svn commit: r337817 - in stable/11: contrib/wpa contrib/wpa/hostapd contrib/wpa/hs20/client contrib/wpa/patches contrib/wpa/src/ap contrib/wpa/src/common contrib/wpa/src/crypto contrib/wpa/src/driv...
Cy Schubert
cy at FreeBSD.org
Tue Aug 14 20:02:04 UTC 2018
Author: cy
Date: Tue Aug 14 20:02:01 2018
New Revision: 337817
URL: https://svnweb.freebsd.org/changeset/base/337817
Log:
MFC r336203, r336499, r336501-r336502, r336506, r336510, r336512-r336513, r336515, r336528-r336531
r336203:
MFV r324714:
Update wpa 2.5 --> 2.6.
r336499:
MFV: r336485
Address: hostapd: Avoid key reinstallation in FT handshake
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0001-hostapd-Avoid-key-\
reinstallation-in-FT-handshake.patch
r336501:
MFV: r336486
Prevent reinstallation of an already in-use group key.
Upline git commit cb5132bb35698cc0c743e34fe0e845dfc4c3e410.
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0002-Prevent-reinstallation-\
of-an-already-in-use-group-ke.patch
r336502:
MFV r336487:
Import upline security patch: Extend protection of GTK/IGTK
reinstallation of WNM-Sleep Mode cases. This git commit
87e2db16bafcbc60b8d0016175814a73c1e8ed45.
This commit is is simply a pops change as r324696 already plugged
this vulnerability. To maintain consistency with the vendor branch
props will be changed.
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-\
reinstallation-of-WNM-.patch
r336506:
MFV r336490:
Prevent installation of an all-zero TK.
This is also upline git commit 53bb18cc8b7a4da72e47e4b3752d0d2135cffb23.
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0004-Prevent-installation-\
of-an-all-zero-TK.patch
r336510:
MFV r336493:
Fix PTK rekeying to generate a new ANonce.
This is also upline git commit 0adc9b28b39d414d5febfff752f6a1576f785c85.
This commit is a NOP, just changing props as the heavy lifting was
done by r324696. This just brings us into line with the vendor branch.
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0005-Fix-PTK-rekeying-to-\
generate-a-new-ANonce.patch
r336512:
MFV r336494:
TDLS: Reject TPK-TK reconfiguration.
This is also upline git commmit ff89af96e5a35c86f50330d2b86c18323318a60c.
Once again this is a NOP as this is a props change to sync up with
the vendor branch. The real commit is in r324696.
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0006-TDLS-Reject-TPK-TK-\
reconfiguration.patch
r336513:
MFV r336495:
Another props change. The real work was done by r324696. We're simply
syncing up with the vendor branch again.
mport upline security patch: WNM: Ignore WNM-Sleep Mode Request in
wnm_sleep_mode=0 case. This is also upline git commit
114f2830d2c2aee6db23d48240e93415a256a37c.
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-\
Response-without-pending-r.patch
r336515:
MFV r336496:
A props change to sync up with the vendor branch. The real work was
done by r324696.
FILS: Do not allow multiple (Re)Association Response frames.
This is also upline git commit e760851176c77ae6de19821bb1d5bf3ae2cb5187.
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0008-FT-Do-not-allow-multiple-\
Reassociation-Response-fram.patch
r336528:
Revert r336501. It was a of the wrong rev from the vendor branch.
r336529:
MFV: r336486
Prevent reinstallation of an already in-use group key.
Upline git commit cb5132bb35698cc0c743e34fe0e845dfc4c3e410.
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0002-Prevent-reinstallation-\
of-an-already-in-use-group-ke.patch
r336530:
To reduce our diff between our sources and our upline, sync up
with upline. Also making it easier to read.
Obtained from: diffing base with ports
r336531:
Remove a redundant declaration.
While at it add a blank line, conforming with the convention
used in this file.
Added:
stable/11/contrib/wpa/src/ap/mbo_ap.c
- copied unchanged from r336203, head/contrib/wpa/src/ap/mbo_ap.c
stable/11/contrib/wpa/src/ap/mbo_ap.h
- copied unchanged from r336203, head/contrib/wpa/src/ap/mbo_ap.h
stable/11/contrib/wpa/src/ap/neighbor_db.c
- copied unchanged from r336203, head/contrib/wpa/src/ap/neighbor_db.c
stable/11/contrib/wpa/src/ap/neighbor_db.h
- copied unchanged from r336203, head/contrib/wpa/src/ap/neighbor_db.h
stable/11/contrib/wpa/src/ap/rrm.c
- copied unchanged from r336203, head/contrib/wpa/src/ap/rrm.c
stable/11/contrib/wpa/src/ap/rrm.h
- copied unchanged from r336203, head/contrib/wpa/src/ap/rrm.h
stable/11/contrib/wpa/src/ap/taxonomy.c
- copied unchanged from r336203, head/contrib/wpa/src/ap/taxonomy.c
stable/11/contrib/wpa/src/ap/taxonomy.h
- copied unchanged from r336203, head/contrib/wpa/src/ap/taxonomy.h
stable/11/contrib/wpa/src/ap/vlan.c
- copied unchanged from r336203, head/contrib/wpa/src/ap/vlan.c
stable/11/contrib/wpa/src/ap/vlan.h
- copied unchanged from r336203, head/contrib/wpa/src/ap/vlan.h
stable/11/contrib/wpa/src/ap/vlan_full.c
- copied unchanged from r336203, head/contrib/wpa/src/ap/vlan_full.c
stable/11/contrib/wpa/src/ap/vlan_ifconfig.c
- copied unchanged from r336203, head/contrib/wpa/src/ap/vlan_ifconfig.c
stable/11/contrib/wpa/src/ap/vlan_ioctl.c
- copied unchanged from r336203, head/contrib/wpa/src/ap/vlan_ioctl.c
stable/11/contrib/wpa/src/common/cli.c
- copied unchanged from r336203, head/contrib/wpa/src/common/cli.c
stable/11/contrib/wpa/src/common/cli.h
- copied unchanged from r336203, head/contrib/wpa/src/common/cli.h
stable/11/contrib/wpa/src/common/ctrl_iface_common.c
- copied unchanged from r336203, head/contrib/wpa/src/common/ctrl_iface_common.c
stable/11/contrib/wpa/src/common/ctrl_iface_common.h
- copied unchanged from r336203, head/contrib/wpa/src/common/ctrl_iface_common.h
stable/11/contrib/wpa/src/crypto/sha384-internal.c
- copied unchanged from r336203, head/contrib/wpa/src/crypto/sha384-internal.c
stable/11/contrib/wpa/src/crypto/sha384_i.h
- copied unchanged from r336203, head/contrib/wpa/src/crypto/sha384_i.h
stable/11/contrib/wpa/src/crypto/sha512-internal.c
- copied unchanged from r336203, head/contrib/wpa/src/crypto/sha512-internal.c
stable/11/contrib/wpa/src/crypto/sha512_i.h
- copied unchanged from r336203, head/contrib/wpa/src/crypto/sha512_i.h
stable/11/contrib/wpa/src/crypto/tls_openssl.h
- copied unchanged from r336203, head/contrib/wpa/src/crypto/tls_openssl.h
stable/11/contrib/wpa/src/crypto/tls_openssl_ocsp.c
- copied unchanged from r336203, head/contrib/wpa/src/crypto/tls_openssl_ocsp.c
stable/11/contrib/wpa/src/tls/tlsv1_client_ocsp.c
- copied unchanged from r336203, head/contrib/wpa/src/tls/tlsv1_client_ocsp.c
stable/11/contrib/wpa/src/utils/module_tests.h
- copied unchanged from r336203, head/contrib/wpa/src/utils/module_tests.h
stable/11/contrib/wpa/wpa_supplicant/Android.mk
- copied unchanged from r336203, head/contrib/wpa/wpa_supplicant/Android.mk
stable/11/contrib/wpa/wpa_supplicant/README-Windows.txt
- copied unchanged from r336203, head/contrib/wpa/wpa_supplicant/README-Windows.txt
stable/11/contrib/wpa/wpa_supplicant/android.config
- copied unchanged from r336203, head/contrib/wpa/wpa_supplicant/android.config
stable/11/contrib/wpa/wpa_supplicant/binder/
- copied from r336203, head/contrib/wpa/wpa_supplicant/binder/
stable/11/contrib/wpa/wpa_supplicant/libwpa_test.c
- copied unchanged from r336203, head/contrib/wpa/wpa_supplicant/libwpa_test.c
stable/11/contrib/wpa/wpa_supplicant/mbo.c
- copied unchanged from r336203, head/contrib/wpa/wpa_supplicant/mbo.c
stable/11/contrib/wpa/wpa_supplicant/systemd/
- copied from r336203, head/contrib/wpa/wpa_supplicant/systemd/
stable/11/contrib/wpa/wpa_supplicant/vs2005/
- copied from r336203, head/contrib/wpa/wpa_supplicant/vs2005/
Deleted:
stable/11/contrib/wpa/patches/openssl-0.9.8za-tls-extensions.patch
stable/11/contrib/wpa/patches/openssl-0.9.8zf-tls-extensions.patch
