On Wed, Dec 13, 2017 at 04:55:15PM +0100, Stephan wrote: > Because ad-hoc wifi will slowly be replaced by mesh, openwrt/lede-project > should be able to use hostapd with mesh BUT without hard coded dependencies > to > openssl. hostapd does not support mesh, so I'm assuming you are talking about using wpa_supplicant with mesh (CONFIG_MESH=y) and SAE (CONFIG_SAE=y) support. > It would be create if hostapd implements such a layer between itself and > openssl, so other people may easily switch to different ssl implementation. > The ustream api may be suitable. I replaced the direct OpenSSL calls in SAE implementations five years ago with crypto wrappers: https://w1.fi/cgit/hostap/commit/?id=aadabe7045fe38846793cc577d78fae9cfe13d76 In other words, if someone is willing to work on implementing those crypto_*() wrapper functions for various small crypto libraries, SAE could be built with other libraries than OpenSSL. > Another question: when I only want to use mesh as replacement for adhoc and > without > any mesh routing defined by 802.11s, do I need ssl ? If not, can I configure > hostapd > build process to only have mesh functionality which is similar to adhoc? Mesh (802.11s) does not use SSL at all. It uses SAE for the secure network case and that requires certain crypto/FFC/ECC support from the crypto library. Using mesh without SAE (i.e., just open network) should work without such conditions, but anyway, I'd rather focus on getting small implementations of crypto functionality working with SAE. -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
