From patchwork Fri May 18 08:39:33 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: David Woodhouse <dwmw2@infradead.org>
X-Patchwork-Id: 916119
X-Patchwork-Delegate: blogic@openwrt.org
Return-Path: 
 <openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=lists.openwrt.org
	(client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org;
	envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none)
	header.from=infradead.org
Authentication-Results: ozlabs.org; dkim=pass (2048-bit key;
	unprotected) header.d=lists.infradead.org
	header.i=@lists.infradead.org header.b="BPs313Ib";
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=infradead.org header.i=@infradead.org
	header.b="Wceohl1X"; dkim-atps=neutral
Received: from bombadil.infradead.org (bombadil.infradead.org
	[IPv6:2607:7c80:54:e::133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 40nMBn4vB6z9s2R
	for <incoming@patchwork.ozlabs.org>;
	Fri, 18 May 2018 18:43:13 +1000 (AEST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20170209; h=Sender:
	Content-Transfer-Encoding:Content-Type:MIME-Version:List-Subscribe:List-Help:
	List-Post:List-Archive:List-Unsubscribe:List-Id:Subject:Message-Id:Date:To:
	From:Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From:
	Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:
	List-Owner; bh=2c0hsOPG64Xuxzb7Tp0gPX2TA9+4vAfWENl1aqncMT4=;
	b=BPs313IbeiyeWV
	NRVQ7xvoVPjNgH+0zwK7JX+Rz/+hAUAN5Et/zF6Uz/p/j+5t8u9q0br1N0SqbzcFj1AmhO+RC7Sql
	eLU6qLVGbNb64P/dZ44KIwuz8A6f9NF6WDaSYfSsKwLD7zBWSz9Ybz3hMm79wYfVDK5T0bf8l/wAX
	dpWhk15GbWsYSv8L1xekMbHXTVQ0lbgrEp9sLvuftfTXM2uY9rgs5p2JUh3wEUz8Y3E31y07LEabi
	qAdfOMbdMAUYrqVb4ugs9W4zsBZNEv2BK+fiU+6rRpSD7hxmyaUF8MNdJ7KOX/AymRKeonQGIsJkK
	isK8o1hzZbrb5aO8P7bw==;
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux))
	id 1fJayh-0004CZ-Dk; Fri, 18 May 2018 08:43:07 +0000
Received: from merlin.infradead.org ([2001:8b0:10b:1231::1])
	by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat
	Linux)) id 1fJayf-0004CK-Uc
	for openwrt-devel@bombadil.infradead.org;
	Fri, 18 May 2018 08:43:05 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=infradead.org; s=merlin.20170209;
	h=Sender:Message-Id:Date:Subject:To:From:
	Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:
	Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
	:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
	List-Subscribe:List-Post:List-Owner:List-Archive;
	bh=pD4rc3PHHYrDQFxpI34Cb4gt9gOtHsRa3bRbAFbKyLo=;
	b=Wceohl1XVHlbsCqotcdeEeILSO
	U9reGgHCCNAoAgbICaydWeZHtBB1Oux7C9cnafd+je0n8ghwGcpDoaIRloNghdVl1VB2pvjWhFbIp
	vMmCawXeuSLu+5ArAXOe7pQwISZSbH7dAjxOrLdRhCfa2HMpcrjsuvf3thuuj3Bg47hoDPmBic4Zm
	yj8asHP60HqYwnqVfiDtpWxMMyML6gBaQy5QMXc0peiMdLXledsZaupTYHc/Ga320A3wGJcAqKfb8
	VkJ6cEm5sGMRVVScysf0fV5qKX9r7DN6Nm7x+5XrkO9ys4QmpwIB+fahscERcbrw5ey5oc/A7OMMF
	/gmlE8tQ==;
Received: from [2001:8b0:10b:1::425] (helo=i7.infradead.org)
	by merlin.infradead.org with esmtpsa (Exim 4.90_1 #2 (Red Hat Linux))
	id 1fJavH-00016R-Ki
	for openwrt-devel@lists.openwrt.org; Fri, 18 May 2018 08:39:35 +0000
Received: from dwoodhou by i7.infradead.org with local (Exim 4.90_1 #2 (Red
	Hat Linux)) id 1fJavG-0061gx-KD
	for openwrt-devel@lists.openwrt.org; Fri, 18 May 2018 09:39:34 +0100
From: David Woodhouse <dwmw2@infradead.org>
To: openwrt-devel@lists.openwrt.org
Date: Fri, 18 May 2018 09:39:33 +0100
Message-Id: <20180518083934.1436431-1-dwmw2@infradead.org>
X-Mailer: git-send-email 2.17.0
X-SRS-Rewrite: SMTP reverse-path rewritten from <dwmw2@infradead.org> by
	merlin.infradead.org. See http://www.infradead.org/rpr.html
Subject: [OpenWrt-Devel] [PATCH 1/2] hostapd: fix IEEE 802.11r (fast
	roaming) defaults
X-BeenThere: openwrt-devel@lists.openwrt.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openwrt-devel.lists.openwrt.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/openwrt-devel>,
	<mailto:openwrt-devel-request@lists.openwrt.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/openwrt-devel/>
List-Post: <mailto:openwrt-devel@lists.openwrt.org>
List-Help: <mailto:openwrt-devel-request@lists.openwrt.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/openwrt-devel>,
	<mailto:openwrt-devel-request@lists.openwrt.org?subject=subscribe>
MIME-Version: 1.0
Sender: "openwrt-devel" <openwrt-devel-bounces@lists.openwrt.org>
Errors-To: 
 openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org

From: devianceluka <devianca@gmail.com>

Use ft_psk_generate_local=1 by default, as it makes everything else fairly
trivial. All of the r0kh/r1kh and key management stuff goes away and hostapd
fairly much does it all	for us.

We do need to provide nas_identifier, which can	be derived from	the BSSID,
and we need to generate	a mobility_domain, for which we	default	to the first
four chars of the md5sum of the	SSID.

The complex manual setup should also still work, but the defaults also
now work easily out of the box. Verified by manually running hostapd
(with the autogenerated config) and watching the debug output:

wlan2: STA ac:37:43:a0:a6:ae WPA: FT authentication already completed - do not start 4-way handshake

 This was previous submitted to LEDE in
 https://github.com/lede-project/source/pull/1382

[dwmw2: Rewrote commit message]
Signed-off-by: Gospod Nassa <devianca@gmail.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
---
 .../network/services/hostapd/files/hostapd.sh | 48 +++++++++++--------
 1 file changed, 27 insertions(+), 21 deletions(-)

diff --git a/package/network/services/hostapd/files/hostapd.sh b/package/network/services/hostapd/files/hostapd.sh
index 520da5b159..4deb0b97ae 100644
--- a/package/network/services/hostapd/files/hostapd.sh
+++ b/package/network/services/hostapd/files/hostapd.sh
@@ -422,32 +422,38 @@ hostapd_set_bss_options() {
 		set_default ieee80211r 0
 
 		if [ "$ieee80211r" -gt "0" ]; then
-			json_get_vars mobility_domain r0_key_lifetime r1_key_holder \
-				reassociation_deadline pmk_r1_push ft_psk_generate_local ft_over_ds
-			json_get_values r0kh r0kh
-			json_get_values r1kh r1kh
-
-			set_default mobility_domain "4f57"
-			set_default r0_key_lifetime 10000
-			set_default reassociation_deadline 1000
-			set_default pmk_r1_push 0
-			set_default ft_psk_generate_local 0
+			json_get_vars mobility_domain ft_psk_generate_local ft_over_ds reassociation_deadline
+			
+			set_default mobility_domain "$(echo "$ssid" | md5sum | head -c 4)"
+			set_default ft_psk_generate_local 1
 			set_default ft_over_ds 1
+			set_default reassociation_deadline 1000
 
