From 85fa7955e1a9663f8305354398b0c44b37fed840 Mon Sep 17 00:00:00 2001 From: "7u83@mail.ru" <7u83@mail.ru@noemail.net> Date: Tue, 1 Mar 2016 08:31:16 +0000 Subject: [PATCH] Fixed issues with creating cisco cert. FossilOrigin-Name: 16ebea6ee7650a6f9f11cb31fc94683c1e2eb57a0762b37613599dcac28ae14d --- src/ac/wtpman.c | 10 ++++++++-- ssl/README | 2 +- ssl/mkcert.sh | 2 +- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/src/ac/wtpman.c b/src/ac/wtpman.c index 4c012b7b..84c47f79 100644 --- a/src/ac/wtpman.c +++ b/src/ac/wtpman.c @@ -190,6 +190,9 @@ static int wtpman_establish_dtls(void *arg) /* try to accept the connection */ if (!dtls_accept(wtpman->conn)) { + + + cw_dbg(DBG_DTLS, "Error establishing DTLS session with %s", CLIENT_IP); return 0; } @@ -198,6 +201,7 @@ static int wtpman_establish_dtls(void *arg) dtls_get_cipher(wtpman->conn)); /* DTLS handshake done */ +/* int cert_len; struct dtls_ssl_cert cert; @@ -206,9 +210,11 @@ static int wtpman_establish_dtls(void *arg) cert = dtls_get_peers_cert(wtpman->conn, 0); -// printf("Have Peers Cert: %p, %d\n", cert.data, cert.size); -// fwrite(cert.data, 1, cert.size, f); + printf("Have Peers Cert: %p, %d\n", cert.data, cert.size); + fwrite(cert.data, 1, cert.size, f); fclose(f); +*/ + return 1; diff --git a/ssl/README b/ssl/README index 5142a783..2a62e359 100644 --- a/ssl/README +++ b/ssl/README @@ -31,7 +31,7 @@ Creating SSL certificates to test AC-Tube and it's WTP's on Cisco's AP must be at least 7.3. EXAMPLE: - ./mkcert ac-cisco cisco-ap + ./mkcert.sh ac-cisco cisco-ap will create the files ./certs/ac-cisco.pem and and ./certs/ac-cisco.key On a Cisco AP you might have to reset the config over terminal, diff --git a/ssl/mkcert.sh b/ssl/mkcert.sh index 1e087c09..ecd038ea 100755 --- a/ssl/mkcert.sh +++ b/ssl/mkcert.sh @@ -38,7 +38,7 @@ createcert() -subj "$SUBJ" - $OPENSSL ca -config openssl-crt.cnf \ + $OPENSSL ca -config openssl.cnf \ -keyfile $INT_CA_DIR/${PREF}int-ca.key \ -cert $INT_CA_DIR/${PREF}int-ca.crt \ -batch \