projects / mech_eap.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: dd5f902) | patch
Include peer certificate always in EAP events
authorJouni Malinen <j@w1.fi>
Wed, 14 Jan 2015 10:14:31 +0000 (12:14 +0200)
committerJouni Malinen <j@w1.fi>
Wed, 14 Jan 2015 10:24:52 +0000 (12:24 +0200)
commit483dd6a5e0069d0646505c26a5194eda15472858
tree01d05439b22e050c2b1a145e90c975c385ebeac4tree | snapshot
parentdd5f9025841f3492b14e9898042c5cab1e270e9ccommit | diff
Include peer certificate always in EAP events

This makes it easier for upper layer applications to get information
regarding the server certificate without having to use a special
certificate probing connection. This provides both the SHA256 hash of
the certificate (to be used with ca_cert="hash://server/sha256/<hash>",
if desired) and the full DER encoded X.509 certificate so that upper
layer applications can parse and display the certificate easily or
extract fields from it for purposes like configuring an altsubject_match
or domain_suffix_match.

The old behavior can be configured by adding cert_in_cb=0 to
wpa_supplicant configuration file.

Signed-off-by: Jouni Malinen <j@w1.fi>
wpa_supplicant/config.c diff | blob | history
wpa_supplicant/config.h diff | blob | history
wpa_supplicant/config_file.c diff | blob | history
wpa_supplicant/wpa_supplicant.conf diff | blob | history
wpa_supplicant/wpas_glue.c diff | blob | history
Moonshot GSS-API mechanism