 			append bss_conf "mobility_domain=$mobility_domain" "$N"
-			append bss_conf "r0_key_lifetime=$r0_key_lifetime" "$N"
-			[ -n "$r1_key_holder" ] && append bss_conf "r1_key_holder=$r1_key_holder" "$N"
-			append bss_conf "reassociation_deadline=$reassociation_deadline" "$N"
-			append bss_conf "pmk_r1_push=$pmk_r1_push" "$N"
 			append bss_conf "ft_psk_generate_local=$ft_psk_generate_local" "$N"
 			append bss_conf "ft_over_ds=$ft_over_ds" "$N"
-
-			for kh in $r0kh; do
-				append bss_conf "r0kh=${kh//,/ }" "$N"
-			done
-			for kh in $r1kh; do
-				append bss_conf "r1kh=${kh//,/ }" "$N"
-			done
+			append bss_conf "reassociation_deadline=$reassociation_deadline" "$N"
+			[ -n "$nasid" ] || append bss_conf "nas_identifier=${macaddr//\:}" "$N"
+
+			if [ "$ft_psk_generate_local" -eq "0" ]; then
+				json_get_vars r0_key_lifetime r1_key_holder pmk_r1_push
+				json_get_values r0kh r0kh
+				json_get_values r1kh r1kh
+
+				set_default r0_key_lifetime 10000
+				set_default pmk_r1_push 0
+
+				[ -n "$r1_key_holder" ] && append bss_conf "r1_key_holder=$r1_key_holder" "$N"
+				append bss_conf "r0_key_lifetime=$r0_key_lifetime" "$N"
+				append bss_conf "pmk_r1_push=$pmk_r1_push" "$N"
+
+				for kh in $r0kh; do
+					append bss_conf "r0kh=${kh//,/ }" "$N"
+				done
+				for kh in $r1kh; do
+					append bss_conf "r1kh=${kh//,/ }" "$N"
+				done
+			fi
 		fi
 
 		append bss_conf "wpa_disable_eapol_key_retries=$wpa_disable_eapol_key_retries" "$N"

