]> git.ipfire.org Git - thirdparty/hostap.git/blobdiff - src/eap_peer/eap_tls_common.c
projects / thirdparty / hostap.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
OpenSSL: Add option to disable ECDHE with Suite B RSA
[thirdparty/hostap.git] / src / eap_peer / eap_tls_common.c
diff --git a/src/eap_peer/eap_tls_common.c b/src/eap_peer/eap_tls_common.c
index b387dea50815cf81feec86cc625625e311fe334a..b3d4aba048ab730278edfc4eff339fe540ade4f3 100644 (file)
--- a/src/eap_peer/eap_tls_common.c
+++ b/src/eap_peer/eap_tls_common.c
@@ -88,6 +88,10 @@ static void eap_tls_params_flags(struct tls_connection_params *params,
                params->flags |= TLS_CONN_SUITEB;
        if (os_strstr(txt, "tls_suiteb=0"))
                params->flags &= ~TLS_CONN_SUITEB;
+       if (os_strstr(txt, "tls_suiteb_no_ecdh=1"))
+               params->flags |= TLS_CONN_SUITEB_NO_ECDH;
+       if (os_strstr(txt, "tls_suiteb_no_ecdh=0"))
+               params->flags &= ~TLS_CONN_SUITEB_NO_ECDH;
 }
 
 
Unnamed repository; edit this file 'description' to name the repository.