-
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
hostapd: adjust patches to work with git am
This adds From:, Date: and Subject: to patches, allowing one to run 'git am' to import the patches to a hostapd git repository. From: and Date: fields were taken from the OpenWrt commit where the patches were first introduced. Most of the Subject: also followed suit, except for: - 300-noscan.patch: Took the description from the LuCI web interface - 350-nl80211_del_beacon_bss.patch: Used the file name The order of the files in the patch was changed to match what git format-patch does. Signed-off-by: Eneas U de Queiroz <[email protected]>
- Loading branch information
1 parent
4da14d3
commit e9a9ac9
Showing
40 changed files
with
1,217 additions
and
940 deletions.
There are no files selected for viewing
4 changes: 4 additions & 0 deletions
4
package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,7 @@ | ||
| From: Felix Fietkau <[email protected]> | ||
| Date: Tue, 25 May 2021 10:50:16 +0200 | ||
| Subject: [PATCH] fix adding back stations after a missed deauth/disassoc | ||
|
|
||
| --- a/src/ap/ieee802_11.c | ||
| +++ b/src/ap/ieee802_11.c | ||
| @@ -4653,6 +4653,13 @@ static int add_associated_sta(struct hos | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -21,7 +21,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
|
|
||
| --- a/hostapd/Makefile | ||
| +++ b/hostapd/Makefile | ||
| @@ -747,6 +747,40 @@ endif | ||
| @@ -746,6 +746,40 @@ endif | ||
| CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\" | ||
| endif | ||
|
|
||
|
|
@@ -62,7 +62,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
| ifeq ($(CONFIG_TLS), gnutls) | ||
| ifndef CONFIG_CRYPTO | ||
| # default to libgcrypt | ||
| @@ -926,9 +960,11 @@ endif | ||
| @@ -925,9 +959,11 @@ endif | ||
|
|
||
| ifneq ($(CONFIG_TLS), openssl) | ||
| ifneq ($(CONFIG_TLS), wolfssl) | ||
|
|
@@ -74,7 +74,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
| ifdef NEED_AES_EAX | ||
| AESOBJS += ../src/crypto/aes-eax.o | ||
| NEED_AES_CTR=y | ||
| @@ -938,38 +974,48 @@ AESOBJS += ../src/crypto/aes-siv.o | ||
| @@ -937,38 +973,48 @@ AESOBJS += ../src/crypto/aes-siv.o | ||
| NEED_AES_CTR=y | ||
| endif | ||
| ifdef NEED_AES_CTR | ||
|
|
@@ -123,7 +123,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
| ifdef NEED_AES_DEC | ||
| ifdef CONFIG_INTERNAL_AES | ||
| AESOBJS += ../src/crypto/aes-internal-dec.o | ||
| @@ -984,12 +1030,16 @@ ifneq ($(CONFIG_TLS), openssl) | ||
| @@ -983,12 +1029,16 @@ ifneq ($(CONFIG_TLS), openssl) | ||
| ifneq ($(CONFIG_TLS), linux) | ||
| ifneq ($(CONFIG_TLS), gnutls) | ||
| ifneq ($(CONFIG_TLS), wolfssl) | ||
|
|
@@ -140,7 +140,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
| ifdef CONFIG_INTERNAL_SHA1 | ||
| SHA1OBJS += ../src/crypto/sha1-internal.o | ||
| ifdef NEED_FIPS186_2_PRF | ||
| @@ -998,16 +1048,22 @@ endif | ||
| @@ -997,16 +1047,22 @@ endif | ||
| endif | ||
| ifneq ($(CONFIG_TLS), openssl) | ||
| ifneq ($(CONFIG_TLS), wolfssl) | ||
|
|
@@ -163,7 +163,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
|
|
||
| ifdef NEED_SHA1 | ||
| OBJS += $(SHA1OBJS) | ||
| @@ -1017,11 +1073,13 @@ ifneq ($(CONFIG_TLS), openssl) | ||
| @@ -1016,11 +1072,13 @@ ifneq ($(CONFIG_TLS), openssl) | ||
| ifneq ($(CONFIG_TLS), linux) | ||
| ifneq ($(CONFIG_TLS), gnutls) | ||
| ifneq ($(CONFIG_TLS), wolfssl) | ||
|
|
@@ -177,7 +177,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
|
|
||
| ifdef NEED_MD5 | ||
| ifdef CONFIG_INTERNAL_MD5 | ||
