int authsrv_init(struct hostapd_data *hapd) { #ifdef EAP_TLS_FUNCS if (hapd->conf->eap_server && (hapd->conf->ca_cert || hapd->conf->server_cert || hapd->conf->dh_file)) { struct tls_connection_params params; hapd->ssl_ctx = tls_init(NULL); if (hapd->ssl_ctx == NULL) { wpa_printf(MSG_ERROR, "Failed to initialize TLS"); authsrv_deinit(hapd); return -1; } os_memset(¶ms, 0, sizeof(params)); params.ca_cert = hapd->conf->ca_cert; params.client_cert = hapd->conf->server_cert; params.private_key = hapd->conf->private_key; params.private_key_passwd = hapd->conf->private_key_passwd; params.dh_file = hapd->conf->dh_file; if (tls_global_set_params(hapd->ssl_ctx, ¶ms)) { wpa_printf(MSG_ERROR, "Failed to set TLS parameters"); authsrv_deinit(hapd); return -1; } if (tls_global_set_verify(hapd->ssl_ctx, hapd->conf->check_crl)) { wpa_printf(MSG_ERROR, "Failed to enable check_crl"); authsrv_deinit(hapd); return -1; } } #endif /* EAP_TLS_FUNCS */ #ifdef EAP_SIM_DB if (hapd->conf->eap_sim_db) { hapd->eap_sim_db_priv = eap_sim_db_init(hapd->conf->eap_sim_db, hostapd_sim_db_cb, hapd); if (hapd->eap_sim_db_priv == NULL) { wpa_printf(MSG_ERROR, "Failed to initialize EAP-SIM " "database interface"); authsrv_deinit(hapd); return -1; } } #endif /* EAP_SIM_DB */ #ifdef RADIUS_SERVER if (hapd->conf->radius_server_clients && hostapd_setup_radius_srv(hapd)) return -1; #endif /* RADIUS_SERVER */ return 0; }
static int eap_example_server_init_tls(rlm_eap_t *inst) { struct tls_config tconf; os_memset(&tconf, 0, sizeof(tconf)); inst->tls_ctx = tls_init(&tconf); if (inst->tls_ctx == NULL) return -1; if (tls_global_set_params(inst->tls_ctx, &inst->tparams)) { radlog(L_ERR, "rlm_eap2: Failed to set TLS parameters"); return -1; } if (tls_global_set_verify(inst->tls_ctx, 0)) { radlog(L_ERR, "rlm_eap2: Failed to set check_crl"); return -1; } return 0; }
static hostapd * hostapd_init(const char *config_file) { hostapd *hapd; hapd = malloc(sizeof(*hapd)); if (hapd == NULL) { printf("Could not allocate memory for hostapd data\n"); goto fail; } memset(hapd, 0, sizeof(*hapd)); hapd->config_fname = strdup(config_file); if (hapd->config_fname == NULL) { printf("Could not allocate memory for config_fname\n"); goto fail; } hapd->conf = hostapd_config_read(hapd->config_fname); if (hapd->conf == NULL) { goto fail; } if (hapd->conf->individual_wep_key_len > 0) { /* use key0 in individual key and key1 in broadcast key */ hapd->default_wep_key_idx = 1; } #ifdef EAP_TLS_FUNCS if (hapd->conf->eap_server && (hapd->conf->ca_cert || hapd->conf->server_cert)) { hapd->ssl_ctx = tls_init(NULL); if (hapd->ssl_ctx == NULL) { printf("Failed to initialize TLS\n"); goto fail; } if (tls_global_ca_cert(hapd->ssl_ctx, hapd->conf->ca_cert)) { printf("Failed to load CA certificate (%s)\n", hapd->conf->ca_cert); goto fail; } if (tls_global_client_cert(hapd->ssl_ctx, hapd->conf->server_cert)) { printf("Failed to load server certificate (%s)\n", hapd->conf->server_cert); goto fail; } if (tls_global_private_key(hapd->ssl_ctx, hapd->conf->private_key, hapd->conf->private_key_passwd)) { printf("Failed to load private key (%s)\n", hapd->conf->private_key); goto fail; } if (tls_global_set_verify(hapd->ssl_ctx, hapd->conf->check_crl)) { printf("Failed to enable check_crl\n"); goto fail; } } #endif /* EAP_TLS_FUNCS */ if (hapd->conf->eap_sim_db) { hapd->eap_sim_db_priv = eap_sim_db_init(hapd->conf->eap_sim_db); if (hapd->eap_sim_db_priv == NULL) { printf("Failed to initialize EAP-SIM database " "interface\n"); goto fail; } } if (hapd->conf->assoc_ap) hapd->assoc_ap_state = WAIT_BEACON; /* FIX: need to fix this const vs. not */ hapd->driver = (struct driver_ops *) hapd->conf->driver; return hapd; fail: if (hapd) { if (hapd->ssl_ctx) tls_deinit(hapd->ssl_ctx); if (hapd->conf) hostapd_config_free(hapd->conf); free(hapd->config_fname); free(hapd); } return NULL; }