on config changes.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Can also be used for a client mode interface that is able to connect on
multiple bands individually, while handling hostapd state for the correct
band.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2859741d971e dhcpv4: store reqopts as uint8_t
6d342cc03bf7 odhcpd: add DNR (RFC 9463) support
c89b8b3f2ff3 odhcpd: make the IPv6 RA DNR lifetime configurable
066b3dc6ec1a netlink: fix a memory leak
171140e90b6a odhcpd: add a helper function for addr6/prefix parsing
5585b969c18f router: move pref64 calculations to the config stage
4308384748be dhcpv6: add ipv6 pxe support
6e1ad492cef5 router: replace ssize_t with size_t
Signed-off-by: David Härdeman <david@hardeman.nu>
Link: https://github.com/openwrt/openwrt/pull/20022
Signed-off-by: Robert Marko <robimarko@gmail.com>
7a86ef53075a fix running bridger with stderr debug output
f6afcb04f2ef nl: add missing dump flag for RTM_GETTFILTER
Signed-off-by: Felix Fietkau <nbd@nbd.name>
33fb6c738bc4 P2P2: Enable some testing parameters without CONFIG_TESTING_OPTIONS
56616c4183a6 P2P2: Update device name with USD device found
1d791939dcdf Cancel pending connect radio work when network is removed
8235e21d7fe3 P2P: Fix preferred frequency list size handling in p2p_check_pref_chan()
4bc754d9c727 Add QCA vendor interface to enable/disable TX power limit
d65f5705df98 Add QCA vendor attribute to disable A-MSDU address check validation
74881765b7fb nl80211: Use i802_bss in qca_set_allowed_ap_freqs() to use correct ifindex
ca8303135cbb P2P2: Set P2P mode to the driver on P2P GO device
063ae7af68dc ACS: Fix incorrect index calculation for primary channel
4aa3a58377c1 ACS: Validate all channels in a segment before selection
02c9d3376224 ACS: Extend support to exclude 6 GHz non-PSC in non-offloaded ACS
307365eb57bb tests: Add test for ACS exclude 6 GHz non-PSC
0721e4886316 Add QCA vendor attribute to configure EHT RTWT support
76b39db44c77 QCA vendor attribute to configure BTM MLD Recommendation For Multiple APs support
2faeffdeca22 AP MLD: Properly deinit sm of non-ML STA connected to ML AP
e4f4e5a872a5 AP MLD: Fix STA's flag wrongly updated in SME-in-driver cases
ec6cade42c0f Increase buffer size to handle long freq_list entries in config
0522585da7b0 Write freq_list as per-network item in wpa_supplicant.conf
5e527704b912 Use SCS reconfiguration logic under CONFIG_NO_ROBUST_AV
5d6214a724c1 PASN: Clear driver/firwmare ranging context if PASN Auth 1 fails
14dc782d50db DPP: Avoid generating DPP shared secret(z) for non-association links
40326b60b17a RSNO: Allow OWE to be configured in RSN overrides in AP processing
acadef1b04d5 hostapd_cli: Open a new hostapd connection on ping failure when using -a
ac0d9bd80ec5 Add QCA vendor attributes to configure global TX chain mask
f5b8ef6c966a Add QCA vendor attributes for MSDU TX statistics
6c11fcefe4fc hostapd: Prevent blocking sends on control interface monitor socket
0bbb8a66f64c AP MLD: Remove redundant outer loop in hostapd_notif_disassoc_mld()
52fb5ccd91f3 AP MLD: Avoid using mld_id to identify partners
7bb930d50b5f wpa_supplicant: Add option to disable 80+80 MHz opclass advertisement
9001059bd6ad tests: Make dbus_connect_oom more robust
663fb1940231 AP MLD: Fix hostapd_is_mld_ap() check
590f3bdb4c61 AP MLD: Rename hostapd_is_mld_ap() to hostapd_is_multiple_link_mld()
b13b69a235f7 Add VLANID in the AP-STA-CONNECTED events
c1e8b1c6462b SAE: Assign VLAN when using PMKSA caching
9bc29dcdfdee SAE: Default password binding through control interface
9de127c31c40 tests: More testing coverage for SAE with multiple passwords
5ce1d4180386 nl80211: Fix crash by cancelling scan timeout before a BSS is removed
ca266cc24d87 nl80211: Fix crash by setting the drv->ctx properly
Signed-off-by: Felix Fietkau <nbd@nbd.name>
resolves FTBFS where internal option DROPBEAR_SHA512 wasn't enabled by any of options
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/19715
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Execute scripts in /etc/rc.wps until one of them returns a exit code of 0.