stable/11/contrib/wpa/wpa_supplicant/tests/link_test.c
stable/11/contrib/wpa/wpa_supplicant/tests/test_eap_sim_common.c
stable/11/contrib/wpa/wpa_supplicant/tests/test_wpa.c
Modified:
stable/11/contrib/wpa/CONTRIBUTIONS
stable/11/contrib/wpa/COPYING
stable/11/contrib/wpa/README
stable/11/contrib/wpa/hostapd/ChangeLog
stable/11/contrib/wpa/hostapd/README
stable/11/contrib/wpa/hostapd/config_file.c
stable/11/contrib/wpa/hostapd/ctrl_iface.c
stable/11/contrib/wpa/hostapd/defconfig
stable/11/contrib/wpa/hostapd/hapd_module_tests.c
stable/11/contrib/wpa/hostapd/hlr_auc_gw.c
stable/11/contrib/wpa/hostapd/hostapd.conf
stable/11/contrib/wpa/hostapd/hostapd_cli.c
stable/11/contrib/wpa/hostapd/main.c
stable/11/contrib/wpa/hs20/client/Android.mk
stable/11/contrib/wpa/hs20/client/Makefile
stable/11/contrib/wpa/hs20/client/est.c
stable/11/contrib/wpa/hs20/client/osu_client.c
stable/11/contrib/wpa/src/ap/accounting.c
stable/11/contrib/wpa/src/ap/accounting.h
stable/11/contrib/wpa/src/ap/acs.c
stable/11/contrib/wpa/src/ap/ap_config.c
stable/11/contrib/wpa/src/ap/ap_config.h
stable/11/contrib/wpa/src/ap/ap_drv_ops.c
stable/11/contrib/wpa/src/ap/ap_drv_ops.h
stable/11/contrib/wpa/src/ap/ap_mlme.c
stable/11/contrib/wpa/src/ap/authsrv.c
stable/11/contrib/wpa/src/ap/beacon.c
stable/11/contrib/wpa/src/ap/beacon.h
stable/11/contrib/wpa/src/ap/ctrl_iface_ap.c
stable/11/contrib/wpa/src/ap/ctrl_iface_ap.h
stable/11/contrib/wpa/src/ap/dfs.c
stable/11/contrib/wpa/src/ap/dhcp_snoop.c
stable/11/contrib/wpa/src/ap/drv_callbacks.c
stable/11/contrib/wpa/src/ap/gas_serv.c
stable/11/contrib/wpa/src/ap/gas_serv.h
stable/11/contrib/wpa/src/ap/hostapd.c
stable/11/contrib/wpa/src/ap/hostapd.h
stable/11/contrib/wpa/src/ap/hw_features.c
stable/11/contrib/wpa/src/ap/iapp.c
stable/11/contrib/wpa/src/ap/ieee802_11.c
stable/11/contrib/wpa/src/ap/ieee802_11.h
stable/11/contrib/wpa/src/ap/ieee802_11_auth.c
stable/11/contrib/wpa/src/ap/ieee802_11_auth.h
stable/11/contrib/wpa/src/ap/ieee802_11_ht.c
stable/11/contrib/wpa/src/ap/ieee802_11_shared.c
stable/11/contrib/wpa/src/ap/ieee802_11_vht.c
stable/11/contrib/wpa/src/ap/ieee802_1x.c
stable/11/contrib/wpa/src/ap/ieee802_1x.h
stable/11/contrib/wpa/src/ap/ndisc_snoop.c
stable/11/contrib/wpa/src/ap/pmksa_cache_auth.c
stable/11/contrib/wpa/src/ap/pmksa_cache_auth.h
stable/11/contrib/wpa/src/ap/sta_info.c
stable/11/contrib/wpa/src/ap/sta_info.h
stable/11/contrib/wpa/src/ap/vlan_init.c
stable/11/contrib/wpa/src/ap/vlan_init.h
stable/11/contrib/wpa/src/ap/vlan_util.c
stable/11/contrib/wpa/src/ap/vlan_util.h
stable/11/contrib/wpa/src/ap/wnm_ap.c
stable/11/contrib/wpa/src/ap/wnm_ap.h
stable/11/contrib/wpa/src/ap/wpa_auth.c
stable/11/contrib/wpa/src/ap/wpa_auth.h
stable/11/contrib/wpa/src/ap/wpa_auth_ft.c
stable/11/contrib/wpa/src/ap/wpa_auth_glue.c
stable/11/contrib/wpa/src/ap/wpa_auth_i.h
stable/11/contrib/wpa/src/ap/wpa_auth_ie.c
stable/11/contrib/wpa/src/ap/wps_hostapd.c
stable/11/contrib/wpa/src/common/common_module_tests.c
stable/11/contrib/wpa/src/common/defs.h
stable/11/contrib/wpa/src/common/eapol_common.h
stable/11/contrib/wpa/src/common/ieee802_11_common.c
stable/11/contrib/wpa/src/common/ieee802_11_common.h
stable/11/contrib/wpa/src/common/ieee802_11_defs.h
stable/11/contrib/wpa/src/common/ieee802_1x_defs.h
stable/11/contrib/wpa/src/common/qca-vendor.h
stable/11/contrib/wpa/src/common/sae.c
stable/11/contrib/wpa/src/common/sae.h
stable/11/contrib/wpa/src/common/version.h
stable/11/contrib/wpa/src/common/wpa_common.c
stable/11/contrib/wpa/src/common/wpa_common.h
stable/11/contrib/wpa/src/common/wpa_ctrl.c
stable/11/contrib/wpa/src/common/wpa_ctrl.h
stable/11/contrib/wpa/src/common/wpa_helpers.c
stable/11/contrib/wpa/src/crypto/aes-cbc.c
stable/11/contrib/wpa/src/crypto/aes-omac1.c
stable/11/contrib/wpa/src/crypto/crypto.h
stable/11/contrib/wpa/src/crypto/crypto_internal.c
stable/11/contrib/wpa/src/crypto/crypto_module_tests.c
stable/11/contrib/wpa/src/crypto/crypto_openssl.c
stable/11/contrib/wpa/src/crypto/dh_group5.c
stable/11/contrib/wpa/src/crypto/dh_groups.c
stable/11/contrib/wpa/src/crypto/fips_prf_openssl.c
stable/11/contrib/wpa/src/crypto/md4-internal.c
stable/11/contrib/wpa/src/crypto/md5-internal.c
stable/11/contrib/wpa/src/crypto/ms_funcs.c
stable/11/contrib/wpa/src/crypto/sha1-internal.c
stable/11/contrib/wpa/src/crypto/sha256-internal.c
stable/11/contrib/wpa/src/crypto/sha256-prf.c
stable/11/contrib/wpa/src/crypto/sha256.h
stable/11/contrib/wpa/src/crypto/tls.h
stable/11/contrib/wpa/src/crypto/tls_gnutls.c
stable/11/contrib/wpa/src/crypto/tls_internal.c
stable/11/contrib/wpa/src/crypto/tls_none.c
stable/11/contrib/wpa/src/crypto/tls_openssl.c
stable/11/contrib/wpa/src/drivers/driver.h
stable/11/contrib/wpa/src/drivers/driver_bsd.c
stable/11/contrib/wpa/src/drivers/driver_common.c
stable/11/contrib/wpa/src/drivers/driver_macsec_qca.c
stable/11/contrib/wpa/src/drivers/driver_ndis.c
stable/11/contrib/wpa/src/drivers/driver_nl80211.h
stable/11/contrib/wpa/src/drivers/driver_nl80211_capa.c
stable/11/contrib/wpa/src/drivers/driver_nl80211_event.c
stable/11/contrib/wpa/src/drivers/driver_nl80211_monitor.c
stable/11/contrib/wpa/src/drivers/driver_nl80211_scan.c
stable/11/contrib/wpa/src/drivers/driver_privsep.c
stable/11/contrib/wpa/src/drivers/driver_wired.c
stable/11/contrib/wpa/src/drivers/drivers.c
stable/11/contrib/wpa/src/eap_common/eap_eke_common.c
stable/11/contrib/wpa/src/eap_common/eap_fast_common.c
stable/11/contrib/wpa/src/eap_common/eap_fast_common.h
stable/11/contrib/wpa/src/eap_common/eap_gpsk_common.c
stable/11/contrib/wpa/src/eap_common/eap_pax_common.c
stable/11/contrib/wpa/src/eap_common/eap_pwd_common.c
stable/11/contrib/wpa/src/eap_common/eap_sake_common.c
stable/11/contrib/wpa/src/eap_common/ikev2_common.c
stable/11/contrib/wpa/src/eap_peer/eap.c
stable/11/contrib/wpa/src/eap_peer/eap_aka.c
stable/11/contrib/wpa/src/eap_peer/eap_config.h
stable/11/contrib/wpa/src/eap_peer/eap_eke.c
stable/11/contrib/wpa/src/eap_peer/eap_fast.c
stable/11/contrib/wpa/src/eap_peer/eap_fast_pac.c
stable/11/contrib/wpa/src/eap_peer/eap_gpsk.c
stable/11/contrib/wpa/src/eap_peer/eap_gtc.c
stable/11/contrib/wpa/src/eap_peer/eap_i.h
stable/11/contrib/wpa/src/eap_peer/eap_ikev2.c
stable/11/contrib/wpa/src/eap_peer/eap_leap.c
stable/11/contrib/wpa/src/eap_peer/eap_md5.c
stable/11/contrib/wpa/src/eap_peer/eap_methods.c
stable/11/contrib/wpa/src/eap_peer/eap_methods.h
stable/11/contrib/wpa/src/eap_peer/eap_mschapv2.c
stable/11/contrib/wpa/src/eap_peer/eap_otp.c
stable/11/contrib/wpa/src/eap_peer/eap_pax.c
stable/11/contrib/wpa/src/eap_peer/eap_peap.c
stable/11/contrib/wpa/src/eap_peer/eap_psk.c
stable/11/contrib/wpa/src/eap_peer/eap_pwd.c
stable/11/contrib/wpa/src/eap_peer/eap_sake.c
stable/11/contrib/wpa/src/eap_peer/eap_sim.c
stable/11/contrib/wpa/src/eap_peer/eap_tls.c
stable/11/contrib/wpa/src/eap_peer/eap_tls_common.c
stable/11/contrib/wpa/src/eap_peer/eap_tnc.c
stable/11/contrib/wpa/src/eap_peer/eap_ttls.c
stable/11/contrib/wpa/src/eap_peer/eap_vendor_test.c
stable/11/contrib/wpa/src/eap_peer/eap_wsc.c
stable/11/contrib/wpa/src/eap_peer/ikev2.c
stable/11/contrib/wpa/src/eap_peer/tncc.c
stable/11/contrib/wpa/src/eap_server/eap_methods.h
stable/11/contrib/wpa/src/eap_server/eap_server_aka.c
stable/11/contrib/wpa/src/eap_server/eap_server_eke.c
stable/11/contrib/wpa/src/eap_server/eap_server_fast.c
stable/11/contrib/wpa/src/eap_server/eap_server_gpsk.c
stable/11/contrib/wpa/src/eap_server/eap_server_gtc.c
stable/11/contrib/wpa/src/eap_server/eap_server_identity.c
stable/11/contrib/wpa/src/eap_server/eap_server_ikev2.c
stable/11/contrib/wpa/src/eap_server/eap_server_md5.c
stable/11/contrib/wpa/src/eap_server/eap_server_methods.c
stable/11/contrib/wpa/src/eap_server/eap_server_mschapv2.c
