From 1a41ef8793ededd0aea18c1c610cd88aa43fa5be Mon Sep 17 00:00:00 2001 From: John Crispin Date: Fri, 1 Sep 2023 11:50:41 +0200 Subject: [PATCH 48/52] hostapd: drop current version Signed-off-by: John Crispin --- package/network/services/hostapd/Config.in | 113 - package/network/services/hostapd/Makefile | 824 -- package/network/services/hostapd/README.md | 419 - .../services/hostapd/files/dhcp-get-server.sh | 2 - .../hostapd/files/hostapd-basic.config | 404 - .../hostapd/files/hostapd-full.config | 404 - .../hostapd/files/hostapd-mini.config | 404 - .../network/services/hostapd/files/hostapd.sh | 1616 ---- .../services/hostapd/files/multicall.c | 28 - .../hostapd/files/wpa_supplicant-basic.config | 625 -- .../hostapd/files/wpa_supplicant-full.config | 625 -- .../hostapd/files/wpa_supplicant-mini.config | 625 -- .../hostapd/files/wpa_supplicant-p2p.config | 625 -- .../network/services/hostapd/files/wpad.init | 43 - .../network/services/hostapd/files/wpad.json | 22 - .../services/hostapd/files/wpad_acl.json | 10 - .../services/hostapd/files/wps-hotplug.sh | 69 - .../001-wolfssl-init-RNG-with-ECC-key.patch | 43 - ...hannels-to-be-selected-if-dfs-is-ena.patch | 135 - ...erministic-channel-on-channel-switch.patch | 81 - ...ix-sta-add-after-previous-connection.patch | 26 - ...use-of-uninitialized-stack-variables.patch | 25 - ...-dl_list_del-before-freeing-ipv6-add.patch | 19 - ...ewrite-neigh-code-to-not-depend-on-l.patch | 275 - ...ssing-authentication-frames-in-block.patch | 34 - .../hostapd/patches/050-build_fix.patch | 20 - .../hostapd/patches/100-daemonize_fix.patch | 97 - ...edtls-TLS-crypto-option-initial-port.patch | 8051 ----------------- .../patches/120-mbedtls-fips186_2_prf.patch | 114 - ...otate-with-TEST_FAIL-for-hwsim-tests.patch | 421 - ...efile-make-run-tests-with-CONFIG_TLS.patch | 1358 --- ...hecks-encountered-during-tests-hwsim.patch | 45 - ...-dpp_pkex-EC-point-mul-w-value-prime.patch | 26 - ...ix-compiling-without-IEEE8021X_EAPOL.patch | 41 - .../hostapd/patches/200-multicall.patch | 355 - .../services/hostapd/patches/300-noscan.patch | 58 - .../hostapd/patches/301-mesh-noscan.patch | 71 - .../patches/310-rescan_immediately.patch | 11 - .../hostapd/patches/320-optional_rfkill.patch | 61 - .../patches/330-nl80211_fix_set_freq.patch | 11 - .../patches/340-reload_freq_change.patch | 80 - .../341-mesh-ctrl-iface-channel-switch.patch | 39 - .../patches/350-nl80211_del_beacon_bss.patch | 35 - .../patches/360-ctrl_iface_reload.patch | 106 - .../hostapd/patches/370-ap_sta_support.patch | 392 - .../patches/380-disable_ctrl_iface_mib.patch | 239 - .../381-hostapd_cli_UNKNOWN-COMMAND.patch | 11 - .../patches/390-wpa_ie_cap_workaround.patch | 56 - .../400-wps_single_auth_enc_type.patch | 23 - .../patches/410-limit_debug_messages.patch | 210 - .../patches/420-indicate-features.patch | 63 - .../patches/430-hostapd_cli_ifdef.patch | 56 - .../hostapd/patches/431-wpa_cli_ifdef.patch | 18 - .../hostapd/patches/432-missing-typedef.patch | 10 - .../hostapd/patches/450-scan_wait.patch | 73 - ...dd-new-config-params-to-be-used-with.patch | 189 - .../patches/463-add-mcast_rate-to-11s.patch | 68 - .../patches/464-fix-mesh-obss-check.patch | 13 - ...tapd-config-support-random-BSS-color.patch | 24 - .../patches/470-survey_data_fallback.patch | 30 - .../patches/500-lto-jobserver-support.patch | 59 - .../patches/590-rrm-wnm-statistics.patch | 92 - .../599-wpa_supplicant-fix-warnings.patch | 19 - .../hostapd/patches/600-ubus_support.patch | 624 -- .../610-hostapd_cli_ujail_permission.patch | 33 - .../hostapd/patches/700-wifi-reload.patch | 194 - .../hostapd/patches/710-vlan_no_bridge.patch | 41 - .../patches/711-wds_bridge_force.patch | 22 - .../patches/720-iface_max_num_sta.patch | 82 - .../hostapd/patches/730-ft_iface.patch | 38 - .../hostapd/patches/740-snoop_iface.patch | 66 - ...750-qos_map_set_without_interworking.patch | 97 - .../751-qos_map_ignore_when_unsupported.patch | 12 - .../hostapd/patches/760-dynamic_own_ip.patch | 109 - .../hostapd/patches/761-shared_das_port.patch | 298 - ..._AP-functions-dependant-on-CONFIG_AP.patch | 33 - .../services/hostapd/src/src/ap/ubus.c | 2101 ----- .../services/hostapd/src/src/ap/ubus.h | 154 - .../hostapd/src/src/utils/build_features.h | 65 - .../hostapd/src/wpa_supplicant/ubus.c | 430 - .../hostapd/src/wpa_supplicant/ubus.h | 66 - 81 files changed, 24606 deletions(-) delete mode 100644 package/network/services/hostapd/Config.in delete mode 100644 package/network/services/hostapd/Makefile delete mode 100644 package/network/services/hostapd/README.md delete mode 100644 package/network/services/hostapd/files/dhcp-get-server.sh delete mode 100644 package/network/services/hostapd/files/hostapd-basic.config delete mode 100644 package/network/services/hostapd/files/hostapd-full.config delete mode 100644 package/network/services/hostapd/files/hostapd-mini.config delete mode 100644 package/network/services/hostapd/files/hostapd.sh delete mode 100644 package/network/services/hostapd/files/multicall.c delete mode 100644 package/network/services/hostapd/files/wpa_supplicant-basic.config delete mode 100644 package/network/services/hostapd/files/wpa_supplicant-full.config delete mode 100644 package/network/services/hostapd/files/wpa_supplicant-mini.config delete mode 100644 package/network/services/hostapd/files/wpa_supplicant-p2p.config delete mode 100644 package/network/services/hostapd/files/wpad.init delete mode 100644 package/network/services/hostapd/files/wpad.json delete mode 100644 package/network/services/hostapd/files/wpad_acl.json delete mode 100644 package/network/services/hostapd/files/wps-hotplug.sh delete mode 100644 package/network/services/hostapd/patches/001-wolfssl-init-RNG-with-ECC-key.patch delete mode 100644 package/network/services/hostapd/patches/010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch delete mode 100644 package/network/services/hostapd/patches/011-mesh-use-deterministic-channel-on-channel-switch.patch delete mode 100644 package/network/services/hostapd/patches/021-fix-sta-add-after-previous-connection.patch delete mode 100644 package/network/services/hostapd/patches/022-hostapd-fix-use-of-uninitialized-stack-variables.patch delete mode 100644 package/network/services/hostapd/patches/023-ndisc_snoop-call-dl_list_del-before-freeing-ipv6-add.patch delete mode 100644 package/network/services/hostapd/patches/030-driver_nl80211-rewrite-neigh-code-to-not-depend-on-l.patch delete mode 100644 package/network/services/hostapd/patches/040-mesh-allow-processing-authentication-frames-in-block.patch delete mode 100644 package/network/services/hostapd/patches/050-build_fix.patch delete mode 100644 package/network/services/hostapd/patches/100-daemonize_fix.patch delete mode 100644 package/network/services/hostapd/patches/110-mbedtls-TLS-crypto-option-initial-port.patch delete mode 100644 package/network/services/hostapd/patches/120-mbedtls-fips186_2_prf.patch delete mode 100644 package/network/services/hostapd/patches/130-mbedtls-annotate-with-TEST_FAIL-for-hwsim-tests.patch delete mode 100644 package/network/services/hostapd/patches/140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch delete mode 100644 package/network/services/hostapd/patches/150-add-NULL-checks-encountered-during-tests-hwsim.patch delete mode 100644 package/network/services/hostapd/patches/160-dpp_pkex-EC-point-mul-w-value-prime.patch delete mode 100644 package/network/services/hostapd/patches/170-wpa_supplicant-fix-compiling-without-IEEE8021X_EAPOL.patch delete mode 100644 package/network/services/hostapd/patches/200-multicall.patch delete mode 100644 package/network/services/hostapd/patches/300-noscan.patch delete mode 100644 package/network/services/hostapd/patches/301-mesh-noscan.patch delete mode 100644 package/network/services/hostapd/patches/310-rescan_immediately.patch delete mode 100644 package/network/services/hostapd/patches/320-optional_rfkill.patch delete mode 100644 package/network/services/hostapd/patches/330-nl80211_fix_set_freq.patch delete mode 100644 package/network/services/hostapd/patches/340-reload_freq_change.patch delete mode 100644 package/network/services/hostapd/patches/341-mesh-ctrl-iface-channel-switch.patch delete mode 100644 package/network/services/hostapd/patches/350-nl80211_del_beacon_bss.patch delete mode 100644 package/network/services/hostapd/patches/360-ctrl_iface_reload.patch delete mode 100644 package/network/services/hostapd/patches/370-ap_sta_support.patch delete mode 100644 package/network/services/hostapd/patches/380-disable_ctrl_iface_mib.patch delete mode 100644 package/network/services/hostapd/patches/381-hostapd_cli_UNKNOWN-COMMAND.patch delete mode 100644 package/network/services/hostapd/patches/390-wpa_ie_cap_workaround.patch delete mode 100644 package/network/services/hostapd/patches/400-wps_single_auth_enc_type.patch delete mode 100644 package/network/services/hostapd/patches/410-limit_debug_messages.patch delete mode 100644 package/network/services/hostapd/patches/420-indicate-features.patch delete mode 100644 package/network/services/hostapd/patches/430-hostapd_cli_ifdef.patch delete mode 100644 package/network/services/hostapd/patches/431-wpa_cli_ifdef.patch delete mode 100644 package/network/services/hostapd/patches/432-missing-typedef.patch delete mode 100644 package/network/services/hostapd/patches/450-scan_wait.patch delete mode 100644 package/network/services/hostapd/patches/460-wpa_supplicant-add-new-config-params-to-be-used-with.patch delete mode 100644 package/network/services/hostapd/patches/463-add-mcast_rate-to-11s.patch delete mode 100644 package/network/services/hostapd/patches/464-fix-mesh-obss-check.patch delete mode 100644 package/network/services/hostapd/patches/465-hostapd-config-support-random-BSS-color.patch delete mode 100644 package/network/services/hostapd/patches/470-survey_data_fallback.patch delete mode 100644 package/network/services/hostapd/patches/500-lto-jobserver-support.patch delete mode 100644 package/network/services/hostapd/patches/590-rrm-wnm-statistics.patch delete mode 100644 package/network/services/hostapd/patches/599-wpa_supplicant-fix-warnings.patch delete mode 100644 package/network/services/hostapd/patches/600-ubus_support.patch delete mode 100644 package/network/services/hostapd/patches/610-hostapd_cli_ujail_permission.patch delete mode 100644 package/network/services/hostapd/patches/700-wifi-reload.patch delete mode 100644 package/network/services/hostapd/patches/710-vlan_no_bridge.patch delete mode 100644 package/network/services/hostapd/patches/711-wds_bridge_force.patch delete mode 100644 package/network/services/hostapd/patches/720-iface_max_num_sta.patch delete mode 100644 package/network/services/hostapd/patches/730-ft_iface.patch delete mode 100644 package/network/services/hostapd/patches/740-snoop_iface.patch delete mode 100644 package/network/services/hostapd/patches/750-qos_map_set_without_interworking.patch delete mode 100644 package/network/services/hostapd/patches/751-qos_map_ignore_when_unsupported.patch delete mode 100644 package/network/services/hostapd/patches/760-dynamic_own_ip.patch delete mode 100644 package/network/services/hostapd/patches/761-shared_das_port.patch delete mode 100644 package/network/services/hostapd/patches/990-ctrl-make-WNM_AP-functions-dependant-on-CONFIG_AP.patch delete mode 100644 package/network/services/hostapd/src/src/ap/ubus.c delete mode 100644 package/network/services/hostapd/src/src/ap/ubus.h delete mode 100644 package/network/services/hostapd/src/src/utils/build_features.h delete mode 100644 package/network/services/hostapd/src/wpa_supplicant/ubus.c delete mode 100644 package/network/services/hostapd/src/wpa_supplicant/ubus.h diff --git a/package/network/services/hostapd/Config.in b/package/network/services/hostapd/Config.in deleted file mode 100644 index 8f28eb2bd4..0000000000 --- a/package/network/services/hostapd/Config.in +++ /dev/null @@ -1,113 +0,0 @@ -# wpa_supplicant config -config WPA_RFKILL_SUPPORT - bool "Add rfkill support" - depends on PACKAGE_wpa-supplicant || \ - PACKAGE_wpa-supplicant-openssl || \ - PACKAGE_wpa-supplicant-wolfssl || \ - PACKAGE_wpa-supplicant-mbedtls || \ - PACKAGE_wpa-supplicant-mesh-openssl || \ - PACKAGE_wpa-supplicant-mesh-wolfssl || \ - PACKAGE_wpa-supplicant-mesh-mbedtls || \ - PACKAGE_wpa-supplicant-basic || \ - PACKAGE_wpa-supplicant-mini || \ - PACKAGE_wpa-supplicant-p2p || \ - PACKAGE_wpad || \ - PACKAGE_wpad-openssl || \ - PACKAGE_wpad-wolfssl || \ - PACKAGE_wpad-mbedtls || \ - PACKAGE_wpad-basic || \ - PACKAGE_wpad-basic-openssl || \ - PACKAGE_wpad-basic-wolfssl || \ - PACKAGE_wpad-basic-mbedtls || \ - PACKAGE_wpad-mini || \ - PACKAGE_wpad-mesh-openssl || \ - PACKAGE_wpad-mesh-wolfssl || \ - PACKAGE_wpad-mesh-mbedtls - default n - -config WPA_MSG_MIN_PRIORITY - int "Minimum debug message priority" - depends on PACKAGE_wpa-supplicant || \ - PACKAGE_wpa-supplicant-openssl || \ - PACKAGE_wpa-supplicant-wolfssl || \ - PACKAGE_wpa-supplicant-mbedtls || \ - PACKAGE_wpa-supplicant-mesh-openssl || \ - PACKAGE_wpa-supplicant-mesh-wolfssl || \ - PACKAGE_wpa-supplicant-mesh-mbedtls || \ - PACKAGE_wpa-supplicant-basic || \ - PACKAGE_wpa-supplicant-mini || \ - PACKAGE_wpa-supplicant-p2p || \ - PACKAGE_wpad || \ - PACKAGE_wpad-openssl || \ - PACKAGE_wpad-wolfssl || \ - PACKAGE_wpad-mbedtls || \ - PACKAGE_wpad-basic || \ - PACKAGE_wpad-basic-openssl || \ - PACKAGE_wpad-basic-wolfssl || \ - PACKAGE_wpad-basic-mbedtls || \ - PACKAGE_wpad-mini || \ - PACKAGE_wpad-mesh-openssl || \ - PACKAGE_wpad-mesh-wolfssl || \ - PACKAGE_wpad-mesh-mbedtls - default 3 - help - Useful values are: - 0 = all messages - 1 = raw message dumps - 2 = most debugging messages - 3 = info messages - 4 = warnings - 5 = errors - -config WPA_WOLFSSL - bool - default PACKAGE_wpa-supplicant-wolfssl ||\ - PACKAGE_wpad-wolfssl ||\ - PACKAGE_wpad-basic-wolfssl || \ - PACKAGE_wpad-mesh-wolfssl ||\ - PACKAGE_eapol-test-wolfssl - select WOLFSSL_HAS_AES_CCM - select WOLFSSL_HAS_ARC4 - select WOLFSSL_HAS_DH - select WOLFSSL_HAS_OCSP - select WOLFSSL_HAS_SESSION_TICKET - select WOLFSSL_HAS_WPAS - -config DRIVER_WEXT_SUPPORT - bool - select KERNEL_WIRELESS_EXT - default n - -config DRIVER_11AC_SUPPORT - bool - default n - -config DRIVER_11AX_SUPPORT - bool - default n - select WPA_MBO_SUPPORT - -config WPA_ENABLE_WEP - bool "Enable support for unsecure and obsolete WEP" - help - Wired equivalent privacy (WEP) is an obsolete cryptographic data - confidentiality algorithm that is not considered secure. It should not be used - for anything anymore. The functionality needed to use WEP is available in the - current hostapd release under this optional build parameter and completely - removed in a future release. - -config WPA_MBO_SUPPORT - bool "Multi Band Operation (Agile Multiband)" - default PACKAGE_wpa-supplicant || \ - PACKAGE_wpa-supplicant-openssl || \ - PACKAGE_wpa-supplicant-wolfssl || \ - PACKAGE_wpa-supplicant-mbedtls || \ - PACKAGE_wpad || \ - PACKAGE_wpad-openssl || \ - PACKAGE_wpad-wolfssl || \ - PACKAGE_wpad-mbedtls - help - Multi Band Operation aka (Agile Multiband) enables features - that facilitate efficient use of multiple frequency bands. - Enabling MBO on an AP using RSN requires 802.11w to be enabled. - Hostapd will refuse to start if MBO and RSN are enabled without 11w. diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile deleted file mode 100644 index b8921e8452..0000000000 --- a/package/network/services/hostapd/Makefile +++ /dev/null @@ -1,824 +0,0 @@ -# SPDX-License-Identifier: GPL-2.0-only -# -# Copyright (C) 2006-2021 OpenWrt.org - -include $(TOPDIR)/rules.mk - -PKG_NAME:=hostapd -PKG_RELEASE:=1.2 - -PKG_SOURCE_URL:=http://w1.fi/hostap.git -PKG_SOURCE_PROTO:=git -PKG_SOURCE_DATE:=2023-03-29 -PKG_SOURCE_VERSION:=bb945b98fefc64887dffb40773a19d77585cee42 -PKG_MIRROR_HASH:=1da8a39c7c81ce257994874402a86d00080a6145b5eb5c5fc44b2fae1853fe8d - -PKG_MAINTAINER:=Felix Fietkau -PKG_LICENSE:=BSD-3-Clause -PKG_CPE_ID:=cpe:/a:w1.fi:hostapd - -PKG_BUILD_PARALLEL:=1 -PKG_ASLR_PIE_REGULAR:=1 - -PKG_CONFIG_DEPENDS:= \ - CONFIG_PACKAGE_kmod-ath9k \ - CONFIG_PACKAGE_kmod-cfg80211 \ - CONFIG_PACKAGE_hostapd \ - CONFIG_PACKAGE_hostapd-basic \ - CONFIG_PACKAGE_hostapd-mini \ - CONFIG_WPA_RFKILL_SUPPORT \ - CONFIG_DRIVER_WEXT_SUPPORT \ - CONFIG_DRIVER_11AC_SUPPORT \ - CONFIG_DRIVER_11AX_SUPPORT \ - CONFIG_WPA_ENABLE_WEP - -PKG_BUILD_FLAGS:=gc-sections lto - -EAPOL_TEST_PROVIDERS:=eapol-test eapol-test-openssl eapol-test-wolfssl - -SUPPLICANT_PROVIDERS:= -HOSTAPD_PROVIDERS:= - -LOCAL_TYPE=$(strip \ - $(if $(findstring wpad,$(BUILD_VARIANT)),wpad, \ - $(if $(findstring supplicant,$(BUILD_VARIANT)),supplicant, \ - hostapd \ - ))) - -LOCAL_AND_LIB_VARIANT=$(patsubst hostapd-%,%,\ - $(patsubst wpad-%,%,\ - $(patsubst supplicant-%,%,\ - $(BUILD_VARIANT)\ - ))) - -LOCAL_VARIANT=$(patsubst %-internal,%,\ - $(patsubst %-openssl,%,\ - $(patsubst %-wolfssl,%,\ - $(patsubst %-mbedtls,%,\ - $(LOCAL_AND_LIB_VARIANT)\ - )))) - -SSL_VARIANT=$(strip \ - $(if $(findstring openssl,$(LOCAL_AND_LIB_VARIANT)),openssl,\ - $(if $(findstring wolfssl,$(LOCAL_AND_LIB_VARIANT)),wolfssl,\ - $(if $(findstring mbedtls,$(LOCAL_AND_LIB_VARIANT)),mbedtls,\ - internal\ - )))) - -CONFIG_VARIANT:=$(LOCAL_VARIANT) -ifeq ($(LOCAL_VARIANT),mesh) - CONFIG_VARIANT:=full -endif - -include $(INCLUDE_DIR)/package.mk - -STAMP_CONFIGURED:=$(STAMP_CONFIGURED)_$(CONFIG_WPA_MSG_MIN_PRIORITY) - -ifneq ($(CONFIG_DRIVER_11AC_SUPPORT),) - HOSTAPD_IEEE80211AC:=y -endif - -ifneq ($(CONFIG_DRIVER_11AX_SUPPORT),) - HOSTAPD_IEEE80211AX:=y -endif - -DRIVER_MAKEOPTS= \ - CONFIG_ACS=$(CONFIG_PACKAGE_kmod-cfg80211) \ - CONFIG_DRIVER_NL80211=$(CONFIG_PACKAGE_kmod-cfg80211) \ - CONFIG_IEEE80211AC=$(HOSTAPD_IEEE80211AC) \ - CONFIG_IEEE80211AX=$(HOSTAPD_IEEE80211AX) \ - CONFIG_DRIVER_WEXT=$(CONFIG_DRIVER_WEXT_SUPPORT) \ - CONFIG_MBO=$(CONFIG_WPA_MBO_SUPPORT) - -ifeq ($(SSL_VARIANT),openssl) - DRIVER_MAKEOPTS += CONFIG_TLS=openssl CONFIG_SAE=y - TARGET_LDFLAGS += -lcrypto -lssl - - ifeq ($(LOCAL_VARIANT),basic) - DRIVER_MAKEOPTS += CONFIG_OWE=y - endif - ifeq ($(LOCAL_VARIANT),mesh) - DRIVER_MAKEOPTS += CONFIG_AP=y CONFIG_MESH=y - endif - ifeq ($(LOCAL_VARIANT),full) - DRIVER_MAKEOPTS += CONFIG_OWE=y CONFIG_SUITEB192=y CONFIG_AP=y CONFIG_MESH=y - endif -endif - -ifeq ($(SSL_VARIANT),wolfssl) - DRIVER_MAKEOPTS += CONFIG_TLS=wolfssl CONFIG_SAE=y - TARGET_LDFLAGS += -lwolfssl - - ifeq ($(LOCAL_VARIANT),basic) - DRIVER_MAKEOPTS += CONFIG_OWE=y - endif - ifeq ($(LOCAL_VARIANT),mesh) - DRIVER_MAKEOPTS += CONFIG_AP=y CONFIG_MESH=y CONFIG_WPS_NFC=1 - endif - ifeq ($(LOCAL_VARIANT),full) - DRIVER_MAKEOPTS += CONFIG_OWE=y CONFIG_SUITEB192=y CONFIG_AP=y CONFIG_MESH=y CONFIG_WPS_NFC=1 - endif -endif - -ifeq ($(SSL_VARIANT),mbedtls) - DRIVER_MAKEOPTS += CONFIG_TLS=mbedtls CONFIG_SAE=y - TARGET_LDFLAGS += -lmbedcrypto -lmbedx509 -lmbedtls - - ifeq ($(LOCAL_VARIANT),basic) - DRIVER_MAKEOPTS += CONFIG_OWE=y - endif - ifeq ($(LOCAL_VARIANT),mesh) - DRIVER_MAKEOPTS += CONFIG_AP=y CONFIG_MESH=y CONFIG_WPS_NFC=1 - endif - ifeq ($(LOCAL_VARIANT),full) - DRIVER_MAKEOPTS += CONFIG_OWE=y CONFIG_SUITEB192=y CONFIG_AP=y CONFIG_MESH=y CONFIG_WPS_NFC=1 - endif -endif - -ifneq ($(LOCAL_TYPE),hostapd) - ifdef CONFIG_WPA_RFKILL_SUPPORT - DRIVER_MAKEOPTS += NEED_RFKILL=y - endif -endif - -DRV_DEPENDS:=+PACKAGE_kmod-cfg80211:libnl-tiny - - -define Package/hostapd/Default - SECTION:=net - CATEGORY:=Network - SUBMENU:=WirelessAPD - TITLE:=IEEE 802.1x Authenticator - URL:=http://hostap.epitest.fi/ - DEPENDS:=$(DRV_DEPENDS) +hostapd-common +libubus - EXTRA_DEPENDS:=hostapd-common (=$(PKG_VERSION)-$(PKG_RELEASE)) - USERID:=network=101:network=101 - PROVIDES:=hostapd - CONFLICTS:=$(HOSTAPD_PROVIDERS) - HOSTAPD_PROVIDERS+=$(1) -endef - -define Package/hostapd -$(call Package/hostapd/Default,$(1)) - TITLE+= (built-in full) - VARIANT:=full-internal -endef - -define Package/hostapd/description - This package contains a full featured IEEE 802.1x/WPA/EAP/RADIUS - Authenticator. -endef - -define Package/hostapd-openssl -$(call Package/hostapd/Default,$(1)) - TITLE+= (OpenSSL full) - VARIANT:=full-openssl - DEPENDS+=+PACKAGE_hostapd-openssl:libopenssl -endef - -Package/hostapd-openssl/description = $(Package/hostapd/description) - -define Package/hostapd-wolfssl -$(call Package/hostapd/Default,$(1)) - TITLE+= (wolfSSL full) - VARIANT:=full-wolfssl - DEPENDS+=+PACKAGE_hostapd-wolfssl:libwolfssl -endef - -Package/hostapd-wolfssl/description = $(Package/hostapd/description) - -define Package/hostapd-mbedtls -$(call Package/hostapd/Default,$(1)) - TITLE+= (mbedTLS full) - VARIANT:=full-mbedtls - DEPENDS+=+PACKAGE_hostapd-mbedtls:libmbedtls -endef - -Package/hostapd-mbedtls/description = $(Package/hostapd/description) - -define Package/hostapd-basic -$(call Package/hostapd/Default,$(1)) - TITLE+= (WPA-PSK, 11r, 11w) - VARIANT:=basic -endef - -define Package/hostapd-basic/description - This package contains a basic IEEE 802.1x/WPA Authenticator with WPA-PSK, 802.11r and 802.11w support. -endef - -define Package/hostapd-basic-openssl -$(call Package/hostapd/Default,$(1)) - TITLE+= (WPA-PSK, 11r and 11w) - VARIANT:=basic-openssl - DEPENDS+=+PACKAGE_hostapd-basic-openssl:libopenssl -endef - -define Package/hostapd-basic-openssl/description - This package contains a basic IEEE 802.1x/WPA Authenticator with WPA-PSK, 802.11r and 802.11w support. -endef - -define Package/hostapd-basic-wolfssl -$(call Package/hostapd/Default,$(1)) - TITLE+= (WPA-PSK, 11r and 11w) - VARIANT:=basic-wolfssl - DEPENDS+=+PACKAGE_hostapd-basic-wolfssl:libwolfssl -endef - -define Package/hostapd-basic-wolfssl/description - This package contains a basic IEEE 802.1x/WPA Authenticator with WPA-PSK, 802.11r and 802.11w support. -endef - -define Package/hostapd-basic-mbedtls -$(call Package/hostapd/Default,$(1)) - TITLE+= (WPA-PSK, 11r and 11w) - VARIANT:=basic-mbedtls - DEPENDS+=+PACKAGE_hostapd-basic-mbedtls:libmbedtls -endef - -define Package/hostapd-basic-mbedtls/description - This package contains a basic IEEE 802.1x/WPA Authenticator with WPA-PSK, 802.11r and 802.11w support. -endef - -define Package/hostapd-mini -$(call Package/hostapd/Default,$(1)) - TITLE+= (WPA-PSK only) - VARIANT:=mini -endef - -define Package/hostapd-mini/description - This package contains a minimal IEEE 802.1x/WPA Authenticator (WPA-PSK only). -endef - - -define Package/wpad/Default - SECTION:=net - CATEGORY:=Network - SUBMENU:=WirelessAPD - TITLE:=IEEE 802.1x Auth/Supplicant - DEPENDS:=$(DRV_DEPENDS) +hostapd-common +libubus - EXTRA_DEPENDS:=hostapd-common (=$(PKG_VERSION)-$(PKG_RELEASE)) - USERID:=network=101:network=101 - URL:=http://hostap.epitest.fi/ - PROVIDES:=hostapd wpa-supplicant - CONFLICTS:=$(HOSTAPD_PROVIDERS) $(SUPPLICANT_PROVIDERS) - HOSTAPD_PROVIDERS+=$(1) - SUPPLICANT_PROVIDERS+=$(1) -endef - -define Package/wpad -$(call Package/wpad/Default,$(1)) - TITLE+= (built-in full) - VARIANT:=wpad-full-internal -endef - -define Package/wpad/description - This package contains a full featured IEEE 802.1x/WPA/EAP/RADIUS - Authenticator and Supplicant -endef - -define Package/wpad-openssl -$(call Package/wpad/Default,$(1)) - TITLE+= (OpenSSL full) - VARIANT:=wpad-full-openssl - DEPENDS+=+PACKAGE_wpad-openssl:libopenssl -endef - -Package/wpad-openssl/description = $(Package/wpad/description) - -define Package/wpad-wolfssl -$(call Package/wpad/Default,$(1)) - TITLE+= (wolfSSL full) - VARIANT:=wpad-full-wolfssl - DEPENDS+=+PACKAGE_wpad-wolfssl:libwolfssl -endef - -Package/wpad-wolfssl/description = $(Package/wpad/description) - -define Package/wpad-mbedtls -$(call Package/wpad/Default,$(1)) - TITLE+= (mbedTLS full) - VARIANT:=wpad-full-mbedtls - DEPENDS+=+PACKAGE_wpad-mbedtls:libmbedtls -endef - -Package/wpad-mbedtls/description = $(Package/wpad/description) - -define Package/wpad-basic -$(call Package/wpad/Default,$(1)) - TITLE+= (WPA-PSK, 11r, 11w) - VARIANT:=wpad-basic -endef - -define Package/wpad-basic/description - This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, 802.11r and 802.11w support. -endef - -define Package/wpad-basic-openssl -$(call Package/wpad/Default,$(1)) - TITLE+= (OpenSSL, 11r, 11w) - VARIANT:=wpad-basic-openssl - DEPENDS+=+PACKAGE_wpad-basic-openssl:libopenssl -endef - -define Package/wpad-basic-openssl/description - This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w support. -endef - -define Package/wpad-basic-wolfssl -$(call Package/wpad/Default,$(1)) - TITLE+= (wolfSSL, 11r, 11w) - VARIANT:=wpad-basic-wolfssl - DEPENDS+=+PACKAGE_wpad-basic-wolfssl:libwolfssl -endef - -define Package/wpad-basic-wolfssl/description - This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w support. -endef - -define Package/wpad-basic-mbedtls -$(call Package/wpad/Default,$(1)) - TITLE+= (mbedTLS, 11r, 11w) - VARIANT:=wpad-basic-mbedtls - DEPENDS+=+PACKAGE_wpad-basic-mbedtls:libmbedtls -endef - -define Package/wpad-basic-mbedtls/description - This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w support. -endef - -define Package/wpad-mini -$(call Package/wpad/Default,$(1)) - TITLE+= (WPA-PSK only) - VARIANT:=wpad-mini -endef - -define Package/wpad-mini/description - This package contains a minimal IEEE 802.1x/WPA Authenticator and Supplicant (WPA-PSK only). -endef - -define Package/wpad-mesh -$(call