mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-30 02:29:01 +00:00
hostapd: add mbedtls variant
This adds the current WIP mbedtls patches for hostapd. The motivation here is to reduce size. Signed-off-by: Rosen Penev <rosenp@gmail.com>
This commit is contained in:
parent
17c6fb1054
commit
6d1df35747
@ -4,20 +4,25 @@ config WPA_RFKILL_SUPPORT
|
|||||||
depends on PACKAGE_wpa-supplicant || \
|
depends on PACKAGE_wpa-supplicant || \
|
||||||
PACKAGE_wpa-supplicant-openssl || \
|
PACKAGE_wpa-supplicant-openssl || \
|
||||||
PACKAGE_wpa-supplicant-wolfssl || \
|
PACKAGE_wpa-supplicant-wolfssl || \
|
||||||
|
PACKAGE_wpa-supplicant-mbedtls || \
|
||||||
PACKAGE_wpa-supplicant-mesh-openssl || \
|
PACKAGE_wpa-supplicant-mesh-openssl || \
|
||||||
PACKAGE_wpa-supplicant-mesh-wolfssl || \
|
PACKAGE_wpa-supplicant-mesh-wolfssl || \
|
||||||
|
PACKAGE_wpa-supplicant-mesh-mbedtls || \
|
||||||
PACKAGE_wpa-supplicant-basic || \
|
PACKAGE_wpa-supplicant-basic || \
|
||||||
PACKAGE_wpa-supplicant-mini || \
|
PACKAGE_wpa-supplicant-mini || \
|
||||||
PACKAGE_wpa-supplicant-p2p || \
|
PACKAGE_wpa-supplicant-p2p || \
|
||||||
PACKAGE_wpad || \
|
PACKAGE_wpad || \
|
||||||
PACKAGE_wpad-openssl || \
|
PACKAGE_wpad-openssl || \
|
||||||
PACKAGE_wpad-wolfssl || \
|
PACKAGE_wpad-wolfssl || \
|
||||||
|
PACKAGE_wpad-mbedtls || \
|
||||||
PACKAGE_wpad-basic || \
|
PACKAGE_wpad-basic || \
|
||||||
PACKAGE_wpad-basic-openssl || \
|
PACKAGE_wpad-basic-openssl || \
|
||||||
PACKAGE_wpad-basic-wolfssl || \
|
PACKAGE_wpad-basic-wolfssl || \
|
||||||
|
PACKAGE_wpad-basic-mbedtls || \
|
||||||
PACKAGE_wpad-mini || \
|
PACKAGE_wpad-mini || \
|
||||||
PACKAGE_wpad-mesh-openssl || \
|
PACKAGE_wpad-mesh-openssl || \
|
||||||
PACKAGE_wpad-mesh-wolfssl
|
PACKAGE_wpad-mesh-wolfssl || \
|
||||||
|
PACKAGE_wpad-mesh-mbedtls
|
||||||
default n
|
default n
|
||||||
|
|
||||||
config WPA_MSG_MIN_PRIORITY
|
config WPA_MSG_MIN_PRIORITY
|
||||||
@ -25,20 +30,25 @@ config WPA_MSG_MIN_PRIORITY
|
|||||||
depends on PACKAGE_wpa-supplicant || \
|
depends on PACKAGE_wpa-supplicant || \
|
||||||
PACKAGE_wpa-supplicant-openssl || \
|
PACKAGE_wpa-supplicant-openssl || \
|
||||||
PACKAGE_wpa-supplicant-wolfssl || \
|
PACKAGE_wpa-supplicant-wolfssl || \
|
||||||
|
PACKAGE_wpa-supplicant-mbedtls || \
|
||||||
PACKAGE_wpa-supplicant-mesh-openssl || \
|
PACKAGE_wpa-supplicant-mesh-openssl || \
|
||||||
PACKAGE_wpa-supplicant-mesh-wolfssl || \
|
PACKAGE_wpa-supplicant-mesh-wolfssl || \
|
||||||
|
PACKAGE_wpa-supplicant-mesh-mbedtls || \
|
||||||
PACKAGE_wpa-supplicant-basic || \
|
PACKAGE_wpa-supplicant-basic || \
|
||||||
PACKAGE_wpa-supplicant-mini || \
|
PACKAGE_wpa-supplicant-mini || \
|
||||||
PACKAGE_wpa-supplicant-p2p || \
|
PACKAGE_wpa-supplicant-p2p || \
|
||||||
PACKAGE_wpad || \
|
PACKAGE_wpad || \
|
||||||
PACKAGE_wpad-openssl || \
|
PACKAGE_wpad-openssl || \
|
||||||
PACKAGE_wpad-wolfssl || \
|
PACKAGE_wpad-wolfssl || \
|
||||||
|
PACKAGE_wpad-mbedtls || \
|
||||||
PACKAGE_wpad-basic || \
|
PACKAGE_wpad-basic || \
|
||||||
PACKAGE_wpad-basic-openssl || \
|
PACKAGE_wpad-basic-openssl || \
|
||||||
PACKAGE_wpad-basic-wolfssl || \
|
PACKAGE_wpad-basic-wolfssl || \
|
||||||
|
PACKAGE_wpad-basic-mbedtls || \
|
||||||
PACKAGE_wpad-mini || \
|
PACKAGE_wpad-mini || \
|
||||||
PACKAGE_wpad-mesh-openssl || \
|
PACKAGE_wpad-mesh-openssl || \
|
||||||
PACKAGE_wpad-mesh-wolfssl
|
PACKAGE_wpad-mesh-wolfssl || \
|
||||||
|
PACKAGE_wpad-mesh-mbedtls
|
||||||
default 3
|
default 3
|
||||||
help
|
help
|
||||||
Useful values are:
|
Useful values are:
|
||||||
@ -91,9 +101,11 @@ config WPA_MBO_SUPPORT
|
|||||||
default PACKAGE_wpa-supplicant || \
|
default PACKAGE_wpa-supplicant || \
|
||||||
PACKAGE_wpa-supplicant-openssl || \
|
PACKAGE_wpa-supplicant-openssl || \
|
||||||
PACKAGE_wpa-supplicant-wolfssl || \
|
PACKAGE_wpa-supplicant-wolfssl || \
|
||||||
|
PACKAGE_wpa-supplicant-mbedtls || \
|
||||||
PACKAGE_wpad || \
|
PACKAGE_wpad || \
|
||||||
PACKAGE_wpad-openssl || \
|
PACKAGE_wpad-openssl || \
|
||||||
PACKAGE_wpad-wolfssl
|
PACKAGE_wpad-wolfssl || \
|
||||||
|
PACKAGE_wpad-mbedtls
|
||||||
help
|
help
|
||||||
Multi Band Operation aka (Agile Multiband) enables features
|
Multi Band Operation aka (Agile Multiband) enables features
|
||||||
that facilitate efficient use of multiple frequency bands.
|
that facilitate efficient use of multiple frequency bands.
