diff options
-rw-r--r-- | config/wpasupplicant/defconfig | 65 | ||||
-rw-r--r-- | rules/wpa_supplicant.make | 8 |
2 files changed, 38 insertions, 35 deletions
diff --git a/config/wpasupplicant/defconfig b/config/wpasupplicant/defconfig index eed1ccfa9..bcedf382b 100644 --- a/config/wpasupplicant/defconfig +++ b/config/wpasupplicant/defconfig @@ -109,9 +109,6 @@ CONFIG_EAP_PEAP=y CONFIG_EAP_TTLS=y # EAP-FAST -# Note: If OpenSSL is used as the TLS library, OpenSSL 1.0 or newer is needed -# for EAP-FAST support. Older OpenSSL releases would need to be patched, e.g., -# with openssl-0.9.8x-tls-extensions.patch, to add the needed functions. CONFIG_EAP_FAST=y # EAP-GTC @@ -127,10 +124,10 @@ CONFIG_EAP_OTP=y #CONFIG_EAP_PSK=y # EAP-pwd (secure authentication using only a password) -#CONFIG_EAP_PWD=y +CONFIG_EAP_PWD=y # EAP-PAX -#CONFIG_EAP_PAX=y +CONFIG_EAP_PAX=y # LEAP CONFIG_EAP_LEAP=y @@ -146,15 +143,15 @@ CONFIG_EAP_LEAP=y #CONFIG_USIM_SIMULATOR=y # EAP-SAKE -#CONFIG_EAP_SAKE=y +CONFIG_EAP_SAKE=y # EAP-GPSK -#CONFIG_EAP_GPSK=y +CONFIG_EAP_GPSK=y # Include support for optional SHA256 cipher suite in EAP-GPSK -#CONFIG_EAP_GPSK_SHA256=y +CONFIG_EAP_GPSK_SHA256=y # EAP-TNC and related Trusted Network Connect support (experimental) -#CONFIG_EAP_TNC=y +CONFIG_EAP_TNC=y # Wi-Fi Protected Setup (WPS) CONFIG_WPS=y @@ -162,12 +159,12 @@ CONFIG_WPS=y #CONFIG_WPS_ER=y # Disable credentials for an open network by default when acting as a WPS # registrar. -CONFIG_WPS_REG_DISABLE_OPEN=y +#CONFIG_WPS_REG_DISABLE_OPEN=y # Enable WPS support with NFC config method #CONFIG_WPS_NFC=y # EAP-IKEv2 -#CONFIG_EAP_IKEV2=y +CONFIG_EAP_IKEV2=y # EAP-EKE #CONFIG_EAP_EKE=y @@ -188,10 +185,10 @@ CONFIG_SMARTCARD=y #CONFIG_PCSC=y # Support HT overrides (disable HT/HT40, mask MCS rates, etc.) -#CONFIG_HT_OVERRIDES=y +CONFIG_HT_OVERRIDES=y # Support VHT overrides (disable VHT, mask MCS rates, etc.) -#CONFIG_VHT_OVERRIDES=y +CONFIG_VHT_OVERRIDES=y # Development testing #CONFIG_EAPOL_TEST=y @@ -235,6 +232,9 @@ CONFIG_WPA_CLI_EDIT=y # wpa_passphrase). This saves about 0.5 kB in code size. #CONFIG_NO_WPA_PASSPHRASE=y +# Simultaneous Authentication of Equals (SAE), WPA3-Personal +CONFIG_SAE=y + # Disable scan result processing (ap_mode=1) to save code size by about 1 kB. # This can be used if ap_scan=1 mode is never enabled. #CONFIG_NO_SCAN_PROCESSING=y @@ -301,6 +301,9 @@ CONFIG_L2_PACKET=linux # Driver support is also needed for IEEE 802.11w. CONFIG_IEEE80211W=y +# Support Operating Channel Validation +#CONFIG_OCV=y + # Select TLS implementation # openssl = OpenSSL (default) # gnutls = GnuTLS @@ -349,10 +352,6 @@ CONFIG_TLSV12=y #CONFIG_NDIS_EVENTS_INTEGRATED=y #PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib" -# Add support for old DBus control interface -# (fi.epitest.hostap.WPASupplicant) -#CONFIG_CTRL_IFACE_DBUS=y - # Add support for new DBus control interface # (fi.w1.hostap.wpa_supplicant1) #CONFIG_CTRL_IFACE_DBUS_NEW=y @@ -382,7 +381,7 @@ CONFIG_TLSV12=y #CONFIG_DYNAMIC_EAP_METHODS=y # IEEE Std 802.11r-2008 (Fast BSS Transition) for station mode -#CONFIG_IEEE80211R=y +CONFIG_IEEE80211R=y # Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt) CONFIG_DEBUG_FILE=y @@ -458,6 +457,11 @@ CONFIG_DELAYED_MIC_ERROR_REPORT=y # that meet the requirements described above. #CONFIG_NO_RANDOM_POOL=y +# Should we attempt to use the getrandom(2) call that provides more reliable +# yet secure randomness source than /dev/random on Linux 3.17 and newer. +# Requires glibc 2.25 to build, falls back to /dev/random if unavailable. +CONFIG_GETRANDOM=y + # IEEE 802.11n (High Throughput) support (mainly for AP mode) CONFIG_IEEE80211N=y @@ -473,10 +477,10 @@ CONFIG_IEEE80211AC=y # This can be used to enable functionality to improve interworking with # external networks (GAS/ANQP to learn more about the networks and network # selection based on