meta-openembedded: subtree update:98175fd0cc..da393545a2
Aditya.Tayade (1):
neon: Add ptest
Andreas Müller (9):
udisks2: upgrade 2.9.1 -> 2.9.2 / replace '_git' by version in recipe-name
poppler: upgrade 21.02.0 -> 21.03.0
xfce4-panel: upgrade 4.16.1 -> 4.16.2
xfce4-cpugraph-plugin: upgrade 1.2.1 -> 1.2.3
xfce4-time-out-plugin: upgrade 1.1.1 -> 1.1.2
mousepad: upgrade 0.5.2 -> 0.5.3
xfce4-panel-profiles: 1.0.12 -> 1.0.13
thunar: upgrade 4.16.2 -> 4.16.4
xfce4-taskmanager: upgrade 1.4.0 -> 1.4.2
Andrei Gherzan (6):
python3-pep8: Fix HOMEPAGE
python3-mccabe: Fix HOMEPAGE
python3-ifaddr: Integrate a dependency of pysonos
python3-pysonos: Integrate the SONOS control HomeAssistant module
python3-aiohue: Integrate the hue control python module
packagegroup-meta-python: Add new modules (aiohue, ifaddr, pysonos)
Andrej Valek (1):
jsoncpp: Upgrade to 1.9.4
Bartosz Golaszewski (11):
pystemd: satisfy runtime dependencies
python3-pythonping: new package
python3-wpa-supplicant: new package
python3-txdbus: new package
python3-wpa-supplicant: add runtime dependencies
python3-wpa-supplicant: fix importing the cli submodule
python3-wpa-supplicant: replace DESCRIPTION with SUMMARY
libgpiod: update v1.6.2 -> v1.6.3
python3-txdbus: add missing runtime dependencies
python3-jmespath: new package
python3-docutils: new package
Ben Gampe (1):
python3-h11: new package
Carlos Rafael Giani (1):
pipewire: Upgrade to 0.3.24
Changqing Li (2):
php: allow php as empty
openldap: upgrade 2.4.57 -> 2.4.58
Clément Péron (2):
grpc: move grpc plugins to a new grpc-compiler package
nodejs: 12.20.2 -> 12.21.0
Colin McAllister (1):
python3-gpsd-py3: Added recipe
Daniel Wagenknecht (1):
gnome-keyring: set file capabilities in pkg_postinst
Denys Dmytriyenko (1):
glmark2: also depend on wayland-protocols when wayland distro feature is on
Devon Pringle (1):
python3-pastedeploy: Add recipe
Fabio Berton (1):
python3-requests: Support idna version 3.1
INC@Cisco) (2):
bpftool: remove recipe from blacklist
bpftool: improve reproducibility
Jan Kaisrlik (1):
abseil-cpp: reorder content of packages
Joshua Watt (1):
classes: Add Android sparse image class
Kai Kang (8):
python3-pillow: 8.1.0 -> 8.1.2
xfce4-cpufreq-plugin: 1.2.2 -> 1.2.5
exo: 4.16.0 -> 4.16.1
xfce4-netload-plugin: 1.3.2 -> 1.4.0
xfce4-genmon-plugin: 4.1.0 -> 4.1.1
xfce4-weather-plugin: 0.10.2 -> 0.11.0
xfce4-systemload-plugin: 1.2.4 -> 1.3.0
xfce4-taskmanager: 1.4.2 -> 1.5.2
Khem Raj (63):
nss: Disable Werror
open-vm-tools: Do not use volatile qualifier
dconf-editor: Fix build with vala 0.50.4
libbacktrace: Add recipe
libleak: Add recipe
packagegroup-meta-oe: Add libleak to packagegroup-meta-oe-extended
mongodb: Upgrade to 4.4.4
packagegroup-meta-python: Add python3-semantic-version
python3-grpcio: Upgrade to 1.36.1
python3-grpcio: Fix build on mips and musl
mpv: Link libatomic on riscv64
glog: Link with libexecinfo on musl
musl-nscd: Make lex syntax posix'y
libbpf: Depend on virtual/kernel:do_shared_workdir
waf-cross-answers: Add powerpc64le version
python3-grpcio,python3-grpcio-tools: Disable for ppc64le
openh264: Disable building for ppc64le
ufs-utils: Upgrade to 1.9
libhugetlbfs: Fix ARCH setting for ppc64 LE
nodejs: Set correct nodejs arch for ppc64le
libnma: Disbale vapi
xrdp: Upgrade to 0.9.15
ply: upgrade to latest
ply: Disable on ppc64
ltrace: Fix build on ppc64le/musl
oprofile: Fix build on musl
gperftools: Update SRCREV to point to 2.9.1 release
mongodb: Fix cross build on ppc64le
abseil-cpp: Fix build on musl and ppc64
mariadb: Fix build on musl/ppc
mongodb: Fix build on ppc64le
breakpad: Upgrade to latest
ssiapi: Disable for ppc64
kexec-tools-klibc: Use SITEINFO_BITS to construct includepath
breakpad: Exclude for ppc64
python3-grpcio,python3-grpcio-tools: Enable build on ppc64/glibc
breakpad: Do not fallback to android implementation for getcontext/setcontext on musl
oprofile: Upgrade to 1.4.0 release
vboxguestdrivers: Add __divmoddi4 builtin support
links-x11,links: Upgrade to 2.22
layers: Drop gatesgarth from LAYERSERIES_COMPAT
xxhash: Remove recipe
gsound: Use () instead of {} for makefile variable in gsound_play_VALAFLAGS
pipewire: Package systemd unit file for pipewire-media-session
packagegroup-meta-python: Add new package python3-pythonping
python3-spidev: Remove recipe for 3.2
python3-werkzeug: Clarify BSD license type
python3-werkzeug: Delete recipe for 1.0.0
python3-hexdump: Move cleanup_hexfile into install_append
cryptsetup: DEPEND on renamed util-linux-libuuid
tracker-miners: Check for commercial license to enable ffmpeg
gnome-settings-daemon: Do not generate meson.native
libb64: Add recipe
sysdig: Upgrade to 0.27.1
sysdig: Depend on system libb64
gimp: Disable vector iconn on rv32/musl
libcamera: Update the patch to upstreamed one
flashrom: Add remaining RISCV support
mpd: Check for commercial in LICENSE_FLAGS_WHITELIST
mpv: Exclude from world if commercial is not in inclusion list
sox: Exclude from world if commercial is not in inclusion list
vlc: Exclude from world if commercial is not in inclusion list
sox: Remove LICENSE_FLAGS = "commercial"
Leon Anavi (74):
python3-elementpath: Upgrade 2.1.4 -> 2.2.0