|
||||||
|
@ -52,14 +52,16 @@ LOCAL_AND_LIB_VARIANT=$(patsubst hostapd-%,%,\
|
|||||||
LOCAL_VARIANT=$(patsubst %-internal,%,\
|
LOCAL_VARIANT=$(patsubst %-internal,%,\
|
||||||
$(patsubst %-openssl,%,\
|
$(patsubst %-openssl,%,\
|
||||||
$(patsubst %-wolfssl,%,\
|
$(patsubst %-wolfssl,%,\
|
||||||
|
$(patsubst %-mbedtls,%,\
|
||||||
$(LOCAL_AND_LIB_VARIANT)\
|
$(LOCAL_AND_LIB_VARIANT)\
|
||||||
)))
|
))))
|
||||||
|
|
||||||
SSL_VARIANT=$(strip \
|
SSL_VARIANT=$(strip \
|
||||||
$(if $(findstring openssl,$(LOCAL_AND_LIB_VARIANT)),openssl,\
|
$(if $(findstring openssl,$(LOCAL_AND_LIB_VARIANT)),openssl,\
|
||||||
$(if $(findstring wolfssl,$(LOCAL_AND_LIB_VARIANT)),wolfssl,\
|
$(if $(findstring wolfssl,$(LOCAL_AND_LIB_VARIANT)),wolfssl,\
|
||||||
|
$(if $(findstring mbedtls,$(LOCAL_AND_LIB_VARIANT)),mbedtls,\
|
||||||
internal\
|
internal\
|
||||||
)))
|
))))
|
||||||
|
|
||||||
CONFIG_VARIANT:=$(LOCAL_VARIANT)
|
CONFIG_VARIANT:=$(LOCAL_VARIANT)
|
||||||
ifeq ($(LOCAL_VARIANT),mesh)
|
ifeq ($(LOCAL_VARIANT),mesh)
|
||||||
@ -116,6 +118,21 @@ ifeq ($(SSL_VARIANT),wolfssl)
|
|||||||
endif
|
endif
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
ifeq ($(SSL_VARIANT),mbedtls)
|
||||||
|
DRIVER_MAKEOPTS += CONFIG_TLS=mbedtls CONFIG_SAE=y
|
||||||
|
TARGET_LDFLAGS += -lmbedcrypto -lmbedx509 -lmbedtls
|
||||||
|
|
||||||
|
ifeq ($(LOCAL_VARIANT),basic)
|
||||||
|
DRIVER_MAKEOPTS += CONFIG_OWE=y
|
||||||
|
endif
|
||||||
|
ifeq ($(LOCAL_VARIANT),mesh)
|
||||||
|
DRIVER_MAKEOPTS += CONFIG_AP=y CONFIG_MESH=y CONFIG_WPS_NFC=1
|
||||||
|
endif
|
||||||
|
ifeq ($(LOCAL_VARIANT),full)
|
||||||
|
DRIVER_MAKEOPTS += CONFIG_OWE=y CONFIG_SUITEB192=y CONFIG_AP=y CONFIG_MESH=y CONFIG_WPS_NFC=1
|
||||||
|
endif
|
||||||
|
endif
|
||||||
|
|
||||||
ifneq ($(LOCAL_TYPE),hostapd)
|
ifneq ($(LOCAL_TYPE),hostapd)
|
||||||
ifdef CONFIG_WPA_RFKILL_SUPPORT
|
ifdef CONFIG_WPA_RFKILL_SUPPORT
|
||||||
DRIVER_MAKEOPTS += NEED_RFKILL=y
|
DRIVER_MAKEOPTS += NEED_RFKILL=y
|
||||||
@ -173,6 +190,15 @@ endef
|
|||||||
|
|
||||||
Package/hostapd-wolfssl/description = $(Package/hostapd/description)
|
Package/hostapd-wolfssl/description = $(Package/hostapd/description)
|
||||||
|
|
||||||
|
define Package/hostapd-mbedtls
|
||||||
|
$(call Package/hostapd/Default,$(1))
|
||||||
|
TITLE+= (mbedTLS full)
|
||||||
|
VARIANT:=full-mbedtls
|
||||||
|
DEPENDS+=+PACKAGE_hostapd-mbedtls:libmbedtls
|
||||||
|
endef
|
||||||
|
|
||||||
|
Package/hostapd-mbedtls/description = $(Package/hostapd/description)
|
||||||
|
|
||||||
define Package/hostapd-basic
|
define Package/hostapd-basic
|
||||||
$(call Package/hostapd/Default,$(1))
|
$(call Package/hostapd/Default,$(1))
|
||||||
TITLE+= (WPA-PSK, 11r, 11w)
|
TITLE+= (WPA-PSK, 11r, 11w)
|
||||||
@ -205,6 +231,17 @@ define Package/hostapd-basic-wolfssl/description
|
|||||||
This package contains a basic IEEE 802.1x/WPA Authenticator with WPA-PSK, 802.11r and 802.11w support.
|
This package contains a basic IEEE 802.1x/WPA Authenticator with WPA-PSK, 802.11r and 802.11w support.
|
||||||
endef
|
endef
|
||||||
|
|
||||||
|
define Package/hostapd-basic-mbedtls
|
||||||
|
$(call Package/hostapd/Default,$(1))
|
||||||
|
TITLE+= (WPA-PSK, 11r and 11w)
|
||||||
|
VARIANT:=basic-mbedtls
|
||||||
|
DEPENDS+=+PACKAGE_hostapd-basic-mbedtls:libmbedtls
|
||||||
|
endef
|
||||||
|
|
||||||
|
define Package/hostapd-basic-mbedtls/description
|
||||||
|
This package contains a basic IEEE 802.1x/WPA Authenticator with WPA-PSK, 802.11r and 802.11w support.
|
||||||
|
endef
|
||||||
|
|
||||||
define Package/hostapd-mini
|
define Package/hostapd-mini
|
||||||
$(call Package/hostapd/Default,$(1))
|
$(call Package/hostapd/Default,$(1))
|
||||||
TITLE+= (WPA-PSK only)
|
TITLE+= (WPA-PSK only)
|
||||||
@ -260,6 +297,15 @@ endef
|
|||||||
|
|
||||||
Package/wpad-wolfssl/description = $(Package/wpad/description)
|
Package/wpad-wolfssl/description = $(Package/wpad/description)
|
||||||
|
|
||||||
|
define Package/wpad-mbedtls
|
||||||
|
$(call Package/wpad/Default,$(1))
|
||||||
|
TITLE+= (mbedTLS full)
|
||||||
|
VARIANT:=wpad-full-mbedtls
|
||||||
|
DEPENDS+=+PACKAGE_wpad-mbedtls:libmbedtls
|
||||||
|
endef
|
||||||
|
|
||||||
|
Package/wpad-mbedtls/description = $(Package/wpad/description)
|
||||||
|
|
||||||
define Package/wpad-basic
|
define Package/wpad-basic
|
||||||
$(call Package/wpad/Default,$(1))
|
$(call Package/wpad/Default,$(1))
|
||||||
TITLE+= (WPA-PSK, 11r, 11w)
|
TITLE+= (WPA-PSK, 11r, 11w)
|
||||||
@ -292,6 +338,17 @@ define Package/wpad-basic-wolfssl/description
|
|||||||
This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w support.
|
This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w support.
|
||||||
endef
|
endef
|
||||||
|
|
||||||
|
define Package/wpad-basic-mbedtls
|
||||||
|
$(call Package/wpad/Default,$(1))
|
||||||
|
TITLE+= (mbedTLS, 11r, 11w)
|
||||||
|
VARIANT:=wpad-basic-mbedtls
|
||||||
|
DEPENDS+=+PACKAGE_wpad-basic-mbedtls:libmbedtls
|
||||||
|
endef
|
||||||
|
|
||||||
|
define Package/wpad-basic-mbedtls/description
|
||||||
|
This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w support.
