Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 14 Aug 2018 20:02:02 +0000 (UTC)
From:      Cy Schubert <cy@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org
Subject:   svn commit: r337817 - in stable/11: contrib/wpa contrib/wpa/hostapd contrib/wpa/hs20/client contrib/wpa/patches contrib/wpa/src/ap contrib/wpa/src/common contrib/wpa/src/crypto contrib/wpa/src/driv...
Message-ID:  <201808142002.w7EK22GQ098425@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: cy
Date: Tue Aug 14 20:02:01 2018
New Revision: 337817
URL: https://svnweb.freebsd.org/changeset/base/337817

Log:
  MFC r336203, r336499, r336501-r336502, r336506, r336510, r336512-r336513, r336515, r336528-r336531
  
  r336203:
  MFV r324714:
  
  Update wpa 2.5 --> 2.6.
  
  r336499:
  MFV: r336485
  
  Address: hostapd: Avoid key reinstallation in FT handshake
  
  Obtained from:	https://w1.fi/security/2017-1/\
  		rebased-v2.6-0001-hostapd-Avoid-key-\
  		reinstallation-in-FT-handshake.patch
  
  r336501:
  MFV: r336486
  
  Prevent reinstallation of an already in-use group key.
  Upline git commit cb5132bb35698cc0c743e34fe0e845dfc4c3e410.
  
  Obtained from:	https://w1.fi/security/2017-1/\
  		rebased-v2.6-0002-Prevent-reinstallation-\
  		of-an-already-in-use-group-ke.patch
  
  r336502:
  MFV r336487:
  
  Import upline security patch: Extend protection of GTK/IGTK
  reinstallation of WNM-Sleep Mode cases.  This git commit
  87e2db16bafcbc60b8d0016175814a73c1e8ed45.
  
  This commit is is simply a pops change as r324696 already plugged
  this vulnerability. To maintain consistency with the vendor branch
  props will be changed.
  
  Obtained from:	https://w1.fi/security/2017-1/\
  		rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-\
  		reinstallation-of-WNM-.patch
  
  r336506:
  MFV r336490:
  
  Prevent installation of an all-zero TK.
  This is also upline git commit 53bb18cc8b7a4da72e47e4b3752d0d2135cffb23.
  
  Obtained from:	https://w1.fi/security/2017-1/\
  		rebased-v2.6-0004-Prevent-installation-\
  		of-an-all-zero-TK.patch
  
  r336510:
  MFV r336493:
  
  Fix PTK rekeying to generate a new ANonce.
  This is also upline git commit 0adc9b28b39d414d5febfff752f6a1576f785c85.
  
  This commit is a NOP, just changing props as the heavy lifting was
  done by r324696. This just brings us into line with the vendor branch.
  
  Obtained from:	https://w1.fi/security/2017-1/\
  		rebased-v2.6-0005-Fix-PTK-rekeying-to-\
  		generate-a-new-ANonce.patch
  
  r336512:
  MFV r336494:
  
  TDLS: Reject TPK-TK reconfiguration.
  This is also upline git commmit ff89af96e5a35c86f50330d2b86c18323318a60c.
  
  Once again this is a NOP as this is a props change to sync up with
  the vendor branch. The real commit is in r324696.
  
  Obtained from:	https://w1.fi/security/2017-1/\
  		rebased-v2.6-0006-TDLS-Reject-TPK-TK-\
  		reconfiguration.patch
  
  r336513:
  MFV r336495:
  
  Another props change. The real work was done by r324696. We're simply
  syncing up with the vendor branch again.
  
  mport upline security patch:  WNM: Ignore WNM-Sleep Mode Request in
  wnm_sleep_mode=0 case. This is also upline git commit
  114f2830d2c2aee6db23d48240e93415a256a37c.
  
  Obtained from:	https://w1.fi/security/2017-1/\
  		rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-\
  		Response-without-pending-r.patch
  
  r336515:
  MFV r336496:
  
  A props change to sync up with the vendor branch. The real work was
  done by r324696.
  
  FILS: Do not allow multiple (Re)Association Response frames.
  This is also upline git commit e760851176c77ae6de19821bb1d5bf3ae2cb5187.
  
  Obtained from:	https://w1.fi/security/2017-1/\
  		rebased-v2.6-0008-FT-Do-not-allow-multiple-\
  		Reassociation-Response-fram.patch
  
  r336528:
  Revert r336501. It was a of the wrong rev from the vendor branch.
  
  r336529:
  MFV: r336486
  
  Prevent reinstallation of an already in-use group key.
  Upline git commit cb5132bb35698cc0c743e34fe0e845dfc4c3e410.
  
  Obtained from:	https://w1.fi/security/2017-1/\
  		rebased-v2.6-0002-Prevent-reinstallation-\
  		of-an-already-in-use-group-ke.patch
  
  r336530:
  To reduce our diff between our sources and our upline, sync up
  with upline. Also making it easier to read.
  
  Obtained from:	diffing base with ports
  
  r336531:
  Remove a redundant declaration.
  
  While at it add a blank line, conforming with the convention
  used in this file.

