[wpa_supplicant] Cumulative patch from commit e4eb009d9

Bug: 153102274
Test: Device boots up and connects to wifi networks, run traffic.
Test: Able to turn on/off softap, associate wifi STA, run traffic.
Test: Regression test passed (Bug: 153163800)

e4eb009d9 DPP2: Add Connector and C-sign-key in psk/sae credentials for reconfig
1dcfbab25 DPP2: Clear requirement for QR Code mutual authentication for chirping
a371164f8 Process received WNM Notification Request for beacon protection failures
0e794989e Beacon frame protection event for incorrect protection
7c8f540ee wpa_supplicant: Add HE override support
e149051ce hostapd: Validate the country_code parameter value
d4f5d1f0c DPP: Add some more details on how to use DPP
66e20bb1a Fix the dpp_configurator_sign example command
91498a122 hostapd: DFS for channel switch in repeater mode
c60717f83 hostapd: Add support for DFS channels in CHAN_SWITCH
683e7c755 DFS: Add new hostapd_is_dfs_overlap() helper
798876739 DFS: Rename and export hostapd_config_dfs_chan_available helper
30b6d4bb7 hostapd: Basic channel check for CHAN_SWITCH parameters
3f88d2ba0 AP: Drop not needed condition to delete PTK ID 1
80914e9eb DPP2: Fix build with OpenSSL 1.0.2 (EVP_PKEY_get0_EC_KEY() wrapper)
54e2961f8 Add a hostapd testing option for skipping association pruning
1a18f8df6 nl80211: Allow full AP client state capability to be disabled
7b156a3c5 wpa_auth: Use printf format %zu instead of type casts
f83d3491b wpa_auth: Do not split strings into multiple lines
9385f03fe wpa_auth: Coding style cleanup for pointer is NULL comparisons
62e12afcf wpa_auth: Clean up pointer dereferences
bbf94a095 nl80211: Configure PMKSA lifetime and reauth threshold timer to driver
1f4e9946b Sync with mac80211-next.git include/uapi/linux/nl80211.h
5058f771d DPP2: Allow station to require or not allow PFS
7c021dec3 DPP2: Allow AP to require or reject PFS
ca57d5f55 Return an enum from wpa_validate_wpa_ie()
2b4f9ce28 hostapd: Add HE bit in BSSID Information field of own Neighbor Report
80d0e50dc DPP2: Use a helper function for encapsulating TCP message
fa5143feb DPP2: Presence Announcement processing in Controller
db1ef8253 DPP2: Presence Announcement processing in AP/Relay
06dd32903 DPP2: Presence Announcement processing at Configurator
6f5bc15be DPP2: Configurator Connectivity indication
562f77144 DPP2: Chirping in wpa_supplicant Enrollee
1f0226770 DPP2: Add a helper function for building Presence Announcement frame
7cba35b0e DPP2: New identifier definitions
547dc7eaa DPP: Add DPP_BOOTSTRAP_SET command
804fc268a DPP: Allow per-peer configurator parameters to be set
514cc49ba DPP: Store global pointers in struct dpp_authentication
bc95d5833 Fix a typo in function documentation
b7275a814 Update STA flags to the driver immediately on disconnection
8ca6f924d STA: Fix wpa_clear_keys() PTK key deletion logic
ff5434090 AP: Fix Extended Key ID parameter check
96686e637 wpa_supplicant AP mode configuration for Transition Disable KDE
9d1857cf3 Process Transition Disable KDE in station mode
82cc0b0cc Allow hostapd AP to advertise Transition Disable KDE
3eb9ddc65 Transition Disable KDE definitions
a72ec4c22 Add addition CFR capture type to filter all NDPA NDP frames
a163bfe2b Change CFR attributes from required to optional
e520de8db Add ACS support for 60 GHz channel bonding
00f6a2762 nl80211: Fix offloaded ACS regression for the 60 GHz band
1e8ea0833 HE: Add HE support to hostapd_set_freq_params()
bb08be757 Extend vendor attributes to support enhanced CFR capture
30ac8ddaf Add QCA vendor attributes for ACS over EDMG (IEEE 802.11ay)
41c3f0cd5 Allow last configured Key ID for TK to be fetched from wpa_supplicant
8b63a5816 Use a shared helper function for RSN supplicant capabilities
b17b7a8e5 STA: Support Extended Key ID
862aac1fc AP: Support Extended Key ID
b967b5e85 Limit scan frequency list to 100 entries
9f9a148af Convert int_array to use size_t instead of int as the length
749add5c6 Limit freq_range_list_parse() result to UINT_MAX entries
2f0600856 loop: Use size_t for eloop.count
7858f493f eloop: Use size_t for socket table->count
3f45b8dae hs20-osu-client: Use size_t for certificate components
913220cbb eloop: Use size_t for signal_count
ae7193611 Limit maximum number of pending SA Queries
02b43c557 RADIUS: Use size_t instead of int for message attributes
a2c23195a D-Bus: Use size_t for values theoretically larger than 16-bit int
d2d16e310 Use size_t instead of int or unsigned int for configuration items
4391ddd63 Use size_t instead of unsigned_int for last_scan_res
22f0318db Interpolate rate calculation functions
3a25897ef Adjust max bitrate SNR floors
eb26a6997 Allow SA Query to be disabled for testing purposes
7546c489a nl80211: Fix RTM NEW/DELLINK IFLA_IFNAME copy for maximum ifname length
22547c314 More details to the vendor specific driver internal failure reporting
51e8f5d63 Ignore duplicated SSID element when parsing
5a296129f Set beacon protection config irrespective of macro CONFIG_FILS
cc79eb725 Check against integer overflow in int_array functions
a55ecfeab Allow RSNXE to be removed from Beacon frames for testing purposes
b7366a942 FT: Omit RSNXE from FT protocol Reassociation Response when needed
6140cca81 FT: Omit RSNXE from FT protocol Reassociation Request when needed
35936cd2c FT: Verify that RSNXE is used consistently in Reassociation Response
497ae9f00 FT: Verify that RSNXE is used consistently in Reassociation Request
51d1924bd FT: Set the new RSNXE Used subfield in FT reassociation
796253a65 nl80211: Debug print set_key() command names
ac2224153 nl80211: Extended Key ID support
a1afa2df8 Remove unnecessary and confusing length check from the PMKID KDE case
094c9cdc7 Add parsing of Key ID KDE for Extended Key ID
f5c0104f3 Add KEY_FLAG_MODIFY for Extended Key ID support
9e30180a3 nl80211: Allow scanning in wpa_supplicant AP mode
fab94f16e Indicate scan completion in active AP mode even when ignoring results
037e004c1 nl80211: Remove extraneous space from send_mlme debug print
81fa7730d nl80211: Add more TX status details in debug log in AP mode
f21fbfb97 Allow RSNE in EAPOL-Key msg 2/4 to be overridden for testing purposes
46e147fcd Allow RSNE/RSNXE to be replaced in FT protocol Reassocation Response frame
1a8e9334c FT: Check RSNE/RSNXE match in FT protocol Reassociation Response frame
839bab785 nl80211: Debug print driver capabilities
e861fa1f6 Move the "WPA: AP key_mgmt" debug print to be after final changes
1d9cff86b Multi-AP: Set 4-address mode after network selection