| @@ -1060,56 +1118,81 @@ ifneq ($(CONFIG_TLS), openssl) | ||
| @@ -1059,56 +1117,81 @@ ifneq ($(CONFIG_TLS), openssl) | ||
| ifneq ($(CONFIG_TLS), linux) | ||
| ifneq ($(CONFIG_TLS), gnutls) | ||
| ifneq ($(CONFIG_TLS), wolfssl) | ||
|
|
@@ -259,7 +259,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
|
|
||
| ifdef CONFIG_INTERNAL_SHA384 | ||
| CFLAGS += -DCONFIG_INTERNAL_SHA384 | ||
| @@ -1154,11 +1237,13 @@ HOBJS += $(SHA1OBJS) | ||
| @@ -1153,11 +1236,13 @@ HOBJS += $(SHA1OBJS) | ||
| ifneq ($(CONFIG_TLS), openssl) | ||
| ifneq ($(CONFIG_TLS), linux) | ||
| ifneq ($(CONFIG_TLS), wolfssl) | ||
|
|
@@ -273,7 +273,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
|
|
||
| ifdef CONFIG_RADIUS_SERVER | ||
| CFLAGS += -DRADIUS_SERVER | ||
| @@ -1331,7 +1416,9 @@ NOBJS += ../src/utils/trace.o | ||
| @@ -1330,7 +1415,9 @@ NOBJS += ../src/utils/trace.o | ||
| endif | ||
|
|
||
| HOBJS += hlr_auc_gw.o ../src/utils/common.o ../src/utils/wpa_debug.o ../src/utils/os_$(CONFIG_OS).o ../src/utils/wpabuf.o ../src/crypto/milenage.o | ||
|
|
@@ -283,7 +283,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
| ifdef CONFIG_INTERNAL_AES | ||
| HOBJS += ../src/crypto/aes-internal.o | ||
| HOBJS += ../src/crypto/aes-internal-enc.o | ||
| @@ -1354,13 +1441,17 @@ SOBJS += ../src/common/sae.o | ||
| @@ -1353,13 +1440,17 @@ SOBJS += ../src/common/sae.o | ||
| SOBJS += ../src/common/sae_pk.o | ||
| SOBJS += ../src/common/dragonfly.o | ||
| SOBJS += $(AESOBJS) | ||
|
|
@@ -7765,7 +7765,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
| CONFIG_SIM_SIMULATOR=y | ||
| --- a/wpa_supplicant/Makefile | ||
| +++ b/wpa_supplicant/Makefile | ||
| @@ -1217,6 +1217,29 @@ endif | ||
| @@ -1216,6 +1216,29 @@ endif | ||
| CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\" | ||
| endif | ||
|
|
||
|
|
@@ -7795,7 +7795,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
| ifeq ($(CONFIG_TLS), gnutls) | ||
| ifndef CONFIG_CRYPTO | ||
| # default to libgcrypt | ||
| @@ -1409,9 +1432,11 @@ endif | ||
| @@ -1408,9 +1431,11 @@ endif | ||
|
|
||
| ifneq ($(CONFIG_TLS), openssl) | ||
| ifneq ($(CONFIG_TLS), wolfssl) | ||
|
|
@@ -7807,7 +7807,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
| ifdef CONFIG_OPENSSL_INTERNAL_AES_WRAP | ||
| # Seems to be needed at least with BoringSSL | ||
| NEED_INTERNAL_AES_WRAP=y | ||
| @@ -1425,9 +1450,11 @@ endif | ||
| @@ -1424,9 +1449,11 @@ endif | ||
|
|
||
| ifdef NEED_INTERNAL_AES_WRAP | ||
| ifneq ($(CONFIG_TLS), linux) | ||
|
|
@@ -7819,7 +7819,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
| ifdef NEED_AES_EAX | ||
| AESOBJS += ../src/crypto/aes-eax.o | ||
| NEED_AES_CTR=y | ||
| @@ -1437,35 +1464,45 @@ AESOBJS += ../src/crypto/aes-siv.o | ||
| @@ -1436,35 +1463,45 @@ AESOBJS += ../src/crypto/aes-siv.o | ||
| NEED_AES_CTR=y | ||
| endif | ||
| ifdef NEED_AES_CTR | ||
|
|
@@ -7865,7 +7865,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
| ifdef NEED_AES_ENC | ||
| ifdef CONFIG_INTERNAL_AES | ||
| AESOBJS += ../src/crypto/aes-internal-enc.o | ||
| @@ -1480,12 +1517,16 @@ ifneq ($(CONFIG_TLS), openssl) | ||
| @@ -1479,12 +1516,16 @@ ifneq ($(CONFIG_TLS), openssl) | ||
| ifneq ($(CONFIG_TLS), linux) | ||
| ifneq ($(CONFIG_TLS), gnutls) | ||
| ifneq ($(CONFIG_TLS), wolfssl) | ||
|
|
@@ -7882,7 +7882,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
| ifdef CONFIG_INTERNAL_SHA1 | ||
| SHA1OBJS += ../src/crypto/sha1-internal.o | ||
| ifdef NEED_FIPS186_2_PRF | ||
| @@ -1497,29 +1538,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2 | ||
