[LEDE-DEV,2/2] hostapd: update to version 2017-10-05

Message ID 1507540908-26635-2-git-send-email-koen.vandeputte@ncentric.com
State Superseded
Headers show
Series
  • [LEDE-DEV,1/2] musl: update to 1.1.16+ git HEAD 2017-09-28
Related show

Commit Message

Koen Vandeputte Oct. 9, 2017, 9:21 a.m.
- Refreshed all patches
- Fixes a few important bugs:

--> Fix RSN pre-authentication regression with pre-connection scan
results
--> crypto: Fix undefined behavior in random number generator
--> PMKSA: Fix use-after-free in pmksa_cache_clone_entry()

All changes (Excl. "test updates"):

4a37463 hostapd: Update HE capabilities and HE operation definition
63bc0ab P2P: Allow GO to advertise Interworking element
3567641 Add TX/RX rate info and signal strength into STA output
fa4b605 WPS: Do not increment wildcard_uuid when pin is locked
e37cea3 OCE: Update default scan IEs when OCE is enabled/disabled
ee522d2 Vendor flags for 11ax channel property flags for use with
external ACS
61a56c1 Add group_mgmt network parameter for PMF cipher selection
0ad5893 PAE: Validate input before pointer
fd35ed5 AP: Remove unneeded check for 'added_unassociated'
d55b174 FILS: Vendor attribute to disable driver FILS features
a7297ae Fix hostapd debug messages on wpa_pairwise and rsn_pairwise
parsing
29c940e TDLS: Update the comments related to TPK derivation
3de1566 FILS: Check req_ies for NULL pointer in hostapd_notif_assoc()
1c9663c OpenSSL: Force RSA 3072-bit DH prime size limit for Suite B
2ed70c7 OpenSSL: Add option to disable ECDHE with Suite B RSA
4eb8cfe OpenSSL: Force RSA 3072-bit key size limit for Suite B
6418400 Add hostapd tls_flags parameter
60ed2f2 Suite B: Add tls_suiteb=1 parameter for RSA 3k key case
5030d7d DPP: Allow raw hex PSK to be used for legacy configuration
039ab15 DPP: Add DPP-CONFOBJ-PASS/PSK events for hostapd legacy
configuration
9824de5 Fix EAPOL-Key version check for a corner case with Suite B AKM
3c7863f wpa_supplicant: Support dynamic update of wowlan_triggers
4cada9d FILS: Add DHss into FILS-Key-Data derivation when using FILS
SK+PFS
41b8191 FILS: Update PMKID derivation rules for ERP key hierarchy
establishment
3031133 mesh: Move writing of mesh_rssi_threshold inside CONFIG_MESH
2efc672 Fix RSN pre-authentication regression with pre-connection scan
results
73b3de0 macsec_linux: Exit early when missing macsec kernel module
7612e65 mka: Add error handling for secy_init_macsec() calls
2c66c7d wpa_supplicant: Check length when building ext_capability in
assoc_cb
fdbfb63 nl80211: Fix bridge name print while removing interface from
bridge
333517a crypto: Fix undefined behavior in random number generator
84fccc7 Send Client-Error when AT_KDF attributes from the server are
incorrect
446600c Add AT_KDF attributes to Synchronization-Failure in EAP-AKA'
155bf11 PMKSA: Fix use-after-free in pmksa_cache_clone_entry()
cdf2501 dbus: Add new interface property to get mesh group
190f6f1 dbus: Add new interface property to get connected mesh peers
a9de99b dbus: Add MeshPeerDisconnected signal
9b0701f dbus: Add MeshPeerConnected signal
a39b040 dbus: Add MeshGroupRemoved signal
89e9cd2 dbus: Add MeshGroupStarted signal
49e6a55 FILS: Add a space before MAC address to a HLP debug message
359166e Remove the completely unused FT parameters in driver association
data
c72df3c wlantest: FILS keys and (Re)Association Request/Response frames
6c29d95 wlantest: Support variable length PMK
4675ba1 wlantest: Build helper files with FILS support included
3db2a82 Add SHA-384 routines to libcrypto.a
a0f19e9 SAE: Allow commit fields to be overridden for testing purposes
(STA)
3648d8a SAE: Allow commit fields to be overridden for testing purposes
e753353 SAE: Add testing code for reflection attack
e61fea6 SAE: Fix PMKSA caching behavior in AP mode
a6f238f DPP: Add base64 dependency in makefiles

Tested on cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
---
 package/network/services/hostapd/Makefile          |  6 ++--
 .../hostapd/patches/110-no_eapol_fix.patch         |  2 +-
 .../services/hostapd/patches/200-multicall.patch   | 38 +++++++++++-----------
 .../services/hostapd/patches/300-noscan.patch      |  4 +--
 .../hostapd/patches/310-rescan_immediately.patch   |  2 +-
 .../patches/350-nl80211_del_beacon_bss.patch       | 18 +++++-----
 .../hostapd/patches/360-ctrl_iface_reload.patch    |  2 +-
 .../hostapd/patches/370-ap_sta_support.patch       | 10 +++---
 .../patches/380-disable_ctrl_iface_mib.patch       | 24 +++++++-------
 .../patches/390-wpa_ie_cap_workaround.patch        |  4 +--
 .../hostapd/patches/430-hostapd_cli_ifdef.patch    |  8 ++---
 ...ant-add-new-config-params-to-be-used-with.patch |  8 ++---
 .../patches/462-wpa_s-support-htmode-param.patch   |  8 ++---
 .../hostapd/patches/600-ubus_support.patch         | 32 +++++++++---------
 14 files changed, 83 insertions(+), 83 deletions(-)