stable/11/contrib/wpa/src/eap_server/eap_server_pax.c
stable/11/contrib/wpa/src/eap_server/eap_server_peap.c
stable/11/contrib/wpa/src/eap_server/eap_server_psk.c
stable/11/contrib/wpa/src/eap_server/eap_server_pwd.c
stable/11/contrib/wpa/src/eap_server/eap_server_sake.c
stable/11/contrib/wpa/src/eap_server/eap_server_sim.c
stable/11/contrib/wpa/src/eap_server/eap_server_tls.c
stable/11/contrib/wpa/src/eap_server/eap_server_tls_common.c
stable/11/contrib/wpa/src/eap_server/eap_server_tnc.c
stable/11/contrib/wpa/src/eap_server/eap_server_ttls.c
stable/11/contrib/wpa/src/eap_server/eap_server_vendor_test.c
stable/11/contrib/wpa/src/eap_server/eap_server_wsc.c
stable/11/contrib/wpa/src/eap_server/eap_sim_db.c
stable/11/contrib/wpa/src/eap_server/eap_sim_db.h
stable/11/contrib/wpa/src/eap_server/ikev2.c
stable/11/contrib/wpa/src/eap_server/tncs.c
stable/11/contrib/wpa/src/eapol_auth/eapol_auth_sm.c
stable/11/contrib/wpa/src/eapol_auth/eapol_auth_sm_i.h
stable/11/contrib/wpa/src/eapol_supp/eapol_supp_sm.c
stable/11/contrib/wpa/src/fst/fst.c
stable/11/contrib/wpa/src/fst/fst_ctrl_aux.c
stable/11/contrib/wpa/src/fst/fst_ctrl_iface.c
stable/11/contrib/wpa/src/fst/fst_defs.h
stable/11/contrib/wpa/src/fst/fst_group.c
stable/11/contrib/wpa/src/fst/fst_group.h
stable/11/contrib/wpa/src/fst/fst_iface.c
stable/11/contrib/wpa/src/fst/fst_iface.h
stable/11/contrib/wpa/src/fst/fst_session.c
stable/11/contrib/wpa/src/p2p/p2p.c
stable/11/contrib/wpa/src/p2p/p2p.h
stable/11/contrib/wpa/src/p2p/p2p_build.c
stable/11/contrib/wpa/src/p2p/p2p_go_neg.c
stable/11/contrib/wpa/src/p2p/p2p_group.c
stable/11/contrib/wpa/src/p2p/p2p_i.h
stable/11/contrib/wpa/src/p2p/p2p_invitation.c
stable/11/contrib/wpa/src/p2p/p2p_parse.c
stable/11/contrib/wpa/src/p2p/p2p_pd.c
stable/11/contrib/wpa/src/p2p/p2p_sd.c
stable/11/contrib/wpa/src/pae/ieee802_1x_cp.c
stable/11/contrib/wpa/src/pae/ieee802_1x_cp.h
stable/11/contrib/wpa/src/pae/ieee802_1x_kay.c
stable/11/contrib/wpa/src/pae/ieee802_1x_kay.h
stable/11/contrib/wpa/src/pae/ieee802_1x_kay_i.h
stable/11/contrib/wpa/src/pae/ieee802_1x_secy_ops.c
stable/11/contrib/wpa/src/pae/ieee802_1x_secy_ops.h
stable/11/contrib/wpa/src/radius/radius.c
stable/11/contrib/wpa/src/radius/radius.h
stable/11/contrib/wpa/src/radius/radius_client.c
stable/11/contrib/wpa/src/radius/radius_client.h
stable/11/contrib/wpa/src/radius/radius_das.c
stable/11/contrib/wpa/src/radius/radius_das.h
stable/11/contrib/wpa/src/rsn_supp/pmksa_cache.c
stable/11/contrib/wpa/src/rsn_supp/pmksa_cache.h
stable/11/contrib/wpa/src/rsn_supp/preauth.c
stable/11/contrib/wpa/src/rsn_supp/preauth.h
stable/11/contrib/wpa/src/rsn_supp/tdls.c
stable/11/contrib/wpa/src/rsn_supp/wpa.c
stable/11/contrib/wpa/src/rsn_supp/wpa.h
stable/11/contrib/wpa/src/rsn_supp/wpa_i.h
stable/11/contrib/wpa/src/rsn_supp/wpa_ie.c
stable/11/contrib/wpa/src/tls/asn1.h
stable/11/contrib/wpa/src/tls/pkcs5.c
stable/11/contrib/wpa/src/tls/tlsv1_client.c
stable/11/contrib/wpa/src/tls/tlsv1_client.h
stable/11/contrib/wpa/src/tls/tlsv1_client_i.h
stable/11/contrib/wpa/src/tls/tlsv1_client_read.c
stable/11/contrib/wpa/src/tls/tlsv1_client_write.c
stable/11/contrib/wpa/src/tls/tlsv1_common.c
stable/11/contrib/wpa/src/tls/tlsv1_common.h
stable/11/contrib/wpa/src/tls/tlsv1_cred.c
stable/11/contrib/wpa/src/tls/tlsv1_cred.h
stable/11/contrib/wpa/src/tls/tlsv1_server_i.h
stable/11/contrib/wpa/src/tls/tlsv1_server_read.c
stable/11/contrib/wpa/src/tls/tlsv1_server_write.c
stable/11/contrib/wpa/src/tls/x509v3.c
stable/11/contrib/wpa/src/tls/x509v3.h
stable/11/contrib/wpa/src/utils/browser-android.c
stable/11/contrib/wpa/src/utils/common.c
stable/11/contrib/wpa/src/utils/common.h
stable/11/contrib/wpa/src/utils/edit_simple.c
stable/11/contrib/wpa/src/utils/eloop.c
stable/11/contrib/wpa/src/utils/eloop.h
stable/11/contrib/wpa/src/utils/eloop_win.c
stable/11/contrib/wpa/src/utils/ext_password.c
stable/11/contrib/wpa/src/utils/ext_password_i.h
stable/11/contrib/wpa/src/utils/http_curl.c
stable/11/contrib/wpa/src/utils/os.h
stable/11/contrib/wpa/src/utils/os_unix.c
stable/11/contrib/wpa/src/utils/pcsc_funcs.c
stable/11/contrib/wpa/src/utils/platform.h
stable/11/contrib/wpa/src/utils/radiotap.c
stable/11/contrib/wpa/src/utils/radiotap.h
stable/11/contrib/wpa/src/utils/radiotap_iter.h
stable/11/contrib/wpa/src/utils/trace.c
stable/11/contrib/wpa/src/utils/trace.h
stable/11/contrib/wpa/src/utils/utils_module_tests.c
stable/11/contrib/wpa/src/utils/wpa_debug.c
stable/11/contrib/wpa/src/utils/wpabuf.c
stable/11/contrib/wpa/src/utils/wpabuf.h
stable/11/contrib/wpa/src/utils/xml_libxml2.c
stable/11/contrib/wpa/src/wps/wps.c
stable/11/contrib/wpa/src/wps/wps.h
stable/11/contrib/wpa/src/wps/wps_attr_build.c
stable/11/contrib/wpa/src/wps/wps_attr_parse.c
stable/11/contrib/wpa/src/wps/wps_attr_process.c
stable/11/contrib/wpa/src/wps/wps_common.c
stable/11/contrib/wpa/src/wps/wps_defs.h
stable/11/contrib/wpa/src/wps/wps_enrollee.c
stable/11/contrib/wpa/src/wps/wps_i.h
stable/11/contrib/wpa/src/wps/wps_module_tests.c
stable/11/contrib/wpa/src/wps/wps_registrar.c
stable/11/contrib/wpa/src/wps/wps_upnp.c
stable/11/contrib/wpa/src/wps/wps_upnp.h
stable/11/contrib/wpa/src/wps/wps_upnp_i.h
stable/11/contrib/wpa/src/wps/wps_upnp_ssdp.c
stable/11/contrib/wpa/src/wps/wps_upnp_web.c
stable/11/contrib/wpa/wpa_supplicant/ChangeLog
stable/11/contrib/wpa/wpa_supplicant/README
stable/11/contrib/wpa/wpa_supplicant/README-HS20
stable/11/contrib/wpa/wpa_supplicant/README-P2P
stable/11/contrib/wpa/wpa_supplicant/ap.c
stable/11/contrib/wpa/wpa_supplicant/ap.h
stable/11/contrib/wpa/wpa_supplicant/autoscan.c
stable/11/contrib/wpa/wpa_supplicant/autoscan.h
stable/11/contrib/wpa/wpa_supplicant/bgscan.c
stable/11/contrib/wpa/wpa_supplicant/bgscan.h
stable/11/contrib/wpa/wpa_supplicant/bss.c
stable/11/contrib/wpa/wpa_supplicant/bss.h
stable/11/contrib/wpa/wpa_supplicant/config.c
stable/11/contrib/wpa/wpa_supplicant/config.h
stable/11/contrib/wpa/wpa_supplicant/config_file.c
stable/11/contrib/wpa/wpa_supplicant/config_ssid.h
stable/11/contrib/wpa/wpa_supplicant/ctrl_iface.c
stable/11/contrib/wpa/wpa_supplicant/ctrl_iface_udp.c
stable/11/contrib/wpa/wpa_supplicant/ctrl_iface_unix.c
stable/11/contrib/wpa/wpa_supplicant/dbus/dbus-wpa_supplicant.conf
stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_common_i.h
stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_dict_helpers.c
stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_dict_helpers.h
stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new.c
stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new.h
stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.c
stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.h
stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_p2p.c
stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_p2p.h
stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_wps.c
stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new_helpers.c
stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new_helpers.h
stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new_introspect.c
stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_old_handlers.c
stable/11/contrib/wpa/wpa_supplicant/defconfig
stable/11/contrib/wpa/wpa_supplicant/driver_i.h
stable/11/contrib/wpa/wpa_supplicant/eapol_test.c
stable/11/contrib/wpa/wpa_supplicant/events.c
stable/11/contrib/wpa/wpa_supplicant/gas_query.c
stable/11/contrib/wpa/wpa_supplicant/gas_query.h
stable/11/contrib/wpa/wpa_supplicant/hs20_supplicant.c
stable/11/contrib/wpa/wpa_supplicant/hs20_supplicant.h
stable/11/contrib/wpa/wpa_supplicant/ibss_rsn.c
stable/11/contrib/wpa/wpa_supplicant/ibss_rsn.h
stable/11/contrib/wpa/wpa_supplicant/interworking.c
