EAP server: Initialize TLS context based on private_key

It is possible for the authentication server to be configured with a
PKCS #12 file that includes a private key, a server certificate, and a
CA certificate. This combination could result in server_cert and ca_cert
parameters not being present and that should still result in TLS context
getting initialized.

Signed-hostap: Jouni Malinen <j@w1.fi>

diff --git a/src/ap/authsrv.c b/src/ap/authsrv.c
index 68ad4dc504fba45c111cfb56d9d9d6d500a70dd5..8bb58a6f6662cc1931581408e7219e2d44653ab4 100644 (file)
--- a/src/ap/authsrv.c
+++ b/src/ap/authsrv.c
@@ -133,7 +133,7 @@ int authsrv_init(struct hostapd_data *hapd)
 #ifdef EAP_TLS_FUNCS
        if (hapd->conf->eap_server &&
            (hapd->conf->ca_cert || hapd->conf->server_cert ||
-            hapd->conf->dh_file)) {
+            hapd->conf->private_key || hapd->conf->dh_file)) {
                struct tls_connection_params params;
 
                hapd->ssl_ctx = tls_init(NULL);