python3-twisted: Upgrade 20.3.0 -> 21.2.0
python3-ipython: Upgrade 7.20.0 -> 7.21.0
python3-yamlloader: Upgrade 0.5.5 -> 1.0.0
python3-astroid: Upgrade 2.5 -> 2.5.1
python3-portion: Upgrade 2.1.4 -> 2.1.5
python3-pandas: Upgrade 1.2.2 -> 1.2.3
python3-ruamel-yaml: Upgrade 0.16.12 -> 0.16.13
python3-prettytable: Upgrade 2.0.0 -> 2.1.0
python3-huey: Upgrade 2.3.0 -> 2.3.1
python3-pychromecast: Upgrade 8.1.0 -> 9.1.1
python3-incremental: Upgrade 17.5.0 -> 21.3.0
python3-waitress: Upgrade 1.4.4 -> 2.0.0
python3-pako: Upgrade 0.3.0 -> 0.3.1
python3-pyscaffold: Upgrade 3.3.1 -> 4.0
python3-croniter: Upgrade 1.0.6 -> 1.0.8
python3-prompt-toolkit: Upgrade 3.0.16 -> 3.0.17
python3-pymisp: Upgrade 2.4.138 -> 2.4.140
python3-jsonpatch: Upgrade 1.31 -> 1.32
python3-jsonpointer: Upgrade 2.0 -> 2.1
python3-configargparse: Upgrade 1.3 -> 1.4
python3-luma-core: Upgrade 2.2.0 -> 2.3.1
python3-pycodestyle: Upgrade 2.6.0 -> 2.7.0
python3-bitarray: Upgrade 1.7.0 -> 1.7.1
python3-alembic: Upgrade 1.5.5 -> 1.5.7
python3-pyflakes: Upgrade 2.2.0 -> 2.3.0
python3-autobahn: Upgrade 21.2.2 -> 21.3.1
python3-pulsectl: Upgrade 21.2.0 -> 21.3.4
python3-configparser: Upgrade 5.0.1 -> 5.0.2
python3-defusedxml: Upgrade 0.6.0 -> 0.7.1
python3-twine: Upgrade 3.3.0 -> 3.4.0
python3-socketio: Upgrade 5.0.4 -> 5.1.0
python3-soupsieve: Upgrade 2.2 -> 2.2.1
python3-cassandra-driver: Upgrade 3.24.0 -> 3.25.0
python3-urllib3: Upgrade 1.26.3 -> 1.26.4
python3-bitarray: Upgrade 1.7.1 -> 1.8.0
python3-pyscaffold: Upgrade 4.0 -> 4.0.1
python3-flask-migrate: Upgrade 2.6.0 -> 2.7.0
python3-grpcio-tools: Upgrade 1.35.0 -> 1.36.1
python3-humanize: Upgrade 3.2.0 -> 3.3.0
python3-regex: Upgrade 2020.11.13 -> 2021.3.17
python3-twine: Upgrade 3.4.0 -> 3.4.1
python3-isort: Upgrade 5.7.0 -> 5.8.0
python3-sqlalchemy: Upgrade 1.3.23 -> 1.4.2
python3-scrypt: Upgrade 0.8.6 -> 0.8.17
python3-colorlog: Upgrade 4.7.2 -> 4.8.0
python3-croniter: Upgrade 1.0.8 -> 1.0.9
python3-pyperf: Upgrade 2.1.0 -> 2.2.0
python3-lazy-object-proxy: Upgrade 1.5.2 -> 1.6.0
python3-prompt-toolkit: Upgrade 3.0.17 -> 3.0.18
python3-configshell-fb: Upgrade 1.1.28 -> 1.1.29
python3-backports-functools-lru-cache: Upgrade 1.6.1 -> 1.6.3
python3-pytest-helpers-namespace: Upgrade 2019.1.8 -> 2021.3.24
python3-elementpath: Upgrade 2.2.0 -> 2.2.1
python3-alembic: Upgrade 1.5.7 -> 1.5.8
python3-rfc3339-validator: Upgrade 0.1.2 -> 0.1.3
python3-pyflakes: Upgrade 2.3.0 -> 2.3.1
python3-pint: Upgrade 0.16.1 -> 0.17
python3-flask-sqlalchemy: Upgrade 2.4.4 -> 2.5.1
python3-django: Upgrade 3.1.1 -> 3.1.7
python3-djangorestframework: Upgrade 3.12.2 -> 3.12.3
python3-ruamel-yaml: Upgrade 0.16.13 -> 0.17.0
python3-bitarray: Upgrade 1.8.0 -> 1.8.1
python3-sqlalchemy: Upgrade 1.4.2 -> 1.4.3
python3-xmlschema: Upgrade 1.5.1 -> 1.5.3
python3-croniter: Upgrade 1.0.9 -> 1.0.10
python3-astroid: Upgrade 2.5.1 -> 2.5.2
python3-pyroute2: Upgrade 0.5.14 -> 0.5.15
python3-coverage: Upgrade 5.4 -> 5.5
python3-gunicorn: Upgrade 20.0.4 -> 20.1.0
python3-djangorestframework: Upgrade 3.12.3 -> 3.12.4
python3-ipython: Upgrade 7.21.0 -> 7.22.0
python3-openpyxl: Upgrade 3.0.6 -> 3.0.7
python3-ruamel-yaml: Upgrade 0.17.0 -> 0.17.2
Luca Boccassi (3):
cryptsetup: depend on new util-linux-uuid to break cycle
dbus-broker: upgrade 26 -> 27
dbus-broker: upgrade 27 -> 28
Marius Kriegerowski (1):
tmate: add recipe version 2.4.0
Martin Jansa (11):
glog: fix searching for Libunwind
ceres-solver: prevent fetching git hook during do_configure
packagegroup-meta-oe: include abseil-cpp for all architectures
packagegroup-meta-oe: include nodejs without meta-python2 conditional
packagegroup-meta-oe: move the packages depending on meta-python2 to separate packages
mysql-python, lio-utils, openlmi-tools: add conditional PNBLACKLIST like meta-python2 does
conf/layer.conf: include .bbappend files in BBFILES_DYNAMIC
open-vm-tools: move to meta-networking
packagegroup-meta-{oe,multimedia}: move pipewire to the right packagegroup
packagegroup-meta-multimedia: include projucer only with x11 in DISTRO_FEATURES
packagegroup-meta-multimedia: include vlc only with x11 in DISTRO_FEATURES
Matteo Croce (1):
libbpf: use pkg-config
Michael Vetter (1):
jasper: upgrade 2.0.25 -> 2.0.26
Ming Liu (1):
atftp: move atftpd.init from files to atftp subdirectory
Mingli Yu (6):
geoip: Switch to use the main branch
geoip-perl: Switch to use the main branch
bridge-utils: Switch to use the main branch
netkit-telnet: Update SRC_URI
quagga: Update SRC_URI
hostapd: fix CVE-2019-5061
Nisha Parrakat (1):
neon: use pkg-config instead of xml2-config to configure
Oleksandr Kravchuk (10):
ipset: update to 7.11
libnice: update to 0.1.18
nbdkit: update to 1.25.3
python3-bitarray: update to 1.7.0
python3-google-api-python-client: update to 2.0.2
python3-jsonpatch: update to 1.31
python3-websocket-client: update to 0.58.0
python3-robotframework: update to 4.0
python3-sentry-sdk: update to 1.0.0
aom: update to 3.0.0
Peace Lee (2):
guider: Upgrade 3.9.7 -> 3.9.8
guider: Upgrade 3.9.7 -> 3.9.8
Persian Prince (1):
tinymembench: Correct PV
Philip Balister (1):
fftw: Add support for ptest.