e0fb468a7 HS 2.0 server: Add a note on OCSP server hostname
440dac755 hs20-osu-client: Use more specific debug message on OSU connection
2b9713d61 Fill the current opclass in (Re)AssocRequest depending on HT/VHT IEs
d9a7b71a7 AP: Fix regression in frequency check for a usable EDMG channel
1f13c1393 mesh: Fix CONFIG_HT_OVERRIDES build without CONFIG_VHT_OVERRIDES
52efde2aa WPS: Do not set auth_alg=OPEN for PSK+SAE case
10223b501 SAE: Expose sae_write_commit() error cases to callers
7f1f69e89 SAE: Check hmac_sha256() result in sae_token_hash()
b0927e5d0 nl80211: Fix error print for hapd_send_eapol()
a17cbcd69 os_unix: Call srandom() only if os_get_random() succeeds
17ba51b14 nl80211: Fix tx_control_port error print
bb2ea8e5e DPP: Remove unreachable return statement
7dcc5f7fe SAE: Check sta pointer more consistently in testing code
15d63c604 Clean up hostapd_get_he_twt_responder() processing
7aa47fe5f DPP: Fix connectorTemplate addition
fe0429a58 Replace systemd install Alias with WantedBy
c7d293024 RSN: Stop 4-way handshake if scan results are not available
f4bf6a5d4 OWE: Allow BSS entry with different SSID to be used in transition mode
3c7381150 OWE: Mark BSS for transition mode based on active OWE network profiles
ecb5219d8 OWE: Avoid incorrect profile update in transition mode
785f99b68 FT: Silence debug prints when FT is not actually used
33a28170a Recognize OWE Transition Mode element in IE parser
fad044943 Report RSNXE mismatch in EAPOL-Key msg 3/4 more consistently with RSNE
4d64fd37b Allow RSNE in EAPOL-Key msg 3/4 to be replaced for testing purposes
9128b6726 Extend hostapd rsnxe_override_eapol to allow IE removal
43ededa9c Do not override WDS VLAN assignment for STA
87998f80e HS 2.0 server: Allow OCSP responder to continue running after errors
ca8a51c4b webkit2: Fix http://localhost:12345/ redirect handling
be15f33d0 Replace WPA_ALG_PMK with KEY_FLAG_PMK
11b1fcd6c nl80211: Drop outdated TDLS set_key() hack
2dd72315d wpa_cli: Add missing quote around interface name
f64b601c4 DFS: Add support for 80+80 MHz when going through channel switch
0a76a0b96 OWE: Fix PTK derivation workaround for interoperability
87775e32f Fix segmentation fault for NULL confname in SAVE_CONFIG
81621eab7 nl80211: Migrate from set_tx to key_flag API
9757f18db nl80211: Don't ignore when SET_KEY returns ENOENT
98b8275d9 nl80211: Remove not needed netlink key attribute
8563f6f56 nl80211: Fix wrong return code in set_key error path
adf550ee4 nl80211: Ignore seq number for key deletion
e9e69221c Validity checking function for key_flag API
5eb163256 nl80211: Add a missing key_flag for WEP shared key authentication
82eaa3e68 Remove the not yet needed KEY_FLAG_MODIFY
982b9cf02 Fix a wrong key_flag when deleting 802.1X WEP keys
d37c05e5b AP: Don't try to set NULL WEP default key
fa1a6aff2 Fix unicast argument for set_wep_key() from EAPOL supplicant
11dab0f37 WPS: Remove expired PINs on Selected Registrar timeout
8f89e57ab DFS: More debug prints on channel selection after radar detection
4b37d2428 hostapd: Fix to downgrade bandwidth in radar detection
7242087d1 DFS: Do not process radar event while disabling an interface
5fdacce46 Allow wildcard SSID to be enforced for a specific BSSID scan
43282f732 mesh: Fix HE enablement on 5 GHz with VHT
21f835e64 SAE: Allow SAE-only network profile with sae_password to be written
5bad30056 privsep: Mask out control port capability flag
c1a6b1e47 privsep: Add key_flag to set_key()
852d370f6 Silence a compiler warning in no-WEP and no-EAP builds
101da59aa common: Add support for element defragmentation
e636bc855 WPA: Rename FILS wrapped data
94773d40f crypto: Add a function to get the ECDH prime length
e8ae97aeb nl80211: Allow TX status for Authentication frames
c4988e73c driver: Extend send_mlme() with wait option
d046f2a9f nl80211: Register for SAE Authentication frames more strictly
7a9c36722 DBus: Add "sae" to interface key_mgmt capabilities
200c7693c Make WEP functionality an optional build parameter
bca44f4e4 WPS: Remove static-WEP-only workaround
b7f1d4f4d ACS: Allow hw_mode=any to be used with internal ACS algorithm
d07f1ade9 ACS: Determine mode when using hw_mode=any
c60362e6e ACS: Extend acs_find_ideal_chan() to support multiple modes
141a8815e ACS: Extend acs_request_scan() to support multiple modes
f3c44a196 ACS: Extend interference factor calculation for all modes
070522e5b ACS: Extend acs_find_chan() for all modes
4c1ffb45e ACS: Extend acs_surveys_are_sufficient() for all modes
3d09be41a ACS: Clear all modes in acs_cleanup()
499c37b72 ACS: Extend hostapd_get_mode_channel() to find from any mode
a62d76185 ACS: Fix spelling of "interference"
167205d45 os_unix: Seed random() for os_random()
74db49d74 SAE: Do not use PMKSA entry after its reauth threshold
bb93ea234 SAE: Do not clone PMKSA entry for OKC after its reauth threshold
114d12418 SAE: Fix PMKID derivation for OKC
3f10f716a common: Provide the BIT() macro locally
b8f6b0713 Add attribute for dwell time in QCA vendor scan
ec303e2cb Introduce QCA_WLAN_VENDOR_ATTR_CONFIG_ROAM_REASON
34640a88d Fix enum qca_wlan_vendor_attr_config value prefix
3fadb1dcc WPS: Ignore other APs if PBC is used with a specific BSSID
f1d385609 nl80211: Beacon protection capability flag and default key type
2e34f6a53 Sync with mac80211-next.git include/uapi/linux/nl80211.h
0f84a93f6 Fix a type in wpa_supplicant defconfig
0e05e8781 Simplify wpa_deny_ptk0_rekey documentation
a5944db04 Add wpa_deny_ptk0_rekey to AP get_config() output
8a1660b60 common: Add missing driver flag strings
4b04223f2 hostapd: Replace UDP ctrl_iface global cookies with per-instance ones
12fb9698a Use IFNAME= prefix for global UDP control interface events
293631f17 IBSS RSN: Coding style cleanup
1f90a49d0 STA: Allow PTK rekeying without Ext KeyID to be disabled as a workaround
1a7963e36 AP: Allow PTK rekeying without Ext KeyID to be disabled as a workaround
35da7c20a nl80211: Add driver capability flag for CAN_REPLACE_PTK0
7b26238d4 Do not skip MBO PMF check with the WPS special case WPA check exception
fae7e64aa Save RM enabled capability of station with AP SME
e9ac44fcb Make INTERWORKING_CONNECT more reliable in testing environment
1074d4241 Fix a typo in a comment
8fe7ec664 Remove Secondary Channel Offset element from Beacon/Probe Response frames
7f1529d2a Fix HE element order in Beacon and Probe Response frames
f3bcd6960 Remove CONFIG_IEEE80211N build option
640d59942 Fix location of MDE and RSNXE in Beacon and Probe Response frames
2d4c78aef Configure received BIGTK on station/supplicant side