Package/wpad/Default,$(1)) - DEPENDS+=@PACKAGE_kmod-cfg80211 @(!TARGET_uml||BROKEN) - PROVIDES+=wpa-supplicant-mesh wpad-mesh -endef - -define Package/wpad-mesh/description - This package contains a minimal IEEE 802.1x/WPA Authenticator and Supplicant (with 802.11s mesh and SAE support). -endef - -define Package/wpad-mesh-openssl -$(call Package/wpad-mesh,$(1)) - TITLE+= (OpenSSL, 11s, SAE) - DEPENDS+=+PACKAGE_wpad-mesh-openssl:libopenssl - VARIANT:=wpad-mesh-openssl -endef - -Package/wpad-mesh-openssl/description = $(Package/wpad-mesh/description) - -define Package/wpad-mesh-wolfssl -$(call Package/wpad-mesh,$(1)) - TITLE+= (wolfSSL, 11s, SAE) - DEPENDS+=+PACKAGE_wpad-mesh-wolfssl:libwolfssl - VARIANT:=wpad-mesh-wolfssl -endef - -Package/wpad-mesh-wolfssl/description = $(Package/wpad-mesh/description) - -define Package/wpad-mesh-mbedtls -$(call Package/wpad-mesh,$(1)) - TITLE+= (mbedTLS, 11s, SAE) - DEPENDS+=+PACKAGE_wpad-mesh-mbedtls:libmbedtls - VARIANT:=wpad-mesh-mbedtls -endef - -Package/wpad-mesh-mbedtls/description = $(Package/wpad-mesh/description) - - -define Package/wpa-supplicant/Default - SECTION:=net - CATEGORY:=Network - SUBMENU:=WirelessAPD - TITLE:=WPA Supplicant - URL:=http://hostap.epitest.fi/wpa_supplicant/ - DEPENDS:=$(DRV_DEPENDS) +hostapd-common +libubus - EXTRA_DEPENDS:=hostapd-common (=$(PKG_VERSION)-$(PKG_RELEASE)) - USERID:=network=101:network=101 - PROVIDES:=wpa-supplicant - CONFLICTS:=$(SUPPLICANT_PROVIDERS) - SUPPLICANT_PROVIDERS+=$(1) -endef - -define Package/wpa-supplicant -$(call Package/wpa-supplicant/Default,$(1)) - TITLE+= (built-in full) - VARIANT:=supplicant-full-internal -endef - -define Package/wpa-supplicant-openssl -$(call Package/wpa-supplicant/Default,$(1)) - TITLE+= (OpenSSL full) - VARIANT:=supplicant-full-openssl - DEPENDS+=+PACKAGE_wpa-supplicant-openssl:libopenssl -endef - -define Package/wpa-supplicant-wolfssl -$(call Package/wpa-supplicant/Default,$(1)) - TITLE+= (wolfSSL full) - VARIANT:=supplicant-full-wolfssl - DEPENDS+=+PACKAGE_wpa-supplicant-wolfssl:libwolfssl -endef - -define Package/wpa-supplicant-mbedtls -$(call Package/wpa-supplicant/Default,$(1)) - TITLE+= (mbedTLS full) - VARIANT:=supplicant-full-mbedtls - DEPENDS+=+PACKAGE_wpa-supplicant-mbedtls:libmbedtls -endef - -define Package/wpa-supplicant/config - source "$(SOURCE)/Config.in" -endef - -define Package/wpa-supplicant-p2p -$(call Package/wpa-supplicant/Default,$(1)) - TITLE+= (Wi-Fi P2P support) - DEPENDS+=@PACKAGE_kmod-cfg80211 - VARIANT:=supplicant-p2p-internal -endef - -define Package/wpa-supplicant-mesh/Default -$(call Package/wpa-supplicant/Default,$(1)) - DEPENDS+=@PACKAGE_kmod-cfg80211 @(!TARGET_uml||BROKEN) - PROVIDES+=wpa-supplicant-mesh -endef - -define Package/wpa-supplicant-mesh-openssl -$(call Package/wpa-supplicant-mesh/Default,$(1)) - TITLE+= (OpenSSL, 11s, SAE) - VARIANT:=supplicant-mesh-openssl - DEPENDS+=+PACKAGE_wpa-supplicant-mesh-openssl:libopenssl -endef - -define Package/wpa-supplicant-mesh-wolfssl -$(call Package/wpa-supplicant-mesh/Default,$(1)) - TITLE+= (wolfSSL, 11s, SAE) - VARIANT:=supplicant-mesh-wolfssl - DEPENDS+=+PACKAGE_wpa-supplicant-mesh-wolfssl:libwolfssl -endef - -define Package/wpa-supplicant-mesh-mbedtls -$(call Package/wpa-supplicant-mesh/Default,$(1)) - TITLE+= (mbedTLS, 11s, SAE) - VARIANT:=supplicant-mesh-mbedtls - DEPENDS+=+PACKAGE_wpa-supplicant-mesh-mbedtls:libmbedtls -endef - -define Package/wpa-supplicant-basic -$(call Package/wpa-supplicant/Default,$(1)) - TITLE+= (11r, 11w) - VARIANT:=supplicant-basic -endef - -define Package/wpa-supplicant-mini -$(call Package/wpa-supplicant/Default,$(1)) - TITLE+= (minimal) - VARIANT:=supplicant-mini -endef - - -define Package/hostapd-common - TITLE:=hostapd/wpa_supplicant common support files - SECTION:=net - CATEGORY:=Network - SUBMENU:=WirelessAPD -endef - -define Package/hostapd-utils - SECTION:=net - CATEGORY:=Network - SUBMENU:=WirelessAPD - TITLE:=IEEE 802.1x Authenticator (utils) - URL:=http://hostap.epitest.fi/ - DEPENDS:=@$(subst $(space),||,$(foreach pkg,$(HOSTAPD_PROVIDERS),PACKAGE_$(pkg))) - VARIANT:=* -endef - -define Package/hostapd-utils/description - This package contains a command line utility to control the - IEEE 802.1x/WPA/EAP/RADIUS Authenticator. -endef - -define Package/wpa-cli - SECTION:=net - CATEGORY:=Network - SUBMENU:=WirelessAPD - DEPENDS:=@$(subst $(space),||,$(foreach pkg,$(SUPPLICANT_PROVIDERS),PACKAGE_$(pkg))) - TITLE:=WPA Supplicant command line control utility - VARIANT:=* -endef - -define Package/eapol-test/Default - TITLE:=802.1x auth test utility - SECTION:=net - SUBMENU:=WirelessAPD - CATEGORY:=Network - DEPENDS:=$(DRV_DEPENDS) +libubus -endef - -define Package/eapol-test - $(call Package/eapol-test/Default,$(1)) - TITLE+= (built-in full) - VARIANT:=supplicant-full-internal -endef - -define Package/eapol-test-openssl - $(call Package/eapol-test/Default,$(1)) - TITLE+= (OpenSSL full) - VARIANT:=supplicant-full-openssl - CONFLICTS:=$(filter-out eapol-test-openssl ,$(EAPOL_TEST_PROVIDERS)) - DEPENDS+=+PACKAGE_eapol-test-openssl:libopenssl - PROVIDES:=eapol-test -endef - -define Package/eapol-test-wolfssl - $(call Package/eapol-test/Default,$(1)) - TITLE+= (wolfSSL full) - VARIANT:=supplicant-full-wolfssl - CONFLICTS:=$(filter-out eapol-test-openssl ,$(filter-out eapol-test-wolfssl ,$(EAPOL_TEST_PROVIDERS))) - DEPENDS+=+PACKAGE_eapol-test-wolfssl:libwolfssl - PROVIDES:=eapol-test -endef - -define Package/eapol-test-mbedtls - $(call Package/eapol-test/Default,$(1)) - TITLE+= (mbedTLS full) - VARIANT:=supplicant-full-mbedtls - CONFLICTS:=$(filter-out eapol-test-openssl ,$(filter-out eapol-test-mbedtls ,$(EAPOL_TEST_PROVIDERS))) - DEPENDS+=+PACKAGE_eapol-test-mbedtls:libmbedtls - PROVIDES:=eapol-test -endef - - -ifneq ($(wildcard $(PKG_BUILD_DIR)/.config_*),$(subst .configured_,.config_,$(STAMP_CONFIGURED))) - define Build/Configure/rebuild - $(FIND) $(PKG_BUILD_DIR) -name \*.o -or -name \*.a | $(XARGS) rm -f - rm -f $(PKG_BUILD_DIR)/hostapd/hostapd - rm -f $(PKG_BUILD_DIR)/wpa_supplicant/wpa_supplicant - rm -f $(PKG_BUILD_DIR)/.config_* - touch $(subst .configured_,.config_,$(STAMP_CONFIGURED)) - endef -endif - -define Build/Configure - $(Build/Configure/rebuild) - $(if $(wildcard ./files/hostapd-$(CONFIG_VARIANT).config), \ - $(CP) ./files/hostapd-$(CONFIG_VARIANT).config $(PKG_BUILD_DIR)/hostapd/.config \ - ) - $(if $(wildcard ./files/wpa_supplicant-$(CONFIG_VARIANT).config), \ - $(CP) ./files/wpa_supplicant-$(CONFIG_VARIANT).config $(PKG_BUILD_DIR)/wpa_supplicant/.config - ) -endef - -TARGET_CPPFLAGS := \ - -I$(STAGING_DIR)/usr/include/libnl-tiny \ - -I$(PKG_BUILD_DIR)/src/crypto \ - $(TARGET_CPPFLAGS) \ - -DCONFIG_LIBNL20 \ - -D_GNU_SOURCE \ - $(if $(CONFIG_WPA_MSG_MIN_PRIORITY),-DCONFIG_MSG_MIN_PRIORITY=$(CONFIG_WPA_MSG_MIN_PRIORITY)) - -TARGET_LDFLAGS += -lubox -lubus - -ifdef CONFIG_PACKAGE_kmod-cfg80211 - TARGET_LDFLAGS += -lm -lnl-tiny -endif - -ifdef CONFIG_WPA_ENABLE_WEP - DRIVER_MAKEOPTS += CONFIG_WEP=y -endif - -define Build/RunMake - CFLAGS="$(TARGET_CPPFLAGS) $(TARGET_CFLAGS)" \ - $(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/$(1) \ - $(TARGET_CONFIGURE_OPTS) \ - $(DRIVER_MAKEOPTS) \ - LIBS="$(TARGET_LDFLAGS)" \ - LIBS_c="$(TARGET_LDFLAGS_C)" \ - AR="$(TARGET_CROSS)gcc-ar" \ - BCHECK= \ - $(if $(findstring s,$(OPENWRT_VERBOSE)),V=1) \ - $(2) -endef - -define Build/Compile/wpad - echo ` \ - $(call Build/RunMake,hostapd,-s MULTICALL=1 dump_cflags); \ - $(call Build/RunMake,wpa_supplicant,-s MULTICALL=1 dump_cflags) | \ - sed -e 's,-n ,,g' -e 's^$(TARGET_CFLAGS)^^' \ - ` > $(PKG_BUILD_DIR)/.cflags - sed -i 's/"/\\"/g' $(PKG_BUILD_DIR)/.cflags - +$(call Build/RunMake,hostapd, \ - CFLAGS="$$$$(cat $(PKG_BUILD_DIR)/.cflags)" \ - MULTICALL=1 \ - hostapd_cli hostapd_multi.a \ - ) - +$(call Build/RunMake,wpa_supplicant, \ - CFLAGS="$$$$(cat $(PKG_BUILD_DIR)/.cflags)" \ - MULTICALL=1 \ - wpa_cli wpa_supplicant_multi.a \ - ) - +export MAKEFLAGS="$(MAKE_JOBSERVER)"; $(TARGET_CC) -o $(PKG_BUILD_DIR)/wpad \ - $(TARGET_CFLAGS) \ - ./files/multicall.c \ - $(PKG_BUILD_DIR)/hostapd/hostapd_multi.a \ - $(PKG_BUILD_DIR)/wpa_supplicant/wpa_supplicant_multi.a \ - $(TARGET_LDFLAGS) -endef - -define Build/Compile/hostapd - +$(call Build/RunMake,hostapd, \ - hostapd hostapd_cli \ - ) -endef - -define Build/Compile/supplicant - +$(call Build/RunMake,wpa_supplicant, \ - wpa_cli wpa_supplicant \ - ) -endef - -define Build/Compile/supplicant-full-internal - +$(call Build/RunMake,wpa_supplicant, \ - eapol_test \ - ) -endef - -define Build/Compile/supplicant-full-openssl - +$(call Build/RunMake,wpa_supplicant, \ - eapol_test \ - ) -endef - -define Build/Compile/supplicant-full-wolfssl - +$(call Build/RunMake,wpa_supplicant, \ - eapol_test \ - ) -endef - -define Build/Compile/supplicant-full-mbedtls - +$(call Build/RunMake,wpa_supplicant, \ - eapol_test \ - ) -endef - -define Build/Compile - $(Build/Compile/$(LOCAL_TYPE)) - $(Build/Compile/$(BUILD_VARIANT)) -endef - -define Install/hostapd - $(INSTALL_DIR) $(1)/usr/sbin -endef - -define Install/supplicant - $(INSTALL_DIR) $(1)/usr/sbin -endef - -define Package/hostapd-common/install - $(INSTALL_DIR) $(1)/etc/capabilities $(1)/etc/rc.button $(1)/etc/hotplug.d/ieee80211 $(1)/etc/init.d $(1)/lib/netifd $(1)/usr/share/acl.d - $(INSTALL_BIN) ./files/dhcp-get-server.sh $(1)/lib/netifd/dhcp-get-server.sh - $(INSTALL_DATA) ./files/hostapd.sh $(1)/lib/netifd/hostapd.sh - $(INSTALL_BIN) ./files/wpad.init $(1)/etc/init.d/wpad - $(INSTALL_BIN) ./files/wps-hotplug.sh $(1)/etc/rc.button/wps - $(INSTALL_DATA) ./files/wpad_acl.json $(1)/usr/share/acl.d - $(INSTALL_DATA) ./files/wpad.json $(1)/etc/capabilities -endef - -define Package/hostapd/install - $(call Install/hostapd,$(1)) - $(INSTALL_BIN) $(PKG_BUILD_DIR)/hostapd/hostapd $(1)/usr/sbin/ -endef -Package/hostapd-basic/install = $(Package/hostapd/install) -Package/hostapd-basic-openssl/install = $(Package/hostapd/install) -Package/hostapd-basic-wolfssl/install = $(Package/hostapd/install) -Package/hostapd-basic-mbedtls/install = $(Package/hostapd/install) -Package/hostapd-mini/install = $(Package/hostapd/install) -Package/hostapd-openssl/install = $(Package/hostapd/install) -Package/hostapd-wolfssl/install = $(Package/hostapd/install) -Package/hostapd-mbedtls/install = $(Package/hostapd/install) - -ifneq ($(LOCAL_TYPE),supplicant) - define Package/hostapd-utils/install - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/hostapd/hostapd_cli $(1)/usr/sbin/ - endef -endif - -define Package/wpad/install - $(call Install/hostapd,$(1)) - $(call Install/supplicant,$(1)) - $(INSTALL_BIN) $(PKG_BUILD_DIR)/wpad $(1)/usr/sbin/ - $(LN) wpad $(1)/usr/sbin/hostapd - $(LN) wpad $(1)/usr/sbin/wpa_supplicant -endef -Package/wpad-basic/install = $(Package/wpad/install) -Package/wpad-basic-openssl/install = $(Package/wpad/install) -Package/wpad-basic-wolfssl/install = $(Package/wpad/install) -Package/wpad-basic-mbedtls/install = $(Package/wpad/install) -Package/wpad-mini/install = $(Package/wpad/install) -Package/wpad-openssl/install = $(Package/wpad/install) -Package/wpad-wolfssl/install = $(Package/wpad/install) -Package/wpad-mbedtls/install = $(Package/wpad/install) -Package/wpad-mesh-openssl/install = $(Package/wpad/install) -Package/wpad-mesh-wolfssl/install = $(Package/wpad/install) -Package/wpad-mesh-mbedtls/install = $(Package/wpad/install) - -define Package/wpa-supplicant/install - $(call Install/supplicant,$(1)) - $(INSTALL_BIN) $(PKG_BUILD_DIR)/wpa_supplicant/wpa_supplicant $(1)/usr/sbin/ -endef -Package/wpa-supplicant-basic/install = $(Package/wpa-supplicant/install) -Package/wpa-supplicant-mini/install = $(Package/wpa-supplicant/install) -Package/wpa-supplicant-p2p/install = $(Package/wpa-supplicant/install) -Package/wpa-supplicant-openssl/install = $(Package/wpa-supplicant/install) -Package/wpa-supplicant-wolfssl/install = $(Package/wpa-supplicant/install) -Package/wpa-supplicant-mbedtls/install = $(Package/wpa-supplicant/install) -Package/wpa-supplicant-mesh-openssl/install = $(Package/wpa-supplicant/install) -Package/wpa-supplicant-mesh-wolfssl/install = $(Package/wpa-supplicant/install) -Package/wpa-supplicant-mesh-mbedtls/install = $(Package/wpa-supplicant/install) - -ifneq ($(LOCAL_TYPE),hostapd) - define Package/wpa-cli/install - $(INSTALL_DIR) $(1)/usr/sbin - $(CP) $(PKG_BUILD_DIR)/wpa_supplicant/wpa_cli $(1)/usr/sbin/ - endef -endif - -ifeq ($(BUILD_VARIANT),supplicant-full-internal) - define Package/eapol-test/install - $(INSTALL_DIR) $(1)/usr/sbin - $(CP) $(PKG_BUILD_DIR)/wpa_supplicant/eapol_test $(1)/usr/sbin/ - endef -endif - -ifeq ($(BUILD_VARIANT),supplicant-full-openssl) - define