| @@ -1496,29 +1537,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2 | ||
| else | ||
| ifneq ($(CONFIG_TLS), openssl) | ||
| ifneq ($(CONFIG_TLS), wolfssl) | ||
|
|
@@ -7920,7 +7920,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
| ifdef NEED_MD5 | ||
| ifdef CONFIG_INTERNAL_MD5 | ||
| MD5OBJS += ../src/crypto/md5-internal.o | ||
| @@ -1574,12 +1623,17 @@ ifneq ($(CONFIG_TLS), openssl) | ||
| @@ -1573,12 +1622,17 @@ ifneq ($(CONFIG_TLS), openssl) | ||
| ifneq ($(CONFIG_TLS), linux) | ||
| ifneq ($(CONFIG_TLS), gnutls) | ||
| ifneq ($(CONFIG_TLS), wolfssl) | ||
|
|
@@ -7938,7 +7938,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
| ifdef CONFIG_INTERNAL_SHA256 | ||
| SHA256OBJS += ../src/crypto/sha256-internal.o | ||
| endif | ||
| @@ -1592,50 +1646,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512 | ||
| @@ -1591,50 +1645,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512 | ||
| SHA256OBJS += ../src/crypto/sha512-internal.o | ||
| endif | ||
| ifdef NEED_TLS_PRF_SHA256 | ||
|
|
@@ -8007,7 +8007,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
|
|
||
| ifdef NEED_ASN1 | ||
| OBJS += ../src/tls/asn1.o | ||
| @@ -1810,10 +1882,12 @@ ifdef CONFIG_FIPS | ||
| @@ -1809,10 +1881,12 @@ ifdef CONFIG_FIPS | ||
| CFLAGS += -DCONFIG_FIPS | ||
| ifneq ($(CONFIG_TLS), openssl) | ||
| ifneq ($(CONFIG_TLS), wolfssl) | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -12,7 +12,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
|
|
||
| --- a/hostapd/Makefile | ||
| +++ b/hostapd/Makefile | ||
| @@ -761,10 +761,6 @@ endif | ||
| @@ -760,10 +760,6 @@ endif | ||
| OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o | ||
| HOBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o | ||
| SOBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o | ||
|
|
@@ -101,7 +101,7 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
|
|
||
| --- a/wpa_supplicant/Makefile | ||
| +++ b/wpa_supplicant/Makefile | ||
| @@ -1228,10 +1228,6 @@ endif | ||
| @@ -1227,10 +1227,6 @@ endif | ||
| OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o | ||
| OBJS_p += ../src/crypto/crypto_$(CONFIG_CRYPTO).o | ||
| OBJS_priv += ../src/crypto/crypto_$(CONFIG_CRYPTO).o | ||
|
|
||
14 changes: 11 additions & 3 deletions
14
package/network/services/hostapd/patches/135-mbedtls-fix-owe-association.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,10 +1,18 @@ | ||
| From: David Bauer <[email protected]> | ||
| Date: Tue, 24 Oct 2023 03:07:48 +0200 | ||
| Subject: [PATCH] hostapd: fix OWE association with mbedtls | ||
|
|
||
| The code for hostapd-mbedtls did not work when used for OWE association. | ||
|
|
||
| When handling association requests, the buffer offsets and length assumptions were incorrect, leading to never calculating the y point, thus denying association. | ||
| When handling association requests, the buffer offsets and length | ||
| assumptions were incorrect, leading to never calculating the y point, | ||
| thus denying association. | ||
|
|
||
| Also when crafting the association response, the buffer contained the trailing key-type. | ||
| Also when crafting the association response, the buffer contained the | ||
| trailing key-type. | ||
|
|
||
| Fix up both issues to adhere to the specification and make hostapd-mbedtls work with the OWE security type. | ||
| Fix up both issues to adhere to the specification and make | ||
| hostapd-mbedtls work with the OWE security type. | ||
|
|
||
