openwrt/package/network
David Lam a5f3648a1c hostapd: add support for system cert bundle validation
Currently, it is very cumbersome for a user to connect to a WPA-Enterprise
based network securely because the RADIUS server's CA certificate must first be
extracted from the EAPOL handshake using tcpdump or other methods before it can
be pinned using the ca_cert(2) fields. To make this process easier and more
secure (combined with changes in openwrt/openwrt#2654), this commit adds
support for validating against the built-in CA bundle when the ca-bundle
package is installed. Related LuCI changes in openwrt/luci#3513.

Signed-off-by: David Lam <david@thedavid.net>
[bump PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-01-16 12:08:18 +01:00
..
config netifd: move /tmp/resolv.conf.auto to /tmp/resolv.conf.d/ 2020-01-07 15:36:59 +02:00
ipv6 6in4: add rfc1918 check function 2019-10-18 19:23:07 +02:00
services hostapd: add support for system cert bundle validation 2020-01-16 12:08:18 +01:00
utils wireguard: skip peer config if public key of the peer is not defined 2020-01-15 21:19:01 +01:00