ecbf59e69 wpa_supplicant configuration for Beacon protection
16889aff4 Add BIGTK KDE and subelement similarly to IGTK
555dcd75c Generate BIGTK and rekey it with IGTK
323d06187 Parsing of BIGTK KDE in EAPOL-Key frames
3937378ab Parsing of BIGTK subelement in FTE
d2e77310d driver: Document use of set_key() for BIGTK
c1df321b6 AP mode indication of Beacon protection being enabled
92d407dbd hostapd configuration for Beacon protection
cb86e8bac nl80211: Remove an extra closing parenthesis from a debug message
46cb04650 nl80211: Check nla_nest_start() result for NL80211_ATTR_HE_OBSS_PD
0b0ee0f15 HE: Propagate BSS color settings to nl80211
8155b36fa Fix VERSION_STR printf() calls in case the postfix strings include %
dd74ddd0d nl80211: Handle AKM suite selectors for AP configuration
139f6deaf Remove duplicated wpa_akm_to_suite() entry
10655d1bc nl80211: Add NLA_F_NESTED to nla_nest_start() with older libnl versions
5db5290ab webkit: Clean up USE_WEBKIT2 blocks
26ad26c8c webkit2: Split decide-policy into a separate function
02ed737ee webkit2: Split resource-load-started handler into a separate function
7de8bd508 webkit: Track gtk_main()/gtk_main_quit() calls
de0a8906f webkit2: Remove TODO not for download-started
ae07bc46c webkit2: Do not register notify::load-status handler
9ea9d18de webkit2: Replace notfy::progress with notify::estimated-load-progress
c0c4685d5 webkit2: Implement notify::title handler
ffeafc087 webkit2: Use mouse-target-changed to replace hovering-over-link
e33a0eece hs20-osu-client: Validate HTTPS server certificate by default (browser)
61bf9819c hs20_web_browser() to allow TLS server validation to be enabled
921ea4962 hs20-osu-client: Ignore TLS errors with webkit2
b4b1b122e hs20-osu-client: Enable webkit2 support
466e48dcd HT: Remove SMPS in AP mode
8de0ff0fa HE: Add TWT responder extended capabilities field
ab8c55358 HE: Dynamically turn on TWT responder support
0cb39f4fd HE: Extend BSS color support
458162a27 Sync with mac80211-next.git include/uapi/linux/nl80211.h
981b96caa WPS: Mark added PSK entry with wps=1 tag for per-Enrollee PSK case
b05627511 Fix exception checking in a wpa_supplicant P2P example script
2bab073df WPS: Add new PSK entries with wps=1 tag
fde8e7946 WPS: Make it possible to use PSKs loaded from the PSK file
b1977a652 WPS: Use PMK_LEN instead of hardcoded 32
b27ed050d Do not split strings into multiple lines
838180877 Use PMK_LEN macro instead of hardcoded value 64 (= 2 * 32)
f5da5810c Check pbkdf2_sha1() result when generating PSK from PSK file
e7d8842e6 OWE: Rename owe_assoc_req_process() parameter reason to status
877d9a02b Additional get_sta_info attrs for Beacon/Probe Response/disconnect reasons
8162d98f2 Introduce QCA_NL80211_VENDOR_SUBCMD_DRIVER_DISCONNECT_REASON
32551066b Introduce QCA_NL80211_VENDOR_SUBCMD_UPDATE_STA_INFO
dae85e655 P2P: Increase number of channels per operating class
75d0ec470 P2P: Fix a possible buffer overflow in struct p2p_reg_class
555131783 Introduce QCA_WLAN_VENDOR_ATTR_BEACON_REPORT_FAIL
c304bddcf DPP: Stop Action frame sequence on DPP_STOP_LISTEN and PKEX failure
de08fae66 DPP: Do not require dpp_configurator_params to start with a space
c7cc80fbc DPP: Reset DPP_AUTH_INIT netrole back to STA by default
adf3de44c Add check to consider band in enabling connection_vht flag
490d90db4 Define macro BIT() in qca_vendor.h
9a0edf170 wlantest: Add PTK derivation support with SAE, OWE, DPP
96a2a9a88 Send RM Enabled Capabilities element in (Re)Association Response frame
23dc196fd Check for FT support when selecting FT suites
85f3ab758 Replace deprecated readdir_r() with readdir()
641d79f16 SAE: Special test mode sae_pwe=3 for looping with password identifier
31d7fe917 Add GET_PMK for fetching the current PMK for a STA from hostapd
ca1cecc54 SAE: Verify that appropriate Status Code is used in SAE commit (SME)
c248ebaf4 DPP: Fix encryptedContent DER encoding
4dc3b70de DPP: Try to negotiate different parameters if NFC handover fails
61c049da3 DPP: Allow local channel list to be set
e2b1e7dce DPP: Require conf=configurator to allow Configurator provisioning
1ba4a10a0 DPP: Initialize conf_resp_status to non-OK
18714af2d DPP: Ignore unexpected duplicated Authentication Confirm
8f8473ceb SAE: Fix peer-commit-scalar reuse check
c4bab72d9 Use secondary channel provided by ACS for HT40 if valid
16b789eef Fix wmm compile on fedora-17 (gcc 4.7.2)
d240c74b6 nl80211: Fix regulatory limits for WMM cwmin/cwmax values
bc1289b07 nl80211: Fix WMM queue mapping for regulatory limit
fee28410d scan_est_throughput: Use ie_len instead of res->ie_len
b2b7f8dcf BSD: Fix the maximum size of a route(4) msg to 2048
25c247684 BSD: Remove an outdated comment
d807e289d BSD: Don't set or remove IFF_UP
4692e87b2 BSD: Share route(4) processing with hostapd and wpa_supplicant.
d20b34b43 BSD: Driver does not need to know about both wpa and hostap contexts
aad414e95 nl80211: Fix send_mlme for SAE external auth
1a9d270d4 Additional stats through QCA_NL80211_VENDOR_SUBCMD_GET_STA_INFO
c025c2eb5 DPP: DPPEnvelopedData generation for Configurator backup
7d9e32005 DPP: Received Configurator backup processing
ea91ddb08 DPP: DPPEnvelopedData parsing for Configurator backup/restore
312eac1d1 DPP: Add ASN.1 support into build
31b5950d0 ASN.1: Helper functions for building DER encoded data
ce1f47739 ASN.1: More OID definitions
8006742fa ASN.1: Add a helper for parsing AlgorithmIdentifier
f7f2843c4 ASN.1: Add a helper for parsing SEQUENCE
3393d94d0 ASN.1: Add a helper for parsing INTEGER
5e98998ec DPP2: Add Protocol Version attr to Auth Resp only if peer is R2 or newer
505797b45 Add a vendor attribute for RTPL instance primary frequency
76162b182 TLS: Fix bounds checking in certificate policy parser
703c2b645 DPP: Example script for NFC bootstrapping method
566972fd6 DPP: Show selected negotiation channel in DPP_BOOTSTRAP_INFO
5e287724e DPP: NFC negotiated connection handover
2bbe6ad3a DPP: Helper function for bootstrapping URI generation
12da39b38 crypto: Allow up to 10 fragments for hmac_sha*_vector()
d165b32f3 TLS: TOD-STRICT and TOD-TOFU certificate policies
cd66b8295 TLS: Fix a typo in a debug message
a62940904 Add vendor interface QCA_NL80211_VENDOR_SUBCMD_REQUEST_SAR_LIMITS_EVENT
0ecf73563 Add new QCA vendor attribute to set thermal level
8b138d282 OWE: PTK derivation workaround in STA mode
65a44e849 OWE: PTK derivation workaround in AP mode
bd50805e4 OWE: Select KDF hash algorithm based on the length of the prime
10bdce692 Fix a typo in an example configuration file comment
0d445cd39 Fix a typo in a comment
