WiFi Protected Mode (WPS) for version 23.05

Hi,

I'm attempting to enable WPS on a Raspberry Pi 3 model B, configured with OpenWrt 23.05.0.

I know the RPi is capable as I had is working with Raspbian.

I followed this guide, however, when I add the line option wps_pushbutton '1' and restart the service or reboot, it brings down the AP and I guess this is why the hostapd_cli wps_* commands FAIL or UNKNOWN COMMAND.

When following step 3:

I get No packages removed.

And step 4:

I get:

Collected errors:
 * check_data_file_clashes: Package wpad wants to install file /usr/sbin/hostapd
        But that file is already provided by package  * wpad-basic-mbedtls
 * check_data_file_clashes: Package wpad wants to install file /usr/sbin/wpa_supplicant
        But that file is already provided by package  * wpad-basic-mbedtls
 * check_data_file_clashes: Package wpad wants to install file /usr/sbin/wpad
        But that file is already provided by package  * wpad-basic-mbedtls
 * check_data_file_clashes: Package wpad wants to install file /usr/share/hostap/hostapd.uc
        But that file is already provided by package  * wpad-basic-mbedtls
 * check_data_file_clashes: Package wpad wants to install file /usr/share/hostap/wpa_supplicant.uc
        But that file is already provided by package  * wpad-basic-mbedtls
 * opkg_install_cmd: Cannot install package wpad.

When I configured WPS on Raspbian, there was a little more to it than just one line. I had to put the following into hostapd.conf

wpa_psk_file=/etc/hostapd_wps.psk

eap_server=1

wps_state=2
ap_setup_locked=1

wps_pin_requests=/var/run/hostapd.pin-req
device_name=Wireless AP
manufacturer=UK
model_name=WAP
model_number=0001
serial_number=0001
device_type=6-0050F204-1
os_version=01020300
config_methods=push_button virtual_push_button
wps_cred_processing=0
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0
eap_server=1
pbc_in_m1=1

Just in case I am doing something stupid, here is my wireless config (option wps_pushbutton '1' is commented out)

config wifi-device 'radio0'
        option type 'mac80211'
        option path 'platform/soc/3f300000.mmcnr/mmc_host/mmc1/mmc1:0001/mmc1:0001:1'
        option channel '7'
        option band '2g'
        option htmode 'HT20'
        option cell_density '0'
        option country 'GB'
        option log_level '1'

config wifi-iface 'default_radio0'
        option device 'radio0'
        option network 'HA_WLAN'
        option mode 'ap'
        option ssid 'BTVHA'
        option encryption 'psk2'
        option key 'passw0rd'
        option wmm '0'
        #option wps_pushbutton '1'

From the output of uci show wireless, I get:

wireless.radio0=wifi-device
wireless.radio0.type='mac80211'
wireless.radio0.path='platform/soc/3f300000.mmcnr/mmc_host/mmc1/mmc1:0001/mmc1:0001:1'
wireless.radio0.channel='7'
wireless.radio0.band='2g'
wireless.radio0.htmode='HT20'
wireless.radio0.cell_density='0'
wireless.radio0.country='GB'
wireless.radio0.log_level='1'
wireless.default_radio0=wifi-iface
wireless.default_radio0.device='radio0'
wireless.default_radio0.network='HA_WLAN'
wireless.default_radio0.mode='ap'
wireless.default_radio0.ssid='BTVHA'
wireless.default_radio0.encryption='psk2'
wireless.default_radio0.key='passw0rd'
wireless.default_radio0.wmm='0'

Due to the errors in removing/installing packages, I am hoping the issue is with differences in version between the guide I used and 23.05.

If anyone has any experience configuring 23.05 with WPS and could share some pointers, I'd be very grateful.

Thanks

W.

If I uncomment the line option wps_pushbutton 1` and restart the network service, logread shows:

