eap_example: Fix configuration by added DH parameters
The internal TLS implementation supports number of additional cipher suites that require DH parameters to be set on the server. Such a cipher suite is selected by default in the eap_example case which prevented the TLS handshake from completing successfully. Fix this by adding DH parameters to the server configuration. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
1acf38f1a5
commit
897418a28d
2 changed files with 6 additions and 0 deletions
5
eap_example/dh.conf
Normal file
5
eap_example/dh.conf
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
-----BEGIN DH PARAMETERS-----
|
||||||
|
MIGHAoGBAP3V8IHq3H2DUlYywsvjYNuS17eCdt0mJo6/os6PHqdhgkMrPxF9u4Gr
|
||||||
|
qKXq9e6GqmZYdjta30N3FkXaV924BJ0xOqb2TntiKg4u50/l6hSUneWt6UFBaizd
|
||||||
|
XrqjNFIme/5RXMZ7RglXliBpCepAaFLMcKhOS4ulUyYYHSy+oqRjAgEC
|
||||||
|
-----END DH PARAMETERS-----
|
|
@ -81,6 +81,7 @@ static int eap_example_server_init_tls(void)
|
||||||
/* tparams.private_key = "server.key"; */
|
/* tparams.private_key = "server.key"; */
|
||||||
tparams.private_key = "server-key.pem";
|
tparams.private_key = "server-key.pem";
|
||||||
/* tparams.private_key_passwd = "whatever"; */
|
/* tparams.private_key_passwd = "whatever"; */
|
||||||
|
tparams.dh_file = "dh.conf";
|
||||||
|
|
||||||
if (tls_global_set_params(eap_ctx.tls_ctx, &tparams)) {
|
if (tls_global_set_params(eap_ctx.tls_ctx, &tparams)) {
|
||||||
printf("Failed to set TLS parameters\n");
|
printf("Failed to set TLS parameters\n");
|
||||||
|
|
Loading…
Reference in a new issue