svn commit: r234711 - in head/usr.sbin/wpa: . hostapd
Ermal Luçi
eri at freebsd.org
Thu Apr 26 21:51:35 UTC 2012
Thanks, i actually forgot to submit this.
On Thu, Apr 26, 2012 at 7:35 PM, Bernhard Schmidt <bschmidt at freebsd.org> wrote:
> Author: bschmidt
> Date: Thu Apr 26 17:35:11 2012
> New Revision: 234711
> URL: http://svn.freebsd.org/changeset/base/234711
>
> Log:
> fix EAP server support after the 0.7.3 import:
> - eap_xxx.c files have been renamed to eap_server_xxx.c
> - additional crypto files are required for some options
> - EAP_MD5 and EAP_GTC is now enabled by default to match vendor config
> - move each file on its own line to hopefully make further diffs easier
> to read
>
> EAP_SERVER is now enabled by default. Fiddling with HOSTAPD_CFLAGS in
> src.conf is no longer required to get a basic WPA-EAP/radius setup
> running.
>
> Tested by: Johann Hugo <jhugo at meraka.csir.co.za>
> MFC after: 2 weeks
>
> Modified:
> head/usr.sbin/wpa/Makefile.inc
> head/usr.sbin/wpa/hostapd/Makefile
>
> Modified: head/usr.sbin/wpa/Makefile.inc
> ==============================================================================
> --- head/usr.sbin/wpa/Makefile.inc Thu Apr 26 14:51:12 2012 (r234710)
> +++ head/usr.sbin/wpa/Makefile.inc Thu Apr 26 17:35:11 2012 (r234711)
> @@ -7,17 +7,23 @@ WPA_SUPPLICANT_DISTDIR?=${WPA_DISTDIR}/w
> HOSTAPD_DISTDIR?= ${WPA_DISTDIR}/hostapd
>
> .PATH.c:${.CURDIR}/.. \
> + ${WPA_DISTDIR}/src/ap \
> ${WPA_DISTDIR}/src/common \
> ${WPA_DISTDIR}/src/crypto \
> + ${WPA_DISTDIR}/src/eapol_auth \
> ${WPA_DISTDIR}/src/eap_common \
> + ${WPA_DISTDIR}/src/eap_server \
> ${WPA_DISTDIR}/src/eapol_supp \
> ${WPA_DISTDIR}/src/l2_packet \
> + ${WPA_DISTDIR}/src/radius \
> ${WPA_DISTDIR}/src/utils
>
> CFLAGS+=-I${.CURDIR}
> +CFLAGS+=-I${HOSTAPD_DISTDIR}
> CFLAGS+=-I${WPA_DISTDIR}/src
> CFLAGS+=-I${WPA_DISTDIR}/src/common
> CFLAGS+=-I${WPA_DISTDIR}/src/crypto
> +CFLAGS+=-I${WPA_DISTDIR}/src/drivers
> CFLAGS+=-I${WPA_DISTDIR}/src/l2_packet
> CFLAGS+=-I${WPA_DISTDIR}/src/utils
>
>
> Modified: head/usr.sbin/wpa/hostapd/Makefile
> ==============================================================================
> --- head/usr.sbin/wpa/hostapd/Makefile Thu Apr 26 14:51:12 2012 (r234710)
> +++ head/usr.sbin/wpa/hostapd/Makefile Thu Apr 26 17:35:11 2012 (r234711)
> @@ -2,33 +2,59 @@
>
> .include "${.CURDIR}/../Makefile.inc"
>
> -.PATH.c:${HOSTAPD_DISTDIR} \
> - ${WPA_DISTDIR}/src/ap \
> - ${WPA_DISTDIR}/src/eap_server \
> - ${WPA_DISTDIR}/src/eap_common \
> - ${WPA_DISTDIR}/src/eapol_auth \
> - ${WPA_DISTDIR}/src/drivers \