stable/11/contrib/wpa/wpa_supplicant/interworking.h
stable/11/contrib/wpa/wpa_supplicant/main.c
stable/11/contrib/wpa/wpa_supplicant/mesh.c
stable/11/contrib/wpa/wpa_supplicant/mesh.h
stable/11/contrib/wpa/wpa_supplicant/mesh_mpm.c
stable/11/contrib/wpa/wpa_supplicant/mesh_mpm.h
stable/11/contrib/wpa/wpa_supplicant/mesh_rsn.c
stable/11/contrib/wpa/wpa_supplicant/mesh_rsn.h
stable/11/contrib/wpa/wpa_supplicant/notify.c
stable/11/contrib/wpa/wpa_supplicant/notify.h
stable/11/contrib/wpa/wpa_supplicant/offchannel.c
stable/11/contrib/wpa/wpa_supplicant/p2p_supplicant.c
stable/11/contrib/wpa/wpa_supplicant/p2p_supplicant.h
stable/11/contrib/wpa/wpa_supplicant/p2p_supplicant_sd.c
stable/11/contrib/wpa/wpa_supplicant/scan.c
stable/11/contrib/wpa/wpa_supplicant/scan.h
stable/11/contrib/wpa/wpa_supplicant/sme.c
stable/11/contrib/wpa/wpa_supplicant/wmm_ac.h
stable/11/contrib/wpa/wpa_supplicant/wnm_sta.c
stable/11/contrib/wpa/wpa_supplicant/wnm_sta.h
stable/11/contrib/wpa/wpa_supplicant/wpa_cli.c
stable/11/contrib/wpa/wpa_supplicant/wpa_priv.c
stable/11/contrib/wpa/wpa_supplicant/wpa_supplicant.c
stable/11/contrib/wpa/wpa_supplicant/wpa_supplicant.conf
stable/11/contrib/wpa/wpa_supplicant/wpa_supplicant_i.h
stable/11/contrib/wpa/wpa_supplicant/wpas_glue.c
stable/11/contrib/wpa/wpa_supplicant/wpas_kay.c
stable/11/contrib/wpa/wpa_supplicant/wpas_module_tests.c
stable/11/contrib/wpa/wpa_supplicant/wps_supplicant.c
stable/11/contrib/wpa/wpa_supplicant/wps_supplicant.h
stable/11/usr.sbin/wpa/Makefile.inc
stable/11/usr.sbin/wpa/hostapd/Makefile
stable/11/usr.sbin/wpa/hostapd_cli/Makefile
stable/11/usr.sbin/wpa/wpa_cli/Makefile
stable/11/usr.sbin/wpa/wpa_supplicant/Makefile
Directory Properties:
stable/11/ (props changed)
Modified: stable/11/contrib/wpa/CONTRIBUTIONS
==============================================================================
--- stable/11/contrib/wpa/CONTRIBUTIONS Tue Aug 14 19:44:36 2018 (r337816)
+++ stable/11/contrib/wpa/CONTRIBUTIONS Tue Aug 14 20:02:01 2018 (r337817)
@@ -29,6 +29,34 @@ using your real name. Pseudonyms or anonymous contribu
unfortunately be accepted.
+The preferred method of submitting the contribution to the project is by
+email to the hostap mailing list:
+hostap at lists.infradead.org
+Note that the list may require subscription before accepting message
+without moderation. You can subscribe to the list at this address:
+http://lists.infradead.org/mailman/listinfo/hostap
+
+The message should contain an inlined patch against the current
+development branch (i.e., the master branch of
+git://w1.fi/hostap.git). Please make sure the software you use for
+sending the patch does not corrupt whitespace. If that cannot be fixed
+for some reason, it is better to include an attached version of the
+patch file than just send a whitespace damaged version in the message
+body.
+
+The patches should be separate logical changes rather than doing
+everything in a single patch. In other words, please keep cleanup, new
+features, and bug fixes all in their own patches. Each patch needs a
+commit log that describes the changes (what the changes fix, what
+functionality is added, why the changes are useful, etc.).
+
+Please try to follow the coding style used in the project.
+
+In general, the best way of generating a suitable formatted patch file
+is by committing the changes to a cloned git repository and using git
+format-patch. The patch can then be sent, e.g., with git send-email.
+
+
History of license and contributions terms
------------------------------------------
@@ -112,7 +140,7 @@ The license terms used for hostap.git files
Modified BSD license (no advertisement clause):
-Copyright (c) 2002-2015, Jouni Malinen <j at w1.fi> and contributors
+Copyright (c) 2002-2016, Jouni Malinen <j at w1.fi> and contributors
All Rights Reserved.
Redistribution and use in source and binary forms, with or without
Modified: stable/11/contrib/wpa/COPYING
==============================================================================
--- stable/11/contrib/wpa/COPYING Tue Aug 14 19:44:36 2018 (r337816)
+++ stable/11/contrib/wpa/COPYING Tue Aug 14 20:02:01 2018 (r337817)
@@ -1,7 +1,7 @@
wpa_supplicant and hostapd
--------------------------
-Copyright (c) 2002-2015, Jouni Malinen <j at w1.fi> and contributors
+Copyright (c) 2002-2016, Jouni Malinen <j at w1.fi> and contributors
All Rights Reserved.
Modified: stable/11/contrib/wpa/README
==============================================================================
--- stable/11/contrib/wpa/README Tue Aug 14 19:44:36 2018 (r337816)
+++ stable/11/contrib/wpa/README Tue Aug 14 20:02:01 2018 (r337817)
@@ -1,7 +1,7 @@
wpa_supplicant and hostapd
--------------------------
-Copyright (c) 2002-2015, Jouni Malinen <j at w1.fi> and contributors
+Copyright (c) 2002-2016, Jouni Malinen <j at w1.fi> and contributors
All Rights Reserved.
These programs are licensed under the BSD license (the one with
Modified: stable/11/contrib/wpa/hostapd/ChangeLog
==============================================================================
--- stable/11/contrib/wpa/hostapd/ChangeLog Tue Aug 14 19:44:36 2018 (r337816)
+++ stable/11/contrib/wpa/hostapd/ChangeLog Tue Aug 14 20:02:01 2018 (r337817)
@@ -1,5 +1,78 @@
ChangeLog for hostapd
+2016-10-02 - v2.6
+ * fixed EAP-pwd last fragment validation
+ [http://w1.fi/security/2015-7/] (CVE-2015-5314)
+ * fixed WPS configuration update vulnerability with malformed passphrase
+ [http://w1.fi/security/2016-1/] (CVE-2016-4476)
+ * extended channel switch support for VHT bandwidth changes
+ * added support for configuring new ANQP-elements with
+ anqp_elem=<InfoID>:<hexdump of payload>
+ * fixed Suite B 192-bit AKM to use proper PMK length
+ (note: this makes old releases incompatible with the fixed behavior)
+ * added no_probe_resp_if_max_sta=1 parameter to disable Probe Response
+ frame sending for not-associated STAs if max_num_sta limit has been
+ reached
+ * added option (-S as command line argument) to request all interfaces
+ to be started at the same time
+ * modified rts_threshold and fragm_threshold configuration parameters
+ to allow -1 to be used to disable RTS/fragmentation
+ * EAP-pwd: added support for Brainpool Elliptic Curves
+ (with OpenSSL 1.0.2 and newer)
+ * fixed EAPOL reauthentication after FT protocol run
+ * fixed FTIE generation for 4-way handshake after FT protocol run
+ * fixed and improved various FST operations
+ * TLS server
+ - support SHA384 and SHA512 hashes
+ - support TLS v1.2 signature algorithm with SHA384 and SHA512
+ - support PKCS #5 v2.0 PBES2
+ - support PKCS #5 with PKCS #12 style key decryption
+ - minimal support for PKCS #12
+ - support OCSP stapling (including ocsp_multi)
+ * added support for OpenSSL 1.1 API changes
+ - drop support for OpenSSL 0.9.8
+ - drop support for OpenSSL 1.0.0
+ * EAP-PEAP: support fast-connect crypto binding
+ * RADIUS
+ - fix Called-Station-Id to not escape SSID
+ - add Event-Timestamp to all Accounting-Request packets
+ - add Acct-Session-Id to Accounting-On/Off
+ - add Acct-Multi-Session-Id ton Access-Request packets
+ - add Service-Type (= Frames)
+ - allow server to provide PSK instead of passphrase for WPA-PSK
+ Tunnel_password case
+ - update full message for interim accounting updates
+ - add Acct-Delay-Time into Accounting messages
+ - add require_message_authenticator configuration option to require
+ CoA/Disconnect-Request packets to be authenticated
+ * started to postpone WNM-Notification frame sending by 100 ms so that
+ the STA has some more time to configure the key before this frame is
+ received after the 4-way handshake
+ * VHT: added interoperability workaround for 80+80 and 160 MHz channels
+ * extended VLAN support (per-STA vif, etc.)
