7 files changed, 404 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO
new file mode 100644
index 000000000000..ec478d8a0cef
--- /dev/null
+++ b/.SRCINFO
@@ -0,0 +1,24 @@
+pkgbase = hostapd-rtl
+	pkgdesc = IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
+	pkgver = 2.4
+	pkgrel = 1
+	url = http://w1.fi/hostapd/
+	install = hostapd.install
+	arch = i686
+	arch = x86_64
+	arch = armv7
+	license = custom
+	depends = openssl
+	depends = libnl
+	options = emptydirs
+	source = git://github.com/seba-z/hostapd-rtl.git
+	source = hostapd.service
+	source = hostapd-2.3-noscan.patch
+	source = openvswitch.patch
+	md5sums = SKIP
+	md5sums = 7fac28e598e16523777b528b93eab376
+	md5sums = eaf8e48a9a63b5902fddadff2b8933fa
+	md5sums = a0802a604ed957078da0e14863df74f0
+
+pkgname = hostapd-rtl
+
diff --git a/PKGBUILD b/PKGBUILD
new file mode 100644
index 000000000000..be049f45170e
--- /dev/null
+++ b/PKGBUILD
@@ -0,0 +1,62 @@
+
+# Maintainer: Sebastian Zwierzchowski
+
+pkgname=hostapd-rtl
+pkgver=2.4
+pkgrel=1
+pkgdesc="IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator"
+arch=('i686' 'x86_64' 'armv7')
+url="http://w1.fi/hostapd/"
+license=('custom')
+depends=('openssl' 'libnl')
+install=hostapd.install
+options=(emptydirs)
+source=(git://github.com/seba-z/hostapd-rtl.git
+	hostapd.service
+	hostapd-2.3-noscan.patch
+	openvswitch.patch)
+md5sums=('SKIP'
+         '7fac28e598e16523777b528b93eab376'
+         'eaf8e48a9a63b5902fddadff2b8933fa'
+         'a0802a604ed957078da0e14863df74f0')
+
+prepare() {
+  cd $pkgname
+  patch -p1 -i ../hostapd-2.3-noscan.patch
+  patch -p1 -i ../openvswitch.patch
+}
+
+build() {
+  cd $pkgname/hostapd
+  sed -i 's#/etc/hostapd#/etc/hostapd/hostapd#' hostapd.conf
+  export CFLAGS="$CFLAGS $(pkg-config --cflags libnl-3.0)"
+  make
+}
+
+package() {
+  # Systemd unit
+  install -Dm644 hostapd.service "$pkgdir/usr/lib/systemd/system/hostapd-rtl.service"
+
+  cd $pkgname
+
+  # License
+  install -Dm644 COPYING "$pkgdir/usr/share/licenses/$pkgname/COPYING"
+
+  cd hostapd
+
+  # Binaries
+  install -D hostapd "$pkgdir/usr/bin/hostapd-rtl"
+  install  hostapd_cli "$pkgdir/usr/bin/hostapd_cli-rtl"
+
+  # Configuration
+  install -d "$pkgdir/etc/hostapd"
+  install -m644 hostapd.conf "$pkgdir/etc/hostapd/${pkgname}.conf"
+  install -d "$pkgdir/usr/share/doc/hostapd-rtl"
+  install -m644 -t "$pkgdir/usr/share/doc/hostapd-rtl" \
+    hostapd.{accept,conf,deny,eap_user,radius_clients,sim_db,vlan,wpa_psk} \
+    wired.conf hlr_auc_gw.milenage_db
+
+  # Man pages
+  install -Dm644 hostapd.8 "$pkgdir/usr/share/man/man8/hostapd-rlt.8"
+  install -Dm644 hostapd_cli.1 "$pkgdir/usr/share/man/man1/hostapd_cli-rtl.1"
+}
diff --git a/config b/config
new file mode 100644
index 000000000000..0fcad7af4f91
--- /dev/null
+++ b/config
@@ -0,0 +1,98 @@
+# Example hostapd build time configuration
+#
+# This file lists the configuration options that are used when building the
+# hostapd binary. All lines starting with # are ignored. Configuration option
+# lines must be commented out complete, if they are not to be included, i.e.,
+# just setting VARIABLE=n is not disabling that variable.
