int authsrv_init(struct hostapd_data *hapd) { #ifdef EAP_TLS_FUNCS if (hapd->conf->eap_server && (hapd->conf->ca_cert || hapd->conf->server_cert || hapd->conf->dh_file)) { struct tls_connection_params params; hapd->ssl_ctx = tls_init(NULL); if (hapd->ssl_ctx == NULL) { wpa_printf(MSG_ERROR, "Failed to initialize TLS"); authsrv_deinit(hapd); return -1; } os_memset(¶ms, 0, sizeof(params)); params.ca_cert = hapd->conf->ca_cert; params.client_cert = hapd->conf->server_cert; params.private_key = hapd->conf->private_key; params.private_key_passwd = hapd->conf->private_key_passwd; params.dh_file = hapd->conf->dh_file; if (tls_global_set_params(hapd->ssl_ctx, ¶ms)) { wpa_printf(MSG_ERROR, "Failed to set TLS parameters"); authsrv_deinit(hapd); return -1; } if (tls_global_set_verify(hapd->ssl_ctx, hapd->conf->check_crl)) { wpa_printf(MSG_ERROR, "Failed to enable check_crl"); authsrv_deinit(hapd); return -1; } } #endif /* EAP_TLS_FUNCS */ #ifdef EAP_SIM_DB if (hapd->conf->eap_sim_db) { hapd->eap_sim_db_priv = eap_sim_db_init(hapd->conf->eap_sim_db, hostapd_sim_db_cb, hapd); if (hapd->eap_sim_db_priv == NULL) { wpa_printf(MSG_ERROR, "Failed to initialize EAP-SIM " "database interface"); authsrv_deinit(hapd); return -1; } } #endif /* EAP_SIM_DB */ #ifdef RADIUS_SERVER if (hapd->conf->radius_server_clients && hostapd_setup_radius_srv(hapd)) return -1; #endif /* RADIUS_SERVER */ return 0; }
static int eap_example_server_init_tls(rlm_eap_t *inst) { struct tls_config tconf; os_memset(&tconf, 0, sizeof(tconf)); inst->tls_ctx = tls_init(&tconf); if (inst->tls_ctx == NULL) return -1; if (tls_global_set_params(inst->tls_ctx, &inst->tparams)) { radlog(L_ERR, "rlm_eap2: Failed to set TLS parameters"); return -1; } if (tls_global_set_verify(inst->tls_ctx, 0)) { radlog(L_ERR, "rlm_eap2: Failed to set check_crl"); return -1; } return 0; }