In AP+STA mode, wifi-scripts emits start_disabled=1 in the per-BSS
section of the generated hostapd config so that hostapd defers
beaconing on every BSS until apsta_state up clears the flag for the
whole iface (uc_hostapd_iface_start clears start_disabled on every BSS
and calls ieee802_11_set_beacon).
When a new BSS is added later via iface.add_bss while the iface is
already in HAPD_IFACE_ENABLED state, the freshly parsed config still
carries start_disabled=1 for that BSS. hostapd_setup_bss is invoked
with start_beacon=true, but hostapd_start_beacon then skips
ieee802_11_set_beacon because conf->start_disabled is set. The kernel
netdev is created without ever starting beacons, the carrier never
comes up, and probe-response transmission attempts fail with
"handle_probe_req: send failed".
Mirror what iface.start does: when the iface is already enabled, the
apsta channel selection has happened, so clear start_disabled for the
incoming BSS before starting it.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Surface SAE confirm mismatches (wrong password) through the same
key-mismatch ubus notification that is already used for PSK failures, so
consumers can react uniformly regardless of the authentication method.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
mld_set_config() treated any call with empty prev_mld as a fresh
configuration and triggered a full Reload all interfaces, even when the
new config was also empty (the typical path on non-MLD devices).
Reloading every BSS on each netifd reconf disrupted associated stations
including PMF-protected backhaul STAs, which would self-deauth after the
SA Query timeout.
Only treat the call as a new configuration when the new config is
actually non-empty.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Add missing wpabuf_free calls to the hostapd_rrm_nr_set and
hostapd_rrm_beacon_req functions.
Signed-off-by: Vladimir Palevich <palevichva@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22538
Signed-off-by: Nick Hainke <vincent@systemli.org>
parent_tsf in struct rrm_measurement_beacon_report is le32 (32-bit),
but was being added with blobmsg_add_u16, truncating the value.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The beacon measurement token was not included in the ubus beacon-report
notification, causing consumers that need the token (e.g. for constructing
Beacon Metrics Response TLVs) to receive null.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Use blobmsg_add_u32 for non-bool fields in order to avoid wrong
interpretations of the data on JSON/ucode conversion.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The Reporting Detail value is a 1-byte field, but was written as le16,
producing a 2-byte write that also contradicts the length field of 1
in the subelement header.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The reporting detail subelement (up to 3 bytes) was not accounted for
in the wpabuf allocation, causing a crash when reporting_detail is set
to a valid value (0, 1, or 2).
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Without initializing pwd_group, it's set to 0, which is reserved value.
When EAP-PWD is used in wpa_supplicant/eapol_test, next error is seen:
EAP-PWD: Server EAP-pwd-ID proposal: group=0 random=1 prf=1 prep=0
EAP-pwd: Unsupported or disabled proposal
Signed-off-by: Yaroslav Isakov <yaroslav.isakov@gmail.com>
Secondary BSSes inherit the alloc value which bypasses
NL80211_ATTR_VIF_RADIO_MASK in nl80211_create_iface() and causes the
kernel to default new interfaces to all radios.
The ucode bss_create fallback fails to correct this because
the interface is already UP.. the kernel rejects SET_INTERFACE with
-EBUSY.
Signed-off-by: Chad Monroe <chad@monroe.io>
Code was moved from 601-ucode_support.patch into ucode.{c,h},
but the patch still contained the old hunks. As a result, the patch
no longer applies.
Fix this by dropping the moved code from 601-ucode_support.patch.
Fixes: a7756346c730 ("hostapd: extend DPP ucode API with WPS M7/M8 encrypted settings handling")
Signed-off-by: Nick Hainke <vincent@systemli.org>
Add callbacks to intercept WPS M7 reception (registrar side) and M8
reception (enrollee side), allowing external code to inject extra
encrypted attributes and optionally skip credential building.
On the registrar side, the m7_rx callback receives the decrypted M7
content and can return extra data to include in M8's encrypted settings
as well as a flag to skip credential generation.
On the enrollee side, add a wps_set_m7 method to set extra encrypted
data for M7, and a m8_rx callback to handle the decrypted M8 content
externally.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Add a ucode API to hostapd and wpa_supplicant for external DPP frame
handling. This allows an external controller to intercept DPP frames
and handle the DPP protocol externally.
