@@ -2195,6 +2195,9 @@ static int hostapd_config_fill(struct
hostapd_config *conf,
} else if (os_strcmp(buf, "openssl_ciphers") == 0) {
os_free(bss->openssl_ciphers);
bss->openssl_ciphers = os_strdup(pos);
+ } else if (os_strcmp(buf, "openssl_ecdh_curves") == 0) {
+ os_free(bss->openssl_ecdh_curves);
+ bss->openssl_ecdh_curves = os_strdup(pos);
} else if (os_strcmp(buf, "fragment_size") == 0) {
bss->fragment_size = atoi(pos);
#ifdef EAP_SERVER_FAST
@@ -503,6 +503,7 @@ void hostapd_config_free_bss(struct
hostapd_bss_config *conf)
os_free(conf->ocsp_stapling_response_multi);
os_free(conf->dh_file);
os_free(conf->openssl_ciphers);
+ os_free(conf->openssl_ecdh_keys);
os_free(conf->pac_opaque_encr_key);
os_free(conf->eap_fast_a_id);
os_free(conf->eap_fast_a_id_info);
@@ -366,6 +366,7 @@ struct hostapd_bss_config {
char *ocsp_stapling_response_multi;
char *dh_file;
char *openssl_ciphers;
+ char *openssl_ecdh_curves;
u8 *pac_opaque_encr_key;
u8 *eap_fast_a_id;
size_t eap_fast_a_id_len;
@@ -170,6 +170,7 @@ int authsrv_init(struct hostapd_data *hapd)
params.private_key_passwd = hapd->conf-
>private_key_passwd;
params.dh_file = hapd->conf->dh_file;
params.openssl_ciphers = hapd->conf->openssl_ciphers;
+ params.openssl_ecdh_curves = hapd->conf-
>openssl_ecdh_curves;
params.ocsp_stapling_response =
I forgot to call free(). Here is version 2: hostapd: set openssl_ecdh_curves This makes it possible to use ECDSA certificates with EAP-TLS/TTLS/etc. Signed-off-by: Hristo Venev <hristo@venev.name> --- hostapd/config_file.c | 3 +++ src/ap/ap_config.c | 1 + src/ap/ap_config.h | 1 + src/ap/authsrv.c | 1 + 4 files changed, 6 insertions(+) hapd->conf->ocsp_stapling_response; params.ocsp_stapling_response_multi = -- 2.12.2