]> git.ipfire.org Git - thirdparty/hostap.git/commit - wpa_supplicant/wpa_cli.c
projects / thirdparty / hostap.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0173423) | patch
OpenSSL: Add 'check_cert_subject' support for TLS server
authorJared Bents <jared.bents@rockwellcollins.com>
Thu, 28 Feb 2019 19:39:50 +0000 (13:39 -0600)
committerJouni Malinen <j@w1.fi>
Mon, 11 Mar 2019 12:09:45 +0000 (14:09 +0200)
commit841205a1ceb1a5441c10e203549c5a90380aaf0b
tree32929a36ec612784dae2e8e5d4f5c3445c1f542ctree | snapshot
parent0173423f416d416b06fbcb1864cdaeff5f591803commit | diff
OpenSSL: Add 'check_cert_subject' support for TLS server

This patch added 'check_cert_subject' support to match the value of
every field against the DN of the subject in the client certificate. If
the values do not match, the certificate verification will fail and will
reject the user.

This option allows hostapd to match every individual field in the right
order, also allow '*' character as a wildcard (e.g OU=Development*).

Note: hostapd will match string up to 'wildcard' against the DN of the
subject in the client certificate for every individual field.

Signed-off-by: Paresh Chaudhary <paresh.chaudhary@rockwellcollins.com>
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
Signed-off-by: Jouni Malinen <j@w1.fi>
16 files changed:
hostapd/config_file.c diff | blob | blame | history
hostapd/hostapd.conf diff | blob | blame | history
src/ap/ap_config.c diff | blob | blame | history
src/ap/ap_config.h diff | blob | blame | history
src/ap/authsrv.c diff | blob | blame | history
src/crypto/tls.h diff | blob | blame | history
src/crypto/tls_gnutls.c diff | blob | blame | history
src/crypto/tls_internal.c diff | blob | blame | history
src/crypto/tls_openssl.c diff | blob | blame | history
src/crypto/tls_wolfssl.c diff | blob | blame | history
src/eap_peer/eap_config.h diff | blob | blame | history
src/eap_peer/eap_tls_common.c diff | blob | blame | history
wpa_supplicant/config.c diff | blob | blame | history
wpa_supplicant/config_file.c diff | blob | blame | history
wpa_supplicant/config_winreg.c diff | blob | blame | history
wpa_supplicant/wpa_cli.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.