aboutsummaryrefslogtreecommitdiffstats
path: root/src/crypto
diff options
context:
space:
mode:
authorJouni Malinen <jouni@qca.qualcomm.com>2015-12-22 15:53:45 (GMT)
committerJouni Malinen <j@w1.fi>2015-12-22 15:53:45 (GMT)
commitbca0872dd5c72135827355c4be1f772cc9641a84 (patch)
treeb4e7ad31a50173cc86fced03d0118caed2759f07 /src/crypto
parent8adce07a73e8eb53510190de6cf3eee86f5d0d87 (diff)
downloadhostap-bca0872dd5c72135827355c4be1f772cc9641a84.zip
hostap-bca0872dd5c72135827355c4be1f772cc9641a84.tar.gz
hostap-bca0872dd5c72135827355c4be1f772cc9641a84.tar.bz2
TLS server: OCSP stapling
This adds support for hostapd-as-authentication-server to be build with the internal TLS implementation and OCSP stapling server side support. This is more or less identical to the design used with OpenSSL, i.e., the cached response is read from the ocsp_stapling_response=<file> and sent as a response if the client requests it during the TLS handshake. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'src/crypto')
-rw-r--r--src/crypto/tls_internal.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/crypto/tls_internal.c b/src/crypto/tls_internal.c
index 8b90d56..4b87b30 100644
--- a/src/crypto/tls_internal.c
+++ b/src/crypto/tls_internal.c
@@ -331,6 +331,10 @@ int tls_global_set_params(void *tls_ctx,
return -1;
}
+ if (params->ocsp_stapling_response)
+ cred->ocsp_stapling_response =
+ os_strdup(params->ocsp_stapling_response);
+
return 0;
#else /* CONFIG_TLS_INTERNAL_SERVER */
return -1;