--- a/hostapd/Makefile
+++ b/hostapd/Makefile
-@@ -745,6 +745,40 @@ endif
+@@ -758,6 +758,40 @@ endif
CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\"
endif
ifeq ($(CONFIG_TLS), gnutls)
ifndef CONFIG_CRYPTO
# default to libgcrypt
-@@ -924,9 +958,11 @@ endif
+@@ -937,9 +971,11 @@ endif
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef NEED_AES_EAX
AESOBJS += ../src/crypto/aes-eax.o
NEED_AES_CTR=y
-@@ -936,38 +972,48 @@ AESOBJS += ../src/crypto/aes-siv.o
+@@ -949,38 +985,48 @@ AESOBJS += ../src/crypto/aes-siv.o
NEED_AES_CTR=y
endif
ifdef NEED_AES_CTR
ifdef NEED_AES_DEC
ifdef CONFIG_INTERNAL_AES
AESOBJS += ../src/crypto/aes-internal-dec.o
-@@ -982,12 +1028,16 @@ ifneq ($(CONFIG_TLS), openssl)
+@@ -995,12 +1041,16 @@ ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef CONFIG_INTERNAL_SHA1
SHA1OBJS += ../src/crypto/sha1-internal.o
ifdef NEED_FIPS186_2_PRF
-@@ -996,16 +1046,22 @@ endif
+@@ -1009,16 +1059,22 @@ endif
endif
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef NEED_SHA1
OBJS += $(SHA1OBJS)
-@@ -1015,11 +1071,13 @@ ifneq ($(CONFIG_TLS), openssl)
+@@ -1028,11 +1084,13 @@ ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef NEED_MD5
ifdef CONFIG_INTERNAL_MD5
-@@ -1058,56 +1116,81 @@ ifneq ($(CONFIG_TLS), openssl)
+@@ -1071,56 +1129,81 @@ ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef CONFIG_INTERNAL_SHA384
CFLAGS += -DCONFIG_INTERNAL_SHA384
-@@ -1152,11 +1235,13 @@ HOBJS += $(SHA1OBJS)
+@@ -1165,11 +1248,13 @@ HOBJS += $(SHA1OBJS)
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef CONFIG_RADIUS_SERVER
CFLAGS += -DRADIUS_SERVER
-@@ -1329,7 +1414,9 @@ NOBJS += ../src/utils/trace.o
+@@ -1342,7 +1427,9 @@ NOBJS += ../src/utils/trace.o
endif
HOBJS += hlr_auc_gw.o ../src/utils/common.o ../src/utils/wpa_debug.o ../src/utils/os_$(CONFIG_OS).o ../src/utils/wpabuf.o ../src/crypto/milenage.o
ifdef CONFIG_INTERNAL_AES
HOBJS += ../src/crypto/aes-internal.o
HOBJS += ../src/crypto/aes-internal-enc.o
-@@ -1352,13 +1439,17 @@ SOBJS += ../src/common/sae.o
+@@ -1365,13 +1452,17 @@ SOBJS += ../src/common/sae.o
SOBJS += ../src/common/sae_pk.o
SOBJS += ../src/common/dragonfly.o
SOBJS += $(AESOBJS)
# Driver interface for Host AP driver
CONFIG_DRIVER_HOSTAP=y
-@@ -278,6 +290,7 @@ CONFIG_IPV6=y
+@@ -281,6 +293,7 @@ CONFIG_IPV6=y
# openssl = OpenSSL (default)
# gnutls = GnuTLS
# internal = Internal TLSv1 implementation (experimental)
CONFIG_SIM_SIMULATOR=y
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
-@@ -1163,6 +1163,29 @@ endif
+@@ -1230,6 +1230,29 @@ endif
CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\"
endif
ifeq ($(CONFIG_TLS), gnutls)
ifndef CONFIG_CRYPTO
# default to libgcrypt
-@@ -1355,9 +1378,11 @@ endif
+@@ -1422,9 +1445,11 @@ endif
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef CONFIG_OPENSSL_INTERNAL_AES_WRAP
# Seems to be needed at least with BoringSSL
NEED_INTERNAL_AES_WRAP=y
-@@ -1371,9 +1396,11 @@ endif
+@@ -1438,9 +1463,11 @@ endif
ifdef NEED_INTERNAL_AES_WRAP
ifneq ($(CONFIG_TLS), linux)
ifdef NEED_AES_EAX
AESOBJS += ../src/crypto/aes-eax.o
NEED_AES_CTR=y
-@@ -1383,35 +1410,45 @@ AESOBJS += ../src/crypto/aes-siv.o
+@@ -1450,35 +1477,45 @@ AESOBJS += ../src/crypto/aes-siv.o
NEED_AES_CTR=y
endif
ifdef NEED_AES_CTR
ifdef NEED_AES_ENC
ifdef CONFIG_INTERNAL_AES
AESOBJS += ../src/crypto/aes-internal-enc.o
-@@ -1426,12 +1463,16 @@ ifneq ($(CONFIG_TLS), openssl)
+@@ -1493,12 +1530,16 @@ ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef CONFIG_INTERNAL_SHA1
SHA1OBJS += ../src/crypto/sha1-internal.o
ifdef NEED_FIPS186_2_PRF
-@@ -1443,29 +1484,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2
+@@ -1510,29 +1551,37 @@ CFLAGS += -DCONFIG_NO_PBKDF2
else
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef NEED_MD5
ifdef CONFIG_INTERNAL_MD5
MD5OBJS += ../src/crypto/md5-internal.o
-@@ -1520,12 +1569,17 @@ ifneq ($(CONFIG_TLS), openssl)
+@@ -1587,12 +1636,17 @@ ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
ifdef CONFIG_INTERNAL_SHA256
SHA256OBJS += ../src/crypto/sha256-internal.o
endif
-@@ -1538,50 +1592,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512
+@@ -1605,50 +1659,68 @@ CFLAGS += -DCONFIG_INTERNAL_SHA512
SHA256OBJS += ../src/crypto/sha512-internal.o
endif
ifdef NEED_TLS_PRF_SHA256
ifdef NEED_ASN1
OBJS += ../src/tls/asn1.o
-@@ -1756,10 +1828,12 @@ ifdef CONFIG_FIPS
+@@ -1823,10 +1895,12 @@ ifdef CONFIG_FIPS
CFLAGS += -DCONFIG_FIPS
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
# Driver interface for generic Linux wireless extensions
# Note: WEXT is deprecated in the current Linux kernel version and no new
# functionality is added to it. nl80211-based interface is the new
-@@ -326,6 +327,7 @@ CONFIG_BACKEND=file
+@@ -329,6 +330,7 @@ CONFIG_BACKEND=file
# openssl = OpenSSL (default)
# gnutls = GnuTLS
# internal = Internal TLSv1 implementation (experimental)