git.ipfire.org Git - thirdparty/hostap.git/commit

]> git.ipfire.org Git - thirdparty/hostap.git/commit

projects / thirdparty / hostap.git / commit

author	Jouni Malinen <j@w1.fi>
	Sun, 10 Dec 2017 19:16:26 +0000 (21:16 +0200)
committer	Jouni Malinen <j@w1.fi>
	Sun, 10 Dec 2017 19:16:26 +0000 (21:16 +0200)
commit	a2c442be254040ad4b97f39b26cbf1483e1f85d9
tree	4905fb2c1182aa0e0cbe4c724d3c35c93d2c1663	tree
parent	c358bc4b5b01b76af149b924ddb6f080b8709715	commit \| diff

OpenSSL: Allow cipher list to be overridden for tls_suiteb=1 case

This allows wpa_supplicant configuration with phase1="tls_suiteb=1" to
use openssl_ciphers="ECDHE-RSA-AES256-GCM-SHA384" to further limit the
possible TLS cipher suites when using Suite B with RSA >3K keys. This
combination disables use of DHE and as such, mandates ECDHE to be used.

Signed-off-by: Jouni Malinen <j@w1.fi>

src/crypto/tls_openssl.c

diff | blob | blame | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom