From: Jouni Malinen Date: Fri, 27 Dec 2024 21:23:15 +0000 (+0200) Subject: Use BSS-specific ACL configuration when setting up driver-based ACL X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1888b7efd92443b6f4c79d4a4b6f25d4f30a1aa3;p=thirdparty%2Fhostap.git Use BSS-specific ACL configuration when setting up driver-based ACL This capability was originally added with only the entries from the first BSS being supported likely due to the target use case not actually using the multiple BSSs with a single radio. However, there does not seem to be any specific reason for such constraint, so change this to use the current BSS's own configuration instead of the first BSS's to support per-BSS configuration with driver-based ACL. Signed-off-by: Jouni Malinen --- diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c index 06e837afc..4bc6b3abc 100644 --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c @@ -1802,26 +1802,26 @@ static int hostapd_set_acl_list(struct hostapd_data *hapd, int hostapd_set_acl(struct hostapd_data *hapd) { - struct hostapd_config *conf = hapd->iconf; + struct hostapd_bss_config *conf = hapd->conf; int err = 0; u8 accept_acl; if (hapd->iface->drv_max_acl_mac_addrs == 0) return 0; - if (conf->bss[0]->macaddr_acl == DENY_UNLESS_ACCEPTED) { + if (conf->macaddr_acl == DENY_UNLESS_ACCEPTED) { accept_acl = 1; - err = hostapd_set_acl_list(hapd, conf->bss[0]->accept_mac, - conf->bss[0]->num_accept_mac, + err = hostapd_set_acl_list(hapd, conf->accept_mac, + conf->num_accept_mac, accept_acl); if (err) { wpa_printf(MSG_DEBUG, "Failed to set accept acl"); return -1; } - } else if (conf->bss[0]->macaddr_acl == ACCEPT_UNLESS_DENIED) { + } else if (conf->macaddr_acl == ACCEPT_UNLESS_DENIED) { accept_acl = 0; - err = hostapd_set_acl_list(hapd, conf->bss[0]->deny_mac, - conf->bss[0]->num_deny_mac, + err = hostapd_set_acl_list(hapd, conf->deny_mac, + conf->num_deny_mac, accept_acl); if (err) { wpa_printf(MSG_DEBUG, "Failed to set deny acl");