fix EAP server support after the 0.7.3 import:
- eap_xxx.c files have been renamed to eap_server_xxx.c - additional crypto files are required for some options - EAP_MD5 and EAP_GTC is now enabled by default to match vendor config - move each file on its own line to hopefully make further diffs easier to read EAP_SERVER is now enabled by default. Fiddling with HOSTAPD_CFLAGS in src.conf is no longer required to get a basic WPA-EAP/radius setup running. Tested by: Johann Hugo <jhugo at meraka.csir.co.za> MFC after: 2 weeks
This commit is contained in:
Bernhard Schmidt
parent
621d9454f7
commit
54ad8e8273
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=234711
@ -7,17 +7,23 @@ WPA_SUPPLICANT_DISTDIR?=${WPA_DISTDIR}/wpa_supplicant
|
||||
HOSTAPD_DISTDIR?= ${WPA_DISTDIR}/hostapd
|
||||
|
||||
.PATH.c:${.CURDIR}/.. \
|
||||
${WPA_DISTDIR}/src/ap \
|
||||
${WPA_DISTDIR}/src/common \
|
||||
${WPA_DISTDIR}/src/crypto \
|
||||
${WPA_DISTDIR}/src/eapol_auth \
|
||||
${WPA_DISTDIR}/src/eap_common \
|
||||
${WPA_DISTDIR}/src/eap_server \
|
||||
${WPA_DISTDIR}/src/eapol_supp \
|
||||
${WPA_DISTDIR}/src/l2_packet \
|
||||
${WPA_DISTDIR}/src/radius \
|
||||
${WPA_DISTDIR}/src/utils
|
||||
|
||||
CFLAGS+=-I${.CURDIR}
|
||||
CFLAGS+=-I${HOSTAPD_DISTDIR}
|
||||
CFLAGS+=-I${WPA_DISTDIR}/src
|
||||
CFLAGS+=-I${WPA_DISTDIR}/src/common
|
||||
CFLAGS+=-I${WPA_DISTDIR}/src/crypto
|
||||
CFLAGS+=-I${WPA_DISTDIR}/src/drivers
|
||||
CFLAGS+=-I${WPA_DISTDIR}/src/l2_packet
|
||||
CFLAGS+=-I${WPA_DISTDIR}/src/utils
|
||||
|
||||
|
||||
@ -2,33 +2,59 @@
|
||||
|
||||
.include "${.CURDIR}/../Makefile.inc"
|
||||
|
||||
.PATH.c:${HOSTAPD_DISTDIR} \
|
||||
${WPA_DISTDIR}/src/ap \
|
||||
${WPA_DISTDIR}/src/eap_server \
|
||||
${WPA_DISTDIR}/src/eap_common \
|
||||
${WPA_DISTDIR}/src/eapol_auth \
|
||||
${WPA_DISTDIR}/src/drivers \
|
||||
${WPA_DISTDIR}/src/radius \
|
||||
${WPA_DISTDIR}
|
||||
.PATH.c:${WPA_DISTDIR}/src/drivers
|
||||
|
||||
PROG= hostapd
|
||||
SRCS= accounting.c aes-wrap.c ap_config.c \
|
||||
ap_drv_ops.c ap_mlme.c authsrv.c \
|
||||
chap.c common.c config_file.c ctrl_iface.c crypto_openssl.c \
|
||||
ctrl_iface_ap.c drivers.c drv_callbacks.c dump_state.c \
|
||||
eap_common.c eap_peap_common.c eap_register.c eap_server.c \
|
||||
eap_server_gtc.c eap_server_identity.c eap_server_md5.c \
|
||||
eap_server_methods.c eap_server_mschapv2.c eap_server_peap.c \
|
||||
eap_server_tls.c eap_server_tls_common.c eap_server_ttls.c \
|
||||
eapol_auth_dump.c eapol_auth_sm.c eloop.c hostapd.c ieee802_11_auth.c \
|
||||
ieee802_11_common.c ieee802_11_ht.c ieee802_1x.c ip_addr.c \
