Rename EAP server defines from EAP_* to EAP_SERVER_*

This allows separate set of EAP server and peer methods to be built into
a single binary.

hostapd/Makefile

@@ -201,19 +201,19 @@ endif
 
 
 ifdef CONFIG_EAP_MD5
-CFLAGS += -DEAP_MD5
+CFLAGS += -DEAP_SERVER_MD5
 OBJS += ../src/eap_server/eap_md5.o
 CHAP=y
 endif
 
 ifdef CONFIG_EAP_TLS
-CFLAGS += -DEAP_TLS
+CFLAGS += -DEAP_SERVER_TLS
 OBJS += ../src/eap_server/eap_tls.o
 TLS_FUNCS=y
 endif
 
 ifdef CONFIG_EAP_PEAP
-CFLAGS += -DEAP_PEAP
+CFLAGS += -DEAP_SERVER_PEAP
 OBJS += ../src/eap_server/eap_peap.o
 OBJS += ../src/eap_common/eap_peap_common.o
 TLS_FUNCS=y
@@ -221,37 +221,37 @@ CONFIG_EAP_MSCHAPV2=y
 endif
 
 ifdef CONFIG_EAP_TTLS
-CFLAGS += -DEAP_TTLS
+CFLAGS += -DEAP_SERVER_TTLS
 OBJS += ../src/eap_server/eap_ttls.o
 TLS_FUNCS=y
 CHAP=y
 endif
 
 ifdef CONFIG_EAP_MSCHAPV2
-CFLAGS += -DEAP_MSCHAPv2
+CFLAGS += -DEAP_SERVER_MSCHAPV2
 OBJS += ../src/eap_server/eap_mschapv2.o
 MS_FUNCS=y
 endif
 
 ifdef CONFIG_EAP_GTC
-CFLAGS += -DEAP_GTC
+CFLAGS += -DEAP_SERVER_GTC
 OBJS += ../src/eap_server/eap_gtc.o
 endif
 
 ifdef CONFIG_EAP_SIM
-CFLAGS += -DEAP_SIM
+CFLAGS += -DEAP_SERVER_SIM
 OBJS += ../src/eap_server/eap_sim.o
 CONFIG_EAP_SIM_COMMON=y
 endif
 
 ifdef CONFIG_EAP_AKA
-CFLAGS += -DEAP_AKA
+CFLAGS += -DEAP_SERVER_AKA
 OBJS += ../src/eap_server/eap_aka.o
 CONFIG_EAP_SIM_COMMON=y
 endif
 
 ifdef CONFIG_EAP_AKA_PRIME
-CFLAGS += -DEAP_AKA_PRIME
+CFLAGS += -DEAP_SERVER_AKA_PRIME
 endif
 
 ifdef CONFIG_EAP_SIM_COMMON
@@ -264,36 +264,36 @@ NEED_FIPS186_2_PRF=y
 endif
 
 ifdef CONFIG_EAP_PAX
-CFLAGS += -DEAP_PAX
+CFLAGS += -DEAP_SERVER_PAX
 OBJS += ../src/eap_server/eap_pax.o ../src/eap_common/eap_pax_common.o
 endif
 
 ifdef CONFIG_EAP_PSK
-CFLAGS += -DEAP_PSK
+CFLAGS += -DEAP_SERVER_PSK
 OBJS += ../src/eap_server/eap_psk.o ../src/eap_common/eap_psk_common.o
 endif
 
 ifdef CONFIG_EAP_SAKE
-CFLAGS += -DEAP_SAKE
+CFLAGS += -DEAP_SERVER_SAKE
 OBJS += ../src/eap_server/eap_sake.o ../src/eap_common/eap_sake_common.o
 endif
 
 ifdef CONFIG_EAP_GPSK
-CFLAGS += -DEAP_GPSK
+CFLAGS += -DEAP_SERVER_GPSK
 OBJS += ../src/eap_server/eap_gpsk.o ../src/eap_common/eap_gpsk_common.o
 ifdef CONFIG_EAP_GPSK_SHA256
-CFLAGS += -DEAP_GPSK_SHA256
+CFLAGS += -DEAP_SERVER_GPSK_SHA256
 endif
 NEED_SHA256=y
 endif
 
 ifdef CONFIG_EAP_VENDOR_TEST
-CFLAGS += -DEAP_VENDOR_TEST
+CFLAGS += -DEAP_SERVER_VENDOR_TEST
 OBJS += ../src/eap_server/eap_vendor_test.o
 endif
 
 ifdef CONFIG_EAP_FAST
-CFLAGS += -DEAP_FAST
+CFLAGS += -DEAP_SERVER_FAST
 OBJS += ../src/eap_server/eap_fast.o
 OBJS += ../src/eap_common/eap_fast_common.o
 TLS_FUNCS=y
@@ -301,7 +301,7 @@ NEED_T_PRF=y
 endif
 
 ifdef CONFIG_WPS
-CFLAGS += -DCONFIG_WPS -DEAP_WSC
+CFLAGS += -DCONFIG_WPS -DEAP_SERVER_WSC
 OBJS += ../src/utils/uuid.o
 OBJS += wps_hostapd.o
 OBJS += ../src/eap_server/eap_wsc.o ../src/eap_common/eap_wsc_common.o
@@ -355,14 +355,14 @@ endif
 endif
 
 ifdef CONFIG_EAP_IKEV2
-CFLAGS += -DEAP_IKEV2
+CFLAGS += -DEAP_SERVER_IKEV2
 OBJS += ../src/eap_server/eap_ikev2.o ../src/eap_server/ikev2.o
 OBJS += ../src/eap_common/eap_ikev2_common.o ../src/eap_common/ikev2_common.o
 NEED_DH_GROUPS=y
 endif
 
