mirror of
https://github.com/hanwckf/immortalwrt-mt798x.git
synced 2025-01-10 03:09:08 +08:00
67d23c1c58
4383528e0 P2P: Use weighted preferred channel list for channel selection
f2c5c8d38 QCA vendor attribute to configure RX link speed threshold for roaming
94bc94b20 Add QCA vendor attribute for DO_ACS to allow using existing scan entries
b9e2826b9 P2P: Filter 6 GHz channels if peer doesn't support them
d5a9944b8 Reserve QCA vendor sub command id 206..212
ed63c286f Remove space before tab in QCA vendor commands
e4015440a ProxyARP: Clear bridge parameters on deinit only if hostapd set them
02047e9c8 hs20-osu-client: Explicit checks for snprintf() result
cd92f7f98 FIPS PRF: Avoid duplicate SHA1Init() functionality
5c87fcc15 OpenSSL: Use internal FIPS 186-2 PRF with OpenSSL 3.0
9e305878c SAE-PK: Fix build without AES-SIV
c41004d86 OpenSSL: Convert more crypto_ec_key routines to new EVP API
667a2959c OpenSSL: crypto_ec_key_get_public_key() using new EVP_PKEY API
5b97395b3 OpenSSL: crypto_ec_key_get_private_key() using new EVP_PKEY API
177ebfe10 crypto: Convert crypto_ec_key_get_public_key() to return new ec_point
26780d92f crypto: Convert crypto_ec_key_get_private_key() to return new bignum
c9c2c2d9c OpenSSL: Fix a memory leak on crypto_hash_init() error path
6d19dccf9 OpenSSL: Free OSSL_DECODER_CTX in tls_global_dh()
4f4479ef9 OpenSSL: crypto_ec_key_parse_{priv,pub}() without EC_KEY API
b092d8ee6 tests: imsi_privacy_attr
563699174 EAP-SIM/AKA peer: IMSI privacy attribute
1004fb7ee tests: Testing functionality to discard DPP Public Action frames
355069616 tests: Add forgotten files for expired IMSI privacy cert tests
b9a222cdd tests: sigma_dut and DPP curve-from-URI special functionality
fa36e7ee4 tests: sigma_dut controlled STA and EAP-AKA parameters
99165cc4b Rename wpa_supplicant imsi_privacy_key configuration parameter
dde7f90a4 tests: Update VM setup example to use Ubuntu 22.04 and UML
426932f06 tests: EAP-AKA and expired imsi_privacy_key
35eda6e70 EAP-SIM peer: Free imsi_privacy_key on an error path
1328cdeb1 Do not try to use network profile with invalid imsi_privacy_key
d1652dc7c OpenSSL: Refuse to accept expired RSA certificate
866e7b745 OpenSSL: Include rsa.h for OpenSSL 3.0
bc99366f9 OpenSSL: Drop security level to 0 with OpenSSL 3.0 when using TLS 1.0/1.1
39e662308 tests: Work around reentrant logging issues due to __del__ misuse
72641f924 tests: Clean up failed test list in parallel-vm.py
e36a7c794 tests: Support pycryptodome
a44744d3b tests: Set ECB mode for AES explicitly to work with cryptodome
e90ea900a tests: sigma_dut DPP TCP Configurator as initiator with addr from URI
ed325ff0f DPP: Allow TCP destination (address/port) to be used from peer URI
e58dabbcf tests: DPP URI with host info
37bb4178b DPP: Host information in bootstrapping URI
1142b6e41 EHT: Do not check HE PHY capability info reserved fields
7173992b9 tests: Flush scan table in ap_wps_priority to make it more robust
b9313e17e tests: Update ap_wpa2_psk_ext_delayed_ptk_rekey to match implementation
bc3699179 Use Secure=1 in PTK rekeying EAPOL-Key msg 1/4 and 2/4
d2ce1b4d6 tests: Wait for request before responding in dscp_response
Compile-tested: all versions / ath79-generic, ramips-mt7621
Run-tested: hostapd-wolfssl / ath79-generic, ramips-mt7621
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit dab91036d69bf1fd30400fcd9c3b96bf7f4f8c78)
