]>
Commit | Line | Data |
---|---|---|
6fc6879b JM |
1 | # Example wpa_supplicant build time configuration |
2 | # | |
3 | # This file lists the configuration options that are used when building the | |
4 | # hostapd binary. All lines starting with # are ignored. Configuration option | |
5 | # lines must be commented out complete, if they are not to be included, i.e., | |
6 | # just setting VARIABLE=n is not disabling that variable. | |
7 | # | |
8 | # This file is included in Makefile, so variables like CFLAGS and LIBS can also | |
9 | # be modified from here. In most cases, these lines should use += in order not | |
10 | # to override previous values of the variables. | |
11 | ||
12 | ||
13 | # Uncomment following two lines and fix the paths if you have installed OpenSSL | |
14 | # or GnuTLS in non-default location | |
15 | #CFLAGS += -I/usr/local/openssl/include | |
16 | #LIBS += -L/usr/local/openssl/lib | |
17 | ||
18 | # Some Red Hat versions seem to include kerberos header files from OpenSSL, but | |
19 | # the kerberos files are not in the default include path. Following line can be | |
20 | # used to fix build issues on such systems (krb5.h not found). | |
21 | #CFLAGS += -I/usr/include/kerberos | |
22 | ||
23 | # Example configuration for various cross-compilation platforms | |
24 | ||
25 | #### sveasoft (e.g., for Linksys WRT54G) ###################################### | |
26 | #CC=mipsel-uclibc-gcc | |
27 | #CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc | |
28 | #CFLAGS += -Os | |
29 | #CPPFLAGS += -I../src/include -I../../src/router/openssl/include | |
30 | #LIBS += -L/opt/brcm/hndtools-mipsel-uclibc-0.9.19/lib -lssl | |
31 | ############################################################################### | |
32 | ||
33 | #### openwrt (e.g., for Linksys WRT54G) ####################################### | |
34 | #CC=mipsel-uclibc-gcc | |
35 | #CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc | |
36 | #CFLAGS += -Os | |
37 | #CPPFLAGS=-I../src/include -I../openssl-0.9.7d/include \ | |
38 | # -I../WRT54GS/release/src/include | |
39 | #LIBS = -lssl | |
40 | ############################################################################### | |
41 | ||
42 | ||
43 | # Driver interface for Host AP driver | |
44 | CONFIG_DRIVER_HOSTAP=y | |
45 | ||
46 | # Driver interface for Agere driver | |
47 | #CONFIG_DRIVER_HERMES=y | |
48 | # Change include directories to match with the local setup | |
49 | #CFLAGS += -I../../hcf -I../../include -I../../include/hcf | |
50 | #CFLAGS += -I../../include/wireless | |
51 | ||
52 | # Driver interface for madwifi driver | |
e90bba4c | 53 | # Deprecated; use CONFIG_DRIVER_WEXT=y instead. |
6fc6879b | 54 | #CONFIG_DRIVER_MADWIFI=y |
e7e9c46e PR |
55 | # Set include directory to the madwifi source tree |
56 | #CFLAGS += -I../../madwifi | |
6fc6879b | 57 | |
6fc6879b | 58 | # Driver interface for ndiswrapper |
e90bba4c | 59 | # Deprecated; use CONFIG_DRIVER_WEXT=y instead. |
6fc6879b JM |
60 | #CONFIG_DRIVER_NDISWRAPPER=y |
61 | ||
62 | # Driver interface for Atmel driver | |
63 | CONFIG_DRIVER_ATMEL=y | |
64 | ||
1c5aeef0 JM |
65 | # Driver interface for old Broadcom driver |
66 | # Please note that the newer Broadcom driver ("hybrid Linux driver") supports | |
67 | # Linux wireless extensions and does not need (or even work) with the old | |
68 | # driver wrapper. Use CONFIG_DRIVER_WEXT=y with that driver. | |
6fc6879b JM |
69 | #CONFIG_DRIVER_BROADCOM=y |
70 | # Example path for wlioctl.h; change to match your configuration | |
71 | #CFLAGS += -I/opt/WRT54GS/release/src/include | |
72 | ||
73 | # Driver interface for Intel ipw2100/2200 driver | |
e90bba4c | 74 | # Deprecated; use CONFIG_DRIVER_WEXT=y instead. |
6fc6879b JM |
75 | #CONFIG_DRIVER_IPW=y |
76 | ||
77 | # Driver interface for Ralink driver | |
