mirrors/openwrt
1
0
Fork 0
mirror of https://git.openwrt.org/openwrt/openwrt.git synced 2026-05-05 01:46:11 +02:00
Code Issues Projects Releases Wiki Activity

hostapd: emit ubus key-mismatch event for SAE confirm failures

Browse Source 
Surface SAE confirm mismatches (wrong password) through the same
key-mismatch ubus notification that is already used for PSK failures, so
consumers can react uniformly regardless of the authentication method.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
This commit is contained in:
Felix Fietkau 2026-05-04 07:58:40 +00:00
parent 94fc66cce9
commit a86da0bd1e
3 changed files with 21 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
package/network/services/hostapd/patches/600-ubus_support.patch
View File

@ -195,7 +195,15 @@ probe/assoc/auth requests via object subscribe.
struct hostapd_iface * hostapd_alloc_iface(void);
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -4077,7 +4077,7 @@ static void handle_auth(struct hostapd_d
@@ -2026,6 +2026,7 @@ static void handle_auth_sae(struct hosta
if (sae_check_confirm(sta->sae, var, var_len,
NULL) < 0) {
+ hostapd_ubus_notify(hapd, "key-mismatch", sta->addr);
if (sae_password_track_fail(hapd, sta)) {
wpa_printf(MSG_DEBUG,
"SAE: Reject mismatching Confirm so that another password can be attempted by "
@@ -4077,7 +4078,7 @@ static void handle_auth(struct hostapd_d
u16 auth_alg, auth_transaction, status_code;
u16 resp = WLAN_STATUS_SUCCESS;
struct sta_info *sta = NULL;
@ -204,7 +212,7 @@ probe/assoc/auth requests via object subscribe.
u16 fc;
const u8 *challenge = NULL;
u8 resp_ies[2 + WLAN_AUTH_CHALLENGE_LEN];
@@ -4116,6 +4116,11 @@ static void handle_auth(struct hostapd_d
@@ -4116,6 +4117,11 @@ static void handle_auth(struct hostapd_d
else
sa = mgmt->sa;
#endif /* CONFIG_IEEE80211BE */
@ -216,7 +224,7 @@ probe/assoc/auth requests via object subscribe.
auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
auth_transaction = le_to_host16(mgmt->u.auth.auth_transaction);
@@ -4306,6 +4311,13 @@ static void handle_auth(struct hostapd_d
@@ -4306,6 +4312,13 @@ static void handle_auth(struct hostapd_d
resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
goto fail;
}
@ -230,7 +238,7 @@ probe/assoc/auth requests via object subscribe.
if (res == HOSTAPD_ACL_PENDING)
return;
@@ -6999,7 +7011,7 @@ static void handle_assoc(struct hostapd_
@@ -6999,7 +7012,7 @@ static void handle_assoc(struct hostapd_
int resp = WLAN_STATUS_SUCCESS;
u16 reply_res = WLAN_STATUS_UNSPECIFIED_FAILURE;
const u8 *pos;
@ -239,7 +247,7 @@ probe/assoc/auth requests via object subscribe.
struct sta_info *sta;
u8 *tmp = NULL;
#ifdef CONFIG_FILS
@@ -7255,6 +7267,11 @@ static void handle_assoc(struct hostapd_
@@ -7255,6 +7268,11 @@ static void handle_assoc(struct hostapd_
left = res;
}
#endif /* CONFIG_FILS */
@ -251,7 +259,7 @@ probe/assoc/auth requests via object subscribe.
/* followed by SSID and Supported rates; and HT capabilities if 802.11n
* is used */
@@ -7347,6 +7364,7 @@ static void handle_assoc(struct hostapd_
@@ -7347,6 +7365,7 @@ static void handle_assoc(struct hostapd_
#ifdef CONFIG_TAXONOMY
taxonomy_sta_info_assoc_req(hapd, sta, pos, left);
@ -259,7 +267,7 @@ probe/assoc/auth requests via object subscribe.
#endif /* CONFIG_TAXONOMY */
sta->pending_wds_enable = 0;
@@ -7360,6 +7378,13 @@ static void handle_assoc(struct hostapd_
@@ -7360,6 +7379,13 @@ static void handle_assoc(struct hostapd_
}
#endif /* CONFIG_FILS */
@ -273,7 +281,7 @@ probe/assoc/auth requests via object subscribe.
fail:
/*
@@ -7598,6 +7623,7 @@ static void handle_disassoc(struct hosta
@@ -7598,6 +7624,7 @@ static void handle_disassoc(struct hosta
(unsigned long) len);
return;
}
@ -281,7 +289,7 @@ probe/assoc/auth requests via object subscribe.
sta = ap_get_sta(hapd, mgmt->sa);
if (!sta) {
@@ -7629,6 +7655,8 @@ static void handle_deauth(struct hostapd
@@ -7629,6 +7656,8 @@ static void handle_deauth(struct hostapd
/* Clear the PTKSA cache entries for PASN */
ptksa_cache_flush(hapd->ptksa, mgmt->sa, WPA_CIPHER_NONE);

2
package/network/services/hostapd/patches/601-ucode_support.patch
View File

@ -494,7 +494,7 @@ as adding/removing interfaces.
}
}
@@ -4466,6 +4489,12 @@ static void handle_auth(struct hostapd_d
@@ -4467,6 +4490,12 @@ static void handle_auth(struct hostapd_d
goto fail;
}

6
package/network/services/hostapd/patches/780-Implement-APuP-Access-Point-Micro-Peering.patch
View File

@ -373,7 +373,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
#ifdef CONFIG_FILS
static struct wpabuf *
@@ -4868,8 +4871,8 @@ static u16 check_multi_ap(struct hostapd
@@ -4869,8 +4872,8 @@ static u16 check_multi_ap(struct hostapd
}
@ -384,7 +384,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
{
/* Supported rates not used in IEEE 802.11ad/DMG */
if (hapd->iface->current_mode &&
@@ -5337,7 +5340,7 @@ static int __check_assoc_ies(struct host
@@ -5338,7 +5341,7 @@ static int __check_assoc_ies(struct host
elems->ext_capab_len);
if (resp != WLAN_STATUS_SUCCESS)
goto out;
@ -393,7 +393,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
if (resp != WLAN_STATUS_SUCCESS)
goto out;
@@ -7719,6 +7722,11 @@ static void handle_beacon(struct hostapd
@@ -7720,6 +7723,11 @@ static void handle_beacon(struct hostapd
0);
ap_list_process_beacon(hapd->iface, mgmt, &elems, fi);