> - ${WPA_DISTDIR}/src/radius \
> - ${WPA_DISTDIR}
> +.PATH.c:${WPA_DISTDIR}/src/drivers
>
> PROG= hostapd
> -SRCS= accounting.c aes-wrap.c ap_config.c \
> - ap_drv_ops.c ap_mlme.c authsrv.c \
> - chap.c common.c config_file.c ctrl_iface.c crypto_openssl.c \
> - ctrl_iface_ap.c drivers.c drv_callbacks.c dump_state.c \
> - eap_common.c eap_peap_common.c eap_register.c eap_server.c \
> - eap_server_gtc.c eap_server_identity.c eap_server_md5.c \
> - eap_server_methods.c eap_server_mschapv2.c eap_server_peap.c \
> - eap_server_tls.c eap_server_tls_common.c eap_server_ttls.c \
> - eapol_auth_dump.c eapol_auth_sm.c eloop.c hostapd.c ieee802_11_auth.c \
> - ieee802_11_common.c ieee802_11_ht.c ieee802_1x.c ip_addr.c \
> - md5.c main.c ms_funcs.c peerkey_auth.c pmksa_cache_auth.c \
> - preauth_auth.c radius.c radius_client.c sta_info.c \
> - sha1-pbkdf2.c sha1-tlsprf.c sha1-tprf.c sha1.c \
> - tkip_countermeasures.c utils.c \
> - vlan_init.c wpa_auth.c wpa_auth_glue.c wpa_auth_ie.c wpa_common.c \
> - wpa_debug.c wpabuf.c
> -SRCS+= l2_packet_freebsd.c driver_freebsd.c os_unix.c
> +SRCS= accounting.c \
> + aes-wrap.c \
> + ap_config.c \
> + ap_drv_ops.c \
> + ap_mlme.c \
> + authsrv.c \
> + chap.c \
> + common.c \
> + config_file.c \
> + crypto_openssl.c \
> + ctrl_iface.c \
> + ctrl_iface_ap.c \
> + drivers.c \
> + drv_callbacks.c \
> + eap_common.c \
> + eap_peap_common.c \
> + eap_register.c \
> + eapol_auth_dump.c \
> + eapol_auth_sm.c \
> + eap_server.c \
> + eap_server_methods.c \
> + eloop.c \
> + hostapd.c \
> + ieee802_11_auth.c \
> + ieee802_11_common.c \
> + ieee802_1x.c \
> + ip_addr.c \
> + main.c \
> + md5.c \
> + ms_funcs.c \
> + os_unix.c \
> + peerkey_auth.c \
> + pmksa_cache_auth.c \
> + preauth_auth.c \
> + radius.c \
> + radius_client.c \
> + sha1-pbkdf2.c \
> + sha1-tlsprf.c \
> + sha1.c \
> + sta_info.c \
> + tkip_countermeasures.c \
> + utils.c \
> + vlan_init.c \
> + wpa_auth.c \
> + wpa_auth_glue.c \
> + wpa_auth_ie.c \
> + wpa_common.c \
> + wpa_debug.c \
> + wpabuf.c
> +SRCS+= l2_packet_freebsd.c driver_freebsd.c
>
> MAN= hostapd.8 hostapd.conf.5
>
> @@ -38,10 +64,11 @@ FILESDIR= ${SHAREDIR}/examples/hostapd
> FILES= hostapd.conf hostapd.eap_user hostapd.wpa_psk
> .endif
>
> -CFLAGS+= -I${HOSTAPD_DISTDIR} -I${WPA_DISTDIR}/src/drivers
> -
> -CFLAGS+= -DCONFIG_DRIVER_BSD -DHOSTAPD
> -CFLAGS+= -DCONFIG_DRIVER_RADIUS_ACL
> +CFLAGS+=-DCONFIG_DRIVER_BSD \
> + -DHOSTAPD \
> + -DCONFIG_DRIVER_RADIUS_ACL \
> + -DCONFIG_RSN_PREAUTH \
> + -DCONFIG_PEERKEY
> .if ${MK_INET6} != "no"
> CFLAGS+= -DCONFIG_IPV6
> .endif
