Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 28 Apr 2012 11:11:54 +0000 (UTC)
From:      Bernhard Schmidt <bschmidt@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r234759 - in head/usr.sbin/wpa: . hostapd wpa_supplicant
Message-ID:  <201204281111.q3SBBsHm057989@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: bschmidt
Date: Sat Apr 28 11:11:53 2012
New Revision: 234759
URL: http://svn.freebsd.org/changeset/base/234759

Log:
  Move crypto stuff into a common Makefile.  While here fix the
  WITHOUT_OPENSSL build by using the wpa's internal crypto support if
  openssl is not available, this allows us to unconditionally enable
  EAP support.
  
  MFC after:	2 weeks

Added:
  head/usr.sbin/wpa/Makefile.crypto   (contents, props changed)
Modified:
  head/usr.sbin/wpa/hostapd/Makefile
  head/usr.sbin/wpa/wpa_supplicant/Makefile

Added: head/usr.sbin/wpa/Makefile.crypto
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/usr.sbin/wpa/Makefile.crypto	Sat Apr 28 11:11:53 2012	(r234759)
@@ -0,0 +1,121 @@
+# $FreeBSD$
+
+.if ${MK_OPENSSL} != "no" && !defined(RELEASE_CRUNCH)
+SRCS+=	crypto_openssl.c
+DPADD+=	${LIBSSL} ${LIBCRYPTO}
+LDADD+=	-lssl -lcrypto
+.else
+CFLAGS+=-DCONFIG_CRYPTO_INTERNAL
+SRCS+=	crypto_internal.c
+CONFIG_INTERNAL_AES=y
+CONFIG_INTERNAL_DES=y
+CONFIG_INTERNAL_MD4=y
+CONFIG_INTERNAL_MD5=y
+CONFIG_INTERNAL_RC4=y
+CONFIG_INTERNAL_SHA1=y
+CONFIG_INTERNAL_SHA256=y
+CONFIG_INTERNAL_TLS=y
+NEED_AES_ENC=true
+.endif
+
+.if defined(TLS_FUNCS)
+NEED_TLS_PRF=y
+.if defined(CONFIG_INTERNAL_TLS)
+CFLAGS+=-DCONFIG_INTERNAL_LIBTOMMATH \
+	-DCONFIG_TLS_INTERNAL_CLIENT
+SRCS+=	asn1.c \
+	bignum.c \
+	crypto_internal-cipher.c \
+	crypto_internal-modexp.c \
+	crypto_internal-rsa.c \
+	pkcs1.c \
+	pkcs5.c \
+	pkcs8.c \
+	rsa.c \
+	tls_internal.c \
+	tlsv1_common.c \
+	tlsv1_record.c \
+	tlsv1_cred.c \
+	tlsv1_client.c \
+	tlsv1_client_write.c \
+	tlsv1_client_read.c \
+	x509v3.c
+NEED_DES=y
+NEED_MD4=y
+NEED_RC4=y
+.else
+CFLAGS+=-DEAP_TLS_OPENSSL
+SRCS+=	tls_openssl.c
+.endif
+.endif
+
+.if defined(CONFIG_INTERNAL_AES)
+SRCS+=	aes-internal.c \
+	aes-internal-dec.c \
+	aes-internal-enc.c
+.endif
+
+.if defined(NEED_AES_CBC)
+SRCS+=	aes-cbc.c
+.endif
+
+.if defined(NEED_AES_EAX)
+SRCS+=	aes-eax.c
+NEED_AES_CTR=y
+.endif
+
+.if defined(NEED_AES_CTR)
+SRCS+=	aes-ctr.c
+.endif
+
+.if defined(NEED_AES_ENCBLOCK)
+SRCS+=	aes-encblock.c
+.endif
+
+.if defined(NEED_AES_OMAC1)
+SRCS+=	aes-omac1.c
+.endif
+
+.if defined(NEED_DES)
+.if defined(CONFIG_INTERNAL_DES)
+SRCS+=	des-internal.c
+.endif
+.endif
+
+.if defined(NEED_MD4)
+.if defined(CONFIG_INTERNAL_MD4)
+SRCS+=	md4-internal.c
+.endif
+.endif
+
+.if defined(CONFIG_INTERNAL_MD5)
+SRCS+=	md5-internal.c
+.endif
+
+.if defined(NEED_FIPS186_2_PRF)
+.if defined(CONFIG_INTERNAL_SHA1)
+SRCS+=	fips_prf_internal.c
+.else
+SRCS+=	fips_prf_openssl.c
+.endif
+.endif
+
+.if defined(CONFIG_INTERNAL_RC4)
+SRCS+=	rc4.c
+.endif
+
+.if defined(CONFIG_INTERNAL_SHA1)
+SRCS+=	sha1-internal.c
+.endif
+
+.if defined(NEED_SHA256)
+CFLAGS+=-DCONFIG_SHA256
+SRCS+=	sha256.c
+.if defined(CONFIG_INTERNAL_SHA256)
+SRCS+=	sha256-internal.c
+.endif
+.endif
+
+.if defined(NEED_TLS_PRF)
+SRCS+=	sha1-tlsprf.c
+.endif

