mochipon/authsae.patch

## authsae.patch
diff -ru a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile
--- a/package/libs/openssl/Makefile  2013-05-03 10:09:19.615819083 +0900
+++ b/package/libs/openssl/Makefile	2013-04-19 20:55:00.471361366 +0900
@@ -75,7 +75,7 @@

 OPENSSL_NO_CIPHERS:= no-idea no-md2 no-mdc2 no-rc5 no-sha0 no-smime \
 	no-rmd160 no-aes192 no-ripemd no-camellia no-ans1 no-krb5
-OPENSSL_OPTIONS:= shared no-ec no-err no-hw no-threads zlib-dynamic no-sse2
+OPENSSL_OPTIONS:= shared no-err no-hw no-threads zlib-dynamic no-sse2

 ifdef CONFIG_OPENSSL_ENGINE_CRYPTO
   OPENSSL_OPTIONS += -DHAVE_CRYPTODEV
@@ -86,6 +86,10 @@
   OPENSSL_OPTIONS += no-engines
 endif

+ifndef CONFIG_PACKAGE_authsae
+  OPENSSL_OPTIONS += no-ec
+endif
+
 ifeq ($(CONFIG_x86_64),y)
   OPENSSL_TARGET:=linux-x86_64
 else
diff -ru a/package/mac80211/files/lib/wifi/mac80211.sh b/package/mac80211/files/lib/wifi/mac80211.sh
--- a/package/mac80211/files/lib/wifi/mac80211.sh	2013-05-03 10:09:15.899819084 +0900
+++ b/package/mac80211/files/lib/wifi/mac80211.sh	2013-05-23 23:56:02.420456076 +0900
@@ -1,6 +1,68 @@
 #!/bin/sh
 append DRIVERS "mac80211"

+mac80211_authsae_setup_base() {
+	local vif="$1"
+	local cfgfile="$2"
+
+	config_get ifname "$vif" ifname
+	config_get meshid "$vif" mesh_id
+	config_get mesh_key "$vif" mesh_key
+	config_get device "$vif" device
+	config_get hwmode "$device" hwmode
+	config_get channel "$device" channel
+	config_get htmode "$device" htmode
+	config_get meshgate "$vif" mesh_gate
+
+	case "$htmode" in
+		HT20|HT40+|HT40-) htmode="$htmode";;
+		NOHT|none|*) htmode="none";;
+	esac
+
+	case "$hwmode" in
+		*g*) band=11g;;
+		*a*) band=11a;;
+	esac
+
+	cat > "$cfgfile" <<EOF
+authsae:
+{
+ sae:
+  {
+    debug = 480;
+    password = "$mesh_key";
+    group = [19, 26, 21, 25, 20];
+    blacklist = 5;
+    thresh = 5;
+    lifetime = 3600;
+  };
+ meshd:
+  {
+    meshid = "$meshid";
+    interface = "$ifname";
+    passive = 0;
+    debug = 1;
+    mediaopt = 1;
+    band = "$band";
+    channel = $channel;
+    htmode = "$htmode";
+    gate-annoucements = "$meshgate";
+  };
+};
+
+EOF
+}
+
+mac80211_authsae_setup_mbss() {
+	local vif="$1"
+
+	cfgfile="/var/run/authsae-$vif.conf"
+	config_get ifname "$vif" ifname
+
+	mac80211_authsae_setup_base "$vif" "$cfgfile"
+	meshd-nl80211 -c "$cfgfile" &
+}
+
 mac80211_hostapd_setup_base() {
 	local phy="$1"
 	local ifname="$2"
@@ -255,6 +317,9 @@
 			grep "$wdev" /proc/$pid/cmdline >/dev/null && \
 				kill $pid
 		done
+		for pid in `pidof meshd-nl80211`; do
+			kill $pid
+		done
 		ifconfig "$wdev" down 2>/dev/null
 		unbridge "$dev"
 		iw dev "$wdev" del
@@ -370,8 +435,12 @@
 				[ "$apidx" -gt 1 ] || iw phy "$phy" interface add "$ifname" type managed
 			;;
 			mesh)
+				local start_mesh
 				config_get mesh_id "$vif" mesh_id
-				iw phy "$phy" interface add "$ifname" type mp mesh_id "$mesh_id"
+				config_get mesh_key "$vif" mesh_key
+				# authsae starts the mesh otherwise
+				[ -z "$mesh_key" ] && start_mesh="mesh_id $mesh_id"
+				iw phy "$phy" interface add "$ifname" type mp $start_mesh
 			;;
 			monitor)
 				iw phy "$phy" interface add "$ifname" type monitor
@@ -536,6 +605,12 @@
 					}
 				fi
 			;;
+			mesh)
+				config_get mesh_key "$vif" mesh_key
+				if [ ! -z "$mesh_key" ]; then
+					mac80211_authsae_setup_mbss "$vif"
+				fi
+			;;
 		esac
 		[ "$mode" = "ap" ] || mac80211_start_vif "$vif" "$ifname"
 	done
diff -ruN a/package/authsae/Makefile b/package/authsae/Makefile
--- a/package/authsae/Makefile	1970-01-01 09:00:00.000000000 +0900
+++ b/package/authsae/Makefile	2013-04-25 21:23:54.323497787 +0900
@@ -0,0 +1,57 @@
+
+# Copyright (C) 2007-2010 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=authsae
+PKG_VERSION:=0.01
+PKG_RELEASE:=1
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=git://github.com/cozybit/authsae.git
+PKG_REV:=HEAD
+PKG_SOURCE_VERSION:=$(PKG_REV)
+
+PKG_BUILD_PARALLEL:=1
+CMAKE_INSTALL:=1
+
+CMAKE_OPTIONS = -DSYSCONF_INSTALL_DIR=/etc
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+define Package/authsae
+  SECTION:=net
+  CATEGORY:=Network
+  SUBMENU:=wireless
+  TITLE:=o11s mesh security
+  DEPENDS=libopenssl libconfig libnl
+endef
+
+TARGET_CFLAGS = -D_GNU_SOURCE
+
+define Package/authsae/install
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/linux/mon \
+			$(PKG_BUILD_DIR)/linux/meshd \
+			$(PKG_BUILD_DIR)/linux/meshd-nl80211 $(1)/usr/bin/
+	$(INSTALL_DIR) $(1)/etc
+	$(INSTALL_CONF) $(PKG_BUILD_DIR)/config/authsae.sample.cfg $(1)/etc/authsae.cfg
+endef
+
+define Package/conffiles
+	/etc/authsae.cfg
+endef
+
+define Build/compile
+	$(MAKE) -C $(PKG_BUILD_DIR)/linux
+endef
+
+$(eval $(call BuildPackage,authsae))
	diff -ru a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile
	--- a/package/libs/openssl/Makefile 2013-05-03 10:09:19.615819083 +0900
	+++ b/package/libs/openssl/Makefile 2013-04-19 20:55:00.471361366 +0900
	@@ -75,7 +75,7 @@

