Merge tag 'hostap_2_11' into haiku

hostapd/wpa_supplicant 2.11

Conflicts:
	wpa_supplicant/Makefile

Android.mk

@@ -1,10 +1,15 @@
-LOCAL_PATH:= $(call my-dir)
+S_LOCAL_PATH := $(call my-dir)
 
 ifneq ($(filter VER_0_8_X VER_2_1_DEVEL,$(WPA_SUPPLICANT_VERSION)),)
 # The order of the 2 Android.mks does matter!
 # TODO: Clean up the Android.mks, reset all the temporary variables at the
 # end of each Android.mk, so that one Android.mk doesn't depend on variables
 # set up in the other Android.mk.
-include $(LOCAL_PATH)/hostapd/Android.mk \
-        $(LOCAL_PATH)/wpa_supplicant/Android.mk
+include $(S_LOCAL_PATH)/hostapd/Android.mk \
+        $(S_LOCAL_PATH)/wpa_supplicant/Android.mk
+ifneq ($(TARGET_BUILD_VARIANT), user)
+ifeq ($(shell test $(PLATFORM_VERSION_LAST_STABLE) -ge 8 ; echo $$?), 0)
+include $(S_LOCAL_PATH)/hs20/client/Android.mk
+endif #End of Check for platform version
+endif #End of Check for target build variant
 endif

CONTRIBUTIONS

@@ -37,7 +37,7 @@ without moderation. You can subscribe to the list at this address:
 http://lists.infradead.org/mailman/listinfo/hostap
 
 The message should contain an inlined patch against the current
-development branch (i.e., the master branch of
+development branch (i.e., the main branch of
 git://w1.fi/hostap.git). Please make sure the software you use for
 sending the patch does not corrupt whitespace. If that cannot be fixed
 for some reason, it is better to include an attached version of the

README

@@ -1,7 +1,7 @@
 wpa_supplicant and hostapd
 --------------------------
 
-Copyright (c) 2002-2022, Jouni Malinen <[email protected]> and contributors
+Copyright (c) 2002-2024, Jouni Malinen <[email protected]> and contributors
 All Rights Reserved.
 