Patch

diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile
index 344896c..79df0fc 100644
--- a/package/network/services/hostapd/Makefile
+++ b/package/network/services/hostapd/Makefile
@@ -11,9 +11,9 @@  PKG_RELEASE:=1
 
 PKG_SOURCE_URL:=http://w1.fi/hostap.git
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_DATE:=2017-08-24
-PKG_SOURCE_VERSION:=c2d4f2eb5dba0b5c5a8c5805823084da958a9b52
-PKG_MIRROR_HASH:=c6ad9a73fc1ae0ba8bc48f71cf14394b274bc9c2c1d1b53c2775f08312597e74
+PKG_SOURCE_DATE:=2017-10-05
+PKG_SOURCE_VERSION:=4a37463416254712f3a45097014a93d0b521c4f8
+PKG_MIRROR_HASH:=8f11bd8316fca5ccb746f27a74ae0b3cd5cd9a2b51e41f57fb4550d5536faccc
 
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
 PKG_LICENSE:=BSD-3-Clause
diff --git a/package/network/services/hostapd/patches/110-no_eapol_fix.patch b/package/network/services/hostapd/patches/110-no_eapol_fix.patch
index 3a48a7a..504028c 100644
--- a/package/network/services/hostapd/patches/110-no_eapol_fix.patch
+++ b/package/network/services/hostapd/patches/110-no_eapol_fix.patch
@@ -1,6 +1,6 @@ 
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -265,9 +265,10 @@ void wpa_supplicant_cancel_auth_timeout(
+@@ -269,9 +269,10 @@ void wpa_supplicant_cancel_auth_timeout(
   */
  void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
  {
diff --git a/package/network/services/hostapd/patches/200-multicall.patch b/package/network/services/hostapd/patches/200-multicall.patch
index 7d33c7f..e6d1c76 100644
--- a/package/network/services/hostapd/patches/200-multicall.patch
+++ b/package/network/services/hostapd/patches/200-multicall.patch
@@ -36,7 +36,7 @@ 
  LIBS += $(DRV_AP_LIBS)
  
  ifdef CONFIG_L2_PACKET
-@@ -1204,6 +1210,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR)
+@@ -1205,6 +1211,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR)
  
  BCHECK=../src/drivers/build.hostapd
  
@@ -49,7 +49,7 @@ 
  hostapd: $(BCHECK) $(OBJS)
  	$(Q)$(CC) $(LDFLAGS) -o hostapd $(OBJS) $(LIBS)
  	@$(E) "  LD " $@
-@@ -1248,6 +1260,12 @@ ifeq ($(CONFIG_TLS), linux)
+@@ -1249,6 +1261,12 @@ ifeq ($(CONFIG_TLS), linux)
  HOBJS += ../src/crypto/crypto_linux.o
  endif
  
@@ -72,7 +72,7 @@ 
  
  ifndef CONFIG_NO_GITVER
  # Add VERSION_STR postfix for builds from a git repository
-@@ -357,7 +358,9 @@ endif
+@@ -358,7 +359,9 @@ endif
  ifdef CONFIG_IBSS_RSN
  NEED_RSN_AUTHENTICATOR=y
  CFLAGS += -DCONFIG_IBSS_RSN
@@ -82,7 +82,7 @@ 
  OBJS += ibss_rsn.o
  endif
  
-@@ -861,6 +864,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS
+@@ -862,6 +865,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS
  CFLAGS += -DCONFIG_DYNAMIC_EAP_METHODS
  LIBS += -ldl -rdynamic
  endif
@@ -93,7 +93,7 @@ 
  endif
  
  ifdef CONFIG_AP
-@@ -868,9 +875,11 @@ NEED_EAP_COMMON=y
+@@ -869,9 +876,11 @@ NEED_EAP_COMMON=y
  NEED_RSN_AUTHENTICATOR=y
  CFLAGS += -DCONFIG_AP
  OBJS += ap.o
@@ -105,7 +105,7 @@ 
  OBJS += ../src/ap/hostapd.o
  OBJS += ../src/ap/wpa_auth_glue.o
  OBJS += ../src/ap/utils.o
-@@ -952,6 +961,12 @@ endif
+@@ -953,6 +962,12 @@ endif
  ifdef CONFIG_HS20
  OBJS += ../src/ap/hs20.o
  endif
@@ -118,7 +118,7 @@ 
  endif
  
  ifdef CONFIG_MBO
-@@ -960,7 +975,9 @@ CFLAGS += -DCONFIG_MBO
+@@ -961,7 +976,9 @@ CFLAGS += -DCONFIG_MBO
  endif
  
  ifdef NEED_RSN_AUTHENTICATOR
@@ -128,7 +128,7 @@ 
  NEED_AES_WRAP=y
  OBJS += ../src/ap/wpa_auth.o
  OBJS += ../src/ap/wpa_auth_ie.o
-@@ -1835,6 +1852,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
+@@ -1836,6 +1853,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
  
