aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_common/eap_defs.h
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2012-08-22 19:34:11 (GMT)
committerJouni Malinen <j@w1.fi>2012-08-22 19:34:11 (GMT)
commit065d2895b4693e8c923580dbfa31123297c8bb7d (patch)
tree3af626199a8454ced913214db958bc2910764e23 /src/eap_common/eap_defs.h
parentd13f9857f8cb7b90e78bf4725f4765f233606eb5 (diff)
downloadhostap-065d2895b4693e8c923580dbfa31123297c8bb7d.zip
hostap-065d2895b4693e8c923580dbfa31123297c8bb7d.tar.gz
hostap-065d2895b4693e8c923580dbfa31123297c8bb7d.tar.bz2
Add UNAUTH-TLS vendor specific EAP type
This EAP type uses a vendor specific expanded EAP header to encapsulate EAP-TLS with a configuration where the EAP server does not authenticate the EAP peer. In other words, this method includes only server authentication. The peer is configured with only the ca_cert parameter (similarly to other TLS-based EAP methods). This method can be used for cases where the network provides free access to anyone, but use of RSN with a securely derived unique PMK for each station is desired. The expanded EAP header uses the hostapd/wpa_supplicant vendor code 39068 and vendor type 1 to identify the UNAUTH-TLS method. Signed-hostap: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/eap_common/eap_defs.h')
-rw-r--r--src/eap_common/eap_defs.h3
1 files changed, 3 insertions, 0 deletions
diff --git a/src/eap_common/eap_defs.h b/src/eap_common/eap_defs.h
index 4047e04..0d247c4 100644
--- a/src/eap_common/eap_defs.h
+++ b/src/eap_common/eap_defs.h
@@ -75,6 +75,9 @@ enum {
EAP_VENDOR_HOSTAP = 39068 /* hostapd/wpa_supplicant project */
};
+#define EAP_VENDOR_UNAUTH_TLS EAP_VENDOR_HOSTAP
+#define EAP_VENDOR_TYPE_UNAUTH_TLS 1
+
#define EAP_MSK_LEN 64
#define EAP_EMSK_LEN 64