458
462
if (name == NULL || strncmp(name, "cert_store://", 13) != 0)
461
cs = CertOpenSystemStore(0, name + 13);
467
wstore = malloc((strlen(store) + 1) * sizeof(WCHAR));
470
wsprintf(wstore, L"%S", store);
471
cs = CertOpenSystemStore(0, wstore);
474
cs = CertOpenSystemStore(0, store);
462
476
if (cs == NULL) {
463
477
wpa_printf(MSG_DEBUG, "%s: failed to open system cert store "
464
"'%s': error=%d", __func__, name + 13,
478
"'%s': error=%d", __func__, store,
465
479
(int) GetLastError());
1752
1767
u8 * tls_connection_handshake(void *ssl_ctx, struct tls_connection *conn,
1753
1768
const u8 *in_data, size_t in_len,
1769
size_t *out_len, u8 **appl_data,
1770
size_t *appl_data_len)
1760
1779
* Give TLS handshake data from the server (if available) to OpenSSL
1761
1780
* for processing.
1811
1830
*out_len = res;
1832
if (SSL_is_init_finished(conn->ssl) && appl_data) {
1833
*appl_data = malloc(in_len);
1835
res = SSL_read(conn->ssl, *appl_data, in_len);
1837
tls_show_errors(MSG_INFO, __func__,
1838
"Failed to read possible "
1839
"Application Data");
1843
*appl_data_len = res;
1844
wpa_hexdump_key(MSG_MSGDUMP, "SSL: Application"
1845
" Data in Finish message",
1846
*appl_data, *appl_data_len);
1812
1851
return out_data;
1984
2023
#endif /* EAP_FAST || EAP_FAST_DYNAMIC */
1987
int tls_connection_set_anon_dh(void *ssl_ctx, struct tls_connection *conn)
2026
int tls_connection_set_cipher_list(void *tls_ctx, struct tls_connection *conn,
1989
if (conn == NULL || conn->ssl == NULL)
2029
char buf[100], *pos, *end;
2033
if (conn == NULL || conn->ssl == NULL || ciphers == NULL)
1992
if (SSL_set_cipher_list(conn->ssl, "ADH-AES128-SHA") != 1) {
2038
end = pos + sizeof(buf);
2041
while (*c != TLS_CIPHER_NONE) {
2045
case TLS_CIPHER_RC4_SHA:
2048
case TLS_CIPHER_AES128_SHA:
2049
suite = "AES128-SHA";
2051
case TLS_CIPHER_RSA_DHE_AES128_SHA:
2052
suite = "DHE-RSA-AES128-SHA";
2054
case TLS_CIPHER_ANON_DH_AES128_SHA:
2055
suite = "ADH-AES128-SHA";
2058
wpa_printf(MSG_DEBUG, "TLS: Unsupported "
2059
"cipher selection: %d", *c);
2062
ret = snprintf(pos, end - pos, ":%s", suite);
2063
if (ret < 0 || ret >= end - pos)
2070
wpa_printf(MSG_DEBUG, "OpenSSL: cipher suites: %s", buf + 1);
2072
if (SSL_set_cipher_list(conn->ssl, buf + 1) != 1) {
1993
2073
tls_show_errors(MSG_INFO, __func__,
1994
"Anon DH configuration failed");
2074
"Cipher suite configuration failed");