  $(OBJS_c) $(OBJS_t) $(OBJS_t2) $(OBJS) $(BCHECK) $(EXTRA_progs): .config
  
@@ -141,7 +141,7 @@ 
  wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
  	$(Q)$(LDO) $(LDFLAGS) -o wpa_supplicant $(OBJS) $(LIBS) $(EXTRALIBS)
  	@$(E) "  LD " $@
-@@ -1937,6 +1960,12 @@ endif
+@@ -1938,6 +1961,12 @@ endif
  		-e 's|\@DBUS_INTERFACE\@|$(DBUS_INTERFACE)|g' $< >$@
  	@$(E) "  sed" $<
  
@@ -156,7 +156,7 @@ 
  wpa_cli.exe: wpa_cli
 --- a/src/drivers/driver.h
 +++ b/src/drivers/driver.h
-@@ -5317,8 +5317,8 @@ union wpa_event_data {
+@@ -5304,8 +5304,8 @@ union wpa_event_data {
   * Driver wrapper code should call this function whenever an event is received
   * from the driver.
   */
@@ -167,7 +167,7 @@ 
  
  /**
   * wpa_supplicant_event_global - Report a driver event for wpa_supplicant
-@@ -5330,7 +5330,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -5317,7 +5317,7 @@ void wpa_supplicant_event(void *ctx, enu
   * Same as wpa_supplicant_event(), but we search for the interface in
   * wpa_global.
   */
@@ -178,7 +178,7 @@ 
  /*
 --- a/src/ap/drv_callbacks.c
 +++ b/src/ap/drv_callbacks.c
-@@ -1375,8 +1375,8 @@ static void hostapd_event_dfs_cac_starte
+@@ -1378,8 +1378,8 @@ static void hostapd_event_dfs_cac_starte
  #endif /* NEED_AP_MLME */
  
  
@@ -189,7 +189,7 @@ 
  {
  	struct hostapd_data *hapd = ctx;
  #ifndef CONFIG_NO_STDOUT_DEBUG
-@@ -1590,7 +1590,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -1593,7 +1593,7 @@ void wpa_supplicant_event(void *ctx, enu
  }
  
  
@@ -231,7 +231,7 @@ 
  	os_memset(&global, 0, sizeof(global));
 --- a/wpa_supplicant/events.c
 +++ b/wpa_supplicant/events.c
-@@ -3709,8 +3709,8 @@ static void wpa_supplicant_event_assoc_a
+@@ -3717,8 +3717,8 @@ static void wpa_supplicant_event_assoc_a
  }
  
  
@@ -242,7 +242,7 @@ 
  {
  	struct wpa_supplicant *wpa_s = ctx;
  	int resched;
-@@ -4466,7 +4466,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -4474,7 +4474,7 @@ void wpa_supplicant_event(void *ctx, enu
  }
  
  
@@ -253,7 +253,7 @@ 
  	struct wpa_supplicant *wpa_s;
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -5457,7 +5457,6 @@ struct wpa_interface * wpa_supplicant_ma
+@@ -5496,7 +5496,6 @@ struct wpa_interface * wpa_supplicant_ma
  	return NULL;
  }
  
@@ -261,7 +261,7 @@ 
  /**
   * wpa_supplicant_match_existing - Match existing interfaces
   * @global: Pointer to global data from wpa_supplicant_init()
-@@ -5494,6 +5493,11 @@ static int wpa_supplicant_match_existing
+@@ -5533,6 +5532,11 @@ static int wpa_supplicant_match_existing
  
  #endif /* CONFIG_MATCH_IFACE */
  
@@ -273,7 +273,7 @@ 
  
  /**
   * wpa_supplicant_add_iface - Add a new network interface
-@@ -5750,6 +5754,8 @@ struct wpa_global * wpa_supplicant_init(
+@@ -5789,6 +5793,8 @@ struct wpa_global * wpa_supplicant_init(
  #ifndef CONFIG_NO_WPA_MSG
  	wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
  #endif /* CONFIG_NO_WPA_MSG */
@@ -297,7 +297,7 @@ 
  #ifdef CONFIG_WPS
  static int gen_uuid(const char *txt_addr)
 @@ -670,6 +675,8 @@ int main(int argc, char *argv[])
-	dl_list_init(&interfaces.eth_p_oui);
+ 	dl_list_init(&interfaces.eth_p_oui);
  #endif /* CONFIG_ETH_P_OUI */
  
