From a5257fc0ee7fbb8d3899a601d198aab8dbe54673fc75ecddcf932b0459b096ce Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Wed, 16 Mar 2022 09:17:42 +0000 Subject: [PATCH] Accepting request 961609 from home:cfconrad:branches:Base:System - Adjust config * Enable SAE * Enable DPP * Enable wired driver * Enable Airtime policy support * Enable Fast Initial Link Setup (FILS) (IEEE 802.11ai) OBS-URL: https://build.opensuse.org/request/show/961609 OBS-URL: https://build.opensuse.org/package/show/Base:System/hostapd?expand=0&rev=67 --- config | 64 +++++++++++++++++++++++++++++++++++++++++++------ hostapd.changes | 10 ++++++++ 2 files changed, 67 insertions(+), 7 deletions(-) diff --git a/config b/config index f2b3b1e..35f3145 100644 --- a/config +++ b/config @@ -13,7 +13,7 @@ CONFIG_DRIVER_HOSTAP=y # Driver interface for wired authenticator -#CONFIG_DRIVER_WIRED=y +CONFIG_DRIVER_WIRED=y # Driver interface for drivers using the nl80211 kernel interface CONFIG_DRIVER_NL80211=y @@ -113,6 +113,16 @@ CONFIG_EAP_GPSK_SHA256=y # with openssl-0.9.8x-tls-extensions.patch, to add the needed functions. #CONFIG_EAP_FAST=y +# EAP-TEAP for the integrated EAP server +# Note: The current EAP-TEAP implementation is experimental and should not be +# enabled for production use. The IETF RFC 7170 that defines EAP-TEAP has number +# of conflicting statements and missing details and the implementation has +# vendor specific workarounds for those and as such, may not interoperate with +# any other implementation. This should not be used for anything else than +# experimentation and interoperability testing until those issues has been +# resolved. +#CONFIG_EAP_TEAP=y + # Wi-Fi Protected Setup (WPS) CONFIG_WPS=y # Enable UPnP support for external WPS Registrars @@ -170,7 +180,7 @@ CONFIG_IEEE80211AC=y # Add support for writing debug log to a file: -f /tmp/hostapd.log # Disabled by default. -#CONFIG_DEBUG_FILE=y +CONFIG_DEBUG_FILE=y # Send debug messages to syslog instead of stdout #CONFIG_DEBUG_SYSLOG=y @@ -255,7 +265,7 @@ CONFIG_VLAN_NETLINK=y # Should we attempt to use the getrandom(2) call that provides more reliable # yet secure randomness source than /dev/random on Linux 3.17 and newer. # Requires glibc 2.25 to build, falls back to /dev/random if unavailable. -#CONFIG_GETRANDOM=y +CONFIG_GETRANDOM=y # Should we use poll instead of select? Select is used by default. #CONFIG_ELOOP_POLL=y @@ -353,7 +363,7 @@ CONFIG_FST_TEST=y CONFIG_ACS=y # Multiband Operation support -# These extentions facilitate efficient use of multiple frequency bands +# These extensions facilitate efficient use of multiple frequency bands # available to the AP and the devices that may associate with it. CONFIG_MBO=y @@ -364,9 +374,9 @@ CONFIG_MBO=y #CONFIG_TAXONOMY=y # Fast Initial Link Setup (FILS) (IEEE 802.11ai) -#CONFIG_FILS=y +CONFIG_FILS=y # FILS shared key authentication with PFS -#CONFIG_FILS_SK_PFS=y +CONFIG_FILS_SK_PFS=y # Include internal line edit mode in hostapd_cli. This can be used to provide # limited command line editing and history support. @@ -374,8 +384,48 @@ CONFIG_WPA_CLI_EDIT=y # Opportunistic Wireless Encryption (OWE) # Experimental implementation of draft-harkins-owe-07.txt -#CONFIG_OWE=y +CONFIG_OWE=y + +# Airtime policy support +CONFIG_AIRTIME_POLICY=y # Override default value for the wpa_disable_eapol_key_retries configuration # parameter. See that parameter in hostapd.conf for more details. #CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1 + +# Wired equivalent privacy (WEP) +# WEP is an obsolete cryptographic data confidentiality algorithm that is not +# considered secure. It should not be used for anything anymore. The +# functionality needed to use WEP is available in the current hostapd +# release under this optional build parameter. This functionality is subject to +# be completely removed in a future release. +#CONFIG_WEP=y + +# Remove all TKIP functionality +# TKIP is an old cryptographic data confidentiality algorithm that is not +# considered secure. It should not be used anymore. For now, the default hostapd +# build includes this to allow mixed mode WPA+WPA2 networks to be enabled, but +# that functionality is subject to be removed in the future. +#CONFIG_NO_TKIP=y + +# Pre-Association Security Negotiation (PASN) +# Experimental implementation based on IEEE P802.11z/D2.6 and the protocol +# design is still subject to change. As such, this should not yet be enabled in +# production use. +# This requires CONFIG_IEEE80211W=y to be enabled, too. +#CONFIG_PASN=y + +# Device Provisioning Protocol (DPP) (also known as Wi-Fi Easy Connect) +CONFIG_DPP=y +# DPP version 2 support +CONFIG_DPP2=y +# DPP version 3 support (experimental and still changing; do not enable for +# production use) +#CONFIG_DPP3=y + +# Simultaneous Authentication of Equals (SAE) +CONFIG_SAE=y + +# WPA3-Enterprise (SuiteB-192) +CONFIG_SUITEB=y +CONFIG_SUITEB192=y diff --git a/hostapd.changes b/hostapd.changes index 0405fc7..6a7a354 100644 --- a/hostapd.changes +++ b/hostapd.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Fri Mar 11 21:35:37 UTC 2022 - Clemens Famulla-Conrad + +- Adjust config + * Enable SAE + * Enable DPP + * Enable wired driver + * Enable Airtime policy support + * Enable Fast Initial Link Setup (FILS) (IEEE 802.11ai) + ------------------------------------------------------------------- Mon Jan 17 08:33:09 UTC 2022 - Michael Ströder