hostap/src
Pali Rohár 3665776e4e TLS client: Do not verify CA certificates when ca_cert is not specified
In documentation is written: "If ca_cert and ca_path are not included,
server certificate will not be verified". This is the case when
wpa_supplicant is compiled with OpenSSL library, but when using the
internal TLS implementation and some certificates in CA chain are in
unsupported format (e.g., use SHA384 or SHA512 hash functions) then
verification fails even if ca_cert property is not specified.

This commit changes behavior so that certificate verification in
internal TLS implementation is really skipped when ca_cert is not
specified.

Signed-off-by: Pali Rohár <pali.rohar@gmail.com>
2015-11-29 11:39:25 +02:00
..
ap hostapd: Add Transmit Power Envelope IE when VHT is enabled 2015-11-26 20:40:24 +02:00
common Add QCA vendor attribute and event to indicate subnet change status 2015-11-20 11:03:06 +02:00
crypto Add TEST_FAIL() condition to aes_128_cbc_encrypt/decrypt() 2015-11-28 20:46:36 +02:00
drivers nl80211: Add support for aborting an ongoing scan 2015-11-26 19:44:14 +02:00
eap_common EAP-SAKE: Fix a typo in attribute parser debug print 2015-11-28 12:25:42 +02:00
eap_peer EAP-SIM peer: Fix memory leak on reauth error path 2015-11-28 20:46:36 +02:00
eap_server EAP-pwd server: Fix last fragment length validation 2015-11-10 18:40:54 +02:00
eapol_auth Remove unreachable PMKSA cache entry addition on Access-Accept 2015-10-14 18:43:26 +03:00
eapol_supp Fix EAPOL reauth after FT protocol or offloaded PMKSA cache use 2015-11-19 21:16:18 +02:00
fst FST: Make FST peer connection check more permissive in hostapd 2015-11-25 17:30:59 +02:00
l2_packet l2_packet: Add build option to disable Linux packet socket workaround 2015-10-25 19:56:53 +02:00
p2p P2P: Add support for VHT 80+80 MHz and 160 MHz 2015-11-25 19:01:20 +02:00
pae MACsec: Update protect frames and replay on reauthentication 2014-12-09 16:56:10 +02:00
radius RADIUS: Avoid undefined behavior in pointer arithmetic 2015-10-25 15:34:59 +02:00
rsn_supp Fix CONFIG_NO_WPA=y build 2015-11-23 23:34:52 +02:00
tls TLS client: Do not verify CA certificates when ca_cert is not specified 2015-11-29 11:39:25 +02:00
utils Android: Give user the option for selecting browser for HS 2.0 OSU 2015-11-22 21:06:17 +02:00
wps WPS: Avoid undefined behavior in pointer arithmetic 2015-10-18 11:37:47 +03:00
lib.rules Add QUIET=1 option for make 2014-12-29 15:49:05 +02:00
Makefile FST: Add the Fast Session Transfer (FST) module 2015-07-16 18:26:15 +03:00