aboutsummaryrefslogtreecommitdiff
path: root/src/ap/authsrv.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/ap/authsrv.c')
-rw-r--r--src/ap/authsrv.c30
1 files changed, 30 insertions, 0 deletions
diff --git a/src/ap/authsrv.c b/src/ap/authsrv.c
index 8e12daf4..4ab2a4a6 100644
--- a/src/ap/authsrv.c
+++ b/src/ap/authsrv.c
@@ -9,6 +9,7 @@
#include "utils/includes.h"
#include "utils/common.h"
+#include "crypto/crypto.h"
#include "crypto/tls.h"
#include "eap_server/eap.h"
#include "eap_server/eap_sim_db.h"
@@ -168,6 +169,9 @@ static void authsrv_tls_event(void *ctx, enum tls_event ev,
wpa_printf(MSG_DEBUG, "authsrv: remote TLS alert: %s",
data->alert.description);
break;
+ case TLS_UNSAFE_RENEGOTIATION_DISABLED:
+ /* Not applicable to TLS server */
+ break;
}
}
#endif /* EAP_TLS_FUNCS */
@@ -207,8 +211,10 @@ static struct eap_config * authsrv_eap_config(struct hostapd_data *hapd)
cfg->eap_teap_pac_no_inner = hapd->conf->eap_teap_pac_no_inner;
cfg->eap_teap_separate_result = hapd->conf->eap_teap_separate_result;
cfg->eap_teap_id = hapd->conf->eap_teap_id;
+ cfg->eap_teap_method_sequence = hapd->conf->eap_teap_method_sequence;
cfg->eap_sim_aka_result_ind = hapd->conf->eap_sim_aka_result_ind;
cfg->eap_sim_id = hapd->conf->eap_sim_id;
+ cfg->imsi_privacy_key = hapd->imsi_privacy_key;
cfg->tnc = hapd->conf->tnc;
cfg->wps = hapd->wps;
cfg->fragment_size = hapd->conf->fragment_size;
@@ -222,6 +228,9 @@ static struct eap_config * authsrv_eap_config(struct hostapd_data *hapd)
cfg->server_id_len = 7;
}
cfg->erp = hapd->conf->eap_server_erp;
+#ifdef CONFIG_TESTING_OPTIONS
+ cfg->skip_prot_success = hapd->conf->eap_skip_prot_success;
+#endif /* CONFIG_TESTING_OPTIONS */
return cfg;
}
@@ -292,6 +301,22 @@ int authsrv_init(struct hostapd_data *hapd)
}
#endif /* EAP_TLS_FUNCS */
+#ifdef CRYPTO_RSA_OAEP_SHA256
+ crypto_rsa_key_free(hapd->imsi_privacy_key);
+ hapd->imsi_privacy_key = NULL;
+ if (hapd->conf->imsi_privacy_key) {
+ hapd->imsi_privacy_key = crypto_rsa_key_read(
+ hapd->conf->imsi_privacy_key, true);
+ if (!hapd->imsi_privacy_key) {
+ wpa_printf(MSG_ERROR,
+ "Failed to read/parse IMSI privacy key %s",
+ hapd->conf->imsi_privacy_key);
+ authsrv_deinit(hapd);
+ return -1;
+ }
+ }
+#endif /* CRYPTO_RSA_OAEP_SHA256 */
+
#ifdef EAP_SIM_DB
if (hapd->conf->eap_sim_db) {
hapd->eap_sim_db_priv =
@@ -332,6 +357,11 @@ void authsrv_deinit(struct hostapd_data *hapd)
hapd->radius_srv = NULL;
#endif /* RADIUS_SERVER */
+#ifdef CRYPTO_RSA_OAEP_SHA256
+ crypto_rsa_key_free(hapd->imsi_privacy_key);
+ hapd->imsi_privacy_key = NULL;
+#endif /* CRYPTO_RSA_OAEP_SHA256 */
+
#ifdef EAP_TLS_FUNCS
if (hapd->ssl_ctx) {
tls_deinit(hapd->ssl_ctx);
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-29 20:47:55 +0000