diff --git a/patches/hostapd/0002-do-not-recreate-interfaces.patch b/patches/hostapd/0002-do-not-recreate-interfaces.patch new file mode 100644 index 000000000..0dfe9aa40 --- /dev/null +++ b/patches/hostapd/0002-do-not-recreate-interfaces.patch @@ -0,0 +1,13 @@ +diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c +index 2406658da..4226a98ca 100644 +--- a/src/ap/hostapd.c ++++ b/src/ap/hostapd.c +@@ -1508,7 +1496,7 @@ static int hostapd_setup_bss(struct hostapd_data *hapd, int first, + conf->iface, addr, hapd, + &hapd->drv_priv, force_ifname, if_addr, + conf->bridge[0] ? conf->bridge : NULL, +- first == -1)) { ++ 1)) { + wpa_printf(MSG_ERROR, "Failed to add BSS (BSSID=" + MACSTR ")", MAC2STR(hapd->own_addr)); + hapd->interface_added = 0; diff --git a/src/confd/yang/confd/infix-if-wireguard.yang b/src/confd/yang/confd/infix-if-wireguard.yang index 6afb3c17c..20ca77d93 100644 --- a/src/confd/yang/confd/infix-if-wireguard.yang +++ b/src/confd/yang/confd/infix-if-wireguard.yang @@ -75,7 +75,7 @@ submodule infix-if-wireguard { This provides post-quantum resistance as an attacker would need to break both the Curve25519 key exchange and this symmetric key."; - must "derived-from-or-self(deref(.)/../ks:key-format, 'ixct:wireguard-symmetric-key-format')" { + must "derived-from-or-self(deref(.)/../infix-ks:key-format, 'ixct:wireguard-symmetric-key-format')" { error-message "Preshared key must be in wireguard-symmetric-key-format"; } } diff --git a/src/confd/yang/confd/infix-keystore.yang b/src/confd/yang/confd/infix-keystore.yang index ec7536d6f..9f1f61bd6 100644 --- a/src/confd/yang/confd/infix-keystore.yang +++ b/src/confd/yang/confd/infix-keystore.yang @@ -39,10 +39,19 @@ module infix-keystore { } } deviation "/ks:keystore/ks:symmetric-keys/ks:symmetric-key/ks:key-format" { - deviate replace { + deviate not-supported; + } + augment "/ks:keystore/ks:symmetric-keys/ks:symmetric-key" { + leaf key-format { type identityref { base infix-ct:symmetric-key-format; } + description + "Identifies the symmetric key's format + + Valid symmetric key formats are: + wifi-preshared-key-format - WiFi preshared key + wireguard-symmetric-key-format - WireGuard preshared key"; } } deviation "/ks:keystore/ks:symmetric-keys/ks:symmetric-key/ks:key-type/ks:cleartext-symmetric-key" { @@ -52,7 +61,7 @@ module infix-keystore { case cleartext-symmetric-key { leaf symmetric-key { type string; - must "../../key-format != 'infix-ct:wifi-preshared-key-format' or " + + must "../infix-ks:key-format != 'infix-ct:wifi-preshared-key-format' or " + "(string-length(.) >= 8 and string-length(.) <= 63)" { error-message "WiFi pre-shared key must be 8-63 characters long"; } diff --git a/test/case/interfaces/wireguard_multipoint/test.py b/test/case/interfaces/wireguard_multipoint/test.py index bb9e86645..531192103 100755 --- a/test/case/interfaces/wireguard_multipoint/test.py +++ b/test/case/interfaces/wireguard_multipoint/test.py @@ -76,11 +76,11 @@ def configure_server(dut): "symmetric-key": [{ "name": "psk-client1", "infix-keystore:symmetric-key": psk_client1, - "key-format": "infix-crypto-types:wireguard-symmetric-key-format" + "infix-keystore:key-format": "infix-crypto-types:wireguard-symmetric-key-format" }, { "name": "psk-client2", "infix-keystore:symmetric-key": psk_client2, - "key-format": "infix-crypto-types:wireguard-symmetric-key-format" + "infix-keystore:key-format": "infix-crypto-types:wireguard-symmetric-key-format" }] } } @@ -227,7 +227,7 @@ def configure_client1(dut): "symmetric-key": [{ "name": "psk-server", "infix-keystore:symmetric-key": psk_client1, - "key-format": "infix-crypto-types:wireguard-symmetric-key-format" + "infix-keystore:key-format": "infix-crypto-types:wireguard-symmetric-key-format" }] } } @@ -361,7 +361,7 @@ def configure_client2(dut): "symmetric-key": [{ "name": "psk-server", "infix-keystore:symmetric-key": psk_client2, - "key-format": "infix-crypto-types:wireguard-symmetric-key-format" + "infix-keystore:key-format": "infix-crypto-types:wireguard-symmetric-key-format" }] } }