hostapd: update to 2026-03-19

Remove upstreamed patch: - 001-PASN-Fix-the-compilation-errors-without-CONFIG_PASN.patch Add patch: - 001-RSN-Fix-pmksa_cache_flush-prototype-mismatch-in-non-.patch Link: https://github.com/openwrt/openwrt/pull/22517 Signed-off-by: Nick Hainke <vincent@systemli.org>
2026-06-17 14:50:15 +04:00 · 2026-03-20 10:58:20 +01:00
parent fde5d2e210
commit a47208bd96
30 changed files with 203 additions and 196 deletions
@@ -9,9 +9,9 @@ PKG_RELEASE:=1

 PKG_SOURCE_URL:=https://w1.fi/hostap.git
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_DATE:=2026-02-27
-PKG_SOURCE_VERSION:=8dbef087e65833dc173a9cfd7e9f980f84a1adf2
-PKG_MIRROR_HASH:=e3ac2746e603af3dd2e5f733270d889c5bdc1fd09f290e33c6c2b79443ba0f61
+PKG_SOURCE_DATE:=2026-03-19
+PKG_SOURCE_VERSION:=2a98e6b981fb3f81b3ce3aa5f3941e509f73c454
+PKG_MIRROR_HASH:=34487c2c24a93bb7ead4b1f850152bdab475ea897419be18b3dd3df2fdde6a7b

 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
 PKG_LICENSE:=BSD-3-Clause
@@ -1,26 +0,0 @@
-From ede0dd6448fc9e58d913cc4e57d2d5f531af899f Mon Sep 17 00:00:00 2001
-From: Nick Hainke <vincent@systemli.org>
-Date: Sun, 1 Mar 2026 17:31:14 +0100
-Subject: [PATCH] PASN: Fix the compilation errors without CONFIG_PASN
-
-Fix the compilation errors by protecting the access to pasn in
-wpas_request_connection for the CONFIG_PASN disabled case.
-
-Fixes: 5f3a47346be5 ("EPPKE: EPPKE authentication for SME-in-wpa_supplicant case")
-Signed-off-by: Nick Hainke <vincent@systemli.org>
---
- wpa_supplicant/wpa_supplicant.c | 2 ++
- 1 file changed, 2 insertions(+)
-
--- a/wpa_supplicant/wpa_supplicant.c
-+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -9516,7 +9516,9 @@ void wpas_request_connection(struct wpa_
- 	wpa_s->disconnected = 0;
- 	wpa_s->reassociate = 1;
- 	wpa_s->last_owe_group = 0;
-+#ifdef CONFIG_PASN
- 	wpa_pasn_reset(&wpa_s->pasn);
-+#endif /* CONFIG_PASN */
- 
- 	if (wpa_supplicant_fast_associate(wpa_s) != 1)
- 		wpa_supplicant_req_scan(wpa_s, 0, 0);
@@ -0,0 +1,33 @@
+From 3650b847ca9dac1e38c09116321010f33c4dc194 Mon Sep 17 00:00:00 2001
+From: Nick Hainke <vincent@systemli.org>
+Date: Fri, 20 Mar 2026 11:08:19 +0100
+Subject: [PATCH] RSN: Fix pmksa_cache_flush prototype mismatch in
+ non-IEEE8021X_EAPOL case
+
+Fix compilation error caused by conflicting declarations of
+pmksa_cache_flush() when IEEE8021X_EAPOL is not enabled or
+CONFIG_NO_WPA is set. The function definition in pmksa_cache.c
+was missing the addr parameter present in the header declaration
+for this build configuration.
+
+Align the implementation with the header by adding the missing
+parameter.
+
+Fixes: e6dbaa673f39 ("SAE: Limit PMKSA flushing on failure to the current BSS")
+Signed-off-by: Nick Hainke <vincent@systemli.org>
+---
+ src/rsn_supp/pmksa_cache.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/src/rsn_supp/pmksa_cache.c
+++ b/src/rsn_supp/pmksa_cache.c
+@@ -955,7 +955,8 @@ int pmksa_cache_set_current(struct wpa_s
+ 
+ 
+ void pmksa_cache_flush(struct rsn_pmksa_cache *pmksa, void *network_ctx,
+-		       const u8 *pmk, size_t pmk_len, bool external_only)
+		       const u8 *pmk, size_t pmk_len, bool external_only,
+		       const u8 *addr)
+ {
+ }
+ 
@@ -14,7 +14,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>

 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -3045,7 +3045,7 @@ static int drv_supports_vht(struct wpa_s
+@@ -3047,7 +3047,7 @@ static int drv_supports_vht(struct wpa_s
 }
 
 
@@ -23,7 +23,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
 {
 	int i;
 
-@@ -3054,7 +3054,10 @@ static bool ibss_mesh_is_80mhz_avail(int
+@@ -3056,7 +3056,10 @@ static bool ibss_mesh_is_80mhz_avail(int
 
 		chan = hw_get_channel_chan(mode, i, NULL);
 		if (!chan ||
@@ -35,7 +35,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
 			return false;
 	}
 
-@@ -3181,7 +3184,7 @@ static void ibss_mesh_select_40mhz(struc
+@@ -3183,7 +3186,7 @@ static void ibss_mesh_select_40mhz(struc
 				   const struct wpa_ssid *ssid,
 				   struct hostapd_hw_modes *mode,
 				   struct hostapd_freq_params *freq,
@@ -44,7 +44,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
 {
 	int chan_idx;
 	struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
-@@ -3212,8 +3215,11 @@ static void ibss_mesh_select_40mhz(struc
+@@ -3214,8 +3217,11 @@ static void ibss_mesh_select_40mhz(struc
 		return;
 
 	/* Check primary channel flags */
@@ -58,7 +58,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
 
 #ifdef CONFIG_HT_OVERRIDES
 	if (ssid->disable_ht40)
-@@ -3248,8 +3254,11 @@ static void ibss_mesh_select_40mhz(struc
+@@ -3250,8 +3256,11 @@ static void ibss_mesh_select_40mhz(struc
 		return;
 
 	/* Check secondary channel flags */
@@ -72,7 +72,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
 
 	if (freq->ht_enabled) {
 		if (ht40 == -1) {
-@@ -3327,7 +3336,7 @@ static bool ibss_mesh_select_80_160mhz(s
+@@ -3329,7 +3338,7 @@ static bool ibss_mesh_select_80_160mhz(s
 				       const struct wpa_ssid *ssid,
 				       struct hostapd_hw_modes *mode,
 				       struct hostapd_freq_params *freq,
@@ -81,7 +81,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
 	static const int bw80[] = {
 		5180, 5260, 5500, 5580, 5660, 5745, 5825,
 		5955, 6035, 6115, 6195, 6275, 6355, 6435,
-@@ -3380,7 +3389,7 @@ static bool ibss_mesh_select_80_160mhz(s
+@@ -3382,7 +3391,7 @@ static bool ibss_mesh_select_80_160mhz(s
 		goto skip_80mhz;
 
 	/* Use 40 MHz if channel not usable */
@@ -90,7 +90,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
 		goto skip_80mhz;
 
 	chwidth = CONF_OPER_CHWIDTH_80MHZ;
-@@ -3422,7 +3431,7 @@ static bool ibss_mesh_select_80_160mhz(s
+@@ -3424,7 +3433,7 @@ static bool ibss_mesh_select_80_160mhz(s
 	     HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) &&
 	    (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_160MHZ ||
 	     ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_320MHZ) &&
@@ -99,7 +99,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
 		for (j = 0; j < ARRAY_SIZE(bw160); j++) {
 			u8 start_chan;
 
-@@ -3445,11 +3454,11 @@ static bool ibss_mesh_select_80_160mhz(s
+@@ -3447,11 +3456,11 @@ static bool ibss_mesh_select_80_160mhz(s
 	     EHT_PHYCAP_320MHZ_IN_6GHZ_SUPPORT_MASK) && is_6ghz &&
 	    ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_320MHZ &&
 	    ibss_mesh_is_80mhz_avail(channel + 16 -
@@ -114,7 +114,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
 		for (j = 0; j < ARRAY_SIZE(bw320); j += 2) {
 			if (freq->freq >= bw320[j] &&
 			    freq->freq <= bw320[j + 1]) {
-@@ -3478,10 +3487,12 @@ static bool ibss_mesh_select_80_160mhz(s
+@@ -3480,10 +3489,12 @@ static bool ibss_mesh_select_80_160mhz(s
 				if (!chan)
 					continue;
 
@@ -131,7 +131,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
 
 				/* Found a suitable second segment for 80+80 */
 				chwidth = CONF_OPER_CHWIDTH_80P80MHZ;
-@@ -3536,6 +3547,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -3538,6 +3549,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
 	int obss_scan = 1;
 	u8 channel;
 	bool is_6ghz, is_24ghz;
@@ -139,7 +139,7 @@ Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
 
 	freq->freq = ssid->frequency;
 
-@@ -3579,9 +3591,9 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -3581,9 +3593,9 @@ void ibss_mesh_setup_freq(struct wpa_sup
 	/* Setup higher BW only for 5 and 6 GHz */
 	if (mode->mode == HOSTAPD_MODE_IEEE80211A) {
 		ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan,
@@ -68,7 +68,7 @@ Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
 		   chan_idx, num_available_chandefs);
 --- a/src/drivers/driver_nl80211.c
 +++ b/src/drivers/driver_nl80211.c
-@@ -12007,6 +12007,10 @@ static int nl80211_switch_channel(void *
+@@ -12010,6 +12010,10 @@ static int nl80211_switch_channel(void *
 	if (ret)
 		goto error;
 