+#
+# This file is included in Makefile, so variables like CFLAGS and LIBS can also
+# be modified from here. In most cass, these lines should use += in order not
+# to override previous values of the variables.
+
+# Driver interface for Host AP driver
+CONFIG_DRIVER_HOSTAP=y
+
+# Driver interface for wired authenticator
+CONFIG_DRIVER_WIRED=y
+
+# Driver interface for Prism54 driver
+CONFIG_DRIVER_PRISM54=y
+
+# IEEE 802.11F/IAPP
+CONFIG_IAPP=y
+
+# WPA2/IEEE 802.11i RSN pre-authentication
+CONFIG_RSN_PREAUTH=y
+
+# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS)
+CONFIG_PEERKEY=y
+
+# IEEE 802.11w (management frame protection)
+# This version is an experimental implementation based on IEEE 802.11w/D1.0
+# draft and is subject to change since the standard has not yet been finalized.
+# Driver support is also needed for IEEE 802.11w.
+CONFIG_IEEE80211W=y
+
+# Integrated EAP server
+CONFIG_EAP=y
+
+# EAP-MD5 for the integrated EAP server
+CONFIG_EAP_MD5=y
+
+# EAP-TLS for the integrated EAP server
+CONFIG_EAP_TLS=y
+
+# EAP-MSCHAPv2 for the integrated EAP server
+CONFIG_EAP_MSCHAPV2=y
+
+# EAP-PEAP for the integrated EAP server
+CONFIG_EAP_PEAP=y
+
+# EAP-GTC for the integrated EAP server
+CONFIG_EAP_GTC=y
+
+# EAP-TTLS for the integrated EAP server
+CONFIG_EAP_TTLS=y
+
+# EAP-SIM for the integrated EAP server
+CONFIG_EAP_SIM=y
+
+# EAP-AKA for the integrated EAP server
+CONFIG_EAP_AKA=y
+
+# EAP-PAX for the integrated EAP server
+CONFIG_EAP_PAX=y
+
+# EAP-PSK for the integrated EAP server (this is _not_ needed for WPA-PSK)
+CONFIG_EAP_PSK=y
+
+# EAP-SAKE for the integrated EAP server
+CONFIG_EAP_SAKE=y
+
+# EAP-GPSK for the integrated EAP server
+CONFIG_EAP_GPSK=y
+# Include support for optional SHA256 cipher suite in EAP-GPSK
+CONFIG_EAP_GPSK_SHA256=y
+
+# PKCS#12 (PFX) support (used to read private key and certificate file from
+# a file that usually has extension .p12 or .pfx)
+CONFIG_PKCS12=y
+
+# RADIUS authentication server. This provides access to the integrated EAP
+# server from external hosts using RADIUS.
+CONFIG_RADIUS_SERVER=y
+
+# Build IPv6 support for RADIUS operations
+CONFIG_IPV6=y
+
+CONFIG_DRIVER_NL80211=y
+
+CONFIG_IEEE80211N=y
+
+CONFIG_LIBNL32=y
+
+CONFIG_ACS=y
+
+CONFIG_IEEE80211AC=y
+
+CONFIG_OPENVSWITCH=y
diff --git a/hostapd-2.3-noscan.patch b/hostapd-2.3-noscan.patch
new file mode 100644
index 000000000000..de60c55b4350
--- /dev/null
+++ b/hostapd-2.3-noscan.patch
@@ -0,0 +1,54 @@
+--- a/hostapd/config_file.c
++++ b/hostapd/config_file.c
+@@ -2639,6 +2639,8 @@ static int hostapd_config_fill(struct ho
+ 		}
+ #endif /* CONFIG_IEEE80211W */
+ #ifdef CONFIG_IEEE80211N
++	} else if (os_strcmp(buf, "noscan") == 0) {
++		conf->noscan = atoi(pos);
+ 	} else if (os_strcmp(buf, "ieee80211n") == 0) {
+ 		conf->ieee80211n = atoi(pos);
+ 	} else if (os_strcmp(buf, "ht_capab") == 0) {