 ifdef CONFIG_EAP_TNC
-CFLAGS += -DEAP_TNC
+CFLAGS += -DEAP_SERVER_TNC
 OBJS += ../src/eap_server/eap_tnc.o
 OBJS += ../src/eap_server/tncs.o
 NEED_BASE64=y

hostapd/config.c

@@ -189,12 +189,12 @@ static void hostapd_config_defaults_bss(struct hostapd_bss_config *bss)
 	bss->assoc_sa_query_max_timeout = 1000;
 	bss->assoc_sa_query_retry_timeout = 201;
 #endif /* CONFIG_IEEE80211W */
-#ifdef EAP_FAST
+#ifdef EAP_SERVER_FAST
 	 /* both anonymous and authenticated provisioning */
 	bss->eap_fast_prov = 3;
 	bss->pac_key_lifetime = 7 * 24 * 60 * 60;
 	bss->pac_key_refresh_time = 1 * 24 * 60 * 60;
-#endif /* EAP_FAST */
+#endif /* EAP_SERVER_FAST */
 }
 
 
@@ -1573,7 +1573,7 @@ struct hostapd_config * hostapd_config_read(const char *fname)
 		} else if (os_strcmp(buf, "dh_file") == 0) {
 			os_free(bss->dh_file);
 			bss->dh_file = os_strdup(pos);
-#ifdef EAP_FAST
+#ifdef EAP_SERVER_FAST
 		} else if (os_strcmp(buf, "pac_opaque_encr_key") == 0) {
 			os_free(bss->pac_opaque_encr_key);
 			bss->pac_opaque_encr_key = os_malloc(16);
@@ -1615,18 +1615,18 @@ struct hostapd_config * hostapd_config_read(const char *fname)
 			bss->pac_key_lifetime = atoi(pos);
 		} else if (os_strcmp(buf, "pac_key_refresh_time") == 0) {
 			bss->pac_key_refresh_time = atoi(pos);
-#endif /* EAP_FAST */
-#ifdef EAP_SIM
+#endif /* EAP_SERVER_FAST */
+#ifdef EAP_SERVER_SIM
 		} else if (os_strcmp(buf, "eap_sim_db") == 0) {
 			os_free(bss->eap_sim_db);
 			bss->eap_sim_db = os_strdup(pos);
 		} else if (os_strcmp(buf, "eap_sim_aka_result_ind") == 0) {
 			bss->eap_sim_aka_result_ind = atoi(pos);
-#endif /* EAP_SIM */
-#ifdef EAP_TNC
+#endif /* EAP_SERVER_SIM */
+#ifdef EAP_SERVER_TNC
 		} else if (os_strcmp(buf, "tnc") == 0) {
 			bss->tnc = atoi(pos);
-#endif /* EAP_TNC */
+#endif /* EAP_SERVER_TNC */
 #endif /* EAP_SERVER */
 		} else if (os_strcmp(buf, "eap_message") == 0) {
 			char *term;

hostapd/hostapd.c

@@ -1834,9 +1834,9 @@ static int hostapd_global_init(struct hapd_interfaces *interfaces)
 
 static void hostapd_global_deinit(const char *pid_file)
 {
-#ifdef EAP_TNC
+#ifdef EAP_SERVER_TNC
 	tncs_global_deinit();
-#endif /* EAP_TNC */
+#endif /* EAP_SERVER_TNC */
 
 	eloop_destroy();
 
@@ -1900,7 +1900,7 @@ static struct hostapd_iface * hostapd_interface_init(const char *config_fname,
 static int hostapd_global_run(struct hapd_interfaces *ifaces, int daemonize,
 			      const char *pid_file)
 {
-#ifdef EAP_TNC
+#ifdef EAP_SERVER_TNC
 	int tnc = 0;
 	size_t i, k;
 
@@ -1917,7 +1917,7 @@ static int hostapd_global_run(struct hapd_interfaces *ifaces, int daemonize,
 		wpa_printf(MSG_ERROR, "Failed to initialize TNCS");
 		return -1;
 	}
-#endif /* EAP_TNC */
+#endif /* EAP_SERVER_TNC */
 
 	if (daemonize && os_daemonize(pid_file)) {
 		perror("daemon");

src/crypto/crypto_internal.c

@@ -791,7 +791,7 @@ void crypto_global_deinit(void)
 #endif /* CONFIG_TLS_INTERNAL */
 
 
-#if defined(EAP_FAST) || defined(CONFIG_WPS)
+#if defined(EAP_FAST) || defined(EAP_SERVER_FAST) || defined(CONFIG_WPS)
 
 int crypto_mod_exp(const u8 *base, size_t base_len,
 		   const u8 *power, size_t power_len,
@@ -828,7 +828,7 @@ error:
 	return ret;
 }
 
-#endif /* EAP_FAST || CONFIG_WPS */
+#endif /* EAP_FAST || EAP_SERVER_FAST || CONFIG_WPS */
 
 
 #endif /* CONFIG_CRYPTO_INTERNAL */

src/crypto/crypto_libtomcrypt.c

@@ -697,7 +697,7 @@ void crypto_global_deinit(void)
 }
 
 
-#ifdef EAP_FAST
+#if defined(EAP_FAST) || defined(EAP_SERVER_FAST)
 
 int crypto_mod_exp(const u8 *base, size_t base_len,
 		   const u8 *power, size_t power_len,
@@ -729,7 +729,7 @@ fail:
 	return -1;
 }
 