ce26f0086 Fix coloc_intf_reporting config param in hostapd in non-OWE builds
1011c7990 Do not enable HT/VHT for 6 GHz band 20 MHz width channels also
d0e116f61 Enhance get_mode() to return correct hw_mode with 6 GHz support
4658eb77d Remove deprecated text for ap_scan=0
5e32fb017 SAE: Use Anti-Clogging Token Container element with H2E
e36a5894d SAE: Use H2E whenever Password Identifier is used
c56b7a2fd SAE: Mark sae_derive_pt_ecc() static
29dd0b316 SAE H2E: Check H2E-only BSS membership selector only if SAE is enabled
4ee5a5035 trace: Handle binutils bfd.h breakage
fa308a649 hostapd: Fix a typo in sample configuration
d20365db1 EAP-SIM/AKA peer: Add support for EAP Method prefix
4bf78a79d ACS: Populate channel config from external ACS per documented behavior
fe1552d93 ACS: Update documentation of external ACS results event parameters
881177201 6 GHz: Fix Channel Width value for 80+80 in 6 GHZ Operation Info field
b4fe37c4f Silence compiler warning in no-NEED_AP_MLME builds
dd530b873 Silence compiler warning with CONFIG_NO_ROAMING=y
e1650a7b0 tests: Set key_flag when using SET_KEY
a919a2603 Introduce and add key_flag
3df4c05ae nl80211: Pass set_key() parameter struct to wpa_driver_nl80211_set_key()
99d8c4dca hostapd: Support VLAN offload to the driver
0f903f37d nl80211: VLAN offload support
4d3ae54fb Add vlan_id to driver set_key() operation
f82254645 driver: Move set_key() parameters into a struct
3912cbd88 SAE: A bit optimized sae_confirm_immediate=2 for testing purposes
33c8a1049 Do not select APs found on disabled channels for connection
aa663baf4 Fix QCA_WLAN_VENDOR_ATTR_ACS_VHT_SEG1_CENTER_CHANNEL NULL check
f7b2fe99e tests: Fix undefined behavior in module tests
297d69161 OpenSSL: Fix memory leak in TOD policy validation
8296ee180 RSN IBSS: Fix EAPOL TX using control port
c52129bed nl80211: Allow control port to be disabled with a driver param
781c5a062 nl80211: Use control port TX for AP mode
d8252a981 nl80211: Report control port RX events
a79ed0687 Add no_encrypt flag for control port TX
144314eaa wpa_supplicant: Send EAPOL frames over nl80211 where available
8759e9116 nl80211: Control port over nl80211 helpers
ccaabeaa0 driver: Remove unused send_ether() driver op
3d41dd7c5 WPS: Add application extension data to WPS IE
b7bb2c020 P2P: Move p2p_long_listen into struct wpa_global
9ad3c12dd P2P: Always use global p2p_long_listen
9bedf9004 nl80211: Use monitor interface for sending no-encrypt test frames
8d84c75f7 Allow testing override for GTK/IGTK RSC from AP to STA
af670cb41 SME: Postpone current BSSID clearing until IEs are prepared
ff7743118 nl80211: Don't set offchan-OK flag if doing on-channel frame in AP mode
d5798e43f nl80211: Use current command for NL80211_CMD_REGISTER_ACTION
81ae8820a nl80211: Rename send_action_cookie to send_frame_cookie
5ad372cc3 nl80211: Clean up nl80211_send_frame_cmd() callers
0dae4354f nl80211: Get rid of separate wpa_driver_nl80211_send_frame()
e69592786 driver: Remove unused send_frame() driver op
ce0180487 Convert the only remaining send_frame() users to send_mlme()
27cc06d07 nl80211: Support no_encrypt=1 with send_mlme()
665a3007f driver: Add no_encrypt argument to send_mlme()
371002746 Make hostapd_drv_send_mlme() more generic
b3525dc17 P2P Manager: Use send_mlme() instead of send_frame() for Deauthentication
947465475 IBSS RSN: Use send_mlme() instead of send_frame() for Authentication frames
14cc3d10c nl80211: Simplify hapd_send_eapol() with monitor interface
16a266720 nl80211: Don't accept interrupted dump responses
6c5701937 Test functionality to override driver reported signal levels
c8eb7fe66 Fix signal_poll based roaming skip
a8b00423e BSD: Use struct ip rather than struct iphdr
3ea58a054 nl80211: Fix libnl error string fetching
139f7ab31 mac80211_linux: Fix libnl error string fetching
25ebd538a Drop support for libnl 1.1
1ace2f7c0 Drop debug print level for informative debug messages
ad2f09660 Maintain BSS entries for 5 seconds after interface is disabled
988f14448 Indicated if the selected BSS is the current BSS
a8ad9c31d Make min_diff determination from cur_level more readable
41f72d735 Use sel_est consistently with cur_sel in wpa_supplicant_need_to_roam()
a2c1bebd4 Improve roaming logic
9c8d550b7 Allow roam to lower signal level if throughput benefit is significant
9fafefb9e Skip roaming based on signal level difference if current SNR is good
f4f7600ad Use signal_poll noise information for roaming, if available
f97baef25 Clear SME auth_alg on FLUSH
568950c6e RSN: Do not add PMKSA candidates unnecessarily
0d1d1f0d2 Clear last Michael MIC error timer on FLUSH
69ccc557d wpa_supplicant: Fall back to avg_signal in roaming decision
7e7b23e22 Update throughput estimate for the current BSS based on signal poll
ad06ac0b0 Move throughput estimation into a helper function
ef1a45f28 Move scan/roaming related defines to a header file
98ea9d5d5 Use local variables for current BSS signal strength in roaming
22319c7fe RADIUS client: fix extra retry before failover
02c21c02d wpa_supplicant: Do not disconnect on deinit if WoWLAN is enabled
82ba4f2d1 nl80211: Add a driver ops function to check WoWLAN status
59536a33d wpa_cli: WPS-PIN-ACTIVE and WPS-CANCEL events for action scripts
b0621b083 Call hostapd_allowed_address() directly from handle_probe_req()
963681723 Fix possible memory leak of RADIUS data in handle_auth()
d4ceaafc2 Make hostapd_copy_psk_list() non-static
29024efd1 Move the RADIUS cached attributes into a struct
3cd4db231 FT: Do not deliver RRB messages locally without matching FT/SSID
c133c785d FT: Check mobility domain when sending RRB message to local managed BSS
a422d9b4c RRB: More debug prints for local delivery
7b1105afe RRB: Do not reorder locally delivered messages
4834c6869 FT: Fix hostapd_wpa_auth_oui_iter() iteration for multicast packets
18780c6d6 OpenSSL: Add support for TPM2-wrapped keys
974f84bb7 Fix ignore_broadcast_ssid behavior with SSID List and Short SSID List
1c7f652f9 AP: Support Short SSID List element in Probe Request frames
522450b7b AP: Determine Short SSID value for the BSS
41b06b065 mesh: Fix race condition in mesh mpm new peer handling
ef48f1bfb Ensure authenticator session timer is applied with wired driver
a383db064 defconfig: Enable MACsec
53661e3a9 Allow debug log to be written to both syslog and file
68f9f480e wpa_gui: Silence a compiler warning
eadfeb0e9 wpa_gui: Show entire list of networks
a3b59fa11 wpa_cli: Let LAST_ID argument to be used for LIST_NETWORKS
078217a2d STA OBSS: Update secondary channel info after CSA