@@ -4,7 +4,7 @@ Subject: [PATCH] fix adding back stations after a missed deauth/disassoc

 --- a/src/ap/ieee802_11.c
 +++ b/src/ap/ieee802_11.c
-@@ -5429,6 +5429,13 @@ static int add_associated_sta(struct hos
+@@ -5566,6 +5566,13 @@ static int add_associated_sta(struct hos
 	 * drivers to accept the STA parameter configuration. Since this is
 	 * after a new FT-over-DS exchange, a new TK has been derived, so key
 	 * reinstallation is not a concern for this case.
@@ -18,7 +18,7 @@ Subject: [PATCH] fix adding back stations after a missed deauth/disassoc
 	 */
 	wpa_printf(MSG_DEBUG, "Add associated STA " MACSTR
 		   " (added_unassoc=%d auth_alg=%u ft_over_ds=%u reassoc=%d authorized=%d ft_tk=%d fils_tk=%d)",
-@@ -5442,7 +5449,8 @@ static int add_associated_sta(struct hos
+@@ -5579,7 +5586,8 @@ static int add_associated_sta(struct hos
 	    (!(sta->flags & WLAN_STA_AUTHORIZED) ||
 	     (reassoc && sta->ft_over_ds && sta->auth_alg == WLAN_AUTH_FT) ||
 	     (!wpa_auth_sta_ft_tk_already_set(sta->wpa_sm) &&
@@ -20,7 +20,7 @@ Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

 --- a/src/ap/hostapd.c
 +++ b/src/ap/hostapd.c
-@@ -4127,6 +4127,8 @@ int hostapd_remove_iface(struct hapd_int
+@@ -4123,6 +4123,8 @@ int hostapd_remove_iface(struct hapd_int
 void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta,
 			   int reassoc)
 {
@@ -29,7 +29,7 @@ Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
 	if (hapd->tkip_countermeasures) {
 		hostapd_drv_sta_deauth(hapd, sta->addr,
 				       WLAN_REASON_MICHAEL_MIC_FAILURE);
-@@ -4134,10 +4136,16 @@ void hostapd_new_assoc_sta(struct hostap
+@@ -4130,10 +4132,16 @@ void hostapd_new_assoc_sta(struct hostap
 	}
 
 #ifdef CONFIG_IEEE80211BE
@@ -26,7 +26,7 @@ Signed-off-by: David Bauer <mail@david-bauer.net>

 --- a/src/drivers/driver.h
 +++ b/src/drivers/driver.h
-@@ -2466,6 +2466,9 @@ struct wpa_driver_capa {
+@@ -2467,6 +2467,9 @@ struct wpa_driver_capa {
 	/** Maximum number of iterations in a single scan plan */
 	u32 max_sched_scan_plan_iterations;
 
@@ -9,7 +9,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>

 --- a/src/ap/hostapd.c
 +++ b/src/ap/hostapd.c
-@@ -502,7 +502,7 @@ void hostapd_free_hapd_data(struct hosta
+@@ -498,7 +498,7 @@ void hostapd_free_hapd_data(struct hosta
 		struct hapd_interfaces *ifaces = hapd->iface->interfaces;
 		size_t i;
 
@@ -21,7 +21,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>

 --- a/hostapd/Makefile
 +++ b/hostapd/Makefile
-@@ -764,6 +764,40 @@ endif
+@@ -769,6 +769,40 @@ endif
 CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\"
 endif
 
@@ -62,7 +62,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ifeq ($(CONFIG_TLS), gnutls)
 ifndef CONFIG_CRYPTO
 # default to libgcrypt
-@@ -943,9 +977,11 @@ endif
+@@ -948,9 +982,11 @@ endif
 
 ifneq ($(CONFIG_TLS), openssl)
 ifneq ($(CONFIG_TLS), wolfssl)
@@ -74,7 +74,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ifdef NEED_AES_EAX
 AESOBJS += ../src/crypto/aes-eax.o
 NEED_AES_CTR=y
-@@ -955,38 +991,48 @@ AESOBJS += ../src/crypto/aes-siv.o
+@@ -960,38 +996,48 @@ AESOBJS += ../src/crypto/aes-siv.o
 NEED_AES_CTR=y
 endif
 ifdef NEED_AES_CTR
@@ -123,7 +123,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ifdef NEED_AES_DEC
 ifdef CONFIG_INTERNAL_AES
 AESOBJS += ../src/crypto/aes-internal-dec.o
-@@ -1001,12 +1047,16 @@ ifneq ($(CONFIG_TLS), openssl)
+@@ -1006,12 +1052,16 @@ ifneq ($(CONFIG_TLS), openssl)
 ifneq ($(CONFIG_TLS), linux)
 ifneq ($(CONFIG_TLS), gnutls)
 ifneq ($(CONFIG_TLS), wolfssl)
@@ -140,7 +140,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ifdef CONFIG_INTERNAL_SHA1
 SHA1OBJS += ../src/crypto/sha1-internal.o
 ifdef NEED_FIPS186_2_PRF
-@@ -1015,16 +1065,22 @@ endif
+@@ -1020,16 +1070,22 @@ endif
 endif
 ifneq ($(CONFIG_TLS), openssl)
 ifneq ($(CONFIG_TLS), wolfssl)
@@ -163,7 +163,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 
 ifdef NEED_SHA1
 OBJS += $(SHA1OBJS)
-@@ -1034,11 +1090,13 @@ ifneq ($(CONFIG_TLS), openssl)
+@@ -1039,11 +1095,13 @@ ifneq ($(CONFIG_TLS), openssl)
 ifneq ($(CONFIG_TLS), linux)
 ifneq ($(CONFIG_TLS), gnutls)
 ifneq ($(CONFIG_TLS), wolfssl)
@@ -177,7 +177,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 
 ifdef NEED_MD5
 ifdef CONFIG_INTERNAL_MD5
-@@ -1088,56 +1146,81 @@ ifneq ($(CONFIG_TLS), openssl)
+@@ -1096,56 +1154,81 @@ ifneq ($(CONFIG_TLS), openssl)
 ifneq ($(CONFIG_TLS), linux)
 ifneq ($(CONFIG_TLS), gnutls)
 ifneq ($(CONFIG_TLS), wolfssl)
@@ -259,7 +259,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 
 ifdef CONFIG_INTERNAL_SHA384
 CFLAGS += -DCONFIG_INTERNAL_SHA384
-@@ -1182,11 +1265,13 @@ HOBJS += $(SHA1OBJS)
+@@ -1190,11 +1273,13 @@ HOBJS += $(SHA1OBJS)
 ifneq ($(CONFIG_TLS), openssl)
 ifneq ($(CONFIG_TLS), linux)
 ifneq ($(CONFIG_TLS), wolfssl)
@@ -273,7 +273,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 
 ifdef CONFIG_RADIUS_SERVER
 CFLAGS += -DRADIUS_SERVER
-@@ -1365,7 +1450,9 @@ NOBJS += ../src/utils/trace.o
+@@ -1373,7 +1458,9 @@ NOBJS += ../src/utils/trace.o
 endif
 
 HOBJS += hlr_auc_gw.o ../src/utils/common.o ../src/utils/wpa_debug.o ../src/utils/os_$(CONFIG_OS).o ../src/utils/wpabuf.o ../src/crypto/milenage.o
@@ -283,7 +283,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ifdef CONFIG_INTERNAL_AES
 HOBJS += ../src/crypto/aes-internal.o
 HOBJS += ../src/crypto/aes-internal-enc.o
-@@ -1388,18 +1475,24 @@ SOBJS += ../src/common/sae.o
+@@ -1396,18 +1483,24 @@ SOBJS += ../src/common/sae.o
 SOBJS += ../src/common/sae_pk.o
 SOBJS += ../src/common/dragonfly.o
 SOBJS += $(AESOBJS)
@@ -7770,7 +7770,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 CONFIG_SIM_SIMULATOR=y
 --- a/wpa_supplicant/Makefile
 +++ b/wpa_supplicant/Makefile
-@@ -1256,6 +1256,29 @@ endif
+@@ -1265,6 +1265,29 @@ endif
 CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\"
 endif
 
@@ -7800,7 +7800,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ifeq ($(CONFIG_TLS), gnutls)
 ifndef CONFIG_CRYPTO
 # default to libgcrypt
-@@ -1448,9 +1471,11 @@ endif
+@@ -1457,9 +1480,11 @@ endif
 
 ifneq ($(CONFIG_TLS), openssl)
 ifneq ($(CONFIG_TLS), wolfssl)
@@ -7812,7 +7812,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ifdef CONFIG_OPENSSL_INTERNAL_AES_WRAP
 # Seems to be needed at least with BoringSSL
 NEED_INTERNAL_AES_WRAP=y
-@@ -1464,9 +1489,11 @@ endif
+@@ -1473,9 +1498,11 @@ endif
 
