diff options
| author | Dmitry Shmidt <dimitrysh@google.com> | 2014-03-10 13:15:21 -0700 |
|---|---|---|
| committer | Dmitry Shmidt <dimitrysh@google.com> | 2014-03-10 13:15:21 -0700 |
| commit | 818ea489ef32dcdc7c098d8a336d6e1dd8996112 (patch) | |
| tree | 34efcd6c76d5300623864aac0b04069c3af2790d /src/crypto | |
| parent | 2ac5f6049e74103a8fe8e9c78b330020081d7df4 (diff) | |
| download | android_external_wpa_supplicant_8-818ea489ef32dcdc7c098d8a336d6e1dd8996112.tar.gz android_external_wpa_supplicant_8-818ea489ef32dcdc7c098d8a336d6e1dd8996112.tar.bz2 android_external_wpa_supplicant_8-818ea489ef32dcdc7c098d8a336d6e1dd8996112.zip | |
Cumulative patch from commit 390b92913a9a1b3a6aaf70e8b5971a7b7c76cabc
390b929 TLS testing: Allow hostapd to be used as a TLS testing tool
994afe3 RADIUS server: Allow TLS implementation add log entries
01f7fe1 RADIUS server: Allow EAP methods to log into SQLite DB
8a57da7 RADIUS server: Add option for storing log information to SQLite DB
f3ef7a2 TLS client: Send decrypt_error on verify_data validation error
129b9b9 TLS: Share a helper function for verifying Signature
6531963 TLS: Use a helper function for calculating ServerKeyExchange hash
65074a2 TLS: Add support for DHE-RSA cipher suites
41ebfe9 TLS server: Enable SHA256-based cipher suites
60b893d wpa_supplicant: Allow external management frame processing for testing
ec33bc6 Enable RADIUS message dumps with excessive debug verbosity
226e357 Revert "bridge: Track inter-BSS usage"
d0ee16e Allow arbitrary RADIUS attributes to be added into Access-Accept
0ac3876 Fix PMF protect disconnection on session timeout
49021c1 Fix hostapd error path regression
Change-Id: Ie0710c036cca2fb370d28684cc5a5d28a075dfc1
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Diffstat (limited to 'src/crypto')
| -rw-r--r-- | src/crypto/tls.h | 10 | ||||
| -rw-r--r-- | src/crypto/tls_internal.c | 24 |
2 files changed, 34 insertions, 0 deletions
diff --git a/src/crypto/tls.h b/src/crypto/tls.h index 88afae48..81e588fb 100644 --- a/src/crypto/tls.h +++ b/src/crypto/tls.h @@ -537,4 +537,14 @@ int __must_check tls_connection_set_session_ticket_cb( void *tls_ctx, struct tls_connection *conn, tls_session_ticket_cb cb, void *ctx); +void tls_connection_set_log_cb(struct tls_connection *conn, + void (*log_cb)(void *ctx, const char *msg), + void *ctx); + +#define TLS_BREAK_VERIFY_DATA BIT(0) +#define TLS_BREAK_SRV_KEY_X_HASH BIT(1) +#define TLS_BREAK_SRV_KEY_X_SIGNATURE BIT(2) + +void tls_connection_set_test_flags(struct tls_connection *conn, u32 flags); + #endif /* TLS_H */ diff --git a/src/crypto/tls_internal.c b/src/crypto/tls_internal.c index 91f06900..6563ed21 100644 --- a/src/crypto/tls_internal.c +++ b/src/crypto/tls_internal.c @@ -28,6 +28,7 @@ struct tls_global { struct tls_connection { struct tlsv1_client *client; struct tlsv1_server *server; + struct tls_global *global; }; @@ -85,6 +86,7 @@ struct tls_connection * tls_connection_init(void *tls_ctx) conn = os_zalloc(sizeof(*conn)); if (conn == NULL) return NULL; + conn->global = global; #ifdef CONFIG_TLS_INTERNAL_CLIENT if (!global->server) { @@ -109,6 +111,28 @@ struct tls_connection * tls_connection_init(void *tls_ctx) } +#ifdef CONFIG_TESTING_OPTIONS +#ifdef CONFIG_TLS_INTERNAL_SERVER +void tls_connection_set_test_flags(struct tls_connection *conn, u32 flags) +{ + if (conn->server) + tlsv1_server_set_test_flags(conn->server, flags); +} +#endif /* CONFIG_TLS_INTERNAL_SERVER */ +#endif /* CONFIG_TESTING_OPTIONS */ + + +void tls_connection_set_log_cb(struct tls_connection *conn, + void (*log_cb)(void *ctx, const char *msg), + void *ctx) +{ +#ifdef CONFIG_TLS_INTERNAL_SERVER + if (conn->server) + tlsv1_server_set_log_cb(conn->server, log_cb, ctx); +#endif /* CONFIG_TLS_INTERNAL_SERVER */ +} + + void tls_connection_deinit(void *tls_ctx, struct tls_connection *conn) { if (conn == NULL) |