aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorHristo Venev <hristo@venev.name>2017-04-20 13:44:31 (GMT)
committerJouni Malinen <j@w1.fi>2018-12-30 15:27:34 (GMT)
commitd01203cafc1284e2883cb132e8529b7e2bb58653 (patch)
tree075cbeba148bb1892a62e4a1cd425921546992d2 /src
parent0521c6ebb308db7c7050d8369815284e50454261 (diff)
downloadhostap-d01203cafc1284e2883cb132e8529b7e2bb58653.zip
hostap-d01203cafc1284e2883cb132e8529b7e2bb58653.tar.gz
hostap-d01203cafc1284e2883cb132e8529b7e2bb58653.tar.bz2
hostapd: Add openssl_ecdh_curves configuration parameter
This makes it possible to use ECDSA certificates with EAP-TLS/TTLS/etc. It should be noted that when using Suite B, different mechanism is used to specify the allowed ECDH curves and this new parameter must not be used in such cases. Signed-off-by: Hristo Venev <hristo@venev.name>
Diffstat (limited to 'src')
-rw-r--r--src/ap/ap_config.c1
-rw-r--r--src/ap/ap_config.h1
-rw-r--r--src/ap/authsrv.c1
3 files changed, 3 insertions, 0 deletions
diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c
index 5635a52..0cfba45 100644
--- a/src/ap/ap_config.c
+++ b/src/ap/ap_config.c
@@ -543,6 +543,7 @@ void hostapd_config_free_bss(struct hostapd_bss_config *conf)
os_free(conf->ocsp_stapling_response_multi);
os_free(conf->dh_file);
os_free(conf->openssl_ciphers);
+ os_free(conf->openssl_ecdh_curves);
os_free(conf->pac_opaque_encr_key);
os_free(conf->eap_fast_a_id);
os_free(conf->eap_fast_a_id_info);
diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h
index 5371d0e..fbcfe8d 100644
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -395,6 +395,7 @@ struct hostapd_bss_config {
char *ocsp_stapling_response_multi;
char *dh_file;
char *openssl_ciphers;
+ char *openssl_ecdh_curves;
u8 *pac_opaque_encr_key;
u8 *eap_fast_a_id;
size_t eap_fast_a_id_len;
diff --git a/src/ap/authsrv.c b/src/ap/authsrv.c
index 3702eb1..b887608 100644
--- a/src/ap/authsrv.c
+++ b/src/ap/authsrv.c
@@ -218,6 +218,7 @@ int authsrv_init(struct hostapd_data *hapd)
params.private_key_passwd = hapd->conf->private_key_passwd;
params.dh_file = hapd->conf->dh_file;
params.openssl_ciphers = hapd->conf->openssl_ciphers;
+ params.openssl_ecdh_curves = hapd->conf->openssl_ecdh_curves;
params.ocsp_stapling_response =
hapd->conf->ocsp_stapling_response;
params.ocsp_stapling_response_multi =