 ifdef NEED_INTERNAL_AES_WRAP
 ifneq ($(CONFIG_TLS), linux)
@@ -7824,7 +7824,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ifdef NEED_AES_EAX
 AESOBJS += ../src/crypto/aes-eax.o
 NEED_AES_CTR=y
-@@ -1476,35 +1503,45 @@ AESOBJS += ../src/crypto/aes-siv.o
+@@ -1485,35 +1512,45 @@ AESOBJS += ../src/crypto/aes-siv.o
 NEED_AES_CTR=y
 endif
 ifdef NEED_AES_CTR
@@ -7870,7 +7870,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ifdef NEED_AES_ENC
 ifdef CONFIG_INTERNAL_AES
 AESOBJS += ../src/crypto/aes-internal-enc.o
-@@ -1519,12 +1556,16 @@ ifneq ($(CONFIG_TLS), openssl)
+@@ -1528,12 +1565,16 @@ ifneq ($(CONFIG_TLS), openssl)
 ifneq ($(CONFIG_TLS), linux)
 ifneq ($(CONFIG_TLS), gnutls)
 ifneq ($(CONFIG_TLS), wolfssl)
@@ -7887,7 +7887,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ifdef CONFIG_INTERNAL_SHA1
 SHA1OBJS += ../src/crypto/sha1-internal.o
 ifdef NEED_FIPS186_2_PRF
-@@ -1536,29 +1577,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2
+@@ -1545,29 +1586,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2
 else
 ifneq ($(CONFIG_TLS), openssl)
 ifneq ($(CONFIG_TLS), wolfssl)
@@ -7925,7 +7925,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ifdef NEED_MD5
 ifdef CONFIG_INTERNAL_MD5
 MD5OBJS += ../src/crypto/md5-internal.o
-@@ -1613,12 +1662,17 @@ ifneq ($(CONFIG_TLS), openssl)
+@@ -1622,12 +1671,17 @@ ifneq ($(CONFIG_TLS), openssl)
 ifneq ($(CONFIG_TLS), linux)
 ifneq ($(CONFIG_TLS), gnutls)
 ifneq ($(CONFIG_TLS), wolfssl)
@@ -7943,7 +7943,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ifdef CONFIG_INTERNAL_SHA256
 SHA256OBJS += ../src/crypto/sha256-internal.o
 endif
-@@ -1631,50 +1685,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512
+@@ -1640,50 +1694,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512
 SHA256OBJS += ../src/crypto/sha512-internal.o
 endif
 ifdef NEED_TLS_PRF_SHA256
@@ -8012,7 +8012,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 
 ifdef NEED_ASN1
 OBJS += ../src/tls/asn1.o
-@@ -1849,10 +1921,12 @@ ifdef CONFIG_FIPS
+@@ -1858,10 +1930,12 @@ ifdef CONFIG_FIPS
 CFLAGS += -DCONFIG_FIPS
 ifneq ($(CONFIG_TLS), openssl)
 ifneq ($(CONFIG_TLS), wolfssl)
@@ -12,7 +12,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>

 --- a/hostapd/Makefile
 +++ b/hostapd/Makefile
-@@ -778,10 +778,6 @@ endif
+@@ -783,10 +783,6 @@ endif
 OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
 HOBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
 SOBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
@@ -101,7 +101,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 
 --- a/wpa_supplicant/Makefile
 +++ b/wpa_supplicant/Makefile
-@@ -1267,10 +1267,6 @@ endif
+@@ -1276,10 +1276,6 @@ endif
 OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
 OBJS_p += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
 OBJS_priv += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
@@ -61,7 +61,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>

 --- a/hostapd/Makefile
 +++ b/hostapd/Makefile
-@@ -714,6 +714,7 @@ CFLAGS += -DCONFIG_TLSV12
+@@ -719,6 +719,7 @@ CFLAGS += -DCONFIG_TLSV12
 endif
 
 ifeq ($(CONFIG_TLS), wolfssl)
@@ -69,7 +69,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 CFLAGS += -DCRYPTO_RSA_OAEP_SHA256
 CONFIG_CRYPTO=wolfssl
 ifdef TLS_FUNCS
-@@ -735,6 +736,7 @@ endif
+@@ -740,6 +741,7 @@ endif
 endif
 
 ifeq ($(CONFIG_TLS), openssl)
@@ -77,7 +77,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 CFLAGS += -DCRYPTO_RSA_OAEP_SHA256
 CONFIG_CRYPTO=openssl
 ifdef TLS_FUNCS
-@@ -765,6 +767,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF
+@@ -770,6 +772,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF
 endif
 
 ifeq ($(CONFIG_TLS), mbedtls)
@@ -85,7 +85,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ifndef CONFIG_CRYPTO
 CONFIG_CRYPTO=mbedtls
 endif
-@@ -795,6 +798,7 @@ endif
+@@ -800,6 +803,7 @@ endif
 endif
 
 ifeq ($(CONFIG_TLS), gnutls)
@@ -93,7 +93,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ifndef CONFIG_CRYPTO
 # default to libgcrypt
 CONFIG_CRYPTO=gnutls
-@@ -825,6 +829,7 @@ endif
+@@ -830,6 +834,7 @@ endif
 endif
 
 ifeq ($(CONFIG_TLS), internal)
@@ -101,7 +101,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ifndef CONFIG_CRYPTO
 CONFIG_CRYPTO=internal
 endif
-@@ -903,6 +908,7 @@ endif
+@@ -908,6 +913,7 @@ endif
 endif
 
 ifeq ($(CONFIG_TLS), linux)
@@ -1289,7 +1289,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 		if (need_more_data) {
 --- a/wpa_supplicant/Makefile
 +++ b/wpa_supplicant/Makefile
-@@ -1214,6 +1214,7 @@ TLS_FUNCS=y
+@@ -1223,6 +1223,7 @@ TLS_FUNCS=y
 endif
 
 ifeq ($(CONFIG_TLS), wolfssl)
@@ -1297,7 +1297,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 CFLAGS += -DCRYPTO_RSA_OAEP_SHA256
 ifdef TLS_FUNCS
 CFLAGS += -DWOLFSSL_DER_LOAD
-@@ -1230,6 +1231,7 @@ LIBS_p += -lwolfssl -lm
+@@ -1239,6 +1240,7 @@ LIBS_p += -lwolfssl -lm
 endif
 
 ifeq ($(CONFIG_TLS), openssl)
@@ -1305,7 +1305,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 CFLAGS += -DCRYPTO_RSA_OAEP_SHA256
 ifdef TLS_FUNCS
 CFLAGS += -DEAP_TLS_OPENSSL
-@@ -1257,6 +1259,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF
+@@ -1266,6 +1268,7 @@ CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONF
 endif
 
 ifeq ($(CONFIG_TLS), mbedtls)
@@ -1313,7 +1313,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ifndef CONFIG_CRYPTO
 CONFIG_CRYPTO=mbedtls
 endif
-@@ -1276,6 +1279,7 @@ endif
+@@ -1285,6 +1288,7 @@ endif
 endif
 
 ifeq ($(CONFIG_TLS), gnutls)
@@ -1321,7 +1321,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ifndef CONFIG_CRYPTO
 # default to libgcrypt
 CONFIG_CRYPTO=gnutls
-@@ -1306,6 +1310,7 @@ endif
+@@ -1315,6 +1319,7 @@ endif
 endif
 
 ifeq ($(CONFIG_TLS), internal)
@@ -1329,7 +1329,7 @@ Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 ifndef CONFIG_CRYPTO
 CONFIG_CRYPTO=internal
 endif
-@@ -1386,6 +1391,7 @@ endif
+@@ -1395,6 +1400,7 @@ endif
 endif
 
 ifeq ($(CONFIG_TLS), linux)
@@ -130,7 +130,7 @@ Signed-off-by: P Praneesh <ppranees@codeaurora.org>
 #undef VHT_CAP_CHECK_MAX
 --- a/src/common/ieee802_11_defs.h
 +++ b/src/common/ieee802_11_defs.h
-@@ -1467,6 +1467,8 @@ struct ieee80211_ampe_ie {
+@@ -1468,6 +1468,8 @@ struct ieee80211_ampe_ie {
 #define VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB     ((u32) BIT(26) | BIT(27))
 #define VHT_CAP_RX_ANTENNA_PATTERN                  ((u32) BIT(28))
 #define VHT_CAP_TX_ANTENNA_PATTERN                  ((u32) BIT(29))
@@ -1,6 +1,6 @@
 --- a/src/ap/hostapd.c
 +++ b/src/ap/hostapd.c
-@@ -2477,7 +2477,11 @@ static int hostapd_owe_iface_iter(struct
+@@ -2473,7 +2473,11 @@ static int hostapd_owe_iface_iter(struct
 		if (!bss->conf->ssid.ssid_set || !bss->conf->ssid.ssid_len ||
 		    is_zero_ether_addr(bss->own_addr))
 			continue;
@@ -13,7 +13,7 @@
 		os_memcpy(hapd->conf->owe_transition_bssid, bss->own_addr,
 			  ETH_ALEN);
 		os_memcpy(hapd->conf->owe_transition_ssid,
-@@ -2494,10 +2498,6 @@ static int hostapd_owe_iface_iter(struct
+@@ -2490,10 +2494,6 @@ static int hostapd_owe_iface_iter(struct
 
 int hostapd_owe_trans_get_info(struct hostapd_data *hapd)
 {
@@ -9,7 +9,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>

 --- a/hostapd/config_file.c
 +++ b/hostapd/config_file.c
-@@ -4957,6 +4957,8 @@ static int hostapd_config_fill(struct ho
+@@ -4959,6 +4959,8 @@ static int hostapd_config_fill(struct ho
 		conf->punct_acs_threshold = val;
 	} else if (os_strcmp(buf, "mld_ap") == 0) {
 		bss->mld_ap = !!atoi(pos);
@@ -43,7 +43,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	 * If set indicate the AP as disabled in the RNR element included in the
 --- a/src/ap/hostapd.c
 +++ b/src/ap/hostapd.c
-@@ -3120,7 +3120,10 @@ struct hostapd_iface * hostapd_alloc_ifa
+@@ -3116,7 +3116,10 @@ struct hostapd_iface * hostapd_alloc_ifa
 #ifdef CONFIG_IEEE80211BE
 static void hostapd_bss_alloc_link_id(struct hostapd_data *hapd)
 {
@@ -43,7 +43,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
 LIBS += $(DRV_AP_LIBS)
 
 ifdef CONFIG_L2_PACKET
-@@ -1416,6 +1422,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR)
+@@ -1424,6 +1430,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR)
 _OBJS_VAR := OBJS
 include ../src/objs.mk
 