 +	wpa_supplicant_event = hostapd_wpa_event;
diff --git a/package/network/services/hostapd/patches/300-noscan.patch b/package/network/services/hostapd/patches/300-noscan.patch
index 6db16c9..8e23d37 100644
--- a/package/network/services/hostapd/patches/300-noscan.patch
+++ b/package/network/services/hostapd/patches/300-noscan.patch
@@ -1,6 +1,6 @@ 
 --- a/hostapd/config_file.c
 +++ b/hostapd/config_file.c
-@@ -3014,6 +3014,10 @@ static int hostapd_config_fill(struct ho
+@@ -3042,6 +3042,10 @@ static int hostapd_config_fill(struct ho
  		}
  #endif /* CONFIG_IEEE80211W */
  #ifdef CONFIG_IEEE80211N
@@ -13,7 +13,7 @@ 
  	} else if (os_strcmp(buf, "ht_capab") == 0) {
 --- a/src/ap/ap_config.h
 +++ b/src/ap/ap_config.h
-@@ -734,6 +734,8 @@ struct hostapd_config {
+@@ -737,6 +737,8 @@ struct hostapd_config {
  
  	int ht_op_mode_fixed;
  	u16 ht_capab;
diff --git a/package/network/services/hostapd/patches/310-rescan_immediately.patch b/package/network/services/hostapd/patches/310-rescan_immediately.patch
index 6846db2..e0057a5 100644
--- a/package/network/services/hostapd/patches/310-rescan_immediately.patch
+++ b/package/network/services/hostapd/patches/310-rescan_immediately.patch
@@ -1,6 +1,6 @@ 
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -3927,7 +3927,7 @@ wpa_supplicant_alloc(struct wpa_supplica
+@@ -3966,7 +3966,7 @@ wpa_supplicant_alloc(struct wpa_supplica
  	if (wpa_s == NULL)
  		return NULL;
  	wpa_s->scan_req = INITIAL_SCAN_REQ;
diff --git a/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch b/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch
index d77ab44..b45945a 100644
--- a/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch
+++ b/package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch
@@ -2,7 +2,7 @@ 
 +++ b/src/drivers/driver_nl80211.c
 @@ -2536,10 +2536,15 @@ static int wpa_driver_nl80211_del_beacon
  	struct nl_msg *msg;
-	struct wpa_driver_nl80211_data *drv = bss->drv;
+ 	struct wpa_driver_nl80211_data *drv = bss->drv;
  
 +	if (!bss->beacon_set)
 +		return 0;
@@ -12,7 +12,7 @@ 
  	wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)",
 -		   drv->ifindex);
 +		   bss->ifindex);
-	nl80211_put_wiphy_data_ap(bss);
+ 	nl80211_put_wiphy_data_ap(bss);
 -	msg = nl80211_drv_msg(drv, 0, NL80211_CMD_DEL_BEACON);
 +	msg = nl80211_bss_msg(bss, 0, NL80211_CMD_DEL_BEACON);
  	return send_and_recv_msgs(drv, msg, NULL, NULL);
@@ -20,14 +20,14 @@ 
  
 @@ -4753,7 +4758,7 @@ static void nl80211_teardown_ap(struct i
  		nl80211_mgmt_unsubscribe(bss, "AP teardown");
-
-	nl80211_put_wiphy_data_ap(bss);
+ 
+ 	nl80211_put_wiphy_data_ap(bss);
 -	bss->beacon_set = 0;
 +	wpa_driver_nl80211_del_beacon(bss);
  }
  
  
-@@ -6853,8 +6858,6 @@ static int wpa_driver_nl80211_if_remove(
+@@ -6924,8 +6929,6 @@ static int wpa_driver_nl80211_if_remove(
  	} else {
  		wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context");
  		nl80211_teardown_ap(bss);
@@ -36,18 +36,18 @@ 
  		nl80211_destroy_bss(bss);
  		if (!bss->added_if)
  			i802_set_iface_flags(bss, 0);
-@@ -7225,7 +7228,6 @@ static int wpa_driver_nl80211_deinit_ap(
+@@ -7296,7 +7299,6 @@ static int wpa_driver_nl80211_deinit_ap(
  	if (!is_ap_interface(drv->nlmode))
  		return -1;
-	wpa_driver_nl80211_del_beacon(bss);
+ 	wpa_driver_nl80211_del_beacon(bss);
 -	bss->beacon_set = 0;
  
  	/*
  	 * If the P2P GO interface was dynamically added, then it is
-@@ -7245,7 +7247,6 @@ static int wpa_driver_nl80211_stop_ap(vo
+@@ -7316,7 +7318,6 @@ static int wpa_driver_nl80211_stop_ap(vo
  	if (!is_ap_interface(drv->nlmode))
  		return -1;
-	wpa_driver_nl80211_del_beacon(bss);
+ 	wpa_driver_nl80211_del_beacon(bss);
 -	bss->beacon_set = 0;
  	return 0;
  }
diff --git a/package/network/services/hostapd/patches/360-ctrl_iface_reload.patch b/package/network/services/hostapd/patches/360-ctrl_iface_reload.patch
index 043ddbf..d38ee24 100644
--- a/package/network/services/hostapd/patches/360-ctrl_iface_reload.patch
+++ b/package/network/services/hostapd/patches/360-ctrl_iface_reload.patch
@@ -89,7 +89,7 @@ 
  #ifdef RADIUS_SERVER
 --- a/src/ap/ctrl_iface_ap.c
 +++ b/src/ap/ctrl_iface_ap.c
-@@ -624,7 +624,13 @@ int hostapd_parse_csa_settings(const cha
+@@ -693,7 +693,13 @@ int hostapd_parse_csa_settings(const cha
  
