Commit Graph

5 Commits

Author SHA1 Message Date
Jouni Malinen
2944656925 Allow TLS flags to be configured (allow MD5, disable time checks)
Undocumented (at least for the time being) TLS parameters can now
be provided in wpa_supplicant configuration to enable some workarounds
for being able to connect insecurely to some networks. phase1 and
phase2 network parameters can use following options:
tls_allow_md5=1
- allow MD5 signature to be used (disabled by default with GnuTLS)
tls_disable_time_checks=1
- ignore certificate expiration time

For now, only the GnuTLS TLS wrapper implements support for these.
2009-12-20 19:28:47 +02:00
Jouni Malinen
81c85c069a Convert TLS wrapper to use struct wpabuf
This converts tls_connection_handshake(),
tls_connection_server_handshake(), tls_connection_encrypt(), and
tls_connection_decrypt() to use struct wpa_buf to allow higher layer
code to be cleaned up with consistent struct wpabuf use.
2009-12-20 18:17:55 +02:00
Jouni Malinen
76f04b38b0 Preliminary support for FIPS mode operation with OpenSSL
wpa_supplicant can now be built with FIPS capable OpenSSL for FIPS mode
operation. Currently, this is only enabling the FIPS mode in OpenSSL
without providing any higher level enforcement in wpa_supplicant.
Consequently, invalid configuration will fail during the authentication
run. Proper configuration (e.g., WPA2-Enterprise with EAP-TLS) allows
the connection to be completed.
2009-08-16 14:24:22 +03:00
David Smith
e59c91af82 Add support to crypto/tls for client cert and CA cert from smartcard 2008-05-23 10:49:59 +03:00
Jouni Malinen
6fc6879bd5 Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00