Change-Id: I194039d27c1467a20aa4a28c0612ff9ba52ac7f9

1 files changed, 277 insertions, 33 deletions

diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index 73e63ab5..d4294966 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -130,6 +130,7 @@ static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
 #endif /* CONFIG_OWE */
 
 
+#ifdef CONFIG_WEP
 /* Configure default/group WEP keys for static WEP */
 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
 {
@@ -142,11 +143,15 @@ int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
 		set = 1;
 		wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
 				i, i == ssid->wep_tx_keyidx, NULL, 0,
-				ssid->wep_key[i], ssid->wep_key_len[i]);
+				ssid->wep_key[i], ssid->wep_key_len[i],
+				i == ssid->wep_tx_keyidx ?
+				KEY_FLAG_GROUP_RX_TX_DEFAULT :
+				KEY_FLAG_GROUP_RX_TX);
 	}
 
 	return set;
 }
+#endif /* CONFIG_WEP */
 
 
 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
@@ -200,7 +205,8 @@ int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
 	/* TODO: should actually remember the previously used seq#, both for TX
 	 * and RX from each STA.. */
 
-	ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
+	ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen,
+			      KEY_FLAG_GROUP_RX_TX_DEFAULT);
 	os_memset(key, 0, sizeof(key));
 	return ret;
 }
@@ -393,7 +399,9 @@ void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
 				       struct wpa_ssid *ssid)
 {
+#ifdef CONFIG_WEP
 	int i;
+#endif /* CONFIG_WEP */
 
 	if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
 		wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
@@ -411,6 +419,7 @@ void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
 	wpa_s->group_cipher = WPA_CIPHER_NONE;
 	wpa_s->mgmt_group_cipher = 0;
 
+#ifdef CONFIG_WEP
 	for (i = 0; i < NUM_WEP_KEYS; i++) {
 		if (ssid->wep_key_len[i] > 5) {
 			wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
@@ -422,6 +431,7 @@ void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
 			break;
 		}
 	}
+#endif /* CONFIG_WEP */
 
 	wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
 	wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
@@ -477,6 +487,31 @@ void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
 }
 
 
+void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx)
+{
+	struct wpa_supplicant *wpa_s = eloop_ctx;
+
+	if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
+		return;
+	wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface");
+	wpa_bss_flush(wpa_s);
+}
+
+
+#ifdef CONFIG_TESTING_OPTIONS
+void wpas_clear_driver_signal_override(struct wpa_supplicant *wpa_s)
+{
+	struct driver_signal_override *dso;
+
+	while ((dso = dl_list_first(&wpa_s->drv_signal_override,
+				    struct driver_signal_override, list))) {
+		dl_list_del(&dso->list);
+		os_free(dso);
+	}
+}
+#endif /* CONFIG_TESTING_OPTIONS */
+
+
 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
 {
 	int i;
@@ -502,10 +537,13 @@ static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
 	wpa_s->last_assoc_req_wpa_ie = NULL;
 	os_free(wpa_s->extra_sae_rejected_groups);
 	wpa_s->extra_sae_rejected_groups = NULL;
+	wpabuf_free(wpa_s->rsne_override_eapol);
+	wpa_s->rsne_override_eapol = NULL;
 	wpabuf_free(wpa_s->rsnxe_override_assoc);
 	wpa_s->rsnxe_override_assoc = NULL;
 	wpabuf_free(wpa_s->rsnxe_override_eapol);
 	wpa_s->rsnxe_override_eapol = NULL;
+	wpas_clear_driver_signal_override(wpa_s);
 #endif /* CONFIG_TESTING_OPTIONS */
 
 	if (wpa_s->conf != NULL) {
@@ -552,6 +590,7 @@ static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
 
 	eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
+	eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL);
 
 	wpas_wps_deinit(wpa_s);
 