	OPENSSL_NO_CIPHERS:= no-idea no-md2 no-mdc2 no-rc5 no-sha0 no-smime \
	no-rmd160 no-aes192 no-ripemd no-camellia no-ans1 no-krb5
	-OPENSSL_OPTIONS:= shared no-ec no-err no-hw no-threads zlib-dynamic no-sse2
	+OPENSSL_OPTIONS:= shared no-err no-hw no-threads zlib-dynamic no-sse2

	ifdef CONFIG_OPENSSL_ENGINE_CRYPTO
	OPENSSL_OPTIONS += -DHAVE_CRYPTODEV
	@@ -86,6 +86,10 @@
	OPENSSL_OPTIONS += no-engines
	endif

	+ifndef CONFIG_PACKAGE_authsae
	+ OPENSSL_OPTIONS += no-ec
	+endif
	+
	ifeq ($(CONFIG_x86_64),y)
	OPENSSL_TARGET:=linux-x86_64
	else
	diff -ru a/package/mac80211/files/lib/wifi/mac80211.sh b/package/mac80211/files/lib/wifi/mac80211.sh
	--- a/package/mac80211/files/lib/wifi/mac80211.sh 2013-05-03 10:09:15.899819084 +0900
	+++ b/package/mac80211/files/lib/wifi/mac80211.sh 2013-05-23 23:56:02.420456076 +0900
	@@ -1,6 +1,68 @@
	#!/bin/sh
	append DRIVERS "mac80211"

