diff --git a/components/esp_wifi/Kconfig b/components/esp_wifi/Kconfig index 23d2f5bb02..1ed239347e 100644 --- a/components/esp_wifi/Kconfig +++ b/components/esp_wifi/Kconfig @@ -411,4 +411,13 @@ menu "Wi-Fi" be shared to other devices, making it in readable format increases that risk, also passphrase requires pbkdf2 to convert in psk. + config ESP_WIFI_ENTERPRISE_SUPPORT + bool "Enable enterprise option" + default y + help + Select this to enable/disable enterprise connection support. + + disabling this will reduce binary size. + disabling this will disable the use of any esp_wifi_sta_wpa2_ent_* (as APIs will be meaningless) + endmenu # Wi-Fi diff --git a/components/wpa_supplicant/esp_supplicant/src/esp_wpa_main.c b/components/wpa_supplicant/esp_supplicant/src/esp_wpa_main.c index ad4d5a7505..3a03dfc8bc 100644 --- a/components/wpa_supplicant/esp_supplicant/src/esp_wpa_main.c +++ b/components/wpa_supplicant/esp_supplicant/src/esp_wpa_main.c @@ -184,9 +184,11 @@ void wpa_ap_get_peer_spp_msg(void *sm_data, bool *spp_cap, bool *spp_req) bool wpa_deattach(void) { struct wpa_sm *sm = &gWpaSm; +#ifdef CONFIG_ESP_WIFI_ENTERPRISE_SUPPORT if (sm->wpa_sm_wpa2_ent_disable) { sm->wpa_sm_wpa2_ent_disable(); } +#endif if (sm->wpa_sm_wps_disable) { sm->wpa_sm_wps_disable(); } diff --git a/components/wpa_supplicant/src/common/defs.h b/components/wpa_supplicant/src/common/defs.h index 67e8c46112..472384f5ed 100644 --- a/components/wpa_supplicant/src/common/defs.h +++ b/components/wpa_supplicant/src/common/defs.h @@ -51,6 +51,7 @@ typedef enum { FALSE = 0, TRUE = 1 } Boolean; static inline int wpa_key_mgmt_wpa_ieee8021x(int akm) { +#ifdef CONFIG_ESP_WIFI_ENTERPRISE_SUPPORT return !!(akm & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_CCKM | @@ -58,6 +59,9 @@ static inline int wpa_key_mgmt_wpa_ieee8021x(int akm) WPA_KEY_MGMT_IEEE8021X_SHA256 | WPA_KEY_MGMT_IEEE8021X_SUITE_B | WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)); +#else + return 0; +#endif } static inline int wpa_key_mgmt_wpa_psk(int akm) diff --git a/components/wpa_supplicant/src/rsn_supp/wpa.c b/components/wpa_supplicant/src/rsn_supp/wpa.c index 9f7c715d6d..4c53248813 100644 --- a/components/wpa_supplicant/src/rsn_supp/wpa.c +++ b/components/wpa_supplicant/src/rsn_supp/wpa.c @@ -169,6 +169,7 @@ unsigned cipher_type_map_public_to_supp(wifi_cipher_type_t cipher) } } +#ifdef CONFIG_ESP_WIFI_ENTERPRISE_SUPPORT static bool is_wpa2_enterprise_connection(void) { uint8_t authmode; @@ -184,6 +185,7 @@ static bool is_wpa2_enterprise_connection(void) return false; } +#endif /** * get_bssid - Get the current BSSID @@ -698,9 +700,11 @@ void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, if (res) goto failed; +#ifdef CONFIG_ESP_WIFI_ENTERPRISE_SUPPORT if (is_wpa2_enterprise_connection()) { pmksa_cache_set_current(sm, NULL, sm->bssid, 0, 0); } +#endif if (sm->renew_snonce) { if (os_get_random(sm->snonce, WPA_NONCE_LEN)) { diff --git a/docs/en/api-guides/performance/size.rst b/docs/en/api-guides/performance/size.rst index 829c73fcad..55b200b342 100644 --- a/docs/en/api-guides/performance/size.rst +++ b/docs/en/api-guides/performance/size.rst @@ -315,6 +315,7 @@ Wi-Fi - Disabling :ref:`CONFIG_ESP32_WIFI_ENABLE_WPA3_SAE` will save some Wi-Fi binary size if WPA3 support is not needed. (Note that WPA3 is mandatory for new Wi-Fi device certifications.) - Disabling :ref:`CONFIG_ESP_WIFI_SOFTAP_SUPPORT` will save some Wi-Fi binary size if soft-AP support is not needed. +- Disabling :ref:`CONFIG_ESP_WIFI_ENTERPRISE_SUPPORT` will save some Wi-Fi binary size if enterprise support is not needed. .. only:: esp32