hostapd - support for embedded very small ssl implementations
Stephan
stephan at freifunk-dresden.de
Wed Dec 13 07:55:15 PST 2017
Hey,
Because ad-hoc wifi will slowly be replaced by mesh,
openwrt/lede-project
should be able to use hostapd with mesh BUT without hard coded
dependencies to
openssl.
Openssl implementation is extremly large for embedded systems running on
4Mbyte flash devices. It is simply not possible to create own router
firmware
with mesh support. Freifunk firmware (freifunk.net in germany) depends
on
4Mbyte flash routers.
The openwrt/lede-project has implemented an intermediate layer (ustream)
where a lot of ssl-applications linked against.
The user may then choose from different ssl implementations:
- cyassl
- mbedtls
- openssl
for each of those implementations there is its own
libustream-cyasll
libustream-mbedtls
libustream-openssl.
this lets the freedom to switch ssl implementations without need to
change
applications like https webserver, vpn, .....
openwrt/Lede-projects provides a package of hostapd with mesh support.
But
this implementation still relies on openssl.
It would be create if hostapd implements such a layer between itself and
openssl, so other people may easily switch to different ssl
implementation.
The ustream api may be suitable.
With this solution, wolfssl could also be supported. view month ago (I
believe August)
there was a patch for wolfssl provided in this mailing list.
Another question: when I only want to use mesh as replacement for adhoc
and without
any mesh routing defined by 802.11s, do I need ssl ? If not, can I
configure hostapd
build process to only have mesh functionality which is similar to adhoc?
Bye
Stephan
--
..............................................
Freifunk Dresden
www.freifunk-dresden.de
..............................................
More information about the Hostap
mailing list