Commit Graph

9 Commits

Author SHA1 Message Date
Jouni Malinen
822e7c66ae EAP server: Use struct eap_config to avoid duplicated definitions
Use struct eap_config as-is within struct eap_sm and EAPOL authenticator
to avoid having to duplicate all the configuration variables at each
interface. Split the couple of session specific variables into a
separate struct to allow a single const struct eap_config to be used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-18 17:36:32 +03:00
Sam Voss
dd5d325b0a hostapd: Add configuration option check_crl_strict
Add the ability to ignore time-based CRL errors from OpenSSL by
specifying a new configuration parameter, check_crl_strict=0.

This causes the following:

- This setting does nothing when CRL checking is not enabled.

- When CRL is enabled, "strict mode" will cause CRL time errors to not
  be ignored and will continue behaving as it currently does.

- When CRL is enabled, disabling strict mode will cause CRL time
  errors to be ignored and will allow connections.

By default, check_crl_strict is set to 1, or strict mode, to keep
current functionality.

Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com>
2018-12-31 12:51:51 +02:00
Sergei Sinyak
f5c15dc179 Fix typo in eap_example_server.c
The server sends only requests to the peer,
and the peer sends only responses to the server.

Signed-off-by: Sergei Sinyak <serega.belarus@gmail.com>
2016-10-29 11:13:28 +03:00
Jouni Malinen
897418a28d eap_example: Fix configuration by added DH parameters
The internal TLS implementation supports number of additional cipher
suites that require DH parameters to be set on the server. Such a cipher
suite is selected by default in the eap_example case which prevented the
TLS handshake from completing successfully. Fix this by adding DH
parameters to the server configuration.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-17 11:26:36 +03:00
Jouni Malinen
0f3d578efc Remove the GPL notification from files contributed by Jouni Malinen
Remove the GPL notification text from the files that were
initially contributed by myself.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-11 19:39:36 +02:00
Jouni Malinen
127608152e Move EAP method registration away from src/eap_{peer,server}
This makes it easier to make a library out of EAP methods without
losing possiblity of binary size optimization by linker dropping
unreferenced code.
2009-12-06 11:28:41 +02:00
Jouni Malinen
03da66bd59 Remove src/crypto from default include path
In addition, start ordering header file includes to be in more
consistent order: system header files, src/utils, src/*, same
directory as the *.c file.
2009-11-29 23:04:43 +02:00
Jouni Malinen
79ec5264ed Use PEM format RSA private key with eap_example
It looks like GnuTLS does not know how to parse the previously used
DER-formatted PKCS#1 private key (server.key). To work around this, use
a PEM-formatted version of the same key. This format can now be used by
OpenSSL, GnuTLS, and the internal TLS implementation.
2009-08-16 09:35:31 +03:00
Jouni Malinen
6fc6879bd5 Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00