Modified: head/usr.sbin/wpa/hostapd/Makefile
==============================================================================
--- head/usr.sbin/wpa/hostapd/Makefile	Sat Apr 28 11:02:32 2012	(r234758)
+++ head/usr.sbin/wpa/hostapd/Makefile	Sat Apr 28 11:11:53 2012	(r234759)
@@ -11,10 +11,10 @@ SRCS=	accounting.c \
 	ap_drv_ops.c \
 	ap_mlme.c \
 	authsrv.c \
+	base64.c \
 	chap.c \
 	common.c \
 	config_file.c \
-	crypto_openssl.c \
 	ctrl_iface.c \
 	ctrl_iface_ap.c \
 	drivers.c \
@@ -42,7 +42,6 @@ SRCS=	accounting.c \
 	radius.c \
 	radius_client.c \
 	sha1-pbkdf2.c \
-	sha1-tlsprf.c \
 	sha1.c \
 	sta_info.c \
 	tkip_countermeasures.c \
@@ -73,8 +72,8 @@ CFLAGS+=-DCONFIG_DRIVER_BSD \
 CFLAGS+= -DCONFIG_IPV6
 .endif
 #CFLAGS+= -g
-DPADD+=	${LIBPCAP} ${LIBSSL}
-LDADD+=	-lpcap -lssl
+DPADD+=	${LIBPCAP}
+LDADD+=	-lpcap
 
 # User customizations for wpa_supplicant/hostapd build environment
 CFLAGS+=${HOSTAPD_CFLAGS}
@@ -82,8 +81,6 @@ CFLAGS+=${HOSTAPD_CFLAGS}
 LDADD+=${HOSTAPD_LDADD}
 #LDFLAGS+=${HOSTAPD_LDFLAGS}
 
-.if ${MK_OPENSSL} != "no" && !defined(RELEASE_CRUNCH)
-
 CFLAGS+=-DDPKCS12_FUNCS \
 	-DEAP_SERVER \
 	-DEAP_SERVER_GTC \
@@ -103,33 +100,32 @@ SRCS+=	dump_state.c \
 	eap_server_peap.c \
 	eap_server_tls.c \
 	eap_server_tls_common.c \
-	eap_server_ttls.c \
-	tls_openssl.c
+	eap_server_ttls.c
+TLS_FUNCS=y
+NEED_SHA256=y
 
 .if !empty(CFLAGS:M*-DEAP_SERVER_AKA)
-NEED_SIM_COMMON=	true
-NEED_SHA256=	true
 SRCS+=	eap_server_aka.c
+NEED_SIM_COMMON=y
 .endif
 
 .if !empty(CFLAGS:M*-DEAP_SERVER_SIM)
-NEED_SIM_COMMON=	true
 SRCS+=	eap_server_sim.c
+NEED_SIM_COMMON=y
 .endif
 
 .if defined(NEED_SIM_COMMON)
 SRCS+=	eap_sim_common.c \
 	eap_sim_db.c
-NEED_AES_CBC=	true
-NEED_FIPS186_2_PRF=	true
+NEED_AES_CBC=y
+NEED_FIPS186_2_PRF=y
 .endif
 
 .if !empty(CFLAGS:M*-DEAP_SERVER_GPSK)
 CFLAGS+=-DEAP_GPSK_SHA256
 SRCS+=	eap_server_gpsk.c \
 	eap_gpsk_common.c
-NEED_SHA256=	true
-NEED_AES_OMAC1=	true
+NEED_AES_OMAC1=y
 .endif
 
 .if !empty(CFLAGS:M*-DEAP_SERVER_PAX)
@@ -142,34 +138,6 @@ SRCS+=	eap_server_sake.c \
 	eap_sake_common.c
 .endif
 
-DPADD+= ${LIBSSL} ${LIBCRYPTO}
-LDADD+= -lssl -lcrypto
-.else
-NEED_TLS_NONE=	true
-.endif
-
-.if defined(NEED_AES_CBC)
-SRCS+=	aes-cbc.c
-.endif
-
-.if defined(NEED_AES_OMAC1)
-SRCS+=	aes-omac1.c
-.endif
-
-.if defined(NEED_FIPS186_2_PRF)
-SRCS+=	fips_prf_openssl.c
-.endif
-
-.if defined(NEED_SHA256)
-SRCS+=	sha256.c
-.endif
-
-.if defined(NEED_TLS_NONE)
-CFLAGS+= -DEAP_TLS_NONE
-CFLAGS+= -DINTERNAL_AES
-CFLAGS+= -DINTERNAL_SHA1
-CFLAGS+= -DINTERNAL_MD5
-SRCS+=	tls_none.c
-.endif
+.include "${.CURDIR}/../Makefile.crypto"
 
