From owner-dev-commits-src-all@freebsd.org  Wed Jan 13 00:43:28 2021
Return-Path: <owner-dev-commits-src-all@freebsd.org>
Delivered-To: dev-commits-src-all@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8537C4EB76F;
 Wed, 13 Jan 2021 00:43:28 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4DFpb43Kg4z4vPy;
 Wed, 13 Jan 2021 00:43:28 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 6549664F2;
 Wed, 13 Jan 2021 00:43:28 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 10D0hSt1009860;
 Wed, 13 Jan 2021 00:43:28 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 10D0hSUq009859;
 Wed, 13 Jan 2021 00:43:28 GMT (envelope-from git)
Date: Wed, 13 Jan 2021 00:43:28 GMT
Message-Id: <202101130043.10D0hSUq009859@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-main@FreeBSD.org
From: Adrian Chadd <adrian@FreeBSD.org>
Subject: git: 7c5a624afae4 - main - [wpa] Add support for
 hostapd/wpa_supplicant when WITHOUT_CRYPT=YES is enabled.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: adrian
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 7c5a624afae43c44d8e57eb8c5073b9b07f88064
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-all@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commit messages for all branches of the src repository
 <dev-commits-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-all>, 
 <mailto:dev-commits-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-all/>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Help: <mailto:dev-commits-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all>, 
 <mailto:dev-commits-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jan 2021 00:43:28 -0000

The branch main has been updated by adrian:

URL: https://cgit.FreeBSD.org/src/commit/?id=7c5a624afae43c44d8e57eb8c5073b9b07f88064

commit 7c5a624afae43c44d8e57eb8c5073b9b07f88064
Author:     Adrian Chadd <adrian@FreeBSD.org>
AuthorDate: 2021-01-04 20:39:53 +0000
Commit:     Adrian Chadd <adrian@FreeBSD.org>
CommitDate: 2021-01-13 00:43:19 +0000

    [wpa] Add support for hostapd/wpa_supplicant when WITHOUT_CRYPT=YES
    is enabled.
    
    This builds wpa_supplicant / hostpad using internal encryption routines
    rather than using libcrypt.
    
    This has been supported in wpa for years now, however since we use
    local makefiles for this, we bitrotted dependencies and configuration
    options.
    
    Reviewed by: emaste
    Differential Revision: https://reviews.freebsd.org/D27958
---
 share/mk/src.opts.mk                 |  1 -
 usr.sbin/wpa/Makefile.crypto         | 31 +++++++++++++++++++++++++++++--
 usr.sbin/wpa/hostapd/Makefile        |  4 ++++
 usr.sbin/wpa/wpa_supplicant/Makefile |  2 +-
 4 files changed, 34 insertions(+), 4 deletions(-)

diff --git a/share/mk/src.opts.mk b/share/mk/src.opts.mk
index b87826781318..55d07dac42dd 100644
--- a/share/mk/src.opts.mk
+++ b/share/mk/src.opts.mk
@@ -438,7 +438,6 @@ MK_LDNS:=	no
 MK_PKGBOOTSTRAP:=	no
 MK_SVN:=		no
 MK_SVNLITE:=		no
-MK_WIRELESS:=		no
 .endif
 
 .if ${MK_LDNS} == "no"
diff --git a/usr.sbin/wpa/Makefile.crypto b/usr.sbin/wpa/Makefile.crypto
index 1b67c79650af..bed452bf8592 100644
--- a/usr.sbin/wpa/Makefile.crypto
+++ b/usr.sbin/wpa/Makefile.crypto
@@ -16,9 +16,13 @@ CONFIG_INTERNAL_RC4=y
 CONFIG_INTERNAL_SHA1=y
 NEED_SHA256=y
 CONFIG_INTERNAL_SHA256=y
+NEED_SHA384=y
+CONFIG_INTERNAL_SHA384=y
+NEED_SHA512=y
+CONFIG_INTERNAL_SHA512=y
 CONFIG_INTERNAL_TLS=y
+NEED_DH_GROUPS=y
 CONFIG_INTERNAL_DH5=y
-CONFIG_INTERNAL_DH=y
 NEED_AES_ENC=true
 NEED_AES_CBC=true
 .endif
@@ -45,6 +49,7 @@ SRCS+=	asn1.c \
 	tlsv1_client.c \
 	tlsv1_client_write.c \
 	tlsv1_client_read.c \
+	tlsv1_client_ocsp.c \
 	x509v3.c
 NEED_DES=y
 NEED_MD4=y
@@ -123,14 +128,36 @@ SRCS+=	sha256-internal.c sha256-prf.c
 .endif
 .endif
 
+.if defined(NEED_SHA384)
+CFLAGS+=-DCONFIG_SHA384
+SRCS+=	sha384.c
+.if defined(CONFIG_INTERNAL_SHA384)
+SRCS+=	sha384-internal.c sha384-prf.c
+.endif
+.endif
+
+.if defined(NEED_SHA512)
+CFLAGS+=-DCONFIG_SHA512
+SRCS+=	sha512.c
+.if defined(CONFIG_INTERNAL_SHA512)
+SRCS+=	sha512-internal.c sha512-prf.c
+.endif
+.endif
+
 .if defined(NEED_TLS_PRF)
 SRCS+=	sha1-tlsprf.c
 .endif
 
 .if defined(CONFIG_INTERNAL_DH5)
+.if defined(NEED_DH_GROUPS)
 SRCS+=	dh_group5.c
 .endif
+.endif
 
-.if defined(CONFIG_INTERNAL_DH)
+.if defined(NEED_DH_GROUPS)
 SRCS+=	dh_groups.c
 .endif
+
+.if defined(NEED_DH_GROUPS_ALL)
+CFLAGS+=-DALL_DH_GROUPS
+.endif
diff --git a/usr.sbin/wpa/hostapd/Makefile b/usr.sbin/wpa/hostapd/Makefile
index 24c25ffc0b94..579694046989 100644
--- a/usr.sbin/wpa/hostapd/Makefile
+++ b/usr.sbin/wpa/hostapd/Makefile
@@ -163,6 +163,10 @@ SRCS+=	eap_server_gtc.c \
 	eapol_auth_sm.c
 TLS_FUNCS=y
 
+# For WPS, EAP modes, etc
+NEED_DH_GROUPS=y
+NEED_DH_GROUPS_ALL=y
+
 .if !empty(CFLAGS:M*-DCONFIG_WPS)
 NEED_SIM_COMMON=y
 .endif
diff --git a/usr.sbin/wpa/wpa_supplicant/Makefile b/usr.sbin/wpa/wpa_supplicant/Makefile
index 7556e9b8d26a..dc8178ccf9b8 100644
--- a/usr.sbin/wpa/wpa_supplicant/Makefile
+++ b/usr.sbin/wpa/wpa_supplicant/Makefile
@@ -14,7 +14,7 @@ PROG=	wpa_supplicant
 SRCS=	base64.c bitfield.c blacklist.c bss.c cli.c common.c \
 	config.c config_file.c \
 	ctrl_iface.c ctrl_iface_common.c ctrl_iface_unix.c \
-	dh_groups.c driver_bsd.c driver_common.c \
+	driver_bsd.c driver_common.c \
 	driver_ndis.c driver_wired.c driver_wired_common.c drivers.c \
 	eap_register.c eloop.c \
 	events.c gas.c gas_query.c \