@@ -56,7 +56,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
 hostapd: $(OBJS)
 	$(Q)$(CC) $(LDFLAGS) -o hostapd $(OBJS) $(LIBS)
 	@$(E) "  LD " $@
-@@ -1504,6 +1516,12 @@ include ../src/objs.mk
+@@ -1512,6 +1524,12 @@ include ../src/objs.mk
 _OBJS_VAR := SOBJS
 include ../src/objs.mk
 
@@ -116,7 +116,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
 	struct hapd_interfaces *interfaces = ctx;
 --- a/src/drivers/driver.h
 +++ b/src/drivers/driver.h
-@@ -7290,8 +7290,8 @@ union wpa_event_data {
+@@ -7291,8 +7291,8 @@ union wpa_event_data {
  * Driver wrapper code should call this function whenever an event is received
  * from the driver.
  */
@@ -127,7 +127,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
 
 /**
  * wpa_supplicant_event_global - Report a driver event for wpa_supplicant
-@@ -7303,7 +7303,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -7304,7 +7304,7 @@ void wpa_supplicant_event(void *ctx, enu
  * Same as wpa_supplicant_event(), but we search for the interface in
  * wpa_global.
  */
@@ -159,7 +159,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
 include ../src/build.rules
 
 ifdef CONFIG_BUILD_PASN_SO
-@@ -407,7 +408,9 @@ endif
+@@ -411,7 +412,9 @@ endif
 ifdef CONFIG_IBSS_RSN
 NEED_RSN_AUTHENTICATOR=y
 CFLAGS += -DCONFIG_IBSS_RSN
@@ -169,7 +169,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
 OBJS += ibss_rsn.o
 endif
 
-@@ -1006,6 +1009,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS
+@@ -1015,6 +1018,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS
 CFLAGS += -DCONFIG_DYNAMIC_EAP_METHODS
 LIBS += -ldl -rdynamic
 endif
@@ -180,7 +180,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
 endif
 
 ifdef CONFIG_AP
-@@ -1013,9 +1020,11 @@ NEED_EAP_COMMON=y
+@@ -1022,9 +1029,11 @@ NEED_EAP_COMMON=y
 NEED_RSN_AUTHENTICATOR=y
 CFLAGS += -DCONFIG_AP
 OBJS += ap.o
@@ -192,7 +192,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
 OBJS += ../src/ap/hostapd.o
 OBJS += ../src/ap/wpa_auth_glue.o
 OBJS += ../src/ap/utils.o
-@@ -1106,6 +1115,12 @@ endif
+@@ -1115,6 +1124,12 @@ endif
 ifdef CONFIG_HS20
 OBJS += ../src/ap/hs20.o
 endif
@@ -205,7 +205,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
 endif
 
 ifdef CONFIG_MBO
-@@ -1115,7 +1130,9 @@ NEED_GAS=y
+@@ -1124,7 +1139,9 @@ NEED_GAS=y
 endif
 
 ifdef NEED_RSN_AUTHENTICATOR
@@ -215,7 +215,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
 NEED_AES_WRAP=y
 OBJS += ../src/ap/wpa_auth.o
 OBJS += ../src/ap/wpa_auth_ie.o
-@@ -2111,6 +2128,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
+@@ -2124,6 +2141,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
 
 _OBJS_VAR := OBJS
 include ../src/objs.mk
@@ -228,7 +228,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
 wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
 	$(Q)$(LDO) $(LDFLAGS) -o wpa_supplicant $(OBJS) $(LIBS) $(EXTRALIBS)
 	@$(E) "  LD " $@
-@@ -2243,6 +2266,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK)
+@@ -2256,6 +2279,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK)
 	$(Q)sed -e 's|\@BINDIR\@|$(BINDIR)|g' $< >$@
 	@$(E) "  sed" $<
 
@@ -278,7 +278,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
 	os_memset(&eapol_test, 0, sizeof(eapol_test));
 --- a/wpa_supplicant/events.c
 +++ b/wpa_supplicant/events.c
-@@ -6519,8 +6519,8 @@ static int wpas_pasn_auth(struct wpa_sup
+@@ -6618,8 +6618,8 @@ static int wpas_pasn_auth(struct wpa_sup
 #endif /* CONFIG_PASN */
 
 
@@ -289,7 +289,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
 {
 	struct wpa_supplicant *wpa_s = ctx;
 	int resched;
-@@ -7514,7 +7514,7 @@ void wpa_supplicant_event(void *ctx, enu
+@@ -7613,7 +7613,7 @@ void wpa_supplicant_event(void *ctx, enu
 }
 
 
@@ -331,7 +331,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
 	os_memset(&global, 0, sizeof(global));
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -8262,7 +8262,6 @@ struct wpa_interface * wpa_supplicant_ma
+@@ -8253,7 +8253,6 @@ struct wpa_interface * wpa_supplicant_ma
 	return NULL;
 }
 
@@ -339,7 +339,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
 /**
  * wpa_supplicant_match_existing - Match existing interfaces
  * @global: Pointer to global data from wpa_supplicant_init()
-@@ -8297,6 +8296,11 @@ static int wpa_supplicant_match_existing
+@@ -8288,6 +8287,11 @@ static int wpa_supplicant_match_existing
 
 #endif /* CONFIG_MATCH_IFACE */
 
@@ -351,7 +351,7 @@ This allows building both hostapd and wpa_supplicant as a single binary
 
 /**
  * wpa_supplicant_add_iface - Add a new network interface
-@@ -8553,6 +8557,8 @@ struct wpa_global * wpa_supplicant_init(
+@@ -8544,6 +8548,8 @@ struct wpa_global * wpa_supplicant_init(
 #ifndef CONFIG_NO_WPA_MSG
 	wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
 #endif /* CONFIG_NO_WPA_MSG */
@@ -5,7 +5,7 @@ Subject: [PATCH] hostapd: build with LTO enabled (using jobserver for parallel

 --- a/hostapd/Makefile
 +++ b/hostapd/Makefile
-@@ -1429,7 +1429,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS)
+@@ -1437,7 +1437,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS)
 	@$(AR) cr $@ hostapd_multi.o $(OBJS)
 
 hostapd: $(OBJS)
@@ -14,7 +14,7 @@ Subject: [PATCH] hostapd: build with LTO enabled (using jobserver for parallel
 	@$(E) "  LD " $@
 
 ifdef CONFIG_WPA_TRACE
-@@ -1440,7 +1440,7 @@ _OBJS_VAR := OBJS_c
+@@ -1448,7 +1448,7 @@ _OBJS_VAR := OBJS_c
 include ../src/objs.mk
 
 hostapd_cli: $(OBJS_c)
@@ -25,7 +25,7 @@ Subject: [PATCH] hostapd: build with LTO enabled (using jobserver for parallel
 NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS)
 --- a/wpa_supplicant/Makefile
 +++ b/wpa_supplicant/Makefile
-@@ -2135,31 +2135,31 @@ wpa_supplicant_multi.a: .config $(BCHECK
+@@ -2148,31 +2148,31 @@ wpa_supplicant_multi.a: .config $(BCHECK
 	@$(AR) cr $@ wpa_supplicant_multi.o $(OBJS)
 
 wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
@@ -16,7 +16,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
 else
 --- a/hostapd/ctrl_iface.c
 +++ b/hostapd/ctrl_iface.c
-@@ -3977,6 +3977,7 @@ static int hostapd_ctrl_iface_receive_pr
+@@ -3978,6 +3978,7 @@ static int hostapd_ctrl_iface_receive_pr
 						      reply_size);
 	} else if (os_strcmp(buf, "STATUS-DRIVER") == 0) {
 		reply_len = hostapd_drv_status(hapd, reply, reply_size);
@@ -24,7 +24,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
 	} else if (os_strcmp(buf, "MIB") == 0) {
 		reply_len = ieee802_11_get_mib(hapd, reply, reply_size);
 		if (reply_len >= 0) {
-@@ -4018,6 +4019,7 @@ static int hostapd_ctrl_iface_receive_pr
+@@ -4019,6 +4020,7 @@ static int hostapd_ctrl_iface_receive_pr
 	} else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
 		reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply,
 							reply_size);
@@ -131,7 +131,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
 static void ieee802_1x_wnm_notif_send(void *eloop_ctx, void *timeout_ctx)
 --- a/src/ap/wpa_auth.c
 +++ b/src/ap/wpa_auth.c
-@@ -6483,6 +6483,7 @@ static const char * wpa_bool_txt(int val
+@@ -6490,6 +6490,7 @@ static const char * wpa_bool_txt(int val
 	return val ? "TRUE" : "FALSE";
 }
 
@@ -139,7 +139,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
 
 #define RSN_SUITE "%02x-%02x-%02x-%d"
 #define RSN_SUITE_ARG(s) \
-@@ -6635,7 +6636,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
+@@ -6642,7 +6643,7 @@ int wpa_get_mib_sta(struct wpa_state_mac
 
 	return len;
 }
@@ -150,7 +150,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
 {
 --- a/src/rsn_supp/wpa.c
 +++ b/src/rsn_supp/wpa.c
-@@ -4251,6 +4251,8 @@ static u32 wpa_key_mgmt_suite(struct wpa
+@@ -4253,6 +4253,8 @@ static u32 wpa_key_mgmt_suite(struct wpa
 }
 