  int hostapd_ctrl_iface_stop_ap(struct hostapd_data *hapd)
  {
diff --git a/package/network/services/hostapd/patches/370-ap_sta_support.patch b/package/network/services/hostapd/patches/370-ap_sta_support.patch
index ea31371..b96f5bc 100644
--- a/package/network/services/hostapd/patches/370-ap_sta_support.patch
+++ b/package/network/services/hostapd/patches/370-ap_sta_support.patch
@@ -45,9 +45,9 @@ 
  CONFIG_OS=win32
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -118,6 +118,55 @@ const char *const wpa_supplicant_full_li
+@@ -122,6 +122,55 @@ const char *const wpa_supplicant_full_li
  static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
-
+ 
  
 +static int hostapd_stop(struct wpa_supplicant *wpa_s)
 +{
@@ -101,7 +101,7 @@ 
  /* Configure default/group WEP keys for static WEP */
  int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
  {
-@@ -883,8 +932,12 @@ void wpa_supplicant_set_state(struct wpa
+@@ -887,8 +936,12 @@ void wpa_supplicant_set_state(struct wpa
  		wpas_p2p_completed(wpa_s);
  
  		sme_sched_obss_scan(wpa_s, 1);
@@ -114,7 +114,7 @@ 
  		wpa_s->new_connection = 1;
  		wpa_drv_set_operstate(wpa_s, 0);
  #ifndef IEEE8021X_EAPOL
-@@ -5080,6 +5133,20 @@ static int wpa_supplicant_init_iface(str
+@@ -5119,6 +5172,20 @@ static int wpa_supplicant_init_iface(str
  			   sizeof(wpa_s->bridge_ifname));
  	}
  
@@ -135,7 +135,7 @@ 
  	/* RSNA Supplicant Key Management - INITIALIZE */
  	eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
  	eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
-@@ -5404,6 +5471,11 @@ static void wpa_supplicant_deinit_iface(
+@@ -5443,6 +5510,11 @@ static void wpa_supplicant_deinit_iface(
  	if (terminate)
  		wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
  
diff --git a/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch b/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch
index 330cf48..0f6cd32 100644
--- a/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch
+++ b/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch
@@ -30,7 +30,7 @@ 
  			reply_len = -1;
 --- a/wpa_supplicant/Makefile
 +++ b/wpa_supplicant/Makefile
-@@ -926,6 +926,9 @@ ifdef CONFIG_FILS
+@@ -927,6 +927,9 @@ ifdef CONFIG_FILS
  OBJS += ../src/ap/fils_hlp.o
  endif
  ifdef CONFIG_CTRL_IFACE
@@ -42,7 +42,7 @@ 
  
 --- a/wpa_supplicant/ctrl_iface.c
 +++ b/wpa_supplicant/ctrl_iface.c
-@@ -2070,7 +2070,7 @@ static int wpa_supplicant_ctrl_iface_sta
+@@ -2077,7 +2077,7 @@ static int wpa_supplicant_ctrl_iface_sta
  			pos += ret;
  		}
  
@@ -51,7 +51,7 @@ 
  		if (wpa_s->ap_iface) {
  			pos += ap_ctrl_iface_wpa_get_status(wpa_s, pos,
  							    end - pos,
-@@ -9631,6 +9631,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -9640,6 +9640,7 @@ char * wpa_supplicant_ctrl_iface_process
  			reply_len = -1;
  	} else if (os_strncmp(buf, "NOTE ", 5) == 0) {
  		wpa_printf(MSG_INFO, "NOTE: %s", buf + 5);
@@ -59,7 +59,7 @@ 
  	} else if (os_strcmp(buf, "MIB") == 0) {
  		reply_len = wpa_sm_get_mib(wpa_s->wpa, reply, reply_size);
  		if (reply_len >= 0) {
-@@ -9638,6 +9639,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -9647,6 +9648,7 @@ char * wpa_supplicant_ctrl_iface_process
  						      reply + reply_len,
  						      reply_size - reply_len);
  		}
@@ -67,7 +67,7 @@ 
  	} else if (os_strncmp(buf, "STATUS", 6) == 0) {
  		reply_len = wpa_supplicant_ctrl_iface_status(
  			wpa_s, buf + 6, reply, reply_size);
-@@ -10124,6 +10126,7 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -10133,6 +10135,7 @@ char * wpa_supplicant_ctrl_iface_process
  		reply_len = wpa_supplicant_ctrl_iface_bss(
  			wpa_s, buf + 4, reply, reply_size);
  #ifdef CONFIG_AP
@@ -75,7 +75,7 @@ 
  	} else if (os_strcmp(buf, "STA-FIRST") == 0) {
  		reply_len = ap_ctrl_iface_sta_first(wpa_s, reply, reply_size);
  	} else if (os_strncmp(buf, "STA ", 4) == 0) {
-@@ -10132,12 +10135,15 @@ char * wpa_supplicant_ctrl_iface_process
+@@ -10141,12 +10144,15 @@ char * wpa_supplicant_ctrl_iface_process
  	} else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
  		reply_len = ap_ctrl_iface_sta_next(wpa_s, buf + 9, reply,
  						   reply_size);
@@ -101,7 +101,7 @@ 
  