|
||||
md5.c main.c ms_funcs.c peerkey_auth.c pmksa_cache_auth.c \
|
||||
preauth_auth.c radius.c radius_client.c sta_info.c \
|
||||
sha1-pbkdf2.c sha1-tlsprf.c sha1-tprf.c sha1.c \
|
||||
tkip_countermeasures.c utils.c \
|
||||
vlan_init.c wpa_auth.c wpa_auth_glue.c wpa_auth_ie.c wpa_common.c \
|
||||
wpa_debug.c wpabuf.c
|
||||
SRCS+= l2_packet_freebsd.c driver_freebsd.c os_unix.c
|
||||
SRCS= accounting.c \
|
||||
aes-wrap.c \
|
||||
ap_config.c \
|
||||
ap_drv_ops.c \
|
||||
ap_mlme.c \
|
||||
authsrv.c \
|
||||
chap.c \
|
||||
common.c \
|
||||
config_file.c \
|
||||
crypto_openssl.c \
|
||||
ctrl_iface.c \
|
||||
ctrl_iface_ap.c \
|
||||
drivers.c \
|
||||
drv_callbacks.c \
|
||||
eap_common.c \
|
||||
eap_peap_common.c \
|
||||
eap_register.c \
|
||||
eapol_auth_dump.c \
|
||||
eapol_auth_sm.c \
|
||||
eap_server.c \
|
||||
eap_server_methods.c \
|
||||
eloop.c \
|
||||
hostapd.c \
|
||||
ieee802_11_auth.c \
|
||||
ieee802_11_common.c \
|
||||
ieee802_1x.c \
|
||||
ip_addr.c \
|
||||
main.c \
|
||||
md5.c \
|
||||
ms_funcs.c \
|
||||
os_unix.c \
|
||||
peerkey_auth.c \
|
||||
pmksa_cache_auth.c \
|
||||
preauth_auth.c \
|
||||
radius.c \
|
||||
radius_client.c \
|
||||
sha1-pbkdf2.c \
|
||||
sha1-tlsprf.c \
|
||||
sha1.c \
|
||||
sta_info.c \
|
||||
tkip_countermeasures.c \
|
||||
utils.c \
|
||||
vlan_init.c \
|
||||
wpa_auth.c \
|
||||
wpa_auth_glue.c \
|
||||
wpa_auth_ie.c \
|
||||
wpa_common.c \
|
||||
wpa_debug.c \
|
||||
wpabuf.c
|
||||
SRCS+= l2_packet_freebsd.c driver_freebsd.c
|
||||
|
||||
MAN= hostapd.8 hostapd.conf.5
|
||||
|
||||
@ -38,10 +64,11 @@ FILESDIR= ${SHAREDIR}/examples/hostapd
|
||||
FILES= hostapd.conf hostapd.eap_user hostapd.wpa_psk
|
||||
.endif
|
||||
|
||||
CFLAGS+= -I${HOSTAPD_DISTDIR} -I${WPA_DISTDIR}/src/drivers
|
||||
|
||||
CFLAGS+= -DCONFIG_DRIVER_BSD -DHOSTAPD
|
||||
CFLAGS+= -DCONFIG_DRIVER_RADIUS_ACL
|
||||
CFLAGS+=-DCONFIG_DRIVER_BSD \
|
||||
-DHOSTAPD \
|
||||
-DCONFIG_DRIVER_RADIUS_ACL \
|
||||
-DCONFIG_RSN_PREAUTH \
|
||||
-DCONFIG_PEERKEY
|
||||
.if ${MK_INET6} != "no"
|
||||
CFLAGS+= -DCONFIG_IPV6
|
||||
.endif
|
||||
@ -55,51 +82,64 @@ CFLAGS+=${HOSTAPD_CFLAGS}
|
||||
LDADD+=${HOSTAPD_LDADD}
|
||||
#LDFLAGS+=${HOSTAPD_LDFLAGS}
|
||||
|
||||
.if !empty(CFLAGS:M*-DEAP_SERVER)
|
||||
#SRCS+= eap.c eap_methods.c eap_identity.c
|
||||
|
||||
.if ${MK_OPENSSL} != "no" && !defined(RELEASE_CRUNCH)
|
||||
|
||||
CFLAGS+=-DEAP_TLS -DEAP_PEAP -DEAP_MSCHAPv2 -DEAP_PSK \
|
||||
-DEAP_TLS_FUNCS -DEAP_TLS_OPENSSL
|
||||
SRCS+= crypto_openssl.c
|
||||