Added:
  stable/11/contrib/wpa/src/ap/mbo_ap.c
     - copied unchanged from r336203, head/contrib/wpa/src/ap/mbo_ap.c
  stable/11/contrib/wpa/src/ap/mbo_ap.h
     - copied unchanged from r336203, head/contrib/wpa/src/ap/mbo_ap.h
  stable/11/contrib/wpa/src/ap/neighbor_db.c
     - copied unchanged from r336203, head/contrib/wpa/src/ap/neighbor_db.c
  stable/11/contrib/wpa/src/ap/neighbor_db.h
     - copied unchanged from r336203, head/contrib/wpa/src/ap/neighbor_db.h
  stable/11/contrib/wpa/src/ap/rrm.c
     - copied unchanged from r336203, head/contrib/wpa/src/ap/rrm.c
  stable/11/contrib/wpa/src/ap/rrm.h
     - copied unchanged from r336203, head/contrib/wpa/src/ap/rrm.h
  stable/11/contrib/wpa/src/ap/taxonomy.c
     - copied unchanged from r336203, head/contrib/wpa/src/ap/taxonomy.c
  stable/11/contrib/wpa/src/ap/taxonomy.h
     - copied unchanged from r336203, head/contrib/wpa/src/ap/taxonomy.h
  stable/11/contrib/wpa/src/ap/vlan.c
     - copied unchanged from r336203, head/contrib/wpa/src/ap/vlan.c
  stable/11/contrib/wpa/src/ap/vlan.h
     - copied unchanged from r336203, head/contrib/wpa/src/ap/vlan.h
  stable/11/contrib/wpa/src/ap/vlan_full.c
     - copied unchanged from r336203, head/contrib/wpa/src/ap/vlan_full.c
  stable/11/contrib/wpa/src/ap/vlan_ifconfig.c
     - copied unchanged from r336203, head/contrib/wpa/src/ap/vlan_ifconfig.c
  stable/11/contrib/wpa/src/ap/vlan_ioctl.c
     - copied unchanged from r336203, head/contrib/wpa/src/ap/vlan_ioctl.c
  stable/11/contrib/wpa/src/common/cli.c
     - copied unchanged from r336203, head/contrib/wpa/src/common/cli.c
  stable/11/contrib/wpa/src/common/cli.h
     - copied unchanged from r336203, head/contrib/wpa/src/common/cli.h
  stable/11/contrib/wpa/src/common/ctrl_iface_common.c
     - copied unchanged from r336203, head/contrib/wpa/src/common/ctrl_iface_common.c
  stable/11/contrib/wpa/src/common/ctrl_iface_common.h
     - copied unchanged from r336203, head/contrib/wpa/src/common/ctrl_iface_common.h
  stable/11/contrib/wpa/src/crypto/sha384-internal.c
     - copied unchanged from r336203, head/contrib/wpa/src/crypto/sha384-internal.c
  stable/11/contrib/wpa/src/crypto/sha384_i.h
     - copied unchanged from r336203, head/contrib/wpa/src/crypto/sha384_i.h
  stable/11/contrib/wpa/src/crypto/sha512-internal.c
     - copied unchanged from r336203, head/contrib/wpa/src/crypto/sha512-internal.c
  stable/11/contrib/wpa/src/crypto/sha512_i.h
     - copied unchanged from r336203, head/contrib/wpa/src/crypto/sha512_i.h
  stable/11/contrib/wpa/src/crypto/tls_openssl.h
     - copied unchanged from r336203, head/contrib/wpa/src/crypto/tls_openssl.h
  stable/11/contrib/wpa/src/crypto/tls_openssl_ocsp.c
     - copied unchanged from r336203, head/contrib/wpa/src/crypto/tls_openssl_ocsp.c
  stable/11/contrib/wpa/src/tls/tlsv1_client_ocsp.c
     - copied unchanged from r336203, head/contrib/wpa/src/tls/tlsv1_client_ocsp.c
  stable/11/contrib/wpa/src/utils/module_tests.h
     - copied unchanged from r336203, head/contrib/wpa/src/utils/module_tests.h
  stable/11/contrib/wpa/wpa_supplicant/Android.mk
     - copied unchanged from r336203, head/contrib/wpa/wpa_supplicant/Android.mk
  stable/11/contrib/wpa/wpa_supplicant/README-Windows.txt
     - copied unchanged from r336203, head/contrib/wpa/wpa_supplicant/README-Windows.txt
  stable/11/contrib/wpa/wpa_supplicant/android.config
     - copied unchanged from r336203, head/contrib/wpa/wpa_supplicant/android.config
  stable/11/contrib/wpa/wpa_supplicant/binder/
     - copied from r336203, head/contrib/wpa/wpa_supplicant/binder/
  stable/11/contrib/wpa/wpa_supplicant/libwpa_test.c
     - copied unchanged from r336203, head/contrib/wpa/wpa_supplicant/libwpa_test.c
  stable/11/contrib/wpa/wpa_supplicant/mbo.c
     - copied unchanged from r336203, head/contrib/wpa/wpa_supplicant/mbo.c
  stable/11/contrib/wpa/wpa_supplicant/systemd/
     - copied from r336203, head/contrib/wpa/wpa_supplicant/systemd/
  stable/11/contrib/wpa/wpa_supplicant/vs2005/
     - copied from r336203, head/contrib/wpa/wpa_supplicant/vs2005/
Deleted:
  stable/11/contrib/wpa/patches/openssl-0.9.8za-tls-extensions.patch
  stable/11/contrib/wpa/patches/openssl-0.9.8zf-tls-extensions.patch
  stable/11/contrib/wpa/wpa_supplicant/tests/link_test.c
  stable/11/contrib/wpa/wpa_supplicant/tests/test_eap_sim_common.c
  stable/11/contrib/wpa/wpa_supplicant/tests/test_wpa.c
Modified:
  stable/11/contrib/wpa/CONTRIBUTIONS
  stable/11/contrib/wpa/COPYING
  stable/11/contrib/wpa/README
  stable/11/contrib/wpa/hostapd/ChangeLog
  stable/11/contrib/wpa/hostapd/README
  stable/11/contrib/wpa/hostapd/config_file.c
  stable/11/contrib/wpa/hostapd/ctrl_iface.c
  stable/11/contrib/wpa/hostapd/defconfig
  stable/11/contrib/wpa/hostapd/hapd_module_tests.c
  stable/11/contrib/wpa/hostapd/hlr_auc_gw.c
  stable/11/contrib/wpa/hostapd/hostapd.conf
  stable/11/contrib/wpa/hostapd/hostapd_cli.c
  stable/11/contrib/wpa/hostapd/main.c
  stable/11/contrib/wpa/hs20/client/Android.mk
  stable/11/contrib/wpa/hs20/client/Makefile
  stable/11/contrib/wpa/hs20/client/est.c
  stable/11/contrib/wpa/hs20/client/osu_client.c
  stable/11/contrib/wpa/src/ap/accounting.c
  stable/11/contrib/wpa/src/ap/accounting.h
  stable/11/contrib/wpa/src/ap/acs.c
  stable/11/contrib/wpa/src/ap/ap_config.c
  stable/11/contrib/wpa/src/ap/ap_config.h
  stable/11/contrib/wpa/src/ap/ap_drv_ops.c
  stable/11/contrib/wpa/src/ap/ap_drv_ops.h
  stable/11/contrib/wpa/src/ap/ap_mlme.c
  stable/11/contrib/wpa/src/ap/authsrv.c
  stable/11/contrib/wpa/src/ap/beacon.c
  stable/11/contrib/wpa/src/ap/beacon.h
  stable/11/contrib/wpa/src/ap/ctrl_iface_ap.c
  stable/11/contrib/wpa/src/ap/ctrl_iface_ap.h
  stable/11/contrib/wpa/src/ap/dfs.c
  stable/11/contrib/wpa/src/ap/dhcp_snoop.c
  stable/11/contrib/wpa/src/ap/drv_callbacks.c
  stable/11/contrib/wpa/src/ap/gas_serv.c
  stable/11/contrib/wpa/src/ap/gas_serv.h
  stable/11/contrib/wpa/src/ap/hostapd.c
  stable/11/contrib/wpa/src/ap/hostapd.h
  stable/11/contrib/wpa/src/ap/hw_features.c
  stable/11/contrib/wpa/src/ap/iapp.c
  stable/11/contrib/wpa/src/ap/ieee802_11.c
  stable/11/contrib/wpa/src/ap/ieee802_11.h
  stable/11/contrib/wpa/src/ap/ieee802_11_auth.c
  stable/11/contrib/wpa/src/ap/ieee802_11_auth.h
  stable/11/contrib/wpa/src/ap/ieee802_11_ht.c
  stable/11/contrib/wpa/src/ap/ieee802_11_shared.c
  stable/11/contrib/wpa/src/ap/ieee802_11_vht.c
  stable/11/contrib/wpa/src/ap/ieee802_1x.c
  stable/11/contrib/wpa/src/ap/ieee802_1x.h
  stable/11/contrib/wpa/src/ap/ndisc_snoop.c
  stable/11/contrib/wpa/src/ap/pmksa_cache_auth.c
  stable/11/contrib/wpa/src/ap/pmksa_cache_auth.h
  stable/11/contrib/wpa/src/ap/sta_info.c
  stable/11/contrib/wpa/src/ap/sta_info.h
  stable/11/contrib/wpa/src/ap/vlan_init.c
  stable/11/contrib/wpa/src/ap/vlan_init.h
  stable/11/contrib/wpa/src/ap/vlan_util.c
  stable/11/contrib/wpa/src/ap/vlan_util.h
  stable/11/contrib/wpa/src/ap/wnm_ap.c
  stable/11/contrib/wpa/src/ap/wnm_ap.h
  stable/11/contrib/wpa/src/ap/wpa_auth.c
  stable/11/contrib/wpa/src/ap/wpa_auth.h
  stable/11/contrib/wpa/src/ap/wpa_auth_ft.c
  stable/11/contrib/wpa/src/ap/wpa_auth_glue.c
  stable/11/contrib/wpa/src/ap/wpa_auth_i.h
  stable/11/contrib/wpa/src/ap/wpa_auth_ie.c
  stable/11/contrib/wpa/src/ap/wps_hostapd.c
  stable/11/contrib/wpa/src/common/common_module_tests.c
  stable/11/contrib/wpa/src/common/defs.h
  stable/11/contrib/wpa/src/common/eapol_common.h
  stable/11/contrib/wpa/src/common/ieee802_11_common.c
  stable/11/contrib/wpa/src/common/ieee802_11_common.h
  stable/11/contrib/wpa/src/common/ieee802_11_defs.h
  stable/11/contrib/wpa/src/common/ieee802_1x_defs.h
  stable/11/contrib/wpa/src/common/qca-vendor.h
  stable/11/contrib/wpa/src/common/sae.c
  stable/11/contrib/wpa/src/common/sae.h
  stable/11/contrib/wpa/src/common/version.h
  stable/11/contrib/wpa/src/common/wpa_common.c
  stable/11/contrib/wpa/src/common/wpa_common.h
  stable/11/contrib/wpa/src/common/wpa_ctrl.c
  stable/11/contrib/wpa/src/common/wpa_ctrl.h
  stable/11/contrib/wpa/src/common/wpa_helpers.c
  stable/11/contrib/wpa/src/crypto/aes-cbc.c
  stable/11/contrib/wpa/src/crypto/aes-omac1.c
  stable/11/contrib/wpa/src/crypto/crypto.h
  stable/11/contrib/wpa/src/crypto/crypto_internal.c
  stable/11/contrib/wpa/src/crypto/crypto_module_tests.c
  stable/11/contrib/wpa/src/crypto/crypto_openssl.c
  stable/11/contrib/wpa/src/crypto/dh_group5.c
  stable/11/contrib/wpa/src/crypto/dh_groups.c
  stable/11/contrib/wpa/src/crypto/fips_prf_openssl.c
  stable/11/contrib/wpa/src/crypto/md4-internal.c
  stable/11/contrib/wpa/src/crypto/md5-internal.c
  stable/11/contrib/wpa/src/crypto/ms_funcs.c
  stable/11/contrib/wpa/src/crypto/sha1-internal.c
  stable/11/contrib/wpa/src/crypto/sha256-internal.c
  stable/11/contrib/wpa/src/crypto/sha256-prf.c
  stable/11/contrib/wpa/src/crypto/sha256.h
  stable/11/contrib/wpa/src/crypto/tls.h
  stable/11/contrib/wpa/src/crypto/tls_gnutls.c
  stable/11/contrib/wpa/src/crypto/tls_internal.c
  stable/11/contrib/wpa/src/crypto/tls_none.c
  stable/11/contrib/wpa/src/crypto/tls_openssl.c
  stable/11/contrib/wpa/src/drivers/driver.h
  stable/11/contrib/wpa/src/drivers/driver_bsd.c
  stable/11/contrib/wpa/src/drivers/driver_common.c
  stable/11/contrib/wpa/src/drivers/driver_macsec_qca.c
  stable/11/contrib/wpa/src/drivers/driver_ndis.c
  stable/11/contrib/wpa/src/drivers/driver_nl80211.h
  stable/11/contrib/wpa/src/drivers/driver_nl80211_capa.c
  stable/11/contrib/wpa/src/drivers/driver_nl80211_event.c
  stable/11/contrib/wpa/src/drivers/driver_nl80211_monitor.c
  stable/11/contrib/wpa/src/drivers/driver_nl80211_scan.c
  stable/11/contrib/wpa/src/drivers/driver_privsep.c
  stable/11/contrib/wpa/src/drivers/driver_wired.c
  stable/11/contrib/wpa/src/drivers/drivers.c
  stable/11/contrib/wpa/src/eap_common/eap_eke_common.c
  stable/11/contrib/wpa/src/eap_common/eap_fast_common.c
  stable/11/contrib/wpa/src/eap_common/eap_fast_common.h
  stable/11/contrib/wpa/src/eap_common/eap_gpsk_common.c
  stable/11/contrib/wpa/src/eap_common/eap_pax_common.c
  stable/11/contrib/wpa/src/eap_common/eap_pwd_common.c
  stable/11/contrib/wpa/src/eap_common/eap_sake_common.c
  stable/11/contrib/wpa/src/eap_common/ikev2_common.c
  stable/11/contrib/wpa/src/eap_peer/eap.c
  stable/11/contrib/wpa/src/eap_peer/eap_aka.c
  stable/11/contrib/wpa/src/eap_peer/eap_config.h
  stable/11/contrib/wpa/src/eap_peer/eap_eke.c
  stable/11/contrib/wpa/src/eap_peer/eap_fast.c
  stable/11/contrib/wpa/src/eap_peer/eap_fast_pac.c
  stable/11/contrib/wpa/src/eap_peer/eap_gpsk.c
  stable/11/contrib/wpa/src/eap_peer/eap_gtc.c
  stable/11/contrib/wpa/src/eap_peer/eap_i.h
  stable/11/contrib/wpa/src/eap_peer/eap_ikev2.c
  stable/11/contrib/wpa/src/eap_peer/eap_leap.c
  stable/11/contrib/wpa/src/eap_peer/eap_md5.c
  stable/11/contrib/wpa/src/eap_peer/eap_methods.c
  stable/11/contrib/wpa/src/eap_peer/eap_methods.h
  stable/11/contrib/wpa/src/eap_peer/eap_mschapv2.c
  stable/11/contrib/wpa/src/eap_peer/eap_otp.c
  stable/11/contrib/wpa/src/eap_peer/eap_pax.c
  stable/11/contrib/wpa/src/eap_peer/eap_peap.c
  stable/11/contrib/wpa/src/eap_peer/eap_psk.c
  stable/11/contrib/wpa/src/eap_peer/eap_pwd.c
  stable/11/contrib/wpa/src/eap_peer/eap_sake.c
