Fix builds that need SHA256 or mod_exp, but not TLS functions

src/crypto/crypto_gnutls.c

@@ -57,7 +57,6 @@ void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
 }
 
 
-#ifdef EAP_TLS_FUNCS
 void md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
 {
 	gcry_md_hd_t hd;
@@ -162,7 +161,6 @@ void aes_decrypt_deinit(void *ctx)
 	gcry_cipher_hd_t hd = ctx;
 	gcry_cipher_close(hd);
 }
-#endif /* EAP_TLS_FUNCS */
 
 
 int crypto_mod_exp(const u8 *base, size_t base_len,

src/crypto/crypto_internal.c

@@ -25,7 +25,7 @@
 #include "tls/asn1.h"
 
 
-#ifdef EAP_TLS_FUNCS
+#ifdef CONFIG_CRYPTO_INTERNAL
 
 #ifdef CONFIG_TLS_INTERNAL
 
@@ -788,6 +788,7 @@ int crypto_global_init(void)
 void crypto_global_deinit(void)
 {
 }
+#endif /* CONFIG_TLS_INTERNAL */
 
 
 #if defined(EAP_FAST) || defined(CONFIG_WPS)
@@ -830,6 +831,4 @@ error:
 #endif /* EAP_FAST || CONFIG_WPS */
 
 
-#endif /* CONFIG_TLS_INTERNAL */
-
-#endif /* EAP_TLS_FUNCS */
+#endif /* CONFIG_CRYPTO_INTERNAL */

src/crypto/tls_gnutls.c

@@ -989,11 +989,13 @@ u8 * tls_connection_handshake(void *ssl_ctx, struct tls_connection *conn,
 			return NULL;
 		}
 
+#ifdef CONFIG_GNUTLS_EXTRA
 		if (conn->tls_ia && !gnutls_ia_handshake_p(conn->session)) {
 			wpa_printf(MSG_INFO, "TLS: No TLS/IA negotiation");
 			conn->failed++;
 			return NULL;
 		}
+#endif /* CONFIG_GNUTLS_EXTRA */
 
 		if (conn->tls_ia)
 			wpa_printf(MSG_DEBUG, "TLS: Start TLS/IA handshake");

wpa_supplicant/Makefile

@@ -526,6 +526,7 @@ CONFIG_IEEE8021X_EAPOL=y
 NEED_DH_GROUPS=y
 NEED_SHA256=y
 NEED_BASE64=y
+NEED_CRYPTO=y
 
 ifdef CONFIG_WPS_UFD
 CFLAGS += -DCONFIG_WPS_UFD
@@ -703,23 +704,14 @@ OBJS += ../src/crypto/tls_internal.o
 OBJS += ../src/tls/tlsv1_common.o ../src/tls/tlsv1_record.o
 OBJS += ../src/tls/tlsv1_cred.o ../src/tls/tlsv1_client.o
 OBJS += ../src/tls/tlsv1_client_write.o ../src/tls/tlsv1_client_read.o
-OBJS += ../src/tls/asn1.o ../src/tls/x509v3.o
-OBJS_p += ../src/tls/asn1.o
+OBJS += ../src/tls/asn1.o ../src/tls/rsa.o ../src/tls/x509v3.o
+OBJS_p += ../src/tls/asn1.o ../src/tls/rsa.o
 OBJS_p += ../src/crypto/rc4.o ../src/crypto/aes_wrap.o ../src/crypto/aes.o
 NEED_BASE64=y
 NEED_TLS_PRF=y
 CFLAGS += -DCONFIG_TLS_INTERNAL
 CFLAGS += -DCONFIG_TLS_INTERNAL_CLIENT
 ifeq ($(CONFIG_CRYPTO), internal)
-ifdef CONFIG_INTERNAL_LIBTOMMATH
-CFLAGS += -DCONFIG_INTERNAL_LIBTOMMATH
-ifdef CONFIG_INTERNAL_LIBTOMMATH_FAST
-CFLAGS += -DLTM_FAST
-endif
-else
-LIBS += -ltommath
-LIBS_p += -ltommath
-endif
 endif
 ifeq ($(CONFIG_CRYPTO), libtomcrypt)
 LIBS += -ltomcrypt -ltfm
@@ -804,9 +796,18 @@ OBJS_p += ../src/crypto/crypto_libtomcrypt.o
 CONFIG_INTERNAL_SHA256=y
 endif
 ifeq ($(CONFIG_CRYPTO), internal)
-OBJS += ../src/crypto/crypto_internal.o ../src/tls/rsa.o ../src/tls/bignum.o
-OBJS_p += ../src/crypto/crypto_internal.o ../src/tls/rsa.o ../src/tls/bignum.o
+OBJS += ../src/crypto/crypto_internal.o ../src/tls/bignum.o
+OBJS_p += ../src/crypto/crypto_internal.o ../src/tls/bignum.o
 CFLAGS += -DCONFIG_CRYPTO_INTERNAL
+ifdef CONFIG_INTERNAL_LIBTOMMATH
+CFLAGS += -DCONFIG_INTERNAL_LIBTOMMATH
+ifdef CONFIG_INTERNAL_LIBTOMMATH_FAST
+CFLAGS += -DLTM_FAST
+endif
+else
+LIBS += -ltommath
+LIBS_p += -ltommath
+endif
 CONFIG_INTERNAL_AES=y
 CONFIG_INTERNAL_DES=y
 CONFIG_INTERNAL_SHA1=y