78 | #CONFIG_DRIVER_RALINK=y | |
79 | ||
80 | # Driver interface for generic Linux wireless extensions | |
0725cc7b JM |
81 | # Note: WEXT is deprecated in the current Linux kernel version and no new |
82 | # functionality is added to it. nl80211-based interface is the new | |
83 | # replacement for WEXT and its use allows wpa_supplicant to properly control | |
84 | # the driver to improve existing functionality like roaming and to support new | |
85 | # functionality. | |
6fc6879b JM |
86 | CONFIG_DRIVER_WEXT=y |
87 | ||
421b4ba5 | 88 | # Driver interface for Linux drivers using the nl80211 kernel interface |
0725cc7b | 89 | CONFIG_DRIVER_NL80211=y |
421b4ba5 | 90 | |
6fc6879b JM |
91 | # Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) |
92 | #CONFIG_DRIVER_BSD=y | |
93 | #CFLAGS += -I/usr/local/include | |
94 | #LIBS += -L/usr/local/lib | |
953f0f63 MH |
95 | #LIBS_p += -L/usr/local/lib |
96 | #LIBS_c += -L/usr/local/lib | |
6fc6879b JM |
97 | |
98 | # Driver interface for Windows NDIS | |
99 | #CONFIG_DRIVER_NDIS=y | |
100 | #CFLAGS += -I/usr/include/w32api/ddk | |
101 | #LIBS += -L/usr/local/lib | |
102 | # For native build using mingw | |
103 | #CONFIG_NATIVE_WINDOWS=y | |
104 | # Additional directories for cross-compilation on Linux host for mingw target | |
105 | #CFLAGS += -I/opt/mingw/mingw32/include/ddk | |
106 | #LIBS += -L/opt/mingw/mingw32/lib | |
107 | #CC=mingw32-gcc | |
108 | # By default, driver_ndis uses WinPcap for low-level operations. This can be | |
109 | # replaced with the following option which replaces WinPcap calls with NDISUIO. | |
110 | # However, this requires that WZC is disabled (net stop wzcsvc) before starting | |
111 | # wpa_supplicant. | |
112 | # CONFIG_USE_NDISUIO=y | |
113 | ||
114 | # Driver interface for development testing | |
115 | #CONFIG_DRIVER_TEST=y | |
116 | ||
117 | # Driver interface for wired Ethernet drivers | |
118 | CONFIG_DRIVER_WIRED=y | |
119 | ||
e519314e JW |
120 | # Driver interface for the Broadcom RoboSwitch family |
121 | #CONFIG_DRIVER_ROBOSWITCH=y | |
122 | ||
a3c6598f JM |
123 | # Driver interface for no driver (e.g., WPS ER only) |
124 | #CONFIG_DRIVER_NONE=y | |
125 | ||
60da5e0f MH |
126 | # Solaris libraries |
127 | #LIBS += -lsocket -ldlpi -lnsl | |
128 | #LIBS_c += -lsocket | |
129 | ||
6fc6879b JM |
130 | # Enable IEEE 802.1X Supplicant (automatically included if any EAP method is |
131 | # included) | |
132 | CONFIG_IEEE8021X_EAPOL=y | |
133 | ||
134 | # EAP-MD5 | |
135 | CONFIG_EAP_MD5=y | |
136 | ||
137 | # EAP-MSCHAPv2 | |
138 | CONFIG_EAP_MSCHAPV2=y | |
139 | ||
140 | # EAP-TLS | |
141 | CONFIG_EAP_TLS=y | |
142 | ||
143 | # EAL-PEAP | |
144 | CONFIG_EAP_PEAP=y | |
145 | ||
146 | # EAP-TTLS | |
147 | CONFIG_EAP_TTLS=y | |
148 | ||
149 | # EAP-FAST | |
150 | # Note: Default OpenSSL package does not include support for all the | |
151 | # functionality needed for EAP-FAST. If EAP-FAST is enabled with OpenSSL, | |
152 | # the OpenSSL library must be patched (openssl-0.9.8d-tls-extensions.patch) | |
153 | # to add the needed functions. | |
154 | #CONFIG_EAP_FAST=y | |
155 | ||
156 | # EAP-GTC | |
157 | CONFIG_EAP_GTC=y | |
158 | ||
159 | # EAP-OTP | |
160 | CONFIG_EAP_OTP=y | |
161 | ||
162 | # EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used) | |
163 | #CONFIG_EAP_SIM=y | |
164 | ||
165 | # EAP-PSK (experimental; this is _not_ needed for WPA-PSK) | |
166 | #CONFIG_EAP_PSK=y | |
167 | ||
168 | # EAP-PAX | |
169 | #CONFIG_EAP_PAX=y | |
170 | ||
171 | # LEAP | |
172 | CONFIG_EAP_LEAP=y | |
173 | ||
174 | # EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used) | |
175 | #CONFIG_EAP_AKA=y | |
176 | ||
a9d1364c JM |
177 | # EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used). |
178 | # This requires CONFIG_EAP_AKA to be enabled, too. | |