  stable/11/contrib/wpa/src/eap_peer/eap_sim.c
  stable/11/contrib/wpa/src/eap_peer/eap_tls.c
  stable/11/contrib/wpa/src/eap_peer/eap_tls_common.c
  stable/11/contrib/wpa/src/eap_peer/eap_tnc.c
  stable/11/contrib/wpa/src/eap_peer/eap_ttls.c
  stable/11/contrib/wpa/src/eap_peer/eap_vendor_test.c
  stable/11/contrib/wpa/src/eap_peer/eap_wsc.c
  stable/11/contrib/wpa/src/eap_peer/ikev2.c
  stable/11/contrib/wpa/src/eap_peer/tncc.c
  stable/11/contrib/wpa/src/eap_server/eap_methods.h
  stable/11/contrib/wpa/src/eap_server/eap_server_aka.c
  stable/11/contrib/wpa/src/eap_server/eap_server_eke.c
  stable/11/contrib/wpa/src/eap_server/eap_server_fast.c
  stable/11/contrib/wpa/src/eap_server/eap_server_gpsk.c
  stable/11/contrib/wpa/src/eap_server/eap_server_gtc.c
  stable/11/contrib/wpa/src/eap_server/eap_server_identity.c
  stable/11/contrib/wpa/src/eap_server/eap_server_ikev2.c
  stable/11/contrib/wpa/src/eap_server/eap_server_md5.c
  stable/11/contrib/wpa/src/eap_server/eap_server_methods.c
  stable/11/contrib/wpa/src/eap_server/eap_server_mschapv2.c
  stable/11/contrib/wpa/src/eap_server/eap_server_pax.c
  stable/11/contrib/wpa/src/eap_server/eap_server_peap.c
  stable/11/contrib/wpa/src/eap_server/eap_server_psk.c
  stable/11/contrib/wpa/src/eap_server/eap_server_pwd.c
  stable/11/contrib/wpa/src/eap_server/eap_server_sake.c
  stable/11/contrib/wpa/src/eap_server/eap_server_sim.c
  stable/11/contrib/wpa/src/eap_server/eap_server_tls.c
  stable/11/contrib/wpa/src/eap_server/eap_server_tls_common.c
  stable/11/contrib/wpa/src/eap_server/eap_server_tnc.c
  stable/11/contrib/wpa/src/eap_server/eap_server_ttls.c
  stable/11/contrib/wpa/src/eap_server/eap_server_vendor_test.c
  stable/11/contrib/wpa/src/eap_server/eap_server_wsc.c
  stable/11/contrib/wpa/src/eap_server/eap_sim_db.c
  stable/11/contrib/wpa/src/eap_server/eap_sim_db.h
  stable/11/contrib/wpa/src/eap_server/ikev2.c
  stable/11/contrib/wpa/src/eap_server/tncs.c
  stable/11/contrib/wpa/src/eapol_auth/eapol_auth_sm.c
  stable/11/contrib/wpa/src/eapol_auth/eapol_auth_sm_i.h
  stable/11/contrib/wpa/src/eapol_supp/eapol_supp_sm.c
  stable/11/contrib/wpa/src/fst/fst.c
  stable/11/contrib/wpa/src/fst/fst_ctrl_aux.c
  stable/11/contrib/wpa/src/fst/fst_ctrl_iface.c
  stable/11/contrib/wpa/src/fst/fst_defs.h
  stable/11/contrib/wpa/src/fst/fst_group.c
  stable/11/contrib/wpa/src/fst/fst_group.h
  stable/11/contrib/wpa/src/fst/fst_iface.c
  stable/11/contrib/wpa/src/fst/fst_iface.h
  stable/11/contrib/wpa/src/fst/fst_session.c
  stable/11/contrib/wpa/src/p2p/p2p.c
  stable/11/contrib/wpa/src/p2p/p2p.h
  stable/11/contrib/wpa/src/p2p/p2p_build.c
  stable/11/contrib/wpa/src/p2p/p2p_go_neg.c
  stable/11/contrib/wpa/src/p2p/p2p_group.c
  stable/11/contrib/wpa/src/p2p/p2p_i.h
  stable/11/contrib/wpa/src/p2p/p2p_invitation.c
  stable/11/contrib/wpa/src/p2p/p2p_parse.c
  stable/11/contrib/wpa/src/p2p/p2p_pd.c
  stable/11/contrib/wpa/src/p2p/p2p_sd.c
  stable/11/contrib/wpa/src/pae/ieee802_1x_cp.c
  stable/11/contrib/wpa/src/pae/ieee802_1x_cp.h
  stable/11/contrib/wpa/src/pae/ieee802_1x_kay.c
  stable/11/contrib/wpa/src/pae/ieee802_1x_kay.h
  stable/11/contrib/wpa/src/pae/ieee802_1x_kay_i.h
  stable/11/contrib/wpa/src/pae/ieee802_1x_secy_ops.c
  stable/11/contrib/wpa/src/pae/ieee802_1x_secy_ops.h
  stable/11/contrib/wpa/src/radius/radius.c
  stable/11/contrib/wpa/src/radius/radius.h
  stable/11/contrib/wpa/src/radius/radius_client.c
  stable/11/contrib/wpa/src/radius/radius_client.h
  stable/11/contrib/wpa/src/radius/radius_das.c
  stable/11/contrib/wpa/src/radius/radius_das.h
  stable/11/contrib/wpa/src/rsn_supp/pmksa_cache.c
  stable/11/contrib/wpa/src/rsn_supp/pmksa_cache.h
  stable/11/contrib/wpa/src/rsn_supp/preauth.c
  stable/11/contrib/wpa/src/rsn_supp/preauth.h
  stable/11/contrib/wpa/src/rsn_supp/tdls.c
  stable/11/contrib/wpa/src/rsn_supp/wpa.c
  stable/11/contrib/wpa/src/rsn_supp/wpa.h
  stable/11/contrib/wpa/src/rsn_supp/wpa_i.h
  stable/11/contrib/wpa/src/rsn_supp/wpa_ie.c
  stable/11/contrib/wpa/src/tls/asn1.h
  stable/11/contrib/wpa/src/tls/pkcs5.c
  stable/11/contrib/wpa/src/tls/tlsv1_client.c
  stable/11/contrib/wpa/src/tls/tlsv1_client.h
  stable/11/contrib/wpa/src/tls/tlsv1_client_i.h
  stable/11/contrib/wpa/src/tls/tlsv1_client_read.c
  stable/11/contrib/wpa/src/tls/tlsv1_client_write.c
  stable/11/contrib/wpa/src/tls/tlsv1_common.c
  stable/11/contrib/wpa/src/tls/tlsv1_common.h
  stable/11/contrib/wpa/src/tls/tlsv1_cred.c
  stable/11/contrib/wpa/src/tls/tlsv1_cred.h
  stable/11/contrib/wpa/src/tls/tlsv1_server_i.h
  stable/11/contrib/wpa/src/tls/tlsv1_server_read.c
  stable/11/contrib/wpa/src/tls/tlsv1_server_write.c
  stable/11/contrib/wpa/src/tls/x509v3.c
  stable/11/contrib/wpa/src/tls/x509v3.h
  stable/11/contrib/wpa/src/utils/browser-android.c
  stable/11/contrib/wpa/src/utils/common.c
  stable/11/contrib/wpa/src/utils/common.h
  stable/11/contrib/wpa/src/utils/edit_simple.c
  stable/11/contrib/wpa/src/utils/eloop.c
  stable/11/contrib/wpa/src/utils/eloop.h
  stable/11/contrib/wpa/src/utils/eloop_win.c
  stable/11/contrib/wpa/src/utils/ext_password.c
  stable/11/contrib/wpa/src/utils/ext_password_i.h
  stable/11/contrib/wpa/src/utils/http_curl.c
  stable/11/contrib/wpa/src/utils/os.h
  stable/11/contrib/wpa/src/utils/os_unix.c
  stable/11/contrib/wpa/src/utils/pcsc_funcs.c
  stable/11/contrib/wpa/src/utils/platform.h
  stable/11/contrib/wpa/src/utils/radiotap.c
  stable/11/contrib/wpa/src/utils/radiotap.h
  stable/11/contrib/wpa/src/utils/radiotap_iter.h
  stable/11/contrib/wpa/src/utils/trace.c
  stable/11/contrib/wpa/src/utils/trace.h
  stable/11/contrib/wpa/src/utils/utils_module_tests.c
  stable/11/contrib/wpa/src/utils/wpa_debug.c
  stable/11/contrib/wpa/src/utils/wpabuf.c
  stable/11/contrib/wpa/src/utils/wpabuf.h
  stable/11/contrib/wpa/src/utils/xml_libxml2.c
  stable/11/contrib/wpa/src/wps/wps.c
  stable/11/contrib/wpa/src/wps/wps.h
  stable/11/contrib/wpa/src/wps/wps_attr_build.c
  stable/11/contrib/wpa/src/wps/wps_attr_parse.c
  stable/11/contrib/wpa/src/wps/wps_attr_process.c
  stable/11/contrib/wpa/src/wps/wps_common.c
  stable/11/contrib/wpa/src/wps/wps_defs.h
  stable/11/contrib/wpa/src/wps/wps_enrollee.c
  stable/11/contrib/wpa/src/wps/wps_i.h
  stable/11/contrib/wpa/src/wps/wps_module_tests.c
  stable/11/contrib/wpa/src/wps/wps_registrar.c
  stable/11/contrib/wpa/src/wps/wps_upnp.c
  stable/11/contrib/wpa/src/wps/wps_upnp.h
  stable/11/contrib/wpa/src/wps/wps_upnp_i.h
  stable/11/contrib/wpa/src/wps/wps_upnp_ssdp.c
  stable/11/contrib/wpa/src/wps/wps_upnp_web.c
  stable/11/contrib/wpa/wpa_supplicant/ChangeLog
  stable/11/contrib/wpa/wpa_supplicant/README
  stable/11/contrib/wpa/wpa_supplicant/README-HS20
  stable/11/contrib/wpa/wpa_supplicant/README-P2P
  stable/11/contrib/wpa/wpa_supplicant/ap.c
  stable/11/contrib/wpa/wpa_supplicant/ap.h
  stable/11/contrib/wpa/wpa_supplicant/autoscan.c
  stable/11/contrib/wpa/wpa_supplicant/autoscan.h
  stable/11/contrib/wpa/wpa_supplicant/bgscan.c
  stable/11/contrib/wpa/wpa_supplicant/bgscan.h
  stable/11/contrib/wpa/wpa_supplicant/bss.c
  stable/11/contrib/wpa/wpa_supplicant/bss.h
  stable/11/contrib/wpa/wpa_supplicant/config.c
  stable/11/contrib/wpa/wpa_supplicant/config.h
  stable/11/contrib/wpa/wpa_supplicant/config_file.c
  stable/11/contrib/wpa/wpa_supplicant/config_ssid.h
  stable/11/contrib/wpa/wpa_supplicant/ctrl_iface.c
  stable/11/contrib/wpa/wpa_supplicant/ctrl_iface_udp.c
  stable/11/contrib/wpa/wpa_supplicant/ctrl_iface_unix.c
  stable/11/contrib/wpa/wpa_supplicant/dbus/dbus-wpa_supplicant.conf
  stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_common_i.h
  stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_dict_helpers.c
  stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_dict_helpers.h
  stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new.c
  stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new.h
  stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.c
  stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.h
  stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_p2p.c
  stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_p2p.h
  stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_wps.c
  stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new_helpers.c
  stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new_helpers.h
  stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_new_introspect.c
  stable/11/contrib/wpa/wpa_supplicant/dbus/dbus_old_handlers.c
  stable/11/contrib/wpa/wpa_supplicant/defconfig
  stable/11/contrib/wpa/wpa_supplicant/driver_i.h
  stable/11/contrib/wpa/wpa_supplicant/eapol_test.c
  stable/11/contrib/wpa/wpa_supplicant/events.c
  stable/11/contrib/wpa/wpa_supplicant/gas_query.c
  stable/11/contrib/wpa/wpa_supplicant/gas_query.h
  stable/11/contrib/wpa/wpa_supplicant/hs20_supplicant.c
  stable/11/contrib/wpa/wpa_supplicant/hs20_supplicant.h
  stable/11/contrib/wpa/wpa_supplicant/ibss_rsn.c
  stable/11/contrib/wpa/wpa_supplicant/ibss_rsn.h
  stable/11/contrib/wpa/wpa_supplicant/interworking.c
  stable/11/contrib/wpa/wpa_supplicant/interworking.h
  stable/11/contrib/wpa/wpa_supplicant/main.c
  stable/11/contrib/wpa/wpa_supplicant/mesh.c
  stable/11/contrib/wpa/wpa_supplicant/mesh.h
  stable/11/contrib/wpa/wpa_supplicant/mesh_mpm.c
  stable/11/contrib/wpa/wpa_supplicant/mesh_mpm.h
  stable/11/contrib/wpa/wpa_supplicant/mesh_rsn.c
  stable/11/contrib/wpa/wpa_supplicant/mesh_rsn.h
  stable/11/contrib/wpa/wpa_supplicant/notify.c
  stable/11/contrib/wpa/wpa_supplicant/notify.h
  stable/11/contrib/wpa/wpa_supplicant/offchannel.c
  stable/11/contrib/wpa/wpa_supplicant/p2p_supplicant.c
  stable/11/contrib/wpa/wpa_supplicant/p2p_supplicant.h
  stable/11/contrib/wpa/wpa_supplicant/p2p_supplicant_sd.c
  stable/11/contrib/wpa/wpa_supplicant/scan.c
  stable/11/contrib/wpa/wpa_supplicant/scan.h
  stable/11/contrib/wpa/wpa_supplicant/sme.c
  stable/11/contrib/wpa/wpa_supplicant/wmm_ac.h
  stable/11/contrib/wpa/wpa_supplicant/wnm_sta.c
  stable/11/contrib/wpa/wpa_supplicant/wnm_sta.h
  stable/11/contrib/wpa/wpa_supplicant/wpa_cli.c
  stable/11/contrib/wpa/wpa_supplicant/wpa_priv.c
  stable/11/contrib/wpa/wpa_supplicant/wpa_supplicant.c
  stable/11/contrib/wpa/wpa_supplicant/wpa_supplicant.conf
  stable/11/contrib/wpa/wpa_supplicant/wpa_supplicant_i.h
  stable/11/contrib/wpa/wpa_supplicant/wpas_glue.c
  stable/11/contrib/wpa/wpa_supplicant/wpas_kay.c
  stable/11/contrib/wpa/wpa_supplicant/wpas_module_tests.c
  stable/11/contrib/wpa/wpa_supplicant/wps_supplicant.c
  stable/11/contrib/wpa/wpa_supplicant/wps_supplicant.h
  stable/11/usr.sbin/wpa/Makefile.inc
  stable/11/usr.sbin/wpa/hostapd/Makefile
  stable/11/usr.sbin/wpa/hostapd_cli/Makefile
  stable/11/usr.sbin/wpa/wpa_cli/Makefile
  stable/11/usr.sbin/wpa/wpa_supplicant/Makefile
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/contrib/wpa/CONTRIBUTIONS
==============================================================================
--- stable/11/contrib/wpa/CONTRIBUTIONS	Tue Aug 14 19:44:36 2018	(r337816)
+++ stable/11/contrib/wpa/CONTRIBUTIONS	Tue Aug 14 20:02:01 2018	(r337817)
@@ -29,6 +29,34 @@ using your real name. Pseudonyms or anonymous contribu
 unfortunately be accepted.
 
