Commit Graph

2128 Commits

Author SHA1 Message Date
Tianling Shen
75eb596357
dnsmasq: remove outdated min-ttl patch
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 8e1fbfe312)
2024-02-20 22:23:18 +08:00
Tianling Shen
88002d1bc7
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-02-12 12:54:55 +08:00
Felix Fietkau
b79583c975 wifi-scripts: fix fullmac phy detection
Checking for AP_VLAN misdetects ath10k-ath12k as fullmac, because of software
crypto limitations. Check for monitor mode support instead, which is more
reliable.

Fixes: https://github.com/openwrt/openwrt/issues/14575
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 2b4941a6f1)
2024-02-09 12:20:48 +01:00
Tianling Shen
d3e7b3812e
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-01-30 12:52:26 +08:00
Rafał Miłecki
1ca61b7b37 uhttpd: handle reload after uhttpd-mod-ubus installation using postinst
Use postinst script to reload service instead of uci-defaults hack. It's
possible thanks to recent base-files change that executes postinst after
uci-defaults.

This fixes support for uhttpd customizations. It's possible (again) to
adjust uhttpd config with custom uci-defaults before it gets started.

Cc: Hauke Mehrtens <hauke@hauke-m.de>
Fixes: d25d281fd6 ("uhttpd: Reload config after uhttpd-mod-ubus was added")
Ref: b799dd3c70 ("base-files: execute package's "postinst" after executing uci-defaults")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 1f11a4e283)
2024-01-27 10:36:43 +01:00
Tianling Shen
09f58ad300
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-01-24 11:18:46 +08:00
David Bauer
c909fdad18 hostapd: ACS: Fix typo in bw_40 frequency array
[Upstream Backport]

The range for the 5 GHz channel 118 was encoded with an incorrect
channel number.

Fixes: ed8e13decc71 (ACS: Extract bw40/80/160 freqs out of acs_usable_bwXXX_chan())
Signed-off-by: Michael Lee <michael-cy.lee@mediatek.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 56d7887917)
2024-01-19 00:20:14 +01:00
Tianling Shen
d28b3f653e
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-01-09 20:24:33 +08:00
Felix Fietkau
9cd0023e54 hostapd: add missing NULL pointer check on radar notification
Fixes a race condition that can lead to a hostapd crash

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit d864f68232)
2024-01-09 11:19:45 +01:00
Tianling Shen
dbdd239436
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-01-05 11:09:54 +08:00
David Bauer
5cc1918a7a dropbear: increase default receive window size
Increasing the receive window size improves throughout on higher-latency
links such as WAN connections. The current default of 24KB caps out at
around 500 KB/s.

Increasing the receive buffer to 256KB increases the throughput to at
least 11 MB/s.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f95eecfb21)
2024-01-03 16:37:13 +01:00
Aviana Cruz
e09c25ca93
odhcpd: update RFC 9096 compliance patch
(cherry picked from commit f58908746d)
2023-12-17 10:38:34 +08:00
Aviana Cruz
efa1a4bd0e
odhcpd: RFC9096 compliance
and allow configuring upper limit for preferred and valid lifetime.

(cherry picked from commit fc7dc7ee65)
2023-12-02 20:39:10 +08:00
Nazar Mokrynskyi
33f9a7be44
hostapd: fix undeclared variable iface_name
Signed-off-by: Nazar Mokrynskyi <nazar@mokrynskyi.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-11-17 19:16:38 +08:00
Tianling Shen
32885f26cf
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-11-10 13:04:12 +08:00
Christian Marangi
f5e9fd624d
hostapd: refresh patches
Refresh patches for hostapd using make package/hostapd/refresh.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 05e516b12d)
2023-11-09 16:10:27 +01:00
Christian Marangi
85d1b43be4
hostapd: permit 40MHz in 802.1s only also for 2.4GHz g/n with noscan
Currently for 802.1s only, for wifi 2.4GHz in g/n mode, 40MHz is never
permitted.

This is probably due to the complexity of setting periodic check for the
intolerant bit. When noscan option is set, we ignore the presence of the
intoleran bit in near AP, so we can enable 40MHz and ignore any complex
logic for checking.