 These programs are licensed under the BSD license (the one with

doc/dbus.doxygen

@@ -41,6 +41,9 @@ registered in the bus with fi.w1.wpa_supplicant1 name.
 	      <tr><td>BridgeIfname</td><td>s</td><td>Name of the bridge interface to control, e.g., br0</td><td>No</td>
 	      <tr><td>Driver</td><td>s</td><td>Driver name which the interface uses, e.g., nl80211</td><td>No</td>
 	      <tr><td>ConfigFile</td><td>s</td><td>Configuration file path</td><td>No</td>
+	      <tr><td>Create</td><td>b</td><td>Whether to create a new interface in the kernel</td><td>No</td>
+	      <tr><td>Type</td><td>s</td><td>Interface type to create (sta or ap)</td><td>No</td>
+	      <tr><td>Address</td><td>s</td><td>MAC address in colon-delimited format to be used in the created interface</td><td>No</td>
 	    </table>
 	  </dd>
 	</dl>
@@ -206,9 +209,11 @@ fi.w1.wpa_supplicant1.CreateInterface.
 	      <tr><th>Key</th><th>Value type</th><th>Description</th><th>Required</th>
 	      <tr><td>Type</td><td>s</td><td>Type of the scan. Possible values: "active", "passive"</td><td>Yes</td>
 	      <tr><td>SSIDs</td><td>aay</td><td>Array of SSIDs to scan for (applies only if scan type is active)</td><td>No</td>
-	      <tr><td>IEs</td><td>aay</td><td>Information elements to used in active scan (applies only if scan type is active)</td><td>No</td>
+	      <tr><td>IEs</td><td>aay</td><td>Information elements to used in active scan (applies only if scan type is active). Default IEs will be used in absence of this option.</td><td>No</td>
 	      <tr><td>Channels</td><td>a(uu)</td><td>Array of frequencies to scan in form of (center, width) in MHz.</td><td>No</td>
 	      <tr><td>AllowRoam</td><td>b</td><td>TRUE (or absent) to allow a roaming decision based on the results of this scan, FALSE to prevent a roaming decision.</td><td>No</td>
+	      <tr><td>NonColoc6GHz</td><td>b</td><td>TRUE to force scanning of non-PSC 6 GHz channels, FALSE (or absent) to skip scanning of non-PSC 6 GHz channels.</td><td>No</td>
+	      <tr><td>6GHzOnly</td><td>b</td><td>TRUE to scan only 6 GHz channels, FALSE (or absent) to scan all channels. Applies only if Channels is absent.</td><td>No</td>
 	    </table>
 	  </dd>
 	</dl>
@@ -578,6 +583,24 @@ fi.w1.wpa_supplicant1.CreateInterface.
 	<h3>InterworkingSelect ( ) --> nothing</h3>
 	<p>Perform Interworking (Hotspot 2.0) network selection.</p>
       </li>
+      <li>
+	<h3>ANQPGet ( a{sv} : args) --> nothing</h3>
+	<p>Send an ANQP request.</p>
+	<h4>Arguments</h4>
+	<dl>
+	  <dt>a{sv} : args</dt>
+	  <dd>
+	    <table>
+	      <tr><th>Key</th><th>Value type</th><th>Description</th><th>Required</th>
+	      <tr><td>addr</td><td>s</td><td>Address of the BSS</td><td>Yes</td>
+	      <tr><td>freq</td><td>u</td><td>Frequency of the BSS</td><td>No</td>
+	      <tr><td>ids</td><td>aq</td><td>List of ANQP information IDs to query</td><td>No</td>
+	      <tr><td>hs20_ids</td><td>ay</td><td>List of Hotspot 2.0 ANQP information IDs to query</td><td>No</td>
+	      <tr><td>mbo_ids</td><td>ay</td><td>List of MBO ANQP information IDs to query</td><td>No</td>
+	    </table>
+	  </dd>
+	</dl>
+      </li>
       <li>
 	<h3>EAPLogoff ( ) --> nothing</h3>
 	<p>IEEE 802.1X EAPOL state machine logoff.</p>
@@ -645,6 +668,33 @@ fi.w1.wpa_supplicant1.CreateInterface.
 	      <tr><td>avg-rssi</td><td>i</td><td>Average RSSI (dBm)</td><td>No</td>
 	      <tr><td>center-frq1</td><td>i</td><td>VHT segment 1 frequency (MHz)</td><td>No</td>
 	      <tr><td>center-frq2</td><td>i</td><td>VHT segment 2 frequency (MHz)</td><td>No</td>
+	      <tr><td>rx-bytes</td><td>i</td><td>Bytes recieved</td><td>No</td>
+	      <tr><td>tx-bytes</td><td>i</td><td>Bytes sent</td><td>No</td>
+	      <tr><td>rx-packets</td><td>i</td><td>Packets recieved</td><td>No</td>
+	      <tr><td>tx-packets</td><td>i</td><td>Packets sent</td><td>No</td>
+	      <tr><td>beacons</td><td>i</td><td>Beacons received</td><td>No</td>
+	      <tr><td>linkrxspeed</td><td>i</td><td>Link Speed (RX, kbps)</td><td>No</td>
+	      <tr><td>linktxspeed</td><td>i</td><td>Link Speed (TX, kbps)</td><td>No</td>
+	      <tr><td>retries-failed</td><td>i</td><td>Retries (failed)</td><td>No</td>
+	      <tr><td>retries</td><td>i</td><td>Retries</td><td>No</td>
+	      <tr><td>last-ack-rssi</td><td>i</td><td>RSSI of last ACK frame (dBm)</td><td>No</td>
+	      <tr><td>fcs-errors</td><td>i</td><td>FCS errors</td><td>No</td>
+	      <tr><td>beacon-losses</td><td>i</td><td>Beacons lost</td><td>No</td>
+	      <tr><td>expected-throughput</td><td>i</td><td>Expected Throughput (kbps)</td><td>No</td>
+	      <tr><td>rx-drop-misc</td><td>i</td><td>RX packets dropped for unspecified reasons</td><td>No</td>
+	      <tr><td>rx-mpdus</td><td>i</td><td>Recieved packets</td><td>No</td>
+	      <tr><td>rx-he-mcs</td><td>i</td><td>MCS index (rx, he)</td><td>No</td>
+	      <tr><td>tx-he-mcs</td><td>i</td><td>MCS index (tx, he)</td><td>No</td>
+	      <tr><td>rx-vht-mcs</td><td>i</td><td>MCS index (rx, vht)</td><td>No</td>
+	      <tr><td>tx-vht-mcs</td><td>i</td><td>MCS index (tx, vht)</td><td>No</td>
+	      <tr><td>rx-mcs</td><td>i</td><td>MCS index (rx)</td><td>No</td>
+	      <tr><td>tx-mcs</td><td>i</td><td>MCS index (tx)</td><td>No</td>
+	      <tr><td>rx-he-nss</td><td>i</td><td>Number of streams (rx, he)</td><td>No</td>
+	      <tr><td>tx-he-nss</td><td>i</td><td>Number of streams (tx, he)</td><td>No</td>
+	      <tr><td>rx-vht-nss</td><td>i</td><td>Number of streams (rx, vht)</td><td>No</td>
+	      <tr><td>tx-vht-nss</td><td>i</td><td>Number of streams (tx, vht)</td><td>No</td>
+	      <tr><td>avg-beacon-rssi</td><td>i</td><td>Average Beacon RSSI (dBm)</td><td>No</td>
+	      <tr><td>avg-ack-rssi</td><td>i</td><td>Average ACK frame RSSI (dBm)</td><td>No</td>
 	    </table>
 	  </dd>
 	</dl>
@@ -1093,6 +1143,16 @@ fi.w1.wpa_supplicant1.CreateInterface.
 	<p>Masks to show which bits not to randomize with MAC address randomization. Possible keys are "scan", "sched_scan", and "pno". Values must be an array of 6 bytes.</p>
 	<p>When this property is set, the new dictionary replaces the old value, rather than merging them together. Leaving a key out of the dictionary will turn off MAC address randomization for that scan type.</p>
       </li>
+
+      <li>
+	<h3>MACAddress - ay - (read)</h3>
+	<p>MAC address of the interface</p>
+      </li>
+
+      <li>
+	<h3>SignalChange - "a{sv}" - (read)</h3>
+	<p>Signal and quality properties of the interface</p>
+      </li>
     </ul>
 
