path: root/wpa_supplicant/config.h
diff options
authorJouni Malinen <j@w1.fi>2014-10-12 08:53:51 (GMT)
committerJouni Malinen <j@w1.fi>2014-10-12 08:55:13 (GMT)
commit07e2de3193b0a10d1e0a6d0343698b740b279047 (patch)
treecc09567d2ae5d3b112c80e7f737fe3ff37e67647 /wpa_supplicant/config.h
parentf8995f8f1cbed905cd222c056270fea94a9a61c6 (diff)
wpa_supplicant: Allow OpenSSL cipherlist string to be configured
The new openssl_cipher configuration parameter can be used to select which TLS cipher suites are enabled for TLS-based EAP methods when OpenSSL is used as the TLS library. This parameter can be used both as a global parameter to set the default for all network blocks and as a network block parameter to override the default for each network profile. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'wpa_supplicant/config.h')
1 files changed, 9 insertions, 0 deletions
diff --git a/wpa_supplicant/config.h b/wpa_supplicant/config.h
index 3fd4192..f4c2f88 100644
--- a/wpa_supplicant/config.h
+++ b/wpa_supplicant/config.h
@@ -517,6 +517,15 @@ struct wpa_config {
char *pkcs11_module_path;
+ * openssl_ciphers - OpenSSL cipher string
+ *
+ * This is an OpenSSL specific configuration option for configuring the
+ * default ciphers. If not set, "DEFAULT:!EXP:!LOW" is used as the
+ * default.
+ */
+ char *openssl_ciphers;
+ /**
* pcsc_reader - PC/SC reader name prefix
* If not %NULL, PC/SC reader with a name that matches this prefix is