-#endif /* EAP_FAST */
+#endif /* EAP_FAST || EAP_SERVER_FAST */
 
 #endif /* CONFIG_TLS_INTERNAL */
 

src/crypto/tls_openssl.c

@@ -2339,7 +2339,7 @@ int tls_connection_enable_workaround(void *ssl_ctx,
 }
 
 
-#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC)
+#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST)
 /* ClientHello TLS extensions require a patch to openssl, so this function is
  * commented out unless explicitly needed for EAP-FAST in order to be able to
  * build this file with unmodified openssl. */
@@ -2362,7 +2362,7 @@ int tls_connection_client_hello_ext(void *ssl_ctx, struct tls_connection *conn,
 
 	return 0;
 }
-#endif /* EAP_FAST || EAP_FAST_DYNAMIC */
+#endif /* EAP_FAST || EAP_FAST_DYNAMIC || EAP_SERVER_FAST */
 
 
 int tls_connection_get_failed(void *ssl_ctx, struct tls_connection *conn)
@@ -2553,7 +2553,7 @@ int tls_connection_ia_permute_inner_secret(void *tls_ctx,
 }
 
 
-#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC)
+#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST)
 /* Pre-shared secred requires a patch to openssl, so this function is
  * commented out unless explicitly needed for EAP-FAST in order to be able to
  * build this file with unmodified openssl. */
@@ -2666,7 +2666,7 @@ static int tls_hello_ext_cb(SSL *s, TLS_EXTENSION *ext, void *arg)
 }
 #endif /* SSL_OP_NO_TICKET */
 #endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */
-#endif /* EAP_FAST || EAP_FAST_DYNAMIC */
+#endif /* EAP_FAST || EAP_FAST_DYNAMIC || EAP_SERVER_FAST */
 
 
 int tls_connection_set_session_ticket_cb(void *tls_ctx,
@@ -2674,7 +2674,7 @@ int tls_connection_set_session_ticket_cb(void *tls_ctx,
 					 tls_session_ticket_cb cb,
 					 void *ctx)
 {
-#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC)
+#if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST)
 	conn->session_ticket_cb = cb;
 	conn->session_ticket_cb_ctx = ctx;
 
@@ -2712,7 +2712,7 @@ int tls_connection_set_session_ticket_cb(void *tls_ctx,
 	}
 
 	return 0;
-#else /* EAP_FAST || EAP_FAST_DYNAMIC */
+#else /* EAP_FAST || EAP_FAST_DYNAMIC || EAP_SERVER_FAST */
 	return -1;
-#endif /* EAP_FAST || EAP_FAST_DYNAMIC */
+#endif /* EAP_FAST || EAP_FAST_DYNAMIC || EAP_SERVER_FAST */
 }

src/eap_common/eap_sim_common.c

@@ -233,7 +233,7 @@ void eap_sim_add_mac(const u8 *k_aut, const u8 *msg, size_t msg_len, u8 *mac,
 }
 
 
-#ifdef EAP_AKA_PRIME
+#if defined(EAP_AKA_PRIME) || defined(EAP_SERVER_AKA_PRIME)
 static void prf_prime(const u8 *k, const char *seed1,
 		      const u8 *seed2, size_t seed2_len,
 		      const u8 *seed3, size_t seed3_len,
@@ -496,7 +496,7 @@ void eap_aka_prime_derive_ck_ik_prime(u8 *ck, u8 *ik, const u8 *sqn_ak,
 	wpa_hexdump_key(MSG_DEBUG, "EAP-AKA': CK'", ck, EAP_AKA_CK_LEN);
 	wpa_hexdump_key(MSG_DEBUG, "EAP-AKA': IK'", ik, EAP_AKA_IK_LEN);
 }
-#endif /* EAP_AKA_PRIME */
+#endif /* EAP_AKA_PRIME || EAP_SERVER_AKA_PRIME */
 
 
 int eap_sim_parse_attr(const u8 *start, const u8 *end,
@@ -858,7 +858,7 @@ int eap_sim_parse_attr(const u8 *start, const u8 *end,
 			wpa_printf(MSG_DEBUG, "EAP-SIM: AT_RESULT_IND");
 			attr->result_ind = 1;
 			break;
-#ifdef EAP_AKA_PRIME
+#if defined(EAP_AKA_PRIME) || defined(EAP_SERVER_AKA_PRIME)
 		case EAP_SIM_AT_KDF_INPUT:
 			if (aka != 2) {
 				wpa_printf(MSG_INFO, "EAP-AKA: Unexpected "
@@ -913,7 +913,7 @@ int eap_sim_parse_attr(const u8 *start, const u8 *end,
 			}
 			attr->bidding = apos;
 			break;
-#endif /* EAP_AKA_PRIME */
+#endif /* EAP_AKA_PRIME || EAP_SERVER_AKA_PRIME */
 		default:
 			if (pos[0] < 128) {
 				wpa_printf(MSG_INFO, "EAP-SIM: Unrecognized "
@@ -1023,14 +1023,14 @@ struct wpabuf * eap_sim_msg_finish(struct eap_sim_msg *msg, const u8 *k_aut,
 	eap = wpabuf_mhead(msg->buf);
 	eap->length = host_to_be16(wpabuf_len(msg->buf));
 
-#ifdef EAP_AKA_PRIME
+#if defined(EAP_AKA_PRIME) || defined(EAP_SERVER_AKA_PRIME)
 	if (k_aut && msg->mac && msg->type == EAP_TYPE_AKA_PRIME) {
 		eap_sim_add_mac_sha256(k_aut, (u8 *) wpabuf_head(msg->buf),
 				       wpabuf_len(msg->buf),
 				       (u8 *) wpabuf_mhead(msg->buf) +
 				       msg->mac, extra, extra_len);
 	} else
-#endif /* EAP_AKA_PRIME */
+#endif /* EAP_AKA_PRIME || EAP_SERVER_AKA_PRIME */
 	if (k_aut && msg->mac) {
 		eap_sim_add_mac(k_aut, (u8 *) wpabuf_head(msg->buf),
 				wpabuf_len(msg->buf),

src/eap_common/eap_sim_common.h

@@ -94,7 +94,7 @@ int eap_sim_verify_mac(const u8 *k_aut, const struct wpabuf *req,
 void eap_sim_add_mac(const u8 *k_aut, const u8 *msg, size_t msg_len, u8 *mac,
 		     const u8 *extra, size_t extra_len);
 
