summaryrefslogtreecommitdiff
path: root/hostapd/Android.mk
Commit message (Collapse)AuthorAgeFilesLines
* Fix key derivation for Suite B 192-bit AKM to use SHA384Jouni Malinen2015-08-271-0/+1
| | | | | | | | | While the EAPOL-Key MIC derivation was already changed from SHA256 to SHA384 for the Suite B 192-bit AKM, KDF had not been updated similarly. Fix this by using HMAC-SHA384 instead of HMAC-SHA256 when deriving PTK from PMK when using the Suite B 192-bit AKM. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add build option to remove all internal RC4 usesJouni Malinen2015-08-021-0/+6
| | | | | | | | | | | | The new CONFIG_NO_RC4=y build option can be used to remove all internal hostapd and wpa_supplicant uses of RC4. It should be noted that external uses (e.g., within a TLS library) do not get disabled when doing this. This removes capability of supporting WPA/TKIP, dynamic WEP keys with IEEE 802.1X, WEP shared key authentication, and MSCHAPv2 password changes. Signed-off-by: Jouni Malinen <j@w1.fi>
* OpenSSL: Add SHA256 support in openssl_tls_prf() for TLSv1.2Jouni Malinen2015-07-281-0/+2
| | | | | | | | This is needed when enabling TLSv1.2 support for EAP-FAST since the SSL_export_keying_material() call does not support the needed parameters for TLS PRF and the external-to-OpenSSL PRF needs to be used instead. Signed-off-by: Jouni Malinen <j@w1.fi>
* hostapd: Add build options for selecting eloop typeJouni Malinen2015-07-231-0/+9
| | | | | | | | This adds CONFIG_ELOOP_POLL=y and CONFIG_ELOOP_EPOLL=y options to hostapd build options similarly to how these were implemented for wpa_supplicant. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* FST: Testing supportAnton Nayshtut2015-07-161-0/+3
| | | | | | This patch introduces infrastructure needed for FST module tests. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* FST: Add build rules for hostapdAnton Nayshtut2015-07-161-0/+13
| | | | | | This patch integrates the FST into the hostapd. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Android: Rename ANDROID_P2P_STUB to ANDROID_LIB_STUBKevin Cernekee2015-06-261-1/+2
| | | | | | | | | | If BOARD_HOSTAPD_PRIVATE_LIB is not used on an Android build, we will need to replace both the p2p functions *and* wpa_driver_nl80211_driver_cmd in order to successfully link. Let's make the name more generic so it is more obvious what it is used for. Suggested-by: Dmitry Shmidt <dimitrysh@google.com> Signed-off-by: Kevin Cernekee <cernekee@google.com>
* Clear allocated debug message buffers explicitlyJouni Malinen2015-06-171-0/+1
| | | | | | | | | | | | When hostapd or wpa_supplicant is run in debug more with key material prints allowed (-K on the command line), it is possible for passwords and keying material to show up in debug prints. Since some of the debug cases end up allocating a temporary buffer from the heap for processing purposes, a copy of such password may remain in heap. Clear these temporary buffers explicitly to avoid causing issues for hwsim test cases that verify contents of memory against unexpected keys. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* OpenSSL: Implement AES-128 CBC using EVP APIJouni Malinen2015-03-291-0/+2
| | | | | | | | This replaces the internal CBC mode implementation in aes_128_cbc_encrypt() and aes_128_cbc_decrypt() with the OpenSSL implementation for CONFIG_TLS=openssl builds. Signed-off-by: Jouni Malinen <j@w1.fi>
* Fix hlr_auc_gw build with OpenSSLJouni Malinen2015-03-201-0/+2
| | | | | | | | Commit 983c6a606bc839248ea0c69090e60c095a655bc6 ('OpenSSL: Replace internal HMAC-MD5 implementation') forgot to make inclusion of md5.o conditional for hlr_auc_gw build. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Remove SChannel supportJouni Malinen2015-03-181-11/+0
| | | | | | | | | SChannel/CryptoAPI as a TLS/crypto library alternative was never completed. Critical functionality is missing and there are bugs in this implementation. Since there are no known plans of completing this support, it is better to remove this code. Signed-off-by: Jouni Malinen <j@w1.fi>
* OpenSSL: Implement aes_wrap() and aes_unwrap()Jouni Malinen2015-01-281-0/+4
| | | | | | | | This replaces the implementation in aes-wrap.c and aes-unwrap.c with OpenSSL AES_wrap_key() and AES_unwrap_key() functions when building hostapd or wpa_supplicant with OpenSSL. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* OpenSSL: Replace internal HMAC-MD5 implementationJouni Malinen2015-01-281-2/+4
| | | | | | | Use OpenSSL HMAC_* functions to implement HMAC-MD5 instead of depending on the src/crypto/md5.c implementation. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add Suite B 192-bit AKMJouni Malinen2015-01-271-0/+5
| | | | | | | WPA-EAP-SUITE-B-192 can now be used to select 192-bit level Suite B into use as the key management method. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add HMAC-SHA384Jouni Malinen2015-01-271-0/+3