The API provides:
- RX callbacks (dpp_rx_action, dpp_rx_gas) called when DPP frames are
received, allowing external handling before internal processing
- TX methods (dpp_send_action, dpp_send_gas_resp/dpp_send_gas_req) for
transmitting DPP frames
- A ubus channel-based API (dpp_channel) for bidirectional communication
with exclusive hook registration per interface
- CCE control for hostapd (set_cce method)
The wpa_supplicant API mirrors hostapd but adapted for STA role:
- Uses tx_gas_req instead of tx_gas_resp
- GAS RX provides full frame instead of parsed query
- No CCE control (AP-only feature)
Both implementations include:
- Timeout handling with automatic channel disconnect after 3 failures
- Hook cleanup on interface removal
- Last-caller-wins semantics for hook registration
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Add a status method to both hostapd and wpa_supplicant ubus objects
that lists all configured interfaces with their wiphy, MAC address,
and running/pending state. For MLO interfaces, links are grouped
under a single entry with per-link status.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Adding base64 encoded beacon data needs the base64 functions to be available
Fixes: b44d4290fe83 ("hostapd: add raw beacon report data to ubus notification")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Extend the taxonomy subsystem to capture the complete association frame
in addition to the existing probe and association IE data.
This adds a new assoc_frame_taxonomy field to struct sta_info and exposes
it via the get_sta_ies ubus method as a base64-encoded "assoc_frame" field.
Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Extend the hostapd_rrm_beacon_req ubus method to support the optional
reporting_detail parameter as defined in IEEE 802.11-2016 section 9.4.2.21.7.
Also fix missing assignment operators (=) in the beacon_req_policy array
initialisation.
Signed-off-by: John Crispin <john@phrozen.org>
Some packages with variants did not specify the default among the
alternatives, so were left without any apk 'provider_priority'
for that package. This caused the apk solver to select the wrong
variant, silently changing the requested package list.
Notable among these were busybox, procd and the hostapd/wpad suite.
This behavior presented in the imagebuilders when creating the
image as follows, silently replacing packages even when explicitly
requested:
$ make image PACKAGES=busybox
...
( 14/148) Installing busybox-selinux (1.37.0-r6)
...
We add 'DEFAULT_VARIANT:=1' to the packages that were missing one,
providing apk with sufficient information to choose the correct
package.
See link below for further examples and discussion.
Link: https://github.com/openwrt/openwrt/pull/21288#issuecomment-3704101422
Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21358
Signed-off-by: Robert Marko <robimarko@gmail.com>
This will allow del_client with ban_time on a broadcast address
to also ban all clients temporarily.
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/18670
Signed-off-by: Robert Marko <robimarko@gmail.com>
Similar to the hostapd control interface, treat ff:ff:ff:ff:ff:ff
as a stand in for "all clients".
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/18670
Signed-off-by: Robert Marko <robimarko@gmail.com>
The CLI tools hostapd_cli and wpa_cli are compiled with
`TARGET_LDFLAGS_C` rather than the standard `TARGET_LDFLAGS`.
This variable is empty, leading to global linker options not being
applied.
Set this variable equal to `TARGET_LDFLAGS` right after the package.mk
include to make sure global linker options are applied, but local options
such as linking to crypto libraries are not.
Signed-off-by: Matthias Van Parys <matthias.vanparys@softathome.com>
Link: https://github.com/openwrt/openwrt/pull/20345
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The function was using phydev.name (e.g., "phy0.0") instead of
phydev.phy (e.g., "phy0") when calling wpa_supplicant.phy_set_macaddr_list.
This is inconsistent with all other wpa_supplicant ubus calls in the same
file which correctly use phydev.phy.
Reported-by: Michael-cy Lee (李峻宇) <Michael-cy.Lee@mediatek.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Assign the address at wdev create time, similar to legacy interfaces.
Reported-by: Michael-cy Lee (李峻宇) <Michael-cy.Lee@mediatek.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This allows wpa_supplicant to process pending netlink socket messages
first. Without this change, there is a race condition where the newly
created interface processes netlink events from the removal of the
previous interface.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This makes it possible to have more flexible control over the supplicant
without having to install wpa_cli.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Whenever the first bss is removed, any pending scan still keeps a reference
to it. Cancel it in order to prevent use-after-free bugs.
Reported-by: Chad Monroe <chad.monroe@adtran.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
When lots of events are waiting to be received, the default buffer size
is not enough, and hostapd can run into "No buffer space available" on
recvmsg. This will cause the netdev state tracking to go out of sync.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Interface might be down or scanning. Better do a full restart in order to avoid
messing up the runtime state.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Do not allow hostapd phy state update to bring up links as long between mld_set
and mld_start calls. Configuration on other PHYs could still be pending.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Bring up AP interfaces, even if no frequency update was provided.
Fixes bringup when a MLO STA on the same radios connects to fewer links
than available, or to a non-MLD AP.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
