]> git.ipfire.org Git - thirdparty/hostap.git/commit
projects / thirdparty / hostap.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 857edf4) | patch
OpenSSL: Allow two server certificates/keys to be configured on server
authorJouni Malinen <j@w1.fi>
Fri, 12 Jul 2019 15:11:53 +0000 (18:11 +0300)
committerJouni Malinen <j@w1.fi>
Fri, 12 Jul 2019 15:13:10 +0000 (18:13 +0300)
commite2722bf81db3463b698e61908a5e9380184ce13d
treef10faa85b7670159a66a3fb2315b295f35dd4fb0tree | snapshot
parent857edf4bf43e8e9e5e2a42cb0d2789f96f4becfacommit | diff
OpenSSL: Allow two server certificates/keys to be configured on server

hostapd EAP server can now be configured with two separate server
certificates/keys to enable parallel operations using both RSA and ECC
public keys. The server will pick which one to use based on the client
preferences for the cipher suite (in the TLS ClientHello message). It
should be noted that number of deployed EAP peer implementations do not
filter out the cipher suite list based on their local configuration and
as such, configuration of alternative types of certificates on the
server may result in interoperability issues.

Signed-off-by: Jouni Malinen <j@w1.fi>
hostapd/config_file.c diff | blob | blame | history
hostapd/hostapd.conf diff | blob | blame | history
src/ap/ap_config.c diff | blob | blame | history
src/ap/ap_config.h diff | blob | blame | history
src/ap/authsrv.c diff | blob | blame | history
src/crypto/tls.h diff | blob | blame | history
src/crypto/tls_openssl.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.