available credentials). -#CONFIG_INTERWORKING=y +CONFIG_INTERWORKING=y # Hotspot 2.0 -#CONFIG_HS20=y +CONFIG_HS20=y # Enable interface matching in wpa_supplicant CONFIG_MATCH_IFACE=y @@ -499,8 +503,8 @@ CONFIG_P2P=y # Enable TDLS support CONFIG_TDLS=y -# Wi-Fi Direct -# This can be used to enable Wi-Fi Direct extensions for P2P using an external +# Wi-Fi Display +# This can be used to enable Wi-Fi Display extensions for P2P using an external # program to control the additional information exchanges in the messages. CONFIG_WIFI_DISPLAY=y @@ -510,9 +514,9 @@ CONFIG_WIFI_DISPLAY=y # # Enabling directly a module will enable autoscan support. # For exponential module: -#CONFIG_AUTOSCAN_EXPONENTIAL=y +CONFIG_AUTOSCAN_EXPONENTIAL=y # For periodic module: -#CONFIG_AUTOSCAN_PERIODIC=y +CONFIG_AUTOSCAN_PERIODIC=y # Password (and passphrase, etc.) backend for external storage # These optional mechanisms can be used to add support for storing passwords @@ -561,8 +565,6 @@ CONFIG_ACS=y #CONFIG_MBO=y # Fast Initial Link Setup (FILS) (IEEE 802.11ai) -# Note: This is an experimental and not yet complete implementation. This -# should not be enabled for production use. #CONFIG_FILS=y # FILS shared key authentication with PFS #CONFIG_FILS_SK_PFS=y @@ -570,7 +572,7 @@ CONFIG_ACS=y # Support RSN on IBSS networks # This is needed to be able to use mode=1 network profile with proto=RSN and # key_mgmt=WPA-PSK (i.e., full key management instead of WPA-None). -#CONFIG_IBSS_RSN=y +CONFIG_IBSS_RSN=y # External PMKSA cache control # This can be used to enable control interface commands that allow the current @@ -588,8 +590,13 @@ CONFIG_ACS=y CONFIG_BGSCAN_SIMPLE=y # Learn channels used by the network and try to avoid bgscans on other # channels (experimental) -#CONFIG_BGSCAN_LEARN=y +CONFIG_BGSCAN_LEARN=y # Opportunistic Wireless Encryption (OWE) # Experimental implementation of draft-harkins-owe-07.txt -#CONFIG_OWE=y +CONFIG_OWE=y + +# Device Provisioning Protocol (DPP) +# This requires CONFIG_IEEE80211W=y to be enabled, too. (see +# wpa_supplicant/README-DPP for details) +CONFIG_DPP=y diff --git a/rules/wpa_supplicant.make b/rules/wpa_supplicant.make index 63adf4278..05fa7616c 100644 --- a/rules/wpa_supplicant.make +++ b/rules/wpa_supplicant.make @@ -17,8 +17,8 @@ PACKAGES-$(PTXCONF_WPA_SUPPLICANT) += wpa_supplicant # Paths and names # WPA_SUPPLICANT_NAME := wpa_supplicant -WPA_SUPPLICANT_VERSION := 2.7 -WPA_SUPPLICANT_MD5 := a68538fb62766f40f890125026c42c10 +WPA_SUPPLICANT_VERSION := 2.8 +WPA_SUPPLICANT_MD5 := 0af5998c5d924e985cab16b9a1c77904 WPA_SUPPLICANT := $(WPA_SUPPLICANT_NAME)-$(WPA_SUPPLICANT_VERSION) WPA_SUPPLICANT_SUFFIX := tar.gz WPA_SUPPLICANT_URL := https://w1.fi/releases/$(WPA_SUPPLICANT).$(WPA_SUPPLICANT_SUFFIX) @@ -70,8 +70,6 @@ $(STATEDIR)/wpa_supplicant.install: @install -vD -m 644 "$(WPA_SUPPLICANT_DIR)/$(WPA_SUPPLICANT_SUBDIR)/dbus/dbus-wpa_supplicant.conf" \ "$(WPA_SUPPLICANT_PKGDIR)/usr/share/dbus-1/system.d/wpa_supplicant.conf" - @install -vD -m 644 "$(WPA_SUPPLICANT_DIR)/$(WPA_SUPPLICANT_SUBDIR)/dbus/fi.epitest.hostap.WPASupplicant.service" \ - "$(WPA_SUPPLICANT_PKGDIR)/usr/share/dbus-1/system-services/fi.epitest.hostap.WPASupplicant.service" @install -vD -m 644 "$(WPA_SUPPLICANT_DIR)/$(WPA_SUPPLICANT_SUBDIR)/dbus/fi.w1.wpa_supplicant1.service" \ "$(WPA_SUPPLICANT_PKGDIR)/usr/share/dbus-1/system-services/fi.w1.wpa_supplicant1.service" @@ -109,8 +107,6 @@ ifdef PTXCONF_WPA_SUPPLICANT_CTRL_IFACE_DBUS @$(call install_alternative, wpa_supplicant, 0, 0, 0644, \ /usr/share/dbus-1/system.d/wpa_supplicant.conf) @$(call install_alternative, wpa_supplicant, 0, 0, 0644, \ - /usr/share/dbus-1/system-services/fi.epitest.hostap.WPASupplicant.service) - @$(call install_alternative, wpa_supplicant, 0, 0, 0644, \ /usr/share/dbus-1/system-services/fi.w1.wpa_supplicant1.service) endif ifdef PTXCONF_INITMETHOD_SYSTEMD |