  static int hostapd_get_sta_tx_rx(struct hostapd_data *hapd,
  				 struct sta_info *sta,
-@@ -250,6 +251,7 @@ int hostapd_ctrl_iface_sta_next(struct h
+@@ -319,6 +320,7 @@ int hostapd_ctrl_iface_sta_next(struct h
  	return hostapd_ctrl_iface_sta_mib(hapd, sta->next, buf, buflen);
  }
  
@@ -111,7 +111,7 @@ 
  static int p2p_manager_disconnect(struct hostapd_data *hapd, u16 stype,
 --- a/src/ap/ieee802_1x.c
 +++ b/src/ap/ieee802_1x.c
-@@ -2492,6 +2492,7 @@ static const char * bool_txt(Boolean val
+@@ -2493,6 +2493,7 @@ static const char * bool_txt(Boolean val
  	return val ? "TRUE" : "FALSE";
  }
  
@@ -119,7 +119,7 @@ 
  
  int ieee802_1x_get_mib(struct hostapd_data *hapd, char *buf, size_t buflen)
  {
-@@ -2667,6 +2668,7 @@ int ieee802_1x_get_mib_sta(struct hostap
+@@ -2668,6 +2669,7 @@ int ieee802_1x_get_mib_sta(struct hostap
  	return len;
  }
  
@@ -129,7 +129,7 @@ 
  static void ieee802_1x_wnm_notif_send(void *eloop_ctx, void *timeout_ctx)
 --- a/src/ap/wpa_auth.c
 +++ b/src/ap/wpa_auth.c
-@@ -3741,6 +3741,7 @@ static const char * wpa_bool_txt(int val
+@@ -3758,6 +3758,7 @@ static const char * wpa_bool_txt(int val
  	return val ? "TRUE" : "FALSE";
  }
  
@@ -137,7 +137,7 @@ 
  
  #define RSN_SUITE "%02x-%02x-%02x-%d"
  #define RSN_SUITE_ARG(s) \
-@@ -3885,7 +3886,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
+@@ -3902,7 +3903,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
  
  	return len;
  }
@@ -167,7 +167,7 @@ 
  
 --- a/wpa_supplicant/ap.c
 +++ b/wpa_supplicant/ap.c
-@@ -1139,7 +1139,7 @@ int wpas_ap_wps_nfc_report_handover(stru
+@@ -1157,7 +1157,7 @@ int wpas_ap_wps_nfc_report_handover(stru
  #endif /* CONFIG_WPS */
  
  
diff --git a/package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch b/package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch
index bdbae9b..c2bb40c 100644
--- a/package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch
+++ b/package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch
@@ -1,6 +1,6 @@ 
 --- a/src/common/wpa_common.c
 +++ b/src/common/wpa_common.c
-@@ -1664,6 +1664,31 @@ u32 wpa_akm_to_suite(int akm)
+@@ -1702,6 +1702,31 @@ u32 wpa_akm_to_suite(int akm)
  }
  
  
@@ -32,7 +32,7 @@ 
  int wpa_compare_rsn_ie(int ft_initial_assoc,
  		       const u8 *ie1, size_t ie1len,
  		       const u8 *ie2, size_t ie2len)
-@@ -1671,8 +1696,19 @@ int wpa_compare_rsn_ie(int ft_initial_as
+@@ -1709,8 +1734,19 @@ int wpa_compare_rsn_ie(int ft_initial_as
  	if (ie1 == NULL || ie2 == NULL)
  		return -1;
  
diff --git a/package/network/services/hostapd/patches/430-hostapd_cli_ifdef.patch b/package/network/services/hostapd/patches/430-hostapd_cli_ifdef.patch
index 2c77548..32cab7f 100644
--- a/package/network/services/hostapd/patches/430-hostapd_cli_ifdef.patch
+++ b/package/network/services/hostapd/patches/430-hostapd_cli_ifdef.patch
@@ -17,7 +17,7 @@ 
  