Randy MacLeod (6):
gperftools: upgrade 2.8.1 -> 2.9.1
zabbix: upgrade 4.4.6 -> 5.2.5
nss: upgrade 3.60.1 -> 3.62
xterm: upgrade 362 -> 366
zstd: remove the recipe since it moved to oe-core
tclap: upgrade 1.2.2 -> 1.4.0
Ross Burton (3):
libxmlb: upgrade to 0.3.0
flashrom: recipe cleanup
openjpeg: add native/nativesdk class extension
Sakib Sajal (1):
grpc: upgrade 1.36.1 -> 1.36.2
Sam Van Den Berge (1):
libiio: fix build when python bindings are enabled
Sana Kazi (1):
mdns: Whitelisted CVE-2007-0613 for mdns
Stefan Schmidt (2):
musl-rpmatch_git.bb: add new recipe to provide rpmatch() for musl libc builds
plymouth_0.9.5.bb: allow building with musl libc
Valentin Longchamp (1):
libssh: add gcrypt to PACKAGECONFIG
Wang Mingyu (3):
czmq: Conflict resolution for sha1.h
python3-lxml: upgrade 4.6.2 -> 4.6.3
python3-zopeinterface: upgrade 5.2.0 -> 5.3.0
Yann Dirson (1):
mpv: remove explicit LICENSE_FLAGS
Yi Fan Yu (2):
librelp: update 1.6.0 -> 1.10.0
rsyslog: Fix rsyslog systemd service not starting
Yi Zhao (2):
quagga: do not set PIDFile in service files
tclap: add pkg-config file
Zang Ruochen (1):
gtkwave: upgrade 3.3.104 -> 3.3.108
zangrc (15):
dovecot: upgrade 2.3.13 -> 2.3.14
fetchmail: upgrade 6.4.16 -> 6.4.17
dialog: upgrade 1.3-20210117 -> 1.3-20210306
fio: upgrade 3.25 -> 3.26
xorriso: upgrade 1.5.3 -> 1.5.5
iscsi-initiator-utils: upgrade 2.1.3 -> 2.1.4
mosquitto: upgrade 2.0.8 -> 2.0.9
nbdkit: upgrade 1.25.3 -> 1.25.4
wireguard-tools: upgrade 1.0.20210223 -> 1.0.20210315
wireshark: upgrade 3.4.3 -> 3.4.4
live555: upgrade 20210129 -> 20210322
mg: upgrade 20200723 -> 20210314
nanopb: upgrade 0.4.4 -> 0.4.5
nss: upgrade 3.62 -> 3.63
uriparser: upgrade 0.9.4 -> 0.9.5
zhengruoqin (12):
phpmyadmin: upgrade 5.0.4 -> 5.1.0
uthash: upgrade 2.2.0 -> 2.3.0
gd: upgrade 2.3.1 -> 2.3.2
openocd: upgrade 0.10 -> 0.11
satyr: upgrade 0.36 -> 0.37
libcrypt-openssl-guess-perl: upgrade 0.11 -> 0.12
cryptsetup: upgrade 2.3.4 -> 2.3.5
glmark2: upgrade 20201114 -> 2021.02
grpc: upgrade 1.36.2 -> 1.36.3
dialog: upgrade 1.3-20210306 -> 1.3-20210319
grpc: upgrade 1.36.3 -> 1.36.4
libgee: upgrade 0.20.3 -> 0.20.4
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I0b18d7c12586e6038d002f02ed87f38e25bc5080
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/hostapd/hostapd/CVE-2019-5061.patch b/meta-openembedded/meta-oe/recipes-connectivity/hostapd/hostapd/CVE-2019-5061.patch
new file mode 100644
index 0000000..9214615
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-connectivity/hostapd/hostapd/CVE-2019-5061.patch
@@ -0,0 +1,854 @@
+From 018edec9b2bd3db20605117c32ff79c1e625c432 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Wed, 11 Sep 2019 12:34:28 +0300
+Subject: [PATCH] Remove IAPP functionality from hostapd
+
+IEEE Std 802.11F-2003 was withdrawn in 2006 and as such it has not been
+maintained nor is there any expectation of the withdrawn trial-use
+recommended practice to be maintained in the future. Furthermore,
+implementation of IAPP in hostapd was not complete, i.e., only parts of
+the recommended practice were included. The main item of some real use
+long time ago was the Layer 2 Update frame to update bridges when a STA
+roams within an ESS, but that functionality has, in practice, been moved
+to kernel drivers to provide better integration with the networking
+stack.
+
+CVE: CVE-2019-5061
+
+Upstream-Status: Backport
+
+Signed-off-by: Jouni Malinen <j@w1.fi>
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ hostapd/Android.mk | 5 -
+ hostapd/Makefile | 5 -
+ hostapd/android.config | 3 -
+ hostapd/config_file.c | 3 +-
+ hostapd/defconfig | 3 -
+ hostapd/hostapd.conf | 6 -
+ hostapd/main.c | 3 -
+ src/ap/Makefile | 2 -
+ src/ap/ap_config.h | 4 -
+ src/ap/hostapd.c | 14 -
+ src/ap/hostapd.h | 2 -
+ src/ap/iapp.c | 542 ----------------------
+ src/ap/iapp.h | 39 --
+ src/utils/wpa_debug.h | 1 -
+ 14 files changed, 1 insertion(+), 633 deletions(-)
+ delete mode 100644 src/ap/iapp.c
+ delete mode 100644 src/ap/iapp.h
+
+diff --git a/hostapd/Android.mk b/hostapd/Android.mk
+index 3183323ef..a87ac8144 100644
+--- a/hostapd/Android.mk
++++ b/hostapd/Android.mk
+@@ -205,11 +205,6 @@ endif
+
+ L_CFLAGS += -DCONFIG_CTRL_IFACE -DCONFIG_CTRL_IFACE_UNIX
+
+-ifdef CONFIG_IAPP
+-L_CFLAGS += -DCONFIG_IAPP
+-OBJS += src/ap/iapp.c
+-endif
+-
+ ifdef CONFIG_RSN_PREAUTH
+ L_CFLAGS += -DCONFIG_RSN_PREAUTH
+ CONFIG_L2_PACKET=y
+diff --git a/hostapd/Makefile b/hostapd/Makefile
+index f7f4c785b..42bb9e4c8 100644
+--- a/hostapd/Makefile
++++ b/hostapd/Makefile
+@@ -248,11 +248,6 @@ ifndef CONFIG_NO_CTRL_IFACE
+ CFLAGS += -DCONFIG_CTRL_IFACE
+ endif
+
+-ifdef CONFIG_IAPP
+-CFLAGS += -DCONFIG_IAPP
+-OBJS += ../src/ap/iapp.o
+-endif
+-
+ ifdef CONFIG_RSN_PREAUTH
+ CFLAGS += -DCONFIG_RSN_PREAUTH
+ CONFIG_L2_PACKET=y
+diff --git a/hostapd/android.config b/hostapd/android.config
+index efe252332..e2e6c7821 100644
+--- a/hostapd/android.config
++++ b/hostapd/android.config
+@@ -38,9 +38,6 @@ CONFIG_DRIVER_NL80211_QCA=y
+ # Driver interface for no driver (e.g., RADIUS server only)
+ #CONFIG_DRIVER_NONE=y
+
+-# IEEE 802.11F/IAPP
+-#CONFIG_IAPP=y
+-
+ # WPA2/IEEE 802.11i RSN pre-authentication
+ #CONFIG_RSN_PREAUTH=y
+
+diff --git a/hostapd/config_file.c b/hostapd/config_file.c
+index 680f17ee0..0d340d252 100644
+--- a/hostapd/config_file.c
++++ b/hostapd/config_file.c
+@@ -2712,8 +2712,7 @@ static int hostapd_config_fill(struct hostapd_config *conf,
+ bss->eapol_key_index_workaround = atoi(pos);
+ #ifdef CONFIG_IAPP
+ } else if (os_strcmp(buf, "iapp_interface") == 0) {
+- bss->ieee802_11f = 1;
+- os_strlcpy(bss->iapp_iface, pos, sizeof(bss->iapp_iface));
++ wpa_printf(MSG_INFO, "DEPRECATED: iapp_interface not used");
+ #endif /* CONFIG_IAPP */
+ } else if (os_strcmp(buf, "own_ip_addr") == 0) {
+ if (hostapd_parse_ip_addr(pos, &bss->own_ip_addr)) {
+diff --git a/hostapd/defconfig b/hostapd/defconfig
+index b1fb56c3b..1a3d9f9ba 100644
+--- a/hostapd/defconfig
++++ b/hostapd/defconfig
+@@ -44,9 +44,6 @@ CONFIG_LIBNL32=y
+ # Driver interface for no driver (e.g., RADIUS server only)
+ #CONFIG_DRIVER_NONE=y
+
+-# IEEE 802.11F/IAPP
+-CONFIG_IAPP=y
+-
+ # WPA2/IEEE 802.11i RSN pre-authentication
+ CONFIG_RSN_PREAUTH=y
+
+diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf
+index 6c96a760a..a3c698480 100644
+--- a/hostapd/hostapd.conf
++++ b/hostapd/hostapd.conf
+@@ -41,7 +41,6 @@ interface=wlan0
+ # bit 2 (4) = RADIUS
+ # bit 3 (8) = WPA
+ # bit 4 (16) = driver interface
+-# bit 5 (32) = IAPP
+ # bit 6 (64) = MLME
+ #
+ # Levels (minimum value for logged events):
+@@ -1243,11 +1242,6 @@ eap_server=0
+ # Whether to enable ERP on the EAP server.