|
||||||
|
endef
|
||||||
|
|
||||||
define Package/wpad-mini
|
define Package/wpad-mini
|
||||||
$(call Package/wpad/Default,$(1))
|
$(call Package/wpad/Default,$(1))
|
||||||
TITLE+= (WPA-PSK only)
|
TITLE+= (WPA-PSK only)
|
||||||
@ -330,6 +387,15 @@ endef
|
|||||||
|
|
||||||
Package/wpad-mesh-wolfssl/description = $(Package/wpad-mesh/description)
|
Package/wpad-mesh-wolfssl/description = $(Package/wpad-mesh/description)
|
||||||
|
|
||||||
|
define Package/wpad-mesh-mbedtls
|
||||||
|
$(call Package/wpad-mesh,$(1))
|
||||||
|
TITLE+= (mbedTLS, 11s, SAE)
|
||||||
|
DEPENDS+=+PACKAGE_wpad-mesh-mbedtls:libmbedtls
|
||||||
|
VARIANT:=wpad-mesh-mbedtls
|
||||||
|
endef
|
||||||
|
|
||||||
|
Package/wpad-mesh-mbedtls/description = $(Package/wpad-mesh/description)
|
||||||
|
|
||||||
|
|
||||||
define Package/wpa-supplicant/Default
|
define Package/wpa-supplicant/Default
|
||||||
SECTION:=net
|
SECTION:=net
|
||||||
@ -365,6 +431,13 @@ $(call Package/wpa-supplicant/Default,$(1))
|
|||||||
DEPENDS+=+PACKAGE_wpa-supplicant-wolfssl:libwolfssl
|
DEPENDS+=+PACKAGE_wpa-supplicant-wolfssl:libwolfssl
|
||||||
endef
|
endef
|
||||||
|
|
||||||
|
define Package/wpa-supplicant-mbedtls
|
||||||
|
$(call Package/wpa-supplicant/Default,$(1))
|
||||||
|
TITLE+= (mbedTLS full)
|
||||||
|
VARIANT:=supplicant-full-mbedtls
|
||||||
|
DEPENDS+=+PACKAGE_wpa-supplicant-mbedtls:libmbedtls
|
||||||
|
endef
|
||||||
|
|
||||||
define Package/wpa-supplicant/config
|
define Package/wpa-supplicant/config
|
||||||
source "$(SOURCE)/Config.in"
|
source "$(SOURCE)/Config.in"
|
||||||
endef
|
endef
|
||||||
@ -396,6 +469,13 @@ $(call Package/wpa-supplicant-mesh/Default,$(1))
|
|||||||
DEPENDS+=+PACKAGE_wpa-supplicant-mesh-wolfssl:libwolfssl
|
DEPENDS+=+PACKAGE_wpa-supplicant-mesh-wolfssl:libwolfssl
|
||||||
endef
|
endef
|
||||||
|
|
||||||
|
define Package/wpa-supplicant-mesh-mbedtls
|
||||||
|
$(call Package/wpa-supplicant-mesh/Default,$(1))
|
||||||
|
TITLE+= (mbedTLS, 11s, SAE)
|
||||||
|
VARIANT:=supplicant-mesh-mbedtls
|
||||||
|
DEPENDS+=+PACKAGE_wpa-supplicant-mesh-mbedtls:libmbedtls
|
||||||
|
endef
|
||||||
|
|
||||||
define Package/wpa-supplicant-basic
|
define Package/wpa-supplicant-basic
|
||||||
$(call Package/wpa-supplicant/Default,$(1))
|
$(call Package/wpa-supplicant/Default,$(1))
|
||||||
TITLE+= (11r, 11w)
|
TITLE+= (11r, 11w)
|
||||||
@ -472,6 +552,15 @@ define Package/eapol-test-wolfssl
|
|||||||
PROVIDES:=eapol-test
|
PROVIDES:=eapol-test
|
||||||
endef
|
endef
|
||||||
|
|
||||||
|
define Package/eapol-test-mbedtls
|
||||||
|
$(call Package/eapol-test/Default,$(1))
|
||||||
|
TITLE+= (mbedTLS full)
|
||||||
|
VARIANT:=supplicant-full-mbedtls
|
||||||
|
CONFLICTS:=$(filter-out eapol-test-openssl ,$(filter-out eapol-test-mbedtls ,$(EAPOL_TEST_PROVIDERS)))
|
||||||
|
DEPENDS+=+PACKAGE_eapol-test-mbedtls:libmbedtls
|
||||||
|
PROVIDES:=eapol-test
|
||||||
|
endef
|
||||||
|
|
||||||
|
|
||||||
ifneq ($(wildcard $(PKG_BUILD_DIR)/.config_*),$(subst .configured_,.config_,$(STAMP_CONFIGURED)))
|
ifneq ($(wildcard $(PKG_BUILD_DIR)/.config_*),$(subst .configured_,.config_,$(STAMP_CONFIGURED)))
|
||||||
define Build/Configure/rebuild
|
define Build/Configure/rebuild
|
||||||
@ -580,6 +669,12 @@ define Build/Compile/supplicant-full-wolfssl
|
|||||||
)
|
)
|
||||||
endef
|
endef
|
||||||
|
|
||||||
|
define Build/Compile/supplicant-full-mbedtls
|
||||||
|
+$(call Build/RunMake,wpa_supplicant, \
|
||||||
|
eapol_test \
|
||||||
|
)
|
||||||
|
endef
|
||||||
|
|
||||||
define Build/Compile
|
define Build/Compile
|
||||||
$(Build/Compile/$(LOCAL_TYPE))
|
$(Build/Compile/$(LOCAL_TYPE))
|
||||||
$(Build/Compile/$(BUILD_VARIANT))
|
$(Build/Compile/$(BUILD_VARIANT))
|
||||||
@ -610,9 +705,11 @@ endef
|
|||||||
Package/hostapd-basic/install = $(Package/hostapd/install)
|
Package/hostapd-basic/install = $(Package/hostapd/install)
|
||||||
Package/hostapd-basic-openssl/install = $(Package/hostapd/install)
|
Package/hostapd-basic-openssl/install = $(Package/hostapd/install)
|
||||||
Package/hostapd-basic-wolfssl/install = $(Package/hostapd/install)
|
Package/hostapd-basic-wolfssl/install = $(Package/hostapd/install)
|
||||||
|
Package/hostapd-basic-mbedtls/install = $(Package/hostapd/install)
|
||||||
Package/hostapd-mini/install = $(Package/hostapd/install)
|
Package/hostapd-mini/install = $(Package/hostapd/install)
|
||||||
Package/hostapd-openssl/install = $(Package/hostapd/install)
|
Package/hostapd-openssl/install = $(Package/hostapd/install)
|
||||||
Package/hostapd-wolfssl/install = $(Package/hostapd/install)
|
Package/hostapd-wolfssl/install = $(Package/hostapd/install)
|
||||||
|
Package/hostapd-mbedtls/install = $(Package/hostapd/install)
|
||||||
|
|
||||||
ifneq ($(LOCAL_TYPE),supplicant)
|
ifneq ($(LOCAL_TYPE),supplicant)
|
||||||
define Package/hostapd-utils/install
|
define Package/hostapd-utils/install
|
||||||
@ -631,11 +728,14 @@ endef
|
|||||||
Package/wpad-basic/install = $(Package/wpad/install)
|
Package/wpad-basic/install = $(Package/wpad/install)
|
||||||
Package/wpad-basic-openssl/install = $(Package/wpad/install)
|
Package/wpad-basic-openssl/install = $(Package/wpad/install)
|
||||||
Package/wpad-basic-wolfssl/install = $(Package/wpad/install)
|
Package/wpad-basic-wolfssl/install = $(Package/wpad/install)
|
||||||
|
Package/wpad-basic-mbedtls/install = $(Package/wpad/install)
|
||||||
Package/wpad-mini/install = $(Package/wpad/install)
|
Package/wpad-mini/install = $(Package/wpad/install)
|
||||||
Package/wpad-openssl/install = $(Package/wpad/install)
|
Package/wpad-openssl/install = $(Package/wpad/install)
|
||||||
Package/wpad-wolfssl/install = $(Package/wpad/install)
|
Package/wpad-wolfssl/install = $(Package/wpad/install)
|
||||||
|
Package/wpad-mbedtls/install = $(Package/wpad/install)
|
||||||
Package/wpad-mesh-openssl/install = $(Package/wpad/install)
|
Package/wpad-mesh-openssl/install = $(Package/wpad/install)
|
||||||
Package/wpad-mesh-wolfssl/install = $(Package/wpad/install)
|
Package/wpad-mesh-wolfssl/install = $(Package/wpad/install)
|
||||||
|
Package/wpad-mesh-mbedtls/install = $(Package/wpad/install)
|
||||||
|
|
||||||
define Package/wpa-supplicant/install
|
define Package/wpa-supplicant/install
|
||||||
$(call Install/supplicant,$(1))
|
$(call Install/supplicant,$(1))
|
||||||
@ -646,8 +746,10 @@ Package/wpa-supplicant-mini/install = $(Package/wpa-supplicant/install)
|
|||||||
Package/wpa-supplicant-p2p/install = $(Package/wpa-supplicant/install)
|
Package/wpa-supplicant-p2p/install = $(Package/wpa-supplicant/install)
|
||||||
Package/wpa-supplicant-openssl/install = $(Package/wpa-supplicant/install)
|
Package/wpa-supplicant-openssl/install = $(Package/wpa-supplicant/install)
|
||||||
Package/wpa-supplicant-wolfssl/install = $(Package/wpa-supplicant/install)
|
Package/wpa-supplicant-wolfssl/install = $(Package/wpa-supplicant/install)
|
||||||
|
Package/wpa-supplicant-mbedtls/install = $(Package/wpa-supplicant/install)
|
||||||
Package/wpa-supplicant-mesh-openssl/install = $(Package/wpa-supplicant/install)
|
Package/wpa-supplicant-mesh-openssl/install = $(Package/wpa-supplicant/install)
|
||||||
Package/wpa-supplicant-mesh-wolfssl/install = $(Package/wpa-supplicant/install)
|
Package/wpa-supplicant-mesh-wolfssl/install = $(Package/wpa-supplicant/install)
|
||||||
|
Package/wpa-supplicant-mesh-mbedtls/install = $(Package/wpa-supplicant/install)
|
||||||
|
|
||||||
ifneq ($(LOCAL_TYPE),hostapd)
|
ifneq ($(LOCAL_TYPE),hostapd)
|
||||||
define Package/wpa-cli/install
|
define Package/wpa-cli/install
|
||||||
@ -677,6 +779,13 @@ ifeq ($(BUILD_VARIANT),supplicant-full-wolfssl)
|
|||||||
endef
|
endef
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
ifeq ($(BUILD_VARIANT),supplicant-full-mbedtls)