Fixes: #13112
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 6c9ac57d58)
2023-11-09 16:10:26 +01:00
Christian Marangi
1cab0d74b3
hostapd: permit also channel 7 for 2.5GHz to be set to HT40PLUS
Also channel 7 for 2.4GHz can be set to HT40PLUS. Permit this and add it
to the list of the channels.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit b1c7b1bd67)
2023-11-09 16:10:26 +01:00
Christian Marangi
c9e8453de7
hostapd: fix broke noscan option for mesh
noscan option for mesh was broken and actually never applied.

This is caused by a typo where ssid->noscan value is check instead of
conf->noscan resulting in the logic swapped and broken.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 1b5ea2e199)
2023-11-09 16:10:26 +01:00
Felix Fietkau
6de0e0d01a hostapd: use rtnl to set up interfaces
In wpa_supplicant, set up wlan interfaces before adding them

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit c2a30b6e01)
2023-11-08 12:47:46 +01:00
Felix Fietkau
bbfb920e99 wifi: fix applying mesh parameters when wpa_supplicant is in use
Apply them directly using nl80211 after setting up the interface.
Use the same method in wdev.uc as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 531314260d)
2023-11-08 12:47:42 +01:00
Tianling Shen
73eac7e437
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-11-04 12:58:38 +08:00
Kevin Darbyshire-Bryant
610ae4d344 odhcpd: Bump to latest commits
d8118f6 config: make sure timer is not on the timeouts list before freeing
4bbc6e7 add hostsfile output in addition to statefile

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 0221b86032)
2023-11-03 08:27:52 +01:00
Petr Štetiar
65a10c8230
hostapd: fix broken WPS on broadcom-wl and ath11k
Upgrading wpa_supplicant from 2.9 to 2.10 breaks broadcom-wl/ath11k
based adapters. The reason for it is hostapd tries to install additional
IEs for scanning while the driver does not support this.

The kernel indicates the maximum number of bytes for additional scan IEs
using the NL80211_ATTR_MAX_SCAN_IE_LEN attribute. Save this value and
only add additional scan IEs in case the driver can accommodate these
additional IEs.

Bug: http://lists.infradead.org/pipermail/hostap/2022-January/040178.html
Bug-Debian: https://bugs.debian.org/1004524
Bug-ArchLinux: https://bugs.archlinux.org/task/73495
Upstream-Status: Changes Requested [https://patchwork.ozlabs.org/project/hostap/patch/20220130192200.10883-1-mail@david-bauer.net]
Reported-by: Étienne Morice <neon.emorice@mail.com>
Tested-by: Étienne Morice <neon.emorice@mail.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 6dca88aa4a)
2023-11-02 14:44:48 +00:00
Tianling Shen
118e064605
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-11-02 12:48:52 +08:00
David Bauer
16fcad47a4 hostapd: fix OWE association with mbedtls
The code for hostapd-mbedtls did not work when used for OWE association.

When handling association requests, the buffer offsets and length
assumptions were incorrect, leading to never calculating the y point,
thus denying association.

Also when crafting the association response, the buffer contained the
trailing key-type.

Fix up both issues to adhere to the specification and make
hostapd-mbedtls work with the OWE security type.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 39341f422f)
2023-10-31 21:15:57 +01:00
Felix Fietkau
eaf44c5696 hostapd: do not trim trailing whitespace, except for newline
Fixes adding SSID or key with trailing whitespace

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit a2d8226c4f)
2023-10-31 13:30:11 +01:00
Tianling Shen
e6544d6fd7
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-10-29 11:16:33 +08:00
Felix Fietkau
5368066e9b umdns: update to the latest version
479c7f8676d9 cache: make record/hostname lookup case-insensitive
26c97a5a50bf ubus: add a browse flag for suppressing cached ip addresses
c286c51a9bd9 Fix AVL tree traversal in cache_record_find and cache_host_is_known
4035fe42df58 interface: use a global socket instead of per-interface ones
c63d465698c7 cache: dump hostname target from srv records
b42b22152d73 use hostname from SRV record to look up IP addresses
d45c443aa1e6 ubus: add array flag support for the hosts method

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 3e1ac00ccb)
2023-10-28 09:19:46 +02:00
Tianling Shen
68d42e7f79
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-10-01 10:19:42 +08:00
Nick Hainke
7fe85ce1f2 hostapd: increase PKG_RELEASE to fix builds
Recent hostapd changes just edited the ucode files. It is required to
bump the PKG_RELEASE to include the newest changes in the latest builds.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 91d2ead3c3)
2023-09-29 11:29:36 +02:00
Felix Fietkau
02ed2b0271 hostapd: fix wpa_supplicant mac address allocation on ap+sta
If the full interface is restarted while bringing up an AP, it can trigger a
wpa_supplicant interface start before wpa_supplicant is notified of the
allocated mac addresses.
Fix this by moving the iface_update_supplicant_macaddr call to just after
the point where mac addresses are allocated.

