Remove EAP-TTLSv1 and TLS/IA

These protocols seem to be abandoned: latest IETF drafts have expired years ago and it does not seem likely that EAP-TTLSv1 would be deployed. The implementation in hostapd/wpa_supplicant was not complete and not fully tested. In addition, the TLS/IA functionality was only available when GnuTLS was used. Since GnuTLS removed this functionality in 3.0.0, there is no available TLS/IA implementation in the latest version of any supported TLS library. Remove the EAP-TTLSv1 and TLS/IA implementation to clean up unwanted complexity from hostapd and wpa_supplicant. In addition, this removes any potential use of the GnuTLS extra library.
2011-09-25 21:28:32 +03:00 · 2011-09-25 21:28:32 +03:00 · fd2f2d0489
commit fd2f2d0489
parent e655e1f512
15 changed files with 48 additions and 1171 deletions
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@ -2811,35 +2811,6 @@ unsigned int tls_capabilities(void *tls_ctx)
 }


-int tls_connection_set_ia(void *tls_ctx, struct tls_connection *conn,
-			  int tls_ia)
-{
-	return -1;
-}
-
-
-struct wpabuf * tls_connection_ia_send_phase_finished(
-	void *tls_ctx, struct tls_connection *conn, int final)
-{
-	return NULL;
-}
-
-
-int tls_connection_ia_final_phase_finished(void *tls_ctx,
-					   struct tls_connection *conn)
-{
-	return -1;
-}
-
-
-int tls_connection_ia_permute_inner_secret(void *tls_ctx,
-					   struct tls_connection *conn,
-					   const u8 *key, size_t key_len)
-{
-	return -1;
-}
-
-
 #if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST)
 /* Pre-shared secred requires a patch to openssl, so this function is
 * commented out unless explicitly needed for EAP-FAST in order to be able to