mirror of
https://git.kernel.org/pub/scm/network/wireless/iwd.git
synced 2024-11-29 05:39:24 +01:00
eap-tls-common: update to new ELL TLS APIs
This commit is contained in:
parent
c2e268aeb0
commit
72a417e8a3
@ -543,16 +543,57 @@ static bool eap_tls_tunnel_init(struct eap_state *eap)
|
|||||||
l_tls_set_debug(eap_tls->tunnel, eap_tls_tunnel_debug, eap,
|
l_tls_set_debug(eap_tls->tunnel, eap_tls_tunnel_debug, eap,
|
||||||
NULL);
|
NULL);
|
||||||
|
|
||||||
if (!l_tls_set_auth_data(eap_tls->tunnel, eap_tls->client_cert,
|
if (eap_tls->client_cert || eap_tls->client_key) {
|
||||||
eap_tls->client_key,
|
struct l_certchain *client_cert =
|
||||||
eap_tls->passphrase) ||
|
l_pem_load_certificate_chain(eap_tls->client_cert);
|
||||||
(eap_tls->ca_cert &&
|
struct l_key *client_key;
|
||||||
!l_tls_set_cacert(eap_tls->tunnel,
|
|
||||||
eap_tls->ca_cert))) {
|
if (!client_cert) {
|
||||||
l_error("%s: Error loading TLS keys or certificates.",
|
l_error("%s: Failed to parse client certificate: %s.",
|
||||||
|
eap_get_method_name(eap),
|
||||||
|
eap_tls->client_cert);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
client_key = l_pem_load_private_key(eap_tls->client_key,
|
||||||
|
eap_tls->passphrase,
|
||||||
|
NULL);
|
||||||
|
if (!client_key) {
|
||||||
|
l_error("%s: Failed to parse client private key: %s.",
|
||||||
|
eap_get_method_name(eap),
|
||||||
|
eap_tls->client_key);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!l_tls_set_auth_data(eap_tls->tunnel,
|
||||||
|
client_cert, client_key)) {
|
||||||
|
l_certchain_free(client_cert);
|
||||||
|
l_key_free(client_key);
|
||||||
|
l_error("%s: Failed to set auth data.",
|
||||||
eap_get_method_name(eap));
|
eap_get_method_name(eap));
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (eap_tls->ca_cert) {
|
||||||
|
struct l_queue *ca_cert =
|
||||||
|
l_pem_load_certificate_list(eap_tls->ca_cert);
|
||||||
|
|
||||||
|
if (!ca_cert) {
|
||||||
|
l_error("%s: Error loading CA certificates from %s.",
|
||||||
|
eap_get_method_name(eap),
|
||||||
|
eap_tls->ca_cert);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!l_tls_set_cacert(eap_tls->tunnel, ca_cert)) {
|
||||||
|
l_queue_destroy(ca_cert,
|
||||||
|
(l_queue_destroy_func_t)l_cert_free);
|
||||||
|
l_error("%s: Error settings CA certificates.",
|
||||||
|
eap_get_method_name(eap));
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (eap_tls->domain_mask)
|
if (eap_tls->domain_mask)
|
||||||
l_tls_set_domain_mask(eap_tls->tunnel, eap_tls->domain_mask);
|
l_tls_set_domain_mask(eap_tls->tunnel, eap_tls->domain_mask);
|
||||||
|
Loading…
Reference in New Issue
Block a user