+ #eap_server_erp=1
+
+-##### IEEE 802.11f - Inter-Access Point Protocol (IAPP) #######################
+-
+-# Interface to be used for IAPP broadcast packets
+-#iapp_interface=eth0
+-
+
+ ##### RADIUS client configuration #############################################
+ # for IEEE 802.1X with external Authentication Server, IEEE 802.11
+diff --git a/hostapd/main.c b/hostapd/main.c
+index 08896ffe2..8bfe24281 100644
+--- a/hostapd/main.c
++++ b/hostapd/main.c
+@@ -81,9 +81,6 @@ static void hostapd_logger_cb(void *ctx, const u8 *addr, unsigned int module,
+ case HOSTAPD_MODULE_DRIVER:
+ module_str = "DRIVER";
+ break;
+- case HOSTAPD_MODULE_IAPP:
+- module_str = "IAPP";
+- break;
+ case HOSTAPD_MODULE_MLME:
+ module_str = "MLME";
+ break;
+diff --git a/src/ap/Makefile b/src/ap/Makefile
+index bd3f33b77..54e48a0dd 100644
+--- a/src/ap/Makefile
++++ b/src/ap/Makefile
+@@ -18,7 +18,6 @@ CFLAGS += -DCONFIG_IEEE80211R_AP
+ CFLAGS += -DCONFIG_WPS
+ CFLAGS += -DCONFIG_PROXYARP
+ CFLAGS += -DCONFIG_IPV6
+-CFLAGS += -DCONFIG_IAPP
+ CFLAGS += -DCONFIG_AIRTIME_POLICY
+
+ LIB_OBJS= \
+@@ -41,7 +40,6 @@ LIB_OBJS= \
+ hostapd.o \
+ hs20.o \
+ hw_features.o \
+- iapp.o \
+ ieee802_11_auth.o \
+ ieee802_11.o \
+ ieee802_11_ht.o \
+diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h
+index e219160b0..17eb0682b 100644
+--- a/src/ap/ap_config.h
++++ b/src/ap/ap_config.h
+@@ -325,10 +325,6 @@ struct hostapd_bss_config {
+ int erp_send_reauth_start;
+ char *erp_domain;
+
+- int ieee802_11f; /* use IEEE 802.11f (IAPP) */
+- char iapp_iface[IFNAMSIZ + 1]; /* interface used with IAPP broadcast
+- * frames */
+-
+ enum macaddr_acl {
+ ACCEPT_UNLESS_DENIED = 0,
+ DENY_UNLESS_ACCEPTED = 1,
+diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c
+index ef988b634..bf7b1f89e 100644
+--- a/src/ap/hostapd.c
++++ b/src/ap/hostapd.c
+@@ -28,7 +28,6 @@
+ #include "accounting.h"
+ #include "ap_list.h"
+ #include "beacon.h"
+-#include "iapp.h"
+ #include "ieee802_1x.h"
+ #include "ieee802_11_auth.h"
+ #include "vlan_init.h"
+@@ -361,8 +360,6 @@ static void hostapd_free_hapd_data(struct hostapd_data *hapd)
+ hapd->beacon_set_done = 0;
+
+ wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface);
+- iapp_deinit(hapd->iapp);
+- hapd->iapp = NULL;
+ accounting_deinit(hapd);
+ hostapd_deinit_wpa(hapd);
+ vlan_deinit(hapd);
+@@ -1296,13 +1293,6 @@ static int hostapd_setup_bss(struct hostapd_data *hapd, int first)
+ return -1;
+ }
+
+- if (conf->ieee802_11f &&
+- (hapd->iapp = iapp_init(hapd, conf->iapp_iface)) == NULL) {
+- wpa_printf(MSG_ERROR, "IEEE 802.11F (IAPP) initialization "
+- "failed.");
+- return -1;
+- }
+-
+ #ifdef CONFIG_INTERWORKING
+ if (gas_serv_init(hapd)) {
+ wpa_printf(MSG_ERROR, "GAS server initialization failed");
+@@ -3056,10 +3046,6 @@ void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta,
+ hostapd_prune_associations(hapd, sta->addr);
+ ap_sta_clear_disconnect_timeouts(hapd, sta);
+
+- /* IEEE 802.11F (IAPP) */
+- if (hapd->conf->ieee802_11f)
+- iapp_new_station(hapd->iapp, sta);
+-
+ #ifdef CONFIG_P2P
+ if (sta->p2p_ie == NULL && !sta->no_p2p_set) {
+ sta->no_p2p_set = 1;
+diff --git a/src/ap/hostapd.h b/src/ap/hostapd.h
+index 5b859b8a9..2358d1664 100644
+--- a/src/ap/hostapd.h
++++ b/src/ap/hostapd.h
+@@ -179,8 +179,6 @@ struct hostapd_data {
+ u64 acct_session_id;
+ struct radius_das_data *radius_das;
+
+- struct iapp_data *iapp;
+-
+ struct hostapd_cached_radius_acl *acl_cache;
+ struct hostapd_acl_query_data *acl_queries;
+
+diff --git a/src/ap/iapp.c b/src/ap/iapp.c
+deleted file mode 100644
+index 2556da30c..000000000
+--- a/src/ap/iapp.c
++++ /dev/null
+@@ -1,542 +0,0 @@
+-/*
+- * hostapd / IEEE 802.11F-2003 Inter-Access Point Protocol (IAPP)
+- * Copyright (c) 2002-2007, Jouni Malinen <j@w1.fi>
+- *
+- * This software may be distributed under the terms of the BSD license.