  static int hostapd_cli_cmd_disassoc_imminent(struct wpa_ctrl *ctrl, int argc,
 @@ -1476,7 +1474,6 @@ static const struct hostapd_cli_cmd host
-	{ "sa_query", hostapd_cli_cmd_sa_query, hostapd_complete_stations,
+ 	{ "sa_query", hostapd_cli_cmd_sa_query, hostapd_complete_stations,
  	  "<addr> = send SA Query to a station" },
  #endif /* CONFIG_IEEE80211W */
 -#ifdef CONFIG_WPS
@@ -29,6 +29,6 @@ 
  	{ "wps_get_status", hostapd_cli_cmd_wps_get_status, NULL,
  	  "= show current WPS status" },
 -#endif /* CONFIG_WPS */
-	{ "disassoc_imminent", hostapd_cli_cmd_disassoc_imminent, NULL,
-	  "= send Disassociation Imminent notification" },
-	{ "ess_disassoc", hostapd_cli_cmd_ess_disassoc, NULL,
+ 	{ "disassoc_imminent", hostapd_cli_cmd_disassoc_imminent, NULL,
+ 	  "= send Disassociation Imminent notification" },
+ 	{ "ess_disassoc", hostapd_cli_cmd_ess_disassoc, NULL,
diff --git a/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch b/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch
index 8869852..9f09711 100644
--- a/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch
+++ b/package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch
@@ -42,7 +42,7 @@  Signed-hostap: Antonio Quartulli <ordex@autistici.org>
  #include "config.h"
  
  
-@@ -1985,6 +1986,97 @@ static char * wpa_config_write_mka_ckn(c
+@@ -2019,6 +2020,97 @@ static char * wpa_config_write_mka_ckn(c
  #endif /* CONFIG_MACSEC */
  
  
@@ -140,7 +140,7 @@  Signed-hostap: Antonio Quartulli <ordex@autistici.org>
  /* Helper macros for network block parser */
  
  #ifdef OFFSET
-@@ -2224,6 +2316,9 @@ static const struct parse_data ssid_fiel
+@@ -2259,6 +2351,9 @@ static const struct parse_data ssid_fiel
  	{ INT(ap_max_inactivity) },
  	{ INT(dtim_period) },
  	{ INT(beacon_int) },
@@ -163,7 +163,7 @@  Signed-hostap: Antonio Quartulli <ordex@autistici.org>
  
  
  #define DEFAULT_EAP_WORKAROUND ((unsigned int) -1)
-@@ -735,6 +737,9 @@ struct wpa_ssid {
+@@ -744,6 +746,9 @@ struct wpa_ssid {
  	 */
  	void *parent_cred;
  
@@ -175,7 +175,7 @@  Signed-hostap: Antonio Quartulli <ordex@autistici.org>
  	 * macsec_policy - Determines the policy for MACsec secure session
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -2781,6 +2781,13 @@ static void wpas_start_assoc_cb(struct w
+@@ -2814,6 +2814,13 @@ static void wpas_start_assoc_cb(struct w
  			params.beacon_int = ssid->beacon_int;
  		else
  			params.beacon_int = wpa_s->conf->beacon_int;
diff --git a/package/network/services/hostapd/patches/462-wpa_s-support-htmode-param.patch b/package/network/services/hostapd/patches/462-wpa_s-support-htmode-param.patch
index d2e5eab..890ee8e 100644
--- a/package/network/services/hostapd/patches/462-wpa_s-support-htmode-param.patch
+++ b/package/network/services/hostapd/patches/462-wpa_s-support-htmode-param.patch
@@ -52,7 +52,7 @@  Signed-off-by: Antonio Quartulli <ordex@autistici.org>
  		goto fail;
 --- a/wpa_supplicant/config.c
 +++ b/wpa_supplicant/config.c
-@@ -2017,6 +2017,71 @@ static char * wpa_config_write_mcast_rat
+@@ -2051,6 +2051,71 @@ static char * wpa_config_write_mcast_rat
  }
  #endif /* NO_CONFIG_WRITE */
  
@@ -124,7 +124,7 @@  Signed-off-by: Antonio Quartulli <ordex@autistici.org>
  static int wpa_config_parse_rates(const struct parse_data *data,
  				  struct wpa_ssid *ssid, int line,
  				  const char *value)
-@@ -2319,6 +2384,7 @@ static const struct parse_data ssid_fiel
+@@ -2354,6 +2419,7 @@ static const struct parse_data ssid_fiel
  	{ INT_RANGE(fixed_freq, 0, 1) },
  	{ FUNC(rates) },
  	{ FUNC(mcast_rate) },
@@ -134,7 +134,7 @@  Signed-off-by: Antonio Quartulli <ordex@autistici.org>
  	{ INT_RANGE(macsec_integ_only, 0, 1) },
 --- a/wpa_supplicant/config_ssid.h
 +++ b/wpa_supplicant/config_ssid.h
-@@ -739,6 +739,8 @@ struct wpa_ssid {
+@@ -748,6 +748,8 @@ struct wpa_ssid {
  
  	unsigned char rates[WLAN_SUPP_RATES_MAX];
  	double mcast_rate;
@@ -145,7 +145,7 @@  Signed-off-by: Antonio Quartulli <ordex@autistici.org>
  	/**
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -2788,6 +2788,8 @@ static void wpas_start_assoc_cb(struct w
+@@ -2821,6 +2821,8 @@ static void wpas_start_assoc_cb(struct w
  			i++;
  		}
  		params.mcast_rate = ssid->mcast_rate;
diff --git a/package/network/services/hostapd/patches/600-ubus_support.patch b/package/network/services/hostapd/patches/600-ubus_support.patch
index 86f3889..b92e4be 100644
--- a/package/network/services/hostapd/patches/600-ubus_support.patch
+++ b/package/network/services/hostapd/patches/600-ubus_support.patch
@@ -84,7 +84,7 @@ 
  		   __func__, driver, drv_priv);
 --- a/src/ap/ieee802_11.c
 +++ b/src/ap/ieee802_11.c
-@@ -1587,7 +1587,8 @@ ieee802_11_set_radius_info(struct hostap
+@@ -1617,7 +1617,8 @@ ieee802_11_set_radius_info(struct hostap
  