 
@@ -159,7 +159,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
 #define RSN_SUITE "%02x-%02x-%02x-%d"
 #define RSN_SUITE_ARG(s) \
 ((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff
-@@ -4332,6 +4334,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch
+@@ -4334,6 +4336,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, ch
 
 	return (int) len;
 }
@@ -169,7 +169,7 @@ Subject: [PATCH] Remove some unnecessary control interface functionality
 
 --- a/wpa_supplicant/Makefile
 +++ b/wpa_supplicant/Makefile
-@@ -1064,6 +1064,9 @@ ifdef CONFIG_FILS
+@@ -1073,6 +1073,9 @@ ifdef CONFIG_FILS
 OBJS += ../src/ap/fils_hlp.o
 endif
 ifdef CONFIG_CTRL_IFACE
@@ -47,7 +47,7 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
 		/*
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -3117,7 +3117,7 @@ static bool ibss_mesh_can_use_vht(struct
+@@ -3119,7 +3119,7 @@ static bool ibss_mesh_can_use_vht(struct
 				  const struct wpa_ssid *ssid,
 				  struct hostapd_hw_modes *mode)
 {
@@ -56,7 +56,7 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
 		return false;
 
 	if (!drv_supports_vht(wpa_s, ssid))
-@@ -3191,7 +3191,7 @@ static void ibss_mesh_select_40mhz(struc
+@@ -3193,7 +3193,7 @@ static void ibss_mesh_select_40mhz(struc
 	int i, res;
 	unsigned int j;
 	static const int ht40plus_5ghz[] = {
@@ -65,7 +65,7 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
 		149, 157, 165, 173, 184, 192
 	};
 	static const int ht40plus_6ghz[] = {
-@@ -3544,7 +3544,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -3546,7 +3546,7 @@ void ibss_mesh_setup_freq(struct wpa_sup
 	int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
 	enum hostapd_hw_mode hw_mode;
 	struct hostapd_hw_modes *mode = NULL;
@@ -74,7 +74,7 @@ Subject: [PATCH] Allow HT40 also on 2.4GHz if noscan option is set, which also
 	u8 channel;
 	bool is_6ghz, is_24ghz;
 	bool dfs_enabled = wpa_s->conf->country[0] && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_RADAR);
-@@ -3588,6 +3588,8 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -3590,6 +3590,8 @@ void ibss_mesh_setup_freq(struct wpa_sup
 		freq->he_enabled = ibss_mesh_can_use_he(wpa_s, ssid, mode,
 							ieee80211_mode);
 	freq->channel = channel;
@@ -14,7 +14,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>

 --- a/src/drivers/driver.h
 +++ b/src/drivers/driver.h
-@@ -1022,6 +1022,9 @@ struct wpa_driver_associate_params {
+@@ -1023,6 +1023,9 @@ struct wpa_driver_associate_params {
 	 * responsible for selecting with which BSS to associate. */
 	const u8 *bssid;
 
@@ -155,7 +155,7 @@ Signed-hostap: Antonio Quartulli <ordex@autistici.org>
 	 * macsec_policy - Determines the policy for MACsec secure session
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -4756,6 +4756,12 @@ static void wpas_start_assoc_cb(struct w
+@@ -4758,6 +4758,12 @@ static void wpas_start_assoc_cb(struct w
 			params.beacon_int = ssid->beacon_int;
 		else
 			params.beacon_int = wpa_s->conf->beacon_int;
@@ -19,7 +19,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>

 --- a/src/drivers/driver.h
 +++ b/src/drivers/driver.h
-@@ -1968,6 +1968,7 @@ struct wpa_driver_mesh_join_params {
+@@ -1969,6 +1969,7 @@ struct wpa_driver_mesh_join_params {
 #define WPA_DRIVER_MESH_FLAG_AMPE	0x00000008
 	unsigned int flags;
 	bool handle_dfs;
@@ -29,7 +29,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
 struct wpa_driver_set_key_params {
 --- a/src/drivers/driver_nl80211.c
 +++ b/src/drivers/driver_nl80211.c
-@@ -12713,6 +12713,18 @@ static int nl80211_put_mesh_id(struct nl
+@@ -12716,6 +12716,18 @@ static int nl80211_put_mesh_id(struct nl
 }
 
 
@@ -48,7 +48,7 @@ Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
 static int nl80211_put_mesh_config(struct nl_msg *msg,
 				   struct wpa_driver_mesh_bss_params *params)
 {
-@@ -12774,6 +12786,7 @@ static int nl80211_join_mesh(struct i802
+@@ -12777,6 +12789,7 @@ static int nl80211_join_mesh(struct i802
 	    nl80211_put_basic_rates(msg, params->basic_rates) ||
 	    nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) ||
 	    nl80211_put_beacon_int(msg, params->beacon_int) ||
@@ -5,7 +5,7 @@ Subject: [PATCH] Fix issues with disabling obss scan when using fixed_freq on

 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -3551,6 +3551,10 @@ void ibss_mesh_setup_freq(struct wpa_sup
+@@ -3553,6 +3553,10 @@ void ibss_mesh_setup_freq(struct wpa_sup
 
 	freq->freq = ssid->frequency;
 
@@ -126,7 +126,7 @@ probe/assoc/auth requests via object subscribe.
 		if (is_dfs0 > 0 &&
 --- a/src/ap/hostapd.c
 +++ b/src/ap/hostapd.c
-@@ -492,6 +492,7 @@ void hostapd_free_hapd_data(struct hosta
+@@ -488,6 +488,7 @@ void hostapd_free_hapd_data(struct hosta
 	hapd->beacon_set_done = 0;
 
 	wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface);
@@ -134,7 +134,7 @@ probe/assoc/auth requests via object subscribe.
 	accounting_deinit(hapd);
 	hostapd_deinit_wpa(hapd);
 	vlan_deinit(hapd);
-@@ -1342,6 +1343,8 @@ static int hostapd_start_beacon(struct h
+@@ -1338,6 +1339,8 @@ static int hostapd_start_beacon(struct h
 	if (hapd->driver && hapd->driver->set_operstate)
 		hapd->driver->set_operstate(hapd->drv_priv, 1);
 
@@ -143,7 +143,7 @@ probe/assoc/auth requests via object subscribe.
 	return 0;
 }
 
-@@ -2582,6 +2585,7 @@ static int hostapd_setup_interface_compl
+@@ -2578,6 +2581,7 @@ static int hostapd_setup_interface_compl
 	if (err)
 		goto fail;
 
@@ -151,7 +151,7 @@ probe/assoc/auth requests via object subscribe.
 	wpa_printf(MSG_DEBUG, "Completing interface initialization");
 	if (iface->freq) {
 #ifdef NEED_AP_MLME
-@@ -2796,6 +2800,7 @@ dfs_offload:
+@@ -2792,6 +2796,7 @@ dfs_offload:
 
 fail:
 	wpa_printf(MSG_ERROR, "Interface initialization failed");
@@ -159,7 +159,7 @@ probe/assoc/auth requests via object subscribe.
 
 	if (iface->is_no_ir) {
 		hostapd_set_state(iface, HAPD_IFACE_NO_IR);
-@@ -3545,6 +3550,7 @@ void hostapd_interface_deinit_free(struc
+@@ -3541,6 +3546,7 @@ void hostapd_interface_deinit_free(struc
 		   (unsigned int) iface->conf->num_bss);
 	driver = iface->bss[0]->driver;
 	drv_priv = iface->bss[0]->drv_priv;
@@ -195,7 +195,7 @@ probe/assoc/auth requests via object subscribe.
 struct hostapd_iface * hostapd_alloc_iface(void);
 --- a/src/ap/ieee802_11.c
 +++ b/src/ap/ieee802_11.c
-@@ -3330,7 +3330,7 @@ static void handle_auth(struct hostapd_d
+@@ -3376,7 +3376,7 @@ static void handle_auth(struct hostapd_d
 	u16 auth_alg, auth_transaction, status_code;
 	u16 resp = WLAN_STATUS_SUCCESS;
 	struct sta_info *sta = NULL;
@@ -204,7 +204,7 @@ probe/assoc/auth requests via object subscribe.
 	u16 fc;
 	const u8 *challenge = NULL;
 	u8 resp_ies[2 + WLAN_AUTH_CHALLENGE_LEN];
-@@ -3369,6 +3369,11 @@ static void handle_auth(struct hostapd_d
+@@ -3415,6 +3415,11 @@ static void handle_auth(struct hostapd_d
 	else
 		sa = mgmt->sa;
 #endif /* CONFIG_IEEE80211BE */
@@ -216,7 +216,7 @@ probe/assoc/auth requests via object subscribe.
 
 	auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
 	auth_transaction = le_to_host16(mgmt->u.auth.auth_transaction);
-@@ -3538,6 +3543,13 @@ static void handle_auth(struct hostapd_d
+@@ -3584,6 +3589,13 @@ static void handle_auth(struct hostapd_d
 		resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
 		goto fail;
 	}
@@ -230,7 +230,7 @@ probe/assoc/auth requests via object subscribe.
 	if (res == HOSTAPD_ACL_PENDING)
 		return;
 
-@@ -6029,7 +6041,7 @@ static void handle_assoc(struct hostapd_
+@@ -6189,7 +6201,7 @@ static void handle_assoc(struct hostapd_
 	int resp = WLAN_STATUS_SUCCESS;
 	u16 reply_res = WLAN_STATUS_UNSPECIFIED_FAILURE;
 	const u8 *pos;
@@ -239,7 +239,7 @@ probe/assoc/auth requests via object subscribe.
 	struct sta_info *sta;
 	u8 *tmp = NULL;
 #ifdef CONFIG_FILS
-@@ -6283,6 +6295,11 @@ static void handle_assoc(struct hostapd_
+@@ -6445,6 +6457,11 @@ static void handle_assoc(struct hostapd_
 		left = res;
 	}
 #endif /* CONFIG_FILS */
@@ -251,7 +251,7 @@ probe/assoc/auth requests via object subscribe.
 