 .include <bsd.prog.mk>

Modified: head/usr.sbin/wpa/wpa_supplicant/Makefile
==============================================================================
--- head/usr.sbin/wpa/wpa_supplicant/Makefile	Sat Apr 28 11:02:32 2012	(r234758)
+++ head/usr.sbin/wpa/wpa_supplicant/Makefile	Sat Apr 28 11:11:53 2012	(r234759)
@@ -5,14 +5,7 @@
 .PATH.c:${WPA_DISTDIR}/src/drivers
 
 PROG=	wpa_supplicant
-SRCS=	aes-cbc.c \
-	aes-ctr.c \
-	aes-eax.c \
-	aes-encblock.c \
-	aes-internal.c \
-	aes-omac1.c \
-	aes-unwrap.c \
-	aes-wrap.c \
+SRCS=	aes-unwrap.c \
 	base64.c \
 	blacklist.c \
 	bss.c \
@@ -36,8 +29,6 @@ SRCS=	aes-cbc.c \
 	preauth.c \
 	scan.c \
 	sha1-pbkdf2.c \
-	sha1-tlsprf.c \
-	sha1-tprf.c \
 	sha1.c \
 	wpa.c \
 	wpa_common.c \
@@ -78,9 +69,6 @@ LDADD+=${WPA_SUPPLICANT_LDADD}
 #LDFLAGS+=${WPA_SUPPLICANT_LDFLAGS}
 
 .if ${MK_WPA_SUPPLICANT_EAPOL} != "no"
-
-.if ${MK_OPENSSL} != "no" && !defined(RELEASE_CRUNCH)
-
 CFLAGS+=-DEAP_GTC \
 	-DEAP_LEAP \
 	-DEAP_MD5 \
@@ -89,13 +77,9 @@ CFLAGS+=-DEAP_GTC \
 	-DEAP_PEAP \
 	-DEAP_PSK \
 	-DEAP_TLS \
-	-DEAP_TLV \
-	-DEAP_TLS_FUNCS \
-	-DEAP_TLS_OPENSSL \
 	-DEAP_TTLS \
 	-DIEEE8021X_EAPOL
 SRCS+=	chap.c \
-	crypto_openssl.c \
 	eap.c \
 	eap_common.c \
 	eap_gtc.c \
@@ -113,21 +97,29 @@ SRCS+=	chap.c \
 	eap_ttls.c \
 	eapol_supp_sm.c \
 	ms_funcs.c \
-	mschapv2.c \
-	tls_openssl.c
+	mschapv2.c
+TLS_FUNCS=y
+NEED_AES_EAX=y
+NEED_AES_ENCBLOCK=y
+NEED_AES_OMAC1=y
+NEED_SHA256=y
+.endif
 
 .if !empty(CFLAGS:M*-DEAP_AKA)
-NEED_SIM_COMMON=	true
 SRCS+=	eap_aka.c
+NEED_SIM_COMMON=y
+NEED_AES_CBC=y
 .endif
 
 .if !empty(CFLAGS:M*-DEAP_SIM)
-NEED_SIM_COMMON=	true
 SRCS+=	eap_sim.c
+NEED_SIM_COMMON=y
+NEED_AES_CBC=y
 .endif
 
 .if defined(NEED_SIM_COMMON)
 SRCS+=	eap_sim_common.c
+NEED_FIPS186_2_PRF=y
 .endif
 
 # PC/SC interface for smartcards (USIM, GSM SIM)
@@ -147,7 +139,7 @@ LDADD+=-lpcsclite -lpthread
 CFLAGS+=-DEAP_GPSK_SHA256
 SRCS+=	eap_gpsk.c \
 	eap_gpsk_common.c
-NEED_SHA256=	true
+NEED_AES_OMAC1=y
 .endif
 
 .if !empty(CFLAGS:M*-DEAP_PAX)
@@ -160,32 +152,6 @@ SRCS+=	eap_sake.c \
 	eap_sake_common.c
 .endif
 
-NEED_LIBSSL=	true
-.else
-CFLAGS+= -DEAP_TLS_NONE
-SRCS+=	tls_none.c
-.endif
-
-.endif
-
-#
-# Configure crypto/cipher support.
-#
-# EAPOL support requires openssl in which case we use their
-# cipher code.  Otherwise we use our internal versions.
-#
-.if !defined(NEED_LIBSSL)
-CFLAGS+= -DINTERNAL_AES
-CFLAGS+= -DINTERNAL_SHA1
-CFLAGS+= -DINTERNAL_MD5
-.else
-DPADD+= ${LIBSSL} ${LIBCRYPTO}
-LDADD+= -lssl -lcrypto
-.endif
-
-.if defined(NEED_SHA256)
-CFLAGS+=-DINTERNAL_SHA256
-SRCS+=	sha256.c
-.endif
+.include "${.CURDIR}/../Makefile.crypto"
 
 .include <bsd.prog.mk>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201204281111.q3SBBsHm057989>