X-Git-Url: http://git.openwrt.org/?p=openwrt%2Fstaging%2Fmkresin.git;a=blobdiff_plain;f=package%2Fnetwork%2Fservices%2Fhostapd%2Ffiles%2Fwpa_supplicant-basic.config;h=c93cf783a3fae1edc2e521044253ea6d634fce49;hp=bd02562b74154c27776d65f5cbb16942f3f3e599;hb=8af79550e6c280717660f66032d89d21007b15d2;hpb=a03219ba09a55ad49926e5c2d60ddff095fe5096 diff --git a/package/network/services/hostapd/files/wpa_supplicant-basic.config b/package/network/services/hostapd/files/wpa_supplicant-basic.config index bd02562b74..c93cf783a3 100644 --- a/package/network/services/hostapd/files/wpa_supplicant-basic.config +++ b/package/network/services/hostapd/files/wpa_supplicant-basic.config @@ -73,6 +73,12 @@ CONFIG_DRIVER_NL80211=y # Driver interface for wired Ethernet drivers CONFIG_DRIVER_WIRED=y +# Driver interface for MACsec capable Qualcomm Atheros drivers +#CONFIG_DRIVER_MACSEC_QCA=y + +# Driver interface for Linux MACsec drivers +#CONFIG_DRIVER_MACSEC_LINUX=y + # Driver interface for the Broadcom RoboSwitch family #CONFIG_DRIVER_ROBOSWITCH=y @@ -83,8 +89,8 @@ CONFIG_DRIVER_WIRED=y #LIBS += -lsocket -ldlpi -lnsl #LIBS_c += -lsocket -# Enable IEEE 802.1X Supplicant (automatically included if any EAP method is -# included) +# Enable IEEE 802.1X Supplicant (automatically included if any EAP method or +# MACsec is included) #CONFIG_IEEE8021X_EAPOL=y # EAP-MD5 @@ -103,9 +109,6 @@ CONFIG_DRIVER_WIRED=y #CONFIG_EAP_TTLS=y # EAP-FAST -# Note: If OpenSSL is used as the TLS library, OpenSSL 1.0 or newer is needed -# for EAP-FAST support. Older OpenSSL releases would need to be patched, e.g., -# with openssl-0.9.8x-tls-extensions.patch, to add the needed functions. #CONFIG_EAP_FAST=y # EAP-GTC @@ -166,6 +169,9 @@ CONFIG_DRIVER_WIRED=y # EAP-EKE #CONFIG_EAP_EKE=y +# MACsec +#CONFIG_MACSEC=y + # PKCS#12 (PFX) support (used to read private key and certificate file from # a file that usually has extension .p12 or .pfx) #CONFIG_PKCS12=y @@ -226,6 +232,9 @@ CONFIG_CTRL_IFACE=y # wpa_passphrase). This saves about 0.5 kB in code size. #CONFIG_NO_WPA_PASSPHRASE=y +# Simultaneous Authentication of Equals (SAE), WPA3-Personal +#CONFIG_SAE=y + # Disable scan result processing (ap_mode=1) to save code size by about 1 kB. # This can be used if ap_scan=1 mode is never enabled. #CONFIG_NO_SCAN_PROCESSING=y @@ -288,13 +297,13 @@ CONFIG_BACKEND=file # bridge interfaces (commit 'bridge: respect RFC2863 operational state')'). #CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y -# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS) -#CONFIG_PEERKEY=y - # IEEE 802.11w (management frame protection), also known as PMF # Driver support is also needed for IEEE 802.11w. #CONFIG_IEEE80211W=y +# Support Operating Channel Validation +#CONFIG_OCV=y + # Select TLS implementation # openssl = OpenSSL (default) # gnutls = GnuTLS @@ -343,10 +352,6 @@ CONFIG_TLS=internal #CONFIG_NDIS_EVENTS_INTEGRATED=y #PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib" -# Add support for old DBus control interface -# (fi.epitest.hostap.WPASupplicant) -#CONFIG_CTRL_IFACE_DBUS=y - # Add support for new DBus control interface # (fi.w1.hostap.wpa_supplicant1) #CONFIG_CTRL_IFACE_DBUS_NEW=y @@ -378,10 +383,6 @@ CONFIG_TLS=internal # IEEE Std 802.11r-2008 (Fast BSS Transition) for station mode CONFIG_IEEE80211R=y -# IEEE Std 802.11r-2008 (Fast BSS Transition) for AP mode (implies -# CONFIG_IEEE80211R). -#CONFIG_IEEE80211R_AP=y - # Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt) #CONFIG_DEBUG_FILE=y @@ -456,6 +457,11 @@ CONFIG_DEBUG_SYSLOG_FACILITY=LOG_DAEMON # that meet the requirements described above. CONFIG_NO_RANDOM_POOL=y +# Should we attempt to use the getrandom(2) call that provides more reliable +# yet secure randomness source than /dev/random on Linux 3.17 and newer. +# Requires glibc 2.25 to build, falls back to /dev/random if unavailable. +#CONFIG_GETRANDOM=y + # IEEE 802.11n (High Throughput) support (mainly for AP mode) #CONFIG_IEEE80211N=y @@ -497,8 +503,8 @@ CONFIG_NO_RANDOM_POOL=y # Enable TDLS support #CONFIG_TDLS=y -# Wi-Fi Direct -# This can be used to enable Wi-Fi Direct extensions for P2P using an external +# Wi-Fi Display +# This can be used to enable Wi-Fi Display extensions for P2P using an external # program to control the additional information exchanges in the messages. #CONFIG_WIFI_DISPLAY=y @@ -559,8 +565,6 @@ CONFIG_NO_RANDOM_POOL=y #CONFIG_MBO=y # Fast Initial Link Setup (FILS) (IEEE 802.11ai) -# Note: This is an experimental and not yet complete implementation. This -# should not be enabled for production use. #CONFIG_FILS=y # FILS shared key authentication with PFS #CONFIG_FILS_SK_PFS=y @@ -592,6 +596,11 @@ CONFIG_NO_RANDOM_POOL=y # Experimental implementation of draft-harkins-owe-07.txt #CONFIG_OWE=y +# Device Provisioning Protocol (DPP) +# This requires CONFIG_IEEE80211W=y to be enabled, too. (see +# wpa_supplicant/README-DPP for details) +#CONFIG_DPP=y + # uBus IPC/RPC System # Services can connect to the bus and provide methods # that can be called by other services or clients.