 	/* followed by SSID and Supported rates; and HT capabilities if 802.11n
 	 * is used */
-@@ -6375,6 +6392,7 @@ static void handle_assoc(struct hostapd_
+@@ -6537,6 +6554,7 @@ static void handle_assoc(struct hostapd_
 
 #ifdef CONFIG_TAXONOMY
 	taxonomy_sta_info_assoc_req(hapd, sta, pos, left);
@@ -259,7 +259,7 @@ probe/assoc/auth requests via object subscribe.
 #endif /* CONFIG_TAXONOMY */
 
 	sta->pending_wds_enable = 0;
-@@ -6388,6 +6406,13 @@ static void handle_assoc(struct hostapd_
+@@ -6550,6 +6568,13 @@ static void handle_assoc(struct hostapd_
 	}
 #endif /* CONFIG_FILS */
 
@@ -273,7 +273,7 @@ probe/assoc/auth requests via object subscribe.
  fail:
 
 	/*
-@@ -6626,6 +6651,7 @@ static void handle_disassoc(struct hosta
+@@ -6788,6 +6813,7 @@ static void handle_disassoc(struct hosta
 			   (unsigned long) len);
 		return;
 	}
@@ -281,7 +281,7 @@ probe/assoc/auth requests via object subscribe.
 
 	sta = ap_get_sta(hapd, mgmt->sa);
 	if (!sta) {
-@@ -6657,6 +6683,8 @@ static void handle_deauth(struct hostapd
+@@ -6819,6 +6845,8 @@ static void handle_deauth(struct hostapd
 	/* Clear the PTKSA cache entries for PASN */
 	ptksa_cache_flush(hapd->ptksa, mgmt->sa, WPA_CIPHER_NONE);
 
@@ -400,7 +400,7 @@ probe/assoc/auth requests via object subscribe.
 		    hapd->msg_ctx_parent != hapd->msg_ctx)
 --- a/src/ap/sta_info.h
 +++ b/src/ap/sta_info.h
-@@ -258,6 +258,7 @@ struct sta_info {
+@@ -265,6 +265,7 @@ struct sta_info {
 #ifdef CONFIG_TAXONOMY
 	struct wpabuf *probe_ie_taxonomy;
 	struct wpabuf *assoc_ie_taxonomy;
@@ -408,7 +408,7 @@ probe/assoc/auth requests via object subscribe.
 #endif /* CONFIG_TAXONOMY */
 
 #ifdef CONFIG_FILS
-@@ -305,6 +306,7 @@ struct sta_info {
+@@ -312,6 +313,7 @@ struct sta_info {
 #endif /* CONFIG_TESTING_OPTIONS */
 #ifdef CONFIG_AIRTIME_POLICY
 	unsigned int airtime_weight;
@@ -8,7 +8,7 @@ as adding/removing interfaces.

 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
-@@ -1268,6 +1268,7 @@ void wpa_supplicant_set_state(struct wpa
+@@ -1266,6 +1266,7 @@ void wpa_supplicant_set_state(struct wpa
 		sme_sched_obss_scan(wpa_s, 0);
 	}
 	wpa_s->wpa_state = state;
@@ -16,7 +16,7 @@ as adding/removing interfaces.
 
 #ifndef CONFIG_NO_ROBUST_AV
 	if (state == WPA_COMPLETED && dl_list_len(&wpa_s->active_scs_ids) &&
-@@ -8395,6 +8396,8 @@ struct wpa_supplicant * wpa_supplicant_a
+@@ -8386,6 +8387,8 @@ struct wpa_supplicant * wpa_supplicant_a
 	}
 #endif /* CONFIG_P2P */
 
@@ -25,7 +25,7 @@ as adding/removing interfaces.
 	return wpa_s;
 }
 
-@@ -8421,6 +8424,8 @@ int wpa_supplicant_remove_iface(struct w
+@@ -8412,6 +8415,8 @@ int wpa_supplicant_remove_iface(struct w
 	struct wpa_supplicant *parent = wpa_s->parent;
 #endif /* CONFIG_MESH */
 
@@ -34,7 +34,7 @@ as adding/removing interfaces.
 	/* Remove interface from the global list of interfaces */
 	prev = global->ifaces;
 	if (prev == wpa_s) {
-@@ -8740,6 +8745,7 @@ struct wpa_global * wpa_supplicant_init(
+@@ -8731,6 +8736,7 @@ struct wpa_global * wpa_supplicant_init(
 
 	eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
 			       wpas_periodic, global, NULL);
@@ -42,7 +42,7 @@ as adding/removing interfaces.
 
 	return global;
 }
-@@ -8812,6 +8818,8 @@ void wpa_supplicant_deinit(struct wpa_gl
+@@ -8803,6 +8809,8 @@ void wpa_supplicant_deinit(struct wpa_gl
 
 	wpas_notify_supplicant_deinitialized(global);
 
@@ -164,7 +164,7 @@ as adding/removing interfaces.
 ifdef CONFIG_CODE_COVERAGE
 --- a/hostapd/ctrl_iface.c
 +++ b/hostapd/ctrl_iface.c
-@@ -5950,6 +5950,7 @@ try_again:
+@@ -5951,6 +5951,7 @@ try_again:
 		return -1;
 	}
 
@@ -172,7 +172,7 @@ as adding/removing interfaces.
 	wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
 
 	return 0;
-@@ -6051,6 +6052,7 @@ fail:
+@@ -6052,6 +6053,7 @@ fail:
 	os_free(fname);
 
 	interface->global_ctrl_sock = s;
@@ -226,7 +226,7 @@ as adding/removing interfaces.
 {
 --- a/src/ap/hostapd.c
 +++ b/src/ap/hostapd.c
-@@ -267,6 +267,8 @@ int hostapd_reload_config(struct hostapd
+@@ -263,6 +263,8 @@ int hostapd_reload_config(struct hostapd
 	struct hostapd_config *newconf, *oldconf;
 	size_t j;
 
@@ -235,7 +235,7 @@ as adding/removing interfaces.
 	if (iface->config_fname == NULL) {
 		/* Only in-memory config in use - assume it has been updated */
 		hostapd_clear_old(iface);
-@@ -492,6 +494,7 @@ void hostapd_free_hapd_data(struct hosta
+@@ -488,6 +490,7 @@ void hostapd_free_hapd_data(struct hosta
 	hapd->beacon_set_done = 0;
 
 	wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface);
@@ -243,7 +243,7 @@ as adding/removing interfaces.
 	hostapd_ubus_free_bss(hapd);
 	accounting_deinit(hapd);
 	hostapd_deinit_wpa(hapd);
-@@ -653,7 +656,7 @@ static void hostapd_mld_move_vlan_list(s
+@@ -649,7 +652,7 @@ static void hostapd_mld_move_vlan_list(s
  * If the BSS being removed is the first link, the next link becomes the first
  * link.
  */
@@ -252,7 +252,7 @@ as adding/removing interfaces.
 {
 #ifdef CONFIG_IEEE80211BE
 	int i;
-@@ -761,6 +764,7 @@ void hostapd_cleanup_iface_partial(struc
+@@ -757,6 +760,7 @@ void hostapd_cleanup_iface_partial(struc
 static void hostapd_cleanup_iface(struct hostapd_iface *iface)
 {
 	wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface);
@@ -260,7 +260,7 @@ as adding/removing interfaces.
 	eloop_cancel_timeout(hostapd_interface_setup_failure_handler, iface,
 			     NULL);
 
-@@ -1344,6 +1348,7 @@ static int hostapd_start_beacon(struct h
+@@ -1340,6 +1344,7 @@ static int hostapd_start_beacon(struct h
 		hapd->driver->set_operstate(hapd->drv_priv, 1);
 
 	hostapd_ubus_add_bss(hapd);
@@ -268,7 +268,7 @@ as adding/removing interfaces.
 
 	return 0;
 }
-@@ -1419,8 +1424,7 @@ static int hostapd_bss_radius_init(struc
+@@ -1415,8 +1420,7 @@ static int hostapd_bss_radius_init(struc
  * initialized. Most of the modules that are initialized here will be
  * deinitialized in hostapd_cleanup().
  */
@@ -278,7 +278,7 @@ as adding/removing interfaces.
 {
 	struct hostapd_bss_config *conf = hapd->conf;
 	u8 ssid[SSID_MAX_LEN + 1];
-@@ -1462,12 +1466,17 @@ static int hostapd_setup_bss(struct host
+@@ -1458,12 +1462,17 @@ static int hostapd_setup_bss(struct host
 
 	if (!first || first == -1) {
 		u8 *addr = hapd->own_addr;
@@ -297,7 +297,7 @@ as adding/removing interfaces.
 					     hapd->iface->bss[0]->own_addr) ==
 			    0) {
 				wpa_printf(MSG_ERROR, "BSS '%s' may not have "
-@@ -1497,6 +1506,7 @@ static int hostapd_setup_bss(struct host
+@@ -1493,6 +1502,7 @@ static int hostapd_setup_bss(struct host
 					   hapd->mld_link_id, hapd->conf->iface);
 				goto setup_mld;
 			}
@@ -305,7 +305,7 @@ as adding/removing interfaces.
 		}
 #endif /* CONFIG_IEEE80211BE */
 