-#ifdef EAP_AKA_PRIME
+#if defined(EAP_AKA_PRIME) || defined(EAP_SERVER_AKA_PRIME)
 void eap_aka_prime_derive_keys(const u8 *identity, size_t identity_len,
 			       const u8 *ik, const u8 *ck, u8 *k_encr,
 			       u8 *k_aut, u8 *k_re, u8 *msk, u8 *emsk);
@@ -110,7 +110,7 @@ void eap_sim_add_mac_sha256(const u8 *k_aut, const u8 *msg, size_t msg_len,
 void eap_aka_prime_derive_ck_ik_prime(u8 *ck, u8 *ik, const u8 *sqn_ak,
 				      const u8 *network_name,
 				      size_t network_name_len);
-#else /* EAP_AKA_PRIME */
+#else /* EAP_AKA_PRIME || EAP_SERVER_AKA_PRIME */
 static inline void eap_aka_prime_derive_keys(const u8 *identity,
 					     size_t identity_len,
 					     const u8 *ik, const u8 *ck,
@@ -135,7 +135,7 @@ static inline int eap_sim_verify_mac_sha256(const u8 *k_aut,
 {
 	return -1;
 }
-#endif /* EAP_AKA_PRIME */
+#endif /* EAP_AKA_PRIME || EAP_SERVER_AKA_PRIME */
 
 
 /* EAP-SIM/AKA Attributes (0..127 non-skippable) */

src/eap_server/eap_aka.c

@@ -116,7 +116,7 @@ static void * eap_aka_init(struct eap_sm *sm)
 }
 
 
-#ifdef EAP_AKA_PRIME
+#ifdef EAP_SERVER_AKA_PRIME
 static void * eap_aka_prime_init(struct eap_sm *sm)
 {
 	struct eap_aka_data *data;
@@ -148,7 +148,7 @@ static void * eap_aka_prime_init(struct eap_sm *sm)
 
 	return data;
 }
-#endif /* EAP_AKA_PRIME */
+#endif /* EAP_SERVER_AKA_PRIME */
 
 
 static void eap_aka_reset(struct eap_sm *sm, void *priv)
@@ -399,7 +399,7 @@ static struct wpabuf * eap_aka_build_challenge(struct eap_sm *sm,
 		eap_sim_msg_add(msg, EAP_SIM_AT_RESULT_IND, 0, NULL, 0);
 	}
 
-#ifdef EAP_AKA_PRIME
+#ifdef EAP_SERVER_AKA_PRIME
 	if (data->eap_method == EAP_TYPE_AKA) {
 		u16 flags = 0;
 		int i;
@@ -426,7 +426,7 @@ static struct wpabuf * eap_aka_build_challenge(struct eap_sm *sm,
 			flags |= EAP_AKA_BIDDING_FLAG_D;
 		eap_sim_msg_add(msg, EAP_SIM_AT_BIDDING, flags, NULL, 0);
 	}
-#endif /* EAP_AKA_PRIME */
+#endif /* EAP_SERVER_AKA_PRIME */
 
 	wpa_printf(MSG_DEBUG, "   AT_MAC");
 	eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
@@ -701,7 +701,7 @@ static void eap_aka_determine_identity(struct eap_sm *sm,
 		return;
 	}
 
-#ifdef EAP_AKA_PRIME
+#ifdef EAP_SERVER_AKA_PRIME
 	if (data->eap_method == EAP_TYPE_AKA_PRIME) {
 		/* Note: AUTN = (SQN ^ AK) || AMF || MAC which gives us the
 		 * needed 6-octet SQN ^AK for CK',IK' derivation */
@@ -710,7 +710,7 @@ static void eap_aka_determine_identity(struct eap_sm *sm,
 						 data->network_name,
 						 data->network_name_len);
 	}
-#endif /* EAP_AKA_PRIME */
+#endif /* EAP_SERVER_AKA_PRIME */
 
 	data->reauth = NULL;
 	data->counter = 0; /* reset re-auth counter since this is full auth */
@@ -807,7 +807,7 @@ static void eap_aka_process_challenge(struct eap_sm *sm,
 
 	wpa_printf(MSG_DEBUG, "EAP-AKA: Processing Challenge");
 
-#ifdef EAP_AKA_PRIME
+#ifdef EAP_SERVER_AKA_PRIME
 #if 0
 	/* KDF negotiation; to be enabled only after more than one KDF is
 	 * supported */
@@ -830,7 +830,7 @@ static void eap_aka_process_challenge(struct eap_sm *sm,
 		return;
 	}
 #endif
-#endif /* EAP_AKA_PRIME */
+#endif /* EAP_SERVER_AKA_PRIME */
 