|
||||||
|
define Package/eapol-test-mbedtls/install
|
||||||
|
$(INSTALL_DIR) $(1)/usr/sbin
|
||||||
|
$(CP) $(PKG_BUILD_DIR)/wpa_supplicant/eapol_test $(1)/usr/sbin/
|
||||||
|
endef
|
||||||
|
endif
|
||||||
|
|
||||||
# Build hostapd-common before its dependents, to avoid
|
# Build hostapd-common before its dependents, to avoid
|
||||||
# spurious rebuilds when building multiple variants.
|
# spurious rebuilds when building multiple variants.
|
||||||
$(eval $(call BuildPackage,hostapd-common))
|
$(eval $(call BuildPackage,hostapd-common))
|
||||||
@ -684,28 +793,36 @@ $(eval $(call BuildPackage,hostapd))
|
|||||||
$(eval $(call BuildPackage,hostapd-basic))
|
$(eval $(call BuildPackage,hostapd-basic))
|
||||||
$(eval $(call BuildPackage,hostapd-basic-openssl))
|
$(eval $(call BuildPackage,hostapd-basic-openssl))
|
||||||
$(eval $(call BuildPackage,hostapd-basic-wolfssl))
|
$(eval $(call BuildPackage,hostapd-basic-wolfssl))
|
||||||
|
$(eval $(call BuildPackage,hostapd-basic-mbedtls))
|
||||||
$(eval $(call BuildPackage,hostapd-mini))
|
$(eval $(call BuildPackage,hostapd-mini))
|
||||||
$(eval $(call BuildPackage,hostapd-openssl))
|
$(eval $(call BuildPackage,hostapd-openssl))
|
||||||
$(eval $(call BuildPackage,hostapd-wolfssl))
|
$(eval $(call BuildPackage,hostapd-wolfssl))
|
||||||
|
$(eval $(call BuildPackage,hostapd-mbedtls))
|
||||||
$(eval $(call BuildPackage,wpad))
|
$(eval $(call BuildPackage,wpad))
|
||||||
$(eval $(call BuildPackage,wpad-mesh-openssl))
|
$(eval $(call BuildPackage,wpad-mesh-openssl))
|
||||||
$(eval $(call BuildPackage,wpad-mesh-wolfssl))
|
$(eval $(call BuildPackage,wpad-mesh-wolfssl))
|
||||||
|
$(eval $(call BuildPackage,wpad-mesh-mbedtls))
|
||||||
$(eval $(call BuildPackage,wpad-basic))
|
$(eval $(call BuildPackage,wpad-basic))
|
||||||
$(eval $(call BuildPackage,wpad-basic-openssl))
|
$(eval $(call BuildPackage,wpad-basic-openssl))
|
||||||
$(eval $(call BuildPackage,wpad-basic-wolfssl))
|
$(eval $(call BuildPackage,wpad-basic-wolfssl))
|
||||||
|
$(eval $(call BuildPackage,wpad-basic-mbedtls))
|
||||||
$(eval $(call BuildPackage,wpad-mini))
|
$(eval $(call BuildPackage,wpad-mini))
|
||||||
$(eval $(call BuildPackage,wpad-openssl))
|
$(eval $(call BuildPackage,wpad-openssl))
|
||||||
$(eval $(call BuildPackage,wpad-wolfssl))
|
$(eval $(call BuildPackage,wpad-wolfssl))
|
||||||
|
$(eval $(call BuildPackage,wpad-mbedtls))
|
||||||
$(eval $(call BuildPackage,wpa-supplicant))
|
$(eval $(call BuildPackage,wpa-supplicant))
|
||||||
$(eval $(call BuildPackage,wpa-supplicant-mesh-openssl))
|
$(eval $(call BuildPackage,wpa-supplicant-mesh-openssl))
|
||||||
$(eval $(call BuildPackage,wpa-supplicant-mesh-wolfssl))
|
$(eval $(call BuildPackage,wpa-supplicant-mesh-wolfssl))
|
||||||
|
$(eval $(call BuildPackage,wpa-supplicant-mesh-mbedtls))
|
||||||
$(eval $(call BuildPackage,wpa-supplicant-basic))
|
$(eval $(call BuildPackage,wpa-supplicant-basic))
|
||||||
$(eval $(call BuildPackage,wpa-supplicant-mini))
|
$(eval $(call BuildPackage,wpa-supplicant-mini))
|
||||||
$(eval $(call BuildPackage,wpa-supplicant-p2p))
|
$(eval $(call BuildPackage,wpa-supplicant-p2p))
|
||||||
$(eval $(call BuildPackage,wpa-supplicant-openssl))
|
$(eval $(call BuildPackage,wpa-supplicant-openssl))
|
||||||
$(eval $(call BuildPackage,wpa-supplicant-wolfssl))
|
$(eval $(call BuildPackage,wpa-supplicant-wolfssl))
|
||||||
|
$(eval $(call BuildPackage,wpa-supplicant-mbedtls))
|
||||||
$(eval $(call BuildPackage,wpa-cli))
|
$(eval $(call BuildPackage,wpa-cli))
|
||||||
$(eval $(call BuildPackage,hostapd-utils))
|
$(eval $(call BuildPackage,hostapd-utils))
|
||||||
$(eval $(call BuildPackage,eapol-test))
|
$(eval $(call BuildPackage,eapol-test))
|
||||||
$(eval $(call BuildPackage,eapol-test-openssl))
|
$(eval $(call BuildPackage,eapol-test-openssl))
|
||||||
$(eval $(call BuildPackage,eapol-test-wolfssl))
|
$(eval $(call BuildPackage,eapol-test-wolfssl))
|
||||||
|
$(eval $(call BuildPackage,eapol-test-mbedtls))
|
||||||
|
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,114 @@
|
|||||||
|
From c8dba4bd750269bcc80fed3d546e2077cb4cdf0e Mon Sep 17 00:00:00 2001
|
||||||
|
From: Glenn Strauss <gstrauss@gluelogic.com>
|
||||||
|
Date: Tue, 19 Jul 2022 20:02:21 -0400
|
||||||
|
Subject: [PATCH 2/7] mbedtls: fips186_2_prf()
|
||||||
|
|
||||||
|
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
||||||
|
---
|
||||||
|
hostapd/Makefile | 4 ---
|
||||||
|
src/crypto/crypto_mbedtls.c | 60 +++++++++++++++++++++++++++++++++++++
|
||||||
|
wpa_supplicant/Makefile | 4 ---
|
||||||
|
3 files changed, 60 insertions(+), 8 deletions(-)
|
||||||
|
|
||||||
|
--- a/hostapd/Makefile
|
||||||
|
+++ b/hostapd/Makefile
|
||||||
|
@@ -759,10 +759,6 @@ endif
|
||||||
|
OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
|
||||||
|
HOBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
|
||||||
|
SOBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
|
||||||
|
-ifdef NEED_FIPS186_2_PRF
|
||||||
|
-OBJS += ../src/crypto/fips_prf_internal.o
|
||||||
|
-SHA1OBJS += ../src/crypto/sha1-internal.o
|
||||||
|
-endif
|
||||||
|
ifeq ($(CONFIG_CRYPTO), mbedtls)
|
||||||
|
ifdef CONFIG_DPP
|
||||||
|
LIBS += -lmbedx509
|
||||||
|
--- a/src/crypto/crypto_mbedtls.c
|
||||||
|
+++ b/src/crypto/crypto_mbedtls.c
|
||||||
|
@@ -132,6 +132,12 @@
|
||||||
|
#define CRYPTO_MBEDTLS_HMAC_KDF_SHA512
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+#if defined(EAP_SIM) || defined(EAP_SIM_DYNAMIC) || defined(EAP_SERVER_SIM) \
|
||||||
|
+ || defined(EAP_AKA) || defined(EAP_AKA_DYNAMIC) || defined(EAP_SERVER_AKA)
|
||||||
|
+/* EAP_SIM=y EAP_AKA=y */
|
||||||
|
+#define CRYPTO_MBEDTLS_FIPS186_2_PRF
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) \
|
||||||
|
|| defined(EAP_TEAP) || defined(EAP_TEAP_DYNAMIC) || defined(EAP_SERVER_FAST)
|
||||||
|
#define CRYPTO_MBEDTLS_SHA1_T_PRF
|
||||||
|
@@ -813,6 +819,60 @@ int sha1_t_prf(const u8 *key, size_t key
|
||||||
|
|
||||||
|
#endif /* CRYPTO_MBEDTLS_SHA1_T_PRF */
|
||||||
|
|
||||||
|
+#ifdef CRYPTO_MBEDTLS_FIPS186_2_PRF
|
||||||
|
+
|
||||||
|
+/* fips_prf_internal.c sha1-internal.c */
|
||||||
|
+
|
||||||
|
+/* used only by src/eap_common/eap_sim_common.c:eap_sim_prf()
|
||||||
|
+ * for eap_sim_derive_keys() and eap_sim_derive_keys_reauth()
|
||||||
|
+ * where xlen is 160 */
|
||||||
|
+
|
||||||
|
+int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen)
|
||||||
|
+{
|
||||||
|
+ /* FIPS 186-2 + change notice 1 */
|
||||||
|
+
|
||||||
|
+ mbedtls_sha1_context ctx;
|
||||||
|
+ u8 * const xkey = ctx.MBEDTLS_PRIVATE(buffer);
|
||||||
|
+ u32 * const xstate = ctx.MBEDTLS_PRIVATE(state);
|
||||||
|
+ const u32 xstate_init[] =
