Message ID | 20200724142940.5264-2-ynezz@true.cz |
---|---|
State | Superseded |
Delegated to: | Petr Štetiar |
Headers | show |
Series | Support TLS/SSL and WPA3-Personal/SAE by default | expand |
On Fri, Jul 24, 2020 at 04:29:38PM +0200, Petr Štetiar wrote: > Add package which provides wpad with WPA-PSK, SAE (WPA3-Personal), > 802.11r and 802.11w support. I think this should be merged with wpad-mesh. It's almost the same, but only adds support for 802.11s mesh in addition. > > Signed-off-by: Petr Štetiar <ynezz@true.cz> > --- > include/target.mk | 2 +- > package/network/services/hostapd/Config.in | 2 ++ > package/network/services/hostapd/Makefile | 20 ++++++++++++++++++++ > 3 files changed, 23 insertions(+), 1 deletion(-) > > diff --git a/include/target.mk b/include/target.mk > index aba477e83b8b..6ed6565bdaa2 100644 > --- a/include/target.mk > +++ b/include/target.mk > @@ -56,7 +56,7 @@ endif > DEFAULT_PACKAGES += $(DEFAULT_PACKAGES.$(DEVICE_TYPE)) > > filter_packages = $(filter-out -% $(patsubst -%,%,$(filter -%,$(1))),$(1)) > -extra_packages = $(if $(filter wpad-mini wpad-basic wpad nas,$(1)),iwinfo) > +extra_packages = $(if $(filter wpad-mini wpad-basic wpad-basic-wolfssl wpad nas,$(1)),iwinfo) > > define ProfileDefault > NAME:= > diff --git a/package/network/services/hostapd/Config.in b/package/network/services/hostapd/Config.in > index 81a374c6525a..aa2a4bc41b5b 100644 > --- a/package/network/services/hostapd/Config.in > +++ b/package/network/services/hostapd/Config.in > @@ -13,6 +13,7 @@ config WPA_RFKILL_SUPPORT > PACKAGE_wpad-openssl || \ > PACKAGE_wpad-wolfssl || \ > PACKAGE_wpad-basic || \ > + PACKAGE_wpad-basic-wolfssl || \ > PACKAGE_wpad-mini || \ > PACKAGE_wpad-mesh-openssl || \ > PACKAGE_wpad-mesh-wolfssl > @@ -32,6 +33,7 @@ config WPA_MSG_MIN_PRIORITY > PACKAGE_wpad-openssl || \ > PACKAGE_wpad-wolfssl || \ > PACKAGE_wpad-basic || \ > + PACKAGE_wpad-basic-wolfssl || \ > PACKAGE_wpad-mini || \ > PACKAGE_wpad-mesh-openssl || \ > PACKAGE_wpad-mesh-wolfssl > diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile > index d754f19857ea..df1a80d3dabb 100644 > --- a/package/network/services/hostapd/Makefile > +++ b/package/network/services/hostapd/Makefile > @@ -109,6 +109,13 @@ ifeq ($(LOCAL_VARIANT),full) > endif > endif > > +ifeq ($(LOCAL_VARIANT),basic) > + ifeq ($(SSL_VARIANT),wolfssl) > + DRIVER_MAKEOPTS += CONFIG_TLS=wolfssl CONFIG_SAE=y > + TARGET_LDFLAGS += -lwolfssl > + endif > +endif > + > ifneq ($(LOCAL_TYPE),hostapd) > ifeq ($(LOCAL_VARIANT),mesh) > ifeq ($(SSL_VARIANT),openssl) > @@ -248,6 +255,17 @@ define Package/wpad-basic/description > This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, 802.11r and 802.11w support. > endef > > +define Package/wpad-basic-wolfssl > +$(call Package/wpad/Default,$(1)) > + TITLE+= (WPA3-Personal, 11r and 11w) > + VARIANT:=wpad-basic-wolfssl > + DEPENDS+=+libwolfssl > +endef > + > +define Package/wpad-basic-wolfssl/description > + This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w support. > +endef > + > define Package/wpad-mini > $(call