 	if (attr->checkcode &&
 	    eap_aka_verify_checkcode(data, attr->checkcode,
@@ -892,7 +892,7 @@ static void eap_aka_process_challenge(struct eap_sm *sm,
 	}
 	if (data->next_reauth_id) {
 		if (data->eap_method == EAP_TYPE_AKA_PRIME) {
-#ifdef EAP_AKA_PRIME
+#ifdef EAP_SERVER_AKA_PRIME
 			eap_sim_db_add_reauth_prime(sm->eap_sim_db_priv,
 						    identity,
 						    identity_len,
@@ -900,7 +900,7 @@ static void eap_aka_process_challenge(struct eap_sm *sm,
 						    data->counter + 1,
 						    data->k_encr, data->k_aut,
 						    data->k_re);
-#endif /* EAP_AKA_PRIME */
+#endif /* EAP_SERVER_AKA_PRIME */
 		} else {
 			eap_sim_db_add_reauth(sm->eap_sim_db_priv, identity,
 					      identity_len,
@@ -1031,7 +1031,7 @@ static void eap_aka_process_reauth(struct eap_sm *sm,
 	}
 	if (data->next_reauth_id) {
 		if (data->eap_method == EAP_TYPE_AKA_PRIME) {
-#ifdef EAP_AKA_PRIME
+#ifdef EAP_SERVER_AKA_PRIME
 			eap_sim_db_add_reauth_prime(sm->eap_sim_db_priv,
 						    identity,
 						    identity_len,
@@ -1039,7 +1039,7 @@ static void eap_aka_process_reauth(struct eap_sm *sm,
 						    data->counter + 1,
 						    data->k_encr, data->k_aut,
 						    data->k_re);
-#endif /* EAP_AKA_PRIME */
+#endif /* EAP_SERVER_AKA_PRIME */
 		} else {
 			eap_sim_db_add_reauth(sm->eap_sim_db_priv, identity,
 					      identity_len,
@@ -1247,7 +1247,7 @@ int eap_server_aka_register(void)
 }
 
 
-#ifdef EAP_AKA_PRIME
+#ifdef EAP_SERVER_AKA_PRIME
 int eap_server_aka_prime_register(void)
 {
 	struct eap_method *eap;
@@ -1275,4 +1275,4 @@ int eap_server_aka_prime_register(void)
 
 	return ret;
 }
-#endif /* EAP_AKA_PRIME */
+#endif /* EAP_SERVER_AKA_PRIME */

src/eap_server/eap_fast.c

@@ -942,7 +942,7 @@ static void eap_fast_process_phase2_response(struct eap_sm *sm,
 		left = in_len - sizeof(*hdr);
 		wpa_hexdump(MSG_DEBUG, "EAP-FAST: Phase2 type Nak'ed; "
 			    "allowed types", pos + 1, left - 1);
-#ifdef EAP_TNC
+#ifdef EAP_SERVER_TNC
 		if (m && m->vendor == EAP_VENDOR_IETF &&
 		    m->method == EAP_TYPE_TNC) {
 			wpa_printf(MSG_DEBUG, "EAP-FAST: Peer Nak'ed required "
@@ -951,7 +951,7 @@ static void eap_fast_process_phase2_response(struct eap_sm *sm,
 			eap_fast_phase2_init(sm, data, next_type);
 			return;
 		}
-#endif /* EAP_TNC */
+#endif /* EAP_SERVER_TNC */
 		eap_sm_process_nak(sm, pos + 1, left - 1);
 		if (sm->user && sm->user_eap_method_index < EAP_MAX_METHODS &&
 		    sm->user->methods[sm->user_eap_method_index].method !=
@@ -1019,13 +1019,13 @@ static void eap_fast_process_phase2_response(struct eap_sm *sm,
 		eap_fast_state(data, CRYPTO_BINDING);
 		data->eap_seq++;
 		next_type = EAP_TYPE_NONE;
-#ifdef EAP_TNC
+#ifdef EAP_SERVER_TNC
 		if (sm->tnc && !data->tnc_started) {
 			wpa_printf(MSG_DEBUG, "EAP-FAST: Initialize TNC");
 			next_type = EAP_TYPE_TNC;
 			data->tnc_started = 1;
 		}
-#endif /* EAP_TNC */
+#endif /* EAP_SERVER_TNC */
 		break;
 	case FAILURE:
 		break;

src/eap_server/eap_gtc.c

@@ -33,14 +33,14 @@ static void * eap_gtc_init(struct eap_sm *sm)
 		return NULL;
 	data->state = CONTINUE;
 
-#ifdef EAP_FAST
+#ifdef EAP_SERVER_FAST
 	if (sm->m && sm->m->vendor == EAP_VENDOR_IETF &&
 	    sm->m->method == EAP_TYPE_FAST) {
 		wpa_printf(MSG_DEBUG, "EAP-GTC: EAP-FAST tunnel - use prefix "
 			   "with challenge/response");
 		data->prefix = 1;
 	}
-#endif /* EAP_FAST */
+#endif /* EAP_SERVER_FAST */
 
 	return data;
 }
@@ -109,7 +109,7 @@ static void eap_gtc_process(struct eap_sm *sm, void *priv,
 
 	wpa_hexdump_ascii_key(MSG_MSGDUMP, "EAP-GTC: Response", pos, rlen);
 
-#ifdef EAP_FAST
+#ifdef EAP_SERVER_FAST
 	if (data->prefix) {
 		const u8 *pos2, *end;
 		/* "RESPONSE=<user>\0<password>" */
@@ -170,7 +170,7 @@ static void eap_gtc_process(struct eap_sm *sm, void *priv,
 				      "EAP-GTC: Response password",
 				      pos, rlen);
 	}
-#endif /* EAP_FAST */
+#endif /* EAP_SERVER_FAST */
 
 	if (sm->user == NULL || sm->user->password == NULL ||
 	    sm->user->password_hash) {

src/eap_server/eap_methods.c

@@ -149,138 +149,138 @@ int eap_server_register_methods(void)
 		ret = eap_server_identity_register();
 	}
 
-#ifdef EAP_MD5
+#ifdef EAP_SERVER_MD5
 	if (ret == 0) {
 		int eap_server_md5_register(void);
 		ret = eap_server_md5_register();
 	}
-#endif /* EAP_MD5 */
+#endif /* EAP_SERVER_MD5 */
 