 
+The preferred method of submitting the contribution to the project is by
+email to the hostap mailing list:
+hostap@lists.infradead.org
+Note that the list may require subscription before accepting message
+without moderation. You can subscribe to the list at this address:
+http://lists.infradead.org/mailman/listinfo/hostap
+
+The message should contain an inlined patch against the current
+development branch (i.e., the master branch of
+git://w1.fi/hostap.git). Please make sure the software you use for
+sending the patch does not corrupt whitespace. If that cannot be fixed
+for some reason, it is better to include an attached version of the
+patch file than just send a whitespace damaged version in the message
+body.
+
+The patches should be separate logical changes rather than doing
+everything in a single patch. In other words, please keep cleanup, new
+features, and bug fixes all in their own patches. Each patch needs a
+commit log that describes the changes (what the changes fix, what
+functionality is added, why the changes are useful, etc.).
+
+Please try to follow the coding style used in the project.
+
+In general, the best way of generating a suitable formatted patch file
+is by committing the changes to a cloned git repository and using git
+format-patch. The patch can then be sent, e.g., with git send-email.
+
+
 History of license and contributions terms
 ------------------------------------------
 
@@ -112,7 +140,7 @@ The license terms used for hostap.git files
 
 Modified BSD license (no advertisement clause):
 
-Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi> and contributors
+Copyright (c) 2002-2016, Jouni Malinen <j@w1.fi> and contributors
 All Rights Reserved.
 
 Redistribution and use in source and binary forms, with or without

Modified: stable/11/contrib/wpa/COPYING
==============================================================================
--- stable/11/contrib/wpa/COPYING	Tue Aug 14 19:44:36 2018	(r337816)
+++ stable/11/contrib/wpa/COPYING	Tue Aug 14 20:02:01 2018	(r337817)
@@ -1,7 +1,7 @@
 wpa_supplicant and hostapd
 --------------------------
 
-Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi> and contributors
+Copyright (c) 2002-2016, Jouni Malinen <j@w1.fi> and contributors
 All Rights Reserved.
 
 

Modified: stable/11/contrib/wpa/README
==============================================================================
--- stable/11/contrib/wpa/README	Tue Aug 14 19:44:36 2018	(r337816)
+++ stable/11/contrib/wpa/README	Tue Aug 14 20:02:01 2018	(r337817)
@@ -1,7 +1,7 @@
 wpa_supplicant and hostapd
 --------------------------
 
-Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi> and contributors
+Copyright (c) 2002-2016, Jouni Malinen <j@w1.fi> and contributors
 All Rights Reserved.
 
 These programs are licensed under the BSD license (the one with

Modified: stable/11/contrib/wpa/hostapd/ChangeLog
==============================================================================
--- stable/11/contrib/wpa/hostapd/ChangeLog	Tue Aug 14 19:44:36 2018	(r337816)
+++ stable/11/contrib/wpa/hostapd/ChangeLog	Tue Aug 14 20:02:01 2018	(r337817)
@@ -1,5 +1,78 @@
 ChangeLog for hostapd
 