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
105 lines
3.0 KiB
Plaintext
105 lines
3.0 KiB
Plaintext
# wpa_supplicant config
|
|
config WPA_RFKILL_SUPPORT
|
|
bool "Add rfkill support"
|
|
depends on PACKAGE_wpa-supplicant || \
|
|
PACKAGE_wpa-supplicant-openssl || \
|
|
PACKAGE_wpa-supplicant-wolfssl || \
|
|
PACKAGE_wpa-supplicant-mesh-openssl || \
|
|
PACKAGE_wpa-supplicant-mesh-wolfssl || \
|
|
PACKAGE_wpa-supplicant-basic || \
|
|
PACKAGE_wpa-supplicant-mini || \
|
|
PACKAGE_wpa-supplicant-p2p || \
|
|
PACKAGE_wpad || \
|
|
PACKAGE_wpad-openssl || \
|
|
PACKAGE_wpad-wolfssl || \
|
|
PACKAGE_wpad-basic || \
|
|
PACKAGE_wpad-basic-openssl || \
|
|
PACKAGE_wpad-basic-wolfssl || \
|
|
PACKAGE_wpad-mini || \
|
|
PACKAGE_wpad-mesh-openssl || \
|
|
PACKAGE_wpad-mesh-wolfssl
|
|
default n
|
|
|
|
config WPA_MSG_MIN_PRIORITY
|
|
int "Minimum debug message priority"
|
|
depends on PACKAGE_wpa-supplicant || \
|
|
PACKAGE_wpa-supplicant-openssl || \
|
|
PACKAGE_wpa-supplicant-wolfssl || \
|
|
PACKAGE_wpa-supplicant-mesh-openssl || \
|
|
PACKAGE_wpa-supplicant-mesh-wolfssl || \
|
|
PACKAGE_wpa-supplicant-basic || \
|
|
PACKAGE_wpa-supplicant-mini || \
|
|
PACKAGE_wpa-supplicant-p2p || \
|
|
PACKAGE_wpad || \
|
|
PACKAGE_wpad-openssl || \
|
|
PACKAGE_wpad-wolfssl || \
|
|
PACKAGE_wpad-basic || \
|
|
PACKAGE_wpad-basic-openssl || \
|
|
PACKAGE_wpad-basic-wolfssl || \
|
|
PACKAGE_wpad-mini || \
|
|
PACKAGE_wpad-mesh-openssl || \
|
|
PACKAGE_wpad-mesh-wolfssl
|
|
default 3
|
|
help
|
|
Useful values are:
|
|
0 = all messages
|
|
1 = raw message dumps
|
|
2 = most debugging messages
|
|
3 = info messages
|
|
4 = warnings
|
|
5 = errors
|
|
|
|
config WPA_WOLFSSL
|
|
bool
|
|
default PACKAGE_wpa-supplicant-wolfssl ||\
|
|
PACKAGE_wpad-wolfssl ||\
|
|
PACKAGE_wpad-basic-wolfssl || \
|
|
PACKAGE_wpad-mesh-wolfssl ||\
|
|
PACKAGE_eapol-test-wolfssl
|
|
select WOLFSSL_HAS_AES_CCM
|
|
select WOLFSSL_HAS_ARC4
|
|
select WOLFSSL_HAS_DH
|
|
select WOLFSSL_HAS_OCSP
|
|
select WOLFSSL_HAS_SESSION_TICKET
|
|
select WOLFSSL_HAS_WPAS
|
|
|
|
config DRIVER_WEXT_SUPPORT
|
|
bool
|
|
default n
|
|
|
|
config DRIVER_11N_SUPPORT
|
|
bool
|
|
default n
|
|
|
|
config DRIVER_11AC_SUPPORT
|
|
bool
|
|
default n
|
|
|
|
config DRIVER_11AX_SUPPORT
|
|
bool
|
|
default n
|
|
select WPA_MBO_SUPPORT
|
|
|
|
config WPA_ENABLE_WEP
|
|
bool "Enable support for unsecure and obsolete WEP"
|
|
help
|
|
Wired equivalent privacy (WEP) is an obsolete cryptographic data
|
|
confidentiality algorithm that is not considered secure. It should not be used
|
|
for anything anymore. The functionality needed to use WEP is available in the
|
|
current hostapd release under this optional build parameter and completely
|
|
removed in a future release.
|
|
|
|
config WPA_MBO_SUPPORT
|
|
bool "Multi Band Operation (Agile Multiband)"
|
|
default PACKAGE_wpa-supplicant || \
|
|
PACKAGE_wpa-supplicant-openssl || \
|
|
PACKAGE_wpa-supplicant-wolfssl || \
|
|
PACKAGE_wpad || \
|
|
PACKAGE_wpad-openssl || \
|
|
PACKAGE_wpad-wolfssl
|
|
help
|
|
Multi Band Operation aka (Agile Multiband) enables features
|
|
that facilitate efficient use of multiple frequency bands.
|
|
Enabling MBO on an AP using RSN requires 802.11w to be enabled.
|
|
Hostapd will refuse to start if MBO and RSN are enabled without 11w.
|