+ * fixed PMKID derivation with SAE
+ * nl80211
+ - added support for full station state operations
+ - fix IEEE 802.1X/WEP EAP reauthentication and rekeying to use
+ unencrypted EAPOL frames
+ * added initial MBO support; number of extensions to WNM BSS Transition
+ Management
+ * added initial functionality for location related operations
+ * added assocresp_elements parameter to allow vendor specific elements
+ to be added into (Re)Association Response frames
+ * improved Public Action frame addressing
+ - use Address 3 = wildcard BSSID in GAS response if a query from an
+ unassociated STA used that address
+ - fix TX status processing for Address 3 = wildcard BSSID
+ - add gas_address3 configuration parameter to control Address 3
+ behavior
+ * added command line parameter -i to override interface parameter in
+ hostapd.conf
+ * added command completion support to hostapd_cli
+ * added passive client taxonomy determination (CONFIG_TAXONOMY=y
+ compile option and "SIGNATURE <addr>" control interface command)
+ * number of small fixes
+
2015-09-27 - v2.5
* fixed WPS UPnP vulnerability with HTTP chunked transfer encoding
[http://w1.fi/security/2015-2/] (CVE-2015-4141)
Modified: stable/11/contrib/wpa/hostapd/README
==============================================================================
--- stable/11/contrib/wpa/hostapd/README Tue Aug 14 19:44:36 2018 (r337816)
+++ stable/11/contrib/wpa/hostapd/README Tue Aug 14 20:02:01 2018 (r337817)
@@ -2,7 +2,7 @@ hostapd - user space IEEE 802.11 AP and IEEE 802.1X/WP
Authenticator and RADIUS authentication server
================================================================
-Copyright (c) 2002-2015, Jouni Malinen <j at w1.fi> and contributors
+Copyright (c) 2002-2016, Jouni Malinen <j at w1.fi> and contributors
All Rights Reserved.
This program is licensed under the BSD license (the one with
Modified: stable/11/contrib/wpa/hostapd/config_file.c
==============================================================================
--- stable/11/contrib/wpa/hostapd/config_file.c Tue Aug 14 19:44:36 2018 (r337816)
+++ stable/11/contrib/wpa/hostapd/config_file.c Tue Aug 14 20:02:01 2018 (r337817)
@@ -97,6 +97,8 @@ static int hostapd_config_read_vlan_file(struct hostap
}
vlan->vlan_id = vlan_id;
+ vlan->vlan_desc.untagged = vlan_id;
+ vlan->vlan_desc.notempty = !!vlan_id;
os_strlcpy(vlan->ifname, pos, sizeof(vlan->ifname));
vlan->next = bss->vlan;
bss->vlan = vlan;
@@ -197,7 +199,10 @@ static int hostapd_config_read_maclist(const char *fna
*acl = newacl;
os_memcpy((*acl)[*num].addr, addr, ETH_ALEN);
- (*acl)[*num].vlan_id = vlan_id;
+ os_memset(&(*acl)[*num].vlan_id, 0,
+ sizeof((*acl)[*num].vlan_id));
+ (*acl)[*num].vlan_id.untagged = vlan_id;
+ (*acl)[*num].vlan_id.notempty = !!vlan_id;
(*num)++;
}
@@ -631,8 +636,7 @@ hostapd_parse_radius_attr(const char *value)
}
-static int hostapd_parse_das_client(struct hostapd_bss_config *bss,
- const char *val)
+static int hostapd_parse_das_client(struct hostapd_bss_config *bss, char *val)
{
char *secret;
@@ -640,7 +644,7 @@ static int hostapd_parse_das_client(struct hostapd_bss
if (secret == NULL)
return -1;
- secret++;
+ *secret++ = '\0';
if (hostapd_parse_ip_addr(val, &bss->radius_das_client_addr))
return -1;
@@ -1519,6 +1523,54 @@ fail:
}
+static int parse_anqp_elem(struct hostapd_bss_config *bss, char *buf, int line)
+{
+ char *delim;
+ u16 infoid;
+ size_t len;
+ struct wpabuf *payload;
+ struct anqp_element *elem;
+
+ delim = os_strchr(buf, ':');
+ if (!delim)
+ return -1;
+ delim++;
+ infoid = atoi(buf);
+ len = os_strlen(delim);
+ if (len & 1)
+ return -1;
+ len /= 2;
+ payload = wpabuf_alloc(len);
+ if (!payload)
+ return -1;
+ if (hexstr2bin(delim, wpabuf_put(payload, len), len) < 0) {
+ wpabuf_free(payload);
+ return -1;
+ }
+
+ dl_list_for_each(elem, &bss->anqp_elem, struct anqp_element, list) {
+ if (elem->infoid == infoid) {
+ /* Update existing entry */
+ wpabuf_free(elem->payload);
+ elem->payload = payload;
+ return 0;
+ }
+ }
+
+ /* Add a new entry */
+ elem = os_zalloc(sizeof(*elem));
+ if (!elem) {
+ wpabuf_free(payload);
+ return -1;
+ }
+ elem->infoid = infoid;
+ elem->payload = payload;
+ dl_list_add(&bss->anqp_elem, &elem->list);
+
+ return 0;
+}
+
+
static int parse_qos_map_set(struct hostapd_bss_config *bss,
char *buf, int line)
{
@@ -1867,31 +1919,6 @@ static int hs20_parse_osu_service_desc(struct hostapd_
#endif /* CONFIG_HS20 */
-#ifdef CONFIG_WPS_NFC
-static struct wpabuf * hostapd_parse_bin(const char *buf)
-{
- size_t len;
- struct wpabuf *ret;
-
- len = os_strlen(buf);
- if (len & 0x01)
- return NULL;
- len /= 2;
-
- ret = wpabuf_alloc(len);
- if (ret == NULL)
- return NULL;
-
- if (hexstr2bin(buf, wpabuf_put(ret, len), len)) {
- wpabuf_free(ret);
- return NULL;
- }
-
- return ret;
-}
-#endif /* CONFIG_WPS_NFC */
-
-
#ifdef CONFIG_ACS
static int hostapd_config_parse_acs_chan_bias(struct hostapd_config *conf,
char *pos)
@@ -1934,6 +1961,31 @@ fail:
#endif /* CONFIG_ACS */
+static int parse_wpabuf_hex(int line, const char *name, struct wpabuf **buf,
+ const char *val)
+{
+ struct wpabuf *elems;
+
+ if (val[0] == '\0') {
+ wpabuf_free(*buf);
+ *buf = NULL;
+ return 0;
+ }
+
+ elems = wpabuf_parse_bin(val);
+ if (!elems) {
+ wpa_printf(MSG_ERROR, "Line %d: Invalid %s '%s'",
+ line, name, val);
+ return -1;
+ }
+
+ wpabuf_free(*buf);
+ *buf = elems;
+
+ return 0;
+}
+
+
static int hostapd_config_fill(struct hostapd_config *conf,
struct hostapd_bss_config *bss,
const char *buf, char *pos, int line)
@@ -2084,6 +2136,9 @@ static int hostapd_config_fill(struct hostapd_config *
} else if (os_strcmp(buf, "ocsp_stapling_response") == 0) {
os_free(bss->ocsp_stapling_response);
bss->ocsp_stapling_response = os_strdup(pos);
+ } else if (os_strcmp(buf, "ocsp_stapling_response_multi") == 0) {
+ os_free(bss->ocsp_stapling_response_multi);
+ bss->ocsp_stapling_response_multi = os_strdup(pos);
} else if (os_strcmp(buf, "dh_file") == 0) {
os_free(bss->dh_file);
bss->dh_file = os_strdup(pos);
@@ -2139,6 +2194,8 @@ static int hostapd_config_fill(struct hostapd_config *
} else if (os_strcmp(buf, "eap_sim_db") == 0) {
os_free(bss->eap_sim_db);
bss->eap_sim_db = os_strdup(pos);
+ } else if (os_strcmp(buf, "eap_sim_db_timeout") == 0) {
