Could someone take a look at this patch set?
Juliusz
On 04/04/2024 20:16, Juliusz Sosinowicz wrote:
It appears that wolfSSL_get_cipher_name returns the ciphersuite in the format expected by hostapd.
Signed-off-by: Juliusz Sosinowicz <juliusz@xxxxxxxxxxx>
---
src/crypto/tls_wolfssl.c | 22 ++--------------------
1 file changed, 2 insertions(+), 20 deletions(-)
diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c
index 0b2947daf9..4db23e14ff 100644
--- a/src/crypto/tls_wolfssl.c
+++ b/src/crypto/tls_wolfssl.c
@@ -1924,34 +1924,16 @@ int tls_connection_set_cipher_list(void *tls_ctx, struct tls_connection *conn,
int tls_get_cipher(void *tls_ctx, struct tls_connection *conn,
char *buf, size_t buflen)
{
- WOLFSSL_CIPHER *cipher;
const char *name;
if (!conn || !conn->ssl)
return -1;
- cipher = wolfSSL_get_current_cipher(conn->ssl);
- if (!cipher)
- return -1;
-
- name = wolfSSL_CIPHER_get_name(cipher);
+ name = wolfSSL_get_cipher_name(conn->ssl);
if (!name)
return -1;
- if (os_strcmp(name, "SSL_RSA_WITH_RC4_128_SHA") == 0)
- os_strlcpy(buf, "RC4-SHA", buflen);
- else if (os_strcmp(name, "TLS_RSA_WITH_AES_128_CBC_SHA") == 0)
- os_strlcpy(buf, "AES128-SHA", buflen);
- else if (os_strcmp(name, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA") == 0)
- os_strlcpy(buf, "DHE-RSA-AES128-SHA", buflen);
- else if (os_strcmp(name, "TLS_DH_anon_WITH_AES_128_CBC_SHA") == 0)
- os_strlcpy(buf, "ADH-AES128-SHA", buflen);
- else if (os_strcmp(name, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA") == 0)
- os_strlcpy(buf, "DHE-RSA-AES256-SHA", buflen);
- else if (os_strcmp(name, "TLS_RSA_WITH_AES_256_CBC_SHA") == 0)
- os_strlcpy(buf, "AES256-SHA", buflen);
- else
- os_strlcpy(buf, name, buflen);
+ os_strlcpy(buf, name, buflen);
return 0;
}
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