-#ifdef EAP_TLS
+#ifdef EAP_SERVER_TLS
 	if (ret == 0) {
 		int eap_server_tls_register(void);
 		ret = eap_server_tls_register();
 	}
-#endif /* EAP_TLS */
+#endif /* EAP_SERVER_TLS */
 
-#ifdef EAP_MSCHAPv2
+#ifdef EAP_SERVER_MSCHAPV2
 	if (ret == 0) {
 		int eap_server_mschapv2_register(void);
 		ret = eap_server_mschapv2_register();
 	}
-#endif /* EAP_MSCHAPv2 */
+#endif /* EAP_SERVER_MSCHAPV2 */
 
-#ifdef EAP_PEAP
+#ifdef EAP_SERVER_PEAP
 	if (ret == 0) {
 		int eap_server_peap_register(void);
 		ret = eap_server_peap_register();
 	}
-#endif /* EAP_PEAP */
+#endif /* EAP_SERVER_PEAP */
 
-#ifdef EAP_TLV
+#ifdef EAP_SERVER_TLV
 	if (ret == 0) {
 		int eap_server_tlv_register(void);
 		ret = eap_server_tlv_register();
 	}
-#endif /* EAP_TLV */
+#endif /* EAP_SERVER_TLV */
 
-#ifdef EAP_GTC
+#ifdef EAP_SERVER_GTC
 	if (ret == 0) {
 		int eap_server_gtc_register(void);
 		ret = eap_server_gtc_register();
 	}
-#endif /* EAP_GTC */
+#endif /* EAP_SERVER_GTC */
 
-#ifdef EAP_TTLS
+#ifdef EAP_SERVER_TTLS
 	if (ret == 0) {
 		int eap_server_ttls_register(void);
 		ret = eap_server_ttls_register();
 	}
-#endif /* EAP_TTLS */
+#endif /* EAP_SERVER_TTLS */
 
-#ifdef EAP_SIM
+#ifdef EAP_SERVER_SIM
 	if (ret == 0) {
 		int eap_server_sim_register(void);
 		ret = eap_server_sim_register();
 	}
-#endif /* EAP_SIM */
+#endif /* EAP_SERVER_SIM */
 
-#ifdef EAP_AKA
+#ifdef EAP_SERVER_AKA
 	if (ret == 0) {
 		int eap_server_aka_register(void);
 		ret = eap_server_aka_register();
 	}
-#endif /* EAP_AKA */
+#endif /* EAP_SERVER_AKA */
 
-#ifdef EAP_AKA_PRIME
+#ifdef EAP_SERVER_AKA_PRIME
 	if (ret == 0) {
 		int eap_server_aka_prime_register(void);
 		ret = eap_server_aka_prime_register();
 	}
-#endif /* EAP_AKA_PRIME */
+#endif /* EAP_SERVER_AKA_PRIME */
 
-#ifdef EAP_PAX
+#ifdef EAP_SERVER_PAX
 	if (ret == 0) {
 		int eap_server_pax_register(void);
 		ret = eap_server_pax_register();
 	}
-#endif /* EAP_PAX */
+#endif /* EAP_SERVER_PAX */
 
-#ifdef EAP_PSK
+#ifdef EAP_SERVER_PSK
 	if (ret == 0) {
 		int eap_server_psk_register(void);
 		ret = eap_server_psk_register();
 	}
-#endif /* EAP_PSK */
+#endif /* EAP_SERVER_PSK */
 
-#ifdef EAP_SAKE
+#ifdef EAP_SERVER_SAKE
 	if (ret == 0) {
 		int eap_server_sake_register(void);
 		ret = eap_server_sake_register();
 	}
-#endif /* EAP_SAKE */
+#endif /* EAP_SERVER_SAKE */
 
-#ifdef EAP_GPSK
+#ifdef EAP_SERVER_GPSK
 	if (ret == 0) {
 		int eap_server_gpsk_register(void);
 		ret = eap_server_gpsk_register();
 	}
-#endif /* EAP_GPSK */
+#endif /* EAP_SERVER_GPSK */
 
-#ifdef EAP_VENDOR_TEST
+#ifdef EAP_SERVER_VENDOR_TEST
 	if (ret == 0) {
 		int eap_server_vendor_test_register(void);
 		ret = eap_server_vendor_test_register();
 	}
-#endif /* EAP_VENDOR_TEST */
+#endif /* EAP_SERVER_VENDOR_TEST */
 
-#ifdef EAP_FAST
+#ifdef EAP_SERVER_FAST
 	if (ret == 0) {
 		int eap_server_fast_register(void);
 		ret = eap_server_fast_register();
 	}
-#endif /* EAP_FAST */
+#endif /* EAP_SERVER_FAST */
 
-#ifdef EAP_WSC
+#ifdef EAP_SERVER_WSC
 	if (ret == 0) {
 		int eap_server_wsc_register(void);
 		ret = eap_server_wsc_register();
 	}
-#endif /* EAP_WSC */
+#endif /* EAP_SERVER_WSC */
 
-#ifdef EAP_IKEV2
+#ifdef EAP_SERVER_IKEV2
 	if (ret == 0) {
 		int eap_server_ikev2_register(void);
 		ret = eap_server_ikev2_register();
 	}
-#endif /* EAP_IKEV2 */
+#endif /* EAP_SERVER_IKEV2 */
 
-#ifdef EAP_TNC
+#ifdef EAP_SERVER_TNC
 	if (ret == 0) {
 		int eap_server_tnc_register(void);
 		ret = eap_server_tnc_register();
 	}
-#endif /* EAP_TNC */
+#endif /* EAP_SERVER_TNC */
 
 	return ret;
 }

src/eap_server/eap_peap.c

@@ -267,7 +267,7 @@ static struct wpabuf * eap_peap_build_phase2_req(struct eap_sm *sm,
 }
 