179 | #CONFIG_EAP_AKA_PRIME=y | |
180 | ||
2a24bb31 JM |
181 | # Enable USIM simulator (Milenage) for EAP-AKA |
182 | #CONFIG_USIM_SIMULATOR=y | |
183 | ||
6fc6879b JM |
184 | # EAP-SAKE |
185 | #CONFIG_EAP_SAKE=y | |
186 | ||
187 | # EAP-GPSK | |
188 | #CONFIG_EAP_GPSK=y | |
189 | # Include support for optional SHA256 cipher suite in EAP-GPSK | |
190 | #CONFIG_EAP_GPSK_SHA256=y | |
191 | ||
192 | # EAP-TNC and related Trusted Network Connect support (experimental) | |
193 | #CONFIG_EAP_TNC=y | |
194 | ||
ad08c363 JM |
195 | # Wi-Fi Protected Setup (WPS) |
196 | #CONFIG_WPS=y | |
53587ec1 JM |
197 | # Enable WSC 2.0 support |
198 | #CONFIG_WPS2=y | |
4aced422 JM |
199 | # Enable WPS external registrar functionality |
200 | #CONFIG_WPS_ER=y | |
745e8aba AB |
201 | # Disable credentials for an open network by default when acting as a WPS |
202 | # registrar. | |
203 | #CONFIG_WPS_REG_DISABLE_OPEN=y | |
ad08c363 | 204 | |
6fc6879b JM |
205 | # EAP-IKEv2 |
206 | #CONFIG_EAP_IKEV2=y | |
207 | ||
208 | # PKCS#12 (PFX) support (used to read private key and certificate file from | |
209 | # a file that usually has extension .p12 or .pfx) | |
210 | CONFIG_PKCS12=y | |
211 | ||
212 | # Smartcard support (i.e., private key on a smartcard), e.g., with openssl | |
213 | # engine. | |
214 | CONFIG_SMARTCARD=y | |
215 | ||
216 | # PC/SC interface for smartcards (USIM, GSM SIM) | |
217 | # Enable this if EAP-SIM or EAP-AKA is included | |
218 | #CONFIG_PCSC=y | |
219 | ||
80e8a5ee BG |
220 | # Support HT overrides (disable HT/HT40, mask MCS rates, etc.) |
221 | #CONFIG_HT_OVERRIDES=y | |
222 | ||
6fc6879b JM |
223 | # Development testing |
224 | #CONFIG_EAPOL_TEST=y | |
225 | ||
226 | # Select control interface backend for external programs, e.g, wpa_cli: | |
227 | # unix = UNIX domain sockets (default for Linux/*BSD) | |
228 | # udp = UDP sockets using localhost (127.0.0.1) | |
229 | # named_pipe = Windows Named Pipe (default for Windows) | |
230 | # y = use default (backwards compatibility) | |
231 | # If this option is commented out, control interface is not included in the | |
232 | # build. | |
233 | CONFIG_CTRL_IFACE=y | |
234 | ||
235 | # Include support for GNU Readline and History Libraries in wpa_cli. | |
236 | # When building a wpa_cli binary for distribution, please note that these | |
237 | # libraries are licensed under GPL and as such, BSD license may not apply for | |
238 | # the resulting binary. | |
239 | #CONFIG_READLINE=y | |
240 | ||
aee680e8 JM |
241 | # Include internal line edit mode in wpa_cli. This can be used as a replacement |
242 | # for GNU Readline to provide limited command line editing and history support. | |
243 | #CONFIG_WPA_CLI_EDIT=y | |
244 | ||
6fc6879b JM |
245 | # Remove debugging code that is printing out debug message to stdout. |
246 | # This can be used to reduce the size of the wpa_supplicant considerably | |
247 | # if debugging code is not needed. The size reduction can be around 35% | |
248 | # (e.g., 90 kB). | |
249 | #CONFIG_NO_STDOUT_DEBUG=y | |
250 | ||
251 | # Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save | |
252 | # 35-50 kB in code size. | |
253 | #CONFIG_NO_WPA=y | |
254 | ||
255 | # Remove WPA2 support. This allows WPA to be used, but removes WPA2 code to | |
256 | # save about 1 kB in code size when building only WPA-Personal (no EAP support) | |
257 | # or 6 kB if building for WPA-Enterprise. | |
258 | #CONFIG_NO_WPA2=y | |
259 | ||
260 | # Remove IEEE 802.11i/WPA-Personal ASCII passphrase support | |
261 | # This option can be used to reduce code size by removing support for | |
262 | # converting ASCII passphrases into PSK. If this functionality is removed, the | |
263 | # PSK can only be configured as the 64-octet hexstring (e.g., from | |
264 | # wpa_passphrase). This saves about 0.5 kB in code size. | |
