aboutsummaryrefslogtreecommitdiffstats
path: root/hostapd
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2019-08-19 22:37:31 (GMT)
committerJouni Malinen <j@w1.fi>2019-08-19 23:13:22 (GMT)
commite54cfbb56abd7585ae0182d43638db3fa4685df1 (patch)
treeaa16dc12b694a24bb4bf7d2b52820c1d035e228e /hostapd
parentf186ec54c3ab242c21c2ec7aef271681b0f38b06 (diff)
downloadhostap-e54cfbb56abd7585ae0182d43638db3fa4685df1.zip
hostap-e54cfbb56abd7585ae0182d43638db3fa4685df1.tar.gz
hostap-e54cfbb56abd7585ae0182d43638db3fa4685df1.tar.bz2
EAP-TEAP server: Allow a specific Identity-Type to be requested/required
The new hostapd configuration parameter eap_teap_id can be used to configure the expected behavior for used identity type. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'hostapd')
-rw-r--r--hostapd/config_file.c2
-rw-r--r--hostapd/hostapd.conf8
2 files changed, 10 insertions, 0 deletions
diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index 1ef7d57..4a2f12d 100644
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -2622,6 +2622,8 @@ static int hostapd_config_fill(struct hostapd_config *conf,
bss->eap_teap_pac_no_inner = atoi(pos);
} else if (os_strcmp(buf, "eap_teap_separate_result") == 0) {
bss->eap_teap_separate_result = atoi(pos);
+ } else if (os_strcmp(buf, "eap_teap_id") == 0) {
+ bss->eap_teap_id = atoi(pos);
#endif /* EAP_SERVER_TEAP */
#ifdef EAP_SERVER_SIM
} else if (os_strcmp(buf, "eap_sim_db") == 0) {
diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf
index f36e1fa..5497df2 100644
--- a/hostapd/hostapd.conf
+++ b/hostapd/hostapd.conf
@@ -1206,6 +1206,14 @@ eap_server=0
# 1 = send in a separate message (for testing purposes)
#eap_teap_separate_result=0
+# EAP-TEAP identities
+# 0 = allow any identity type (default)
+# 1 = require user identity
+# 2 = require machine identity
+# 3 = request user identity; accept either user or machine identity
+# 4 = request machine identity; accept either user or machine identity
+#eap_teap_id=0
+
# EAP-SIM and EAP-AKA protected success/failure indication using AT_RESULT_IND
# (default: 0 = disabled).
#eap_sim_aka_result_ind=1