diff options
| author | oddlama <oddlama@oddlama.org> | 2023-03-22 00:33:14 +0100 |
|---|---|---|
| committer | oddlama <oddlama@oddlama.org> | 2023-07-02 13:31:38 +0200 |
| commit | 4bec3f204362fa22a0740c8a572ffef3b322596d (patch) | |
| tree | 1adf69344351395c894310cb89c654aa96f8c12c /pkgs/os-specific/linux/hostapd | |
| parent | 0a85190a977f47dd93abe8d5b8da120976d880a0 (diff) | |
| download | nixpkgs-4bec3f204362fa22a0740c8a572ffef3b322596d.tar nixpkgs-4bec3f204362fa22a0740c8a572ffef3b322596d.tar.gz nixpkgs-4bec3f204362fa22a0740c8a572ffef3b322596d.tar.bz2 nixpkgs-4bec3f204362fa22a0740c8a572ffef3b322596d.tar.lz nixpkgs-4bec3f204362fa22a0740c8a572ffef3b322596d.tar.xz nixpkgs-4bec3f204362fa22a0740c8a572ffef3b322596d.tar.zst nixpkgs-4bec3f204362fa22a0740c8a572ffef3b322596d.zip | |
hostapd: enable new stable features such as WiFi6 and structure .config
These changes are important to support modern APs configurations. Short overview: - CONFIG_IEEE80211AX support (WiFi6) - CONFIG_SAE_PK (pubkey authenticated WPA3) - CONFIG_DRIVER_NONE (standalone RADIUS server) - CONFIG_OCV (Operating Channel Validation) - Enable epoll on linux systems - Remove deprecated TKIP support - Fix misspelling (CONFIG_INTERNETWORKING != CONFIG_INTERWORKING) - The .config was restructured into sections to reflect the upstream defconfig order and for easier updating in the future
Diffstat (limited to 'pkgs/os-specific/linux/hostapd')
| -rw-r--r-- | pkgs/os-specific/linux/hostapd/default.nix | 56 |
1 files changed, 44 insertions, 12 deletions
diff --git a/pkgs/os-specific/linux/hostapd/default.nix b/pkgs/os-specific/linux/hostapd/default.nix index 2836f435dc2..85d48683cf0 100644 --- a/pkgs/os-specific/linux/hostapd/default.nix +++ b/pkgs/os-specific/linux/hostapd/default.nix @@ -23,13 +23,21 @@ stdenv.mkDerivation rec { outputs = [ "out" "man" ]; + # Based on hostapd's defconfig. Only differences are tracked. extraConfig = '' + # Use epoll(7) instead of select(2) on linux + CONFIG_ELOOP_EPOLL=y + + # Drivers CONFIG_DRIVER_WIRED=y - CONFIG_LIBNL32=y + CONFIG_DRIVER_NONE=y + + # Integrated EAP server CONFIG_EAP_SIM=y CONFIG_EAP_AKA=y CONFIG_EAP_AKA_PRIME=y CONFIG_EAP_PAX=y + CONFIG_EAP_PSK=y CONFIG_EAP_PWD=y CONFIG_EAP_SAKE=y CONFIG_EAP_GPSK=y @@ -38,29 +46,53 @@ stdenv.mkDerivation rec { CONFIG_EAP_IKEV2=y CONFIG_EAP_TNC=y CONFIG_EAP_EKE=y - CONFIG_RADIUS_SERVER=y - CONFIG_IEEE80211R=y - CONFIG_IEEE80211N=y - CONFIG_IEEE80211AC=y - CONFIG_IEEE80211AX=y - CONFIG_FULL_DYNAMIC_VLAN=y - CONFIG_VLAN_NETLINK=y + CONFIG_TLS=openssl CONFIG_TLSV11=y CONFIG_TLSV12=y - CONFIG_INTERNETWORKING=y + + CONFIG_SAE=y + CONFIG_SAE_PK=y + + CONFIG_OWE=y + CONFIG_OCV=y + + # TKIP is considered insecure and upstream support will be removed in the future + CONFIG_NO_TKIP=y + + # Enable Wi-Fi Protected Setup + CONFIG_WPS=y + CONFIG_WPS_UPNP=y + CONFIG_WPS_NFC=y + + # Misc + CONFIG_RADIUS_SERVER=y + CONFIG_FULL_DYNAMIC_VLAN=y + CONFIG_VLAN_NETLINK=y + CONFIG_GETRANDOM=y + CONFIG_INTERWORKING=y CONFIG_HS20=y + CONFIG_FST=y + CONFIG_FST_TEST=y CONFIG_ACS=y - CONFIG_GETRANDOM=y - CONFIG_SAE=y + CONFIG_WNM=y + CONFIG_MBO=y + + CONFIG_IEEE80211R=y + CONFIG_IEEE80211W=y + CONFIG_IEEE80211N=y + CONFIG_IEEE80211AC=y + CONFIG_IEEE80211AX=y '' + lib.optionalString (sqlite != null) '' CONFIG_SQLITE=y ''; + passAsFile = [ "extraConfig" ]; + configurePhase = '' cd hostapd cp -v defconfig .config - echo "$extraConfig" >> .config + cat $extraConfigPath >> .config cat -n .config substituteInPlace Makefile --replace /usr/local $out export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE $(pkg-config --cflags libnl-3.0)" |