265 | #CONFIG_NO_WPA_PASSPHRASE=y | |
266 | ||
6fc6879b JM |
267 | # Disable scan result processing (ap_mode=1) to save code size by about 1 kB. |
268 | # This can be used if ap_scan=1 mode is never enabled. | |
269 | #CONFIG_NO_SCAN_PROCESSING=y | |
270 | ||
271 | # Select configuration backend: | |
272 | # file = text file (e.g., wpa_supplicant.conf; note: the configuration file | |
273 | # path is given on command line, not here; this option is just used to | |
274 | # select the backend that allows configuration files to be used) | |
275 | # winreg = Windows registry (see win_example.reg for an example) | |
276 | CONFIG_BACKEND=file | |
277 | ||
278 | # Remove configuration write functionality (i.e., to allow the configuration | |
279 | # file to be updated based on runtime configuration changes). The runtime | |
280 | # configuration can still be changed, the changes are just not going to be | |
281 | # persistent over restarts. This option can be used to reduce code size by | |
282 | # about 3.5 kB. | |
283 | #CONFIG_NO_CONFIG_WRITE=y | |
284 | ||
285 | # Remove support for configuration blobs to reduce code size by about 1.5 kB. | |
286 | #CONFIG_NO_CONFIG_BLOBS=y | |
287 | ||
288 | # Select program entry point implementation: | |
289 | # main = UNIX/POSIX like main() function (default) | |
290 | # main_winsvc = Windows service (read parameters from registry) | |
291 | # main_none = Very basic example (development use only) | |
292 | #CONFIG_MAIN=main | |
293 | ||
294 | # Select wrapper for operatins system and C library specific functions | |
295 | # unix = UNIX/POSIX like systems (default) | |
296 | # win32 = Windows systems | |
297 | # none = Empty template | |
298 | #CONFIG_OS=unix | |
299 | ||
300 | # Select event loop implementation | |
301 | # eloop = select() loop (default) | |
302 | # eloop_win = Windows events and WaitForMultipleObject() loop | |
303 | # eloop_none = Empty template | |
304 | #CONFIG_ELOOP=eloop | |
305 | ||
306 | # Select layer 2 packet implementation | |
307 | # linux = Linux packet socket (default) | |
308 | # pcap = libpcap/libdnet/WinPcap | |
309 | # freebsd = FreeBSD libpcap | |
310 | # winpcap = WinPcap with receive thread | |
311 | # ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y) | |
312 | # none = Empty template | |
313 | #CONFIG_L2_PACKET=linux | |
314 | ||
315 | # PeerKey handshake for Station to Station Link (IEEE 802.11e DLS) | |
316 | CONFIG_PEERKEY=y | |
317 | ||
318 | # IEEE 802.11w (management frame protection) | |
319 | # This version is an experimental implementation based on IEEE 802.11w/D1.0 | |
320 | # draft and is subject to change since the standard has not yet been finalized. | |
321 | # Driver support is also needed for IEEE 802.11w. | |
322 | #CONFIG_IEEE80211W=y | |
323 | ||
324 | # Select TLS implementation | |
325 | # openssl = OpenSSL (default) | |
fd2f2d04 | 326 | # gnutls = GnuTLS |
6fc6879b JM |
327 | # internal = Internal TLSv1 implementation (experimental) |
328 | # none = Empty template | |
329 | #CONFIG_TLS=openssl | |
330 | ||
5c47af9a JM |
331 | # TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1) |
332 | # can be enabled to get a stronger construction of messages when block ciphers | |
333 | # are used. It should be noted that some existing TLS v1.0 -based | |
334 | # implementation may not be compatible with TLS v1.1 message (ClientHello is | |
335 | # sent prior to negotiating which version will be used) | |
336 | #CONFIG_TLSV11=y | |
337 | ||
ca84eed7 JM |
338 | # TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.2) |
339 | # can be enabled to enable use of stronger crypto algorithms. It should be | |
340 | # noted that some existing TLS v1.0 -based implementation may not be compatible | |