+- * See README for more details.
+- *
+- * Note: IEEE 802.11F-2003 was a experimental use specification. It has expired
+- * and IEEE has withdrawn it. In other words, it is likely better to look at
+- * using some other mechanism for AP-to-AP communication than extending the
+- * implementation here.
+- */
+-
+-/* TODO:
+- * Level 1: no administrative or security support
+- * (e.g., static BSSID to IP address mapping in each AP)
+- * Level 2: support for dynamic mapping of BSSID to IP address
+- * Level 3: support for encryption and authentication of IAPP messages
+- * - add support for MOVE-notify and MOVE-response (this requires support for
+- * finding out IP address for previous AP using RADIUS)
+- * - add support for Send- and ACK-Security-Block to speedup IEEE 802.1X during
+- * reassociation to another AP
+- * - implement counters etc. for IAPP MIB
+- * - verify endianness of fields in IAPP messages; are they big-endian as
+- * used here?
+- * - RADIUS connection for AP registration and BSSID to IP address mapping
+- * - TCP connection for IAPP MOVE, CACHE
+- * - broadcast ESP for IAPP ADD-notify
+- * - ESP for IAPP MOVE messages
+- * - security block sending/processing
+- * - IEEE 802.11 context transfer
+- */
+-
+-#include "utils/includes.h"
+-#include <net/if.h>
+-#include <sys/ioctl.h>
+-#include <netpacket/packet.h>
+-
+-#include "utils/common.h"
+-#include "utils/eloop.h"
+-#include "common/ieee802_11_defs.h"
+-#include "hostapd.h"
+-#include "ap_config.h"
+-#include "ieee802_11.h"
+-#include "sta_info.h"
+-#include "iapp.h"
+-
+-
+-#define IAPP_MULTICAST "224.0.1.178"
+-#define IAPP_UDP_PORT 3517
+-#define IAPP_TCP_PORT 3517
+-
+-struct iapp_hdr {
+- u8 version;
+- u8 command;
+- be16 identifier;
+- be16 length;
+- /* followed by length-6 octets of data */
+-} __attribute__ ((packed));
+-
+-#define IAPP_VERSION 0
+-
+-enum IAPP_COMMAND {
+- IAPP_CMD_ADD_notify = 0,
+- IAPP_CMD_MOVE_notify = 1,
+- IAPP_CMD_MOVE_response = 2,
+- IAPP_CMD_Send_Security_Block = 3,
+- IAPP_CMD_ACK_Security_Block = 4,
+- IAPP_CMD_CACHE_notify = 5,
+- IAPP_CMD_CACHE_response = 6,
+-};
+-
+-
+-/* ADD-notify - multicast UDP on the local LAN */
+-struct iapp_add_notify {
+- u8 addr_len; /* ETH_ALEN */
+- u8 reserved;
+- u8 mac_addr[ETH_ALEN];
+- be16 seq_num;
+-} __attribute__ ((packed));
+-
+-
+-/* Layer 2 Update frame (802.2 Type 1 LLC XID Update response) */
+-struct iapp_layer2_update {
+- u8 da[ETH_ALEN]; /* broadcast */
+- u8 sa[ETH_ALEN]; /* STA addr */
+- be16 len; /* 6 */
+- u8 dsap; /* null DSAP address */
+- u8 ssap; /* null SSAP address, CR=Response */
+- u8 control;
+- u8 xid_info[3];
+-} __attribute__ ((packed));
+-
+-
+-/* MOVE-notify - unicast TCP */
+-struct iapp_move_notify {
+- u8 addr_len; /* ETH_ALEN */
+- u8 reserved;
+- u8 mac_addr[ETH_ALEN];
+- u16 seq_num;
+- u16 ctx_block_len;
+- /* followed by ctx_block_len bytes */
+-} __attribute__ ((packed));
+-
+-
+-/* MOVE-response - unicast TCP */
+-struct iapp_move_response {
+- u8 addr_len; /* ETH_ALEN */
+- u8 status;
+- u8 mac_addr[ETH_ALEN];
+- u16 seq_num;
+- u16 ctx_block_len;
+- /* followed by ctx_block_len bytes */
+-} __attribute__ ((packed));
+-
+-enum {
+- IAPP_MOVE_SUCCESSFUL = 0,
+- IAPP_MOVE_DENIED = 1,
+- IAPP_MOVE_STALE_MOVE = 2,
+-};
+-
+-
+-/* CACHE-notify */
+-struct iapp_cache_notify {
+- u8 addr_len; /* ETH_ALEN */
+- u8 reserved;
+- u8 mac_addr[ETH_ALEN];
+- u16 seq_num;
+- u8 current_ap[ETH_ALEN];
+- u16 ctx_block_len;
+- /* ctx_block_len bytes of context block followed by 16-bit context
+- * timeout */
+-} __attribute__ ((packed));
+-
+-
+-/* CACHE-response - unicast TCP */
+-struct iapp_cache_response {
+- u8 addr_len; /* ETH_ALEN */
+- u8 status;
+- u8 mac_addr[ETH_ALEN];
+- u16 seq_num;
+-} __attribute__ ((packed));
+-
+-enum {
+- IAPP_CACHE_SUCCESSFUL = 0,
+- IAPP_CACHE_STALE_CACHE = 1,
+-};
+-
+-
+-/* Send-Security-Block - unicast TCP */
+-struct iapp_send_security_block {
+- u8 iv[8];
+- u16 sec_block_len;
+- /* followed by sec_block_len bytes of security block */
+-} __attribute__ ((packed));
+-
+-
+-/* ACK-Security-Block - unicast TCP */
+-struct iapp_ack_security_block {
+- u8 iv[8];
+- u8 new_ap_ack_authenticator[48];
+-} __attribute__ ((packed));
+-
+-
+-struct iapp_data {
+- struct hostapd_data *hapd;
+- u16 identifier; /* next IAPP identifier */
+- struct in_addr own, multicast;
+- int udp_sock;
+- int packet_sock;
+-};
+-
+-
+-static void iapp_send_add(struct iapp_data *iapp, u8 *mac_addr, u16 seq_num)
+-{
+- char buf[128];
+- struct iapp_hdr *hdr;
+- struct iapp_add_notify *add;
+- struct sockaddr_in addr;
+-
+- /* Send IAPP ADD-notify to remove possible association from other APs
+- */
+-
+- hdr = (struct iapp_hdr *) buf;
+- hdr->version = IAPP_VERSION;
+- hdr->command = IAPP_CMD_ADD_notify;
+- hdr->identifier = host_to_be16(iapp->identifier++);
+- hdr->length = host_to_be16(sizeof(*hdr) + sizeof(*add));
+-
+- add = (struct iapp_add_notify *) (hdr + 1);
+- add->addr_len = ETH_ALEN;
+- add->reserved = 0;
+- os_memcpy(add->mac_addr, mac_addr, ETH_ALEN);
+-
+- add->seq_num = host_to_be16(seq_num);
+-
+- os_memset(&addr, 0, sizeof(addr));
+- addr.sin_family = AF_INET;
+- addr.sin_addr.s_addr = iapp->multicast.s_addr;
+- addr.sin_port = htons(IAPP_UDP_PORT);
+- if (sendto(iapp->udp_sock, buf, (char *) (add + 1) - buf, 0,
+- (struct sockaddr *) &addr, sizeof(addr)) < 0)
+- wpa_printf(MSG_INFO, "sendto[IAPP-ADD]: %s", strerror(errno));
+-}
+-
+-
+-static void iapp_send_layer2_update(struct iapp_data *iapp, u8 *addr)
+-{
+- struct iapp_layer2_update msg;
+-
+- /* Send Level 2 Update Frame to update forwarding tables in layer 2
+- * bridge devices */
+-
+- /* 802.2 Type 1 Logical Link Control (LLC) Exchange Identifier (XID)
+- * Update response frame; IEEE Std 802.2-1998, 5.4.1.2.1 */
+-
+- os_memset(msg.da, 0xff, ETH_ALEN);
+- os_memcpy(msg.sa, addr, ETH_ALEN);
+- msg.len = host_to_be16(6);
+- msg.dsap = 0; /* NULL DSAP address */
+- msg.ssap = 0x01; /* NULL SSAP address, CR Bit: Response */
+- msg.control = 0xaf; /* XID response lsb.1111F101.