| | | | | | For now, this is only implemented with OpenSSL. Signed-off-by: Jouni Malinen <j@w1.fi>
* Remove Network Security Service (NSS) supportJouni Malinen2015-01-111-16/+0
| | | | | | | | | | NSS as a TLS/crypto library alternative was never completed and this barely functional code does not even build with the current NSS version. Taken into account that there has not been much interest in working on this crypto wrapper over the years, it is better to just remove this code rather than try to get it into somewhat more functional state. Signed-off-by: Jouni Malinen <j@w1.fi>
* Introduce common hw featuresJanusz Dziedzic2015-01-101-0/+1
| | | | | | Introduce wpa_supplicant/hostapd hw features. Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
* Android: Add Hotspot 2.0 into hostapd makefileJouni Malinen2014-11-251-0/+14
| | | | | | | This makes the Android.mk for hostapd match the Makefile changes for optional Hotspot 2.0 support. Signed-off-by: Jouni Malinen <j@w1.fi>
* Suite B: PMKID derivation for AKM 00-0F-AC:11Jouni Malinen2014-11-161-0/+6
| | | | | | | | | The new AKM uses a different mechanism of deriving the PMKID based on KCK instead of PMK. hostapd was already doing this after the KCK had been derived, but wpa_supplicant functionality needs to be moved from processing of EAPOL-Key frame 1/4 to 3/4 to have the KCK available. Signed-off-by: Jouni Malinen <j@w1.fi>
* AP: Add support for BSS load element (STA Count, Channel Utilization)Kyeyoon Park2014-10-211-0/+1
| | | | | | | | | | | | | | | The new "bss_load_update_period" parameter can be used to configure hostapd to advertise its BSS Load element in Beacon and Probe Response frames. This parameter is in the units of BUs (Beacon Units). When enabled, the STA Count and the Channel Utilization value will be updated periodically in the BSS Load element. The AAC is set to 0 sinze explicit admission control is not supported. Channel Utilization is calculated based on the channel survey information from the driver and as such, requires a driver that supports providing that information for the current operating channel. Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
* Android: Use extended P2P functionality (ANDROID_P2P) for all vendorsDmitry Shmidt2014-04-291-9/+3
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* Android: Disable unused parameter warningsGreg Hackmann2014-04-241-0/+3
| | | | | | | This avoids large number of undesired compiler warnings since Android build system is added -Wextra. Signed-off-by: Greg Hackmann <ghackmann@google.com>
* WPS: Enable WSC 2.0 support unconditionallyJouni Malinen2014-03-251-4/+0
| | | | | | | | | There is not much point in building devices with WPS 1.0 only supported nowadays. As such, there is not sufficient justification for maintaining extra complexity for the CONFIG_WPS2 build option either. Remove this by enabling WSC 2.0 support unconditionally. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Use internal FIPS 186-2 PRF if neededJouni Malinen2014-03-111-2/+4
| | | | | | | | | | | | Previously, EAP-SIM/AKA/AKA' did not work with number of crypto libraries (GnuTLS, CryptoAPI, NSS) since the required FIPS 186-2 PRF function was not implemented. This resulted in somewhat confusing error messages since the placeholder functions were silently returning an error. Fix this by using the internal implementation of FIP 186-2 PRF (including internal SHA-1 implementation) with crypto libraries that do not implement this in case EAP-SIM/AKA/AKA' is included in the build. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* HS 2.0R2: Add common OSEN definitionsJouni Malinen2014-02-261-0/+4
| | | | Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Android: Use external libnl 2.0 dynamic libraryDmitry Shmidt2014-02-191-0/+8
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* Android: Remove hostapd dump_file functionalityDmitry Shmidt2014-01-141-1/+0
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* Fix EAP-GPSK server compilation for SHA256 cipher suiteJouni Malinen2014-01-071-1/+1
| | | | | | | | Need to use common EAP_GPSK_SHA256 define for this instead of the server-specific EAP_SERVER_GPSK_SHA256 which was not really used anywhere. Signed-hostap: Jouni Malinen <j@w1.fi>
* Remove hostapd dump_file functionalityJouni Malinen2014-01-021-2/+3
| | | | | | | | | | This debugging mechanism has now been deprecated by the control interface commands that can be used to fetch same internal information from hostapd in a more convenient way. Leave the empty USR1 signal handler and configuration file parameter for backwards compatibility. They can be removed in future versions of hostapd. Signed-hostap: Jouni Malinen <j@w1.fi>
* Android: Sync Android.mk with MakefileJouni Malinen2013-11-081-0/+4
