# Driver interface for no driver (e.g., RADIUS server only)
#CONFIG_DRIVER_NONE=y
-# IEEE 802.11F/IAPP
-CONFIG_IAPP=y
-
# WPA2/IEEE 802.11i RSN pre-authentication
CONFIG_RSN_PREAUTH=y
-# IEEE 802.11w (management frame protection)
-CONFIG_IEEE80211W=y
-
# Support Operating Channel Validation
#CONFIG_OCV=y
# Integrated EAP server
-CONFIG_EAP=y
+#CONFIG_EAP=y
# EAP Re-authentication Protocol (ERP) in integrated EAP server
-CONFIG_ERP=y
+#CONFIG_ERP=y
# EAP-MD5 for the integrated EAP server
-CONFIG_EAP_MD5=y
+#CONFIG_EAP_MD5=y
# EAP-TLS for the integrated EAP server
-CONFIG_EAP_TLS=y
+#CONFIG_EAP_TLS=y
# EAP-MSCHAPv2 for the integrated EAP server
-CONFIG_EAP_MSCHAPV2=y
+#CONFIG_EAP_MSCHAPV2=y
# EAP-PEAP for the integrated EAP server
-CONFIG_EAP_PEAP=y
+#CONFIG_EAP_PEAP=y
# EAP-GTC for the integrated EAP server
-CONFIG_EAP_GTC=y
+#CONFIG_EAP_GTC=y
# EAP-TTLS for the integrated EAP server
-CONFIG_EAP_TTLS=y
+#CONFIG_EAP_TTLS=y
# EAP-SIM for the integrated EAP server
#CONFIG_EAP_SIM=y
# PKCS#12 (PFX) support (used to read private key and certificate file from
# a file that usually has extension .p12 or .pfx)
-CONFIG_PKCS12=y
+#CONFIG_PKCS12=y
# RADIUS authentication server. This provides access to the integrated EAP
# server from external hosts using RADIUS.
# the IEEE 802.11 Management capability (e.g., FreeBSD/net80211)
#CONFIG_DRIVER_RADIUS_ACL=y
-# IEEE 802.11n (High Throughput) support
-CONFIG_IEEE80211N=y
-
# Wireless Network Management (IEEE Std 802.11v-2011)
# Note: This is experimental and not complete implementation.
#CONFIG_WNM=y
# Note: This is experimental and work in progress. The definitions are still
# subject to change and this should not be expected to interoperate with the
# final IEEE 802.11ax version.
-#CONFIG_IEEE80211AX=y
+CONFIG_IEEE80211AX=y
# Remove debugging code that is printing out debug messages to stdout.
# This can be used to reduce the size of the hostapd considerably if debugging
#CONFIG_DEBUG_LINUX_TRACING=y
# Remove support for RADIUS accounting
-#CONFIG_NO_ACCOUNTING=y
+CONFIG_NO_ACCOUNTING=y
# Remove support for RADIUS
-#CONFIG_NO_RADIUS=y
+CONFIG_NO_RADIUS=y
# Remove support for VLANs
-#CONFIG_NO_VLAN=y
+CONFIG_NO_VLAN=y
# Enable support for fully dynamic VLANs. This enables hostapd to
# automatically create bridge and VLAN interfaces if necessary.
# internal = Internal TLSv1 implementation (experimental)
# linux = Linux kernel AF_ALG and internal TLSv1 implementation (experimental)
# none = Empty template
-#CONFIG_TLS=openssl
+CONFIG_TLS=openssl
# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1)
# can be enabled to get a stronger construction of messages when block ciphers
CONFIG_ACS=y
# Multiband Operation support
-# These extentions facilitate efficient use of multiple frequency bands
+# These extensions facilitate efficient use of multiple frequency bands
# available to the AP and the devices that may associate with it.
#CONFIG_MBO=y
# Include internal line edit mode in hostapd_cli. This can be used to provide
# limited command line editing and history support.
-#CONFIG_WPA_CLI_EDIT=y
+CONFIG_WPA_CLI_EDIT=y
# Opportunistic Wireless Encryption (OWE)
# Experimental implementation of draft-harkins-owe-07.txt
# parameter. See that parameter in hostapd.conf for more details.
#CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1
-# Custom configuration
-CONFIG_SAE=y
+# Wired equivalent privacy (WEP)
+# WEP is an obsolete cryptographic data confidentiality algorithm that is not
+# considered secure. It should not be used for anything anymore. The
+# functionality needed to use WEP is available in the current hostapd
+# release under this optional build parameter. This functionality is subject to
+# be completely removed in a future release.
+#CONFIG_WEP=y
+
+# Remove all TKIP functionality
+# TKIP is an old cryptographic data confidentiality algorithm that is not
+# considered secure. It should not be used anymore. For now, the default hostapd
+# build includes this to allow mixed mode WPA+WPA2 networks to be enabled, but
+# that functionality is subject to be removed in the future.