+- * F=0 (no poll command; unsolicited frame) */
+- msg.xid_info[0] = 0x81; /* XID format identifier */
+- msg.xid_info[1] = 1; /* LLC types/classes: Type 1 LLC */
+- msg.xid_info[2] = 1 << 1; /* XID sender's receive window size (RW)
+- * FIX: what is correct RW with 802.11? */
+-
+- if (send(iapp->packet_sock, &msg, sizeof(msg), 0) < 0)
+- wpa_printf(MSG_INFO, "send[L2 Update]: %s", strerror(errno));
+-}
+-
+-
+-/**
+- * iapp_new_station - IAPP processing for a new STA
+- * @iapp: IAPP data
+- * @sta: The associated station
+- */
+-void iapp_new_station(struct iapp_data *iapp, struct sta_info *sta)
+-{
+- u16 seq = 0; /* TODO */
+-
+- if (iapp == NULL)
+- return;
+-
+- /* IAPP-ADD.request(MAC Address, Sequence Number, Timeout) */
+- hostapd_logger(iapp->hapd, sta->addr, HOSTAPD_MODULE_IAPP,
+- HOSTAPD_LEVEL_DEBUG, "IAPP-ADD.request(seq=%d)", seq);
+- iapp_send_layer2_update(iapp, sta->addr);
+- iapp_send_add(iapp, sta->addr, seq);
+-
+- /* TODO: If this was reassociation:
+- * IAPP-MOVE.request(MAC Address, Sequence Number, Old AP,
+- * Context Block, Timeout)
+- * TODO: Send IAPP-MOVE to the old AP; Map Old AP BSSID to
+- * IP address */
+-}
+-
+-
+-static void iapp_process_add_notify(struct iapp_data *iapp,
+- struct sockaddr_in *from,
+- struct iapp_hdr *hdr, int len)
+-{
+- struct iapp_add_notify *add = (struct iapp_add_notify *) (hdr + 1);
+- struct sta_info *sta;
+-
+- if (len != sizeof(*add)) {
+- wpa_printf(MSG_INFO, "Invalid IAPP-ADD packet length %d (expected %lu)",
+- len, (unsigned long) sizeof(*add));
+- return;
+- }
+-
+- sta = ap_get_sta(iapp->hapd, add->mac_addr);
+-
+- /* IAPP-ADD.indication(MAC Address, Sequence Number) */
+- hostapd_logger(iapp->hapd, add->mac_addr, HOSTAPD_MODULE_IAPP,
+- HOSTAPD_LEVEL_INFO,
+- "Received IAPP ADD-notify (seq# %d) from %s:%d%s",
+- be_to_host16(add->seq_num),
+- inet_ntoa(from->sin_addr), ntohs(from->sin_port),
+- sta ? "" : " (STA not found)");
+-
+- if (!sta)
+- return;
+-
+- /* TODO: could use seq_num to try to determine whether last association
+- * to this AP is newer than the one advertised in IAPP-ADD. Although,
+- * this is not really a reliable verification. */
+-
+- hostapd_logger(iapp->hapd, add->mac_addr, HOSTAPD_MODULE_IAPP,
+- HOSTAPD_LEVEL_DEBUG,
+- "Removing STA due to IAPP ADD-notify");
+- ap_sta_disconnect(iapp->hapd, sta, NULL, 0);
+-}
+-
+-
+-/**
+- * iapp_receive_udp - Process IAPP UDP frames
+- * @sock: File descriptor for the socket
+- * @eloop_ctx: IAPP data (struct iapp_data *)
+- * @sock_ctx: Not used
+- */
+-static void iapp_receive_udp(int sock, void *eloop_ctx, void *sock_ctx)
+-{
+- struct iapp_data *iapp = eloop_ctx;
+- int len, hlen;
+- unsigned char buf[128];
+- struct sockaddr_in from;
+- socklen_t fromlen;
+- struct iapp_hdr *hdr;
+-
+- /* Handle incoming IAPP frames (over UDP/IP) */
+-
+- fromlen = sizeof(from);
+- len = recvfrom(iapp->udp_sock, buf, sizeof(buf), 0,
+- (struct sockaddr *) &from, &fromlen);
+- if (len < 0) {
+- wpa_printf(MSG_INFO, "iapp_receive_udp - recvfrom: %s",
+- strerror(errno));
+- return;
+- }
+-
+- if (from.sin_addr.s_addr == iapp->own.s_addr)
+- return; /* ignore own IAPP messages */
+-
+- hostapd_logger(iapp->hapd, NULL, HOSTAPD_MODULE_IAPP,
+- HOSTAPD_LEVEL_DEBUG,
+- "Received %d byte IAPP frame from %s%s\n",
+- len, inet_ntoa(from.sin_addr),
+- len < (int) sizeof(*hdr) ? " (too short)" : "");
+-
+- if (len < (int) sizeof(*hdr))
+- return;
+-
+- hdr = (struct iapp_hdr *) buf;
+- hlen = be_to_host16(hdr->length);
+- hostapd_logger(iapp->hapd, NULL, HOSTAPD_MODULE_IAPP,
+- HOSTAPD_LEVEL_DEBUG,
+- "RX: version=%d command=%d id=%d len=%d\n",
+- hdr->version, hdr->command,
+- be_to_host16(hdr->identifier), hlen);
+- if (hdr->version != IAPP_VERSION) {
+- wpa_printf(MSG_INFO, "Dropping IAPP frame with unknown version %d",
+- hdr->version);
+- return;
+- }
+- if (hlen > len) {
+- wpa_printf(MSG_INFO, "Underflow IAPP frame (hlen=%d len=%d)",
+- hlen, len);
+- return;
+- }
+- if (hlen < len) {
+- wpa_printf(MSG_INFO, "Ignoring %d extra bytes from IAPP frame",
+- len - hlen);
+- len = hlen;
+- }
+-
+- switch (hdr->command) {
+- case IAPP_CMD_ADD_notify:
+- iapp_process_add_notify(iapp, &from, hdr, len - sizeof(*hdr));
+- break;
+- case IAPP_CMD_MOVE_notify:
+- /* TODO: MOVE is using TCP; so move this to TCP handler once it
+- * is implemented.. */
+- /* IAPP-MOVE.indication(MAC Address, New BSSID,
+- * Sequence Number, AP Address, Context Block) */
+- /* TODO: process */
+- break;
+- default:
+- wpa_printf(MSG_INFO, "Unknown IAPP command %d", hdr->command);
+- break;
+- }
+-}
+-
+-
+-struct iapp_data * iapp_init(struct hostapd_data *hapd, const char *iface)
+-{
+- struct ifreq ifr;
+- struct sockaddr_ll addr;
+- int ifindex;
+- struct sockaddr_in *paddr, uaddr;
+- struct iapp_data *iapp;
+- struct ip_mreqn mreq;
+- int reuseaddr = 1;
+-
+- iapp = os_zalloc(sizeof(*iapp));