 \subsection dbus_interface_signals Signals
@@ -1238,7 +1298,7 @@ fi.w1.wpa_supplicant1.CreateInterface.
 	<h4>Arguments</h4>
 	<dl>
 	  <dt>a{sv} : properties</dt>
-	  <dd>A dictionary with pairs of properties names which have changed and theirs new values. Possible dictionary keys are: "ApScan", "Scanning", "State", "CurrentBSS", "CurrentNetwork"</dd>
+	  <dd>A dictionary with pairs of properties names which have changed and their new values. Possible dictionary keys are: "ApScan", "Scanning", "State", "CurrentBSS", "CurrentNetwork", "SignalChange"</dd>
 	</dl>
       </li>
 
@@ -1295,6 +1355,31 @@ fi.w1.wpa_supplicant1.CreateInterface.
       <li>
 	<h3>InterworkingSelectDone ( )</h3>
       </li>
+
+      <li>
+	<h3>PskMismatch ( )</h3>
+	<p>A possible PSK mismatch is identified.</p>
+      </li>
+
+      <li>
+	<h3>HS20TermsAndConditions ( s : url )</h3>
+	<p>A terms and conditions page is present. This signal is delivered when the network requires acceptance of the terms and conditions.</p>
+	<dl>
+	  <dt>s : url</dt>
+	  <dd>URL of the terms and conditions page.</dd>
+	</dl>
+      </li>
+
+      <li>
+	<h3>ANQPQueryDone ( s : addr, s : result )</h3>
+	<p>Result of an ANQP query.</p>
+	<dl>
+	  <dt>s : addr</dt>
+	  <dd>Address of the BSS targeted by the query.</dd>
+	  <dt>s : result</dt>
+	  <dd>Determine if the request was successful. If so fields are available in BSS.</dd>
+	</dl>
+      </li>
     </ul>
 