+2016-10-02 - v2.6
+	* fixed EAP-pwd last fragment validation
+	  [http://w1.fi/security/2015-7/] (CVE-2015-5314)
+	* fixed WPS configuration update vulnerability with malformed passphrase
+	  [http://w1.fi/security/2016-1/] (CVE-2016-4476)
+	* extended channel switch support for VHT bandwidth changes
+	* added support for configuring new ANQP-elements with
+	  anqp_elem=<InfoID>:<hexdump of payload>
+	* fixed Suite B 192-bit AKM to use proper PMK length
+	  (note: this makes old releases incompatible with the fixed behavior)
+	* added no_probe_resp_if_max_sta=1 parameter to disable Probe Response
+	  frame sending for not-associated STAs if max_num_sta limit has been
+	  reached
+	* added option (-S as command line argument) to request all interfaces
+	  to be started at the same time
+	* modified rts_threshold and fragm_threshold configuration parameters
+	  to allow -1 to be used to disable RTS/fragmentation
+	* EAP-pwd: added support for Brainpool Elliptic Curves
+	  (with OpenSSL 1.0.2 and newer)
+	* fixed EAPOL reauthentication after FT protocol run
+	* fixed FTIE generation for 4-way handshake after FT protocol run
+	* fixed and improved various FST operations
+	* TLS server
+	  - support SHA384 and SHA512 hashes
+	  - support TLS v1.2 signature algorithm with SHA384 and SHA512
+	  - support PKCS #5 v2.0 PBES2
+	  - support PKCS #5 with PKCS #12 style key decryption
+	  - minimal support for PKCS #12
+	  - support OCSP stapling (including ocsp_multi)
+	* added support for OpenSSL 1.1 API changes
+	  - drop support for OpenSSL 0.9.8
+	  - drop support for OpenSSL 1.0.0
+	* EAP-PEAP: support fast-connect crypto binding
+	* RADIUS
+	  - fix Called-Station-Id to not escape SSID
+	  - add Event-Timestamp to all Accounting-Request packets
+	  - add Acct-Session-Id to Accounting-On/Off
+	  - add Acct-Multi-Session-Id  ton Access-Request packets
+	  - add Service-Type (= Frames)
+	  - allow server to provide PSK instead of passphrase for WPA-PSK
+	    Tunnel_password case
+	  - update full message for interim accounting updates
+	  - add Acct-Delay-Time into Accounting messages
+	  - add require_message_authenticator configuration option to require
+	    CoA/Disconnect-Request packets to be authenticated
+	* started to postpone WNM-Notification frame sending by 100 ms so that
+	  the STA has some more time to configure the key before this frame is
+	  received after the 4-way handshake
+	* VHT: added interoperability workaround for 80+80 and 160 MHz channels
+	* extended VLAN support (per-STA vif, etc.)
+	* fixed PMKID derivation with SAE
+	* nl80211
+	  - added support for full station state operations
+	  - fix IEEE 802.1X/WEP EAP reauthentication and rekeying to use
+	    unencrypted EAPOL frames
+	* added initial MBO support; number of extensions to WNM BSS Transition
+	  Management
+	* added initial functionality for location related operations
+	* added assocresp_elements parameter to allow vendor specific elements
+	  to be added into (Re)Association Response frames
+	* improved Public Action frame addressing
+	  - use Address 3 = wildcard BSSID in GAS response if a query from an
+	    unassociated STA used that address
+	  - fix TX status processing for Address 3 = wildcard BSSID
+	  - add gas_address3 configuration parameter to control Address 3
+	    behavior
+	* added command line parameter -i to override interface parameter in
+	  hostapd.conf
+	* added command completion support to hostapd_cli
+	* added passive client taxonomy determination (CONFIG_TAXONOMY=y
+	  compile option and "SIGNATURE <addr>" control interface command)
+	* number of small fixes
+
 2015-09-27 - v2.5
 	* fixed WPS UPnP vulnerability with HTTP chunked transfer encoding
 	  [http://w1.fi/security/2015-2/] (CVE-2015-4141)

Modified: stable/11/contrib/wpa/hostapd/README
==============================================================================
--- stable/11/contrib/wpa/hostapd/README	Tue Aug 14 19:44:36 2018	(r337816)
+++ stable/11/contrib/wpa/hostapd/README	Tue Aug 14 20:02:01 2018	(r337817)
@@ -2,7 +2,7 @@ hostapd - user space IEEE 802.11 AP and IEEE 802.1X/WP
 	  Authenticator and RADIUS authentication server
 ================================================================
 
-Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi> and contributors
+Copyright (c) 2002-2016, Jouni Malinen <j@w1.fi> and contributors
 All Rights Reserved.
 
 This program is licensed under the BSD license (the one with

Modified: stable/11/contrib/wpa/hostapd/config_file.c
==============================================================================
--- stable/11/contrib/wpa/hostapd/config_file.c	Tue Aug 14 19:44:36 2018	(r337816)
+++ stable/11/contrib/wpa/hostapd/config_file.c	Tue Aug 14 20:02:01 2018	(r337817)
@@ -97,6 +97,8 @@ static int hostapd_config_read_vlan_file(struct hostap
 		}
 
 		vlan->vlan_id = vlan_id;
+		vlan->vlan_desc.untagged = vlan_id;
+		vlan->vlan_desc.notempty = !!vlan_id;
 		os_strlcpy(vlan->ifname, pos, sizeof(vlan->ifname));
 		vlan->next = bss->vlan;
 		bss->vlan = vlan;
@@ -197,7 +199,10 @@ static int hostapd_config_read_maclist(const char *fna
 
 		*acl = newacl;
 		os_memcpy((*acl)[*num].addr, addr, ETH_ALEN);
-		(*acl)[*num].vlan_id = vlan_id;
+		os_memset(&(*acl)[*num].vlan_id, 0,
+			  sizeof((*acl)[*num].vlan_id));
+		(*acl)[*num].vlan_id.untagged = vlan_id;
+		(*acl)[*num].vlan_id.notempty = !!vlan_id;
 		(*num)++;
 	}
 
@@ -631,8 +636,7 @@ hostapd_parse_radius_attr(const char *value)
 }
 
 
-static int hostapd_parse_das_client(struct hostapd_bss_config *bss,
-				    const char *val)
+static int hostapd_parse_das_client(struct hostapd_bss_config *bss, char *val)
 {
 	char *secret;
 
@@ -640,7 +644,7 @@ static int hostapd_parse_das_client(struct hostapd_bss
 	if (secret == NULL)
 		return -1;
 
-	secret++;
+	*secret++ = '\0';
 
 	if (hostapd_parse_ip_addr(val, &bss->radius_das_client_addr))
 		return -1;
@@ -1519,6 +1523,54 @@ fail:
 }
 
 
+static int parse_anqp_elem(struct hostapd_bss_config *bss, char *buf, int line)
+{
+	char *delim;
+	u16 infoid;
+	size_t len;
+	struct wpabuf *payload;
+	struct anqp_element *elem;
+
+	delim = os_strchr(buf, ':');
+	if (!delim)
+		return -1;
+	delim++;
+	infoid = atoi(buf);
+	len = os_strlen(delim);
+	if (len & 1)
+		return -1;
+	len /= 2;
+	payload = wpabuf_alloc(len);
+	if (!payload)
+		return -1;
+	if (hexstr2bin(delim, wpabuf_put(payload, len), len) < 0) {
+		wpabuf_free(payload);
+		return -1;
+	}
+
+	dl_list_for_each(elem, &bss->anqp_elem, struct anqp_element, list) {
+		if (elem->infoid == infoid) {
+			/* Update existing entry */
+			wpabuf_free(elem->payload);
+			elem->payload = payload;
+			return 0;
+		}
+	}
+
+	/* Add a new entry */
+	elem = os_zalloc(sizeof(*elem));
+	if (!elem) {
+		wpabuf_free(payload);
+		return -1;
+	}
+	elem->infoid = infoid;
+	elem->payload = payload;
+	dl_list_add(&bss->anqp_elem, &elem->list);
+
+	return 0;
+}
+
+
 static int parse_qos_map_set(struct hostapd_bss_config *bss,
 			     char *buf, int line)
 {
@@ -1867,31 +1919,6 @@ static int hs20_parse_osu_service_desc(struct hostapd_
 #endif /* CONFIG_HS20 */
 
 
-#ifdef CONFIG_WPS_NFC
-static struct wpabuf * hostapd_parse_bin(const char *buf)
-{
-	size_t len;
-	struct wpabuf *ret;
-
-	len = os_strlen(buf);
-	if (len & 0x01)
-		return NULL;
-	len /= 2;
-
-	ret = wpabuf_alloc(len);
-	if (ret == NULL)
-		return NULL;
-
-	if (hexstr2bin(buf, wpabuf_put(ret, len), len)) {
-		wpabuf_free(ret);
-		return NULL;
-	}
-
-	return ret;
-}
-#endif /* CONFIG_WPS_NFC */
-
-
 #ifdef CONFIG_ACS
 static int hostapd_config_parse_acs_chan_bias(struct hostapd_config *conf,
 					      char *pos)
@@ -1934,6 +1961,31 @@ fail:
 #endif /* CONFIG_ACS */
 