 
-#ifdef EAP_TNC
+#ifdef EAP_SERVER_TNC
 static struct wpabuf * eap_peap_build_phase2_soh(struct eap_sm *sm,
 						 struct eap_peap_data *data,
 						 u8 id)
@@ -303,7 +303,7 @@ static struct wpabuf * eap_peap_build_phase2_soh(struct eap_sm *sm,
 
 	return encr_req;
 }
-#endif /* EAP_TNC */
+#endif /* EAP_SERVER_TNC */
 
 
 static void eap_peap_get_isk(struct eap_peap_data *data,
@@ -375,10 +375,10 @@ static struct wpabuf * eap_peap_build_phase2_tlv(struct eap_sm *sm,
 	mlen = 6; /* Result TLV */
 	if (data->crypto_binding != NO_BINDING)
 		mlen += 60; /* Cryptobinding TLV */
-#ifdef EAP_TNC
+#ifdef EAP_SERVER_TNC
 	if (data->soh_response)
 		mlen += wpabuf_len(data->soh_response);
-#endif /* EAP_TNC */
+#endif /* EAP_SERVER_TNC */
 
 	buf = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_TLV, mlen,
 			    EAP_CODE_REQUEST, id);
@@ -401,7 +401,7 @@ static struct wpabuf * eap_peap_build_phase2_tlv(struct eap_sm *sm,
 		size_t len[2];
 		u16 tlv_type;
 
-#ifdef EAP_TNC
+#ifdef EAP_SERVER_TNC
 		if (data->soh_response) {
 			wpa_printf(MSG_DEBUG, "EAP-PEAP: Adding MS-SOH "
 				   "Response TLV");
@@ -409,7 +409,7 @@ static struct wpabuf * eap_peap_build_phase2_tlv(struct eap_sm *sm,
 			wpabuf_free(data->soh_response);
 			data->soh_response = NULL;
 		}
-#endif /* EAP_TNC */
+#endif /* EAP_SERVER_TNC */
 
 		if (eap_peap_derive_cmk(sm, data) < 0 ||
 		    os_get_random(data->binding_nonce, 32)) {
@@ -517,13 +517,13 @@ static struct wpabuf * eap_peap_buildReq(struct eap_sm *sm, void *priv, u8 id)
 		data->ssl.out_used = 0;
 		data->ssl.out_buf = eap_peap_build_phase2_req(sm, data, id);
 		break;
-#ifdef EAP_TNC
+#ifdef EAP_SERVER_TNC
 	case PHASE2_SOH:
 		wpabuf_free(data->ssl.out_buf);
 		data->ssl.out_used = 0;
 		data->ssl.out_buf = eap_peap_build_phase2_soh(sm, data, id);
 		break;
-#endif /* EAP_TNC */
+#endif /* EAP_SERVER_TNC */
 	case PHASE2_TLV:
 		wpabuf_free(data->ssl.out_buf);
 		data->ssl.out_used = 0;
@@ -757,7 +757,7 @@ static void eap_peap_process_phase2_tlv(struct eap_sm *sm,
 }
 
 
-#ifdef EAP_TNC
+#ifdef EAP_SERVER_TNC
 static void eap_peap_process_phase2_soh(struct eap_sm *sm,
 					struct eap_peap_data *data,
 					struct wpabuf *in_data)
@@ -885,7 +885,7 @@ auth_method:
 	wpa_printf(MSG_DEBUG, "EAP-PEAP: try EAP type %d", next_type);
 	eap_peap_phase2_init(sm, data, next_type);
 }
-#endif /* EAP_TNC */
+#endif /* EAP_SERVER_TNC */
 
 
 static void eap_peap_process_phase2_response(struct eap_sm *sm,
@@ -902,12 +902,12 @@ static void eap_peap_process_phase2_response(struct eap_sm *sm,
 		return;
 	}
 
-#ifdef EAP_TNC
+#ifdef EAP_SERVER_TNC
 	if (data->state == PHASE2_SOH) {
 		eap_peap_process_phase2_soh(sm, data, in_data);
 		return;
 	}
-#endif /* EAP_TNC */
+#endif /* EAP_SERVER_TNC */
 
 	if (data->phase2_priv == NULL) {
 		wpa_printf(MSG_DEBUG, "EAP-PEAP: %s - Phase2 not "
@@ -991,7 +991,7 @@ static void eap_peap_process_phase2_response(struct eap_sm *sm,
 			break;
 		}
 
-#ifdef EAP_TNC
+#ifdef EAP_SERVER_TNC
 		if (data->state != PHASE2_SOH && sm->tnc &&
 		    data->peap_version == 0) {
 			eap_peap_state(data, PHASE2_SOH);
@@ -1000,7 +1000,7 @@ static void eap_peap_process_phase2_response(struct eap_sm *sm,
 			next_type = EAP_TYPE_NONE;
 			break;
 		}
-#endif /* EAP_TNC */
+#endif /* EAP_SERVER_TNC */
 
 		eap_peap_state(data, PHASE2_METHOD);
 		next_type = sm->user->methods[0].method;

src/eap_server/eap_sim_db.c

@@ -1023,7 +1023,7 @@ int eap_sim_db_add_reauth(void *priv, const u8 *identity,
 }
 