+ bss->eap_sim_db_timeout = atoi(pos);
} else if (os_strcmp(buf, "eap_sim_aka_result_ind") == 0) {
bss->eap_sim_aka_result_ind = atoi(pos);
#endif /* EAP_SERVER_SIM */
@@ -2353,6 +2410,9 @@ static int hostapd_config_fill(struct hostapd_config *
bss->radius_das_time_window = atoi(pos);
} else if (os_strcmp(buf, "radius_das_require_event_timestamp") == 0) {
bss->radius_das_require_event_timestamp = atoi(pos);
+ } else if (os_strcmp(buf, "radius_das_require_message_authenticator") ==
+ 0) {
+ bss->radius_das_require_message_authenticator = atoi(pos);
#endif /* CONFIG_NO_RADIUS */
} else if (os_strcmp(buf, "auth_algs") == 0) {
bss->auth_algs = atoi(pos);
@@ -2644,7 +2704,7 @@ static int hostapd_config_fill(struct hostapd_config *
}
} else if (os_strcmp(buf, "rts_threshold") == 0) {
conf->rts_threshold = atoi(pos);
- if (conf->rts_threshold < 0 || conf->rts_threshold > 2347) {
+ if (conf->rts_threshold < -1 || conf->rts_threshold > 65535) {
wpa_printf(MSG_ERROR,
"Line %d: invalid rts_threshold %d",
line, conf->rts_threshold);
@@ -2652,8 +2712,10 @@ static int hostapd_config_fill(struct hostapd_config *
}
} else if (os_strcmp(buf, "fragm_threshold") == 0) {
conf->fragm_threshold = atoi(pos);
- if (conf->fragm_threshold < 256 ||
- conf->fragm_threshold > 2346) {
+ if (conf->fragm_threshold == -1) {
+ /* allow a value of -1 */
+ } else if (conf->fragm_threshold < 256 ||
+ conf->fragm_threshold > 2346) {
wpa_printf(MSG_ERROR,
"Line %d: invalid fragm_threshold %d",
line, conf->fragm_threshold);
@@ -2686,6 +2748,8 @@ static int hostapd_config_fill(struct hostapd_config *
conf->preamble = LONG_PREAMBLE;
} else if (os_strcmp(buf, "ignore_broadcast_ssid") == 0) {
bss->ignore_broadcast_ssid = atoi(pos);
+ } else if (os_strcmp(buf, "no_probe_resp_if_max_sta") == 0) {
+ bss->no_probe_resp_if_max_sta = atoi(pos);
} else if (os_strcmp(buf, "wep_default_key") == 0) {
bss->ssid.wep.idx = atoi(pos);
if (bss->ssid.wep.idx > 3) {
@@ -2707,6 +2771,8 @@ static int hostapd_config_fill(struct hostapd_config *
#ifndef CONFIG_NO_VLAN
} else if (os_strcmp(buf, "dynamic_vlan") == 0) {
bss->ssid.dynamic_vlan = atoi(pos);
+ } else if (os_strcmp(buf, "per_sta_vif") == 0) {
+ bss->ssid.per_sta_vif = atoi(pos);
} else if (os_strcmp(buf, "vlan_file") == 0) {
if (hostapd_config_read_vlan_file(bss, pos)) {
wpa_printf(MSG_ERROR, "Line %d: failed to read VLAN file '%s'",
@@ -2762,6 +2828,8 @@ static int hostapd_config_fill(struct hostapd_config *
line);
return 1;
}
+ } else if (os_strcmp(buf, "use_driver_iface_addr") == 0) {
+ conf->use_driver_iface_addr = atoi(pos);
#ifdef CONFIG_IEEE80211W
} else if (os_strcmp(buf, "ieee80211w") == 0) {
bss->ieee80211w = atoi(pos);
@@ -2827,6 +2895,8 @@ static int hostapd_config_fill(struct hostapd_config *
conf->vht_oper_centr_freq_seg1_idx = atoi(pos);
} else if (os_strcmp(buf, "vendor_vht") == 0) {
bss->vendor_vht = atoi(pos);
+ } else if (os_strcmp(buf, "use_sta_nsts") == 0) {
+ bss->use_sta_nsts = atoi(pos);
#endif /* CONFIG_IEEE80211AC */
} else if (os_strcmp(buf, "max_listen_interval") == 0) {
bss->max_listen_interval = atoi(pos);
@@ -2965,15 +3035,15 @@ static int hostapd_config_fill(struct hostapd_config *
bss->wps_nfc_pw_from_config = 1;
} else if (os_strcmp(buf, "wps_nfc_dh_pubkey") == 0) {
wpabuf_free(bss->wps_nfc_dh_pubkey);
- bss->wps_nfc_dh_pubkey = hostapd_parse_bin(pos);
+ bss->wps_nfc_dh_pubkey = wpabuf_parse_bin(pos);
bss->wps_nfc_pw_from_config = 1;
} else if (os_strcmp(buf, "wps_nfc_dh_privkey") == 0) {
wpabuf_free(bss->wps_nfc_dh_privkey);
- bss->wps_nfc_dh_privkey = hostapd_parse_bin(pos);
+ bss->wps_nfc_dh_privkey = wpabuf_parse_bin(pos);
bss->wps_nfc_pw_from_config = 1;
} else if (os_strcmp(buf, "wps_nfc_dev_pw") == 0) {
wpabuf_free(bss->wps_nfc_dev_pw);
- bss->wps_nfc_dev_pw = hostapd_parse_bin(pos);
+ bss->wps_nfc_dev_pw = wpabuf_parse_bin(pos);
bss->wps_nfc_pw_from_config = 1;
#endif /* CONFIG_WPS_NFC */
#endif /* CONFIG_WPS */
@@ -3136,6 +3206,9 @@ static int hostapd_config_fill(struct hostapd_config *
} else if (os_strcmp(buf, "nai_realm") == 0) {
if (parse_nai_realm(bss, pos, line) < 0)
return 1;
+ } else if (os_strcmp(buf, "anqp_elem") == 0) {
+ if (parse_anqp_elem(bss, pos, line) < 0)
+ return 1;
} else if (os_strcmp(buf, "gas_frag_limit") == 0) {
bss->gas_frag_limit = atoi(pos);
} else if (os_strcmp(buf, "gas_comeback_delay") == 0) {
@@ -3149,13 +3222,15 @@ static int hostapd_config_fill(struct hostapd_config *
os_free(bss->dump_msk_file);
bss->dump_msk_file = os_strdup(pos);
#endif /* CONFIG_RADIUS_TEST */
+#ifdef CONFIG_PROXYARP
+ } else if (os_strcmp(buf, "proxy_arp") == 0) {
+ bss->proxy_arp = atoi(pos);
+#endif /* CONFIG_PROXYARP */
#ifdef CONFIG_HS20
} else if (os_strcmp(buf, "hs20") == 0) {
bss->hs20 = atoi(pos);
} else if (os_strcmp(buf, "disable_dgaf") == 0) {
bss->disable_dgaf = atoi(pos);
- } else if (os_strcmp(buf, "proxy_arp") == 0) {
- bss->proxy_arp = atoi(pos);
} else if (os_strcmp(buf, "na_mcast_to_ucast") == 0) {
bss->na_mcast_to_ucast = atoi(pos);
} else if (os_strcmp(buf, "osen") == 0) {
@@ -3231,6 +3306,10 @@ static int hostapd_config_fill(struct hostapd_config *
} else if (os_strcmp(buf, "subscr_remediation_method") == 0) {
bss->subscr_remediation_method = atoi(pos);
#endif /* CONFIG_HS20 */
+#ifdef CONFIG_MBO
+ } else if (os_strcmp(buf, "mbo") == 0) {
+ bss->mbo_enabled = atoi(pos);
+#endif /* CONFIG_MBO */
#ifdef CONFIG_TESTING_OPTIONS
#define PARSE_TEST_PROBABILITY(_val) \
} else if (os_strcmp(buf, #_val) == 0) { \
@@ -3249,6 +3328,8 @@ static int hostapd_config_fill(struct hostapd_config *
PARSE_TEST_PROBABILITY(ignore_assoc_probability)
PARSE_TEST_PROBABILITY(ignore_reassoc_probability)
PARSE_TEST_PROBABILITY(corrupt_gtk_rekey_mic_probability)
+ } else if (os_strcmp(buf, "ecsa_ie_only") == 0) {
+ conf->ecsa_ie_only = atoi(pos);
} else if (os_strcmp(buf, "bss_load_test") == 0) {
WPA_PUT_LE16(bss->bss_load_test, atoi(pos));
pos = os_strchr(pos, ':');
@@ -3269,7 +3350,15 @@ static int hostapd_config_fill(struct hostapd_config *
WPA_PUT_LE16(&bss->bss_load_test[3], atoi(pos));
bss->bss_load_test_set = 1;
} else if (os_strcmp(buf, "radio_measurements") == 0) {
- bss->radio_measurements = atoi(pos);
+ /*
+ * DEPRECATED: This parameter will be removed in the future.
+ * Use rrm_neighbor_report instead.
