Hostapd and WPS - which steps are necessary? (in Raspbian)

Consider the following situation:
I do have two Raspberry Pi Model 3, one of them running the latest Raspbian, the other one running LEDE. Now I've configured hostapd on both, using the default WPS enabled config for openWRT / LEDE, like suggested e.g. here:

While the LEDE Pi is running nicely, the Raspbian Pi won't let me use WPS - any connection attempt times out.
Also the Raspbian Pi does not advertise WPS, while the LEDE Pi does so (e.g. the wifi entry for the device shows "WPS available" on my smartphone).

As I already checked the Raspian hostapd for having set the correct build options (read: compiled it myself having the necessary options enabled), I reckon the problem being somewhere in the configuration of the devices.

Can anybody point me out, if there's more configuration needed than having the hostapd.conf set up accordingly ?
What is the exact meaning of the wps_pushbutton=1 option for the LEDE wireless config ?
Is it only needed to generate the hostapd.conf, or is there any other step I'm missing ?

How can the very same software setup and config produce different outcomes on LEDE vs Raspbian ? :frowning:

Any help would be highly appreciated

hostapd.conf for the radio is likely the only config file that you need at the end. Not quite sure if the wpa_supplicant needs anything. In Openwrt/LEDE the wps things are translated from uci settings to hostapd.conf, so you might check the hpstapd init script (in netifd?)

You might need additional packages that provide hostapd_cli etc. utils, at least for testing the wps functionality (and for activating/triggering the wps polling, when needed). Not sure what gets installed by default in Raspbian.

Some hostapd versions do not like if you have different wps settings for different interfaces on the same radio:
https://dev.openwrt.org/ticket/19485

Not direct answer to your questions, but some links that may help you in looking into the matter further.
https://forum.openwrt.org/viewtopic.php?pid=272476

https://forum.openwrt.org/viewtopic.php?pid=309712#p309712

hynman, thank you for your reply.
I've read trough the links you provided but couldn't find anything that could take me further.

On the other hand, I noticed that there is a minor difference in between the config outputs of both devices:
hostapd_cli get_config shows wpa=2 on the LEDE device, on the Raspian this output is missing.

Also, hoping that may help, here's the startup log of the Raspbian device's hostapd:

sudo hostapd -dd /etc/hostapd//hostapd.conf 
random: Trying to read entropy from /dev/random
Configuration file: /etc/hostapd//hostapd.conf
rfkill: initial event: idx=0 type=1 op=0 soft=0 hard=0
rfkill: initial event: idx=1 type=2 op=0 soft=0 hard=0
nl80211: TDLS supported
nl80211: Supported cipher 00-0f-ac:1
nl80211: Supported cipher 00-0f-ac:5
nl80211: Supported cipher 00-0f-ac:2
nl80211: Supported cipher 00-0f-ac:4
nl80211: Using driver-based off-channel TX
nl80211: Supported vendor command: vendor_id=0x1018 subcmd=1
nl80211: Use separate P2P group interface (driver advertised support)
nl80211: interface wlan0 in phy phy0
nl80211: Set mode ifindex 3 iftype 3 (AP)
nl80211: Setup AP(wlan0) - device_ap_sme=0 use_monitor=1
nl80211: Create interface iftype 6 (MONITOR)
Failed to create interface mon.wlan0: -95 (Operation not supported)
nl80211: Driver does not support monitor interface type - try to run without it
nl80211: Enable Probe Request reporting nl_preq=0x55284fe8
nl80211: Register frame type=0x40 (WLAN_FC_STYPE_PROBE_REQ) nl_handle=0x55284fe8 match=
nl80211: Register frame command failed (type=64): ret=-22 (Invalid argument)
nl80211: Register frame match - hexdump(len=0): [NULL]
nl80211: Failed to enable Probe Request frame reporting in AP mode
nl80211: Add own interface ifindex 3
nl80211: if_indices[16]: 3
nl80211: Do not indicate P2P_DEVICE support (p2p_device=1 driver param not specified)
phy: phy0
BSS count 1, BSSID mask 00:00:00:00:00:00 (0 bits)
Using existing control interface directory.
nl80211: Regulatory information - country=00
nl80211: 2402-2472 @ 40 MHz 20 mBm
nl80211: 2457-2482 @ 20 MHz 20 mBm (no IR)
nl80211: 2474-2494 @ 20 MHz 20 mBm (no OFDM) (no IR)
nl80211: 5170-5250 @ 80 MHz 20 mBm (no IR)
nl80211: 5250-5330 @ 80 MHz 20 mBm (DFS) (no IR)
nl80211: 5490-5730 @ 160 MHz 20 mBm (DFS) (no IR)
nl80211: 5735-5835 @ 80 MHz 20 mBm (no IR)
nl80211: 57240-63720 @ 2160 MHz 0 mBm
nl80211: Added 802.11b mode based on 802.11g information
Allowed channel: mode=1 chan=1 freq=2412 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=2 freq=2417 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=3 freq=2422 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=4 freq=2427 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=5 freq=2432 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=6 freq=2437 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=7 freq=2442 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=8 freq=2447 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=9 freq=2452 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=10 freq=2457 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=11 freq=2462 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=1 freq=2412 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=2 freq=2417 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=3 freq=2422 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=4 freq=2427 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=5 freq=2432 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=6 freq=2437 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=7 freq=2442 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=8 freq=2447 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=9 freq=2452 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=10 freq=2457 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=11 freq=2462 MHz max_tx_power=20 dBm
hw vht capab: 0x0, conf vht capab: 0x0
Completing interface initialization
Mode: IEEE 802.11g  Channel: 11  Frequency: 2462 MHz
DFS 0 channels required radar detection
nl80211: Set freq 2462 (ht_enabled=1, vht_enabled=0, bandwidth=20 MHz, cf1=2462 MHz, cf2=0 MHz)
RATE[0] rate=10 flags=0x1
RATE[1] rate=20 flags=0x1
RATE[2] rate=55 flags=0x1
RATE[3] rate=110 flags=0x1
RATE[4] rate=60 flags=0x0
RATE[5] rate=90 flags=0x0
RATE[6] rate=120 flags=0x0
RATE[7] rate=180 flags=0x0
RATE[8] rate=240 flags=0x0
RATE[9] rate=360 flags=0x0
RATE[10] rate=480 flags=0x0
RATE[11] rate=540 flags=0x0
hostapd_setup_bss(hapd=0x55285670 (wlan0), first=1)
wlan0: Flushing old station entries
nl80211: flush -> DEL_STATION wlan0 (all)
nl80211: Station flush failed: ret=-14 (Bad address)
wlan0: Could not connect to kernel driver
wlan0: Deauthenticate all stations
nl80211: sta_remove -> DEL_STATION wlan0 ff:ff:ff:ff:ff:ff --> 0 (Success)
wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=0 addr=(nil) key_idx=0 set_tx=0 seq_len=0 key_len=0
nl80211: set_key failed; err=-22 Invalid argument)
Failed to clear default encryption keys (ifname=wlan0 keyidx=0)
wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=0 addr=(nil) key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=0 addr=(nil) key_idx=2 set_tx=0 seq_len=0 key_len=0