Package/eapol-test-openssl/install - $(INSTALL_DIR) $(1)/usr/sbin - $(CP) $(PKG_BUILD_DIR)/wpa_supplicant/eapol_test $(1)/usr/sbin/ - endef -endif - -ifeq ($(BUILD_VARIANT),supplicant-full-wolfssl) - define Package/eapol-test-wolfssl/install - $(INSTALL_DIR) $(1)/usr/sbin - $(CP) $(PKG_BUILD_DIR)/wpa_supplicant/eapol_test $(1)/usr/sbin/ - endef -endif - -ifeq ($(BUILD_VARIANT),supplicant-full-mbedtls) - define Package/eapol-test-mbedtls/install - $(INSTALL_DIR) $(1)/usr/sbin - $(CP) $(PKG_BUILD_DIR)/wpa_supplicant/eapol_test $(1)/usr/sbin/ - endef -endif - -# Build hostapd-common before its dependents, to avoid -# spurious rebuilds when building multiple variants. -$(eval $(call BuildPackage,hostapd-common)) -$(eval $(call BuildPackage,hostapd)) -$(eval $(call BuildPackage,hostapd-basic)) -$(eval $(call BuildPackage,hostapd-basic-openssl)) -$(eval $(call BuildPackage,hostapd-basic-wolfssl)) -$(eval $(call BuildPackage,hostapd-basic-mbedtls)) -$(eval $(call BuildPackage,hostapd-mini)) -$(eval $(call BuildPackage,hostapd-openssl)) -$(eval $(call BuildPackage,hostapd-wolfssl)) -$(eval $(call BuildPackage,hostapd-mbedtls)) -$(eval $(call BuildPackage,wpad)) -$(eval $(call BuildPackage,wpad-mesh-openssl)) -$(eval $(call BuildPackage,wpad-mesh-wolfssl)) -$(eval $(call BuildPackage,wpad-mesh-mbedtls)) -$(eval $(call BuildPackage,wpad-basic)) -$(eval $(call BuildPackage,wpad-basic-openssl)) -$(eval $(call BuildPackage,wpad-basic-wolfssl)) -$(eval $(call BuildPackage,wpad-basic-mbedtls)) -$(eval $(call BuildPackage,wpad-mini)) -$(eval $(call BuildPackage,wpad-openssl)) -$(eval $(call BuildPackage,wpad-wolfssl)) -$(eval $(call BuildPackage,wpad-mbedtls)) -$(eval $(call BuildPackage,wpa-supplicant)) -$(eval $(call BuildPackage,wpa-supplicant-mesh-openssl)) -$(eval $(call BuildPackage,wpa-supplicant-mesh-wolfssl)) -$(eval $(call BuildPackage,wpa-supplicant-mesh-mbedtls)) -$(eval $(call BuildPackage,wpa-supplicant-basic)) -$(eval $(call BuildPackage,wpa-supplicant-mini)) -$(eval $(call BuildPackage,wpa-supplicant-p2p)) -$(eval $(call BuildPackage,wpa-supplicant-openssl)) -$(eval $(call BuildPackage,wpa-supplicant-wolfssl)) -$(eval $(call BuildPackage,wpa-supplicant-mbedtls)) -$(eval $(call BuildPackage,wpa-cli)) -$(eval $(call BuildPackage,hostapd-utils)) -$(eval $(call BuildPackage,eapol-test)) -$(eval $(call BuildPackage,eapol-test-openssl)) -$(eval $(call BuildPackage,eapol-test-wolfssl)) -$(eval $(call BuildPackage,eapol-test-mbedtls)) diff --git a/package/network/services/hostapd/README.md b/package/network/services/hostapd/README.md deleted file mode 100644 index 2150863306..0000000000 --- a/package/network/services/hostapd/README.md +++ /dev/null @@ -1,419 +0,0 @@ -# UBUS methods - hostapd - -## bss_mgmt_enable -Enable 802.11k/v features. - -### arguments -| Name | Type | Required | Description | -|---|---|---|---| -| neighbor_report | bool | no | enable 802.11k neighbor reports | -| beacon_report | bool | no | enable 802.11k beacon reports | -| link_measurements | bool | no | enable 802.11k link measurements | -| bss_transition | bool | no | enable 802.11v BSS transition support | - -### example -`ubus call hostapd.wl5-fb bss_mgmt_enable '{ "neighbor_report": true, "beacon_report": true, "link_measurements": true, "bss_transition": true -}'` - - -## bss_transition_request -Initiate an 802.11v transition request. - -### arguments -| Name | Type | Required | Description | -|---|---|---|---| -| addr | string | yes | client MAC address | -| disassociation_imminent | bool | no | set Disassociation Imminent bit | -| disassociation_timer | int32 | no | disassociate client if it doesn't roam after this time | -| validity_period | int32 | no | validity of the BSS Transition Candiate List | -| neighbors | array | no | BSS Transition Candidate List | -| abridged | bool | no | prefer APs in the BSS Transition Candidate List | -| dialog_token | int32 | no | identifier for the request/report transaction | -| mbo_reason | int32 | no | MBO Transition Reason Code Attribute | -| cell_pref | int32 | no | MBO Cellular Data Connection Preference Attribute | -| reassoc_delay | int32 | no | MBO Re-association retry delay | - -### example -`ubus call hostapd.wl5-fb bss_transition_request '{ "addr": "68:2F:67:8B:98:ED", "disassociation_imminent": false, "disassociation_timer": 0, "validity_period": 30, "neighbors": ["b6a7b9cbeebabf5900008064090603026a00"], "abridged": 1 }'` - - -## config_add -Dynamically load a BSS configuration from a file. This is used by netifd's mac80211 support script to configure BSSes on multiple PHYs in a single hostapd instance. - -### arguments -| Name | Type | Required | Description | -|---|---|---|---| -| iface | string | yes | WiFi interface name | -| config | string | yes | path to hostapd config file | - - -## config_remove -Dynamically remove a BSS configuration. - -### arguments -| Name | Type | Required | Description | -|---|---|---|---| -| iface | string | yes | WiFi interface name | - - -## del_client -Kick a client off the network. - -### arguments -| Name | Type | Required | Description | -|---|---|---|---| -| addr | string | yes | client MAC address | -| reason | int32 | no | 802.11 reason code | -| deauth | bool | no | deauthenticates client instead of disassociating | -| ban_time | int32 | no | ban client for N milliseconds | - -### example -`ubus call hostapd.wl5-fb del_client '{ "addr": "68:2f:67:8b:98:ed", "reason": 5, "deauth": true, "ban_time": 10000 }'` - - -## get_clients -Show associated clients. - -### example -`ubus call hostapd.wl5-fb get_clients` - -### output -```json -{ - "freq": 5260, - "clients": { - "68:2f:67:8b:98:ed": { - "auth": true, - "assoc": true, - "authorized": true, - "preauth": false, - "wds": false, - "wmm": true, - "ht": true, - "vht": true, - "he": false, - "wps": false, - "mfp": true, - "rrm": [ - 0, - 0, - 0, - 0, - 0 - ], - "extended_capabilities": [ - 0, - 0, - 0, - 0, - 0, - 0, - 0, - 64 - ], - "aid": 3, - "signature": "wifi4|probe:0,1,45,127,107,191,221(0017f2,10),221(001018,2),htcap:006f,htagg:1b,htmcs:0000ffff,vhtcap:0f825832,vhtrxmcs:0000ffea,vhttxmcs:0000ffea,extcap:0000008000000040|assoc:0,1,33,36,48,45,127,191,221(0017f2,10),221(001018,2),221(0050f2,2),htcap:006f,htagg:1b,htmcs:0000ffff,vhtcap:0f825832,vhtrxmcs:0000ffea,vhttxmcs:0000ffea,txpow:14f9,extcap:0000000000000040", - "bytes": { - "rx": 1933667, - "tx": 746805 - }, - "airtime": { - "rx": 208863, - "tx": 9037883 - }, - "packets": { - "rx": 3587, - "tx": 2185 - }, - "rate": { - "rx": 866700, - "tx": 866700 - }, - "signal": -50, - "capabilities": { - "vht": { - "su_beamformee": true, - "mu_beamformee": false, - "mcs_map": { - "rx": { - "1ss": 9, - "2ss": 9, - "3ss": 9, - "4ss": -1, - "5ss": -1, - "6ss": -1, - "7ss": -1, - "8ss": -1 - }, - "tx": { - "1ss": 9, - "2ss": 9, - "3ss": 9, - "4ss": -1, - "5ss": -1, - "6ss": -1, - "7ss": -1, - "8ss": -1 - } - } - } - } - } - } -} -``` - - -## get_features -Show HT/VHT support. - -### example -`ubus call hostapd.wl5-fb get_features` - -### output -```json -{ - "ht_supported": true, - "vht_supported": true -} -``` - - -## get_status -Get BSS status. - -### example -`ubus call hostapd.wl5-fb get_status` - -### output -```json -{ - "status": "ENABLED", - "bssid": "b6:a7:b9:cb:ee:bc", - "ssid": "fb", - "freq": 5260, - "channel": 52, - "op_class": 128, - "beacon_interval": 100, - "phy": "wl5-lan", - "rrm": { - "neighbor_report_tx": 0 - }, - "wnm": { - "bss_transition_query_rx": 0, - "bss_transition_request_tx": 0, - "bss_transition_response_rx": 0 - }, - "airtime": { - "time": 259561738, - "time_busy": 2844249, - "utilization": 0 - }, - "dfs": { - "cac_seconds": 60, - "cac_active": false, - "cac_seconds_left": 0 - } -} -``` - - -## link_measurement_req -Initiate an 802.11k Link Measurement Request. - -### arguments -| Name | Type | Required | Description | -|---|---|---|---| -| addr | string | yes | client MAC address | -| tx-power-used | int32 | no | transmit power used to transmit the Link Measurement Request frame | -| tx-power-max | int32 | no | upper limit of transmit power to be used by the client | - - -## list_bans -List banned clients. - -### example -`ubus call hostapd.wl5-fb list_bans` - -### output -```json -{ - "clients": [ - "68:2f:67:8b:98:ed" - ] -} -``` - - -## notify_response -When enabled, hostapd will send a ubus notification and wait for a response before responding to various requests. This is used by e.g. usteer to make it possible to ignore probe requests. - -:warning: enabling this will cause hostapd to stop responding to probe requests unless a ubus subscriber responds to the ubus notifications. - -### arguments -| Name | Type | Required | Description | -|---|---|---|---| -| notify_response | int32 | yes | disable (0) or enable (!0) | - -### example -`ubus call hostapd.wl5-fb notify_response '{ "notify_response": 1 }'` - -## reload -Reload BSS configuration. - -:warning: this can cause problems for certain configurations: - -``` -Mon May 16 16:09:08 2022 daemon.warn hostapd: Failed to check if DFS is required; ret=-1 -Mon May 16 16:09:08 2022 daemon.warn hostapd: Failed to check if DFS is required; ret=-1 -Mon May 16 16:09:08 2022 daemon.err hostapd: Wrong coupling between HT and VHT/HE channel setting -``` - -### example -`ubus call hostapd.wl5-fb reload` - - -## rrm_beacon_req -Send a Beacon Measurement Request to a client. - -### arguments -| Name | Type | Required | Description | -|---|---|---|---| -| addr | string | yes | client MAC address | -| op_class | int32 | yes | the Regulatory Class for which this Measurement Request applies | -| channel | int32 | yes | channel to measure | -| duration | int32 | yes | compile Beacon Measurement Report after N TU | -| mode | int32 | yes | mode to be used for measurement (0: passive, 1: active, 2: beacon table) | -| bssid | string | no | filter BSSes in Beacon Measurement Report by BSSID | -| ssid | string | no | filter BSSes in Beacon Measurement Report by SSID| - - -## rrm_nr_get_own -Show Neighbor Report Element for this BSS. - -### example -`ubus call hostapd.wl5-fb rrm_nr_get_own` - -### output -```json -{ - "value": [ - "b6:a7:b9:cb:ee:bc", - "fb", - "b6a7b9cbeebcaf5900008095090603029b00" - ] -} -``` - - -## rrm_nr_list -Show Neighbor Report Elements for other BSSes in this ESS. - -### example -`ubus call hostapd.wl5-fb rrm_nr_list` - -### output -```json -{ - "list": [ - [ - "b6:a7:b9:cb:ee:ba", - "fb", - "b6a7b9cbeebabf5900008064090603026a00" - ] - ] -} -``` - -## rrm_nr_set -Set the Neighbor Report Elements. An element for the node on which this command is executed will always be added. - -### arguments -| Name | Type | Required | Description | -|---|---|---|---| -| list | array | yes | array of Neighbor Report Elements in the format of the rrm_nr_list output | - -### example -`ubus call hostapd.wl5-fb rrm_nr_set '{ "list": [ [ "b6:a7:b9:cb:ee:ba", "fb", "b6a7b9cbeebabf5900008064090603026a00" ] ] }'` - - -## set_vendor_elements -Configure Vendor-specific Information Elements for BSS. - -### arguments -| Name | Type | Required | Description | -|---|---|---|---| -| vendor_elements | string | yes | Vendor-specific Information Elements as hex string | - -### example -`ubus call hostapd.wl5-fb set_vendor_elements '{ "vendor_elements": "dd054857dd6662" }'` - - -## switch_chan -Initiate a channel switch. - -:warning: trying to switch to the channel that is currently in use will fail: `Command failed: Operation not supported` - -### arguments -| Name | Type | Required | Description | -|---|---|---|---| -| freq | int32 | yes | frequency in MHz to switch to | -| bcn_count | int32 | no | count in Beacon frames (TBTT) to perform the switch | -| center_freq1 | int32 | no | segment 0 center frequency in MHz (valid for HT and VHT) | -| center_freq2 | int32 | no | segment 1 center frequency in MHz (valid only for 80 MHz channel width and an 80+80 channel) | -| bandwidth | int32 | no | channel width to use | -| sec_channel_offset| int32 | no | secondary channel offset for HT40 (0 = disabled, 1 = HT40+, -1 = HT40-) | -| ht | bool | no | enable 802.11n | -| vht | bool | no | enable 802.11ac | -| he | bool | no | enable 802.11ax | -| block_tx | bool | no | block transmission during CSA period | -| csa_force | bool | no | restart the interface in case the CSA fails | - -## example -`ubus call hostapd.wl5-fb switch_chan '{ "freq": 5180, "bcn_count": 10, "center_freq1": 5210, "bandwidth": 80, "he": 1, "block_tx": 1, "csa_force": 0 }'` - - -## update_airtime -Set dynamic airtime weight for client. - -### arguments -| Name | Type | Required | Description | -|---|---|---|---| -| sta | string | yes | client MAC address | -| weight | int32 | yes | airtime weight | - - -## update_beacon -Force beacon frame content to be updated and to start beaconing on an interface that uses start_disabled=1. - -### example -`ubus call hostapd.wl5-fb update_beacon` - - -## wps_status -Get WPS status for BSS. - -### example -`ubus call hostapd.wl5-fb wps_status` - -### output -```json -{ - "pbc_status": "Disabled", - "last_wps_result": "None" -} -``` - - -## wps_cancel -Cancel WPS Push Button Configuration. - -### example -`ubus call hostapd.wl5-fb wps_cancel` - - -## wps_start -Start WPS Push Button Configuration. - -### example -`ubus call hostapd.wl5-fb wps_start` diff --git a/package/network/services/hostapd/files/dhcp-get-server.sh b/package/network/services/hostapd/files/dhcp-get-server.sh deleted file mode 100644 index a1509ace2f..0000000000 --- a/package/network/services/hostapd/files/dhcp-get-server.sh +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -[ "$1" = bound ] && echo "$serverid" diff --git a/package/network/services/hostapd/files/hostapd-basic.config b/package/network/services/hostapd/files/hostapd-basic.config deleted file mode 100644 index 3d19d8f902..0000000000 --- a/package/network/services/hostapd/files/hostapd-basic.config +++ /dev/null @@ -1,404 +0,0 @@ -# Example hostapd build time configuration -# -# This file lists the configuration options that are used when building the -# hostapd binary. All lines starting with # are ignored. Configuration option -# lines must be commented out complete, if they are not to be included, i.e., -# just setting VARIABLE=n is not disabling that variable. -# -# This file is included in Makefile, so variables like CFLAGS and LIBS can also -# be modified from here. In most cass, these lines should use += in order not -# to override previous values of the variables. - -# Driver interface for Host AP driver -#CONFIG_DRIVER_HOSTAP=y - -# Driver interface for wired authenticator -CONFIG_DRIVER_WIRED=y - -# Driver interface for drivers using the nl80211 kernel interface -CONFIG_DRIVER_NL80211=y - -# QCA vendor extensions to nl80211 -#CONFIG_DRIVER_NL80211_QCA=y - -# driver_nl80211.c requires libnl. If you are compiling it yourself -# you may need to point hostapd to your version of libnl. -# -#CFLAGS += -I$ -#LIBS += -L$ - -# Use libnl v2.0 (or 3.0) libraries. -#CONFIG_LIBNL20=y - -# Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored) -#CONFIG_LIBNL32=y - - -# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) -#CONFIG_DRIVER_BSD=y -#CFLAGS += -I/usr/local/include -#LIBS += -L/usr/local/lib -#LIBS_p += -L/usr/local/lib -#LIBS_c += -L/usr/local/lib - -# Driver interface for no driver (e.g., RADIUS server only) -#CONFIG_DRIVER_NONE=y - -# IEEE 802.11F/IAPP -#CONFIG_IAPP=y - -# WPA2/IEEE 802.11i RSN pre-authentication -CONFIG_RSN_PREAUTH=y - -# IEEE 802.11w (management frame protection) -#CONFIG_IEEE80211W=y - -# Support Operating Channel Validation -CONFIG_OCV=y - -# Integrated EAP server -#CONFIG_EAP=y - -# EAP Re-authentication Protocol (ERP) in integrated EAP server -#CONFIG_ERP=y - -# EAP-MD5 for the integrated EAP server -#CONFIG_EAP_MD5=y - -# EAP-TLS for the integrated EAP server -#CONFIG_EAP_TLS=y - -# EAP-MSCHAPv2 for the integrated EAP server -#CONFIG_EAP_MSCHAPV2=y - -# EAP-PEAP for the integrated EAP server -#CONFIG_EAP_PEAP=y - -# EAP-GTC for the integrated EAP server -#CONFIG_EAP_GTC=y - -# EAP-TTLS for the integrated EAP server -#CONFIG_EAP_TTLS=y - -# EAP-SIM for the integrated EAP server -#CONFIG_EAP_SIM=y - -# EAP-AKA for the integrated EAP server -#CONFIG_EAP_AKA=y - -# EAP-AKA' for the integrated EAP server -# This requires CONFIG_EAP_AKA to be enabled, too. -#CONFIG_EAP_AKA_PRIME=y - -# EAP-PAX for the integrated EAP server -#CONFIG_EAP_PAX=y - -# EAP-PSK for the integrated EAP server (this is _not_ needed for WPA-PSK) -#CONFIG_EAP_PSK=y - -# EAP-pwd for the integrated EAP server (secure authentication with a password) -#CONFIG_EAP_PWD=y - -# EAP-SAKE for the integrated EAP server -#CONFIG_EAP_SAKE=y - -# EAP-GPSK for the integrated EAP server -#CONFIG_EAP_GPSK=y -# Include support for optional SHA256 cipher suite in EAP-GPSK -#CONFIG_EAP_GPSK_SHA256=y - -# EAP-FAST for the integrated EAP server -#CONFIG_EAP_FAST=y - -# EAP-TEAP for the integrated EAP server -# Note: The current EAP-TEAP implementation is experimental and should not be -# enabled for production use. The IETF RFC 7170 that defines EAP-TEAP has number -# of conflicting statements and missing details and the implementation has -# vendor specific workarounds for those and as such, may not interoperate with -# any other implementation. This should not be used for anything else than -# experimentation and interoperability testing until those issues has been -# resolved. -#CONFIG_EAP_TEAP=y - -# Wi-Fi Protected Setup (WPS) -#CONFIG_WPS=y -# Enable UPnP support for external WPS Registrars -#CONFIG_WPS_UPNP=y -# Enable WPS support with NFC config method -#CONFIG_WPS_NFC=y - -# EAP-IKEv2 -#CONFIG_EAP_IKEV2=y - -# Trusted Network Connect (EAP-TNC) -#CONFIG_EAP_TNC=y - -# EAP-EKE for the integrated EAP server -#CONFIG_EAP_EKE=y - -# PKCS#12 (PFX) support (used to read private key and certificate file from -# a file that usually has extension .p12 or .pfx) -#CONFIG_PKCS12=y - -# RADIUS authentication server. This provides access to the integrated EAP -# server from external hosts using RADIUS. -#CONFIG_RADIUS_SERVER=y - -# Build IPv6 support for RADIUS operations -#CONFIG_IPV6=y - -# IEEE Std 802.11r-2008 (Fast BSS Transition) -CONFIG_IEEE80211R=y - -# Use the hostapd's IEEE 802.11 authentication (ACL), but without -# the IEEE 802.11 Management capability (e.g., FreeBSD/net80211) -#CONFIG_DRIVER_RADIUS_ACL=y - -# IEEE 802.11n (High Throughput) support -CONFIG_IEEE80211N=y - -# Wireless Network Management (IEEE Std 802.11v-2011) -# Note: This is experimental and not complete implementation. -#CONFIG_WNM=y - -# IEEE 802.11ac (Very High Throughput) support -CONFIG_IEEE80211AC=y - -# IEEE 802.11ax HE support -# Note: This is experimental and work in progress. The definitions are still -# subject to change and this should not be expected to interoperate with the -# final IEEE 802.11ax version. -#CONFIG_IEEE80211AX=y - -# Remove debugging code that is printing out debug messages to stdout. -# This can be used to reduce the size of the hostapd considerably if debugging -# code is not needed. -#CONFIG_NO_STDOUT_DEBUG=y - -# Add support for writing debug log to a file: -f /tmp/hostapd.log -# Disabled by default. -#CONFIG_DEBUG_FILE=y - -# Send debug messages to syslog instead of stdout -CONFIG_DEBUG_SYSLOG=y - -# Add support for sending all debug messages (regardless of debug verbosity) -# to the Linux kernel tracing facility. This helps debug the entire stack by -# making it easy to record everything happening from the driver up into the -# same file, e.g., using trace-cmd. -#CONFIG_DEBUG_LINUX_TRACING=y - -# Remove support for RADIUS accounting -CONFIG_NO_ACCOUNTING=y - -# Remove support for RADIUS -CONFIG_NO_RADIUS=y - -# Remove support for VLANs -#CONFIG_NO_VLAN=y - -# Enable support for fully dynamic VLANs. This enables hostapd to -# automatically create bridge and VLAN interfaces if necessary. -#CONFIG_FULL_DYNAMIC_VLAN=y - -# Use netlink-based kernel API for VLAN operations instead of ioctl() -# Note: This requires libnl 3.1 or newer. -#CONFIG_VLAN_NETLINK=y - -# Remove support for dumping internal state through control interface commands -# This can be used to reduce binary size at the cost of disabling a debugging -# option. -CONFIG_NO_DUMP_STATE=y - -# Enable tracing code for developer debugging -# This tracks use of memory allocations and other registrations and reports -# incorrect use with a backtrace of call (or allocation) location. -#CONFIG_WPA_TRACE=y -# For BSD, comment out these. -#LIBS += -lexecinfo -#LIBS_p += -lexecinfo -#LIBS_c += -lexecinfo - -# Use libbfd to get more details for developer debugging -# This enables use of libbfd to get more detailed symbols for the backtraces -# generated by CONFIG_WPA_TRACE=y. -#CONFIG_WPA_TRACE_BFD=y -# For BSD, comment out these. -#LIBS += -lbfd -liberty -lz -#LIBS_p += -lbfd -liberty -lz -#LIBS_c += -lbfd -liberty -lz - -# hostapd depends on strong random number generation being available from the -# operating system. os_get_random() function is used to fetch random data when -# needed, e.g., for key generation. On Linux and BSD systems, this works by -# reading /dev/urandom. It should be noted that the OS entropy pool needs to be -# properly initialized before hostapd is started. This is important especially -# on embedded devices that do not have a hardware random number generator and -# may by default start up with minimal entropy available for random number -# generation. -# -# As a safety net, hostapd is by default trying to internally collect -# additional entropy for generating random data to mix in with the data -# fetched from the OS. This by itself is not considered to be very strong, but -# it may help in cases where the system pool is not initialized properly. -# However, it is very strongly recommended that the system pool is initialized -# with enough entropy either by using hardware assisted random number -# generator or by storing state over device reboots. -# -# hostapd can be configured to maintain its own entropy store over restarts to -# enhance random number generation. This is not perfect, but it is much more -# secure than using the same sequence of random numbers after every reboot. -# This can be enabled with -e command line option. The specified -# file needs to be readable and writable by hostapd. -# -# If the os_get_random() is known to provide strong random data (e.g., on -# Linux/BSD, the board in question is known to have reliable source of random -# data from /dev/urandom), the internal hostapd random pool can be disabled. -# This will save some in binary size and CPU use. However, this should only be -# considered for builds that are known to be used on devices that meet the -# requirements described above. -CONFIG_NO_RANDOM_POOL=y - -# Should we attempt to use the getrandom(2) call that provides more reliable -# yet secure randomness source than /dev/random on Linux 3.17 and newer. -# Requires glibc 2.25 to build, falls back to /dev/random if unavailable. -CONFIG_GETRANDOM=y - -# Should we use poll instead of select? Select is used by default. -#CONFIG_ELOOP_POLL=y - -# Should we use epoll instead of select? Select is used by default. -CONFIG_ELOOP_EPOLL=y - -# Should we use kqueue instead of select? Select is used by default. -#CONFIG_ELOOP_KQUEUE=y - -# Select TLS implementation -# openssl = OpenSSL (default) -# gnutls = GnuTLS -# internal = Internal TLSv1 implementation (experimental) -# linux = Linux kernel AF_ALG and internal TLSv1 implementation (experimental) -# none = Empty template -CONFIG_TLS=internal - -# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1) -# can be enabled to get a stronger construction of messages when block ciphers -# are used. -#CONFIG_TLSV11=y - -# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.2) -# can be enabled to enable use of stronger crypto algorithms. -#CONFIG_TLSV12=y - -# Select which ciphers to use by default with OpenSSL if the user does not -# specify them. -#CONFIG_TLS_DEFAULT_CIPHERS="DEFAULT:!EXP:!LOW" - -# If CONFIG_TLS=internal is used, additional library and include paths are -# needed for LibTomMath. Alternatively, an integrated, minimal version of -# LibTomMath can be used. See beginning of libtommath.c for details on benefits -# and drawbacks of this option. -#CONFIG_INTERNAL_LIBTOMMATH=y -#ifndef CONFIG_INTERNAL_LIBTOMMATH -#LTM_PATH=/usr/src/libtommath-0.39 -#CFLAGS += -I$(LTM_PATH) -#LIBS += -L$(LTM_PATH) -#LIBS_p += -L$(LTM_PATH) -#endif -# At the cost of about 4 kB of additional binary size, the internal LibTomMath -# can be configured to include faster routines for exptmod, sqr, and div to -# speed up DH and RSA calculation considerably -#CONFIG_INTERNAL_LIBTOMMATH_FAST=y - -# Interworking (IEEE 802.11u) -# This can be used to enable functionality to improve interworking with -# external networks. -#CONFIG_INTERWORKING=y - -# Hotspot 2.0 -#CONFIG_HS20=y - -# Enable SQLite database support in hlr_auc_gw, EAP-SIM DB, and eap_user_file -#CONFIG_SQLITE=y - -# Enable Fast Session Transfer (FST) -#CONFIG_FST=y - -# Enable CLI commands for FST testing -#CONFIG_FST_TEST=y - -# Testing options -# This can be used to enable some testing options (see also the example -# configuration file) that are really useful only for testing clients that -# connect to this hostapd. These