Split up sta and ap handling of wps into separate scripts.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
While this is discouraged to disable this option, both upstream and OpenWrt allows one to do it.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/19611
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The RETSIGTYPE macro was historically used for signal handler return types,
defaulting to int on some legacy systems. This is no longer needed,
so we now use void as the return type.
Fixes a compiler error:
error: assignment to 'void (*)(int)' from incompatible pointer type 'int (*)()' [-Wincompatible-pointer-types]
Link: https://github.com/openwrt/openwrt/pull/19681
Signed-off-by: Nick Hainke <vincent@systemli.org>
Fixes a crash on some config reload types
Fixes: 816c2d86e7 ("hostapd: add support for MLO interfaces in ucode")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
MLO interface config is provided in a separate ubus call before
adding regular per-phy interfaces.
Preparation for full MLO support.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
As discussed in openwrt#17517, there are contents of hostapd's configuration file logged in syslog.
This includes critical information like `passphrase`. To circumvent this condition,
this commit logs only "inline" if config_fname is inline data.
Otherwise the upstream logic of hostapd applies.
Fixes: openwrt#14049
Signed-off-by: Christian Korber <ck@dev.tdt.de>
Link: https://github.com/openwrt/openwrt/pull/17718
Signed-off-by: Robert Marko <robimarko@gmail.com>
glibc 2.39 has removed libcrypt completely.
solution: link against libxcrypt built with glibc compatibility.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/19293
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
glibc 2.39 has removed libcrypt completely.
solution: link against libxcrypt built with glibc compatibility.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/19293
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
glibc 2.39 has removed libcrypt completely.
solution: link against libxcrypt built with glibc compatibility.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/19293
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Upstream has disabled SHA-1 algorithms by default since version 2025.87.
SHA-1 has known weakness and most SSH implementations support alternatives.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
It's hard or even impossible to track affected sources
so it's safe to remove all built objects (if any).
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
This allows to fine-tune dropbear build options.
This change is heavily based on similar work done by Marius Dinu earlier
so I'd like to say many thanks to original author.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
- update dropbear to latest stable 2025.88;
for the changes see https://matt.ucc.asn.au/dropbear/CHANGES
- rewrite 100-pubkey_path.patch
- refresh remaining patches
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
nl80211 events were propagated to the wrong interfaces
Fixes: 2ac791e87d ("hostapd: update to version 2025-06-27")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Manually refreshed:
140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch
601-ucode_support.patch
Fixed in upstream:
804-hostapd-revert-ACS-Validate-6-GHz-AP-criteria-before.patch [1]
Automatically rebased all other patches.
[1] https://w1.fi/cgit/hostap/commit/?id=0b60826a66885bffa2fd709ed5e48cd5fe241b6b
Signed-off-by: Agustin Lorenzo <agustin.lorenzo@thinco.es>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
802.11be capable platforms are big enough to not need the mini variant,
and removing it here saves space for other other devices.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Fixes status information and scanning on extra BSS interfaces when operating
on multi-radio devices.
Reported-by: Chad Monroe <chad.monroe@adtran.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Ensure that hapd->own_addr is set properly, since hostapd_setup_bss
only handles it for secondary BSS interfaces
Signed-off-by: Felix Fietkau <nbd@nbd.name>