SRCS+= eap_tls.c eap_peap.c eap_peap_common.c eap_mschapv2.c \
|
||||
eap_psk.c eap_psk_common.c \
|
||||
eap_tls_common.c tls_openssl.c ms_funcs.c chap.c
|
||||
|
||||
CFLAGS+=-DEAP_TTLS -DEAP_MD5
|
||||
SRCS+= eap_ttls.c eap_md5.c
|
||||
|
||||
.if !empty(CFLAGS:M*-DEAP_GTC)
|
||||
SRCS+= eap_gtc.c
|
||||
.endif
|
||||
CFLAGS+=-DDPKCS12_FUNCS \
|
||||
-DEAP_SERVER \
|
||||
-DEAP_SERVER_GTC \
|
||||
-DEAP_SERVER_IDENTITY \
|
||||
-DEAP_SERVER_MD5 \
|
||||
-DEAP_SERVER_MSCHAPV2 \
|
||||
-DEAP_SERVER_PEAP \
|
||||
-DEAP_SERVER_TLS \
|
||||
-DEAP_SERVER_TTLS \
|
||||
-DEAP_TLS_FUNCS \
|
||||
-DCONFIG_NO_DUMP_STATE
|
||||
SRCS+= dump_state.c \
|
||||
eap_server_gtc.c \
|
||||
eap_server_identity.c \
|
||||
eap_server_md5.c \
|
||||
eap_server_mschapv2.c \
|
||||
eap_server_peap.c \
|
||||
eap_server_tls.c \
|
||||
eap_server_tls_common.c \
|
||||
eap_server_ttls.c \
|
||||
tls_openssl.c
|
||||
|
||||
.if !empty(CFLAGS:M*-DEAP_AKA)
|
||||
NEED_SIM_COMMON= true
|
||||
SRCS+= eap_aka.c
|
||||
NEED_SHA256= true
|
||||
SRCS+= eap_server_aka.c
|
||||
.endif
|
||||
|
||||
.if !empty(CFLAGS:M*-DEAP_SIM)
|
||||
NEED_SIM_COMMON= true
|
||||
SRCS+= eap_sim.c
|
||||
SRCS+= eap_server_sim.c
|
||||
.endif
|
||||
|
||||
.if defined(NEED_SIM_COMMON)
|
||||
SRCS+= eap_sim_common.c eap_sim_db.c
|
||||
SRCS+= eap_sim_common.c \
|
||||
eap_sim_db.c
|
||||
NEED_AES_CBC= true
|
||||
NEED_FIPS186_2_PRF= true
|
||||
.endif
|
||||
|
||||
.if !empty(CFLAGS:M*-DEAP_GPSK)
|
||||
CFLAGS+=-DEAP_GPSK_SHA256
|
||||
SRCS+= eap_gpsk.c eap_gpsk_common.c
|
||||
SRCS+= eap_server_gpsk.c \
|
||||
eap_gpsk_common.c
|
||||
NEED_SHA256= true
|
||||
NEED_AES_OMAC1= true
|
||||
.endif
|
||||
|
||||
.if !empty(CFLAGS:M*-DEAP_PAX)
|
||||
SRCS+= eap_pax.c eap_pax_common.c
|
||||
SRCS+= eap_server_pax.c \
|
||||
eap_pax_common.c
|
||||
.endif
|
||||
|
||||
.if !empty(CFLAGS:M*-DEAP_SAKE)
|
||||
SRCS+= eap_sake.c eap_sake_common.c
|
||||
SRCS+= eap_server_sake.c \
|
||||
eap_sake_common.c
|
||||
.endif
|
||||
|
||||
DPADD+= ${LIBSSL} ${LIBCRYPTO}
|
||||
@ -108,12 +148,19 @@ LDADD+= -lssl -lcrypto
|
||||
NEED_TLS_NONE= true
|
||||
.endif
|
||||
|
||||
.else
|
||||
NEED_TLS_NONE= true
|
||||
.if defined(NEED_AES_CBC)
|
||||
SRCS+= aes-cbc.c
|
||||
.endif
|
||||
|
||||
.if defined(NEED_AES_OMAC1)
|
||||
SRCS+= aes-omac1.c
|
||||
.endif
|
||||
|
||||
.if defined(NEED_FIPS186_2_PRF)
|
||||
SRCS+= fips_prf_openssl.c
|
||||
.endif
|
||||
|
||||
.if defined(NEED_SHA256)
|
||||
CFLAGS+=-DINTERNAL_SHA256
|
||||
SRCS+= sha256.c
|
||||
.endif
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user