+- if (iapp == NULL)
+- return NULL;
+- iapp->hapd = hapd;
+- iapp->udp_sock = iapp->packet_sock = -1;
+-
+- /* TODO:
+- * open socket for sending and receiving IAPP frames over TCP
+- */
+-
+- iapp->udp_sock = socket(PF_INET, SOCK_DGRAM, 0);
+- if (iapp->udp_sock < 0) {
+- wpa_printf(MSG_INFO, "iapp_init - socket[PF_INET,SOCK_DGRAM]: %s",
+- strerror(errno));
+- iapp_deinit(iapp);
+- return NULL;
+- }
+-
+- os_memset(&ifr, 0, sizeof(ifr));
+- os_strlcpy(ifr.ifr_name, iface, sizeof(ifr.ifr_name));
+- if (ioctl(iapp->udp_sock, SIOCGIFINDEX, &ifr) != 0) {
+- wpa_printf(MSG_INFO, "iapp_init - ioctl(SIOCGIFINDEX): %s",
+- strerror(errno));
+- iapp_deinit(iapp);
+- return NULL;
+- }
+- ifindex = ifr.ifr_ifindex;
+-
+- if (ioctl(iapp->udp_sock, SIOCGIFADDR, &ifr) != 0) {
+- wpa_printf(MSG_INFO, "iapp_init - ioctl(SIOCGIFADDR): %s",
+- strerror(errno));
+- iapp_deinit(iapp);
+- return NULL;
+- }
+- paddr = (struct sockaddr_in *) &ifr.ifr_addr;
+- if (paddr->sin_family != AF_INET) {
+- wpa_printf(MSG_INFO, "IAPP: Invalid address family %i (SIOCGIFADDR)",
+- paddr->sin_family);
+- iapp_deinit(iapp);
+- return NULL;
+- }
+- iapp->own.s_addr = paddr->sin_addr.s_addr;
+-
+- if (ioctl(iapp->udp_sock, SIOCGIFBRDADDR, &ifr) != 0) {
+- wpa_printf(MSG_INFO, "iapp_init - ioctl(SIOCGIFBRDADDR): %s",
+- strerror(errno));
+- iapp_deinit(iapp);
+- return NULL;
+- }
+- paddr = (struct sockaddr_in *) &ifr.ifr_addr;
+- if (paddr->sin_family != AF_INET) {
+- wpa_printf(MSG_INFO, "Invalid address family %i (SIOCGIFBRDADDR)",
+- paddr->sin_family);
+- iapp_deinit(iapp);
+- return NULL;
+- }
+- inet_aton(IAPP_MULTICAST, &iapp->multicast);
+-
+- os_memset(&uaddr, 0, sizeof(uaddr));
+- uaddr.sin_family = AF_INET;
+- uaddr.sin_port = htons(IAPP_UDP_PORT);
+-
+- if (setsockopt(iapp->udp_sock, SOL_SOCKET, SO_REUSEADDR, &reuseaddr,
+- sizeof(reuseaddr)) < 0) {
+- wpa_printf(MSG_INFO,
+- "iapp_init - setsockopt[UDP,SO_REUSEADDR]: %s",
+- strerror(errno));
+- /*
+- * Ignore this and try to continue. This is fine for single
+- * BSS cases, but may fail if multiple BSSes enable IAPP.
+- */
+- }
+-
+- if (bind(iapp->udp_sock, (struct sockaddr *) &uaddr,
+- sizeof(uaddr)) < 0) {
+- wpa_printf(MSG_INFO, "iapp_init - bind[UDP]: %s",
+- strerror(errno));
+- iapp_deinit(iapp);
+- return NULL;
+- }
+-
+- os_memset(&mreq, 0, sizeof(mreq));
+- mreq.imr_multiaddr = iapp->multicast;
+- mreq.imr_address.s_addr = INADDR_ANY;
+- mreq.imr_ifindex = 0;
+- if (setsockopt(iapp->udp_sock, SOL_IP, IP_ADD_MEMBERSHIP, &mreq,
+- sizeof(mreq)) < 0) {
+- wpa_printf(MSG_INFO, "iapp_init - setsockopt[UDP,IP_ADD_MEMBERSHIP]: %s",
+- strerror(errno));
+- iapp_deinit(iapp);
+- return NULL;
+- }
+-
+- iapp->packet_sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
+- if (iapp->packet_sock < 0) {
+- wpa_printf(MSG_INFO, "iapp_init - socket[PF_PACKET,SOCK_RAW]: %s",
+- strerror(errno));
+- iapp_deinit(iapp);
+- return NULL;
+- }
+-
+- os_memset(&addr, 0, sizeof(addr));
+- addr.sll_family = AF_PACKET;
+- addr.sll_ifindex = ifindex;
+- if (bind(iapp->packet_sock, (struct sockaddr *) &addr,
+- sizeof(addr)) < 0) {
+- wpa_printf(MSG_INFO, "iapp_init - bind[PACKET]: %s",
+- strerror(errno));
+- iapp_deinit(iapp);
+- return NULL;
+- }
+-
+- if (eloop_register_read_sock(iapp->udp_sock, iapp_receive_udp,
+- iapp, NULL)) {
+- wpa_printf(MSG_INFO, "Could not register read socket for IAPP");
+- iapp_deinit(iapp);
+- return NULL;
+- }
+-
+- wpa_printf(MSG_INFO, "IEEE 802.11F (IAPP) using interface %s", iface);
+-
+- /* TODO: For levels 2 and 3: send RADIUS Initiate-Request, receive
+- * RADIUS Initiate-Accept or Initiate-Reject. IAPP port should actually
+- * be openned only after receiving Initiate-Accept. If Initiate-Reject
+- * is received, IAPP is not started. */
+-
+- return iapp;
+-}
+-
+-
+-void iapp_deinit(struct iapp_data *iapp)
+-{
+- struct ip_mreqn mreq;
+-
+- if (iapp == NULL)
+- return;
+-
+- if (iapp->udp_sock >= 0) {
+- os_memset(&mreq, 0, sizeof(mreq));
+- mreq.imr_multiaddr = iapp->multicast;
+- mreq.imr_address.s_addr = INADDR_ANY;
+- mreq.imr_ifindex = 0;
+- if (setsockopt(iapp->udp_sock, SOL_IP, IP_DROP_MEMBERSHIP,
+- &mreq, sizeof(mreq)) < 0) {
+- wpa_printf(MSG_INFO, "iapp_deinit - setsockopt[UDP,IP_DEL_MEMBERSHIP]: %s",
+- strerror(errno));
+- }
+-
+- eloop_unregister_read_sock(iapp->udp_sock);
+- close(iapp->udp_sock);
+- }
+- if (iapp->packet_sock >= 0) {
+- eloop_unregister_read_sock(iapp->packet_sock);
+- close(iapp->packet_sock);
+- }
+- os_free(iapp);
+-}
+diff --git a/src/ap/iapp.h b/src/ap/iapp.h
+deleted file mode 100644
+index c22118342..000000000
+--- a/src/ap/iapp.h
++++ /dev/null
+@@ -1,39 +0,0 @@
+-/*
+- * hostapd / IEEE 802.11F-2003 Inter-Access Point Protocol (IAPP)
+- * Copyright (c) 2002-2005, Jouni Malinen <j@w1.fi>
+- *
+- * This software may be distributed under the terms of the BSD license.