|
||||||
|
+ { 0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476, 0xC3D2E1F0 };
|
||||||
|
+
|
||||||
|
+ mbedtls_sha1_init(&ctx);
|
||||||
|
+ os_memcpy(xkey, seed, seed_len < 64 ? seed_len : 64);
|
||||||
|
+
|
||||||
|
+ /* note: does not fill extra bytes if (xlen % 20) (SHA1_MAC_LEN) */
|
||||||
|
+ for (; xlen >= 20; xlen -= 20) {
|
||||||
|
+ /* XSEED_j = 0 */
|
||||||
|
+ /* XVAL = (XKEY + XSEED_j) mod 2^b */
|
||||||
|
+
|
||||||
|
+ /* w_i = G(t, XVAL) */
|
||||||
|
+ os_memcpy(xstate, xstate_init, sizeof(xstate_init));
|
||||||
|
+ mbedtls_internal_sha1_process(&ctx, xkey);
|
||||||
|
+
|
||||||
|
+ #if __BYTE_ORDER == __LITTLE_ENDIAN
|
||||||
|
+ xstate[0] = host_to_be32(xstate[0]);
|
||||||
|
+ xstate[1] = host_to_be32(xstate[1]);
|
||||||
|
+ xstate[2] = host_to_be32(xstate[2]);
|
||||||
|
+ xstate[3] = host_to_be32(xstate[3]);
|
||||||
|
+ xstate[4] = host_to_be32(xstate[4]);
|
||||||
|
+ #endif
|
||||||
|
+ os_memcpy(x, xstate, 20);
|
||||||
|
+ if (xlen == 20) /*(done; skip prep for next loop)*/
|
||||||
|
+ break;
|
||||||
|
+
|
||||||
|
+ /* XKEY = (1 + XKEY + w_i) mod 2^b */
|
||||||
|
+ for (u32 carry = 1, k = 20; k-- > 0; carry >>= 8)
|
||||||
|
+ xkey[k] = (carry += xkey[k] + x[k]) & 0xff;
|
||||||
|
+ x += 20;
|
||||||
|
+ /* x_j = w_0|w_1 (each pair of iterations through loop)*/
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ mbedtls_sha1_free(&ctx);
|
||||||
|
+ return 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+#endif /* CRYPTO_MBEDTLS_FIPS186_2_PRF */
|
||||||
|
+
|
||||||
|
#endif /* MBEDTLS_SHA1_C */
|
||||||
|
|
||||||
|
|
||||||
|
--- a/wpa_supplicant/Makefile
|
||||||
|
+++ b/wpa_supplicant/Makefile
|
||||||
|
@@ -1160,10 +1160,6 @@ endif
|
||||||
|
OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
|
||||||
|
OBJS_p += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
|
||||||
|
OBJS_priv += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
|
||||||
|
-ifdef NEED_FIPS186_2_PRF
|
||||||
|
-OBJS += ../src/crypto/fips_prf_internal.o
|
||||||
|
-SHA1OBJS += ../src/crypto/sha1-internal.o
|
||||||
|
-endif
|
||||||
|
ifeq ($(CONFIG_CRYPTO), mbedtls)
|
||||||
|
LIBS += -lmbedcrypto
|
||||||
|
LIBS_p += -lmbedcrypto
|
@ -0,0 +1,421 @@
|
|||||||
|
From 31bd19e0e0254b910cccfd3ddc6a6a9222bbcfc0 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Glenn Strauss <gstrauss@gluelogic.com>
|
||||||
|
Date: Sun, 9 Oct 2022 05:12:17 -0400
|
||||||
|
Subject: [PATCH 3/7] mbedtls: annotate with TEST_FAIL() for hwsim tests
|
||||||
|
|
||||||
|
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
||||||
|
---
|
||||||
|
src/crypto/crypto_mbedtls.c | 124 ++++++++++++++++++++++++++++++++++++
|
||||||
|
1 file changed, 124 insertions(+)
|
||||||
|
|
||||||
|
--- a/src/crypto/crypto_mbedtls.c
|
||||||
|
+++ b/src/crypto/crypto_mbedtls.c
|
||||||
|
@@ -280,6 +280,9 @@ __attribute_noinline__
|
||||||
|
static int md_vector(size_t num_elem, const u8 *addr[], const size_t *len,
|
||||||
|
u8 *mac, mbedtls_md_type_t md_type)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
mbedtls_md_context_t ctx;
|
||||||
|
mbedtls_md_init(&ctx);
|
||||||
|
if (mbedtls_md_setup(&ctx, mbedtls_md_info_from_type(md_type), 0) != 0){
|
||||||
|
@@ -343,6 +346,9 @@ __attribute_noinline__
|
||||||
|
static int sha384_512_vector(size_t num_elem, const u8 *addr[],
|
||||||
|
const size_t *len, u8 *mac, int is384)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
struct mbedtls_sha512_context ctx;
|
||||||
|
mbedtls_sha512_init(&ctx);
|
||||||
|
#if MBEDTLS_VERSION_MAJOR >= 3
|
||||||
|
@@ -375,6 +381,9 @@ int sha384_vector(size_t num_elem, const
|
||||||
|
#include <mbedtls/sha256.h>
|
||||||
|
int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
struct mbedtls_sha256_context ctx;
|
||||||
|
mbedtls_sha256_init(&ctx);
|
||||||
|
#if MBEDTLS_VERSION_MAJOR >= 3
|
||||||
|
@@ -397,6 +406,9 @@ int sha256_vector(size_t num_elem, const
|
||||||
|
#include <mbedtls/sha1.h>
|
||||||
|
int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
struct mbedtls_sha1_context ctx;
|
||||||
|
mbedtls_sha1_init(&ctx);
|
||||||
|
#if MBEDTLS_VERSION_MAJOR >= 3
|
||||||
|
@@ -419,6 +431,9 @@ int sha1_vector(size_t num_elem, const u
|
||||||
|
#include <mbedtls/md5.h>
|
||||||
|
int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
struct mbedtls_md5_context ctx;
|
||||||
|
mbedtls_md5_init(&ctx);
|
||||||
|
#if MBEDTLS_VERSION_MAJOR >= 3
|
||||||
|
@@ -441,6 +456,9 @@ int md5_vector(size_t num_elem, const u8
|
||||||
|
#include <mbedtls/md4.h>
|
||||||
|
int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
struct mbedtls_md4_context ctx;
|
||||||
|
mbedtls_md4_init(&ctx);
|
||||||
|
mbedtls_md4_starts_ret(&ctx);
|
||||||
|
@@ -460,6 +478,9 @@ static int hmac_vector(const u8 *key, si
|
||||||
|
const u8 *addr[], const size_t *len, u8 *mac,
|
||||||
|
mbedtls_md_type_t md_type)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
mbedtls_md_context_t ctx;
|
||||||
|
mbedtls_md_init(&ctx);
|
||||||
|
if (mbedtls_md_setup(&ctx, mbedtls_md_info_from_type(md_type), 1) != 0){
|
||||||
|
@@ -571,6 +592,9 @@ static int hmac_kdf_expand(const u8 *prk
|
||||||
|
const char *label, const u8 *info, size_t info_len,
|
||||||
|
u8 *okm, size_t okm_len, mbedtls_md_type_t md_type)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type);
|
||||||
|
#ifdef MBEDTLS_HKDF_C
|
||||||
|
if (label == NULL) /* RFC 5869 HKDF-Expand when (label == NULL) */
|
||||||
|
@@ -663,6 +687,9 @@ static int hmac_prf_bits(const u8 *key,
|
||||||
|
const u8 *data, size_t data_len, u8 *buf,
|
||||||
|
size_t buf_len_bits, mbedtls_md_type_t md_type)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
mbedtls_md_context_t ctx;
|
||||||
|
mbedtls_md_init(&ctx);
|
||||||
|
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type);
|
||||||
|
@@ -938,6 +965,9 @@ int pbkdf2_sha1(const char *passphrase,
|
||||||
|
|
||||||
|
static void *aes_crypt_init_mode(const u8 *key, size_t len, int mode)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return NULL;
|
||||||
|
+
|
||||||
|
mbedtls_aes_context *aes = os_malloc(sizeof(*aes));
|
||||||
|
if (!aes)
|
||||||
|
return NULL;
|
||||||
|
@@ -996,6 +1026,9 @@ void aes_decrypt_deinit(void *ctx)
|
||||||
|
/* aes-wrap.c */
|
||||||
|
int aes_wrap(const u8 *kek, size_t kek_len, int n, const u8 *plain, u8 *cipher)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
mbedtls_nist_kw_context ctx;
|
||||||
|
mbedtls_nist_kw_init(&ctx);
|
||||||
|
size_t olen;
|
||||||
|
@@ -1010,6 +1043,9 @@ int aes_wrap(const u8 *kek, size_t kek_l
|
||||||
|
/* aes-unwrap.c */
|
||||||
|
