diff options
Diffstat (limited to 'package/hostapd/patches')
-rw-r--r-- | package/hostapd/patches/100-madwifi_fix.patch | 4 | ||||
-rw-r--r-- | package/hostapd/patches/110-nl80211_socketfilter.patch | 184 | ||||
-rw-r--r-- | package/hostapd/patches/120-countrycode.patch | 16 |
3 files changed, 12 insertions, 192 deletions
diff --git a/package/hostapd/patches/100-madwifi_fix.patch b/package/hostapd/patches/100-madwifi_fix.patch index 47ce89dd56..8f8be442b9 100644 --- a/package/hostapd/patches/100-madwifi_fix.patch +++ b/package/hostapd/patches/100-madwifi_fix.patch @@ -1,6 +1,6 @@ --- a/hostapd/driver_madwifi.c +++ b/hostapd/driver_madwifi.c -@@ -310,6 +310,7 @@ madwifi_set_iface_flags(void *priv, int +@@ -312,6 +312,7 @@ madwifi_set_iface_flags(void *priv, int { struct madwifi_driver_data *drv = priv; struct ifreq ifr; @@ -8,7 +8,7 @@ wpa_printf(MSG_DEBUG, "%s: dev_up=%d", __func__, dev_up); -@@ -324,10 +325,14 @@ madwifi_set_iface_flags(void *priv, int +@@ -326,10 +327,14 @@ madwifi_set_iface_flags(void *priv, int return -1; } diff --git a/package/hostapd/patches/110-nl80211_socketfilter.patch b/package/hostapd/patches/110-nl80211_socketfilter.patch deleted file mode 100644 index 4427d00615..0000000000 --- a/package/hostapd/patches/110-nl80211_socketfilter.patch +++ /dev/null @@ -1,184 +0,0 @@ ---- a/hostapd/driver_nl80211.c -+++ b/hostapd/driver_nl80211.c -@@ -27,6 +27,7 @@ - #include <net/if.h> - #include <netpacket/packet.h> - #include "wireless_copy.h" -+#include <linux/filter.h> - #include <net/if_arp.h> - - #include "hostapd.h" -@@ -1728,6 +1729,9 @@ static void handle_frame(struct hostapd_ - case WLAN_FC_TODS: - bssid = hdr->addr1; - break; -+ case WLAN_FC_FROMDS: -+ bssid = hdr->addr2; -+ break; - default: - /* discard */ - return; -@@ -1908,6 +1912,150 @@ static void handle_monitor_read(int sock - } - - -+/* -+ * we post-process the filter code later and rewrite -+ * this to the offset to the last instruction -+ */ -+#define PASS 0xFF -+#define FAIL 0xFE -+ -+static struct sock_filter msock_filter_insns[] = { -+ /* -+ * do a little-endian load of the radiotap length field -+ */ -+ /* load lower byte into A */ -+ BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 2), -+ /* put it into X (== index register) */ -+ BPF_STMT(BPF_MISC| BPF_TAX, 0), -+ /* load upper byte into A */ -+ BPF_STMT(BPF_LD | BPF_B | BPF_ABS, 3), -+ /* left-shift it by 8 */ -+ BPF_STMT(BPF_ALU | BPF_LSH | BPF_K, 8), -+ /* or with X */ -+ BPF_STMT(BPF_ALU | BPF_OR | BPF_X, 0), -+ /* put result into X */ -+ BPF_STMT(BPF_MISC| BPF_TAX, 0), -+ -+ /* -+ * Allow management frames through, this also gives us those -+ * management frames that we sent ourselves with status -+ */ -+ /* load the lower byte of the IEEE 802.11 frame control field */ -+ BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0), -+ /* mask off frame type and version */ -+ BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0xF), -+ /* accept frame if it's both 0, fall through otherwise */ -+ BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0, PASS, 0), -+ -+ /* -+ * TODO: add a bit to radiotap RX flags that indicates -+ * that the sending station is not associated, then -+ * add a filter here that filters on our DA and that flag -+ * to allow us to deauth frames to that bad station. -+ * -+ * Not a regression -- we didn't do it before either. -+ */ -+ -+#if 0 -+ /* -+ * drop non-data frames, WDS frames -+ */ -+ /* load the lower byte of the frame control field */ -+ BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0), -+ /* mask off QoS bit */ -+ BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x0c), -+ /* drop non-data frames */ -+ BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 8, 0, FAIL), -+ /* load the upper byte of the frame control field */ -+ BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0), -+ /* mask off toDS/fromDS */ -+ BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x03), -+ /* drop WDS frames */ -+ BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 3, FAIL, 0), -+#endif -+ -+ /* -+ * add header length to index -+ */ -+ /* load the lower byte of the frame control field */ -+ BPF_STMT(BPF_LD | BPF_B | BPF_IND, 0), -+ /* mask off QoS bit */ -+ BPF_STMT(BPF_ALU | BPF_AND | BPF_K, 0x80), -+ /* right shift it by 6 to give 0 or 2 */ -+ BPF_STMT(BPF_ALU | BPF_RSH | BPF_K, 6), -+ /* add data frame header length */ -+ BPF_STMT(BPF_ALU | BPF_ADD | BPF_K, 24), -+ /* add index, was start of 802.11 header */ -+ BPF_STMT(BPF_ALU | BPF_ADD | BPF_X, 0), -+ /* move to index, now start of LL header */ -+ BPF_STMT(BPF_MISC | BPF_TAX, 0), -+ -+ /* -+ * Accept empty data frames, we use those for -+ * polling activity. -+ */ -+ BPF_STMT(BPF_LD | BPF_W | BPF_LEN, 0), -+ BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_X, 0, PASS, 0), -+ -+ /* -+ * Accept EAPOL frames -+ */ -+ BPF_STMT(BPF_LD | BPF_W | BPF_IND, 0), -+ BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0xAAAA0300, 0, FAIL), -+ BPF_STMT(BPF_LD | BPF_W | BPF_IND, 4), -+ BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0x0000888E, PASS, FAIL), -+ -+ /* keep these last two statements or change the code below */ -+ /* return 0 == "DROP" */ -+ BPF_STMT(BPF_RET | BPF_K, 0), -+ /* return ~0 == "keep all" */ -+ BPF_STMT(BPF_RET | BPF_K, ~0), -+}; -+ -+static struct sock_fprog msock_filter = { -+ .len = sizeof(msock_filter_insns)/sizeof(msock_filter_insns[0]), -+ .filter = msock_filter_insns, -+}; -+ -+ -+static int add_monitor_filter(int s) -+{ -+ int idx; -+ -+ /* rewrite all PASS/FAIL jump offsets */ -+ for (idx = 0; idx < msock_filter.len; idx++) { -+ struct sock_filter *insn = &msock_filter_insns[idx]; -+ -+ if (BPF_CLASS(insn->code) == BPF_JMP) { -+ if (insn->code == (BPF_JMP|BPF_JA)) { -+ if (insn->k == PASS) -+ insn->k = msock_filter.len - idx - 2; -+ else if (insn->k == FAIL) -+ insn->k = msock_filter.len - idx - 3; -+ } -+ -+ if (insn->jt == PASS) -+ insn->jt = msock_filter.len - idx - 2; -+ else if (insn->jt == FAIL) -+ insn->jt = msock_filter.len - idx - 3; -+ -+ if (insn->jf == PASS) -+ insn->jf = msock_filter.len - idx - 2; -+ else if (insn->jf == FAIL) -+ insn->jf = msock_filter.len - idx - 3; -+ } -+ } -+ -+ if (setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER, -+ &msock_filter, sizeof(msock_filter))) { -+ perror("SO_ATTACH_FILTER"); -+ return -1; -+ } -+ -+ return 0; -+} -+ -+ - static int nl80211_create_monitor_interface(struct i802_driver_data *drv) - { - char buf[IFNAMSIZ]; -@@ -1936,6 +2084,12 @@ static int nl80211_create_monitor_interf - goto error; - } - -+ if (add_monitor_filter(drv->monitor_sock)) { -+ wpa_printf(MSG_INFO, "Failed to set socket filter for monitor " -+ "interface; do filtering in user space"); -+ /* This works, but will cost in performance. */ -+ } -+ - if (bind(drv->monitor_sock, (struct sockaddr *) &ll, - sizeof(ll)) < 0) { - perror("monitor socket bind"); diff --git a/package/hostapd/patches/120-countrycode.patch b/package/hostapd/patches/120-countrycode.patch index b719544ada..8ffc65ca21 100644 --- a/package/hostapd/patches/120-countrycode.patch +++ b/package/hostapd/patches/120-countrycode.patch @@ -1,10 +1,14 @@ --- a/hostapd/hostapd.c +++ b/hostapd/hostapd.c -@@ -1535,7 +1535,6 @@ static int setup_interface(struct hostap - hostapd_set_ieee80211d(hapd, 1) < 0) { - printf("Failed to set ieee80211d (%d)\n", - hapd->iconf->ieee80211d); -- return -1; +@@ -1546,10 +1546,8 @@ static int setup_interface(struct hostap + if (hapd->iconf->country[0] && hapd->iconf->country[1]) { + os_memcpy(country, hapd->iconf->country, 3); + country[3] = '\0'; +- if (hostapd_set_country(hapd, country) < 0) { ++ if (hostapd_set_country(hapd, country) < 0) + wpa_printf(MSG_ERROR, "Failed to set country code"); +- return -1; +- } } - if (hapd->iconf->bridge_packets != INTERNAL_BRIDGE_DO_NOT_CONTROL && + if (hapd->iconf->ieee80211d && |