341 | # with TLS v1.2 message (ClientHello is sent prior to negotiating which version | |
342 | # will be used) | |
343 | #CONFIG_TLSV12=y | |
344 | ||
6fc6879b JM |
345 | # If CONFIG_TLS=internal is used, additional library and include paths are |
346 | # needed for LibTomMath. Alternatively, an integrated, minimal version of | |
347 | # LibTomMath can be used. See beginning of libtommath.c for details on benefits | |
348 | # and drawbacks of this option. | |
349 | #CONFIG_INTERNAL_LIBTOMMATH=y | |
350 | #ifndef CONFIG_INTERNAL_LIBTOMMATH | |
351 | #LTM_PATH=/usr/src/libtommath-0.39 | |
352 | #CFLAGS += -I$(LTM_PATH) | |
353 | #LIBS += -L$(LTM_PATH) | |
354 | #LIBS_p += -L$(LTM_PATH) | |
355 | #endif | |
b95394c6 JM |
356 | # At the cost of about 4 kB of additional binary size, the internal LibTomMath |
357 | # can be configured to include faster routines for exptmod, sqr, and div to | |
187bc466 | 358 | # speed up DH and RSA calculation considerably |
b95394c6 | 359 | #CONFIG_INTERNAL_LIBTOMMATH_FAST=y |
6fc6879b JM |
360 | |
361 | # Include NDIS event processing through WMI into wpa_supplicant/wpasvc. | |
362 | # This is only for Windows builds and requires WMI-related header files and | |
363 | # WbemUuid.Lib from Platform SDK even when building with MinGW. | |
364 | #CONFIG_NDIS_EVENTS_INTEGRATED=y | |
365 | #PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib" | |
366 | ||
8fc2fb56 WS |
367 | # Add support for old DBus control interface |
368 | # (fi.epitest.hostap.WPASupplicant) | |
6fc6879b JM |
369 | #CONFIG_CTRL_IFACE_DBUS=y |
370 | ||
8fc2fb56 WS |
371 | # Add support for new DBus control interface |
372 | # (fi.w1.hostap.wpa_supplicant1) | |
373 | #CONFIG_CTRL_IFACE_DBUS_NEW=y | |
374 | ||
ce4f7fdb | 375 | # Add introspection support for new DBus control interface |
8fc2fb56 WS |
376 | #CONFIG_CTRL_IFACE_DBUS_INTRO=y |
377 | ||
6fc6879b JM |
378 | # Add support for loading EAP methods dynamically as shared libraries. |
379 | # When this option is enabled, each EAP method can be either included | |
380 | # statically (CONFIG_EAP_<method>=y) or dynamically (CONFIG_EAP_<method>=dyn). | |
381 | # Dynamic EAP methods are build as shared objects (eap_*.so) and they need to | |
382 | # be loaded in the beginning of the wpa_supplicant configuration file | |
383 | # (see load_dynamic_eap parameter in the example file) before being used in | |
384 | # the network blocks. | |
385 | # | |
386 | # Note that some shared parts of EAP methods are included in the main program | |
387 | # and in order to be able to use dynamic EAP methods using these parts, the | |
388 | # main program must have been build with the EAP method enabled (=y or =dyn). | |
389 | # This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries | |
390 | # unless at least one of them was included in the main build to force inclusion | |
391 | # of the shared code. Similarly, at least one of EAP-SIM/AKA must be included | |
392 | # in the main build to be able to load these methods dynamically. | |
393 | # | |
394 | # Please also note that using dynamic libraries will increase the total binary | |
395 | # size. Thus, it may not be the best option for targets that have limited | |
396 | # amount of memory/flash. | |
397 | #CONFIG_DYNAMIC_EAP_METHODS=y | |
398 | ||
c1e033b0 | 399 | # IEEE Std 802.11r-2008 (Fast BSS Transition) |
6fc6879b JM |
400 | #CONFIG_IEEE80211R=y |
401 | ||
402 | # Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt) | |
403 | #CONFIG_DEBUG_FILE=y | |
404 | ||
fe885594 JM |
405 | # Send debug messages to syslog instead of stdout |
406 | #CONFIG_DEBUG_SYSLOG=y | |
407 | # Set syslog facility for debug messages | |
408 | #CONFIG_DEBUG_SYSLOG_FACILITY=LOG_DAEMON | |
409 | ||
6fc6879b JM |
410 | # Enable privilege separation (see README 'Privilege separation' for details) |
411 | #CONFIG_PRIVSEP=y | |
