aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <jouni@qca.qualcomm.com>2015-04-17 08:26:36 (GMT)
committerJouni Malinen <j@w1.fi>2015-04-17 08:26:36 (GMT)
commit897418a28d24d8adc85ffdbe010f84becd9dc822 (patch)
treed27302031a94c19e5386ba468032beca6f7f126a
parent1acf38f1a5aa19169035de9b611fc76440729c0b (diff)
downloadhostap-897418a28d24d8adc85ffdbe010f84becd9dc822.zip
hostap-897418a28d24d8adc85ffdbe010f84becd9dc822.tar.gz
hostap-897418a28d24d8adc85ffdbe010f84becd9dc822.tar.bz2
eap_example: Fix configuration by added DH parameters
The internal TLS implementation supports number of additional cipher suites that require DH parameters to be set on the server. Such a cipher suite is selected by default in the eap_example case which prevented the TLS handshake from completing successfully. Fix this by adding DH parameters to the server configuration. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
-rw-r--r--eap_example/dh.conf5
-rw-r--r--eap_example/eap_example_server.c1
2 files changed, 6 insertions, 0 deletions
diff --git a/eap_example/dh.conf b/eap_example/dh.conf
new file mode 100644
index 0000000..7bc8325
--- /dev/null
+++ b/eap_example/dh.conf
@@ -0,0 +1,5 @@
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAP3V8IHq3H2DUlYywsvjYNuS17eCdt0mJo6/os6PHqdhgkMrPxF9u4Gr
+qKXq9e6GqmZYdjta30N3FkXaV924BJ0xOqb2TntiKg4u50/l6hSUneWt6UFBaizd
+XrqjNFIme/5RXMZ7RglXliBpCepAaFLMcKhOS4ulUyYYHSy+oqRjAgEC
+-----END DH PARAMETERS-----
diff --git a/eap_example/eap_example_server.c b/eap_example/eap_example_server.c
index 7097bca..a081b87 100644
--- a/eap_example/eap_example_server.c
+++ b/eap_example/eap_example_server.c
@@ -81,6 +81,7 @@ static int eap_example_server_init_tls(void)
/* tparams.private_key = "server.key"; */
tparams.private_key = "server-key.pem";
/* tparams.private_key_passwd = "whatever"; */
+ tparams.dh_file = "dh.conf";
if (tls_global_set_params(eap_ctx.tls_ctx, &tparams)) {
printf("Failed to set TLS parameters\n");