nl80211: set_key failed; err=-22 Invalid argument)
Failed to clear default encryption keys (ifname=wlan0 keyidx=2)
wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=0 addr=(nil) key_idx=3 set_tx=0 seq_len=0 key_len=0
nl80211: set_key failed; err=-22 Invalid argument)
Failed to clear default encryption keys (ifname=wlan0 keyidx=3)
Using interface wlan0 with hwaddr b8:27:eb:7d:d8:d5 and ssid "PIFI"
Deriving WPA PSK based on passphrase
SSID - hexdump_ascii(len=4):
     50 49 46 49                                       PIFI            
PSK (ASCII passphrase) - hexdump_ascii(len=10): [REMOVED]
PSK (from passphrase) - hexdump(len=32): [REMOVED]
WPS: UUID based on MAC address - hexdump(len=16): 7a c7 6f 11 cc 71 5e d6 9e 3c b4 e9 06 b2 d3 b3
WPS: Converting push_button to virtual_push_button for WPS 2.0 compliance
WPS: Build Beacon IEs
WPS:  * Version (hardcoded 0x10)
WPS:  * Wi-Fi Protected Setup State (2)
WPS:  * Version2 (0x20)
WPS: Build Probe Response IEs
WPS:  * Version (hardcoded 0x10)
WPS:  * Wi-Fi Protected Setup State (2)
WPS:  * Response Type (3)
WPS:  * UUID-E
WPS:  * Manufacturer
WPS:  * Model Name
WPS:  * Model Number
WPS:  * Serial Number
WPS:  * Primary Device Type
WPS:  * Device Name
WPS:  * Config Methods (0)
WPS:  * Version2 (0x20)
random: Got 20/20 bytes from /dev/random
Get randomness: len=32 entropy=0
GMK - hexdump(len=32): [REMOVED]
Get randomness: len=32 entropy=0
Key Counter - hexdump(len=32): [REMOVED]
WPA: Delay group state machine start until Beacon frames have been configured
WPS: Building WPS IE for (Re)Association Response
WPS:  * Version (hardcoded 0x10)
WPS:  * Response Type (3)
WPS:  * Version2 (0x20)
nl80211: Set beacon (beacon_set=0)
nl80211: Beacon head - hexdump(len=55): 80 00 00 00 ff ff ff ff ff ff b8 27 eb 7d d8 d5 b8 27 eb 7d d8 d5 00 00 00 00 00 00 00 00 00 00 64 00 31 04 00 04 50 49 46 49 01 08 82 84 8b 96 0c 12 18 24 03 01 0b
nl80211: Beacon tail - hexdump(len=141): 2a 01 00 32 04 30 48 60 6c 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 0c 00 2d 1a 2c 10 1f ff 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 3d 16 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7f 04 00 00 00 02 dd 18 00 50 f2 02 01 01 00 00 03 a4 00 00 27 a4 00 00 42 43 5e 00 62 32 2f 00 dd 18 00 50 f2 04 10 4a 00 01 10 10 44 00 01 02 10 49 00 06 00 37 2a 00 01 20
nl80211: ifindex=3
nl80211: beacon_int=100
nl80211: dtim_period=2
nl80211: ssid - hexdump_ascii(len=4):
     50 49 46 49                                       PIFI            
nl80211: hidden SSID not in use
nl80211: privacy=1
nl80211: auth_algs=0x1
nl80211: wpa_version=0x2
nl80211: key_mgmt_suites=0x2
nl80211: pairwise_ciphers=0x10
nl80211: group_cipher=0x10
nl80211: beacon_ies - hexdump(len=32): 7f 04 00 00 00 02 dd 18 00 50 f2 04 10 4a 00 01 10 10 44 00 01 02 10 49 00 06 00 37 2a 00 01 20
nl80211: proberesp_ies - hexdump(len=125): 7f 04 00 00 00 02 dd 75 00 50 f2 04 10 4a 00 01 10 10 44 00 01 02 10 3b 00 01 03 10 47 00 10 7a c7 6f 11 cc 71 5e d6 9e 3c b4 e9 06 b2 d3 b3 10 21 00 14 77 77 77 2e 6c 65 64 65 2d 70 72 6f 6a 65 63 74 2e 6f 72 67 10 23 00 01 20 10 24 00 01 20 10 42 00 01 20 10 54 00 08 00 06 00 50 f2 04 00 01 10 11 00 07 4c 65 64 65 20 41 50 10 08 00 02 00 00 10 49 00 06 00 37 2a 00 01 20
nl80211: assocresp_ies - hexdump(len=32): 7f 04 00 00 00 02 dd 18 00 50 f2 04 10 4a 00 01 10 10 3b 00 01 03 10 49 00 06 00 37 2a 00 01 20
WPA: Start group state machine to set initial keys
WPA: group state machine entering state GTK_INIT (VLAN-ID 0)
Get randomness: len=16 entropy=0
GTK - hexdump(len=16): [REMOVED]
WPA: group state machine entering state SETKEYSDONE (VLAN-ID 0)
wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=3 addr=0x54c55358 key_idx=1 set_tx=1 seq_len=0 key_len=16
nl80211: KEY_DATA - hexdump(len=16): [REMOVED]
   broadcast key
nl80211: Set wlan0 operstate 0->1 (UP)
netlink: Operstate: ifindex=3 linkmode=-1 (no change), operstate=6 (IF_OPER_UP)
Failed to set TX queue parameters for queue 0.
Failed to set TX queue parameters for queue 1.
Failed to set TX queue parameters for queue 2.
Failed to set TX queue parameters for queue 3.
wlan0: interface state UNINITIALIZED->ENABLED
wlan0: AP-ENABLED 
wlan0: Setup of interface done.
ctrl_iface not configured!
RTM_NEWLINK: ifi_index=3 ifname=wlan0 operstate=2 linkmode=0 ifi_family=0 ifi_flags=0x1002 ()
nl80211: Ignore interface down event since interface wlan0 is up
RTM_NEWLINK: ifi_index=3 ifname=wlan0 operstate=2 linkmode=0 ifi_family=0 ifi_flags=0x1002 ()
nl80211: Ignore interface down event since interface wlan0 is up
RTM_NEWLINK: ifi_index=3 ifname=wlan0 operstate=2 linkmode=0 ifi_family=0 ifi_flags=0x1003 ([UP])
RTM_NEWLINK: ifi_index=3 ifname=wlan0 operstate=6 linkmode=0 ifi_family=0 ifi_flags=0x11043 ([UP][RUNNING][LOWER_UP])
VLAN: vlan_newlink(wlan0)