 
+static int parse_wpabuf_hex(int line, const char *name, struct wpabuf **buf,
+			    const char *val)
+{
+	struct wpabuf *elems;
+
+	if (val[0] == '\0') {
+		wpabuf_free(*buf);
+		*buf = NULL;
+		return 0;
+	}
+
+	elems = wpabuf_parse_bin(val);
+	if (!elems) {
+		wpa_printf(MSG_ERROR, "Line %d: Invalid %s '%s'",
+			   line, name, val);
+		return -1;
+	}
+
+	wpabuf_free(*buf);
+	*buf = elems;
+
+	return 0;
+}
+
+
 static int hostapd_config_fill(struct hostapd_config *conf,
 			       struct hostapd_bss_config *bss,
 			       const char *buf, char *pos, int line)
@@ -2084,6 +2136,9 @@ static int hostapd_config_fill(struct hostapd_config *
 	} else if (os_strcmp(buf, "ocsp_stapling_response") == 0) {
 		os_free(bss->ocsp_stapling_response);
 		bss->ocsp_stapling_response = os_strdup(pos);
+	} else if (os_strcmp(buf, "ocsp_stapling_response_multi") == 0) {
+		os_free(bss->ocsp_stapling_response_multi);
+		bss->ocsp_stapling_response_multi = os_strdup(pos);
 	} else if (os_strcmp(buf, "dh_file") == 0) {
 		os_free(bss->dh_file);
 		bss->dh_file = os_strdup(pos);
@@ -2139,6 +2194,8 @@ static int hostapd_config_fill(struct hostapd_config *
 	} else if (os_strcmp(buf, "eap_sim_db") == 0) {
 		os_free(bss->eap_sim_db);
 		bss->eap_sim_db = os_strdup(pos);
+	} else if (os_strcmp(buf, "eap_sim_db_timeout") == 0) {
+		bss->eap_sim_db_timeout = atoi(pos);
 	} else if (os_strcmp(buf, "eap_sim_aka_result_ind") == 0) {
 		bss->eap_sim_aka_result_ind = atoi(pos);
 #endif /* EAP_SERVER_SIM */
@@ -2353,6 +2410,9 @@ static int hostapd_config_fill(struct hostapd_config *
 		bss->radius_das_time_window = atoi(pos);
 	} else if (os_strcmp(buf, "radius_das_require_event_timestamp") == 0) {
 		bss->radius_das_require_event_timestamp = atoi(pos);
+	} else if (os_strcmp(buf, "radius_das_require_message_authenticator") ==
+		   0) {
+		bss->radius_das_require_message_authenticator = atoi(pos);
 #endif /* CONFIG_NO_RADIUS */
 	} else if (os_strcmp(buf, "auth_algs") == 0) {
 		bss->auth_algs = atoi(pos);
@@ -2644,7 +2704,7 @@ static int hostapd_config_fill(struct hostapd_config *
 		}
 	} else if (os_strcmp(buf, "rts_threshold") == 0) {
 		conf->rts_threshold = atoi(pos);
-		if (conf->rts_threshold < 0 || conf->rts_threshold > 2347) {
+		if (conf->rts_threshold < -1 || conf->rts_threshold > 65535) {
 			wpa_printf(MSG_ERROR,
 				   "Line %d: invalid rts_threshold %d",
 				   line, conf->rts_threshold);
@@ -2652,8 +2712,10 @@ static int hostapd_config_fill(struct hostapd_config *
 		}
 	} else if (os_strcmp(buf, "fragm_threshold") == 0) {
 		conf->fragm_threshold = atoi(pos);
-		if (conf->fragm_threshold < 256 ||
-		    conf->fragm_threshold > 2346) {
+		if (conf->fragm_threshold == -1) {
+			/* allow a value of -1 */
+		} else if (conf->fragm_threshold < 256 ||
+			   conf->fragm_threshold > 2346) {
 			wpa_printf(MSG_ERROR,
 				   "Line %d: invalid fragm_threshold %d",
 				   line, conf->fragm_threshold);
@@ -2686,6 +2748,8 @@ static int hostapd_config_fill(struct hostapd_config *
 			conf->preamble = LONG_PREAMBLE;
 	} else if (os_strcmp(buf, "ignore_broadcast_ssid") == 0) {
 		bss->ignore_broadcast_ssid = atoi(pos);
+	} else if (os_strcmp(buf, "no_probe_resp_if_max_sta") == 0) {
+		bss->no_probe_resp_if_max_sta = atoi(pos);
 	} else if (os_strcmp(buf, "wep_default_key") == 0) {
 		bss->ssid.wep.idx = atoi(pos);
 		if (bss->ssid.wep.idx > 3) {
@@ -2707,6 +2771,8 @@ static int hostapd_config_fill(struct hostapd_config *
 #ifndef CONFIG_NO_VLAN
 	} else if (os_strcmp(buf, "dynamic_vlan") == 0) {
 		bss->ssid.dynamic_vlan = atoi(pos);
+	} else if (os_strcmp(buf, "per_sta_vif") == 0) {
+		bss->ssid.per_sta_vif = atoi(pos);
 	} else if (os_strcmp(buf, "vlan_file") == 0) {
 		if (hostapd_config_read_vlan_file(bss, pos)) {
 			wpa_printf(MSG_ERROR, "Line %d: failed to read VLAN file '%s'",
@@ -2762,6 +2828,8 @@ static int hostapd_config_fill(struct hostapd_config *
 				   line);
 			return 1;
 		}
+	} else if (os_strcmp(buf, "use_driver_iface_addr") == 0) {
+		conf->use_driver_iface_addr = atoi(pos);
 #ifdef CONFIG_IEEE80211W
 	} else if (os_strcmp(buf, "ieee80211w") == 0) {
 		bss->ieee80211w = atoi(pos);
@@ -2827,6 +2895,8 @@ static int hostapd_config_fill(struct hostapd_config *
 		conf->vht_oper_centr_freq_seg1_idx = atoi(pos);
 	} else if (os_strcmp(buf, "vendor_vht") == 0) {
 		bss->vendor_vht = atoi(pos);
+	} else if (os_strcmp(buf, "use_sta_nsts") == 0) {
+		bss->use_sta_nsts = atoi(pos);
 #endif /* CONFIG_IEEE80211AC */
 	} else if (os_strcmp(buf, "max_listen_interval") == 0) {
 		bss->max_listen_interval = atoi(pos);
@@ -2965,15 +3035,15 @@ static int hostapd_config_fill(struct hostapd_config *
 		bss->wps_nfc_pw_from_config = 1;
 	} else if (os_strcmp(buf, "wps_nfc_dh_pubkey") == 0) {
 		wpabuf_free(bss->wps_nfc_dh_pubkey);
-		bss->wps_nfc_dh_pubkey = hostapd_parse_bin(pos);
+		bss->wps_nfc_dh_pubkey = wpabuf_parse_bin(pos);
 		bss->wps_nfc_pw_from_config = 1;
 	} else if (os_strcmp(buf, "wps_nfc_dh_privkey") == 0) {
 		wpabuf_free(bss->wps_nfc_dh_privkey);
-		bss->wps_nfc_dh_privkey = hostapd_parse_bin(pos);
+		bss->wps_nfc_dh_privkey = wpabuf_parse_bin(pos);
 		bss->wps_nfc_pw_from_config = 1;
 	} else if (os_strcmp(buf, "wps_nfc_dev_pw") == 0) {
 		wpabuf_free(bss->wps_nfc_dev_pw);
-		bss->wps_nfc_dev_pw = hostapd_parse_bin(pos);
+		bss->wps_nfc_dev_pw = wpabuf_parse_bin(pos);
 		bss->wps_nfc_pw_from_config = 1;
 #endif /* CONFIG_WPS_NFC */
 #endif /* CONFIG_WPS */
@@ -3136,6 +3206,9 @@ static int hostapd_config_fill(struct hostapd_config *
 	} else if (os_strcmp(buf, "nai_realm") == 0) {
 		if (parse_nai_realm(bss, pos, line) < 0)
 			return 1;
+	} else if (os_strcmp(buf, "anqp_elem") == 0) {
+		if (parse_anqp_elem(bss, pos, line) < 0)
+			return 1;
 	} else if (os_strcmp(buf, "gas_frag_limit") == 0) {
 		bss->gas_frag_limit = atoi(pos);
 	} else if (os_strcmp(buf, "gas_comeback_delay") == 0) {
@@ -3149,13 +3222,15 @@ static int hostapd_config_fill(struct hostapd_config *
 		os_free(bss->dump_msk_file);
 		bss->dump_msk_file = os_strdup(pos);
 #endif /* CONFIG_RADIUS_TEST */
+#ifdef CONFIG_PROXYARP
+	} else if (os_strcmp(buf, "proxy_arp") == 0) {
+		bss->proxy_arp = atoi(pos);
+#endif /* CONFIG_PROXYARP */
 #ifdef CONFIG_HS20
 	} else if (os_strcmp(buf, "hs20") == 0) {
 		bss->hs20 = atoi(pos);
 	} else if (os_strcmp(buf, "disable_dgaf") == 0) {
 		bss->disable_dgaf = atoi(pos);
-	} else if (os_strcmp(buf, "proxy_arp") == 0) {
-		bss->proxy_arp = atoi(pos);
 	} else if (os_strcmp(buf, "na_mcast_to_ucast") == 0) {
 		bss->na_mcast_to_ucast = atoi(pos);
 	} else if (os_strcmp(buf, "osen") == 0) {
@@ -3231,6 +3306,10 @@ static int hostapd_config_fill(struct hostapd_config *
 	} else if (os_strcmp(buf, "subscr_remediation_method") == 0) {
 		bss->subscr_remediation_method = atoi(pos);
 #endif /* CONFIG_HS20 */
+#ifdef CONFIG_MBO
+	} else if (os_strcmp(buf, "mbo") == 0) {
+		bss->mbo_enabled = atoi(pos);
+#endif /* CONFIG_MBO */
 #ifdef CONFIG_TESTING_OPTIONS
 #define PARSE_TEST_PROBABILITY(_val)				\
 	} else if (os_strcmp(buf, #_val) == 0) {		\
@@ -3249,6 +3328,8 @@ static int hostapd_config_fill(struct hostapd_config *
 	PARSE_TEST_PROBABILITY(ignore_assoc_probability)
 	PARSE_TEST_PROBABILITY(ignore_reassoc_probability)
 	PARSE_TEST_PROBABILITY(corrupt_gtk_rekey_mic_probability)
+	} else if (os_strcmp(buf, "ecsa_ie_only") == 0) {
+		conf->ecsa_ie_only = atoi(pos);
 	} else if (os_strcmp(buf, "bss_load_test") == 0) {
 		WPA_PUT_LE16(bss->bss_load_test, atoi(pos));
 		pos = os_strchr(pos, ':');
@@ -3269,7 +3350,15 @@ static int hostapd_config_fill(struct hostapd_config *
 		WPA_PUT_LE16(&bss->bss_load_test[3], atoi(pos));
 		bss->bss_load_test_set = 1;
 	} else if (os_strcmp(buf, "radio_measurements") == 0) {
-		bss->radio_measurements = atoi(pos);
+		/*
+		 * DEPRECATED: This parameter will be removed in the future.
+		 * Use rrm_neighbor_report instead.
+		 */
+		int val = atoi(pos);
+
+		if (val & BIT(0))
+			bss->radio_measurements[0] |=
+				WLAN_RRM_CAPS_NEIGHBOR_REPORT;
 	} else if (os_strcmp(buf, "own_ie_override") == 0) {
 		struct wpabuf *tmp;
 		size_t len = os_strlen(pos) / 2;
@@ -3290,35 +3379,11 @@ static int hostapd_config_fill(struct hostapd_config *
 		bss->own_ie_override = tmp;
 #endif /* CONFIG_TESTING_OPTIONS */
 	} else if (os_strcmp(buf, "vendor_elements") == 0) {
-		struct wpabuf *elems;
-		size_t len = os_strlen(pos);
-		if (len & 0x01) {
-			wpa_printf(MSG_ERROR,
-				   "Line %d: Invalid vendor_elements '%s'",
-				   line, pos);
+		if (parse_wpabuf_hex(line, buf, &bss->vendor_elements, pos))
 			return 1;
-		}
-		len /= 2;
-		if (len == 0) {
-			wpabuf_free(bss->vendor_elements);
-			bss->vendor_elements = NULL;
-			return 0;
-		}
-
-		elems = wpabuf_alloc(len);
-		if (elems == NULL)
+	} else if (os_strcmp(buf, "assocresp_elements") == 0) {
+		if (parse_wpabuf_hex(line, buf, &bss->assocresp_elements, pos))
 			return 1;
-
-		if (hexstr2bin(pos, wpabuf_put(elems, len), len)) {
-			wpabuf_free(elems);
-			wpa_printf(MSG_ERROR,
-				   "Line %d: Invalid vendor_elements '%s'",
-				   line, pos);
-			return 1;
-		}
-
-		wpabuf_free(bss->vendor_elements);
-		bss->vendor_elements = elems;
 	} else if (os_strcmp(buf, "sae_anti_clogging_threshold") == 0) {
 		bss->sae_anti_clogging_threshold = atoi(pos);
 	} else if (os_strcmp(buf, "sae_groups") == 0) {
@@ -3391,7 +3456,8 @@ static int hostapd_config_fill(struct hostapd_config *
 			return -1;
 		}
 		val = strtol(pos, &endp, 0);
-		if (*endp || val < 1 || val > FST_MAX_LLT_MS) {
+		if (*endp || val < 1 ||
+		    (unsigned long int) val > FST_MAX_LLT_MS) {
 			wpa_printf(MSG_ERROR,
 				   "Line %d: Invalid fst_llt %ld (%s) (expected 1..%u)",
 				   line, val, pos, FST_MAX_LLT_MS);
@@ -3409,6 +3475,22 @@ static int hostapd_config_fill(struct hostapd_config *
 	} else if (os_strcmp(buf, "no_auth_if_seen_on") == 0) {
 		os_free(bss->no_auth_if_seen_on);
 		bss->no_auth_if_seen_on = os_strdup(pos);
+	} else if (os_strcmp(buf, "lci") == 0) {
+		wpabuf_free(conf->lci);
+		conf->lci = wpabuf_parse_bin(pos);
+	} else if (os_strcmp(buf, "civic") == 0) {
+		wpabuf_free(conf->civic);
+		conf->civic = wpabuf_parse_bin(pos);
+	} else if (os_strcmp(buf, "rrm_neighbor_report") == 0) {
+		if (atoi(pos))
+			bss->radio_measurements[0] |=
+				WLAN_RRM_CAPS_NEIGHBOR_REPORT;
+	} else if (os_strcmp(buf, "gas_address3") == 0) {
+		bss->gas_address3 = atoi(pos);
+	} else if (os_strcmp(buf, "ftm_responder") == 0) {
+		bss->ftm_responder = atoi(pos);
+	} else if (os_strcmp(buf, "ftm_initiator") == 0) {
+		bss->ftm_initiator = atoi(pos);
 	} else {
 		wpa_printf(MSG_ERROR,
 			   "Line %d: unknown configuration item '%s'",
@@ -3429,7 +3511,7 @@ struct hostapd_config * hostapd_config_read(const char
 {
 	struct hostapd_config *conf;
 	FILE *f;
-	char buf[512], *pos;
+	char buf[4096], *pos;
 	int line = 0;
 	int errors = 0;
 	size_t i;