int aes_unwrap(const u8 *kek, size_t kek_len, int n, const u8 *cipher, u8 *plain)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
mbedtls_nist_kw_context ctx;
|
||||||
|
mbedtls_nist_kw_init(&ctx);
|
||||||
|
size_t olen;
|
||||||
|
@@ -1041,6 +1077,9 @@ int omac1_aes_vector(
|
||||||
|
const u8 *key, size_t key_len, size_t num_elem, const u8 *addr[],
|
||||||
|
const size_t *len, u8 *mac)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
mbedtls_cipher_type_t cipher_type;
|
||||||
|
switch (key_len) {
|
||||||
|
case 16: cipher_type = MBEDTLS_CIPHER_AES_128_ECB; break;
|
||||||
|
@@ -1103,6 +1142,9 @@ int omac1_aes_256(const u8 *key, const u
|
||||||
|
/* aes-encblock.c */
|
||||||
|
int aes_128_encrypt_block(const u8 *key, const u8 *in, u8 *out)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
mbedtls_aes_context aes;
|
||||||
|
mbedtls_aes_init(&aes);
|
||||||
|
int ret = mbedtls_aes_setkey_enc(&aes, key, 128)
|
||||||
|
@@ -1118,6 +1160,9 @@ int aes_128_encrypt_block(const u8 *key,
|
||||||
|
int aes_ctr_encrypt(const u8 *key, size_t key_len, const u8 *nonce,
|
||||||
|
u8 *data, size_t data_len)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
unsigned char counter[MBEDTLS_AES_BLOCK_SIZE];
|
||||||
|
unsigned char stream_block[MBEDTLS_AES_BLOCK_SIZE];
|
||||||
|
os_memcpy(counter, nonce, MBEDTLS_AES_BLOCK_SIZE);/*(must be writable)*/
|
||||||
|
@@ -1160,11 +1205,17 @@ static int aes_128_cbc_oper(const u8 *ke
|
||||||
|
|
||||||
|
int aes_128_cbc_encrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
return aes_128_cbc_oper(key, iv, data, data_len, MBEDTLS_AES_ENCRYPT);
|
||||||
|
}
|
||||||
|
|
||||||
|
int aes_128_cbc_decrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
return aes_128_cbc_oper(key, iv, data, data_len, MBEDTLS_AES_DECRYPT);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -1407,6 +1458,10 @@ int crypto_hash_finish(struct crypto_has
|
||||||
|
}
|
||||||
|
mbedtls_md_free(mctx);
|
||||||
|
os_free(mctx);
|
||||||
|
+
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -1421,6 +1476,9 @@ int crypto_hash_finish(struct crypto_has
|
||||||
|
|
||||||
|
struct crypto_bignum *crypto_bignum_init(void)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return NULL;
|
||||||
|
+
|
||||||
|
mbedtls_mpi *bn = os_malloc(sizeof(*bn));
|
||||||
|
if (bn)
|
||||||
|
mbedtls_mpi_init(bn);
|
||||||
|
@@ -1429,6 +1487,9 @@ struct crypto_bignum *crypto_bignum_init
|
||||||
|
|
||||||
|
struct crypto_bignum *crypto_bignum_init_set(const u8 *buf, size_t len)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return NULL;
|
||||||
|
+
|
||||||
|
mbedtls_mpi *bn = os_malloc(sizeof(*bn));
|
||||||
|
if (bn) {
|
||||||
|
mbedtls_mpi_init(bn);
|
||||||
|
@@ -1442,6 +1503,9 @@ struct crypto_bignum *crypto_bignum_init
|
||||||
|
|
||||||
|
struct crypto_bignum *crypto_bignum_init_uint(unsigned int val)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return NULL;
|
||||||
|
+
|
||||||
|
#if 0 /*(hostap use of this interface passes int, not uint)*/
|
||||||
|
val = host_to_be32(val);
|
||||||
|
return crypto_bignum_init_set((const u8 *)&val, sizeof(val));
|
||||||
|
@@ -1467,6 +1531,9 @@ void crypto_bignum_deinit(struct crypto_
|
||||||
|
int crypto_bignum_to_bin(const struct crypto_bignum *a,
|
||||||
|
u8 *buf, size_t buflen, size_t padlen)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
size_t n = mbedtls_mpi_size((mbedtls_mpi *)a);
|
||||||
|
if (n < padlen)
|
||||||
|
n = padlen;
|
||||||
|
@@ -1477,6 +1544,9 @@ int crypto_bignum_to_bin(const struct cr
|
||||||
|
|
||||||
|
int crypto_bignum_rand(struct crypto_bignum *r, const struct crypto_bignum *m)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
/*assert(r != m);*//* r must not be same as m for mbedtls_mpi_random()*/
|
||||||
|
#if MBEDTLS_VERSION_NUMBER >= 0x021B0000 /* mbedtls 2.27.0 */
|
||||||
|
return mbedtls_mpi_random((mbedtls_mpi *)r, 0, (mbedtls_mpi *)m,
|
||||||
|
@@ -1513,6 +1583,9 @@ int crypto_bignum_exptmod(const struct c
|
||||||
|
const struct crypto_bignum *c,
|
||||||
|
struct crypto_bignum *d)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
/* (check if input params match d; d is the result) */
|
||||||
|
/* (a == d) is ok in current mbedtls implementation */
|
||||||
|
if (b == d || c == d) { /*(not ok; store result in intermediate)*/
|
||||||
|
@@ -1540,6 +1613,9 @@ int crypto_bignum_inverse(const struct c
|
||||||
|
const struct crypto_bignum *b,
|
||||||
|
struct crypto_bignum *c)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
return mbedtls_mpi_inv_mod((mbedtls_mpi *)c,
|
||||||
|
(const mbedtls_mpi *)a,
|
||||||
|
(const mbedtls_mpi *)b) ? -1 : 0;
|
||||||
|
@@ -1549,6 +1625,9 @@ int crypto_bignum_sub(const struct crypt
|
||||||
|
const struct crypto_bignum *b,
|
||||||
|
struct crypto_bignum *c)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
return mbedtls_mpi_sub_mpi((mbedtls_mpi *)c,
|
||||||
|
(const mbedtls_mpi *)a,
|
||||||
|
(const mbedtls_mpi *)b) ? -1 : 0;
|
||||||
|
@@ -1558,6 +1637,9 @@ int crypto_bignum_div(const struct crypt
|
||||||
|
const struct crypto_bignum *b,
|
||||||
|
struct crypto_bignum *c)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
/*(most current use of this crypto.h interface has a == c (result),
|
||||||
|
* so store result in an intermediate to avoid overwritten input)*/
|
||||||
|
mbedtls_mpi R;
|
||||||
|
@@ -1575,6 +1657,9 @@ int crypto_bignum_addmod(const struct cr
|
||||||
|
const struct crypto_bignum *c,
|
||||||
|
struct crypto_bignum *d)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
return mbedtls_mpi_add_mpi((mbedtls_mpi *)d,
|
||||||
|
(const mbedtls_mpi *)a,
|
||||||
|
(const mbedtls_mpi *)b)
|
||||||
|
@@ -1588,6 +1673,9 @@ int crypto_bignum_mulmod(const struct cr
|
||||||
|
const struct crypto_bignum *c,
|
||||||
|
struct crypto_bignum *d)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
return mbedtls_mpi_mul_mpi((mbedtls_mpi *)d,
|
||||||
|
(const mbedtls_mpi *)a,
|
||||||
|
(const mbedtls_mpi *)b)
|
||||||
|
@@ -1600,6 +1688,9 @@ int crypto_bignum_sqrmod(const struct cr
|
||||||
|
const struct crypto_bignum *b,
|
||||||
|
struct crypto_bignum *c)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
#if 1
|
||||||
|
return crypto_bignum_mulmod(a, a, b, c);
|
||||||
|
#else
|
||||||
|
@@ -1650,6 +1741,9 @@ int crypto_bignum_is_odd(const struct cr
|
||||||
|
int crypto_bignum_legendre(const struct crypto_bignum *a,
|
||||||
|
const struct crypto_bignum *p)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -2;
|
||||||
|
+
|
||||||
|
/* Security Note:
|
||||||
|
* mbedtls_mpi_exp_mod() is not documented to run in constant time,
|
||||||
|
* though mbedtls/library/bignum.c uses constant_time_internal.h funcs.