 
-#ifdef EAP_AKA_PRIME
+#ifdef EAP_SERVER_AKA_PRIME
 /**
  * eap_sim_db_add_reauth_prime - EAP-AKA' DB: Add new re-authentication entry
  * @priv: Private data pointer from eap_sim_db_init()
@@ -1062,7 +1062,7 @@ int eap_sim_db_add_reauth_prime(void *priv, const u8 *identity,
 
 	return 0;
 }
-#endif /* EAP_AKA_PRIME */
+#endif /* EAP_SERVER_AKA_PRIME */
 
 
 /**

src/eap_server/eap_sim_db.h

@@ -15,7 +15,7 @@
 #ifndef EAP_SIM_DB_H
 #define EAP_SIM_DB_H
 
-#ifdef EAP_SIM
+#ifdef EAP_SERVER_SIM
 
 #include "eap_common/eap_sim_common.h"
 
@@ -90,7 +90,7 @@ int eap_sim_db_resynchronize(void *priv, const u8 *identity,
 			     size_t identity_len, const u8 *auts,
 			     const u8 *_rand);
 
-#else /* EAP_SIM */
+#else /* EAP_SERVER_SIM */
 static inline void *
 eap_sim_db_init(const char *config,
 		void (*get_complete_cb)(void *ctx, void *session_ctx),
@@ -102,6 +102,6 @@ eap_sim_db_init(const char *config,
 static inline void eap_sim_db_deinit(void *priv)
 {
 }
-#endif /* EAP_SIM */
+#endif /* EAP_SERVER_SIM */
 
 #endif /* EAP_SIM_DB_H */

src/eap_server/eap_ttls.c

@@ -1221,14 +1221,14 @@ static void eap_ttls_process_phase2(struct eap_sm *sm,
 		}
 	}
 
-#ifdef EAP_TNC
+#ifdef EAP_SERVER_TNC
 	if (data->tnc_started && parse.eap == NULL) {
 		wpa_printf(MSG_DEBUG, "EAP-TTLS: TNC started but no EAP "
 			   "response from peer");
 		eap_ttls_state(data, FAILURE);
 		goto done;
 	}
-#endif /* EAP_TNC */
+#endif /* EAP_SERVER_TNC */
 
 	if (parse.eap) {
 		eap_ttls_process_phase2_eap(sm, data, parse.eap,
@@ -1264,7 +1264,7 @@ done:
 
 static void eap_ttls_start_tnc(struct eap_sm *sm, struct eap_ttls_data *data)
 {
-#ifdef EAP_TNC
+#ifdef EAP_SERVER_TNC
 	if (!sm->tnc || data->state != SUCCESS || data->tnc_started)
 		return;
 
@@ -1277,7 +1277,7 @@ static void eap_ttls_start_tnc(struct eap_sm *sm, struct eap_ttls_data *data)
 
 	data->tnc_started = 1;
 	eap_ttls_state(data, PHASE2_METHOD);
-#endif /* EAP_TNC */
+#endif /* EAP_SERVER_TNC */
 }
 
 

src/tls/tlsv1_server.c

@@ -546,7 +546,7 @@ int tlsv1_server_get_keyblock_size(struct tlsv1_server *conn)
  */
 int tlsv1_server_set_cipher_list(struct tlsv1_server *conn, u8 *ciphers)
 {
-#ifdef EAP_FAST
+#ifdef EAP_SERVER_FAST
 	size_t count;
 	u16 *suites;
 
@@ -572,9 +572,9 @@ int tlsv1_server_set_cipher_list(struct tlsv1_server *conn, u8 *ciphers)
 	}
 
 	return 0;
-#else /* EAP_FAST */
+#else /* EAP_SERVER_FAST */
 	return -1;
-#endif /* EAP_FAST */
+#endif /* EAP_SERVER_FAST */
 }
 
 

src/tls/tlsv1_server_read.c

@@ -571,7 +571,7 @@ static int tls_process_client_key_exchange_rsa(
 static int tls_process_client_key_exchange_dh_anon(
 	struct tlsv1_server *conn, const u8 *pos, const u8 *end)
 {
-#ifdef EAP_FAST
+#ifdef EAP_SERVER_FAST
 	const u8 *dh_yc;
 	u16 dh_yc_len;
 	u8 *shared;
@@ -669,9 +669,9 @@ static int tls_process_client_key_exchange_dh_anon(
 	}
 
 	return 0;
-#else /* EAP_FAST */
+#else /* EAP_SERVER_FAST */
 	return -1;
-#endif /* EAP_FAST */
+#endif /* EAP_SERVER_FAST */
 }
 
 

src/tls/tlsv1_server_write.c

@@ -247,12 +247,12 @@ static int tls_write_server_key_exchange(struct tlsv1_server *conn,
 {
 	tls_key_exchange keyx;
 	const struct tls_cipher_suite *suite;
-#ifdef EAP_FAST
+#ifdef EAP_SERVER_FAST
 	u8 *pos, *rhdr, *hs_start, *hs_length;
 	size_t rlen;
 	u8 *dh_ys;
 	size_t dh_ys_len;
-#endif /* EAP_FAST */
+#endif /* EAP_SERVER_FAST */
 
 	suite = tls_get_cipher_suite(conn->rl.cipher_suite);
 	if (suite == NULL)
@@ -272,7 +272,7 @@ static int tls_write_server_key_exchange(struct tlsv1_server *conn,
 		return -1;
 	}
 
-#ifdef EAP_FAST
+#ifdef EAP_SERVER_FAST
 	if (conn->cred == NULL || conn->cred->dh_p == NULL ||
 	    conn->cred->dh_g == NULL) {
 		wpa_printf(MSG_DEBUG, "TLSv1: No DH parameters available for "
@@ -433,9 +433,9 @@ static int tls_write_server_key_exchange(struct tlsv1_server *conn,
 	*msgpos = pos;
 
 	return 0;
-#else /* EAP_FAST */
+#else /* EAP_SERVER_FAST */
 	return -1;
-#endif /* EAP_FAST */
+#endif /* EAP_SERVER_FAST */
 }