path: root/wpa_supplicant/wpas_glue.c
diff options
authorJouni Malinen <j@w1.fi>2015-01-14 10:14:31 (GMT)
committerJouni Malinen <j@w1.fi>2015-01-14 10:24:52 (GMT)
commit483dd6a5e0069d0646505c26a5194eda15472858 (patch)
tree01d05439b22e050c2b1a145e90c975c385ebeac4 /wpa_supplicant/wpas_glue.c
parentdd5f9025841f3492b14e9898042c5cab1e270e9c (diff)
Include peer certificate always in EAP events
This makes it easier for upper layer applications to get information regarding the server certificate without having to use a special certificate probing connection. This provides both the SHA256 hash of the certificate (to be used with ca_cert="hash://server/sha256/<hash>", if desired) and the full DER encoded X.509 certificate so that upper layer applications can parse and display the certificate easily or extract fields from it for purposes like configuring an altsubject_match or domain_suffix_match. The old behavior can be configured by adding cert_in_cb=0 to wpa_supplicant configuration file. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'wpa_supplicant/wpas_glue.c')
1 files changed, 1 insertions, 0 deletions
diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c
index 209e2bc..8029ae5 100644
--- a/wpa_supplicant/wpas_glue.c
+++ b/wpa_supplicant/wpas_glue.c
@@ -948,6 +948,7 @@ int wpa_supplicant_init_eapol(struct wpa_supplicant *wpa_s)
ctx->port_cb = wpa_supplicant_port_cb;
ctx->cb = wpa_supplicant_eapol_cb;
ctx->cert_cb = wpa_supplicant_cert_cb;
+ ctx->cert_in_cb = wpa_s->conf->cert_in_cb;
ctx->status_cb = wpa_supplicant_status_cb;
ctx->set_anon_id = wpa_supplicant_set_anon_id;
ctx->cb_ctx = wpa_s;