options allow, for example, to drop a -# certain percentage of probe requests or auth/(re)assoc frames. -# -#CONFIG_TESTING_OPTIONS=y - -# Automatic Channel Selection -# This will allow hostapd to pick the channel automatically when channel is set -# to "acs_survey" or "0". Eventually, other ACS algorithms can be added in -# similar way. -# -# Automatic selection is currently only done through initialization, later on -# we hope to do background checks to keep us moving to more ideal channels as -# time goes by. ACS is currently only supported through the nl80211 driver and -# your driver must have survey dump capability that is filled by the driver -# during scanning. -# -# You can customize the ACS survey algorithm with the hostapd.conf variable -# acs_num_scans. -# -# Supported ACS drivers: -# * ath9k -# * ath5k -# * ath10k -# -# For more details refer to: -# http://wireless.kernel.org/en/users/Documentation/acs -# -#CONFIG_ACS=y - -# Multiband Operation support -# These extentions facilitate efficient use of multiple frequency bands -# available to the AP and the devices that may associate with it. -#CONFIG_MBO=y - -# Client Taxonomy -# Has the AP retain the Probe Request and (Re)Association Request frames from -# a client, from which a signature can be produced which can identify the model -# of client device like "Nexus 6P" or "iPhone 5s". -#CONFIG_TAXONOMY=y - -# Fast Initial Link Setup (FILS) (IEEE 802.11ai) -#CONFIG_FILS=y -# FILS shared key authentication with PFS -#CONFIG_FILS_SK_PFS=y - -# Include internal line edit mode in hostapd_cli. This can be used to provide -# limited command line editing and history support. -#CONFIG_WPA_CLI_EDIT=y - -# Opportunistic Wireless Encryption (OWE) -# Experimental implementation of draft-harkins-owe-07.txt -#CONFIG_OWE=y - -# Airtime policy support -CONFIG_AIRTIME_POLICY=y - -# Proxy ARP support -#CONFIG_PROXYARP=y - -# Override default value for the wpa_disable_eapol_key_retries configuration -# parameter. See that parameter in hostapd.conf for more details. -#CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1 - -# uBus IPC/RPC System -# Services can connect to the bus and provide methods -# that can be called by other services or clients. -CONFIG_UBUS=y - -# OpenWrt patch 380-disable-ctrl-iface-mib.patch -# leads to the MIB only being compiled in if -# CONFIG_CTRL_IFACE_MIB is enabled. -#CONFIG_CTRL_IFACE_MIB=y diff --git a/package/network/services/hostapd/files/hostapd-full.config b/package/network/services/hostapd/files/hostapd-full.config deleted file mode 100644 index 9076ebc44f..0000000000 --- a/package/network/services/hostapd/files/hostapd-full.config +++ /dev/null @@ -1,404 +0,0 @@ -# Example hostapd build time configuration -# -# This file lists the configuration options that are used when building the -# hostapd binary. All lines starting with # are ignored. Configuration option -# lines must be commented out complete, if they are not to be included, i.e., -# just setting VARIABLE=n is not disabling that variable. -# -# This file is included in Makefile, so variables like CFLAGS and LIBS can also -# be modified from here. In most cass, these lines should use += in order not -# to override previous values of the variables. - -# Driver interface for Host AP driver -#CONFIG_DRIVER_HOSTAP=y - -# Driver interface for wired authenticator -CONFIG_DRIVER_WIRED=y - -# Driver interface for drivers using the nl80211 kernel interface -CONFIG_DRIVER_NL80211=y - -# QCA vendor extensions to nl80211 -#CONFIG_DRIVER_NL80211_QCA=y - -# driver_nl80211.c requires libnl. If you are compiling it yourself -# you may need to point hostapd to your version of libnl. -# -#CFLAGS += -I$ -#LIBS += -L$ - -# Use libnl v2.0 (or 3.0) libraries. -#CONFIG_LIBNL20=y - -# Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored) -#CONFIG_LIBNL32=y - - -# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) -#CONFIG_DRIVER_BSD=y -#CFLAGS += -I/usr/local/include -#LIBS += -L/usr/local/lib -#LIBS_p += -L/usr/local/lib -#LIBS_c += -L/usr/local/lib - -# Driver interface for no driver (e.g., RADIUS server only) -#CONFIG_DRIVER_NONE=y - -# IEEE 802.11F/IAPP -CONFIG_IAPP=y - -# WPA2/IEEE 802.11i RSN pre-authentication -CONFIG_RSN_PREAUTH=y - -# IEEE 802.11w (management frame protection) -#CONFIG_IEEE80211W=y - -# Support Operating Channel Validation -CONFIG_OCV=y - -# Integrated EAP server -CONFIG_EAP=y - -# EAP Re-authentication Protocol (ERP) in integrated EAP server -CONFIG_ERP=y - -# EAP-MD5 for the integrated EAP server -CONFIG_EAP_MD5=y - -# EAP-TLS for the integrated EAP server -CONFIG_EAP_TLS=y - -# EAP-MSCHAPv2 for the integrated EAP server -CONFIG_EAP_MSCHAPV2=y - -# EAP-PEAP for the integrated EAP server -CONFIG_EAP_PEAP=y - -# EAP-GTC for the integrated EAP server -CONFIG_EAP_GTC=y - -# EAP-TTLS for the integrated EAP server -CONFIG_EAP_TTLS=y - -# EAP-SIM for the integrated EAP server -#CONFIG_EAP_SIM=y - -# EAP-AKA for the integrated EAP server -#CONFIG_EAP_AKA=y - -# EAP-AKA' for the integrated EAP server -# This requires CONFIG_EAP_AKA to be enabled, too. -#CONFIG_EAP_AKA_PRIME=y - -# EAP-PAX for the integrated EAP server -#CONFIG_EAP_PAX=y - -# EAP-PSK for the integrated EAP server (this is _not_ needed for WPA-PSK) -#CONFIG_EAP_PSK=y - -# EAP-pwd for the integrated EAP server (secure authentication with a password) -#CONFIG_EAP_PWD=y - -# EAP-SAKE for the integrated EAP server -#CONFIG_EAP_SAKE=y - -# EAP-GPSK for the integrated EAP server -#CONFIG_EAP_GPSK=y -# Include support for optional SHA256 cipher suite in EAP-GPSK -#CONFIG_EAP_GPSK_SHA256=y - -# EAP-FAST for the integrated EAP server -CONFIG_EAP_FAST=y - -# EAP-TEAP for the integrated EAP server -# Note: The current EAP-TEAP implementation is experimental and should not be -# enabled for production use. The IETF RFC 7170 that defines EAP-TEAP has number -# of conflicting statements and missing details and the implementation has -# vendor specific workarounds for those and as such, may not interoperate with -# any other implementation. This should not be used for anything else than -# experimentation and interoperability testing until those issues has been -# resolved. -#CONFIG_EAP_TEAP=y - -# Wi-Fi Protected Setup (WPS) -CONFIG_WPS=y -# Enable UPnP support for external WPS Registrars -#CONFIG_WPS_UPNP=y -# Enable WPS support with NFC config method -#CONFIG_WPS_NFC=y - -# EAP-IKEv2 -#CONFIG_EAP_IKEV2=y - -# Trusted Network Connect (EAP-TNC) -#CONFIG_EAP_TNC=y - -# EAP-EKE for the integrated EAP server -#CONFIG_EAP_EKE=y - -# PKCS#12 (PFX) support (used to read private key and certificate file from -# a file that usually has extension .p12 or .pfx) -CONFIG_PKCS12=y - -# RADIUS authentication server. This provides access to the integrated EAP -# server from external hosts using RADIUS. -CONFIG_RADIUS_SERVER=y - -# Build IPv6 support for RADIUS operations -CONFIG_IPV6=y - -# IEEE Std 802.11r-2008 (Fast BSS Transition) -CONFIG_IEEE80211R=y - -# Use the hostapd's IEEE 802.11 authentication (ACL), but without -# the IEEE 802.11 Management capability (e.g., FreeBSD/net80211) -#CONFIG_DRIVER_RADIUS_ACL=y - -# IEEE 802.11n (High Throughput) support -CONFIG_IEEE80211N=y - -# Wireless Network Management (IEEE Std 802.11v-2011) -# Note: This is experimental and not complete implementation. -CONFIG_WNM=y - -# IEEE 802.11ac (Very High Throughput) support -CONFIG_IEEE80211AC=y - -# IEEE 802.11ax HE support -# Note: This is experimental and work in progress. The definitions are still -# subject to change and this should not be expected to interoperate with the -# final IEEE 802.11ax version. -#CONFIG_IEEE80211AX=y - -# Remove debugging code that is printing out debug messages to stdout. -# This can be used to reduce the size of the hostapd considerably if debugging -# code is not needed. -#CONFIG_NO_STDOUT_DEBUG=y - -# Add support for writing debug log to a file: -f /tmp/hostapd.log -# Disabled by default. -#CONFIG_DEBUG_FILE=y - -# Send debug messages to syslog instead of stdout -CONFIG_DEBUG_SYSLOG=y - -# Add support for sending all debug messages (regardless of debug verbosity) -# to the Linux kernel tracing facility. This helps debug the entire stack by -# making it easy to record everything happening from the driver up into the -# same file, e.g., using trace-cmd. -#CONFIG_DEBUG_LINUX_TRACING=y - -# Remove support for RADIUS accounting -#CONFIG_NO_ACCOUNTING=y - -# Remove support for RADIUS -#CONFIG_NO_RADIUS=y - -# Remove support for VLANs -#CONFIG_NO_VLAN=y - -# Enable support for fully dynamic VLANs. This enables hostapd to -# automatically create bridge and VLAN interfaces if necessary. -CONFIG_FULL_DYNAMIC_VLAN=y - -# Use netlink-based kernel API for VLAN operations instead of ioctl() -# Note: This requires libnl 3.1 or newer. -#CONFIG_VLAN_NETLINK=y - -# Remove support for dumping internal state through control interface commands -# This can be used to reduce binary size at the cost of disabling a debugging -# option. -CONFIG_NO_DUMP_STATE=y - -# Enable tracing code for developer debugging -# This tracks use of memory allocations and other registrations and reports -# incorrect use with a backtrace of call (or allocation) location. -#CONFIG_WPA_TRACE=y -# For BSD, comment out these. -#LIBS += -lexecinfo -#LIBS_p += -lexecinfo -#LIBS_c += -lexecinfo - -# Use libbfd to get more details for developer debugging -# This enables use of libbfd to get more detailed symbols for the backtraces -# generated by CONFIG_WPA_TRACE=y. -#CONFIG_WPA_TRACE_BFD=y -# For BSD, comment out these. -#LIBS += -lbfd -liberty -lz -#LIBS_p += -lbfd -liberty -lz -#LIBS_c += -lbfd -liberty -lz - -# hostapd depends on strong random number generation being available from the -# operating system. os_get_random() function is used to fetch random data when -# needed, e.g., for key generation. On Linux and BSD systems, this works by -# reading /dev/urandom. It should be noted that the OS entropy pool needs to be -# properly initialized before hostapd is started. This is important especially -# on embedded devices that do not have a hardware random number generator and -# may by default start up with minimal entropy available for random number -# generation. -# -# As a safety net, hostapd is by default trying to internally collect -# additional entropy for generating random data to mix in with the data -# fetched from the OS. This by itself is not considered to be very strong, but -# it may help in cases where the system pool is not initialized properly. -# However, it is very strongly recommended that the system pool is initialized -# with enough entropy either by using hardware assisted random number -# generator or by storing state over device reboots. -# -# hostapd can be configured to maintain its own entropy store over restarts to -# enhance random number generation. This is not perfect, but it is much more -# secure than using the same sequence of random numbers after every reboot. -# This can be enabled with -e command line option. The specified -# file needs to be readable and writable by hostapd. -# -# If the os_get_random() is known to provide strong random data (e.g., on -# Linux/BSD, the board in question is known to have reliable source of random -# data from /dev/urandom), the internal hostapd random pool can be disabled. -# This will save some in binary size and CPU use. However, this should only be -# considered for builds that are known to be used on devices that meet the -# requirements described above. -CONFIG_NO_RANDOM_POOL=y - -# Should we attempt to use the getrandom(2) call that provides more reliable -# yet secure randomness source than /dev/random on Linux 3.17 and newer. -# Requires glibc 2.25 to build, falls back to /dev/random if unavailable. -CONFIG_GETRANDOM=y - -# Should we use poll instead of select? Select is used by default. -#CONFIG_ELOOP_POLL=y - -# Should we use epoll instead of select? Select is used by default. -CONFIG_ELOOP_EPOLL=y - -# Should we use kqueue instead of select? Select is used by default. -#CONFIG_ELOOP_KQUEUE=y - -# Select TLS implementation -# openssl = OpenSSL (default) -# gnutls = GnuTLS -# internal = Internal TLSv1 implementation (experimental) -# linux = Linux kernel AF_ALG and internal TLSv1 implementation (experimental) -# none = Empty template -CONFIG_TLS=internal - -# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1) -# can be enabled to get a stronger construction of messages when block ciphers -# are used. -#CONFIG_TLSV11=y - -# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.2) -# can be enabled to enable use of stronger crypto algorithms. -#CONFIG_TLSV12=y - -# Select which ciphers