wireless networks: Verify server certificates against CAs

author Michael Tremer <michael.tremer@ipfire.org>

Sat, 19 Aug 2017 10:09:42 +0000 (10:09 +0000)

committer Michael Tremer <michael.tremer@ipfire.org>

Sat, 19 Aug 2017 10:09:42 +0000 (10:09 +0000)
author Michael Tremer <michael.tremer@ipfire.org>
Sat, 19 Aug 2017 10:09:42 +0000 (10:09 +0000)
committer Michael Tremer <michael.tremer@ipfire.org>
Sat, 19 Aug 2017 10:09:42 +0000 (10:09 +0000)
diff --git a/src/functions/functions.constants b/src/functions/functions.constants

index 4830622af35de87832b6bb07d279d637bfe11f19..5f3afbdf4469880c66641c6d6dbf927afdfdffee 100644 (file)
--- a/src/functions/functions.constants
+++ b/src/functions/functions.constants
@@ -53,6 +53,7 @@ NETWORK_SETTINGS_FILE=${NETWORK_CONFIG_DIR}/config
  NETWORK_SETTINGS_FILE_PARAMS="DEBUG"
  NETWORK_WIRELESS_NETWORKS_DIR="${NETWORK_CONFIG_DIR}/wireless/networks"
  
+CA_BUNDLE="/etc/pki/tls/certs/ca-bundle.crt"
  CONFIG_HOSTNAME="/etc/hostname"
  
  RED_DB_DIR=${RUN_DIR}/red
diff --git a/src/functions/functions.wireless-networks b/src/functions/functions.wireless-networks

index 4a65882d45f729c5ab16c143ddd3a2af1a759bd4..0fbf8bfd050b5c4eaf797817e4617399123fc706 100644 (file)
--- a/src/functions/functions.wireless-networks
+++ b/src/functions/functions.wireless-networks
@@ -477,6 +477,11 @@ wireless_network_to_wpa_supplicant() {
                 print
         fi
  
+       # Validate server certificates
+       if isset CA_BUNDLE; then
+               print_indent 1 "ca_cert=${CA_BUNDLE}"
+       fi
+
         print_indent 0 "}"
         print
  }
author	Michael Tremer <michael.tremer@ipfire.org>
	Sat, 19 Aug 2017 10:09:42 +0000 (10:09 +0000)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Sat, 19 Aug 2017 10:09:42 +0000 (10:09 +0000)
src/functions/functions.constants		patch \| blob \| blame \| history
src/functions/functions.wireless-networks		patch \| blob \| blame \| history