  
  static void handle_auth(struct hostapd_data *hapd,
@@ -94,7 +94,7 @@ 
  {
  	u16 auth_alg, auth_transaction, status_code;
  	u16 resp = WLAN_STATUS_SUCCESS;
-@@ -1603,6 +1604,11 @@ static void handle_auth(struct hostapd_d
+@@ -1633,6 +1634,11 @@ static void handle_auth(struct hostapd_d
  	char *identity = NULL;
  	char *radius_cui = NULL;
  	u16 seq_ctrl;
@@ -104,9 +104,9 @@ 
 +		.frame_info = fi,
 +	};
  
-	if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) {
-		wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)",
-@@ -1757,6 +1763,12 @@ static void handle_auth(struct hostapd_d
+ 	if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) {
+ 		wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)",
+@@ -1787,6 +1793,12 @@ static void handle_auth(struct hostapd_d
  		resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
  		goto fail;
  	}
@@ -116,10 +116,10 @@ 
 +		resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
 +		goto fail;
 +	}
-	if (res == HOSTAPD_ACL_PENDING)
-		return;
-
-@@ -2860,7 +2872,7 @@ void fils_hlp_timeout(void *eloop_ctx, v
+ 	if (res == HOSTAPD_ACL_PENDING)
+ 		return;
+ 
+@@ -2887,7 +2899,7 @@ void fils_hlp_timeout(void *eloop_ctx, v
  
  static void handle_assoc(struct hostapd_data *hapd,
  			 const struct ieee80211_mgmt *mgmt, size_t len,
@@ -128,9 +128,9 @@ 
  {
  	u16 capab_info, listen_interval, seq_ctrl, fc;
  	u16 resp = WLAN_STATUS_SUCCESS, reply_res;
-@@ -2874,6 +2886,11 @@ static void handle_assoc(struct hostapd_
+@@ -2901,6 +2913,11 @@ static void handle_assoc(struct hostapd_
  #ifdef CONFIG_FILS
-	int delay_assoc = 0;
+ 	int delay_assoc = 0;
  #endif /* CONFIG_FILS */
 +	struct hostapd_ubus_request req = {
 +		.type = HOSTAPD_UBUS_ASSOC_REQ,
@@ -140,7 +140,7 @@ 
  
  	if (len < IEEE80211_HDRLEN + (reassoc ? sizeof(mgmt->u.reassoc_req) :
  				      sizeof(mgmt->u.assoc_req))) {
-@@ -3041,6 +3058,13 @@ static void handle_assoc(struct hostapd_
+@@ -3068,6 +3085,13 @@ static void handle_assoc(struct hostapd_
  	}
  #endif /* CONFIG_MBO */
  
@@ -154,7 +154,7 @@ 
  	/*
  	 * sta->capability is used in check_assoc_ies() for RRM enabled
  	 * capability element.
-@@ -3248,6 +3272,7 @@ static void handle_disassoc(struct hosta
+@@ -3275,6 +3299,7 @@ static void handle_disassoc(struct hosta
  	wpa_printf(MSG_DEBUG, "disassocation: STA=" MACSTR " reason_code=%d",
  		   MAC2STR(mgmt->sa),
  		   le_to_host16(mgmt->u.disassoc.reason_code));
@@ -162,7 +162,7 @@ 
  
  	sta = ap_get_sta(hapd, mgmt->sa);
  	if (sta == NULL) {
-@@ -3313,6 +3338,8 @@ static void handle_deauth(struct hostapd
+@@ -3340,6 +3365,8 @@ static void handle_deauth(struct hostapd
  		" reason_code=%d",
  		MAC2STR(mgmt->sa), le_to_host16(mgmt->u.deauth.reason_code));
  
@@ -171,7 +171,7 @@ 
  	sta = ap_get_sta(hapd, mgmt->sa);
  	if (sta == NULL) {
  		wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR " trying "
-@@ -3627,7 +3654,7 @@ int ieee802_11_mgmt(struct hostapd_data
+@@ -3654,7 +3681,7 @@ int ieee802_11_mgmt(struct hostapd_data
  
  
  	if (stype == WLAN_FC_STYPE_PROBE_REQ) {
@@ -180,7 +180,7 @@ 
  		return 1;
  	}
  
-@@ -3647,17 +3674,17 @@ int ieee802_11_mgmt(struct hostapd_data
+@@ -3674,17 +3701,17 @@ int ieee802_11_mgmt(struct hostapd_data
  	switch (stype) {
  	case WLAN_FC_STYPE_AUTH:
  		wpa_printf(MSG_DEBUG, "mgmt::auth");