	+mac80211_authsae_setup_base() {
	+ local vif="$1"
	+ local cfgfile="$2"
	+
	+ config_get ifname "$vif" ifname
	+ config_get meshid "$vif" mesh_id
	+ config_get mesh_key "$vif" mesh_key
	+ config_get device "$vif" device
	+ config_get hwmode "$device" hwmode
	+ config_get channel "$device" channel
	+ config_get htmode "$device" htmode
	+ config_get meshgate "$vif" mesh_gate
	+
	+ case "$htmode" in
	+ HT20\|HT40+\|HT40-) htmode="$htmode";;
	+ NOHT\|none\|*) htmode="none";;
	+ esac
	+
	+ case "$hwmode" in
	+ g) band=11g;;
	+ a) band=11a;;
	+ esac
	+
	+ cat > "$cfgfile" <<EOF
	+authsae:
	+{
	+ sae:
	+ {
	+ debug = 480;
	+ password = "$mesh_key";
	+ group = [19, 26, 21, 25, 20];
	+ blacklist = 5;
	+ thresh = 5;
	+ lifetime = 3600;
	+ };
	+ meshd:
	+ {
	+ meshid = "$meshid";
	+ interface = "$ifname";
	+ passive = 0;
	+ debug = 1;
	+ mediaopt = 1;
	+ band = "$band";
	+ channel = $channel;
	+ htmode = "$htmode";
	+ gate-annoucements = "$meshgate";
	+ };
	+};
	+
	+EOF
	+}
	+
	+mac80211_authsae_setup_mbss() {
	+ local vif="$1"
	+
	+ cfgfile="/var/run/authsae-$vif.conf"
	+ config_get ifname "$vif" ifname
	+
	+ mac80211_authsae_setup_base "$vif" "$cfgfile"
	+ meshd-nl80211 -c "$cfgfile" &
	+}
	+
	mac80211_hostapd_setup_base() {
	local phy="$1"
	local ifname="$2"
	@@ -255,6 +317,9 @@
	grep "$wdev" /proc/$pid/cmdline >/dev/null && \
	kill $pid
	done
	+ for pid in `pidof meshd-nl80211`; do
	+ kill $pid
	+ done
	ifconfig "$wdev" down 2>/dev/null
	unbridge "$dev"
	iw dev "$wdev" del
	@@ -370,8 +435,12 @@
	[ "$apidx" -gt 1 ] \|\| iw phy "$phy" interface add "$ifname" type managed
	;;
	mesh)
	+ local start_mesh
	config_get mesh_id "$vif" mesh_id
	- iw phy "$phy" interface add "$ifname" type mp mesh_id "$mesh_id"
	+ config_get mesh_key "$vif" mesh_key
	+ # authsae starts the mesh otherwise
	+ [ -z "$mesh_key" ] && start_mesh="mesh_id $mesh_id"
	+ iw phy "$phy" interface add "$ifname" type mp $start_mesh
	;;
	monitor)
	iw phy "$phy" interface add "$ifname" type monitor
	@@ -536,6 +605,12 @@
	}
	fi
	;;
	+ mesh)
	+ config_get mesh_key "$vif" mesh_key
	+ if [ ! -z "$mesh_key" ]; then
	+ mac80211_authsae_setup_mbss "$vif"
	+ fi
	+ ;;
	esac
	[ "$mode" = "ap" ] \|\| mac80211_start_vif "$vif" "$ifname"
	done
	diff -ruN a/package/authsae/Makefile b/package/authsae/Makefile
	--- a/package/authsae/Makefile 1970-01-01 09:00:00.000000000 +0900
	+++ b/package/authsae/Makefile 2013-04-25 21:23:54.323497787 +0900
	@@ -0,0 +1,57 @@
	+
	+# Copyright (C) 2007-2010 OpenWrt.org
	+#
	+# This is free software, licensed under the GNU General Public License v2.
	+# See /LICENSE for more information.
	+#
	+
	+include $(TOPDIR)/rules.mk
	+
	+PKG_NAME:=authsae
	+PKG_VERSION:=0.01
	+PKG_RELEASE:=1
	+
	+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
	+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
	+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
	+PKG_SOURCE_PROTO:=git
	+PKG_SOURCE_URL:=git://github.com/cozybit/authsae.git
	+PKG_REV:=HEAD
	+PKG_SOURCE_VERSION:=$(PKG_REV)
	+
	+PKG_BUILD_PARALLEL:=1
	+CMAKE_INSTALL:=1
	+
	+CMAKE_OPTIONS = -DSYSCONF_INSTALL_DIR=/etc
	+
	+include $(INCLUDE_DIR)/package.mk
	+include $(INCLUDE_DIR)/cmake.mk
	+
	+define Package/authsae
	+ SECTION:=net
	+ CATEGORY:=Network
	+ SUBMENU:=wireless
	+ TITLE:=o11s mesh security
	+ DEPENDS=libopenssl libconfig libnl
	+endef
	+
	+TARGET_CFLAGS = -D_GNU_SOURCE
	+
	+define Package/authsae/install
	+ $(INSTALL_DIR) $(1)/usr/bin
	+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/linux/mon \
	+ $(PKG_BUILD_DIR)/linux/meshd \
	+ $(PKG_BUILD_DIR)/linux/meshd-nl80211 $(1)/usr/bin/
	+ $(INSTALL_DIR) $(1)/etc
	+ $(INSTALL_CONF) $(PKG_BUILD_DIR)/config/authsae.sample.cfg $(1)/etc/authsae.cfg
	+endef
	+
	+define Package/conffiles
	+ /etc/authsae.cfg
	+endef
	+
	+define Build/compile
	+ $(MAKE) -C $(PKG_BUILD_DIR)/linux
	+endef
	+
	+$(eval $(call BuildPackage,authsae))