|
||||||
|
@@ -1702,6 +1796,9 @@ int crypto_mod_exp(const u8 *base, size_
|
||||||
|
const u8 *modulus, size_t modulus_len,
|
||||||
|
u8 *result, size_t *result_len)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
mbedtls_mpi bn_base, bn_exp, bn_modulus, bn_result;
|
||||||
|
mbedtls_mpi_init(&bn_base);
|
||||||
|
mbedtls_mpi_init(&bn_exp);
|
||||||
|
@@ -1769,6 +1866,9 @@ static int crypto_mbedtls_dh_init_public
|
||||||
|
int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey,
|
||||||
|
u8 *pubkey)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
#if 0 /*(crypto_dh_init() duplicated (and identical) in crypto_*.c modules)*/
|
||||||
|
size_t pubkey_len, pad;
|
||||||
|
|
||||||
|
@@ -1810,6 +1910,9 @@ int crypto_dh_derive_secret(u8 generator
|
||||||
|
const u8 *pubkey, size_t pubkey_len,
|
||||||
|
u8 *secret, size_t *len)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
#if 0
|
||||||
|
if (pubkey_len > prime_len ||
|
||||||
|
(pubkey_len == prime_len &&
|
||||||
|
@@ -2512,6 +2615,9 @@ const struct crypto_ec_point * crypto_ec
|
||||||
|
|
||||||
|
struct crypto_ec_point *crypto_ec_point_init(struct crypto_ec *e)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return NULL;
|
||||||
|
+
|
||||||
|
mbedtls_ecp_point *p = os_malloc(sizeof(*p));
|
||||||
|
if (p != NULL)
|
||||||
|
mbedtls_ecp_point_init(p);
|
||||||
|
@@ -2536,6 +2642,9 @@ int crypto_ec_point_x(struct crypto_ec *
|
||||||
|
int crypto_ec_point_to_bin(struct crypto_ec *e,
|
||||||
|
const struct crypto_ec_point *point, u8 *x, u8 *y)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
/* crypto.h documents crypto_ec_point_to_bin() output is big-endian */
|
||||||
|
size_t len = CRYPTO_EC_plen(e);
|
||||||
|
if (x) {
|
||||||
|
@@ -2563,6 +2672,9 @@ int crypto_ec_point_to_bin(struct crypto
|
||||||
|
struct crypto_ec_point * crypto_ec_point_from_bin(struct crypto_ec *e,
|
||||||
|
const u8 *val)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return NULL;
|
||||||
|
+
|
||||||
|
size_t len = CRYPTO_EC_plen(e);
|
||||||
|
mbedtls_ecp_point *p = os_malloc(sizeof(*p));
|
||||||
|
u8 buf[1+MBEDTLS_MPI_MAX_SIZE*2];
|
||||||
|
@@ -2615,6 +2727,9 @@ int crypto_ec_point_add(struct crypto_ec
|
||||||
|
const struct crypto_ec_point *b,
|
||||||
|
struct crypto_ec_point *c)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
/* mbedtls does not provide an mbedtls_ecp_point add function */
|
||||||
|
mbedtls_mpi one;
|
||||||
|
mbedtls_mpi_init(&one);
|
||||||
|
@@ -2631,6 +2746,9 @@ int crypto_ec_point_mul(struct crypto_ec
|
||||||
|
const struct crypto_bignum *b,
|
||||||
|
struct crypto_ec_point *res)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
return mbedtls_ecp_mul(
|
||||||
|
(mbedtls_ecp_group *)e, (mbedtls_ecp_point *)res,
|
||||||
|
(const mbedtls_mpi *)b, (const mbedtls_ecp_point *)p,
|
||||||
|
@@ -2639,6 +2757,9 @@ int crypto_ec_point_mul(struct crypto_ec
|
||||||
|
|
||||||
|
int crypto_ec_point_invert(struct crypto_ec *e, struct crypto_ec_point *p)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
if (mbedtls_ecp_get_type((mbedtls_ecp_group *)e)
|
||||||
|
== MBEDTLS_ECP_TYPE_MONTGOMERY) {
|
||||||
|
/* e.g. MBEDTLS_ECP_DP_CURVE25519 and MBEDTLS_ECP_DP_CURVE448 */
|
||||||
|
@@ -2751,6 +2872,9 @@ struct crypto_bignum *
|
||||||
|
crypto_ec_point_compute_y_sqr(struct crypto_ec *e,
|
||||||
|
const struct crypto_bignum *x)
|
||||||
|
{
|
||||||
|
+ if (TEST_FAIL())
|
||||||
|
+ return NULL;
|
||||||
|
+
|
||||||
|
mbedtls_mpi *y2 = os_malloc(sizeof(*y2));
|
||||||
|
if (y2 == NULL)
|
||||||
|
return NULL;
|
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,45 @@
|
|||||||
|
From 33afce36c54b0cad38643629ded10ff5d727f077 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Glenn Strauss <gstrauss@gluelogic.com>
|
||||||
|
Date: Fri, 12 Aug 2022 05:34:47 -0400
|
||||||
|
Subject: [PATCH 5/7] add NULL checks (encountered during tests/hwsim)
|
||||||
|
|
||||||
|
sae_derive_commit_element_ecc NULL pwe_ecc check
|
||||||
|
dpp_gen_keypair() NULL curve check
|
||||||
|
|
||||||
|
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
||||||
|
---
|
||||||
|
src/common/dpp_crypto.c | 6 ++++++
|
||||||
|
src/common/sae.c | 7 +++++++
|
||||||
|
2 files changed, 13 insertions(+)
|
||||||
|
|
||||||
|
--- a/src/common/dpp_crypto.c
|
||||||
|
+++ b/src/common/dpp_crypto.c
|
||||||
|
@@ -248,6 +248,12 @@ struct crypto_ec_key * dpp_set_pubkey_po
|
||||||
|
|
||||||
|
struct crypto_ec_key * dpp_gen_keypair(const struct dpp_curve_params *curve)
|
||||||
|
{
|
||||||
|
+ if (curve == NULL) {
|
||||||
|
+ wpa_printf(MSG_DEBUG,
|
||||||
|
+ "DPP: %s curve must be initialized", __func__);
|
||||||
|
+ return NULL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
struct crypto_ec_key *key;
|
||||||
|
|
||||||
|
wpa_printf(MSG_DEBUG, "DPP: Generating a keypair");
|
||||||
|
--- a/src/common/sae.c
|
||||||
|
+++ b/src/common/sae.c
|
||||||
|
@@ -1278,6 +1278,13 @@ void sae_deinit_pt(struct sae_pt *pt)
|
||||||
|
static int sae_derive_commit_element_ecc(struct sae_data *sae,
|
||||||
|
struct crypto_bignum *mask)
|
||||||
|
{
|
||||||
|
+ if (sae->tmp->pwe_ecc == NULL) {
|
||||||
|
+ wpa_printf(MSG_DEBUG,
|
||||||
|
+ "SAE: %s sae->tmp->pwe_ecc must be initialized",
|
||||||
|
+ __func__);
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
/* COMMIT-ELEMENT = inverse(scalar-op(mask, PWE)) */
|
||||||
|
if (!sae->tmp->own_commit_element_ecc) {
|
||||||
|
sae->tmp->own_commit_element_ecc =
|
@ -0,0 +1,26 @@
|
|||||||
|
From 54211caa2e0e5163aefef390daf88a971367a702 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Glenn Strauss <gstrauss@gluelogic.com>
|
||||||
|
Date: Tue, 4 Oct 2022 17:09:24 -0400
|
||||||
|
Subject: [PATCH 6/7] dpp_pkex: EC point mul w/ value < prime
|
||||||
|
|