-@@ -1505,7 +1515,7 @@ static int hostapd_setup_bss(struct host
+@@ -1501,7 +1511,7 @@ static int hostapd_setup_bss(struct host
 				   conf->iface, addr, hapd,
 				   &hapd->drv_priv, force_ifname, if_addr,
 				   conf->bridge[0] ? conf->bridge : NULL,
@@ -314,7 +314,7 @@ as adding/removing interfaces.
 			wpa_printf(MSG_ERROR, "Failed to add BSS (BSSID="
 				   MACSTR ")", MAC2STR(hapd->own_addr));
 			hapd->interface_added = 0;
-@@ -1528,7 +1538,7 @@ static int hostapd_setup_bss(struct host
+@@ -1524,7 +1534,7 @@ static int hostapd_setup_bss(struct host
 
 #ifdef CONFIG_IEEE80211BE
 setup_mld:
@@ -323,7 +323,7 @@ as adding/removing interfaces.
 		wpa_printf(MSG_DEBUG,
 			   "MLD: Set link_id=%u, mld_addr=" MACSTR
 			   ", own_addr=" MACSTR,
-@@ -1546,6 +1556,8 @@ setup_mld:
+@@ -1542,6 +1552,8 @@ setup_mld:
 	}
 #endif /* CONFIG_IEEE80211BE */
 
@@ -332,7 +332,7 @@ as adding/removing interfaces.
 	if (conf->wmm_enabled < 0)
 		conf->wmm_enabled = hapd->iconf->ieee80211n |
 			hapd->iconf->ieee80211ax;
-@@ -1871,7 +1883,7 @@ int hostapd_set_acl(struct hostapd_data
+@@ -1867,7 +1879,7 @@ int hostapd_set_acl(struct hostapd_data
 }
 
 
@@ -341,7 +341,7 @@ as adding/removing interfaces.
 {
 #ifdef CONFIG_IEEE80211BE
 	int ret;
-@@ -2544,7 +2556,7 @@ static int hostapd_owe_iface_iter2(struc
+@@ -2540,7 +2552,7 @@ static int hostapd_owe_iface_iter2(struc
 #endif /* CONFIG_OWE */
 
 
@@ -350,7 +350,7 @@ as adding/removing interfaces.
 {
 #ifdef CONFIG_OWE
 	/* Check whether the enabled BSS can complete OWE transition mode
-@@ -3001,7 +3013,7 @@ hostapd_alloc_bss_data(struct hostapd_if
+@@ -2997,7 +3009,7 @@ hostapd_alloc_bss_data(struct hostapd_if
 }
 
 
@@ -359,7 +359,7 @@ as adding/removing interfaces.
 {
 	if (!hapd)
 		return;
-@@ -3209,7 +3221,7 @@ fail:
+@@ -3205,7 +3217,7 @@ fail:
 }
 
 
@@ -368,7 +368,7 @@ as adding/removing interfaces.
 {
 #ifdef CONFIG_IEEE80211BE
 	struct hostapd_mld *mld, **all_mld;
-@@ -4090,7 +4102,8 @@ int hostapd_remove_iface(struct hapd_int
+@@ -4086,7 +4098,8 @@ int hostapd_remove_iface(struct hapd_int
 		hapd_iface = interfaces->iface[i];
 		if (hapd_iface == NULL)
 			return -1;
@@ -442,7 +442,7 @@ as adding/removing interfaces.
 void hostapd_switch_color(struct hostapd_data *hapd, u64 bitmap);
 --- a/src/ap/ieee802_11.c
 +++ b/src/ap/ieee802_11.c
-@@ -663,12 +663,17 @@ const char * sae_get_password(struct hos
+@@ -668,12 +668,17 @@ const char * sae_get_password(struct hos
 			      struct sae_pt **s_pt,
 			      const struct sae_pk **s_pk)
 {
@@ -461,7 +461,7 @@ as adding/removing interfaces.
 	/* With sae_track_password functionality enabled, try to first find the
 	 * next viable wildcard-address password if a password identifier was
 	 * not used. Select an wildcard-addr entry if the STA is known to have
-@@ -730,12 +735,30 @@ const char * sae_get_password(struct hos
+@@ -735,12 +740,30 @@ const char * sae_get_password(struct hos
 		pt = hapd->conf->ssid.pt;
 	}
 
@@ -494,7 +494,7 @@ as adding/removing interfaces.
 		}
 	}
 
-@@ -3698,6 +3721,12 @@ static void handle_auth(struct hostapd_d
+@@ -3744,6 +3767,12 @@ static void handle_auth(struct hostapd_d
 		goto fail;
 	}
 
@@ -532,7 +532,7 @@ as adding/removing interfaces.
 		if (sta->p2p_ie != NULL &&
 --- a/src/ap/sta_info.h
 +++ b/src/ap/sta_info.h
-@@ -183,6 +183,9 @@ struct sta_info {
+@@ -190,6 +190,9 @@ struct sta_info {
 	int vlan_id_bound; /* updated by ap_sta_bind_vlan() */
 	 /* PSKs from RADIUS authentication server */
 	struct hostapd_sta_wpa_psk_short *psk;
@@ -588,7 +588,7 @@ as adding/removing interfaces.
 }
 --- a/src/drivers/driver.h
 +++ b/src/drivers/driver.h
-@@ -4173,6 +4173,25 @@ struct wpa_driver_ops {
+@@ -4174,6 +4174,25 @@ struct wpa_driver_ops {
 			 const char *ifname);
 
 	/**
@@ -614,7 +614,7 @@ as adding/removing interfaces.
 	 * set_sta_vlan - Bind a station into a specific interface (AP only)
 	 * @priv: Private driver interface data
 	 * @ifname: Interface (main or virtual BSS or VLAN)
-@@ -7016,6 +7035,7 @@ union wpa_event_data {
+@@ -7017,6 +7036,7 @@ union wpa_event_data {
 
 	/**
 	 * struct ch_switch
@@ -622,7 +622,7 @@ as adding/removing interfaces.
 	 * @freq: Frequency of new channel in MHz
 	 * @ht_enabled: Whether this is an HT channel
 	 * @ch_offset: Secondary channel offset
-@@ -7026,6 +7046,7 @@ union wpa_event_data {
+@@ -7027,6 +7047,7 @@ union wpa_event_data {
 	 * @punct_bitmap: Puncturing bitmap
 	 */
 	struct ch_switch {
@@ -742,7 +742,7 @@ as adding/removing interfaces.
 	}
 
 	if (drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) {
-@@ -9636,6 +9654,50 @@ static int wpa_driver_nl80211_if_remove(
+@@ -9639,6 +9657,50 @@ static int wpa_driver_nl80211_if_remove(
 	return 0;
 }
 
@@ -793,7 +793,7 @@ as adding/removing interfaces.
 
 static int cookie_handler(struct nl_msg *msg, void *arg)
 {
-@@ -11535,6 +11597,37 @@ static bool nl80211_is_drv_shared(void *
+@@ -11538,6 +11600,37 @@ static bool nl80211_is_drv_shared(void *
 #endif /* CONFIG_IEEE80211BE */
 
 
@@ -831,7 +831,7 @@ as adding/removing interfaces.
 static int driver_nl80211_send_mlme(void *priv, const u8 *data,
 				    size_t data_len, int noack,
 				    unsigned int freq,
-@@ -15541,6 +15634,8 @@ const struct wpa_driver_ops wpa_driver_n
+@@ -15544,6 +15637,8 @@ const struct wpa_driver_ops wpa_driver_n
 	.set_acl = wpa_driver_nl80211_set_acl,
 	.if_add = wpa_driver_nl80211_if_add,
 	.if_remove = driver_nl80211_if_remove,
@@ -842,7 +842,7 @@ as adding/removing interfaces.
 	.sta_add = wpa_driver_nl80211_sta_add,
 --- a/src/drivers/driver_nl80211_event.c
 +++ b/src/drivers/driver_nl80211_event.c
-@@ -1260,6 +1260,7 @@ static void mlme_event_ch_switch(struct
+@@ -1261,6 +1261,7 @@ static void mlme_event_ch_switch(struct
 				 struct nlattr *bw, struct nlattr *cf1,
 				 struct nlattr *cf2,
 				 struct nlattr *punct_bitmap,
@@ -850,7 +850,7 @@ as adding/removing interfaces.
 				 int finished)
 {
 	struct i802_bss *bss;
-@@ -1325,6 +1326,8 @@ static void mlme_event_ch_switch(struct
+@@ -1326,6 +1327,8 @@ static void mlme_event_ch_switch(struct
 		data.ch_switch.cf1 = nla_get_u32(cf1);
 	if (cf2)
 		data.ch_switch.cf2 = nla_get_u32(cf2);
@@ -859,7 +859,7 @@ as adding/removing interfaces.
 
 	if (link) {
 		data.ch_switch.link_id = nla_get_u8(link);
-@@ -4331,6 +4334,7 @@ static void do_process_drv_event(struct
+@@ -4332,6 +4335,7 @@ static void do_process_drv_event(struct
 				     tb[NL80211_ATTR_CENTER_FREQ1],
 				     tb[NL80211_ATTR_CENTER_FREQ2],
 				     tb[NL80211_ATTR_PUNCT_BITMAP],
@@ -867,7 +867,7 @@ as adding/removing interfaces.
 				     0);
 		break;
 	case NL80211_CMD_CH_SWITCH_NOTIFY:
-@@ -4343,6 +4347,7 @@ static void do_process_drv_event(struct
+@@ -4344,6 +4348,7 @@ static void do_process_drv_event(struct
 				     tb[NL80211_ATTR_CENTER_FREQ1],
 				     tb[NL80211_ATTR_CENTER_FREQ2],
 				     tb[NL80211_ATTR_PUNCT_BITMAP],
@@ -941,7 +941,7 @@ as adding/removing interfaces.
 ifdef CONFIG_CODE_COVERAGE
 CFLAGS += -O0 -fprofile-arcs -ftest-coverage -U_FORTIFY_SOURCE
 LIBS += -lgcov
-@@ -1068,6 +1076,9 @@ ifdef CONFIG_CTRL_IFACE_MIB
+@@ -1077,6 +1085,9 @@ ifdef CONFIG_CTRL_IFACE_MIB
 CFLAGS += -DCONFIG_CTRL_IFACE_MIB
 endif
 OBJS += ../src/ap/ctrl_iface_ap.o
@@ -961,7 +961,7 @@ as adding/removing interfaces.
 
