Cumulative patch from commit 077232f603dbbef3ac06b33cc793d346be8c5af8
077232f60 OCE: Add OCE capability attribute only when associating to an OCE AP
2ac433340 OCE: Send scan parameters when OCE_STA functionality is enabled
d6801b054 nl80211: Support OCE features (driver capability and scan params)
938dd97a8 driver: Add OCE scan parameters
830eacf9d Sync with mac80211-next.git include/uapi/linux/nl80211.h
2543b19e4 random: Remove write-only variable random_entropy_file_read
b5ebe5dd5 hostapd: Send an event before throwing a station on re-authentication
57151ae98 atheros: Fix atheros_send_mgmt() dependency on CONFIG_FILS
410e2dd1d OWE: Fix build error in AP code without CONFIG_IEEE80211W=y
560e30bf3 Parse sae_password option when CONFIG_SAE is enabled
b898b6558 nl80211: Do not ignore disconnect event in case of !drv->associated
20f612d99 DPP: Set group id through DPP_AUTH_INIT or dpp_configurator_params
495aebd39 Add new QCA vendor command and attributes to enhance NAN
28c7f77a8 Correct the documentation of NAN vendor command
b3f24b06e mka: Fix confidentiality offset issue in macsec_qca driver interface
bed30e8d3 mka: Fix sci port mask issue in macsec_qca driver interface
1bac151ea Change the ADDBA buffer size attribute type to U16 from U8
d35003e50 Vendor attribute to get max blacklist BSSIDs capability
8bfbb295d nl80211: Fix sending of WDS STA event to the correct BSS context
af835d75b FILS: Fix FILS connect failures after ERP key invalidation
1ff860577 mka: Support GCM-AES-256
47abe29aa hostapd: SET ht_capab support for disabling 40 MHz bandwidth
567df5501 Re-configure WEP keys on hostapd interface re-enable
1e1245bc8 Fix QoS Mapping ext capab bit setting
373c79694 OpenSSL: Fix compile with OpenSSL 1.1.0 and deprecated APIs
c6e1a9a0b Clarify the TODO comment regarding PMKID KDE in EAPOL-Key msg 1/4
3e34cfdff WPA: Ignore unauthenticated encrypted EAPOL-Key data
c06cd3e0a HS 2.0: Fix hs20-osu-client handling of HomeSP/HomeOIList/<X+>/HomeOI
ecec4878b Provide more details of WPA3 modes in wpa_supplicant.conf
e7d73c378 Provide more details of WPA3 modes in hostapd.conf
cbdf5a49c Define test config vendor attribute to override MU EDCA
Bug: 113905758
Test: Device boots up and connects to wifi networks.
Test: Able to turn on/off softap.
Test: Regression test passed (Bug: 114246387)
Change-Id: I81d5922c7af382322cc78a5a2dc51a2aec9ff234
diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index 37308db..b1ab13e 100644
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -1237,6 +1237,8 @@
conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
conf->ht40_plus_minus_allowed = 1;
}
+ if (!os_strstr(capab, "[HT40+]") && !os_strstr(capab, "[HT40-]"))
+ conf->secondary_channel = 0;
if (os_strstr(capab, "[SMPS-STATIC]")) {
conf->ht_capab &= ~HT_CAP_INFO_SMPS_MASK;
conf->ht_capab |= HT_CAP_INFO_SMPS_STATIC;
@@ -3865,6 +3867,7 @@
} else if (os_strcmp(buf, "sae_commit_override") == 0) {
wpabuf_free(bss->sae_commit_override);
bss->sae_commit_override = wpabuf_parse_bin(pos);
+#endif /* CONFIG_TESTING_OPTIONS */
#ifdef CONFIG_SAE
} else if (os_strcmp(buf, "sae_password") == 0) {
if (parse_sae_password(bss, pos) < 0) {
@@ -3873,7 +3876,6 @@
return 1;
}
#endif /* CONFIG_SAE */
-#endif /* CONFIG_TESTING_OPTIONS */
} else if (os_strcmp(buf, "vendor_elements") == 0) {
if (parse_wpabuf_hex(line, buf, &bss->vendor_elements, pos))
return 1;
diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf
index 0de4b85..70f9713 100644
--- a/hostapd/hostapd.conf
+++ b/hostapd/hostapd.conf
@@ -1239,7 +1239,10 @@
# and/or WPA2 (full IEEE 802.11i/RSN):
# bit0 = WPA
# bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled)
-#wpa=1
+# Note that WPA3 is also configured with bit1 since it uses RSN just like WPA2.
+# In other words, for WPA3, wpa=2 is used the configuration (and
+# wpa_key_mgmt=SAE for WPA3-Personal instead of wpa_key_mgmt=WPA-PSK).
+#wpa=2
# WPA pre-shared keys for WPA-PSK. This can be either entered as a 256-bit
# secret in hex format (64 hex digits), wpa_psk, or as an ASCII passphrase
@@ -1268,10 +1271,23 @@
# Set of accepted key management algorithms (WPA-PSK, WPA-EAP, or both). The
# entries are separated with a space. WPA-PSK-SHA256 and WPA-EAP-SHA256 can be
# added to enable SHA256-based stronger algorithms.
+# WPA-PSK = WPA-Personal / WPA2-Personal
+# WPA-PSK-SHA256 = WPA2-Personal using SHA256
+# WPA-EAP = WPA-Enterprise / WPA2-Enterprise
+# WPA-EAP-SHA256 = WPA2-Enterprise using SHA256
+# SAE = SAE (WPA3-Personal)
+# WPA-EAP-SUITE-B-192 = WPA3-Enterprise with 192-bit security/CNSA suite
+# FT-PSK = FT with passphrase/PSK
+# FT-EAP = FT with EAP
+# FT-EAP-SHA384 = FT with EAP using SHA384
+# FT-SAE = FT with SAE
# FILS-SHA256 = Fast Initial Link Setup with SHA256
# FILS-SHA384 = Fast Initial Link Setup with SHA384
# FT-FILS-SHA256 = FT and Fast Initial Link Setup with SHA256
# FT-FILS-SHA384 = FT and Fast Initial Link Setup with SHA384
+# OWE = Opportunistic Wireless Encryption (a.k.a. Enhanced Open)
+# DPP = Device Provisioning Protocol
+# OSEN = Hotspot 2.0 online signup with encryption
# (dot11RSNAConfigAuthenticationSuitesTable)
#wpa_key_mgmt=WPA-PSK WPA-EAP