+ */
+ int val = atoi(pos);
+
+ if (val & BIT(0))
+ bss->radio_measurements[0] |=
+ WLAN_RRM_CAPS_NEIGHBOR_REPORT;
} else if (os_strcmp(buf, "own_ie_override") == 0) {
struct wpabuf *tmp;
size_t len = os_strlen(pos) / 2;
@@ -3290,35 +3379,11 @@ static int hostapd_config_fill(struct hostapd_config *
bss->own_ie_override = tmp;
#endif /* CONFIG_TESTING_OPTIONS */
} else if (os_strcmp(buf, "vendor_elements") == 0) {
- struct wpabuf *elems;
- size_t len = os_strlen(pos);
- if (len & 0x01) {
- wpa_printf(MSG_ERROR,
- "Line %d: Invalid vendor_elements '%s'",
- line, pos);
+ if (parse_wpabuf_hex(line, buf, &bss->vendor_elements, pos))
return 1;
- }
- len /= 2;
- if (len == 0) {
- wpabuf_free(bss->vendor_elements);
- bss->vendor_elements = NULL;
- return 0;
- }
-
- elems = wpabuf_alloc(len);
- if (elems == NULL)
+ } else if (os_strcmp(buf, "assocresp_elements") == 0) {
+ if (parse_wpabuf_hex(line, buf, &bss->assocresp_elements, pos))
return 1;
-
- if (hexstr2bin(pos, wpabuf_put(elems, len), len)) {
- wpabuf_free(elems);
- wpa_printf(MSG_ERROR,
- "Line %d: Invalid vendor_elements '%s'",
- line, pos);
- return 1;
- }
-
- wpabuf_free(bss->vendor_elements);
- bss->vendor_elements = elems;
} else if (os_strcmp(buf, "sae_anti_clogging_threshold") == 0) {
bss->sae_anti_clogging_threshold = atoi(pos);
} else if (os_strcmp(buf, "sae_groups") == 0) {
@@ -3391,7 +3456,8 @@ static int hostapd_config_fill(struct hostapd_config *
return -1;
}
val = strtol(pos, &endp, 0);
- if (*endp || val < 1 || val > FST_MAX_LLT_MS) {
+ if (*endp || val < 1 ||
+ (unsigned long int) val > FST_MAX_LLT_MS) {
wpa_printf(MSG_ERROR,
"Line %d: Invalid fst_llt %ld (%s) (expected 1..%u)",
line, val, pos, FST_MAX_LLT_MS);
@@ -3409,6 +3475,22 @@ static int hostapd_config_fill(struct hostapd_config *
} else if (os_strcmp(buf, "no_auth_if_seen_on") == 0) {
os_free(bss->no_auth_if_seen_on);
bss->no_auth_if_seen_on = os_strdup(pos);
+ } else if (os_strcmp(buf, "lci") == 0) {
+ wpabuf_free(conf->lci);
+ conf->lci = wpabuf_parse_bin(pos);
+ } else if (os_strcmp(buf, "civic") == 0) {
+ wpabuf_free(conf->civic);
+ conf->civic = wpabuf_parse_bin(pos);
+ } else if (os_strcmp(buf, "rrm_neighbor_report") == 0) {
+ if (atoi(pos))
+ bss->radio_measurements[0] |=
+ WLAN_RRM_CAPS_NEIGHBOR_REPORT;
+ } else if (os_strcmp(buf, "gas_address3") == 0) {
+ bss->gas_address3 = atoi(pos);
+ } else if (os_strcmp(buf, "ftm_responder") == 0) {
+ bss->ftm_responder = atoi(pos);
+ } else if (os_strcmp(buf, "ftm_initiator") == 0) {
+ bss->ftm_initiator = atoi(pos);
} else {
wpa_printf(MSG_ERROR,
"Line %d: unknown configuration item '%s'",
@@ -3429,7 +3511,7 @@ struct hostapd_config * hostapd_config_read(const char
{
struct hostapd_config *conf;
FILE *f;
- char buf[512], *pos;
+ char buf[4096], *pos;
int line = 0;
int errors = 0;
size_t i;
Modified: stable/11/contrib/wpa/hostapd/ctrl_iface.c
==============================================================================
--- stable/11/contrib/wpa/hostapd/ctrl_iface.c Tue Aug 14 19:44:36 2018 (r337816)
+++ stable/11/contrib/wpa/hostapd/ctrl_iface.c Tue Aug 14 20:02:01 2018 (r337817)
@@ -19,10 +19,16 @@
#include <sys/stat.h>
#include <stddef.h>
+#ifdef CONFIG_CTRL_IFACE_UDP
+#include <netdb.h>
+#endif /* CONFIG_CTRL_IFACE_UDP */
+
#include "utils/common.h"
#include "utils/eloop.h"
+#include "utils/module_tests.h"
#include "common/version.h"
#include "common/ieee802_11_defs.h"
+#include "common/ctrl_iface_common.h"
#include "crypto/tls.h"
#include "drivers/driver.h"
#include "eapol_auth/eapol_auth_sm.h"
@@ -42,6 +48,8 @@
#include "ap/wnm_ap.h"
#include "ap/wpa_auth.h"
#include "ap/beacon.h"
+#include "ap/neighbor_db.h"
+#include "ap/rrm.h"
#include "wps/wps_defs.h"
#include "wps/wps.h"
#include "fst/fst_ctrl_iface.h"
@@ -51,96 +59,43 @@
#define HOSTAPD_CLI_DUP_VALUE_MAX_LEN 256
-struct wpa_ctrl_dst {
- struct wpa_ctrl_dst *next;
- struct sockaddr_un addr;
- socklen_t addrlen;
- int debug_level;
- int errors;
-};
+#ifdef CONFIG_CTRL_IFACE_UDP
+#define COOKIE_LEN 8
+static unsigned char cookie[COOKIE_LEN];
+static unsigned char gcookie[COOKIE_LEN];
+#define HOSTAPD_CTRL_IFACE_PORT 8877
+#define HOSTAPD_CTRL_IFACE_PORT_LIMIT 50
+#define HOSTAPD_GLOBAL_CTRL_IFACE_PORT 8878
+#define HOSTAPD_GLOBAL_CTRL_IFACE_PORT_LIMIT 50
+#endif /* CONFIG_CTRL_IFACE_UDP */
-
static void hostapd_ctrl_iface_send(struct hostapd_data *hapd, int level,
enum wpa_msg_type type,
const char *buf, size_t len);
static int hostapd_ctrl_iface_attach(struct hostapd_data *hapd,
- struct sockaddr_un *from,
+ struct sockaddr_storage *from,
socklen_t fromlen)
{
- struct wpa_ctrl_dst *dst;
-
- dst = os_zalloc(sizeof(*dst));
- if (dst == NULL)
- return -1;
- os_memcpy(&dst->addr, from, sizeof(struct sockaddr_un));
- dst->addrlen = fromlen;
- dst->debug_level = MSG_INFO;
- dst->next = hapd->ctrl_dst;
- hapd->ctrl_dst = dst;
- wpa_hexdump(MSG_DEBUG, "CTRL_IFACE monitor attached",
- (u8 *) from->sun_path,
- fromlen - offsetof(struct sockaddr_un, sun_path));
- return 0;
+ return ctrl_iface_attach(&hapd->ctrl_dst, from, fromlen);
}
static int hostapd_ctrl_iface_detach(struct hostapd_data *hapd,
- struct sockaddr_un *from,
+ struct sockaddr_storage *from,
socklen_t fromlen)
{
- struct wpa_ctrl_dst *dst, *prev = NULL;
-
- dst = hapd->ctrl_dst;
- while (dst) {
- if (fromlen == dst->addrlen &&
- os_memcmp(from->sun_path, dst->addr.sun_path,
- fromlen - offsetof(struct sockaddr_un, sun_path))
- == 0) {
- wpa_hexdump(MSG_DEBUG, "CTRL_IFACE monitor detached",
- (u8 *) from->sun_path,
- fromlen -
- offsetof(struct sockaddr_un, sun_path));
- if (prev == NULL)
- hapd->ctrl_dst = dst->next;
- else
- prev->next = dst->next;
- os_free(dst);
- return 0;
- }
- prev = dst;
- dst = dst->next;
- }
- return -1;
+ return ctrl_iface_detach(&hapd->ctrl_dst, from, fromlen);
}
static int hostapd_ctrl_iface_level(struct hostapd_data *hapd,
- struct sockaddr_un *from,
+ struct sockaddr_storage *from,
socklen_t fromlen,
char *level)
{
- struct wpa_ctrl_dst *dst;
-
- wpa_printf(MSG_DEBUG, "CTRL_IFACE LEVEL %s", level);
-
- dst = hapd->ctrl_dst;
- while (dst) {
- if (fromlen == dst->addrlen &&
- os_memcmp(from->sun_path, dst->addr.sun_path,
- fromlen - offsetof(struct sockaddr_un, sun_path))
- == 0) {
- wpa_hexdump(MSG_DEBUG, "CTRL_IFACE changed monitor "
- "level", (u8 *) from->sun_path, fromlen -
- offsetof(struct sockaddr_un, sun_path));
- dst->debug_level = atoi(level);
- return 0;
- }
- dst = dst->next;
- }
-
- return -1;
+ return ctrl_iface_level(&hapd->ctrl_dst, from, fromlen, level);
}
@@ -884,6 +839,8 @@ static int hostapd_ctrl_iface_bss_tm_req(struct hostap
int ret;
u8 nei_rep[1000];
u8 *nei_pos = nei_rep;
+ u8 mbo[10];
+ size_t mbo_len = 0;
if (hwaddr_aton(cmd, addr)) {
wpa_printf(MSG_DEBUG, "Invalid STA MAC address");
@@ -1049,10 +1006,66 @@ static int hostapd_ctrl_iface_bss_tm_req(struct hostap
if (os_strstr(cmd, " disassoc_imminent=1"))
req_mode |= WNM_BSS_TM_REQ_DISASSOC_IMMINENT;
+#ifdef CONFIG_MBO
+ pos = os_strstr(cmd, "mbo=");
+ if (pos) {
+ unsigned int mbo_reason, cell_pref, reassoc_delay;
+ u8 *mbo_pos = mbo;
+
+ ret = sscanf(pos, "mbo=%u:%u:%u", &mbo_reason,
+ &reassoc_delay, &cell_pref);
+ if (ret != 3) {
+ wpa_printf(MSG_DEBUG,
+ "MBO requires three arguments: mbo=<reason>:<reassoc_delay>:<cell_pref>");
+ return -1;
+ }
+
+ if (mbo_reason > MBO_TRANSITION_REASON_PREMIUM_AP) {
+ wpa_printf(MSG_DEBUG,
+ "Invalid MBO transition reason code %u",
+ mbo_reason);
+ return -1;
+ }
+
+ /* Valid values for Cellular preference are: 0, 1, 255 */
+ if (cell_pref != 0 && cell_pref != 1 && cell_pref != 255) {
+ wpa_printf(MSG_DEBUG,
+ "Invalid MBO cellular capability %u",
+ cell_pref);
+ return -1;
+ }
+
+ if (reassoc_delay > 65535 ||
+ (reassoc_delay &&
+ !(req_mode & WNM_BSS_TM_REQ_DISASSOC_IMMINENT))) {
+ wpa_printf(MSG_DEBUG,
+ "MBO: Assoc retry delay is only valid in disassoc imminent mode");
+ return -1;
+ }
+
+ *mbo_pos++ = MBO_ATTR_ID_TRANSITION_REASON;
+ *mbo_pos++ = 1;
+ *mbo_pos++ = mbo_reason;
+ *mbo_pos++ = MBO_ATTR_ID_CELL_DATA_PREF;
+ *mbo_pos++ = 1;
+ *mbo_pos++ = cell_pref;
+
+ if (reassoc_delay) {
+ *mbo_pos++ = MBO_ATTR_ID_ASSOC_RETRY_DELAY;
+ *mbo_pos++ = 2;
+ WPA_PUT_LE16(mbo_pos, reassoc_delay);
+ mbo_pos += 2;
+ }
+
+ mbo_len = mbo_pos - mbo;
+ }
+#endif /* CONFIG_MBO */
+
ret = wnm_send_bss_tm_req(hapd, sta, req_mode, disassoc_timer,
valid_int, bss_term_dur, url,
nei_pos > nei_rep ? nei_rep : NULL,
- nei_pos - nei_rep);
+ nei_pos - nei_rep, mbo_len ? mbo : NULL,
+ mbo_len);
os_free(url);
return ret;
}
@@ -1320,9 +1333,28 @@ static int hostapd_ctrl_iface_set(struct hostapd_data
} else if (os_strcasecmp(cmd, "ext_eapol_frame_io") == 0) {
hapd->ext_eapol_frame_io = atoi(value);
#endif /* CONFIG_TESTING_OPTIONS */
+#ifdef CONFIG_MBO
+ } else if (os_strcasecmp(cmd, "mbo_assoc_disallow") == 0) {
+ int val;
+
+ if (!hapd->conf->mbo_enabled)
+ return -1;
+
+ val = atoi(value);
+ if (val < 0 || val > 1)
+ return -1;
+
+ hapd->mbo_assoc_disallow = val;
+ ieee802_11_update_beacons(hapd->iface);
+
+ /*
+ * TODO: Need to configure drivers that do AP MLME offload with
+ * disallowing station logic.
