From 71d1cf8249bee250cf8055ef5230d03bdf3797ab Mon Sep 17 00:00:00 2001
From: JacobBarthelmeh <jacob@wolfssl.com>
Date: Thu, 6 Apr 2023 09:24:37 -0700
Subject: [PATCH] change enable flag to CONFIG_FIPS_WARNING=y

---
 hostap-patches/README                            | 2 +-
 hostap-patches/Support-FIPS_WARNING-MSCHAP.patch | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/hostap-patches/README b/hostap-patches/README
index 0449f299..b04abd08 100644
--- a/hostap-patches/README
+++ b/hostap-patches/README
@@ -7,4 +7,4 @@ can be applied using `patch -p1 < /path/to/patch`.
 Sets the HMAC key by accessing the HMAC struct directly for key sizes less than the approved FIPS HMAC key sizes. This works around the key size restriction but should be disclosed if used because it is not compliant with the FIPS HMAC key requirements.
 
 ###Support-FIPS_WARNING-MSCHAP.patch
-Adds in MD5 and DES support with CONFIG_FIPS=warning. This allows for MSCHAP and CHAP modes. Each call to an algorithm outside the FIPS boundary triggers a warning message printed out. If used it should be disclosed that the MSCHAP(v2) / CHAP modes are using algorithms outside of the FIPS boundary.
+Adds in MD5 and DES support with CONFIG_FIPS_WARNING=y. This allows for MSCHAP and CHAP modes. Each call to an algorithm outside the FIPS boundary triggers a warning message printed out. If used it should be disclosed that the MSCHAP(v2) / CHAP modes are using algorithms outside of the FIPS boundary.
diff --git a/hostap-patches/Support-FIPS_WARNING-MSCHAP.patch b/hostap-patches/Support-FIPS_WARNING-MSCHAP.patch
index 90493c48..6571a944 100644
--- a/hostap-patches/Support-FIPS_WARNING-MSCHAP.patch
+++ b/hostap-patches/Support-FIPS_WARNING-MSCHAP.patch
@@ -143,14 +143,14 @@ index 769f824..0571eb8 100644
  def check_ext_key_id_capa(dev):
      res = dev.get_driver_status_field('capa.flags')
 diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile
-index 57620fe..f8ffdf7 100644
+index 57620fe..bf62050 100644
 --- a/wpa_supplicant/Makefile
 +++ b/wpa_supplicant/Makefile
 @@ -543,6 +543,10 @@ ifndef CONFIG_FIPS
  MS_FUNCS=y
  CHAP=y
  endif
-+ifeq ($(CONFIG_FIPS), warning)
++ifdef CONFIG_FIPS_WARNING
 +MS_FUNCS=y
 +CHAP=y
 +endif
@@ -161,7 +161,7 @@ index 57620fe..f8ffdf7 100644
  ifndef CONFIG_FIPS
  CFLAGS += -DCONFIG_DES
  endif
-+ifeq ($(CONFIG_FIPS), warning)
++ifdef CONFIG_FIPS_WARNING
 +CFLAGS += -DCONFIG_DES
 +endif
  ifdef CONFIG_INTERNAL_DES
@@ -171,7 +171,7 @@ index 57620fe..f8ffdf7 100644
  
  ifdef CONFIG_FIPS
  CFLAGS += -DCONFIG_FIPS
-+ifeq ($(CONFIG_FIPS), warning)
++ifdef CONFIG_FIPS_WARNING
 +CFLAGS += -DCONFIG_FIPS_WARNING
 +endif
  ifneq ($(CONFIG_TLS), openssl)