aboutsummaryrefslogtreecommitdiffstats
path: root/hostapd/defconfig
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2011-09-25 14:24:46 (GMT)
committerJouni Malinen <j@w1.fi>2011-09-25 14:24:46 (GMT)
commit5c47af9a7a0bdf9d37a99333816d8fc041aad9d3 (patch)
tree9653996506178f66aa635f8ea91a200ee081fa09 /hostapd/defconfig
parent3bff59f8571cd2ef63a18e0b4c43a0bbb5baf564 (diff)
downloadhostap-5c47af9a7a0bdf9d37a99333816d8fc041aad9d3.zip
hostap-5c47af9a7a0bdf9d37a99333816d8fc041aad9d3.tar.gz
hostap-5c47af9a7a0bdf9d37a99333816d8fc041aad9d3.tar.bz2
TLS: Add support for TLS v1.1 (RFC 4346) with internal TLS
This is disabled by defautl and can be enabled with CONFIG_TLSV11=y build configuration parameter.
Diffstat (limited to 'hostapd/defconfig')
-rw-r--r--hostapd/defconfig36
1 files changed, 36 insertions, 0 deletions
diff --git a/hostapd/defconfig b/hostapd/defconfig
index 26be2a8..d9b4b6d 100644
--- a/hostapd/defconfig
+++ b/hostapd/defconfig
@@ -208,3 +208,39 @@ CONFIG_IPV6=y
# considered for builds that are known to be used on devices that meet the
# requirements described above.
#CONFIG_NO_RANDOM_POOL=y
+
+# Select TLS implementation
+# openssl = OpenSSL (default)
+# gnutls = GnuTLS (needed for TLS/IA, see also CONFIG_GNUTLS_EXTRA)
+# internal = Internal TLSv1 implementation (experimental)
+# none = Empty template
+#CONFIG_TLS=openssl
+
+# Whether to enable TLS/IA support, which is required for EAP-TTLSv1.
+# You need CONFIG_TLS=gnutls for this to have any effect. Please note that
+# even though the core GnuTLS library is released under LGPL, this extra
+# library uses GPL and as such, the terms of GPL apply to the combination
+# of wpa_supplicant and GnuTLS if this option is enabled. BSD license may not
+# apply for distribution of the resulting binary.
+#CONFIG_GNUTLS_EXTRA=y
+
+# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1)
+# can be enabled to get a stronger construction of messages when block ciphers
+# are used.
+#CONFIG_TLSV11=y
+
+# If CONFIG_TLS=internal is used, additional library and include paths are
+# needed for LibTomMath. Alternatively, an integrated, minimal version of
+# LibTomMath can be used. See beginning of libtommath.c for details on benefits
+# and drawbacks of this option.
+#CONFIG_INTERNAL_LIBTOMMATH=y
+#ifndef CONFIG_INTERNAL_LIBTOMMATH
+#LTM_PATH=/usr/src/libtommath-0.39
+#CFLAGS += -I$(LTM_PATH)
+#LIBS += -L$(LTM_PATH)
+#LIBS_p += -L$(LTM_PATH)
+#endif
+# At the cost of about 4 kB of additional binary size, the internal LibTomMath
+# can be configured to include faster routines for exptmod, sqr, and div to
+# speed up DH and RSA calculation considerably
+#CONFIG_INTERNAL_LIBTOMMATH_FAST=y