Wed Nov  1 20:25:56 2023 daemon.notice netifd: radio0 (3590): WARNING: Variable 'data' does not exist or is not an array/object
Wed Nov  1 20:25:57 2023 daemon.notice hostapd: Set new config for phy phy0:
Wed Nov  1 20:25:57 2023 daemon.notice wpa_supplicant[758]: Set new config for phy phy0
Wed Nov  1 20:25:57 2023 daemon.notice netifd: radio0 (3590): command failed: I/O error (-5)
Wed Nov  1 20:25:57 2023 daemon.notice wpa_supplicant[758]: Set new config for phy phy0
Wed Nov  1 20:25:57 2023 daemon.notice hostapd: Set new config for phy phy0: /var/run/hostapd-phy0.conf
Wed Nov  1 20:25:57 2023 daemon.notice hostapd: Restart interface for phy phy0
Wed Nov  1 20:25:57 2023 daemon.notice hostapd: Configuration file: data: driver=nl80211 logger_syslog=127 logger_syslog_level=1 logger_stdout=127 logger_stdout_level=1 country_code=GB ieee80211d=1 hw_mode=g supported_rates=60 90 120 180 240 360 480 540 basic_rates=60 120 240 beacon_int=100 chanlist=7 #num_global_macaddr=1 ieee80211n=1 ht_coex=0 ht_capab=[SHORT-GI-20][DSSS_CCK-40] channel=7  interface=phy0-ap0 bssid=b8:27:eb:a2:d9:1d ctrl_interface=/var/run/hostapd ap_isolate=1 bss_load_update_period=60 chan_util_avg_period=600 disassoc_low_ack=1 skip_inactivity_poll=0 preamble=1 wmm_enabled=0 ignore_broadcast_ssid=0 uapsd_advertisement_enabled=1 utf8_ssid=1 multi_ap=0 wpa_passphrase=passw0rd wpa_psk_file=/var/run/hostapd-phy0-ap0.psk auth_algs=1 wpa=2 wpa_pairwise=CCMP eap_server=1 wps_state=2 device_type=6-0050F204-1 device_name=OpenWrt AP manufacturer=www.openwrt.org config_methods=push_button wps_independent=1 ssid=BTVHA bridge=br-hawlan wds_bridge= snoop_iface=br-hawlan wpa_disable_eapol_key_retries=0 wpa_key_mgmt=WPA-
Wed Nov  1 20:25:57 2023 daemon.err hostapd: Line 39: unknown configuration item 'eap_server'
Wed Nov  1 20:25:57 2023 daemon.err hostapd: Line 40: unknown configuration item 'wps_state'
Wed Nov  1 20:25:57 2023 daemon.err hostapd: Line 41: unknown configuration item 'device_type'
Wed Nov  1 20:25:57 2023 daemon.err hostapd: Line 42: unknown configuration item 'device_name'
Wed Nov  1 20:25:57 2023 daemon.err hostapd: Line 43: unknown configuration item 'manufacturer'
Wed Nov  1 20:25:57 2023 daemon.err hostapd: Line 44: unknown configuration item 'config_methods'
Wed Nov  1 20:25:57 2023 daemon.err hostapd: Line 45: unknown configuration item 'wps_independent'
Wed Nov  1 20:25:57 2023 daemon.err hostapd: 7 errors found in configuration file '<inline>'
Wed Nov  1 20:25:57 2023 daemon.err hostapd: Failed to set up interface with data: driver=nl80211 logger_syslog=127 logger_syslog_level=1 logger_stdout=127 logger_stdout_level=1 country_code=GB ieee80211d=1 hw_mode=g supported_rates=60 90 120 180 240 360 480 540 basic_rates=60 120 240 beacon_int=100 chanlist=7 #num_global_macaddr=1 ieee80211n=1 ht_coex=0 ht_capab=[SHORT-GI-20][DSSS_CCK-40] channel=7  interface=phy0-ap0 bssid=b8:27:eb:a2:d9:1d ctrl_interface=/var/run/hostapd ap_isolate=1 bss_load_update_period=60 chan_util_avg_period=600 disassoc_low_ack=1 skip_inactivity_poll=0 preamble=1 wmm_enabled=0 ignore_broadcast_ssid=0 uapsd_advertisement_enabled=1 utf8_ssid=1 multi_ap=0 wpa_passphrase=passw0rd wpa_psk_file=/var/run/hostapd-phy0-ap0.psk auth_algs=1 wpa=2 wpa_pairwise=CCMP eap_server=1 wps_state=2 device_type=6-0050F204-1 device_name=OpenWrt AP manufacturer=www.openwrt.org config_methods=push_button wps_independent=1 ssid=BTVHA bridge=br-hawlan wds_bridge= snoop_iface=br-hawlan wpa_disable_eapol_key_retries=0 wpa_k
Wed Nov  1 20:25:57 2023 daemon.notice hostapd: hostapd.add_iface failed for phy phy0 ifname=phy0-ap0
Wed Nov  1 20:25:57 2023 daemon.notice netifd: Wireless device 'radio0' is now up
Wed Nov  1 20:25:57 2023 kern.info kernel: [ 2265.250775] br-hawlan: port 2(phy0-ap0) entered blocking state
Wed Nov  1 20:25:57 2023 kern.info kernel: [ 2265.260129] br-hawlan: port 2(phy0-ap0) entered disabled state
Wed Nov  1 20:25:57 2023 kern.info kernel: [ 2265.269654] device phy0-ap0 entered promiscuous mode
Wed Nov  1 20:25:59 2023 daemon.info dnsmasq[1]: read /etc/hosts - 12 names
Wed Nov  1 20:25:59 2023 daemon.info dnsmasq[1]: read /tmp/hosts/dhcp.cfg01411c - 0 names
Wed Nov  1 20:25:59 2023 daemon.info dnsmasq[1]: read /tmp/hosts/odhcpd - 0 names

The errors seem to be pointing to problems in /var/run/hostapd-phy0.conf/ Is this the same file as /etc/hostapd.conf?

I think I've found it. It was indeed a package. I guess there's a force switch for opkg and I installed the full wpad via LuCI, ticking Allow overwriting conflicting package files

The default ssl library is now mbedtls instead of wolfssl. In this case it would be remove wpad-basic-mbedtls then install the full version: wpad-mbedtls

I figured some of this out from here & the conflict messages from opkg, which other version - in my case wpad-basic-mbedtls - I needed to remove to be able to install without conflicts/force.

I now have wpad-mbedtls, hostapd-common and hostapd-utils installed. (This is on a TP-Link Archer C7 v5, OpenWrt 23.05.2 r23630-842932a63d)

Still, hostapd_cli -i phy1-ap0 wps_get_status (or any other WPS-related command) gives "UNKNOWN COMMAND" and there's no mention of wps in logread after e.g. service network restart.

How do I get WPS working in OpenWRT 23.05?

Aah, found something - I needed to reboot OpenWRT; service network restart is not sufficient.