Reported-by: Michael-cy Lee (李峻宇) <Michael-cy.Lee@mediatek.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit abceef120d)
2023-09-28 10:32:59 +02:00
Tianling Shen
41facd7b24
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-09-28 11:01:47 +08:00
Felix Fietkau
782341458c hostapd: fix mac address of interfaces created via wdev.uc
Use the wdev config with the generated MAC address

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 0c43a48735)
2023-09-27 15:04:36 +02:00
Felix Fietkau
849f0ea65c hostapd: fix rare crash with AP+STA and ACS enabled
Ensure that the iface disable in uc_hostapd_iface_start also clears the ACS
state.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit f1bb528ae7)
2023-09-27 14:05:40 +02:00
Tianling Shen
3e7e2eb5df
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-09-25 22:46:45 +08:00
Felix Fietkau
2f30dec3cb hostapd: fix patch rebase after a crash fix
The patch refresh accidentally moved the hostapd_ucode_free_iface call to
the wrong function

Fixes: e9722aef9e ("hostapd: fix a crash when disabling an interface during channel list update")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 3a5ad6e3d7)
2023-09-22 20:01:43 +02:00
Felix Fietkau
fe1028e89c hostapd: fix wpa_supplicant bringup with non-nl80211 drivers
Needed for wired 802.1x

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit fd6d7aafb2)
2023-09-22 08:11:04 +02:00
Tianling Shen
f39a48885c
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-09-21 21:20:14 +08:00
Felix Fietkau
eda1545e6e hostapd: add missing NULL pointer check in uc_hostapd_iface_stop
Avoid crashing if the interface has already been removed

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 4145ff4d8a)
2023-09-20 18:43:35 +02:00
Felix Fietkau
6019945e96 hostapd: fix a crash when disabling an interface during channel list update
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit e9722aef9e)
2023-09-20 14:11:53 +02:00
Felix Fietkau
09b9d732ec hostapd: use phy name for hostapd interfaces instead of first-bss ifname
Improves reliability in error handling

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit a511480368)
2023-09-19 11:57:18 +02:00
Tianling Shen
0d63af7827
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-09-19 10:07:18 +08:00
Felix Fietkau
5e3f86a101 hostapd: select libopenssl-legacy for openssl variants
Without it, a lot of authentication modes fail without obvious error messages

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 560965d582)
2023-09-18 16:52:25 +02:00
Felix Fietkau
90d5961751 hostapd: remove eap-eap192 auth type value
It is no longer used

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit b0501d380f)
2023-09-18 16:52:25 +02:00
Felix Fietkau
6798f156f9 hostapd: support eap-eap2 and eap2 auth_type values
WPA3 Enterprise-transitional requires optional MFP support and SHA1+SHA256
WPA3 Enterprise-only requires SHA1 support disabled and mandatory MFP.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit b63df6ce5d)
2023-09-18 16:52:25 +02:00
Felix Fietkau
98d0ee9dbf hostapd: fix FILS key mgmt type for WPA3 Enterprise 192 bit
Use the SHA384 variant to account for longer keys with more security

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit f0d1349b52)
2023-09-18 16:52:25 +02:00
Felix Fietkau
9720b094ae hostapd: backport from master, including ucode based reload support
This significantly improves config reload behavior and also fixes some
corner cases related to running AP + mesh interfaces at the same time.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-09-18 16:52:25 +02:00
Tianling Shen
d8eac4890a
Merge Official Source
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-08-20 21:43:32 +08:00
Stijn Tintel
5deed175a5 hostapd: revert upstream commit to fix #13156
Commit e978072baaca ("Do prune_association only after the STA is
authorized") causes issues when an STA roams from one interface to
another interface on the same PHY. The mt7915 driver is not able to
handle this properly. While the commits fixes a DoS, there are other
devices and drivers with the same limitation, so revert to the orginal
behavior for now, until we have a better solution in place.

Fixes: #13156
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 324673914d)
2023-08-19 16:01:06 +02:00