> @@ -55,51 +82,64 @@ CFLAGS+=${HOSTAPD_CFLAGS}
> LDADD+=${HOSTAPD_LDADD}
> #LDFLAGS+=${HOSTAPD_LDFLAGS}
>
> -.if !empty(CFLAGS:M*-DEAP_SERVER)
> -#SRCS+= eap.c eap_methods.c eap_identity.c
> -
> .if ${MK_OPENSSL} != "no" && !defined(RELEASE_CRUNCH)
>
> -CFLAGS+=-DEAP_TLS -DEAP_PEAP -DEAP_MSCHAPv2 -DEAP_PSK \
> - -DEAP_TLS_FUNCS -DEAP_TLS_OPENSSL
> -SRCS+= crypto_openssl.c
> -SRCS+= eap_tls.c eap_peap.c eap_peap_common.c eap_mschapv2.c \
> - eap_psk.c eap_psk_common.c \
> - eap_tls_common.c tls_openssl.c ms_funcs.c chap.c
> -
> -CFLAGS+=-DEAP_TTLS -DEAP_MD5
> -SRCS+= eap_ttls.c eap_md5.c
> -
> -.if !empty(CFLAGS:M*-DEAP_GTC)
> -SRCS+= eap_gtc.c
> -.endif
> +CFLAGS+=-DDPKCS12_FUNCS \
> + -DEAP_SERVER \
> + -DEAP_SERVER_GTC \
> + -DEAP_SERVER_IDENTITY \
> + -DEAP_SERVER_MD5 \
> + -DEAP_SERVER_MSCHAPV2 \
> + -DEAP_SERVER_PEAP \
> + -DEAP_SERVER_TLS \
> + -DEAP_SERVER_TTLS \
> + -DEAP_TLS_FUNCS \
> + -DCONFIG_NO_DUMP_STATE
> +SRCS+= dump_state.c \
> + eap_server_gtc.c \
> + eap_server_identity.c \
> + eap_server_md5.c \
> + eap_server_mschapv2.c \
> + eap_server_peap.c \
> + eap_server_tls.c \
> + eap_server_tls_common.c \
> + eap_server_ttls.c \
> + tls_openssl.c
>
> .if !empty(CFLAGS:M*-DEAP_AKA)
> NEED_SIM_COMMON= true
> -SRCS+= eap_aka.c
> +NEED_SHA256= true
> +SRCS+= eap_server_aka.c
> .endif
>
> .if !empty(CFLAGS:M*-DEAP_SIM)
> NEED_SIM_COMMON= true
> -SRCS+= eap_sim.c
> +SRCS+= eap_server_sim.c
> .endif
>
> .if defined(NEED_SIM_COMMON)
> -SRCS+= eap_sim_common.c eap_sim_db.c
> +SRCS+= eap_sim_common.c \
> + eap_sim_db.c
> +NEED_AES_CBC= true
> +NEED_FIPS186_2_PRF= true
> .endif
>
> .if !empty(CFLAGS:M*-DEAP_GPSK)
> CFLAGS+=-DEAP_GPSK_SHA256
> -SRCS+= eap_gpsk.c eap_gpsk_common.c
> +SRCS+= eap_server_gpsk.c \
> + eap_gpsk_common.c
> NEED_SHA256= true
> +NEED_AES_OMAC1= true
> .endif
>
> .if !empty(CFLAGS:M*-DEAP_PAX)
> -SRCS+= eap_pax.c eap_pax_common.c
> +SRCS+= eap_server_pax.c \
> + eap_pax_common.c
> .endif
>
> .if !empty(CFLAGS:M*-DEAP_SAKE)
> -SRCS+= eap_sake.c eap_sake_common.c
> +SRCS+= eap_server_sake.c \
> + eap_sake_common.c
> .endif
>
> DPADD+= ${LIBSSL} ${LIBCRYPTO}
> @@ -108,12 +148,19 @@ LDADD+= -lssl -lcrypto
> NEED_TLS_NONE= true
> .endif
>
> -.else
> -NEED_TLS_NONE= true
> +.if defined(NEED_AES_CBC)
> +SRCS+= aes-cbc.c
> +.endif
> +
> +.if defined(NEED_AES_OMAC1)
> +SRCS+= aes-omac1.c
> +.endif
> +
> +.if defined(NEED_FIPS186_2_PRF)
> +SRCS+= fips_prf_openssl.c
> .endif
>
> .if defined(NEED_SHA256)
> -CFLAGS+=-DINTERNAL_SHA256
> SRCS+= sha256.c
> .endif
>
--
Ermal
More information about the svn-src-head
mailing list