+#CONFIG_NO_TKIP=y
+
+# Manually added options
+CONFIG_IEEE80211W=y
include Config
-VER = 2.9
+VER = 581dfcc
THISAPP = hostapd-$(VER)
DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
-DIR_APP = $(DIR_SRC)/$(THISAPP)
+DIR_APP = $(DIR_SRC)/hostap-$(VER)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = hostapd
-PAK_VER = 53
+PAK_VER = 54
DEPS =
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = f188fc53a495fe7af3b6d77d3c31dee8
+$(DL_FILE)_MD5 = eed922f2daabe16d74adf2b23455d8bd
install : $(TARGET)
cd $(DIR_APP)/hostapd && cp $(DIR_SRC)/config/hostapd/config ./.config
cd $(DIR_APP)/hostapd && sed -e "s@/usr/local@/usr@g" -i Makefile
- cd $(DIR_APP)/hostapd && make $(MAKETUNING) $(EXTRA_MAKE)
+ cd $(DIR_APP)/hostapd && make $(MAKETUNING)
cd $(DIR_APP)/hostapd && make install
install -v -m 644 $(DIR_SRC)/config/backup/includes/hostapd /var/ipfire/backup/addons/includes/hostapd
# install initscript
-diff U3 hostapd/config_file.c hostapd/config_file.c
---- a/hostapd/config_file.c Wed Aug 7 15:25:25 2019
-+++ b/hostapd/config_file.c Fri Sep 20 17:36:33 2019
-@@ -3411,6 +3411,10 @@
+--- a/hostapd/config_file.c
++++ b/hostapd/config_file.c
+@@ -3493,6 +3493,10 @@ static int hostapd_config_fill(struct ho
+ if (bss->ocv && !bss->ieee80211w)
bss->ieee80211w = 1;
#endif /* CONFIG_OCV */
- #ifdef CONFIG_IEEE80211N
+ } else if (os_strcmp(buf, "noscan") == 0) {
+ conf->noscan = atoi(pos);
+ } else if (os_strcmp(buf, "ht_coex") == 0) {
} else if (os_strcmp(buf, "ieee80211n") == 0) {
conf->ieee80211n = atoi(pos);
} else if (os_strcmp(buf, "ht_capab") == 0) {
-diff U3 src/ap/ap_config.h src/ap/ap_config.h
---- a/src/ap/ap_config.h Wed Aug 7 15:25:25 2019
-+++ b/src/ap/ap_config.h Fri Sep 20 17:38:06 2019
-@@ -932,6 +932,8 @@
+--- a/src/ap/ap_config.h
++++ b/src/ap/ap_config.h
+@@ -984,6 +984,8 @@ struct hostapd_config {
int ht_op_mode_fixed;
u16 ht_capab;
int ieee80211n;
int secondary_channel;
int no_pri_sec_switch;
-diff U3 src/ap/hw_features.c src/ap/hw_features.c
---- a/src/ap/hw_features.c Wed Aug 7 15:25:25 2019
-+++ b/src/ap/hw_features.c Fri Sep 20 17:39:02 2019
-@@ -477,7 +477,8 @@
+--- a/src/ap/hw_features.c
++++ b/src/ap/hw_features.c
+@@ -500,7 +500,8 @@ static int ieee80211n_check_40mhz(struct
int ret;
/* Check that HT40 is used and PRI / SEC switch is allowed */
return 0;
hostapd_set_state(iface, HAPD_IFACE_HT_SCAN);
-diff U3 src/ap/ieee802_11_ht.c src/ap/ieee802_11_ht.c
---- a/src/ap/ieee802_11_ht.c Wed Aug 7 15:25:25 2019
-+++ b/src/ap/ieee802_11_ht.c Fri Sep 20 17:41:24 2019
-@@ -252,6 +252,9 @@
+--- a/src/ap/ieee802_11_ht.c
++++ b/src/ap/ieee802_11_ht.c
+@@ -230,6 +230,9 @@ void hostapd_2040_coex_action(struct hos
return;
}
if (len < IEEE80211_HDRLEN + 2 + sizeof(*bc_ie)) {
wpa_printf(MSG_DEBUG,
"Ignore too short 20/40 BSS Coexistence Management frame");
-@@ -410,6 +413,9 @@
- void ht40_intolerant_add(struct hostapd_iface *iface, struct sta_info *sta)
- {
+@@ -390,6 +393,9 @@ void ht40_intolerant_add(struct hostapd_
if (iface->current_mode->mode != HOSTAPD_MODE_IEEE80211G)
-+ return;
-+
-+ if (iface->conf->noscan || iface->conf->no_ht_coex)
return;
++ if (iface->conf->noscan || iface->conf->no_ht_coex)
++ return;
++
wpa_printf(MSG_INFO, "HT: Forty MHz Intolerant is set by STA " MACSTR
+ " in Association Request", MAC2STR(sta->addr));
+