46690a3b JM |
412 | |
413 | # Enable mitigation against certain attacks against TKIP by delaying Michael | |
414 | # MIC error reports by a random amount of time between 0 and 60 seconds | |
415 | #CONFIG_DELAYED_MIC_ERROR_REPORT=y | |
b22b41ee JM |
416 | |
417 | # Enable tracing code for developer debugging | |
418 | # This tracks use of memory allocations and other registrations and reports | |
419 | # incorrect use with a backtrace of call (or allocation) location. | |
420 | #CONFIG_WPA_TRACE=y | |
953f0f63 MH |
421 | # For BSD, comment out these. |
422 | #LIBS += -lexecinfo | |
423 | #LIBS_p += -lexecinfo | |
424 | #LIBS_c += -lexecinfo | |
b22b41ee JM |
425 | |
426 | # Use libbfd to get more details for developer debugging | |
427 | # This enables use of libbfd to get more detailed symbols for the backtraces | |
428 | # generated by CONFIG_WPA_TRACE=y. | |
96603e4f | 429 | #CONFIG_WPA_TRACE_BFD=y |
953f0f63 MH |
430 | # For BSD, comment out these. |
431 | #LIBS += -lbfd -liberty -lz | |
432 | #LIBS_p += -lbfd -liberty -lz | |
433 | #LIBS_c += -lbfd -liberty -lz | |
bbb921da JM |
434 | |
435 | # wpa_supplicant depends on strong random number generation being available | |
436 | # from the operating system. os_get_random() function is used to fetch random | |
437 | # data when needed, e.g., for key generation. On Linux and BSD systems, this | |
438 | # works by reading /dev/urandom. It should be noted that the OS entropy pool | |
439 | # needs to be properly initialized before wpa_supplicant is started. This is | |
440 | # important especially on embedded devices that do not have a hardware random | |
441 | # number generator and may by default start up with minimal entropy available | |
442 | # for random number generation. | |
443 | # | |
444 | # As a safety net, wpa_supplicant is by default trying to internally collect | |
445 | # additional entropy for generating random data to mix in with the data fetched | |
446 | # from the OS. This by itself is not considered to be very strong, but it may | |
447 | # help in cases where the system pool is not initialized properly. However, it | |
448 | # is very strongly recommended that the system pool is initialized with enough | |
38e24575 | 449 | # entropy either by using hardware assisted random number generator or by |
bbb921da JM |
450 | # storing state over device reboots. |
451 | # | |
38e24575 JM |
452 | # wpa_supplicant can be configured to maintain its own entropy store over |
453 | # restarts to enhance random number generation. This is not perfect, but it is | |
454 | # much more secure than using the same sequence of random numbers after every | |
455 | # reboot. This can be enabled with -e<entropy file> command line option. The | |
456 | # specified file needs to be readable and writable by wpa_supplicant. | |
457 | # | |
458 | # If the os_get_random() is known to provide strong random data (e.g., on | |
bbb921da JM |
459 | # Linux/BSD, the board in question is known to have reliable source of random |
460 | # data from /dev/urandom), the internal wpa_supplicant random pool can be | |
461 | # disabled. This will save some in binary size and CPU use. However, this | |
462 | # should only be considered for builds that are known to be used on devices | |
463 | # that meet the requirements described above. | |
464 | #CONFIG_NO_RANDOM_POOL=y | |
03948f42 JM |
465 | |
466 | # IEEE 802.11n (High Throughput) support (mainly for AP mode) | |
467 | #CONFIG_IEEE80211N=y | |
46ee0427 JM |
468 | |
469 | # Interworking (IEEE 802.11u) | |
470 | # This can be used to enable functionality to improve interworking with | |
471 | # external networks (GAS/ANQP to learn more about the networks and network | |
472 | # selection based on available credentials). | |
473 | #CONFIG_INTERWORKING=y |