aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant/Makefile
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2012-08-22 19:34:11 (GMT)
committerJouni Malinen <j@w1.fi>2012-08-22 19:34:11 (GMT)
commit065d2895b4693e8c923580dbfa31123297c8bb7d (patch)
tree3af626199a8454ced913214db958bc2910764e23 /wpa_supplicant/Makefile
parentd13f9857f8cb7b90e78bf4725f4765f233606eb5 (diff)
downloadhostap-065d2895b4693e8c923580dbfa31123297c8bb7d.zip
hostap-065d2895b4693e8c923580dbfa31123297c8bb7d.tar.gz
hostap-065d2895b4693e8c923580dbfa31123297c8bb7d.tar.bz2
Add UNAUTH-TLS vendor specific EAP type
This EAP type uses a vendor specific expanded EAP header to encapsulate EAP-TLS with a configuration where the EAP server does not authenticate the EAP peer. In other words, this method includes only server authentication. The peer is configured with only the ca_cert parameter (similarly to other TLS-based EAP methods). This method can be used for cases where the network provides free access to anyone, but use of RSN with a securely derived unique PMK for each station is desired. The expanded EAP header uses the hostapd/wpa_supplicant vendor code 39068 and vendor type 1 to identify the UNAUTH-TLS method. Signed-hostap: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'wpa_supplicant/Makefile')
-rw-r--r--wpa_supplicant/Makefile11
1 files changed, 11 insertions, 0 deletions
diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile
index eb64725..4b399df 100644
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -306,6 +306,17 @@ TLS_FUNCS=y
CONFIG_IEEE8021X_EAPOL=y
endif
+ifdef CONFIG_EAP_UNAUTH_TLS
+# EAP-UNAUTH-TLS
+CFLAGS += -DEAP_UNAUTH_TLS
+ifndef CONFIG_EAP_UNAUTH_TLS
+OBJS += ../src/eap_peer/eap_tls.o
+OBJS_h += ../src/eap_server/eap_server_tls.o
+TLS_FUNCS=y
+endif
+CONFIG_IEEE8021X_EAPOL=y
+endif
+
ifdef CONFIG_EAP_PEAP
# EAP-PEAP
ifeq ($(CONFIG_EAP_PEAP), dyn)