+- * See README for more details.
+- */
+-
+-#ifndef IAPP_H
+-#define IAPP_H
+-
+-struct iapp_data;
+-
+-#ifdef CONFIG_IAPP
+-
+-void iapp_new_station(struct iapp_data *iapp, struct sta_info *sta);
+-struct iapp_data * iapp_init(struct hostapd_data *hapd, const char *iface);
+-void iapp_deinit(struct iapp_data *iapp);
+-
+-#else /* CONFIG_IAPP */
+-
+-static inline void iapp_new_station(struct iapp_data *iapp,
+- struct sta_info *sta)
+-{
+-}
+-
+-static inline struct iapp_data * iapp_init(struct hostapd_data *hapd,
+- const char *iface)
+-{
+- return NULL;
+-}
+-
+-static inline void iapp_deinit(struct iapp_data *iapp)
+-{
+-}
+-
+-#endif /* CONFIG_IAPP */
+-
+-#endif /* IAPP_H */
+diff --git a/src/utils/wpa_debug.h b/src/utils/wpa_debug.h
+index 1fe0b7db7..c94c4391f 100644
+--- a/src/utils/wpa_debug.h
++++ b/src/utils/wpa_debug.h
+@@ -305,7 +305,6 @@ void hostapd_logger_register_cb(hostapd_logger_cb_func func);
+ #define HOSTAPD_MODULE_RADIUS 0x00000004
+ #define HOSTAPD_MODULE_WPA 0x00000008
+ #define HOSTAPD_MODULE_DRIVER 0x00000010
+-#define HOSTAPD_MODULE_IAPP 0x00000020
+ #define HOSTAPD_MODULE_MLME 0x00000040
+
+ enum hostapd_logger_level {
+--
+2.17.1
+
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/hostapd/hostapd_2.9.bb b/meta-openembedded/meta-oe/recipes-connectivity/hostapd/hostapd_2.9.bb
index 68dc123..1f38eee 100644
--- a/meta-openembedded/meta-oe/recipes-connectivity/hostapd/hostapd_2.9.bb
+++ b/meta-openembedded/meta-oe/recipes-connectivity/hostapd/hostapd_2.9.bb
@@ -12,6 +12,7 @@
file://init \
file://hostapd.service \
file://CVE-2019-16275.patch \
+ file://CVE-2019-5061.patch \
"
SRC_URI[md5sum] = "f188fc53a495fe7af3b6d77d3c31dee8"
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix/0001-Fix-configure.ac.patch b/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix/0001-Fix-configure.ac.patch
index af14a1a..97339d3 100644
--- a/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix/0001-Fix-configure.ac.patch
+++ b/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix/0001-Fix-configure.ac.patch
@@ -1,5 +1,7 @@
uname can not get version of kernel correctly while cross compile
+Upstream-Status: Inappropriate [configuration]
+
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
---
configure.ac | 2 +-
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2020-15803.patch b/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2020-15803.patch
deleted file mode 100644
index 2eec4bf..0000000
--- a/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2020-15803.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From 4943334fd9bf7dffd49f9e86251ad40b3efe2135 Mon Sep 17 00:00:00 2001
-From: Wang Mingyu <wangmy@cn.fujitsu.com>
-Date: Fri, 11 Dec 2020 17:02:20 +0900
-Subject: [PATCH] Fix bug for CVE-2020-15803
-
-Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
----
- frontends/php/include/classes/html/CIFrame.php | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/frontends/php/include/classes/html/CIFrame.php b/frontends/php/include/classes/html/CIFrame.php
-index 32220cd..70f2ab5 100644
---- a/frontends/php/include/classes/html/CIFrame.php
-+++ b/frontends/php/include/classes/html/CIFrame.php
-@@ -29,6 +29,7 @@ class CIFrame extends CTag {
- $this->setHeight($height);
- $this->setScrolling($scrolling);
- $this->setId($id);
-+ $this->setSandbox();
- }
-
- public function setSrc($value = null) {
-@@ -69,4 +70,10 @@ class CIFrame extends CTag {
- $this->setAttribute('scrolling', $value);
- return $this;
- }
-+
-+ private function setSandbox() {
-+ if (ZBX_IFRAME_SANDBOX !== false) {
-+ $this->setAttribute('sandbox', ZBX_IFRAME_SANDBOX);
-+ }
-+ }
- }
---
-2.25.1
-
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_4.4.6.bb b/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_5.2.5.bb
similarity index 88%
rename from meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_4.4.6.bb
rename to meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_5.2.5.bb
index 98a3187..2bbfec9 100644
--- a/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_4.4.6.bb
+++ b/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_5.2.5.bb
@@ -23,14 +23,13 @@
PACKAGE_ARCH = "${MACHINE_ARCH}"
-SRC_URI = "http://jaist.dl.sourceforge.net/project/zabbix/ZABBIX%20Latest%20Stable/${PV}/${BPN}-${PV}.tar.gz \
+SRC_URI = "https://cdn.zabbix.com/zabbix/sources/stable/5.2/${BPN}-${PV}.tar.gz \
file://0001-Fix-configure.ac.patch \
file://zabbix-agent.service \
- file://CVE-2020-15803.patch \
"
-SRC_URI[md5sum] = "e666539220be93b1af38e40f5fbb1f79"
-SRC_URI[sha256sum] = "22bb28e667424ad4688f47732853f4241df0e78a7607727b043d704ba726ae0e"
+SRC_URI[md5sum] = "e90822716c5c241890f6fed1588b5451"
+SRC_URI[sha256sum] = "ce0d9745a8b9154e87d6906edd0fce7b7ec298acd34a0543ea53d1a5f2f14bc5"
inherit autotools-brokensep linux-kernel-base pkgconfig systemd useradd
@@ -58,7 +57,8 @@
--with-zlib \
--with-libpthread \
--with-libevent \
- --with-libpcre \
+ --with-libpcre=${STAGING_EXECPREFIXDIR} \
+ --with-iconv=${STAGING_EXECPREFIXDIR} \
"
CFLAGS_append = " -lldap -llber -pthread"
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/zeromq/czmq_4.2.1.bb b/meta-openembedded/meta-oe/recipes-connectivity/zeromq/czmq_4.2.1.bb
index e742d2a..e6a4bc4 100644
--- a/meta-openembedded/meta-oe/recipes-connectivity/zeromq/czmq_4.2.1.bb
+++ b/meta-openembedded/meta-oe/recipes-connectivity/zeromq/czmq_4.2.1.bb
@@ -30,3 +30,7 @@
BBCLASSEXTEND = "nativesdk"
+do_install_append() {
+ mkdir -p ${D}/${includedir}/${BPN}
+ mv ${D}/${includedir}/sha1.h ${D}/${includedir}/${BPN}/.
+}