 
@@ -1558,6 +1643,14 @@ Interface for performing P2P (Wi-Fi Peer-to-Peer) P2P Device operations.
 	<tr><td>persistent</td><td>b</td><td>Whether to form a persistent group.</td><td>no</td></tr>
 	<tr><td>persistent_group_object</td><td>o</td><td></td><td>no</td></tr>
 	<tr><td>frequency</td><td>i</td><td>Operating frequency in MHz</td><td>no</td></tr>
+	<tr><td>retry_limit</td><td>i</td><td>Optional limit on the number of scan attempts to join a group</td><td>no</td></tr>
+	<tr><td>ht40</td><td>b</td><td></td><td>no</td></tr>
+	<tr><td>vht</td><td>b</td><td></td><td>no</td></tr>
+	<tr><td>he</td><td>b</td><td></td><td>no</td></tr>
+	<tr><td>edmg</td><td>b</td><td></td><td>no</td></tr>
+	<tr><td>allow_6ghz</td><td>b</td><td></td><td>no</td></tr>
+	<tr><td>freq2</td><td>i</td><td>Center frequency in MHz for segment 2 when operating in 80 MHz + 80 MHz mode</td><td>no</td></tr>
+	<tr><td>max_oper_chwidth</td><td>i</td><td>Maximum operating channel width in MHz (20, 40, 80, 160, 320)</td><td>no</td></tr>
 	</table>
       </dd>
     </dl>
@@ -2127,6 +2220,30 @@ scan results.
 	<h3>Age - u - (read)</h3>
 	<p>Number of seconds since the BSS was last seen.</p>
       </li>
+      <li>
+	<h3>ANQP - a{sv} - (read)</h3>
+	<p>ANQP information of the BSS. Empty dictionary indicates no ANQP field. Named dictionary entries are:</p>
+	<table>
+	  <tr><td>CapabilityList</td><td>ay</td></tr>
+	  <tr><td>VenueName</td><td>ay</td></tr>
+	  <tr><td>NetworkAuthType</td><td>ay</td></tr>
+	  <tr><td>RoamingConsortium</td><td>ay</td></tr>
+	  <tr><td>IPAddrTypeAvailability</td><td>ay</td></tr>
+	  <tr><td>NAIRealm</td><td>ay</td></tr>
+	  <tr><td>3GPP</td><td>ay</td></tr>
+	  <tr><td>DomainName</td><td>ay</td></tr>
+	  <tr><td>FilsRealmInfo</td><td>ay</td></tr>
+	  <tr><td>HS20CapabilityList</td><td>ay</td></tr>
+	  <tr><td>HS20OperatorFriendlyName</td><td>ay</td></tr>
+	  <tr><td>HS20WanMetrics</td><td>ay</td></tr>
+	  <tr><td>HS20ConnectionCapability</td><td>ay</td></tr>
+	  <tr><td>HS20OperatingClass</td><td>ay</td></tr>
+	  <tr><td>HS20OSUProvidersList</td><td>ay</td></tr>
+	  <tr><td>HS20OperatorIconMetadata</td><td>ay</td></tr>
+	  <tr><td>HS20OSUProvidersNAIList</td><td>ay</td></tr>
+	</table>
+	<p>Unnamed ANQP elements have a generic entry name 'anqp[id]' where 'id' is the InfoID of the ANQP element as described in IEEE Std 802.11-2020, Table 9-331 (ANQP-element definitions).</p>
+      </li>
     </ul>
 
 \subsection dbus_bss_signals Signals

doc/doxygen.conf

@@ -31,7 +31,7 @@ PROJECT_NAME           = "wpa_supplicant / hostapd"
 # This could be handy for archiving the generated documentation or
 # if some version control system is used.
 
-PROJECT_NUMBER         = 2.10
+PROJECT_NUMBER         = 2.11
 
 # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
 # base path where the generated documentation will be put.

hostapd/Android.mk

@@ -154,6 +154,7 @@ OBJS += src/utils/crc32.c
 OBJS += src/common/ieee802_11_common.c
 OBJS += src/common/wpa_common.c
 OBJS += src/common/hw_features_common.c
+OBJS += src/common/ptksa_cache.c
 
 OBJS += src/eapol_auth/eapol_auth_sm.c
 
@@ -237,6 +238,8 @@ L_CFLAGS += -DCONFIG_OCV
 OBJS += src/common/ocv.c
 endif
 
+NEED_AES_UNWRAP=y
+
 ifdef CONFIG_IEEE80211R
 L_CFLAGS += -DCONFIG_IEEE80211R -DCONFIG_IEEE80211R_AP
 OBJS += src/ap/wpa_auth_ft.c
@@ -256,6 +259,7 @@ L_CFLAGS += -DCONFIG_SAE
 OBJS += src/common/sae.c
 ifdef CONFIG_SAE_PK
 L_CFLAGS += -DCONFIG_SAE_PK
+NEED_AES_SIV=y
 OBJS += src/common/sae_pk.c
 endif
 NEED_ECC=y
@@ -294,6 +298,12 @@ ifdef CONFIG_IEEE80211AC
 L_CFLAGS += -DCONFIG_IEEE80211AC
 endif
 
+ifdef CONFIG_IEEE80211BE
+CONFIG_IEEE80211AX=y
+L_CFLAGS += -DCONFIG_IEEE80211BE
+OBJS += src/ap/ieee802_11_eht.c
+endif
+
 ifdef CONFIG_IEEE80211AX
 L_CFLAGS += -DCONFIG_IEEE80211AX
 endif
@@ -572,14 +582,19 @@ L_CFLAGS += -DCONFIG_DPP3
 endif
 endif
 