| --- a/src/crypto/crypto_mbedtls.c | ||
| +++ b/src/crypto/crypto_mbedtls.c | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -61,47 +61,47 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
|
|
||
| --- a/hostapd/Makefile | ||
| +++ b/hostapd/Makefile | ||
| @@ -698,6 +698,7 @@ CFLAGS += -DCONFIG_TLSV12 | ||
| @@ -697,6 +697,7 @@ CFLAGS += -DCONFIG_TLSV12 | ||
| endif | ||
|
|
||
| ifeq ($(CONFIG_TLS), wolfssl) | ||
| +CFLAGS += -DCONFIG_TLS_WOLFSSL | ||
| CONFIG_CRYPTO=wolfssl | ||
| ifdef TLS_FUNCS | ||
| OBJS += ../src/crypto/tls_wolfssl.o | ||
| @@ -718,6 +719,7 @@ endif | ||
| @@ -717,6 +718,7 @@ endif | ||
| endif | ||
|
|
||
| ifeq ($(CONFIG_TLS), openssl) | ||
| +CFLAGS += -DCONFIG_TLS_OPENSSL | ||
| CFLAGS += -DCRYPTO_RSA_OAEP_SHA256 | ||
| CONFIG_CRYPTO=openssl | ||
| ifdef TLS_FUNCS | ||
| @@ -748,6 +750,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF | ||
| @@ -747,6 +749,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF | ||
| endif | ||
|
|
||
| ifeq ($(CONFIG_TLS), mbedtls) | ||
| +CFLAGS += -DCONFIG_TLS_MBEDTLS | ||
| ifndef CONFIG_CRYPTO | ||
| CONFIG_CRYPTO=mbedtls | ||
| endif | ||
| @@ -778,6 +781,7 @@ endif | ||
| @@ -777,6 +780,7 @@ endif | ||
| endif | ||
|
|
||
| ifeq ($(CONFIG_TLS), gnutls) | ||
| +CFLAGS += -DCONFIG_TLS_GNUTLS | ||
| ifndef CONFIG_CRYPTO | ||
| # default to libgcrypt | ||
| CONFIG_CRYPTO=gnutls | ||
| @@ -808,6 +812,7 @@ endif | ||
| @@ -807,6 +811,7 @@ endif | ||
| endif | ||
|
|
||
| ifeq ($(CONFIG_TLS), internal) | ||
| +CFLAGS += -DCONFIG_TLS_INTERNAL | ||
| ifndef CONFIG_CRYPTO | ||
| CONFIG_CRYPTO=internal | ||
| endif | ||
| @@ -886,6 +891,7 @@ endif | ||
| @@ -885,6 +890,7 @@ endif | ||
| endif | ||
|
|
||
| ifeq ($(CONFIG_TLS), linux) | ||
|
|
@@ -1294,47 +1294,47 @@ Signed-off-by: Glenn Strauss <[email protected]> | |
| if (need_more_data) { | ||
| --- a/wpa_supplicant/Makefile | ||
| +++ b/wpa_supplicant/Makefile | ||
| @@ -1176,6 +1176,7 @@ CFLAGS += -DCONFIG_TLSV12 | ||
| @@ -1175,6 +1175,7 @@ CFLAGS += -DCONFIG_TLSV12 | ||
| endif | ||
|
|
||
| ifeq ($(CONFIG_TLS), wolfssl) | ||
| +CFLAGS += -DCONFIG_TLS_WOLFSSL | ||
| ifdef TLS_FUNCS | ||
| CFLAGS += -DWOLFSSL_DER_LOAD | ||
| OBJS += ../src/crypto/tls_wolfssl.o | ||
| @@ -1191,6 +1192,7 @@ LIBS_p += -lwolfssl -lm | ||
| @@ -1190,6 +1191,7 @@ LIBS_p += -lwolfssl -lm | ||
| endif | ||
|
|
||
| ifeq ($(CONFIG_TLS), openssl) | ||
| +CFLAGS += -DCONFIG_TLS_OPENSSL | ||
| CFLAGS += -DCRYPTO_RSA_OAEP_SHA256 | ||
| ifdef TLS_FUNCS | ||
| CFLAGS += -DEAP_TLS_OPENSSL | ||
| @@ -1218,6 +1220,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF | ||
| @@ -1217,6 +1219,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF | ||
| endif | ||
|
|
||
| ifeq ($(CONFIG_TLS), mbedtls) | ||
| +CFLAGS += -DCONFIG_TLS_MBEDTLS | ||
| ifndef CONFIG_CRYPTO | ||
| CONFIG_CRYPTO=mbedtls | ||
| endif | ||
| @@ -1237,6 +1240,7 @@ endif | ||
| @@ -1236,6 +1239,7 @@ endif | ||
| endif | ||
|
|
||
| ifeq ($(CONFIG_TLS), gnutls) | ||
| +CFLAGS += -DCONFIG_TLS_GNUTLS | ||
| ifndef CONFIG_CRYPTO | ||
| # default to libgcrypt | ||
| CONFIG_CRYPTO=gnutls | ||
| @@ -1267,6 +1271,7 @@ endif | ||
| @@ -1266,6 +1270,7 @@ endif | ||
| endif | ||
|
|
||
| ifeq ($(CONFIG_TLS), internal) | ||
| +CFLAGS += -DCONFIG_TLS_INTERNAL | ||
| ifndef CONFIG_CRYPTO | ||
| CONFIG_CRYPTO=internal | ||
| endif | ||
| @@ -1347,6 +1352,7 @@ endif | ||
| @@ -1346,6 +1351,7 @@ endif | ||
| endif | ||
|
|
||
| ifeq ($(CONFIG_TLS), linux) | ||
|
|
||
Oops, something went wrong.