Package/wpad/Default,$(1)) > TITLE+= (WPA-PSK only) > @@ -567,6 +585,7 @@ define Package/wpad/install > $(LN) wpad $(1)/usr/sbin/wpa_supplicant > endef > Package/wpad-basic/install = $(Package/wpad/install) > +Package/wpad-basic-wolfssl/install = $(Package/wpad/install) > Package/wpad-mini/install = $(Package/wpad/install) > Package/wpad-openssl/install = $(Package/wpad/install) > Package/wpad-wolfssl/install = $(Package/wpad/install) > @@ -622,6 +641,7 @@ $(eval $(call BuildPackage,wpad)) > $(eval $(call BuildPackage,wpad-mesh-openssl)) > $(eval $(call BuildPackage,wpad-mesh-wolfssl)) > $(eval $(call BuildPackage,wpad-basic)) > +$(eval $(call BuildPackage,wpad-basic-wolfssl)) > $(eval $(call BuildPackage,wpad-mini)) > $(eval $(call BuildPackage,wpad-openssl)) > $(eval $(call BuildPackage,wpad-wolfssl)) > > _______________________________________________ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Daniel Golle <daniel@makrotopia.org> [2020-07-24 15:51:27]: Hi, > On Fri, Jul 24, 2020 at 04:29:38PM +0200, Petr Štetiar wrote: > > Add package which provides wpad with WPA-PSK, SAE (WPA3-Personal), > > 802.11r and 802.11w support. > > I think this should be merged with wpad-mesh. It's almost the same, but > only adds support for 802.11s mesh in addition. I don't think so, wpad-mesh is using full config which is noticeable: Measured on openwrt-ath79-nand-8dev_rambutan-squashfs-factory.bin 5373952 bytes with wpad-basic-wolfssl 5636096 bytes with wpad-mesh ------- 262144 bytes difference seems quite a lot to me. -- ynezz
On Sat, Jul 25, 2020 at 10:44:46AM +0200, Petr Štetiar wrote: > Daniel Golle <daniel@makrotopia.org> [2020-07-24 15:51:27]: > > Hi, > > > On Fri, Jul 24, 2020 at 04:29:38PM +0200, Petr Štetiar wrote: > > > Add package which provides wpad with WPA-PSK, SAE (WPA3-Personal), > > > 802.11r and 802.11w support. > > > > I think this should be merged with wpad-mesh. It's almost the same, but > > only adds support for 802.11s mesh in addition. > > I don't think so, wpad-mesh is using full config which is noticeable: > > Measured on openwrt-ath79-nand-8dev_rambutan-squashfs-factory.bin > > 5373952 bytes with wpad-basic-wolfssl > 5636096 bytes with wpad-mesh > ------- > 262144 bytes difference > > seems quite a lot to me. Oh, that's much more than I've expected. Probably because CONFIG_AP pulls quite a lot of stuff and isn't enabled in wpad-basic. I thought that'd be the same symbols as already contained in hostapd and hence the multi-call wpad would not contain them twice... Possibly my imagination of what actually comes out of the linker and compiler was a bit naiiv in that regard. > > -- ynezz > > _______________________________________________ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/mailman/listinfo/openwrt-devel