+ifdef CONFIG_NAN_USD
+OBJS += src/common/nan_de.c
+OBJS += src/ap/nan_usd_ap.c
+L_CFLAGS += -DCONFIG_NAN_USD
+endif
+
 ifdef CONFIG_PASN
 L_CFLAGS += -DCONFIG_PASN
 L_CFLAGS += -DCONFIG_PTKSA_CACHE
 NEED_HMAC_SHA256_KDF=y
 NEED_HMAC_SHA384_KDF=y
 NEED_SHA256=y
 NEED_SHA384=y
-OBJS += src/common/ptksa_cache.c
 endif
 
 ifdef CONFIG_EAP_IKEV2
@@ -632,6 +647,11 @@ ifdef CHAP
 OBJS += src/eap_common/chap.c
 endif
 
+ifdef CONFIG_RADIUS_TLS
+TLS_FUNCS=y
+L_CFLAGS += -DCONFIG_RADIUS_TLS
+endif
+
 ifdef TLS_FUNCS
 NEED_DES=y
 # Shared TLS functions (needed for EAP_TLS, EAP_PEAP, and EAP_TTLS)
@@ -653,6 +673,7 @@ L_CFLAGS += -DCONFIG_TLSV12
 endif
 
 ifeq ($(CONFIG_TLS), openssl)
+L_CFLAGS += -DCRYPTO_RSA_OAEP_SHA256
 ifdef TLS_FUNCS
 OBJS += src/crypto/tls_openssl.c
 OBJS += src/crypto/tls_openssl_ocsp.c
@@ -825,7 +846,9 @@ endif
 ifdef NEED_AES_ENCBLOCK
 AESOBJS += src/crypto/aes-encblock.c
 endif
+ifneq ($(CONFIG_TLS), openssl)
 AESOBJS += src/crypto/aes-omac1.c
+endif
 ifdef NEED_AES_UNWRAP
 ifneq ($(CONFIG_TLS), openssl)
 NEED_AES_DEC=y
@@ -1026,6 +1049,9 @@ endif
 ifdef NEED_AP_MLME
 OBJS += src/ap/wmm.c
 OBJS += src/ap/ap_list.c
+OBJS += src/ap/comeback_token.c
+OBJS += src/pasn/pasn_responder.c
+OBJS += src/pasn/pasn_common.c
 OBJS += src/ap/ieee802_11.c
 OBJS += src/ap/hw_features.c
 OBJS += src/ap/dfs.c

hostapd/ChangeLog

@@ -1,5 +1,42 @@
 ChangeLog for hostapd
 
+2024-07-20 - v2.11
+	* Wi-Fi Easy Connect
+	  - add support for DPP release 3
+	  - allow Configurator parameters to be provided during config exchange
+	* HE/IEEE 802.11ax/Wi-Fi 6
+	  - various fixes
+	* EHT/IEEE 802.11be/Wi-Fi 7
+	  - add preliminary support
+	* SAE: add support for fetching the password from a RADIUS server
+	* support OpenSSL 3.0 API changes
+	* support background radar detection and CAC with some additional
+	  drivers
+	* support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3)
+	* EAP-SIM/AKA: support IMSI privacy
+	* improve 4-way handshake operations
+	  - use Secure=1 in message 3 during PTK rekeying
+	* OCV: do not check Frequency Segment 1 Channel Number for 160 MHz cases
+	  to avoid interoperability issues
+	* support new SAE AKM suites with variable length keys
+	* support new AKM for 802.1X/EAP with SHA384
+	* extend PASN support for secure ranging
+	* FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP)
+	  - this is based on additional details being added in the IEEE 802.11
+	    standard
+	  - the new implementation is not backwards compatible
+	* improved ACS to cover additional channel types/bandwidths
+	* extended Multiple BSSID support
+	* fix beacon protection with FT protocol (incorrect BIGTK was provided)
+	* support unsynchronized service discovery (USD)
+	* add preliminary support for RADIUS/TLS
+	* add support for explicit SSID protection in 4-way handshake
+	  (a mitigation for CVE-2023-52424; disabled by default for now, can be
+	  enabled with ssid_protection=1)
+	* fix SAE H2E rejected groups validation to avoid downgrade attacks
+	* use stricter validation for some RADIUS messages
+	* a large number of other fixes, cleanup, and extensions
+
 2022-01-16 - v2.10
 	* SAE changes
 	  - improved protection against side channel attacks