aboutsummaryrefslogtreecommitdiffstats
path: root/hostapd
diff options
context:
space:
mode:
authorHristo Venev <hristo@venev.name>2017-04-20 13:44:31 (GMT)
committerJouni Malinen <j@w1.fi>2019-02-17 12:01:57 (GMT)
commit464064c7e59d1b5530c3597aecca53eaaf863afc (patch)
treec1fc6d33f5b8bfde1104af26b3e0445d6ef409b3 /hostapd
parent836f0ddac1bc93a30745220712d3a609df2f48ac (diff)
downloadhostap-464064c7e59d1b5530c3597aecca53eaaf863afc.zip
hostap-464064c7e59d1b5530c3597aecca53eaaf863afc.tar.gz
hostap-464064c7e59d1b5530c3597aecca53eaaf863afc.tar.bz2
hostapd: Document openssl_ecdh_curves configuration parameter
Signed-off-by: Hristo Venev <hristo@venev.name>
Diffstat (limited to 'hostapd')
-rw-r--r--hostapd/hostapd.conf13
1 files changed, 13 insertions, 0 deletions
diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf
index f3584c5..ee8f961 100644
--- a/hostapd/hostapd.conf
+++ b/hostapd/hostapd.conf
@@ -1014,6 +1014,19 @@ eap_server=0
# use OpenSSL.
#openssl_ciphers=DEFAULT:!EXP:!LOW
+# OpenSSL ECDH curves
+#
+# This is an OpenSSL specific configuration option for configuring the ECDH
+# curves for EAP-TLS/TTLS/PEAP/FAST server. If not set, automatic curve
+# selection is enabled. If set to an empty string, ECDH curve configuration is
+# not done (the exact library behavior depends on the library version).
+# Otherwise, this is a colon separated list of the supported curves (e.g.,
+# P-521:P-384:P-256). This is applicable only if hostapd is built to use
+# OpenSSL. This must not be used for Suite B cases since the same OpenSSL
+# parameter is set differently in those cases and this might conflict with that
+# design.
+#openssl_ecdh_curves=P-521:P-384:P-256
+
# Fragment size for EAP methods
#fragment_size=1400