@@ -708,12 +747,17 @@ void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
 		if (wpa_s->keys_cleared & BIT(i))
 			continue;
 		wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
-				NULL, 0);
+				NULL, 0, KEY_FLAG_GROUP);
 	}
-	if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
+	/* Pairwise Key ID 1 for Extended Key ID is tracked in bit 15 */
+	if (~wpa_s->keys_cleared & (BIT(0) | BIT(15)) && addr &&
 	    !is_zero_ether_addr(addr)) {
-		wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
-				0);
+		if (!(wpa_s->keys_cleared & BIT(0)))
+			wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL,
+					0, NULL, 0, KEY_FLAG_PAIRWISE);
+		if (!(wpa_s->keys_cleared & BIT(15)))
+			wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 1, 0, NULL,
+					0, NULL, 0, KEY_FLAG_PAIRWISE);
 		/* MLME-SETPROTECTION.request(None) */
 		wpa_drv_mlme_setprotection(
 			wpa_s, addr,
@@ -1242,7 +1286,7 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
 			      u8 *wpa_ie, size_t *wpa_ie_len)
 {
 	struct wpa_ie_data ie;
-	int sel, proto;
+	int sel, proto, sae_pwe;
 	const u8 *bss_wpa, *bss_rsn, *bss_rsnx, *bss_osen;
 
 	if (bss) {
@@ -1421,13 +1465,18 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
 #endif /* CONFIG_NO_WPA */
 
 	sel = ie.key_mgmt & ssid->key_mgmt;
-	wpa_dbg(wpa_s, MSG_DEBUG,
-		"WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
-		ie.key_mgmt, ssid->key_mgmt, sel);
 #ifdef CONFIG_SAE
 	if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
 		sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
 #endif /* CONFIG_SAE */
+#ifdef CONFIG_IEEE80211R
+	if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME |
+				  WPA_DRIVER_FLAGS_UPDATE_FT_IES)))
+		sel &= ~WPA_KEY_MGMT_FT;
+#endif /* CONFIG_IEEE80211R */
+	wpa_dbg(wpa_s, MSG_DEBUG,
+		"WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
+		ie.key_mgmt, ssid->key_mgmt, sel);
 	if (0) {
 #ifdef CONFIG_IEEE80211R
 #ifdef CONFIG_SHA384
@@ -1587,7 +1636,34 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
 #ifdef CONFIG_OCV
 	wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
 #endif /* CONFIG_OCV */
-	wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, wpa_s->conf->sae_pwe);
+	sae_pwe = wpa_s->conf->sae_pwe;
+	if (ssid->sae_password_id && sae_pwe != 3)
+		sae_pwe = 1;
+	wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe);
+
+	/* Extended Key ID is only supported in infrastructure BSS so far */
+	if (ssid->mode == WPAS_MODE_INFRA && wpa_s->conf->extended_key_id &&
+	    (ssid->proto & WPA_PROTO_RSN) &&
+	    ssid->pairwise_cipher & (WPA_CIPHER_CCMP | WPA_CIPHER_CCMP_256 |
+				     WPA_CIPHER_GCMP | WPA_CIPHER_GCMP_256) &&
+	    (wpa_s->drv_flags & WPA_DRIVER_FLAGS_EXTENDED_KEY_ID)) {
+		int use_ext_key_id = 0;
+
+		wpa_msg(wpa_s, MSG_DEBUG,
+			"WPA: Enable Extended Key ID support");
+		wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID,
+				 wpa_s->conf->extended_key_id);
+		if (bss_rsn &&
+		    wpa_s->conf->extended_key_id &&
+		    wpa_s->pairwise_cipher != WPA_CIPHER_TKIP &&
+		    (ie.capabilities & WPA_CAPABILITY_EXT_KEY_ID_FOR_UNICAST))
+			use_ext_key_id = 1;
+		wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID,
+				 use_ext_key_id);
+	} else {
+		wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID, 0);
+		wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID, 0);
+	}
 
 	if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
 		wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
@@ -1722,6 +1798,20 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
 	} else
 		wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
 
+	if (ssid->mode != WPAS_MODE_IBSS &&
+	    !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) &&
+	    (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_NEVER ||
+	     (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_LOCAL_OK &&
+	      !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS)))) {
+		wpa_msg(wpa_s, MSG_INFO,
+			"Disable PTK0 rekey support - replaced with reconnect");
+		wpa_s->deny_ptk0_rekey = 1;
+		wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 1);
+	} else {
+		wpa_s->deny_ptk0_rekey = 0;
+		wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 0);
+	}
+
 	return 0;
 }
 
@@ -1963,7 +2053,8 @@ static void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid)
 	if (!password)
 		password = ssid->passphrase;
 
-	if (conf->sae_pwe == 0 || !password) {
+	if ((conf->sae_pwe == 0 && !ssid->sae_password_id) || !password ||
+	    conf->sae_pwe == 3) {
 		/* PT derivation not needed */
 		sae_deinit_pt(ssid->pt);
 		ssid->pt = NULL;
@@ -2018,6 +2109,7 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
 	int rand_style;
 
 	wpa_s->own_disconnect_req = 0;
+	wpa_s->own_reconnect_req = 0;
 
 	/*
 	 * If we are starting a new connection, any previously pending EAPOL
@@ -2031,6 +2123,7 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
 	else
 		rand_style = ssid->mac_addr;
 
+	wpa_s->multi_ap_ie = 0;
 	wmm_ac_clear_saved_tspecs(wpa_s);
 	wpa_s->reassoc_same_bss = 0;
 	wpa_s->reassoc_same_ess = 0;
@@ -2314,6 +2407,10 @@ void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
 	/* Allow HE on 2.4 GHz without VHT: see nl80211_put_freq_params() */
 	if (is_24ghz)
 		freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
+#ifdef CONFIG_HE_OVERRIDES
+	if (is_24ghz && ssid->disable_he)
+		freq->he_enabled = 0;
+#endif /* CONFIG_HE_OVERRIDES */
 
 	/* Setup higher BW only for 5 GHz */
 	if (mode->mode != HOSTAPD_MODE_IEEE80211A)
@@ -2336,8 +2433,10 @@ void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
 
 #ifdef CONFIG_HT_OVERRIDES
 	if (ssid->disable_ht40) {
+#ifdef CONFIG_VHT_OVERRIDES
 		if (ssid->disable_vht)
 			return;
+#endif /* CONFIG_VHT_OVERRIDES */
 		goto skip_ht40;
 	}
 #endif /* CONFIG_HT_OVERRIDES */
@@ -2434,8 +2533,8 @@ skip_ht40:
 	if (!vht_freq.vht_enabled)
 		return;
 
-	/* Enable HE for VHT */
-	vht_freq.he_enabled = mode->he_capab[ieee80211_mode].he_supported;
+	/* Enable HE with VHT for 5 GHz */
+	freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
 
 	/* setup center_freq1, bandwidth */
 	for (j = 0; j < ARRAY_SIZE(vht80); j++) {
@@ -2510,6 +2609,12 @@ skip_ht40:
 #endif /* CONFIG_HT_OVERRIDES */
 	}
 
+#ifdef CONFIG_HE_OVERRIDES
+	if (ssid->disable_he) {
+		vht_freq.he_enabled = 0;
+		freq->he_enabled = 0;
+	}
+#endif /* CONFIG_HE_OVERRIDES */
 	if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
 				    freq->channel, ssid->enable_edmg,
 				    ssid->edmg_channel, freq->ht_enabled,
@@ -2828,7 +2933,7 @@ static u8 * wpas_populate_assoc_ies(
 #endif /* CONFIG_P2P */
 
 	if (bss) {
-		wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss->freq,
+		wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss,
 						    wpa_ie + wpa_ie_len,
 						    max_wpa_ie_len -
 						    wpa_ie_len);
@@ -2977,7 +3082,8 @@ static u8 * wpas_populate_assoc_ies(
 
 #ifdef CONFIG_DPP2
 	if (wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP &&
-	    ssid->dpp_netaccesskey) {
+	    ssid->dpp_netaccesskey &&
+	    ssid->dpp_pfs != 2 && !ssid->dpp_pfs_fallback) {
 		dpp_pfs_free(wpa_s->dpp_pfs);
 		wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey,
 					      ssid->dpp_netaccesskey_len);
@@ -3216,7 +3322,7 @@ get_supported_edmg(struct wpa_supplicant *wpa_s,
 	if (hw_mode == NUM_HOSTAPD_MODES)
 		goto fail;
 
-	mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode);
+	mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode, 0);
 	if (!mode)
 		goto fail;
 
@@ -3265,10 +3371,12 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
 	struct wpa_supplicant *wpa_s = work->wpa_s;
 	u8 *wpa_ie;
 	const u8 *edmg_ie_oper;
-	int use_crypt, ret, i, bssid_changed;
+	int use_crypt, ret, bssid_changed;
 	unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
 	struct wpa_driver_associate_params params;
+#if defined(CONFIG_WEP) || defined(IEEE8021X_EAPOL)
 	int wep_keys_set = 0;
+#endif /* CONFIG_WEP || IEEE8021X_EAPOL */
 	int assoc_failed = 0;
 	struct wpa_ssid *old_ssid;
 	u8 prev_bssid[ETH_ALEN];
@@ -3375,10 +3483,12 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
 	    wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
 		if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
 			use_crypt = 0;
+#ifdef CONFIG_WEP
 		if (wpa_set_wep_keys(wpa_s, ssid)) {
 			use_crypt = 1;
 			wep_keys_set = 1;
 		}
+#endif /* CONFIG_WEP */
 	}
 	if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
 		use_crypt = 0;
@@ -3523,12 +3633,18 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
 	wpa_s->auth_alg = params.auth_alg;
 	params.mode = ssid->mode;
 	params.bg_scan_period = ssid->bg_scan_period;
-	for (i = 0; i < NUM_WEP_KEYS; i++) {
-		if (ssid->wep_key_len[i])
-			params.wep_key[i] = ssid->wep_key[i];
-		params.wep_key_len[i] = ssid->wep_key_len[i];
+#ifdef CONFIG_WEP
+	{
+		int i;
+
+		for (i = 0; i < NUM_WEP_KEYS; i++) {
+			if (ssid->wep_key_len[i])
+				params.wep_key[i] = ssid->wep_key[i];
+			params.wep_key_len[i] = ssid->wep_key_len[i];
+		}
+		params.wep_tx_keyidx = ssid->wep_tx_keyidx;
 	}
-	params.wep_tx_keyidx = ssid->wep_tx_keyidx;
+#endif /* CONFIG_WEP */
 
 	if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
 	    (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
@@ -3605,6 +3721,9 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
 	params.vhtcaps_mask = &vhtcaps_mask;
 	wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
 #endif /* CONFIG_VHT_OVERRIDES */
+#ifdef CONFIG_HE_OVERRIDES
+	wpa_supplicant_apply_he_overrides(wpa_s, ssid, &params);
+#endif /* CONFIG_HE_OVERRIDES */
 
 #ifdef CONFIG_P2P
 	/*
@@ -3686,11 +3805,13 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
 		wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
 	}
 
+#ifdef CONFIG_WEP
 	if (wep_keys_set &&
 	    (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
 		/* Set static WEP keys again */
 		wpa_set_wep_keys(wpa_s, ssid);
 	}
+#endif /* CONFIG_WEP */
 
 	if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
 		/*
@@ -3804,6 +3925,15 @@ void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
 	wpa_supplicant_clear_connection(wpa_s, addr);
 }
 
+
+void wpa_supplicant_reconnect(struct wpa_supplicant *wpa_s)
+{
+	wpa_s->own_reconnect_req = 1;
+	wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED);
+
+}
+
+
 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
 					      struct wpa_ssid *ssid)
 {
@@ -4791,6 +4921,9 @@ wpa_supplicant_alloc(struct wpa_supplicant *parent)
 
 	dl_list_init(&wpa_s->bss_tmp_disallowed);
 	dl_list_init(&wpa_s->fils_hlp_req);
+#ifdef CONFIG_TESTING_OPTIONS
+	dl_list_init(&wpa_s->drv_signal_override);
+#endif /* CONFIG_TESTING_OPTIONS */
 
 	return wpa_s;
 }
@@ -5153,6 +5286,19 @@ void wpa_supplicant_apply_vht_overrides(
 #endif /* CONFIG_VHT_OVERRIDES */
 
 
+#ifdef CONFIG_HE_OVERRIDES
+void wpa_supplicant_apply_he_overrides(
+	struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
+	struct wpa_driver_associate_params *params)
+{
+	if (!ssid)
+		return;
+
+	params->disable_he = ssid->disable_he;
+}
+#endif /* CONFIG_HE_OVERRIDES */
+
+
 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
 {
 #ifdef PCSC_FUNCS
@@ -6095,7 +6241,6 @@ static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
 		wpa_s->drv_capa_known = 1;
 		wpa_s->drv_flags = capa.flags;
 		wpa_s->drv_enc = capa.enc;
-		wpa_s->drv_smps_modes = capa.smps_modes;
 		wpa_s->drv_rrm_flags = capa.rrm_flags;
 		wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
 		wpa_s->max_scan_ssids = capa.max_scan_ssids;
@@ -6319,11 +6464,17 @@ static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
 
 	wpa_s->disconnected = 1;
 	if (wpa_s->drv_priv) {
-		wpa_supplicant_deauthenticate(wpa_s,
-					      WLAN_REASON_DEAUTH_LEAVING);
+		/* Don't deauthenticate if WoWLAN is enabled */
+		if (!wpa_drv_get_wowlan(wpa_s)) {
+			wpa_supplicant_deauthenticate(
+				wpa_s, WLAN_REASON_DEAUTH_LEAVING);
 