+ */
+#endif /* CONFIG_MBO */
} else {
struct sta_info *sta;
- int vlan_id;
+ struct vlan_description vlan_id;
ret = hostapd_set_iface(hapd->iconf, hapd->conf, cmd, value);
if (ret)
@@ -1334,7 +1366,8 @@ static int hostapd_ctrl_iface_set(struct hostapd_data
hapd->conf->deny_mac,
hapd->conf->num_deny_mac, sta->addr,
&vlan_id) &&
- (!vlan_id || vlan_id == sta->vlan_id))
+ (!vlan_id.notempty ||
+ !vlan_compare(&vlan_id, sta->vlan_desc)))
ap_sta_disconnect(
hapd, sta, sta->addr,
WLAN_REASON_UNSPECIFIED);
@@ -1346,7 +1379,8 @@ static int hostapd_ctrl_iface_set(struct hostapd_data
hapd->conf->accept_mac,
hapd->conf->num_accept_mac,
sta->addr, &vlan_id) ||
- (vlan_id && vlan_id != sta->vlan_id))
+ (vlan_id.notempty &&
+ vlan_compare(&vlan_id, sta->vlan_desc)))
ap_sta_disconnect(
hapd, sta, sta->addr,
WLAN_REASON_UNSPECIFIED);
@@ -1557,8 +1591,8 @@ static u16 ipv4_hdr_checksum(const void *buf, size_t l
#define HWSIM_PACKETLEN 1500
#define HWSIM_IP_LEN (HWSIM_PACKETLEN - sizeof(struct ether_header))
-void hostapd_data_test_rx(void *ctx, const u8 *src_addr, const u8 *buf,
- size_t len)
+static void hostapd_data_test_rx(void *ctx, const u8 *src_addr, const u8 *buf,
+ size_t len)
{
struct hostapd_data *hapd = ctx;
const struct ether_header *eth;
@@ -1745,8 +1779,6 @@ done:
static int hostapd_ctrl_test_alloc_fail(struct hostapd_data *hapd, char *cmd)
{
#ifdef WPA_TRACE_BFD
- extern char wpa_trace_fail_func[256];
- extern unsigned int wpa_trace_fail_after;
char *pos;
wpa_trace_fail_after = atoi(cmd);
@@ -1770,9 +1802,6 @@ static int hostapd_ctrl_get_alloc_fail(struct hostapd_
char *buf, size_t buflen)
{
#ifdef WPA_TRACE_BFD
- extern char wpa_trace_fail_func[256];
- extern unsigned int wpa_trace_fail_after;
-
return os_snprintf(buf, buflen, "%u:%s", wpa_trace_fail_after,
wpa_trace_fail_func);
#else /* WPA_TRACE_BFD */
@@ -1784,8 +1813,6 @@ static int hostapd_ctrl_get_alloc_fail(struct hostapd_
static int hostapd_ctrl_test_fail(struct hostapd_data *hapd, char *cmd)
{
#ifdef WPA_TRACE_BFD
- extern char wpa_trace_test_fail_func[256];
- extern unsigned int wpa_trace_test_fail_after;
char *pos;
wpa_trace_test_fail_after = atoi(cmd);
@@ -1809,9 +1836,6 @@ static int hostapd_ctrl_get_fail(struct hostapd_data *
char *buf, size_t buflen)
{
#ifdef WPA_TRACE_BFD
- extern char wpa_trace_test_fail_func[256];
- extern unsigned int wpa_trace_test_fail_after;
-
return os_snprintf(buf, buflen, "%u:%s", wpa_trace_test_fail_after,
wpa_trace_test_fail_func);
#else /* WPA_TRACE_BFD */
@@ -1875,13 +1899,13 @@ static int hostapd_ctrl_iface_vendor(struct hostapd_da
/* cmd: <vendor id> <subcommand id> [<hex formatted data>] */
vendor_id = strtoul(cmd, &pos, 16);
- if (!isblank(*pos))
+ if (!isblank((unsigned char) *pos))
return -EINVAL;
subcmd = strtoul(pos, &pos, 10);
if (*pos != '\0') {
- if (!isblank(*pos++))
+ if (!isblank((unsigned char) *pos++))
return -EINVAL;
data_len = os_strlen(pos);
}
@@ -2016,6 +2040,9 @@ static int hostapd_ctrl_iface_track_sta_list(struct ho
struct hostapd_sta_info *info;
struct os_reltime now;
+ if (!iface->num_sta_seen)
+ return 0;
+
sta_track_expire(iface, 0);
pos = buf;
@@ -2040,10 +2067,228 @@ static int hostapd_ctrl_iface_track_sta_list(struct ho
#endif /* NEED_AP_MLME */
+static int hostapd_ctrl_iface_req_lci(struct hostapd_data *hapd,
+ const char *cmd)
+{
+ u8 addr[ETH_ALEN];
+
+ if (hwaddr_aton(cmd, addr)) {
+ wpa_printf(MSG_INFO, "CTRL: REQ_LCI: Invalid MAC address");
+ return -1;
+ }
+
+ return hostapd_send_lci_req(hapd, addr);
+}
+
+
+static int hostapd_ctrl_iface_req_range(struct hostapd_data *hapd, char *cmd)
+{
+ u8 addr[ETH_ALEN];
+ char *token, *context = NULL;
+ int random_interval, min_ap;
+ u8 responders[ETH_ALEN * RRM_RANGE_REQ_MAX_RESPONDERS];
+ unsigned int n_responders;
+
+ token = str_token(cmd, " ", &context);
+ if (!token || hwaddr_aton(token, addr)) {
+ wpa_printf(MSG_INFO,
+ "CTRL: REQ_RANGE - Bad destination address");
+ return -1;
+ }
+
+ token = str_token(cmd, " ", &context);
+ if (!token)
+ return -1;
+
+ random_interval = atoi(token);
+ if (random_interval < 0 || random_interval > 0xffff)
+ return -1;
+
+ token = str_token(cmd, " ", &context);
+ if (!token)
+ return -1;
+
+ min_ap = atoi(token);
+ if (min_ap <= 0 || min_ap > WLAN_RRM_RANGE_REQ_MAX_MIN_AP)
+ return -1;
+
+ n_responders = 0;
+ while ((token = str_token(cmd, " ", &context))) {
+ if (n_responders == RRM_RANGE_REQ_MAX_RESPONDERS) {
+ wpa_printf(MSG_INFO,
+ "CTRL: REQ_RANGE: Too many responders");
+ return -1;
+ }
+
+ if (hwaddr_aton(token, responders + n_responders * ETH_ALEN)) {
+ wpa_printf(MSG_INFO,
+ "CTRL: REQ_RANGE: Bad responder address");
+ return -1;
+ }
+
+ n_responders++;
+ }
+
+ if (!n_responders) {
+ wpa_printf(MSG_INFO,
+ "CTRL: REQ_RANGE - No FTM responder address");
+ return -1;
+ }
+
+ return hostapd_send_range_req(hapd, addr, random_interval, min_ap,
+ responders, n_responders);
+}
+
+
+static int hostapd_ctrl_iface_set_neighbor(struct hostapd_data *hapd, char *buf)
+{
+ struct wpa_ssid_value ssid;
+ u8 bssid[ETH_ALEN];
+ struct wpabuf *nr, *lci = NULL, *civic = NULL;
+ char *tmp;
+ int ret;
+
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-stable-11
mailing list