diff options
Diffstat (limited to 'src/ap/authsrv.c')
-rw-r--r-- | src/ap/authsrv.c | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/src/ap/authsrv.c b/src/ap/authsrv.c index 8e12daf4..4ab2a4a6 100644 --- a/src/ap/authsrv.c +++ b/src/ap/authsrv.c @@ -9,6 +9,7 @@ #include "utils/includes.h" #include "utils/common.h" +#include "crypto/crypto.h" #include "crypto/tls.h" #include "eap_server/eap.h" #include "eap_server/eap_sim_db.h" @@ -168,6 +169,9 @@ static void authsrv_tls_event(void *ctx, enum tls_event ev, wpa_printf(MSG_DEBUG, "authsrv: remote TLS alert: %s", data->alert.description); break; + case TLS_UNSAFE_RENEGOTIATION_DISABLED: + /* Not applicable to TLS server */ + break; } } #endif /* EAP_TLS_FUNCS */ @@ -207,8 +211,10 @@ static struct eap_config * authsrv_eap_config(struct hostapd_data *hapd) cfg->eap_teap_pac_no_inner = hapd->conf->eap_teap_pac_no_inner; cfg->eap_teap_separate_result = hapd->conf->eap_teap_separate_result; cfg->eap_teap_id = hapd->conf->eap_teap_id; + cfg->eap_teap_method_sequence = hapd->conf->eap_teap_method_sequence; cfg->eap_sim_aka_result_ind = hapd->conf->eap_sim_aka_result_ind; cfg->eap_sim_id = hapd->conf->eap_sim_id; + cfg->imsi_privacy_key = hapd->imsi_privacy_key; cfg->tnc = hapd->conf->tnc; cfg->wps = hapd->wps; cfg->fragment_size = hapd->conf->fragment_size; @@ -222,6 +228,9 @@ static struct eap_config * authsrv_eap_config(struct hostapd_data *hapd) cfg->server_id_len = 7; } cfg->erp = hapd->conf->eap_server_erp; +#ifdef CONFIG_TESTING_OPTIONS + cfg->skip_prot_success = hapd->conf->eap_skip_prot_success; +#endif /* CONFIG_TESTING_OPTIONS */ return cfg; } @@ -292,6 +301,22 @@ int authsrv_init(struct hostapd_data *hapd) } #endif /* EAP_TLS_FUNCS */ +#ifdef CRYPTO_RSA_OAEP_SHA256 + crypto_rsa_key_free(hapd->imsi_privacy_key); + hapd->imsi_privacy_key = NULL; + if (hapd->conf->imsi_privacy_key) { + hapd->imsi_privacy_key = crypto_rsa_key_read( + hapd->conf->imsi_privacy_key, true); + if (!hapd->imsi_privacy_key) { + wpa_printf(MSG_ERROR, + "Failed to read/parse IMSI privacy key %s", + hapd->conf->imsi_privacy_key); + authsrv_deinit(hapd); + return -1; + } + } +#endif /* CRYPTO_RSA_OAEP_SHA256 */ + #ifdef EAP_SIM_DB if (hapd->conf->eap_sim_db) { hapd->eap_sim_db_priv = @@ -332,6 +357,11 @@ void authsrv_deinit(struct hostapd_data *hapd) hapd->radius_srv = NULL; #endif /* RADIUS_SERVER */ +#ifdef CRYPTO_RSA_OAEP_SHA256 + crypto_rsa_key_free(hapd->imsi_privacy_key); + hapd->imsi_privacy_key = NULL; +#endif /* CRYPTO_RSA_OAEP_SHA256 */ + #ifdef EAP_TLS_FUNCS if (hapd->ssl_ctx) { tls_deinit(hapd->ssl_ctx); |