+--- a/src/ap/ap_config.h
++++ b/src/ap/ap_config.h
+@@ -576,6 +576,7 @@ struct hostapd_config {
+ 
+ 	int ht_op_mode_fixed;
+ 	u16 ht_capab;
++	int noscan;
+ 	int ieee80211n;
+ 	int secondary_channel;
+ 	int require_ht;
+--- a/src/ap/hw_features.c
++++ b/src/ap/hw_features.c
+@@ -690,7 +690,7 @@ static int ieee80211n_check_40mhz(struct
+ 	struct wpa_driver_scan_params params;
+ 	int ret;
+ 
+-	if (!iface->conf->secondary_channel)
++	if (!iface->conf->secondary_channel || iface->conf->noscan)
+ 		return 0; /* HT40 not used */
+ 
+ 	hostapd_set_state(iface, HAPD_IFACE_HT_SCAN);
+--- a/src/ap/ieee802_11_ht.c
++++ b/src/ap/ieee802_11_ht.c
+@@ -220,6 +220,9 @@ void hostapd_2040_coex_action(struct hos
+ 	if (!(iface->conf->ht_capab & HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
+ 		return;
+ 
++	if (iface->conf->noscan)
++		return;
++
+ 	if (len < IEEE80211_HDRLEN + 2 + sizeof(*bc_ie))
+ 		return;
+ 
+@@ -317,6 +320,9 @@ void ht40_intolerant_add(struct hostapd_
+ 	if (iface->current_mode->mode != HOSTAPD_MODE_IEEE80211G)
+ 		return;
+ 
++	if (iface->conf->noscan)
++		return;
++
+ 	wpa_printf(MSG_INFO, "HT: Forty MHz Intolerant is set by STA " MACSTR
+ 		   " in Association Request", MAC2STR(sta->addr));
+ 
diff --git a/hostapd.install b/hostapd.install
new file mode 100644
index 000000000000..072cde845501
--- /dev/null
+++ b/hostapd.install
@@ -0,0 +1,3 @@
+post_install() {
+  echo "> More info: https://wiki.archlinux.org/index.php/Software_Access_Point"
+}
diff --git a/hostapd.service b/hostapd.service
new file mode 100644
index 000000000000..a57c07a92668
--- /dev/null
+++ b/hostapd.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
+After=network.target
+
+[Service]
+ExecStart=/usr/bin/hostapd-rtl /etc/hostapd/hostapd-rtl.conf
+ExecReload=/bin/kill -HUP $MAINPID
+
+[Install]
+WantedBy=multi-user.target
diff --git a/openvswitch.patch b/openvswitch.patch
new file mode 100644
index 000000000000..4844bd723d25
--- /dev/null
+++ b/openvswitch.patch
@@ -0,0 +1,153 @@
+diff --git a/src/drivers/drivers.mak b/src/drivers/drivers.mak
+index 9434078..7d8786c 100644
+--- a/src/drivers/drivers.mak
++++ b/src/drivers/drivers.mak
+@@ -145,6 +145,10 @@ DRV_WPA_OBJS += ../src/drivers/driver_wext.o
+ NEED_RFKILL=y
+ endif
+ 
++ifdef CONFIG_OPENVSWITCH
++DRV_CFLAGS += -DCONFIG_OPENVSWITCH
++endif
++
+ ifdef NEED_NETLINK
+ DRV_OBJS += ../src/drivers/netlink.o
+ endif
+diff --git a/src/drivers/drivers.mk b/src/drivers/drivers.mk
+index 8da4c53..4cee638 100644
+--- a/src/drivers/drivers.mk
++++ b/src/drivers/drivers.mk
+@@ -132,6 +132,10 @@ DRV_WPA_OBJS += src/drivers/driver_wext.c
+ NEED_RFKILL=y
+ endif
+ 
++ifdef CONFIG_OPENVSWITCH
++DRV_CFLAGS += -DCONFIG_OPENVSWITCH
++endif
++
+ ifdef NEED_NETLINK
+ DRV_OBJS += src/drivers/netlink.c
+ endif
+diff --git a/src/drivers/linux_ioctl.c b/src/drivers/linux_ioctl.c
+index 837971d..f666e27 100644
+--- a/src/drivers/linux_ioctl.c
++++ b/src/drivers/linux_ioctl.c
+@@ -14,6 +14,69 @@
+ #include "utils/common.h"
+ #include "linux_ioctl.h"
+ 
++#ifdef CONFIG_OPENVSWITCH
++#include <sys/wait.h>
++#include <sys/stat.h>
++
++#define run_prog(p, ...) ({ \
++	struct stat q; \
++	int rc = -1, status; \
++	if(stat(p, &q) == 0) \
++	{ \
++		pid_t pid = fork(); \
++		if (!pid) \
++			exit(execl(p, p, ##__VA_ARGS__, NULL)); \
++		if (pid < 0) { \
++			rc = -1; \
++		} else { \
++			while ((rc = waitpid(pid, &status, 0)) == -1 && errno == EINTR); \
++			rc = (rc == pid && WIFEXITED(status)) ? WEXITSTATUS(status) : -1; \
++		} \
++	} \
++	rc; \
++})
++
++int ovs_br_get(char *brname, const char *ifname)
++{
++	FILE *f;
++	char cmd[64];
++	char *c;
++	struct stat q;
++
++	if(stat("/usr/bin/ovs-vsctl", &q) != 0)
++		return -1;
++
++	brname[0] = '\0';
++	sprintf(cmd, "/usr/bin/ovs-vsctl iface-to-br %s", ifname);
++	f = popen(cmd, "r");
++	if (!f)
++		return -1;
++	c = fgets(brname, IFNAMSIZ, f);
++	pclose(f);
++	if (c && strlen(brname)) {
++		/* Ignore newline */
++		if ((c = strchr(brname, '\n')))
++			*c = '\0';
++		return 0;
++	}
++	return -1;
++}
++
++int ovs_br_add_if(const char *brname, const char *ifname)
++{
++	if (run_prog("/usr/bin/ovs-vsctl", "add-port", brname, ifname))
++		return -1;
++	return 0;
++}
++
++int ovs_br_del_if(const char *brname, const char *ifname)
++{
++	if (run_prog("/usr/bin/ovs-vsctl", "del-port", brname, ifname))
++		return -1;
++	return 0;
++}
++
++#endif
+ 
+ int linux_set_iface_flags(int sock, const char *ifname, int dev_up)
+ {
+@@ -118,7 +181,6 @@ int linux_set_ifhwaddr(int sock, const char *ifname, const u8 *addr)
+ 	return 0;
+ }
+ 
+-
+ #ifndef SIOCBRADDBR
+ #define SIOCBRADDBR 0x89a0
+ #endif
+@@ -162,6 +224,11 @@ int linux_br_add_if(int sock, const char *brname, const char *ifname)
+ 	struct ifreq ifr;
+ 	int ifindex;
+ 
++#ifdef CONFIG_OPENVSWITCH
++	if (!ovs_br_add_if(brname, ifname))
++		return 0;
++#endif
++
+ 	ifindex = if_nametoindex(ifname);
+ 	if (ifindex == 0)
+ 		return -1;
+@@ -184,6 +251,11 @@ int linux_br_del_if(int sock, const char *brname, const char *ifname)
+ 	struct ifreq ifr;
+ 	int ifindex;
+ 
++#ifdef CONFIG_OPENVSWITCH
++	if (!ovs_br_del_if(brname, ifname))
++		return 0;
++#endif
++
+ 	ifindex = if_nametoindex(ifname);
+ 	if (ifindex == 0)
+ 		return -1;
+@@ -206,6 +278,11 @@ int linux_br_get(char *brname, const char *ifname)
+ 	char path[128], brlink[128], *pos;
+ 	ssize_t res;
+ 
++#ifdef CONFIG_OPENVSWITCH
++	if (!ovs_br_get(brname, ifname))
++		return 0;
++#endif
++
+ 	os_snprintf(path, sizeof(path), "/sys/class/net/%s/brport/bridge",
+ 		    ifname);
+ 	res = readlink(path, brlink, sizeof(brlink));
+@@ -219,3 +296,4 @@ int linux_br_get(char *brname, const char *ifname)
+ 	os_strlcpy(brname, pos, IFNAMSIZ);
+ 	return 0;
+ }
++