-		wpa_drv_set_countermeasures(wpa_s, 0);
-		wpa_clear_keys(wpa_s, NULL);
+			wpa_drv_set_countermeasures(wpa_s, 0);
+			wpa_clear_keys(wpa_s, NULL);
+		} else {
+			wpa_msg(wpa_s, MSG_INFO,
+				"Do not deauthenticate as part of interface deinit since WoWLAN is enabled");
+		}
 	}
 
 	wpa_supplicant_cleanup(wpa_s);
@@ -6704,7 +6855,7 @@ struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
 
 	if (params->wpa_debug_file_path)
 		wpa_debug_open_file(params->wpa_debug_file_path);
-	else
+	if (!params->wpa_debug_file_path && !params->wpa_debug_syslog)
 		wpa_debug_setup_stdout();
 	if (params->wpa_debug_syslog)
 		wpa_debug_open_syslog();
@@ -6772,7 +6923,7 @@ struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
 	wpa_debug_timestamp = global->params.wpa_debug_timestamp =
 		params->wpa_debug_timestamp;
 
-	wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
+	wpa_printf(MSG_DEBUG, "wpa_supplicant v%s", VERSION_STR);
 
 	if (eloop_init()) {
 		wpa_printf(MSG_ERROR, "Failed to initialize event loop");
@@ -7036,7 +7187,7 @@ void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
 	 * There is no point in blacklisting the AP if this event is
 	 * generated based on local request to disconnect.
 	 */
-	if (wpa_s->own_disconnect_req) {
+	if (wpa_s->own_disconnect_req || wpa_s->own_reconnect_req) {
 		wpa_s->own_disconnect_req = 0;
 		wpa_dbg(wpa_s, MSG_DEBUG,
 			"Ignore connection failure due to local request to disconnect");
@@ -7301,8 +7452,10 @@ int wpa_supplicant_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
 
 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
 {
+#ifdef CONFIG_WEP
 	int i;
 	unsigned int drv_enc;
+#endif /* CONFIG_WEP */
 
 	if (wpa_s->p2p_mgmt)
 		return 1; /* no normal network profiles on p2p_mgmt interface */
@@ -7313,6 +7466,7 @@ int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
 	if (ssid->disabled)
 		return 1;
 
+#ifdef CONFIG_WEP
 	if (wpa_s->drv_capa_known)
 		drv_enc = wpa_s->drv_enc;
 	else
@@ -7330,6 +7484,7 @@ int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
 			continue;
 		return 1; /* invalid WEP key */
 	}
+#endif /* CONFIG_WEP */
 
 	if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
 	    (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
@@ -7727,12 +7882,17 @@ int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
 
 
 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
-				   u16 num_modes, enum hostapd_hw_mode mode)
+				   u16 num_modes, enum hostapd_hw_mode mode,
+				   int is_6ghz)
 {
 	u16 i;
 
 	for (i = 0; i < num_modes; i++) {
-		if (modes[i].mode == mode)
+		if (modes[i].mode != mode ||
+		    !modes[i].num_channels || !modes[i].channels)
+			continue;
+		if ((!is_6ghz && !is_6ghz_freq(modes[i].channels[0].freq)) ||
+		    (is_6ghz && is_6ghz_freq(modes[i].channels[0].freq)))
 			return &modes[i];
 	}
 
@@ -7909,3 +8069,87 @@ int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
 
 	return 0;
 }
+
+
+int wpa_drv_signal_poll(struct wpa_supplicant *wpa_s,
+			struct wpa_signal_info *si)
+{
+	int res;
+
+	if (!wpa_s->driver->signal_poll)
+		return -1;
+
+	res = wpa_s->driver->signal_poll(wpa_s->drv_priv, si);
+
+#ifdef CONFIG_TESTING_OPTIONS
+	if (res == 0) {
+		struct driver_signal_override *dso;
+
+		dl_list_for_each(dso, &wpa_s->drv_signal_override,
+				 struct driver_signal_override, list) {
+			if (os_memcmp(wpa_s->bssid, dso->bssid,
+				      ETH_ALEN) != 0)
+				continue;
+			wpa_printf(MSG_DEBUG,
+				   "Override driver signal_poll information: current_signal: %d->%d avg_signal: %d->%d avg_beacon_signal: %d->%d current_noise: %d->%d",
+				   si->current_signal,
+				   dso->si_current_signal,
+				   si->avg_signal,
+				   dso->si_avg_signal,
+				   si->avg_beacon_signal,
+				   dso->si_avg_beacon_signal,
+				   si->current_noise,
+				   dso->si_current_noise);
+			si->current_signal = dso->si_current_signal;
+			si->avg_signal = dso->si_avg_signal;
+			si->avg_beacon_signal = dso->si_avg_beacon_signal;
+			si->current_noise = dso->si_current_noise;
+			break;
+		}
+	}
+#endif /* CONFIG_TESTING_OPTIONS */
+
+	return res;
+}
+
+
+struct wpa_scan_results *
+wpa_drv_get_scan_results2(struct wpa_supplicant *wpa_s)
+{
+	struct wpa_scan_results *scan_res;
+#ifdef CONFIG_TESTING_OPTIONS
+	size_t idx;
+#endif /* CONFIG_TESTING_OPTIONS */
+
+	if (!wpa_s->driver->get_scan_results2)
+		return NULL;
+
+	scan_res = wpa_s->driver->get_scan_results2(wpa_s->drv_priv);
+
+#ifdef CONFIG_TESTING_OPTIONS
+	for (idx = 0; scan_res && idx < scan_res->num; idx++) {
+		struct driver_signal_override *dso;
+		struct wpa_scan_res *res = scan_res->res[idx];
+
+		dl_list_for_each(dso, &wpa_s->drv_signal_override,
+				 struct driver_signal_override, list) {
+			if (os_memcmp(res->bssid, dso->bssid, ETH_ALEN) != 0)
+				continue;
+			wpa_printf(MSG_DEBUG,
+				   "Override driver scan signal level %d->%d for "
+				   MACSTR,
+				   res->level, dso->scan_level,
+				   MAC2STR(res->bssid));
+			res->flags |= WPA_SCAN_QUAL_INVALID;
+			if (dso->scan_level < 0)
+				res->flags |= WPA_SCAN_LEVEL_DBM;
+			else
+				res->flags &= ~WPA_SCAN_LEVEL_DBM;
+			res->level = dso->scan_level;
+			break;
+		}
+	}
+#endif /* CONFIG_TESTING_OPTIONS */
+
+	return scan_res;
+}