From 5b66dfaf6c53ac21285cbabd8935666d34d6378a Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Tue, 7 Dec 2021 11:06:16 +0100 Subject: [PATCH] hostapd: enable FILS support in the full config and add build feature discovery Signed-off-by: Felix Fietkau --- .../hostapd/files/hostapd-full.config | 2 +- .../hostapd/files/wpa_supplicant-full.config | 2 +- .../hostapd/files/wpa_supplicant-p2p.config | 2 +- .../hostapd/patches/050-build_fix.patch | 20 +++++++++++++++++++ .../hostapd/patches/200-multicall.patch | 20 +++++++++---------- .../patches/380-disable_ctrl_iface_mib.patch | 2 +- .../patches/500-lto-jobserver-support.patch | 6 +++--- .../hostapd/patches/600-ubus_support.patch | 2 +- .../hostapd/src/src/utils/build_features.h | 4 ++++ 9 files changed, 42 insertions(+), 18 deletions(-) create mode 100644 package/network/services/hostapd/patches/050-build_fix.patch diff --git a/package/network/services/hostapd/files/hostapd-full.config b/package/network/services/hostapd/files/hostapd-full.config index 6d5e90cd461d..dbc2022550ce 100644 --- a/package/network/services/hostapd/files/hostapd-full.config +++ b/package/network/services/hostapd/files/hostapd-full.config @@ -60,7 +60,7 @@ CONFIG_RSN_PREAUTH=y CONFIG_EAP=y # EAP Re-authentication Protocol (ERP) in integrated EAP server -#CONFIG_ERP=y +CONFIG_ERP=y # EAP-MD5 for the integrated EAP server CONFIG_EAP_MD5=y diff --git a/package/network/services/hostapd/files/wpa_supplicant-full.config b/package/network/services/hostapd/files/wpa_supplicant-full.config index b3e85d073d5c..de3302c875fb 100644 --- a/package/network/services/hostapd/files/wpa_supplicant-full.config +++ b/package/network/services/hostapd/files/wpa_supplicant-full.config @@ -578,7 +578,7 @@ CONFIG_HS20=y #CONFIG_MBO=y # Fast Initial Link Setup (FILS) (IEEE 802.11ai) -#CONFIG_FILS=y +CONFIG_FILS=y # FILS shared key authentication with PFS #CONFIG_FILS_SK_PFS=y diff --git a/package/network/services/hostapd/files/wpa_supplicant-p2p.config b/package/network/services/hostapd/files/wpa_supplicant-p2p.config index b00847a2565f..48302bb4c3c1 100644 --- a/package/network/services/hostapd/files/wpa_supplicant-p2p.config +++ b/package/network/services/hostapd/files/wpa_supplicant-p2p.config @@ -578,7 +578,7 @@ CONFIG_P2P=y #CONFIG_MBO=y # Fast Initial Link Setup (FILS) (IEEE 802.11ai) -#CONFIG_FILS=y +CONFIG_FILS=y # FILS shared key authentication with PFS #CONFIG_FILS_SK_PFS=y diff --git a/package/network/services/hostapd/patches/050-build_fix.patch b/package/network/services/hostapd/patches/050-build_fix.patch new file mode 100644 index 000000000000..3da88fe29038 --- /dev/null +++ b/package/network/services/hostapd/patches/050-build_fix.patch @@ -0,0 +1,20 @@ +--- a/hostapd/Makefile ++++ b/hostapd/Makefile +@@ -323,6 +323,7 @@ ifdef CONFIG_FILS + CFLAGS += -DCONFIG_FILS + OBJS += ../src/ap/fils_hlp.o + NEED_SHA384=y ++NEED_HMAC_SHA384_KDF=y + NEED_AES_SIV=y + ifdef CONFIG_FILS_SK_PFS + CFLAGS += -DCONFIG_FILS_SK_PFS +--- a/wpa_supplicant/Makefile ++++ b/wpa_supplicant/Makefile +@@ -309,6 +309,7 @@ endif + ifdef CONFIG_FILS + CFLAGS += -DCONFIG_FILS + NEED_SHA384=y ++NEED_HMAC_SHA384_KDF=y + NEED_AES_SIV=y + ifdef CONFIG_FILS_SK_PFS + CFLAGS += -DCONFIG_FILS_SK_PFS diff --git a/package/network/services/hostapd/patches/200-multicall.patch b/package/network/services/hostapd/patches/200-multicall.patch index 8dce2608719a..ceeaf5169ba7 100644 --- a/package/network/services/hostapd/patches/200-multicall.patch +++ b/package/network/services/hostapd/patches/200-multicall.patch @@ -18,7 +18,7 @@ OBJS += ../src/ap/vlan_init.o OBJS += ../src/ap/vlan_ifconfig.o OBJS += ../src/ap/vlan.o -@@ -349,10 +351,14 @@ CFLAGS += -DCONFIG_MBO +@@ -350,10 +352,14 @@ CFLAGS += -DCONFIG_MBO OBJS += ../src/ap/mbo_ap.o endif @@ -36,7 +36,7 @@ LIBS += $(DRV_AP_LIBS) ifdef CONFIG_L2_PACKET -@@ -1277,6 +1283,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR) +@@ -1278,6 +1284,12 @@ install: $(addprefix $(DESTDIR)$(BINDIR) _OBJS_VAR := OBJS include ../src/objs.mk @@ -49,7 +49,7 @@ hostapd: $(OBJS) $(Q)$(CC) $(LDFLAGS) -o hostapd $(OBJS) $(LIBS) @$(E) " LD " $@ -@@ -1351,6 +1363,12 @@ include ../src/objs.mk +@@ -1352,6 +1364,12 @@ include ../src/objs.mk _OBJS_VAR := SOBJS include ../src/objs.mk @@ -72,7 +72,7 @@ include ../src/build.rules ifdef LIBS -@@ -359,7 +360,9 @@ endif +@@ -360,7 +361,9 @@ endif ifdef CONFIG_IBSS_RSN NEED_RSN_AUTHENTICATOR=y CFLAGS += -DCONFIG_IBSS_RSN @@ -82,7 +82,7 @@ OBJS += ibss_rsn.o endif -@@ -897,6 +900,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS +@@ -898,6 +901,10 @@ ifdef CONFIG_DYNAMIC_EAP_METHODS CFLAGS += -DCONFIG_DYNAMIC_EAP_METHODS LIBS += -ldl -rdynamic endif @@ -93,7 +93,7 @@ endif ifdef CONFIG_AP -@@ -904,9 +911,11 @@ NEED_EAP_COMMON=y +@@ -905,9 +912,11 @@ NEED_EAP_COMMON=y NEED_RSN_AUTHENTICATOR=y CFLAGS += -DCONFIG_AP OBJS += ap.o @@ -105,7 +105,7 @@ OBJS += ../src/ap/hostapd.o OBJS += ../src/ap/wpa_auth_glue.o OBJS += ../src/ap/utils.o -@@ -986,6 +995,12 @@ endif +@@ -987,6 +996,12 @@ endif ifdef CONFIG_HS20 OBJS += ../src/ap/hs20.o endif @@ -118,7 +118,7 @@ endif ifdef CONFIG_MBO -@@ -994,7 +1009,9 @@ CFLAGS += -DCONFIG_MBO +@@ -995,7 +1010,9 @@ CFLAGS += -DCONFIG_MBO endif ifdef NEED_RSN_AUTHENTICATOR @@ -128,7 +128,7 @@ NEED_AES_WRAP=y OBJS += ../src/ap/wpa_auth.o OBJS += ../src/ap/wpa_auth_ie.o -@@ -1889,6 +1906,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv) +@@ -1890,6 +1907,12 @@ wpa_priv: $(BCHECK) $(OBJS_priv) _OBJS_VAR := OBJS include ../src/objs.mk @@ -141,7 +141,7 @@ wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs) $(Q)$(LDO) $(LDFLAGS) -o wpa_supplicant $(OBJS) $(LIBS) $(EXTRALIBS) @$(E) " LD " $@ -@@ -2021,6 +2044,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK) +@@ -2022,6 +2045,12 @@ eap_gpsk.so: $(SRC_EAP_GPSK) $(Q)sed -e 's|\@BINDIR\@|$(BINDIR)|g' $< >$@ @$(E) " sed" $< diff --git a/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch b/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch index ca634077b72d..0297a603c41e 100644 --- a/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch +++ b/package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch @@ -30,7 +30,7 @@ reply_len = -1; --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -955,6 +955,9 @@ ifdef CONFIG_FILS +@@ -956,6 +956,9 @@ ifdef CONFIG_FILS OBJS += ../src/ap/fils_hlp.o endif ifdef CONFIG_CTRL_IFACE diff --git a/package/network/services/hostapd/patches/500-lto-jobserver-support.patch b/package/network/services/hostapd/patches/500-lto-jobserver-support.patch index 1475590d0634..3f741cdf3483 100644 --- a/package/network/services/hostapd/patches/500-lto-jobserver-support.patch +++ b/package/network/services/hostapd/patches/500-lto-jobserver-support.patch @@ -1,6 +1,6 @@ --- a/hostapd/Makefile +++ b/hostapd/Makefile -@@ -1293,7 +1293,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS) +@@ -1294,7 +1294,7 @@ hostapd_multi.a: $(BCHECK) $(OBJS) @$(AR) cr $@ hostapd_multi.o $(OBJS) hostapd: $(OBJS) @@ -9,7 +9,7 @@ @$(E) " LD " $@ ifdef CONFIG_WPA_TRACE -@@ -1304,7 +1304,7 @@ _OBJS_VAR := OBJS_c +@@ -1305,7 +1305,7 @@ _OBJS_VAR := OBJS_c include ../src/objs.mk hostapd_cli: $(OBJS_c) @@ -20,7 +20,7 @@ NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS) --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile -@@ -1918,31 +1918,31 @@ wpa_supplicant_multi.a: .config $(BCHECK +@@ -1919,31 +1919,31 @@ wpa_supplicant_multi.a: .config $(BCHECK @$(AR) cr $@ wpa_supplicant_multi.o $(OBJS) wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs) diff --git a/package/network/services/hostapd/patches/600-ubus_support.patch b/package/network/services/hostapd/patches/600-ubus_support.patch index 358c53167a0e..bf2f8a52d195 100644 --- a/package/network/services/hostapd/patches/600-ubus_support.patch +++ b/package/network/services/hostapd/patches/600-ubus_support.patch @@ -283,7 +283,7 @@ ifdef CONFIG_CODE_COVERAGE CFLAGS += -O0 -fprofile-arcs -ftest-coverage LIBS += -lgcov -@@ -959,6 +965,9 @@ ifdef CONFIG_CTRL_IFACE_MIB +@@ -960,6 +966,9 @@ ifdef CONFIG_CTRL_IFACE_MIB CFLAGS += -DCONFIG_CTRL_IFACE_MIB endif OBJS += ../src/ap/ctrl_iface_ap.o diff --git a/package/network/services/hostapd/src/src/utils/build_features.h b/package/network/services/hostapd/src/src/utils/build_features.h index 3ab5246c789f..cb7cb7273168 100644 --- a/package/network/services/hostapd/src/src/utils/build_features.h +++ b/package/network/services/hostapd/src/src/utils/build_features.h @@ -50,6 +50,10 @@ static inline int has_feature(const char *feat) #ifdef CONFIG_WPS if (!strcmp(feat, "wps")) return 1; +#endif +#ifdef CONFIG_FILS + if (!strcmp(feat, "fils")) + return 1; #endif return 0; } -- 2.30.2