 
 #define MAX_OWE_TRANSITION_BSS_SELECT_COUNT 5
-@@ -1717,6 +1718,12 @@ struct wpa_ssid * wpa_scan_res_match(str
+@@ -1729,6 +1730,12 @@ struct wpa_ssid * wpa_scan_res_match(str
 		return NULL;
 	}
 
@@ -974,7 +974,7 @@ as adding/removing interfaces.
 	for (ssid = group; ssid; ssid = only_first_ssid ? NULL : ssid->pnext) {
 		if (wpa_scan_res_ok(wpa_s, ssid, match_ssid, match_ssid_len,
 				    bss, bssid_ignore_count, debug_print, link))
-@@ -3127,8 +3134,8 @@ fail:
+@@ -3139,8 +3146,8 @@ fail:
 static void multi_ap_process_assoc_resp(struct wpa_supplicant *wpa_s,
 					const u8 *ies, size_t ies_len)
 {
@@ -984,7 +984,7 @@ as adding/removing interfaces.
 	u16 status;
 
 	wpa_s->multi_ap_ie = 0;
-@@ -3139,13 +3146,13 @@ static void multi_ap_process_assoc_resp(
+@@ -3151,13 +3158,13 @@ static void multi_ap_process_assoc_resp(
 		return;
 
 	status = check_multi_ap_ie(elems.multi_ap + 4, elems.multi_ap_len - 4,
@@ -1001,7 +1001,7 @@ as adding/removing interfaces.
 				       MULTI_AP_FRONTHAUL_BSS);
 	wpa_s->multi_ap_ie = 1;
 }
-@@ -5749,6 +5756,13 @@ static void wpas_event_rx_mgmt_action(st
+@@ -5848,6 +5855,13 @@ static void wpas_event_rx_mgmt_action(st
 	}
 #endif /* CONFIG_WNM */
 
@@ -1015,7 +1015,7 @@ as adding/removing interfaces.
 #ifdef CONFIG_GAS
 	if ((mgmt->u.action.category == WLAN_ACTION_PUBLIC ||
 	     mgmt->u.action.category == WLAN_ACTION_PROTECTED_DUAL) &&
-@@ -6555,6 +6569,7 @@ void supplicant_event(void *ctx, enum wp
+@@ -6654,6 +6668,7 @@ void supplicant_event(void *ctx, enum wp
 		event_to_string(event), event);
 #endif /* CONFIG_NO_STDOUT_DEBUG */
 
@@ -8,7 +8,7 @@ as adding/removing interfaces.

 --- a/hostapd/config_file.c
 +++ b/hostapd/config_file.c
-@@ -5008,7 +5008,14 @@ struct hostapd_config * hostapd_config_r
+@@ -5012,7 +5012,14 @@ struct hostapd_config * hostapd_config_r
 	int errors = 0;
 	size_t i;
 
@@ -58,7 +58,7 @@ as adding/removing interfaces.
 		return NULL;
 --- a/src/ap/hostapd.c
 +++ b/src/ap/hostapd.c
-@@ -3414,8 +3414,13 @@ hostapd_interface_init_bss(struct hapd_i
+@@ -3410,8 +3410,13 @@ hostapd_interface_init_bss(struct hapd_i
 		}
 	}
 
@@ -47,7 +47,7 @@ full device, e.g. in order to deal with hardware/driver limitations
 			   " since no room for additional STA",
 --- a/src/ap/hostapd.c
 +++ b/src/ap/hostapd.c
-@@ -259,6 +259,29 @@ static int hostapd_iface_conf_changed(st
+@@ -255,6 +255,29 @@ static int hostapd_iface_conf_changed(st
 	return 0;
 }
 
@@ -112,7 +112,7 @@ untagged DHCP packets
 	hapd->x_snoop_initialized = false;
 --- a/src/drivers/driver.h
 +++ b/src/drivers/driver.h
-@@ -4587,7 +4587,7 @@ struct wpa_driver_ops {
+@@ -4588,7 +4588,7 @@ struct wpa_driver_ops {
 	 * Returns: 0 on success, negative (<0) on failure
 	 */
 	int (*br_set_net_param)(void *priv, enum drv_br_net_param param,
@@ -123,7 +123,7 @@ untagged DHCP packets
 	 * get_wowlan - Get wake-on-wireless status
 --- a/src/drivers/driver_nl80211.c
 +++ b/src/drivers/driver_nl80211.c
-@@ -13233,7 +13233,7 @@ static const char * drv_br_net_param_str
+@@ -13236,7 +13236,7 @@ static const char * drv_br_net_param_str
 
 
 static int wpa_driver_br_set_net_param(void *priv, enum drv_br_net_param param,
@@ -132,7 +132,7 @@ untagged DHCP packets
 {
 	struct i802_bss *bss = priv;
 	char path[128];
-@@ -13259,8 +13259,11 @@ static int wpa_driver_br_set_net_param(v
+@@ -13262,8 +13262,11 @@ static int wpa_driver_br_set_net_param(v
 			return -EINVAL;
 	}
 
@@ -7,7 +7,7 @@ Use the NAS identifier to find the right receiver context on incoming messages

 --- a/src/ap/hostapd.c
 +++ b/src/ap/hostapd.c
-@@ -1405,6 +1405,7 @@ static int hostapd_bss_radius_init(struc
+@@ -1401,6 +1401,7 @@ static int hostapd_bss_radius_init(struc
 
 		os_memset(&das_conf, 0, sizeof(das_conf));
 		das_conf.port = conf->radius_das_port;
@@ -39,7 +39,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6

 --- a/hostapd/Makefile
 +++ b/hostapd/Makefile
-@@ -1440,6 +1440,11 @@ CFLAGS += -DCONFIG_PROCESS_COORDINATION
+@@ -1448,6 +1448,11 @@ CFLAGS += -DCONFIG_PROCESS_COORDINATION
 OBJS += ../src/common/proc_coord.o
 endif
 
@@ -53,8 +53,8 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
 
 --- a/hostapd/config_file.c
 +++ b/hostapd/config_file.c
-@@ -4999,6 +4999,15 @@ static int hostapd_config_fill(struct ho
- 		bss->mld_indicate_disabled = atoi(pos);
+@@ -5003,6 +5003,15 @@ static int hostapd_config_fill(struct ho
+ 		conf->disable_mcs15_rx = atoi(pos);
 #endif /* CONFIG_TESTING_OPTIONS */
 #endif /* CONFIG_IEEE80211BE */
 +#ifdef CONFIG_APUP
@@ -373,7 +373,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
 
 #ifdef CONFIG_FILS
 static struct wpabuf *
-@@ -4092,8 +4095,8 @@ static u16 check_multi_ap(struct hostapd
+@@ -4138,8 +4141,8 @@ static u16 check_multi_ap(struct hostapd
 }
 
 
@@ -384,7 +384,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
 {
 	/* Supported rates not used in IEEE 802.11ad/DMG */
 	if (hapd->iface->current_mode &&
-@@ -4543,7 +4546,7 @@ static int __check_assoc_ies(struct host
+@@ -4604,7 +4607,7 @@ static int __check_assoc_ies(struct host
 			       elems->ext_capab_len);
 	if (resp != WLAN_STATUS_SUCCESS)
 		goto out;
@@ -393,7 +393,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
 	if (resp != WLAN_STATUS_SUCCESS)
 		goto out;
 
-@@ -6747,6 +6750,11 @@ static void handle_beacon(struct hostapd
+@@ -6909,6 +6912,11 @@ static void handle_beacon(struct hostapd
 				      0);
 
 	ap_list_process_beacon(hapd->iface, mgmt, &elems, fi);
@@ -418,7 +418,7 @@ Hotfix-by: Sebastian Gottschall https://github.com/mirror/dd-wrt/commit/0c3001a6
 u16 copy_sta_vendor_vht(struct hostapd_data *hapd, struct sta_info *sta,
 --- a/src/drivers/driver.h
 +++ b/src/drivers/driver.h
-@@ -4281,7 +4281,7 @@ struct wpa_driver_ops {
+@@ -4282,7 +4282,7 @@ struct wpa_driver_ops {
 	 * Returns: 0 on success, -1 on failure
 	 */
 	int (*set_wds_sta)(void *priv, const u8 *addr, int aid, int val,
@@ -25,7 +25,7 @@
 +
 --- a/src/ap/sta_info.h
 +++ b/src/ap/sta_info.h
-@@ -423,23 +423,8 @@ int ap_sta_re_add(struct hostapd_data *h
+@@ -430,23 +430,8 @@ int ap_sta_re_add(struct hostapd_data *h
 
 void ap_free_sta_pasn(struct hostapd_data *hapd, struct sta_info *sta);