to use by default with OpenSSL if the user does not -# specify them. -#CONFIG_TLS_DEFAULT_CIPHERS="DEFAULT:!EXP:!LOW" - -# If CONFIG_TLS=internal is used, additional library and include paths are -# needed for LibTomMath. Alternatively, an integrated, minimal version of -# LibTomMath can be used. See beginning of libtommath.c for details on benefits -# and drawbacks of this option. -CONFIG_INTERNAL_LIBTOMMATH=y -#ifndef CONFIG_INTERNAL_LIBTOMMATH -#LTM_PATH=/usr/src/libtommath-0.39 -#CFLAGS += -I$(LTM_PATH) -#LIBS += -L$(LTM_PATH) -#LIBS_p += -L$(LTM_PATH) -#endif -# At the cost of about 4 kB of additional binary size, the internal LibTomMath -# can be configured to include faster routines for exptmod, sqr, and div to -# speed up DH and RSA calculation considerably -#CONFIG_INTERNAL_LIBTOMMATH_FAST=y - -# Interworking (IEEE 802.11u) -# This can be used to enable functionality to improve interworking with -# external networks. -CONFIG_INTERWORKING=y - -# Hotspot 2.0 -CONFIG_HS20=y - -# Enable SQLite database support in hlr_auc_gw, EAP-SIM DB, and eap_user_file -#CONFIG_SQLITE=y - -# Enable Fast Session Transfer (FST) -#CONFIG_FST=y - -# Enable CLI commands for FST testing -#CONFIG_FST_TEST=y - -# Testing options -# This can be used to enable some testing options (see also the example -# configuration file) that are really useful only for testing clients that -# connect to this hostapd. These options allow, for example, to drop a -# certain percentage of probe requests or auth/(re)assoc frames. -# -#CONFIG_TESTING_OPTIONS=y - -# Automatic Channel Selection -# This will allow hostapd to pick the channel automatically when channel is set -# to "acs_survey" or "0". Eventually, other ACS algorithms can be added in -# similar way. -# -# Automatic selection is currently only done through initialization, later on -# we hope to do background checks to keep us moving to more ideal channels as -# time goes by. ACS is currently only supported through the nl80211 driver and -# your driver must have survey dump capability that is filled by the driver -# during scanning. -# -# You can customize the ACS survey algorithm with the hostapd.conf variable -# acs_num_scans. -# -# Supported ACS drivers: -# * ath9k -# * ath5k -# * ath10k -# -# For more details refer to: -# http://wireless.kernel.org/en/users/Documentation/acs -# -#CONFIG_ACS=y - -# Multiband Operation support -# These extentions facilitate efficient use of multiple frequency bands -# available to the AP and the devices that may associate with it. -#CONFIG_MBO=y - -# Client Taxonomy -# Has the AP retain the Probe Request and (Re)Association Request frames from -# a client, from which a signature can be produced which can identify the model -# of client device like "Nexus 6P" or "iPhone 5s". -CONFIG_TAXONOMY=y - -# Fast Initial Link Setup (FILS) (IEEE 802.11ai) -#CONFIG_FILS=y -# FILS shared key authentication with PFS -#CONFIG_FILS_SK_PFS=y - -# Include internal line edit mode in hostapd_cli. This can be used to provide -# limited command line editing and history support. -#CONFIG_WPA_CLI_EDIT=y - -# Opportunistic Wireless Encryption (OWE) -# Experimental implementation of draft-harkins-owe-07.txt -#CONFIG_OWE=y - -# Airtime policy support -CONFIG_AIRTIME_POLICY=y - -# Proxy ARP support -CONFIG_PROXYARP=y - -# Override default value for the wpa_disable_eapol_key_retries configuration -# parameter. See that parameter in hostapd.conf for more details. -#CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1 - -# uBus IPC/RPC System -# Services can connect to the bus and provide methods -# that can be called by other services or clients. -CONFIG_UBUS=y - -# OpenWrt patch 380-disable-ctrl-iface-mib.patch -# leads to the MIB only being compiled in if -# CONFIG_CTRL_IFACE_MIB is enabled. -CONFIG_CTRL_IFACE_MIB=y diff --git a/package/network/services/hostapd/files/hostapd-mini.config b/package/network/services/hostapd/files/hostapd-mini.config deleted file mode 100644 index f2ed071ec0..0000000000 --- a/package/network/services/hostapd/files/hostapd-mini.config +++ /dev/null @@ -1,404 +0,0 @@ -# Example hostapd build time configuration -# -# This file lists the configuration options that are used when building the -# hostapd binary. All lines starting with # are ignored. Configuration option -# lines must be commented out complete, if they are not to be included, i.e., -# just setting VARIABLE=n is not disabling that variable. -# -# This file is included in Makefile, so variables like CFLAGS and LIBS can also -# be modified from here. In most cass, these lines should use += in order not -# to override previous values of the variables. - -# Driver interface for Host AP driver -#CONFIG_DRIVER_HOSTAP=y - -# Driver interface for wired authenticator -CONFIG_DRIVER_WIRED=y - -# Driver interface for drivers using the nl80211 kernel interface -CONFIG_DRIVER_NL80211=y - -# QCA vendor extensions to nl80211 -#CONFIG_DRIVER_NL80211_QCA=y - -# driver_nl80211.c requires libnl. If you are compiling it yourself -# you may need to point hostapd to your version of libnl. -# -#CFLAGS += -I$ -#LIBS += -L$ - -# Use libnl v2.0 (or 3.0) libraries. -#CONFIG_LIBNL20=y - -# Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored) -#CONFIG_LIBNL32=y - - -# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) -#CONFIG_DRIVER_BSD=y -#CFLAGS += -I/usr/local/include -#LIBS += -L/usr/local/lib -#LIBS_p += -L/usr/local/lib -#LIBS_c += -L/usr/local/lib - -# Driver interface for no driver (e.g., RADIUS server only) -#CONFIG_DRIVER_NONE=y - -# IEEE 802.11F/IAPP -#CONFIG_IAPP=y - -# WPA2/IEEE 802.11i RSN pre-authentication -CONFIG_RSN_PREAUTH=y - -# IEEE 802.11w (management frame protection) -#CONFIG_IEEE80211W=y - -# Support Operating Channel Validation -#CONFIG_OCV=y - -# Integrated EAP server -#CONFIG_EAP=y - -# EAP Re-authentication Protocol (ERP) in integrated EAP server -#CONFIG_ERP=y - -# EAP-MD5 for the integrated EAP server -#CONFIG_EAP_MD5=y - -# EAP-TLS for the integrated EAP server -#CONFIG_EAP_TLS=y - -# EAP-MSCHAPv2 for the integrated EAP server -#CONFIG_EAP_MSCHAPV2=y - -# EAP-PEAP for the integrated EAP server -#CONFIG_EAP_PEAP=y - -# EAP-GTC for the integrated EAP server -#CONFIG_EAP_GTC=y - -# EAP-TTLS for the integrated EAP server -#CONFIG_EAP_TTLS=y - -# EAP-SIM for the integrated EAP server -#CONFIG_EAP_SIM=y - -# EAP-AKA for the integrated EAP server -#CONFIG_EAP_AKA=y - -# EAP-AKA' for the integrated EAP server -# This requires CONFIG_EAP_AKA to be enabled, too. -#CONFIG_EAP_AKA_PRIME=y - -# EAP-PAX for the integrated EAP server -#CONFIG_EAP_PAX=y - -# EAP-PSK for the integrated EAP server (this is _not_ needed for WPA-PSK) -#CONFIG_EAP_PSK=y - -# EAP-pwd for the integrated EAP server (secure authentication with a password) -#CONFIG_EAP_PWD=y - -# EAP-SAKE for the integrated EAP server -#CONFIG_EAP_SAKE=y - -# EAP-GPSK for the integrated EAP server -#CONFIG_EAP_GPSK=y -# Include support for optional SHA256 cipher suite in EAP-GPSK -#CONFIG_EAP_GPSK_SHA256=y - -# EAP-FAST for the integrated EAP server -#CONFIG_EAP_FAST=y - -# EAP-TEAP for the integrated EAP server -# Note: The current EAP-TEAP implementation is experimental and should not be -# enabled for production use. The IETF RFC 7170 that defines EAP-TEAP has number -# of conflicting statements and missing details and the implementation has -# vendor specific workarounds for those and as such, may not interoperate with -# any other implementation. This should not be used for anything else than -# experimentation and interoperability testing until those issues has been -# resolved. -#CONFIG_EAP_TEAP=y - -# Wi-Fi Protected Setup (WPS) -#CONFIG_WPS=y -# Enable UPnP support for external WPS Registrars -#CONFIG_WPS_UPNP=y -# Enable WPS support with NFC config method -#CONFIG_WPS_NFC=y - -# EAP-IKEv2 -#CONFIG_EAP_IKEV2=y - -# Trusted Network Connect (EAP-TNC) -#CONFIG_EAP_TNC=y - -# EAP-EKE for the integrated EAP server -#CONFIG_EAP_EKE=y - -# PKCS#12 (PFX) support (used to read private key and certificate file from -# a file that usually has extension .p12 or .pfx) -#CONFIG_PKCS12=y - -# RADIUS authentication server. This provides access to the integrated EAP -# server from external hosts using RADIUS. -#CONFIG_RADIUS_SERVER=y - -# Build IPv6 support for RADIUS operations -#CONFIG_IPV6=y - -# IEEE Std 802.11r-2008 (Fast BSS Transition) -#CONFIG_IEEE80211R=y - -# Use the hostapd's IEEE 802.11 authentication (ACL), but without -# the IEEE 802.11 Management capability (e.g., FreeBSD/net80211) -#CONFIG_DRIVER_RADIUS_ACL=y - -# IEEE 802.11n (High Throughput) support -CONFIG_IEEE80211N=y - -# Wireless Network Management (IEEE Std 802.11v-2011) -# Note: This is experimental and not complete implementation. -#CONFIG_WNM=y - -# IEEE 802.11ac (Very High Throughput) support -CONFIG_IEEE80211AC=y - -# IEEE 802.11ax HE support -# Note: This is experimental and work in progress. The definitions are still -# subject to change and this should not be expected to interoperate with the -# final IEEE 802.11ax version. -#CONFIG_IEEE80211AX=y - -# Remove debugging code that is printing out debug messages to stdout. -# This can be used to reduce the size of the hostapd considerably if debugging -# code is not needed. -#CONFIG_NO_STDOUT_DEBUG=y - -# Add support for writing debug log to a file: -f /tmp/hostapd.log -# Disabled by default. -#CONFIG_DEBUG_FILE=y - -# Send debug messages to syslog instead of stdout -CONFIG_DEBUG_SYSLOG=y - -# Add support for sending all debug messages (regardless of debug verbosity) -# to the Linux kernel tracing facility. This helps debug the entire stack by -# making it easy to record everything happening from the driver up into the -# same file, e.g., using trace-cmd. -#CONFIG_DEBUG_LINUX_TRACING=y - -# Remove support for RADIUS accounting -CONFIG_NO_ACCOUNTING=y - -# Remove support for RADIUS -CONFIG_NO_RADIUS=y - -# Remove support for VLANs -#CONFIG_NO_VLAN=y - -# Enable support for fully dynamic VLANs. This enables hostapd to -# automatically create bridge and VLAN interfaces if necessary. -#CONFIG_FULL_DYNAMIC_VLAN=y - -# Use netlink-based kernel API for VLAN operations instead of ioctl() -# Note: This requires libnl 3.1 or newer. -#CONFIG_VLAN_NETLINK=y - -# Remove support for dumping internal state through control interface commands -# This can be used to reduce binary size at the cost of disabling a debugging -# option. -CONFIG_NO_DUMP_STATE=y - -# Enable tracing code for developer debugging -# This tracks use of memory allocations and other registrations and reports -# incorrect use with a backtrace of call (or allocation) location. -#CONFIG_WPA_TRACE=y -# For BSD, comment out these. -#LIBS += -lexecinfo -#LIBS_p += -lexecinfo -#LIBS_c += -lexecinfo - -# Use libbfd to get more details for developer debugging -# This enables use of libbfd to get more detailed symbols for the backtraces -# generated by CONFIG_WPA_TRACE=y. -#CONFIG_WPA_TRACE_BFD=y -# For BSD, comment out these. -#LIBS += -lbfd -liberty -lz -#LIBS_p += -lbfd -liberty -lz -#LIBS_c += -lbfd -liberty -lz - -# hostapd depends on strong random number generation being available from the -# operating system. os_get_random() function is used to fetch random data when -# needed, e.g., for key generation. On Linux and BSD systems, this works by -# reading /dev/urandom. It should be noted that the OS entropy pool needs to be -# properly initialized before hostapd is started. This is important especially -# on embedded devices that do not have a hardware random number generator and -# may by default start up with minimal entropy available for random number -# generation. -# -# As a safety net, hostapd is by default trying to internally collect -# additional entropy for generating random data to mix in with the data -# fetched from the OS. This by itself is not considered to be very strong, but -# it may help in cases where the system pool is not initialized properly. -# However, it is very strongly recommended that the system pool is initialized -# with enough entropy either by using hardware assisted random number -# generator or by storing state over device reboots. -# -# hostapd can be configured to maintain its own entropy store over restarts to -# enhance random number generation. This is not perfect, but it is much more -# secure than using the same sequence of random numbers after every reboot. -# This can be enabled with -e command line option. The specified -# file needs to be readable and writable by hostapd. -# -# If the os_get_random() is known to provide strong random data (e.g., on -# Linux/BSD, the board in question is known to have reliable source of