If I would guess this as the most likely reason: you have no WPS trigger methods configured.

That is what the uci pushbutton settings does. There are several available methods, PIN(label), pushbutton etc. You need to have at least some of them.
See https://github.com/lede-project/source/blob/master/package/network/services/hostapd/files/hostapd.sh#L331

set_default wps_pushbutton 0
set_default wps_label 0
set_default wps_pbc_in_m1 0

config_methods=
[ "$wps_pushbutton" -gt 0 ] && append config_methods push_button
[ "$wps_label" -gt 0 ] && append config_methods label

See https://w1.fi/cgit/hostap/plain/hostapd/hostapd.conf

# Config Methods
# List of the supported configuration methods
# Available methods: usba ethernet label display ext_nfc_token int_nfc_token
#	nfc_interface push_button keypad virtual_display physical_display
#	virtual_push_button physical_push_button
#config_methods=label virtual_display virtual_push_button keypad

# WPS capability discovery workaround for PBC with Windows 7
# Windows 7 uses incorrect way of figuring out AP's WPS capabilities by acting
# as a Registrar and using M1 from the AP. The config methods attribute in that
# message is supposed to indicate only the configuration method supported by
# the AP in Enrollee role, i.e., to add an external Registrar. For that case,
# PBC shall not be used and as such, the PushButton config method is removed
# from M1 by default. If pbc_in_m1=1 is included in the configuration file,
# the PushButton config method is left in M1 (if included in config_methods
# parameter) to allow Windows 7 to use PBC instead of PIN (e.g., from a label
# in the AP).
#pbc_in_m1=1

# Static access point PIN for initial configuration and adding Registrars
# If not set, hostapd will not allow external WPS Registrars to control the
# access point. The AP PIN can also be set at runtime with hostapd_cli
# wps_ap_pin command. Use of temporary (enabled by user action) and random
# AP PIN is much more secure than configuring a static AP PIN here. As such,
# use of the ap_pin parameter is not recommended if the AP device has means for
# displaying a random PIN.
#ap_pin=12345670

I apologize for not mentioning explicitly, but actually that part is in the hostap.conf I'm using on both devices, it reads

config_methods=push_button

On the LEDE device, this is the result of using

option wps_pushbutton '1'

In the etc/config/wireless, which then is rendered to the /var/run/hostapd-phy0.conf, which is the config I'm using on the Raspian device.

So there still has to be another reason.