ctrl_iface support for OpenSSL PKCS#11 configuration

Enrico enricop
Tue May 8 04:42:27 PDT 2012


Hi all,
after reading the wpa_ctrl docs and experimenting a bit with wpa_cli,
i still can not understand if the wpa_ctrl interface supports setting
OpenSSL PKCS#11 configuration at runtime. In particular, for our platform, we 
are interested in setting global variables:

	pkcs11_engine_path=/usr/lib/opensc/engine_pkcs11.so
	pkcs11_module_path=/usr/lib/pkcs11/opensc-pkcs11.so
	
However 'set' command in wpa_cli outputs only the following properties:

 > set
set variables:
   EAPOL::heldPeriod (EAPOL state machine held period, in seconds)
   EAPOL::authPeriod (EAPOL state machine authentication period, in seconds)
   EAPOL::startPeriod (EAPOL state machine start period, in seconds)
   EAPOL::maxStart (EAPOL state machine maximum start attempts)
   dot11RSNAConfigPMKLifetime (WPA/WPA2 PMK lifetime in seconds)
   dot11RSNAConfigPMKReauthThreshold (WPA/WPA2 reauthentication threshold
	percentage)
   dot11RSNAConfigSATimeout (WPA/WPA2 timeout for completing security
	association in seconds)

Are they simply not implemented in wpa_cli vars list?

If we do not use a configuration backend, is there a way to set these 'global' 
properties at runtime?

Another question:

does 'set_network' command support these fields?

	engine=1
	engine_id="pkcs11"
	key_id="4"
	cert_id="4"
	ca_cert_id="1"
	pin="123456"

Thank you in advance for your support.
Best Regards,
Enrico



More information about the Hostap mailing list