||||||
|
crypto_ec_point_mul() with mbedtls requires point
|
||||||
|
be multiplied by a multiplicand with value < prime
|
||||||
|
|
||||||
|
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
||||||
|
---
|
||||||
|
src/common/dpp_crypto.c | 4 +++-
|
||||||
|
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
--- a/src/common/dpp_crypto.c
|
||||||
|
+++ b/src/common/dpp_crypto.c
|
||||||
|
@@ -1567,7 +1567,9 @@ dpp_pkex_derive_Qr(const struct dpp_curv
|
||||||
|
Pr = crypto_ec_key_get_public_key(Pr_key);
|
||||||
|
Qr = crypto_ec_point_init(ec);
|
||||||
|
hash_bn = crypto_bignum_init_set(hash, curve->hash_len);
|
||||||
|
- if (!Pr || !Qr || !hash_bn || crypto_ec_point_mul(ec, Pr, hash_bn, Qr))
|
||||||
|
+ if (!Pr || !Qr || !hash_bn ||
|
||||||
|
+ crypto_bignum_mod(hash_bn, crypto_ec_get_prime(ec), hash_bn) ||
|
||||||
|
+ crypto_ec_point_mul(ec, Pr, hash_bn, Qr))
|
||||||
|
goto fail;
|
||||||
|
|
||||||
|
if (crypto_ec_point_is_at_infinity(ec, Qr)) {
|
@ -0,0 +1,32 @@
|
|||||||
|
From 639bb1bb912029ec4ff110c3ed807b62f583d6bf Mon Sep 17 00:00:00 2001
|
||||||
|
From: Glenn Strauss <gstrauss@gluelogic.com>
|
||||||
|
Date: Sun, 9 Oct 2022 04:02:44 -0400
|
||||||
|
Subject: [PATCH 7/7] DPP: fix memleak of intro.peer_key
|
||||||
|
|
||||||
|
fix memleak of intro.peer_key in wpas_dpp_rx_peer_disc_resp()
|
||||||
|
|
||||||
|
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
||||||
|
---
|
||||||
|
wpa_supplicant/dpp_supplicant.c | 4 +++-
|
||||||
|
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
--- a/wpa_supplicant/dpp_supplicant.c
|
||||||
|
+++ b/wpa_supplicant/dpp_supplicant.c
|
||||||
|
@@ -2610,6 +2610,8 @@ static void wpas_dpp_rx_peer_disc_resp(s
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ os_memset(&intro, 0, sizeof(intro));
|
||||||
|
+
|
||||||
|
trans_id = dpp_get_attr(buf, len, DPP_ATTR_TRANSACTION_ID,
|
||||||
|
&trans_id_len);
|
||||||
|
if (!trans_id || trans_id_len != 1) {
|
||||||
|
@@ -2720,7 +2722,7 @@ static void wpas_dpp_rx_peer_disc_resp(s
|
||||||
|
wpa_supplicant_req_scan(wpa_s, 0, 0);
|
||||||
|
}
|
||||||
|
fail:
|
||||||
|
- os_memset(&intro, 0, sizeof(intro));
|
||||||
|
+ dpp_peer_intro_deinit(&intro);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
@ -36,7 +36,7 @@
|
|||||||
LIBS += $(DRV_AP_LIBS)
|
LIBS += $(DRV_AP_LIBS)
|
||||||
|
|
||||||
ifdef CONFIG_L2_PACKET
|
ifdef CONFIG_L2_PACKET
|
||||||
@@ -1291,6 +1297,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR)
|
@@ -1378,6 +1384,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR)
|
||||||
_OBJS_VAR := OBJS
|
_OBJS_VAR := OBJS
|
||||||
include ../src/objs.mk
|
include ../src/objs.mk
|
||||||
|
|
||||||
@ -49,7 +49,7 @@
|
|||||||
hostapd: $(OBJS)
|
hostapd: $(OBJS)
|
||||||
$(Q)$(CC) $(LDFLAGS) -o hostapd $(OBJS) $(LIBS)
|
$(Q)$(CC) $(LDFLAGS) -o hostapd $(OBJS) $(LIBS)
|
||||||
@$(E) " LD " $@
|
@$(E) " LD " $@
|
||||||
@@ -1365,6 +1377,12 @@ include ../src/objs.mk
|
@@ -1458,6 +1470,12 @@ include ../src/objs.mk
|
||||||
_OBJS_VAR := SOBJS
|
_OBJS_VAR := SOBJS
|
||||||
include ../src/objs.mk
|
include ../src/objs.mk
|
||||||
|
|
||||||
@ -128,7 +128,7 @@
|
|||||||
NEED_AES_WRAP=y
|
NEED_AES_WRAP=y
|
||||||
OBJS += ../src/ap/wpa_auth.o
|
OBJS += ../src/ap/wpa_auth.o
|
||||||
OBJS += ../src/ap/wpa_auth_ie.o
|
OBJS += ../src/ap/wpa_auth_ie.o
|
||||||
@@ -1920,6 +1937,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
|
@@ -1996,6 +2013,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv)
|
||||||
|
|
||||||
_OBJS_VAR := OBJS
|
_OBJS_VAR := OBJS
|
||||||
include ../src/objs.mk
|
include ../src/objs.mk
|
||||||
@ -141,7 +141,7 @@
|
|||||||
wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
|
wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
|
||||||
$(Q)$(LDO) $(LDFLAGS) -o wpa_supplicant $(OBJS) $(LIBS) $(EXTRALIBS)
|
$(Q)$(LDO) $(LDFLAGS) -o wpa_supplicant $(OBJS) $(LIBS) $(EXTRALIBS)
|
||||||
@$(E) " LD " $@
|
@$(E) " LD " $@
|
||||||
@@ -2052,6 +2075,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK)
|
@@ -2128,6 +2151,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK)
|
||||||
$(Q)sed -e 's|\@BINDIR\@|$(BINDIR)|g' $< >$@
|
$(Q)sed -e 's|\@BINDIR\@|$(BINDIR)|g' $< >$@
|
||||||
@$(E) " sed" $<
|
@$(E) " sed" $<
|
||||||
|
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
--- a/hostapd/Makefile
|
--- a/hostapd/Makefile
|
||||||
+++ b/hostapd/Makefile
|
+++ b/hostapd/Makefile
|
||||||
@@ -1307,7 +1307,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS)
|
@@ -1394,7 +1394,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS)
|
||||||
@$(AR) cr $@ hostapd_multi.o $(OBJS)
|
@$(AR) cr $@ hostapd_multi.o $(OBJS)
|
||||||
|
|
||||||
hostapd: $(OBJS)
|
hostapd: $(OBJS)
|
||||||
@ -9,7 +9,7 @@
|
|||||||
@$(E) " LD " $@
|
@$(E) " LD " $@
|
||||||
|
|
||||||
ifdef CONFIG_WPA_TRACE
|
ifdef CONFIG_WPA_TRACE
|
||||||
@@ -1318,7 +1318,7 @@ _OBJS_VAR := OBJS_c
|
@@ -1405,7 +1405,7 @@ _OBJS_VAR := OBJS_c
|
||||||
include ../src/objs.mk
|
include ../src/objs.mk
|
||||||
|
|
||||||
hostapd_cli: $(OBJS_c)
|
hostapd_cli: $(OBJS_c)
|
||||||
@ -20,7 +20,7 @@
|
|||||||
NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS)
|
NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS)
|
||||||
--- a/wpa_supplicant/Makefile
|
--- a/wpa_supplicant/Makefile
|
||||||
+++ b/wpa_supplicant/Makefile
|
+++ b/wpa_supplicant/Makefile
|
||||||
@@ -1949,31 +1949,31 @@ wpa_supplicant_multi.a: .config $(BCHECK
|
@@ -2025,31 +2025,31 @@ wpa_supplicant_multi.a: .config $(BCHECK
|
||||||
@$(AR) cr $@ wpa_supplicant_multi.o $(OBJS)
|
@$(AR) cr $@ wpa_supplicant_multi.o $(OBJS)
|
||||||
|
|
||||||
wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
|
wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
|
||||||
|
Loading…
Reference in New Issue
Block a user