From patchwork Fri May 18 08:39:34 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: David Woodhouse <dwmw2@infradead.org>
X-Patchwork-Id: 916121
X-Patchwork-Delegate: kevin@darbyshire-bryant.me.uk
Return-Path: 
 <openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=lists.openwrt.org
	(client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org;
	envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none)
	header.from=infradead.org
Authentication-Results: ozlabs.org; dkim=pass (2048-bit key;
	unprotected) header.d=lists.infradead.org
	header.i=@lists.infradead.org header.b="b1NP6+xw";
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=infradead.org header.i=@infradead.org
	header.b="l1U+Y21T"; dkim-atps=neutral
Received: from bombadil.infradead.org (bombadil.infradead.org
	[IPv6:2607:7c80:54:e::133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 40nMDB35mdz9s29
	for <incoming@patchwork.ozlabs.org>;
	Fri, 18 May 2018 18:44:26 +1000 (AEST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20170209; h=Sender:
	Content-Transfer-Encoding:Content-Type:MIME-Version:List-Subscribe:List-Help:
	List-Post:List-Archive:List-Unsubscribe:List-Id:Subject:References:
	In-Reply-To:Message-Id:Date:To:From:Reply-To:Cc:Content-ID:
	Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
	:Resent-Message-ID:List-Owner;
	bh=ADYDFq2pvtz0VPmz0sG0aKHqeG5/4SvFD3hQ6e6I1JQ=;
	b=b1NP6+xwOXi9oWmi5JWsC02GgF
	BuxKxe0lCO6G6X/MLDg3UD2xGlc4ljiHRFSIsP/+A3oIB7NsYAZ46vAfHD4PkPA9KjxMEim7JEVq+
	GC7OJMlgs/AWjyoE/Ae6JTIS89t7UgoaHNv+upbe0DSlS6Lh5apq4N5L6axUNyo3Yz2eEB+64GCfK
	/aJVRqb0tAF3phKjGsvD8LA6TJ/v2ki54w9IHXJblRAA3LmhEHawV3eWrKK/ruS+nROzCNfPRWJZn
	ytrtDPGGNVpJQ2j5CnC7zouHx8ToPKrhBU390skz8JMqG630eC0rN7bBcMK6G3DHqEtyt7nTlY1J0
	JAaGzjfg==;
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux))
	id 1fJazs-0004jA-UB; Fri, 18 May 2018 08:44:21 +0000
Received: from merlin.infradead.org ([2001:8b0:10b:1231::1])
	by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat
	Linux)) id 1fJayi-0004CW-52
	for openwrt-devel@bombadil.infradead.org;
	Fri, 18 May 2018 08:43:08 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=infradead.org; s=merlin.20170209; h=Sender:References:In-Reply-To:
	Message-Id:Date:Subject:To:From:Reply-To:Cc:MIME-Version:Content-Type:
	Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:
	Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:
	List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
	bh=EREPhGy8YpptZ9Nzt/ZuBE6qOqIVs9fZ0H/JVn+TM84=;
	b=l1U+Y21T32dBuwhesiRyKNxsy
	kZmaHse68XppGds4xTC84vUkQfMpSrnlLFkV1+G8scLxcpg2VUlApQo+dF6Yg5D+WcOvndwzyrUir
	FoGgx1bpX3ZOQ6G5HIhTj7PmaXi0yzt7h80AdYcLavzVewGwtyB9aRDJnrJevOWfy/Q1sYAt1Csfn
	sPaxTEVK1rmuPUmGCqbMF7NwTSzkmZ21cx0nIX6iMy8MV0roI28kQ96U/vtQe7lBHNmowULbobKSB
	jyIe6ZIM0iuY8oV7XBHdzq0GaVw016Nl3KLWFT4HzuUfTL6/UP5oKPsTy0QfIoHfq2SqohwTPB06z
	iVhufHfMg==;
Received: from [2001:8b0:10b:1::425] (helo=i7.infradead.org)
	by merlin.infradead.org with esmtpsa (Exim 4.90_1 #2 (Red Hat Linux))
	id 1fJavH-00016S-LY
	for openwrt-devel@lists.openwrt.org; Fri, 18 May 2018 08:39:35 +0000
Received: from dwoodhou by i7.infradead.org with local (Exim 4.90_1 #2 (Red
	Hat Linux)) id 1fJavG-0061h0-L4
	for openwrt-devel@lists.openwrt.org; Fri, 18 May 2018 09:39:34 +0100
From: David Woodhouse <dwmw2@infradead.org>
To: openwrt-devel@lists.openwrt.org
Date: Fri, 18 May 2018 09:39:34 +0100
Message-Id: <20180518083934.1436431-2-dwmw2@infradead.org>
X-Mailer: git-send-email 2.17.0
In-Reply-To: <20180518083934.1436431-1-dwmw2@infradead.org>
References: <20180518083934.1436431-1-dwmw2@infradead.org>
X-SRS-Rewrite: SMTP reverse-path rewritten from <dwmw2@infradead.org> by
	merlin.infradead.org. See http://www.infradead.org/rpr.html
Subject: [OpenWrt-Devel] [PATCH 2/2] wpad-mini: Enable 802.11r
X-BeenThere: openwrt-devel@lists.openwrt.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openwrt-devel.lists.openwrt.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/openwrt-devel>,
	<mailto:openwrt-devel-request@lists.openwrt.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/openwrt-devel/>
List-Post: <mailto:openwrt-devel@lists.openwrt.org>
List-Help: <mailto:openwrt-devel-request@lists.openwrt.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/openwrt-devel>,
	<mailto:openwrt-devel-request@lists.openwrt.org?subject=subscribe>
MIME-Version: 1.0
Sender: "openwrt-devel" <openwrt-devel-bounces@lists.openwrt.org>
Errors-To: 
 openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org

With so many devices having dual 2.4GHz + 5GHz radios, this isn't a
particularly esoteric use case any more. Luci offers it by default too,
with no check for whether wpad is actually going to do it or not AFAICT.

On my test build the size increase is relatively modest:
   text	   data	    bss	    dec	    hex	filename
 425067	   2704	    356	 428127	  6885f	wpad-mini
 452003	   2684	    372	 455059	  6f193	wpad-mini+11r
 717339	   2796	    588	 720723	  aff53	wpad-full

Let's just enable it by default.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>
---
 package/network/services/hostapd/files/hostapd-mini.config | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package/network/services/hostapd/files/hostapd-mini.config b/package/network/services/hostapd/files/hostapd-mini.config
index 661983a94b..b15116fbbe 100644
--- a/package/network/services/hostapd/files/hostapd-mini.config
+++ b/package/network/services/hostapd/files/hostapd-mini.config
@@ -142,7 +142,7 @@ CONFIG_PEERKEY=y
 #CONFIG_IPV6=y
 
 # IEEE Std 802.11r-2008 (Fast BSS Transition)
-#CONFIG_IEEE80211R=y
+CONFIG_IEEE80211R=y
 
 # Use the hostapd's IEEE 802.11 authentication (ACL), but without
 # the IEEE 802.11 Management capability (e.g., FreeBSD/net80211)