WAY OFF TOPIC - any RPI wifi gurus here?

I have a PI running Stretch.
It has a WiFi dongle and works/worked as a WAP.

Recently I updated it (sudo apt update sudo apt upgrade)
It was working.

But it got power rebooted and the WAP stopped working.

I have been looking everywhere and can't really get an answer.

Give: The dongle works. The USB port works. I have tried a different dongle.
I know the dongle works because I can run a python script to scan for visible WAPS, and it produces a list.
If the dongle wasn't working, I would not expect to see that.

When I start hostapd it locks up.
(That is with keyboard, mouse and monitor plugged in. Not headless.)

Research has hinted at wpa_supplicant and the latest update going backwards with security.
So the hostapd is masked because of (reasons beyond my knowledge).
I am trying to find how to resolve this, as I am sure there are others who use their RPI as a WAP.

I have uninstalled hostapd, dnsmasq and other things, then reinstalled them. No luck.
So I am hoping that it is a simple thing to do with software.
Simple for people who know what they are doing. Not me.
Would someone please help me with working out what the problem is?

This is where I am at with the search:
WPA supplicant file mentioning
It looks promising, but not in a way I can understand what needs to be done.

Raspberry Pi gurus hang out on the raspberry pi forum (link on their website)

I fully agree.

But when I ask there I get no reply.

I am hoping someone here could/will help.

Well, IF that issue is related to your problem then it relates to a Debian bug. But it doesn't seem to be affecting many people, judging by the noise.

Have you looked to see what the wpa_supplicant file contains?

I have seen a lot of stuff about "wpa_supplicant" problems using Stretch.

Alas the replies are written in a language I do not understand.

Example

This is another one which looks like it may be what I need.

But I am not skilled enough to understand what is needing to be done:

Maybe this one?

Be the problem "raspbian" or "debian".... The "gods" who released it did so and idiots like me don't know what to do to get around the problem.

I've asked, searched and tried to understand. I can't.

I get that.

So I am asking for help.

Surely someone here uses a RPI as a WAP.
Or: knows something about the wpa_supplicant.conf file which has been refrenced many times in the searches last night/yesterday/the other day.

I am going around in circles.

I've just had a 10 minute argument with NR and dashboards. (See new thread coming soon!)

I don't see/understand why people who know this stuff don't share it.

As I said above, have you done this? Login to the rpi, locate the file and open it. Does it contain something like
tls_disable_tlsv1_0=1
tls_disable_tlsv1_1=1

You asked. Ok, I didn't answer.

This is what it is NOW:

pi@TimePi:~ $ sudo cat /etc/wpa_supplicant/wpa_supplicant.conf 
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
country=AU

#  added 2019 07 20
tls_disable_tlsv1_0=1
tls_disable_tlsv1_1=1
openssl_ciphers=DEFAULT@SECLEVEL=2
pi@TimePi:~ $ 

Note that I added the last three lines on 20 July.

This is what happens:

pi@TimePi:~ $ sudo systemctl unmask hostapd
pi@TimePi:~ $ sudo systemctl start hostapd
pi@TimePi:~ $ 

Machine locked up.
Have to power cycle it.

So: I guess the short answer is no. It doesn't seem to fix it.

So you added these lines manually, based on reading that forum post?

Correct.

They either don't apply to the problem I have... Or I am not doing it correctly.

As soon as I unmask hostapd and start it, the machine locks up - in about 10 seconds.
(and needs to be power reset to get it working.)
There is no keyboard/mouse input allowed. The network (Cat-5) is dead.

Indeed, it may well be the case that your problem is unrelated.

And I assume you used this guide initially for hostapd? https://www.raspberrypi.org/documentation/configuration/wireless/access-point.md

The quickest solution (in the end) may be to ... you know the rest I'm sure.

Yes I do know the rest.

Yes, that is how I set about doing the WAP.

I uninstalled hostapd and re-installed it.

No luck.

But I know the hardware is working because I can scan for visible WAPs and the dongle supplies me a list.

It also blinks as it is doing it.

So..... I need a guru how can (kindly) afford me some help.

All this has happened since I did the sudo apt update sudo apt upgrade a while back.
As the machine wasn't rebooted......

When I ssh into it there was something about the wpa_supplicant file (or config) but I didn't really get the jist of it. Until it rebooted.

I wish you well with that, but what I actually meant was ...

In the end it will probably be quicker to revert to your last known good backup. You do have one of those don't you?

Yes, but it is difficult when the O/S does updates which stops itself working.

Rolling back in that situation is also beyond my skills.

Raspbian will not automatically update anything, unless you are running some sort of script telling it to.

I am sure that backing up your sd card once you have a working system, then restoring the image back to another sd card if you run into trouble, is NOT beyond your skill set.

No, backing up the card isn't. But I may need to know how to do it to a USB hard disc with the "dd" command.
The problem is getting a version of the O/S before the last update.

Seriously, abide by the old Chinese proverb that states ...KISS

https://downloads.raspberrypi.org/raspbian/images/

Have you checked that there is no conflict between the settings /etc/network/interfaces and wpa_supplicant.conf ??

To the best of my knowledge, there is no conflict/s.

I added a couple of lines from a thread I found on the net about the problem, but they didn't fix it.