Modified: stable/11/contrib/wpa/hostapd/ctrl_iface.c
==============================================================================
--- stable/11/contrib/wpa/hostapd/ctrl_iface.c	Tue Aug 14 19:44:36 2018	(r337816)
+++ stable/11/contrib/wpa/hostapd/ctrl_iface.c	Tue Aug 14 20:02:01 2018	(r337817)
@@ -19,10 +19,16 @@
 #include <sys/stat.h>
 #include <stddef.h>
 
+#ifdef CONFIG_CTRL_IFACE_UDP
+#include <netdb.h>
+#endif /* CONFIG_CTRL_IFACE_UDP */
+
 #include "utils/common.h"
 #include "utils/eloop.h"
+#include "utils/module_tests.h"
 #include "common/version.h"
 #include "common/ieee802_11_defs.h"
+#include "common/ctrl_iface_common.h"
 #include "crypto/tls.h"
 #include "drivers/driver.h"
 #include "eapol_auth/eapol_auth_sm.h"
@@ -42,6 +48,8 @@
 #include "ap/wnm_ap.h"
 #include "ap/wpa_auth.h"
 #include "ap/beacon.h"
+#include "ap/neighbor_db.h"
+#include "ap/rrm.h"
 #include "wps/wps_defs.h"
 #include "wps/wps.h"
 #include "fst/fst_ctrl_iface.h"
@@ -51,96 +59,43 @@
 
 #define HOSTAPD_CLI_DUP_VALUE_MAX_LEN 256
 
-struct wpa_ctrl_dst {
-	struct wpa_ctrl_dst *next;
-	struct sockaddr_un addr;
-	socklen_t addrlen;
-	int debug_level;
-	int errors;
-};
+#ifdef CONFIG_CTRL_IFACE_UDP
+#define COOKIE_LEN 8
+static unsigned char cookie[COOKIE_LEN];
+static unsigned char gcookie[COOKIE_LEN];
+#define HOSTAPD_CTRL_IFACE_PORT		8877
+#define HOSTAPD_CTRL_IFACE_PORT_LIMIT	50
+#define HOSTAPD_GLOBAL_CTRL_IFACE_PORT		8878
+#define HOSTAPD_GLOBAL_CTRL_IFACE_PORT_LIMIT	50
+#endif /* CONFIG_CTRL_IFACE_UDP */
 
-
 static void hostapd_ctrl_iface_send(struct hostapd_data *hapd, int level,
 				    enum wpa_msg_type type,
 				    const char *buf, size_t len);
 
 
 static int hostapd_ctrl_iface_attach(struct hostapd_data *hapd,
-				     struct sockaddr_un *from,
+				     struct sockaddr_storage *from,
 				     socklen_t fromlen)
 {
-	struct wpa_ctrl_dst *dst;
-
-	dst = os_zalloc(sizeof(*dst));
-	if (dst == NULL)
-		return -1;
-	os_memcpy(&dst->addr, from, sizeof(struct sockaddr_un));
-	dst->addrlen = fromlen;
-	dst->debug_level = MSG_INFO;
-	dst->next = hapd->ctrl_dst;
-	hapd->ctrl_dst = dst;
-	wpa_hexdump(MSG_DEBUG, "CTRL_IFACE monitor attached",
-		    (u8 *) from->sun_path,
-		    fromlen - offsetof(struct sockaddr_un, sun_path));
-	return 0;
+	return ctrl_iface_attach(&hapd->ctrl_dst, from, fromlen);
 }
 
 
 static int hostapd_ctrl_iface_detach(struct hostapd_data *hapd,
-				     struct sockaddr_un *from,
+				     struct sockaddr_storage *from,
 				     socklen_t fromlen)
 {
-	struct wpa_ctrl_dst *dst, *prev = NULL;
-
-	dst = hapd->ctrl_dst;
-	while (dst) {
-		if (fromlen == dst->addrlen &&
-		    os_memcmp(from->sun_path, dst->addr.sun_path,
-			      fromlen - offsetof(struct sockaddr_un, sun_path))
-		    == 0) {
-			wpa_hexdump(MSG_DEBUG, "CTRL_IFACE monitor detached",
-				    (u8 *) from->sun_path,
-				    fromlen -
-				    offsetof(struct sockaddr_un, sun_path));
-			if (prev == NULL)
-				hapd->ctrl_dst = dst->next;
-			else
-				prev->next = dst->next;
-			os_free(dst);
-			return 0;
-		}
-		prev = dst;
-		dst = dst->next;
-	}
-	return -1;
+	return ctrl_iface_detach(&hapd->ctrl_dst, from, fromlen);
 }
 
 
 static int hostapd_ctrl_iface_level(struct hostapd_data *hapd,
-				    struct sockaddr_un *from,
+				    struct sockaddr_storage *from,
 				    socklen_t fromlen,
 				    char *level)
 {
-	struct wpa_ctrl_dst *dst;
-
-	wpa_printf(MSG_DEBUG, "CTRL_IFACE LEVEL %s", level);
-
-	dst = hapd->ctrl_dst;
-	while (dst) {
-		if (fromlen == dst->addrlen &&
-		    os_memcmp(from->sun_path, dst->addr.sun_path,
-			      fromlen - offsetof(struct sockaddr_un, sun_path))
-		    == 0) {
-			wpa_hexdump(MSG_DEBUG, "CTRL_IFACE changed monitor "
-				    "level", (u8 *) from->sun_path, fromlen -
-				    offsetof(struct sockaddr_un, sun_path));
-			dst->debug_level = atoi(level);
-			return 0;
-		}
-		dst = dst->next;
-	}
-
-	return -1;
+	return ctrl_iface_level(&hapd->ctrl_dst, from, fromlen, level);
 }
 
 
@@ -884,6 +839,8 @@ static int hostapd_ctrl_iface_bss_tm_req(struct hostap
 	int ret;
 	u8 nei_rep[1000];
 	u8 *nei_pos = nei_rep;
+	u8 mbo[10];
+	size_t mbo_len = 0;
 
 	if (hwaddr_aton(cmd, addr)) {
 		wpa_printf(MSG_DEBUG, "Invalid STA MAC address");
@@ -1049,10 +1006,66 @@ static int hostapd_ctrl_iface_bss_tm_req(struct hostap
 	if (os_strstr(cmd, " disassoc_imminent=1"))
 		req_mode |= WNM_BSS_TM_REQ_DISASSOC_IMMINENT;
 