| | | | | | | This brings in commit 0648c3b8f5c38bc2206758738278e074f6f5b11b changes to add Linux tracing option for hostapd. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Android: Sync Android.mk with MakefileJouni Malinen2013-11-081-4/+0
| | | | | | | This brings in commit fd2f2d0489635d590930bc0945fbc438ba1387e2 changes to remove optional gnutls-extra dependency. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Android: Set proper path to keystore include dirDmitry Shmidt2013-11-081-4/+1
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* Android: Add CONFIG_ACS option to makefileDmitry Shmidt2013-11-081-0/+6
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* Android: Add liblogYing Wang2013-11-081-2/+2
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* Android: Restore OpenSSL ENGINE supportKenny Root2013-11-081-3/+0
| | | | | | We now use an OpenSSL ENGINE to support keystore functionality. Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* Android: Remove obsolete WPA_UNICODE_SSID defineDmitry Shmidt2013-11-081-3/+0
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* hostapd: Allow hostapd_cli to work on AndroidJeff Johnson2013-11-081-0/+4
| | | | | | | | Add definitions of the Android specific directories used for control interface sockets so that hostapd_cli can connect to the Android hostapd. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Android: Add ANDROID_P2P define under BOARD_WLAN_DEVICEDmitry Shmidt2013-11-071-0/+12
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* Android: Fix CFLAGS -> L_CFLAGSDmitry Shmidt2013-11-071-1/+1
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* Android: Add dfs.c into buildJouni Malinen2013-10-181-0/+1
| | | | | | | This fixes Android build after commit e76da5052980f301fe61f2fc0e1e7a5789716061 that added the new dfs.c file. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* EAP-EKE: Add server implementationJouni Malinen2013-07-071-0/+7
| | | | | | This adds a new password-based EAP method defined in RFC 6124. Signed-hostap: Jouni Malinen <j@w1.fi>
* Android: Clarify keystore include directoriesJouni Malinen2013-05-181-0/+3
| | | | | | | | | This updates hostapd to build using the new keystore header file location and adds a note that the old frameworks/base/cmds/keystore can be removed at some point in the future when old Android releases do not need to be supported. Signed-hostap: Jouni Malinen <j@w1.fi>
* Android: Use CONFIG_WNM mode consistentlyJouni Malinen2013-03-171-6/+2
| | | | | | | | Replace CONFIG_IEEE80211V with CONFIG_WNM to get more consistent build options for WNM-Sleep Mode operations. This is similar to the Makefile change in commit ad3872a3720df13d8fc1a4345a5f0a8c3a204b4e. Signed-hostap: Jouni Malinen <j@w1.fi>
* Android: Update Android.mk based on Makefile changesJouni Malinen2013-03-171-1/+52
| | | | | | | This brings the Android makefiles a bit closer to the Makefile changes that had been missed in the past. Signed-hostap: Jouni Malinen <j@w1.fi>
* SAE: Add support for FFC groupsJouni Malinen2013-01-121-0/+1
| | | | | | | | | | This allows FFC groups to be used with SAE. Though, these groups are not included in the default sae_groups value based on what is available since the FFC groups have the additional requirement of using a safe prime with the current implementation (or specification of the group order). Signed-hostap: Jouni Malinen <j@w1.fi>
* SAE: Use crypto wrappers instead of direct OpenSSL callsJouni Malinen2013-01-121-0/+5
| | | | | | | This makes the SAE implementation independent of the crypto/bignum library. Signed-hostap: Jouni Malinen <j@w1.fi>
* SAE: Add generation of the commit message fieldsJouni Malinen2013-01-121-0/+1
| | | | | | | This adds derivation of PWE and the needed commit values so that the full SAE commit message can be built. Signed-hostap: Jouni Malinen <j@w1.fi>
* Android: Fix AP builds to include the new eap_user_db.cJouni Malinen2012-11-211-0/+1
| | | | | | | This is needed to fix the builds after commit ee431d77a51b361b4697f2b737bcf46a1860a6fe. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS: Remove deprecated UFD config method and OOB ctrl_ifaceJouni Malinen2012-11-111-6/+0
| | | | | | | | | | The UFD (USB flash drive) configuration method was deprecated in WSC 2.0. Since this is not known to be used, remove the UFD implementation from hostapd and wpa_supplicant to allow the WPS implementation to be cleaned up. This removes the now unused OOB operations and ctrl_iface commands that had already been deprecated by the new NFC operations. Signed-hostap: Jouni Malinen <j@w1.fi>
* WPS: Remove old OOB NFC interfaceJouni Malinen2012-10-281-9/+0
| | | | | | | | | | The old WPS interface for using NFC has no known deployments and even the binary libraries referenced here are not easily available anymore. Since the new interface for using NFC with WPS covers the same functionality, remove the old implementation to clean up WPS implementation. Signed-hostap: Jouni Malinen <j@w1.fi>