random -# data from /dev/urandom), the internal hostapd random pool can be disabled. -# This will save some in binary size and CPU use. However, this should only be -# considered for builds that are known to be used on devices that meet the -# requirements described above. -CONFIG_NO_RANDOM_POOL=y - -# Should we attempt to use the getrandom(2) call that provides more reliable -# yet secure randomness source than /dev/random on Linux 3.17 and newer. -# Requires glibc 2.25 to build, falls back to /dev/random if unavailable. -CONFIG_GETRANDOM=y - -# Should we use poll instead of select? Select is used by default. -#CONFIG_ELOOP_POLL=y - -# Should we use epoll instead of select? Select is used by default. -CONFIG_ELOOP_EPOLL=y - -# Should we use kqueue instead of select? Select is used by default. -#CONFIG_ELOOP_KQUEUE=y - -# Select TLS implementation -# openssl = OpenSSL (default) -# gnutls = GnuTLS -# internal = Internal TLSv1 implementation (experimental) -# linux = Linux kernel AF_ALG and internal TLSv1 implementation (experimental) -# none = Empty template -CONFIG_TLS=internal - -# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1) -# can be enabled to get a stronger construction of messages when block ciphers -# are used. -#CONFIG_TLSV11=y - -# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.2) -# can be enabled to enable use of stronger crypto algorithms. -#CONFIG_TLSV12=y - -# Select which ciphers to use by default with OpenSSL if the user does not -# specify them. -#CONFIG_TLS_DEFAULT_CIPHERS="DEFAULT:!EXP:!LOW" - -# If CONFIG_TLS=internal is used, additional library and include paths are -# needed for LibTomMath. Alternatively, an integrated, minimal version of -# LibTomMath can be used. See beginning of libtommath.c for details on benefits -# and drawbacks of this option. -#CONFIG_INTERNAL_LIBTOMMATH=y -#ifndef CONFIG_INTERNAL_LIBTOMMATH -#LTM_PATH=/usr/src/libtommath-0.39 -#CFLAGS += -I$(LTM_PATH) -#LIBS += -L$(LTM_PATH) -#LIBS_p += -L$(LTM_PATH) -#endif -# At the cost of about 4 kB of additional binary size, the internal LibTomMath -# can be configured to include faster routines for exptmod, sqr, and div to -# speed up DH and RSA calculation considerably -#CONFIG_INTERNAL_LIBTOMMATH_FAST=y - -# Interworking (IEEE 802.11u) -# This can be used to enable functionality to improve interworking with -# external networks. -#CONFIG_INTERWORKING=y - -# Hotspot 2.0 -#CONFIG_HS20=y - -# Enable SQLite database support in hlr_auc_gw, EAP-SIM DB, and eap_user_file -#CONFIG_SQLITE=y - -# Enable Fast Session Transfer (FST) -#CONFIG_FST=y - -# Enable CLI commands for FST testing -#CONFIG_FST_TEST=y - -# Testing options -# This can be used to enable some testing options (see also the example -# configuration file) that are really useful only for testing clients that -# connect to this hostapd. These options allow, for example, to drop a -# certain percentage of probe requests or auth/(re)assoc frames. -# -#CONFIG_TESTING_OPTIONS=y - -# Automatic Channel Selection -# This will allow hostapd to pick the channel automatically when channel is set -# to "acs_survey" or "0". Eventually, other ACS algorithms can be added in -# similar way. -# -# Automatic selection is currently only done through initialization, later on -# we hope to do background checks to keep us moving to more ideal channels as -# time goes by. ACS is currently only supported through the nl80211 driver and -# your driver must have survey dump capability that is filled by the driver -# during scanning. -# -# You can customize the ACS survey algorithm with the hostapd.conf variable -# acs_num_scans. -# -# Supported ACS drivers: -# * ath9k -# * ath5k -# * ath10k -# -# For more details refer to: -# http://wireless.kernel.org/en/users/Documentation/acs -# -#CONFIG_ACS=y - -# Multiband Operation support -# These extentions facilitate efficient use of multiple frequency bands -# available to the AP and the devices that may associate with it. -#CONFIG_MBO=y - -# Client Taxonomy -# Has the AP retain the Probe Request and (Re)Association Request frames from -# a client, from which a signature can be produced which can identify the model -# of client device like "Nexus 6P" or "iPhone 5s". -#CONFIG_TAXONOMY=y - -# Fast Initial Link Setup (FILS) (IEEE 802.11ai) -#CONFIG_FILS=y -# FILS shared key authentication with PFS -#CONFIG_FILS_SK_PFS=y - -# Include internal line edit mode in hostapd_cli. This can be used to provide -# limited command line editing and history support. -#CONFIG_WPA_CLI_EDIT=y - -# Opportunistic Wireless Encryption (OWE) -# Experimental implementation of draft-harkins-owe-07.txt -#CONFIG_OWE=y - -# Airtime policy support -#CONFIG_AIRTIME_POLICY=y - -# Proxy ARP support -#CONFIG_PROXYARP=y - -# Override default value for the wpa_disable_eapol_key_retries configuration -# parameter. See that parameter in hostapd.conf for more details. -#CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1 - -# uBus IPC/RPC System -# Services can connect to the bus and provide methods -# that can be called by other services or clients. -CONFIG_UBUS=y - -# OpenWrt patch 380-disable-ctrl-iface-mib.patch -# leads to the MIB only being compiled in if -# CONFIG_CTRL_IFACE_MIB is enabled. -#CONFIG_CTRL_IFACE_MIB=y diff --git a/package/network/services/hostapd/files/hostapd.sh b/package/network/services/hostapd/files/hostapd.sh deleted file mode 100644 index 28bd210623..0000000000 --- a/package/network/services/hostapd/files/hostapd.sh +++ /dev/null @@ -1,1616 +0,0 @@ -. /lib/functions/network.sh -. /lib/functions.sh - -wpa_supplicant_add_rate() { - local var="$1" - local val="$(($2 / 1000))" - local sub="$((($2 / 100) % 10))" - append $var "$val" "," - [ $sub -gt 0 ] && append $var "." -} - -hostapd_add_rate() { - local var="$1" - local val="$(($2 / 100))" - append $var "$val" " " -} - -hostapd_append_wep_key() { - local var="$1" - - wep_keyidx=0 - set_default key 1 - case "$key" in - [1234]) - for idx in 1 2 3 4; do - local zidx - zidx="$(($idx - 1))" - json_get_var ckey "key${idx}" - [ -n "$ckey" ] && \ - append $var "wep_key${zidx}=$(prepare_key_wep "$ckey")" "$N$T" - done - wep_keyidx="$((key - 1))" - ;; - *) - append $var "wep_key0=$(prepare_key_wep "$key")" "$N$T" - ;; - esac -} - -hostapd_append_wpa_key_mgmt() { - local auth_type_l="$(echo $auth_type | tr 'a-z' 'A-Z')" - - case "$auth_type" in - psk|eap) - append wpa_key_mgmt "WPA-$auth_type_l" - [ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-${auth_type_l}" - [ "${ieee80211w:-0}" -gt 0 ] && append wpa_key_mgmt "WPA-${auth_type_l}-SHA256" - ;; - eap192) - append wpa_key_mgmt "WPA-EAP-SUITE-B-192" - [ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-EAP-SHA384" - ;; - eap-eap192) - append wpa_key_mgmt "WPA-EAP-SUITE-B-192" - append wpa_key_mgmt "WPA-EAP" - [ "${ieee80211r:-0}" -gt 0 ] && { - append wpa_key_mgmt "FT-EAP-SHA384" - append wpa_key_mgmt "FT-EAP" - } - [ "${ieee80211w:-0}" -gt 0 ] && append wpa_key_mgmt "WPA-EAP-SHA256" - ;; - sae) - append wpa_key_mgmt "SAE" - [ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-SAE" - ;; - psk-sae) - append wpa_key_mgmt "WPA-PSK" - [ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-PSK" - [ "${ieee80211w:-0}" -gt 0 ] && append wpa_key_mgmt "WPA-PSK-SHA256" - append wpa_key_mgmt "SAE" - [ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-SAE" - ;; - owe) - append wpa_key_mgmt "OWE" - ;; - esac - - [ "$fils" -gt 0 ] && { - case "$auth_type" in - eap*) - append wpa_key_mgmt FILS-SHA256 - [ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt FT-FILS-SHA256 - ;; - esac - } - - [ "$auth_osen" = "1" ] && append wpa_key_mgmt "OSEN" -} - -hostapd_add_log_config() { - config_add_boolean \ - log_80211 \ - log_8021x \ - log_radius \ - log_wpa \ - log_driver \ - log_iapp \ - log_mlme - - config_add_int log_level -} - -hostapd_common_add_device_config() { - config_add_array basic_rate - config_add_array supported_rates - config_add_string beacon_rate - - config_add_string country country3 - config_add_boolean country_ie doth - config_add_boolean spectrum_mgmt_required - config_add_int local_pwr_constraint - config_add_string require_mode - config_add_boolean legacy_rates - config_add_int cell_density - config_add_int rts_threshold - config_add_int rssi_reject_assoc_rssi - config_add_int rssi_ignore_probe_request - config_add_int maxassoc - - config_add_string acs_chan_bias - config_add_array hostapd_options - - config_add_int airtime_mode - - hostapd_add_log_config -} - -hostapd_prepare_device_config() { - local config="$1" - local driver="$2" - - local base_cfg= - - json_get_vars country country3 country_ie beacon_int:100 doth require_mode legacy_rates \ - acs_chan_bias local_pwr_constraint spectrum_mgmt_required airtime_mode cell_density \ - rts_threshold beacon_rate rssi_reject_assoc_rssi rssi_ignore_probe_request maxassoc - - hostapd_set_log_options base_cfg - - set_default country_ie 1 - set_default spectrum_mgmt_required 0 - set_default doth 1 - set_default legacy_rates 0 - set_default airtime_mode 0 - set_default cell_density 0 - - [ -n "$country" ] && { - append base_cfg "country_code=$country" "$N" - [ -n "$country3" ] && append base_cfg "country3=$country3" "$N" - - [ "$country_ie" -gt 0 ] && { - append base_cfg "ieee80211d=1" "$N" - [ -n "$local_pwr_constraint" ] && append base_cfg "local_pwr_constraint=$local_pwr_constraint" "$N" - [ "$spectrum_mgmt_required" -gt 0 ] && append base_cfg "spectrum_mgmt_required=$spectrum_mgmt_required" "$N" - } - [ "$hwmode" = "a" -a "$doth" -gt 0 ] && append base_cfg "ieee80211h=1" "$N" - } - - [ -n "$acs_chan_bias" ] && append base_cfg "acs_chan_bias=$acs_chan_bias" "$N" - - local brlist= br - json_get_values basic_rate_list basic_rate - local rlist= r - json_get_values rate_list supported_rates - - [ -n "$hwmode" ] && append base_cfg "hw_mode=$hwmode" "$N" - if [ "$hwmode" = "g" ] || [ "$hwmode" = "a" ]; then - [ -n "$require_mode" ] && legacy_rates=0 - case "$require_mode" in - n) append base_cfg "require_ht=1" "$N";; - ac) append base_cfg "require_vht=1" "$N";; - esac - fi - case "$hwmode" in - b) - if [ "$cell_density" -eq 1 ]; then - set_default rate_list "5500 11000" - set_default basic_rate_list "5500 11000" - elif [ "$cell_density" -ge 2 ]; then - set_default rate_list "11000" - set_default basic_rate_list "11000" - fi - ;; - g) - if [ "$cell_density" -eq 0 ] || [ "$cell_density" -eq 1 ]; then - if [ "$legacy_rates" -eq 0 ]; then - set_default rate_list "6000 9000 12000 18000 24000 36000 48000 54000" - set_default basic_rate_list "6000 12000 24000" - elif [ "$cell_density" -eq 1 ]; then - set_default rate_list "5500 6000 9000 11000 12000 18000 24000 36000 48000 54000" - set_default basic_rate_list "5500 11000" - fi - elif [ "$cell_density" -ge 3 ] && [ "$legacy_rates" -ne 0 ] || [ "$cell_density" -eq 2 ]; then - if [ "$legacy_rates" -eq 0 ]; then - set_default rate_list "12000 18000 24000 36000 48000 54000" - set_default basic_rate_list "12000 24000" - else - set_default rate_list "11000 12000 18000 24000 36000 48000 54000" - set_default basic_rate_list "11000" - fi - elif [ "$cell_density" -ge 3 ]; then - set_default rate_list "24000 36000 48000 54000" - set_default basic_rate_list "24000" - fi - ;; - a) - if [ "$cell_density" -eq 1 ]; then - set_default rate_list "6000 9000 12000 18000 24000 36000 48000 54000" - set_default basic_rate_list "6000 12000 24000" - elif [ "$cell_density" -eq 2 ]; then - set_default rate_list "12000 18000 24000 36000 48000 54000" - set_default basic_rate_list "12000 24000" - elif [ "$cell_density" -ge 3 ]; then - set_default rate_list "24000 36000 48000 54000" - set_default basic_rate_list "24000" - fi - ;; - esac - - for r in $rate_list; do - hostapd_add_rate rlist "$r" - done - - for br in $basic_rate_list; do - hostapd_add_rate brlist "$br" - done - - [ -n "$rssi_reject_assoc_rssi" ] && append base_cfg "rssi_reject_assoc_rssi=$rssi_reject_assoc_rssi" "$N" - [ -n "$rssi_ignore_probe_request" ] && append base_cfg "rssi_ignore_probe_request=$rssi_ignore_probe_request" "$N" - [ -n "$beacon_rate" ] && append base_cfg "beacon_rate=$beacon_rate" "$N" - [ -n "$rlist" ] && append base_cfg "supported_rates=$rlist" "$N" - [ -n "$brlist" ] && append base_cfg "basic_rates=$brlist" "$N" - append base_cfg "beacon_int=$beacon_int" "$N" - [ -n "$rts_threshold" ] && append base_cfg "rts_threshold=$rts_threshold" "$N" - [ "$airtime_mode" -gt 0 ] && append base_cfg "airtime_mode=$airtime_mode" "$N" - [ -n "$maxassoc" ] && append base_cfg "iface_max_num_sta=$maxassoc" "$N" - - json_get_values opts hostapd_options - for val in $opts; do - append base_cfg "$val" "$N" - done - - cat > "$config" <