+#ifdef CONFIG_MBO
+	pos = os_strstr(cmd, "mbo=");
+	if (pos) {
+		unsigned int mbo_reason, cell_pref, reassoc_delay;
+		u8 *mbo_pos = mbo;
+
+		ret = sscanf(pos, "mbo=%u:%u:%u", &mbo_reason,
+			     &reassoc_delay, &cell_pref);
+		if (ret != 3) {
+			wpa_printf(MSG_DEBUG,
+				   "MBO requires three arguments: mbo=<reason>:<reassoc_delay>:<cell_pref>");
+			return -1;
+		}
+
+		if (mbo_reason > MBO_TRANSITION_REASON_PREMIUM_AP) {
+			wpa_printf(MSG_DEBUG,
+				   "Invalid MBO transition reason code %u",
+				   mbo_reason);
+			return -1;
+		}
+
+		/* Valid values for Cellular preference are: 0, 1, 255 */
+		if (cell_pref != 0 && cell_pref != 1 && cell_pref != 255) {
+			wpa_printf(MSG_DEBUG,
+				   "Invalid MBO cellular capability %u",
+				   cell_pref);
+			return -1;
+		}
+
+		if (reassoc_delay > 65535 ||
+		    (reassoc_delay &&
+		     !(req_mode & WNM_BSS_TM_REQ_DISASSOC_IMMINENT))) {
+			wpa_printf(MSG_DEBUG,
+				   "MBO: Assoc retry delay is only valid in disassoc imminent mode");
+			return -1;
+		}
+
+		*mbo_pos++ = MBO_ATTR_ID_TRANSITION_REASON;
+		*mbo_pos++ = 1;
+		*mbo_pos++ = mbo_reason;
+		*mbo_pos++ = MBO_ATTR_ID_CELL_DATA_PREF;
+		*mbo_pos++ = 1;
+		*mbo_pos++ = cell_pref;
+
+		if (reassoc_delay) {
+			*mbo_pos++ = MBO_ATTR_ID_ASSOC_RETRY_DELAY;
+			*mbo_pos++ = 2;
+			WPA_PUT_LE16(mbo_pos, reassoc_delay);
+			mbo_pos += 2;
+		}
+
+		mbo_len = mbo_pos - mbo;
+	}
+#endif /* CONFIG_MBO */
+
 	ret = wnm_send_bss_tm_req(hapd, sta, req_mode, disassoc_timer,
 				  valid_int, bss_term_dur, url,
 				  nei_pos > nei_rep ? nei_rep : NULL,
-				  nei_pos - nei_rep);
+				  nei_pos - nei_rep, mbo_len ? mbo : NULL,
+				  mbo_len);
 	os_free(url);
 	return ret;
 }
@@ -1320,9 +1333,28 @@ static int hostapd_ctrl_iface_set(struct hostapd_data 
 	} else if (os_strcasecmp(cmd, "ext_eapol_frame_io") == 0) {
 		hapd->ext_eapol_frame_io = atoi(value);
 #endif /* CONFIG_TESTING_OPTIONS */
+#ifdef CONFIG_MBO
+	} else if (os_strcasecmp(cmd, "mbo_assoc_disallow") == 0) {
+		int val;
+
+		if (!hapd->conf->mbo_enabled)
+			return -1;
+
+		val = atoi(value);
+		if (val < 0 || val > 1)
+			return -1;
+
+		hapd->mbo_assoc_disallow = val;
+		ieee802_11_update_beacons(hapd->iface);
+
+		/*
+		 * TODO: Need to configure drivers that do AP MLME offload with
+		 * disallowing station logic.
+		 */
+#endif /* CONFIG_MBO */
 	} else {
 		struct sta_info *sta;
-		int vlan_id;
+		struct vlan_description vlan_id;
 
 		ret = hostapd_set_iface(hapd->iconf, hapd->conf, cmd, value);
 		if (ret)
@@ -1334,7 +1366,8 @@ static int hostapd_ctrl_iface_set(struct hostapd_data 
 					    hapd->conf->deny_mac,
 					    hapd->conf->num_deny_mac, sta->addr,
 					    &vlan_id) &&
-				    (!vlan_id || vlan_id == sta->vlan_id))
+				    (!vlan_id.notempty ||
+				     !vlan_compare(&vlan_id, sta->vlan_desc)))
 					ap_sta_disconnect(
 						hapd, sta, sta->addr,
 						WLAN_REASON_UNSPECIFIED);
@@ -1346,7 +1379,8 @@ static int hostapd_ctrl_iface_set(struct hostapd_data 
 					    hapd->conf->accept_mac,
 					    hapd->conf->num_accept_mac,
 					    sta->addr, &vlan_id) ||
-				    (vlan_id && vlan_id != sta->vlan_id))
+				    (vlan_id.notempty &&
+				     vlan_compare(&vlan_id, sta->vlan_desc)))
 					ap_sta_disconnect(
 						hapd, sta, sta->addr,
 						WLAN_REASON_UNSPECIFIED);
@@ -1557,8 +1591,8 @@ static u16 ipv4_hdr_checksum(const void *buf, size_t l
 #define HWSIM_PACKETLEN 1500
 #define HWSIM_IP_LEN (HWSIM_PACKETLEN - sizeof(struct ether_header))
 
-void hostapd_data_test_rx(void *ctx, const u8 *src_addr, const u8 *buf,
-			  size_t len)
+static void hostapd_data_test_rx(void *ctx, const u8 *src_addr, const u8 *buf,
+				 size_t len)
 {
 	struct hostapd_data *hapd = ctx;
 	const struct ether_header *eth;
@@ -1745,8 +1779,6 @@ done:
 static int hostapd_ctrl_test_alloc_fail(struct hostapd_data *hapd, char *cmd)
 {
 #ifdef WPA_TRACE_BFD
-	extern char wpa_trace_fail_func[256];
-	extern unsigned int wpa_trace_fail_after;
 	char *pos;
 
 	wpa_trace_fail_after = atoi(cmd);
@@ -1770,9 +1802,6 @@ static int hostapd_ctrl_get_alloc_fail(struct hostapd_
 				       char *buf, size_t buflen)
 {
 #ifdef WPA_TRACE_BFD
-	extern char wpa_trace_fail_func[256];
-	extern unsigned int wpa_trace_fail_after;
-
 	return os_snprintf(buf, buflen, "%u:%s", wpa_trace_fail_after,
 			   wpa_trace_fail_func);
 #else /* WPA_TRACE_BFD */
@@ -1784,8 +1813,6 @@ static int hostapd_ctrl_get_alloc_fail(struct hostapd_
 static int hostapd_ctrl_test_fail(struct hostapd_data *hapd, char *cmd)
 {
 #ifdef WPA_TRACE_BFD
-	extern char wpa_trace_test_fail_func[256];
-	extern unsigned int wpa_trace_test_fail_after;
 	char *pos;
 
 	wpa_trace_test_fail_after = atoi(cmd);
@@ -1809,9 +1836,6 @@ static int hostapd_ctrl_get_fail(struct hostapd_data *
 				 char *buf, size_t buflen)
 {
 #ifdef WPA_TRACE_BFD
-	extern char wpa_trace_test_fail_func[256];
-	extern unsigned int wpa_trace_test_fail_after;
-
 	return os_snprintf(buf, buflen, "%u:%s", wpa_trace_test_fail_after,
 			   wpa_trace_test_fail_func);
 #else /* WPA_TRACE_BFD */
@@ -1875,13 +1899,13 @@ static int hostapd_ctrl_iface_vendor(struct hostapd_da
 
 	/* cmd: <vendor id> <subcommand id> [<hex formatted data>] */
 	vendor_id = strtoul(cmd, &pos, 16);
-	if (!isblank(*pos))
+	if (!isblank((unsigned char) *pos))
 		return -EINVAL;
 
 	subcmd = strtoul(pos, &pos, 10);
 
 	if (*pos != '\0') {
-		if (!isblank(*pos++))
+		if (!isblank((unsigned char) *pos++))
 			return -EINVAL;
 		data_len = os_strlen(pos);
 	}
@@ -2016,6 +2040,9 @@ static int hostapd_ctrl_iface_track_sta_list(struct ho
 	struct hostapd_sta_info *info;
 	struct os_reltime now;
 
+	if (!iface->num_sta_seen)
+		return 0;
+
 	sta_track_expire(iface, 0);
 
 	pos = buf;
@@ -2040,10 +2067,228 @@ static int hostapd_ctrl_iface_track_sta_list(struct ho
 #endif /* NEED_AP_MLME */
 
 
+static int hostapd_ctrl_iface_req_lci(struct hostapd_data *hapd,
+				      const char *cmd)
+{
+	u8 addr[ETH_ALEN];
+
+	if (hwaddr_aton(cmd, addr)) {
+		wpa_printf(MSG_INFO, "CTRL: REQ_LCI: Invalid MAC address");
+		return -1;
+	}
+
+	return hostapd_send_lci_req(hapd, addr);
+}
+
+
+static int hostapd_ctrl_iface_req_range(struct hostapd_data *hapd, char *cmd)
+{
+	u8 addr[ETH_ALEN];
+	char *token, *context = NULL;
+	int random_interval, min_ap;
+	u8 responders[ETH_ALEN * RRM_RANGE_REQ_MAX_RESPONDERS];
+	unsigned int n_responders;
+
+	token = str_token(cmd, " ", &context);
+	if (!token || hwaddr_aton(token, addr)) {
+		wpa_printf(MSG_INFO,
+			   "CTRL: REQ_RANGE - Bad destination address");
+		return -1;
+	}
+
+	token = str_token(cmd, " ", &context);
+	if (!token)
+		return -1;
+
+	random_interval = atoi(token);
+	if (random_interval < 0 || random_interval > 0xffff)
+		return -1;
+
+	token = str_token(cmd, " ", &context);
+	if (!token)
+		return -1;
+
+	min_ap = atoi(token);
+	if (min_ap <= 0 || min_ap > WLAN_RRM_RANGE_REQ_MAX_MIN_AP)
+		return -1;
+
+	n_responders = 0;
+	while ((token = str_token(cmd, " ", &context))) {
+		if (n_responders == RRM_RANGE_REQ_MAX_RESPONDERS) {
+			wpa_printf(MSG_INFO,
+				   "CTRL: REQ_RANGE: Too many responders");
+			return -1;
+		}
+
+		if (hwaddr_aton(token, responders + n_responders * ETH_ALEN)) {
+			wpa_printf(MSG_INFO,
+				   "CTRL: REQ_RANGE: Bad responder address");
+			return -1;
+		}
+
+		n_responders++;
+	}
+
+	if (!n_responders) {
+		wpa_printf(MSG_INFO,
+			   "CTRL: REQ_RANGE - No FTM responder address");
+		return -1;
+	}
+
+	return hostapd_send_range_req(hapd, addr, random_interval, min_ap,
+				      responders, n_responders);
+}
+
+
+static int hostapd_ctrl_iface_set_neighbor(struct hostapd_data *hapd, char *buf)
+{
+	struct wpa_ssid_value ssid;
+	u8 bssid[ETH_ALEN];
+	struct wpabuf *nr, *lci = NULL, *civic = NULL;
+	char *tmp;
+	int ret;
+

*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201808142002.w7EK22GQ098425>