diff --git a/include/target.mk b/include/target.mk index aba477e83b8b..6ed6565bdaa2 100644 --- a/include/target.mk +++ b/include/target.mk @@ -56,7 +56,7 @@ endif DEFAULT_PACKAGES += $(DEFAULT_PACKAGES.$(DEVICE_TYPE)) filter_packages = $(filter-out -% $(patsubst -%,%,$(filter -%,$(1))),$(1)) -extra_packages = $(if $(filter wpad-mini wpad-basic wpad nas,$(1)),iwinfo) +extra_packages = $(if $(filter wpad-mini wpad-basic wpad-basic-wolfssl wpad nas,$(1)),iwinfo) define ProfileDefault NAME:= diff --git a/package/network/services/hostapd/Config.in b/package/network/services/hostapd/Config.in index 81a374c6525a..aa2a4bc41b5b 100644 --- a/package/network/services/hostapd/Config.in +++ b/package/network/services/hostapd/Config.in @@ -13,6 +13,7 @@ config WPA_RFKILL_SUPPORT PACKAGE_wpad-openssl || \ PACKAGE_wpad-wolfssl || \ PACKAGE_wpad-basic || \ + PACKAGE_wpad-basic-wolfssl || \ PACKAGE_wpad-mini || \ PACKAGE_wpad-mesh-openssl || \ PACKAGE_wpad-mesh-wolfssl @@ -32,6 +33,7 @@ config WPA_MSG_MIN_PRIORITY PACKAGE_wpad-openssl || \ PACKAGE_wpad-wolfssl || \ PACKAGE_wpad-basic || \ + PACKAGE_wpad-basic-wolfssl || \ PACKAGE_wpad-mini || \ PACKAGE_wpad-mesh-openssl || \ PACKAGE_wpad-mesh-wolfssl diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile index d754f19857ea..df1a80d3dabb 100644 --- a/package/network/services/hostapd/Makefile +++ b/package/network/services/hostapd/Makefile @@ -109,6 +109,13 @@ ifeq ($(LOCAL_VARIANT),full) endif endif +ifeq ($(LOCAL_VARIANT),basic) + ifeq ($(SSL_VARIANT),wolfssl) + DRIVER_MAKEOPTS += CONFIG_TLS=wolfssl CONFIG_SAE=y + TARGET_LDFLAGS += -lwolfssl + endif +endif + ifneq ($(LOCAL_TYPE),hostapd) ifeq ($(LOCAL_VARIANT),mesh) ifeq ($(SSL_VARIANT),openssl) @@ -248,6 +255,17 @@ define Package/wpad-basic/description This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, 802.11r and 802.11w support. endef +define Package/wpad-basic-wolfssl +$(call Package/wpad/Default,$(1)) + TITLE+= (WPA3-Personal, 11r and 11w) + VARIANT:=wpad-basic-wolfssl + DEPENDS+=+libwolfssl +endef + +define Package/wpad-basic-wolfssl/description + This package contains a basic IEEE 802.1x/WPA Authenticator and Supplicant with WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w support. +endef + define Package/wpad-mini $(call Package/wpad/Default,$(1)) TITLE+= (WPA-PSK only) @@ -567,6 +585,7 @@ define Package/wpad/install $(LN) wpad $(1)/usr/sbin/wpa_supplicant endef Package/wpad-basic/install = $(Package/wpad/install) +Package/wpad-basic-wolfssl/install = $(Package/wpad/install) Package/wpad-mini/install = $(Package/wpad/install) Package/wpad-openssl/install = $(Package/wpad/install) Package/wpad-wolfssl/install = $(Package/wpad/install) @@ -622,6 +641,7 @@ $(eval $(call BuildPackage,wpad)) $(eval $(call BuildPackage,wpad-mesh-openssl)) $(eval $(call BuildPackage,wpad-mesh-wolfssl)) $(eval $(call BuildPackage,wpad-basic)) +$(eval $(call BuildPackage,wpad-basic-wolfssl)) $(eval $(call BuildPackage,wpad-mini)) $(eval $(call BuildPackage,wpad-openssl)) $(eval $(call BuildPackage,wpad-wolfssl))
Add package which provides wpad with WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w support. Signed-off-by: Petr Štetiar <ynezz@true.cz> --- include/target.mk | 2 +- package/network/services/hostapd/Config.in | 2 ++ package/network/services/hostapd/Makefile | 20 ++++++++++++++++++++ 3 files changed, 23 insertions(+), 1 deletion(-)