aboutsummaryrefslogtreecommitdiffstats
path: root/hostapd/config_file.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2019-07-09 13:56:02 (GMT)
committerJouni Malinen <j@w1.fi>2019-07-09 13:56:02 (GMT)
commit0ed57c5ea8cf1ec32698b1a876bb014ebfc1136f (patch)
tree9af821327604e40c3a6d8fa07140344e74491552 /hostapd/config_file.c
parent7c6f1c5e4a24d0e7e0bd71222df56d7e2a7149fa (diff)
downloadhostap-0ed57c5ea8cf1ec32698b1a876bb014ebfc1136f.zip
hostap-0ed57c5ea8cf1ec32698b1a876bb014ebfc1136f.tar.gz
hostap-0ed57c5ea8cf1ec32698b1a876bb014ebfc1136f.tar.bz2
EAP-TEAP server and peer implementation (RFC 7170)
This adds support for a new EAP method: EAP-TEAP (Tunnel Extensible Authentication Protocol). This should be considered experimental since RFC 7170 has number of conflicting statements and missing details to allow unambiguous interpretation. As such, there may be interoperability issues with other implementations and this version should not be deployed for production purposes until those unclear areas are resolved. This does not yet support use of NewSessionTicket message to deliver a new PAC (either in the server or peer implementation). In other words, only the in-tunnel distribution of PAC-Opaque is supported for now. Use of the NewSessionTicket mechanism would require TLS library support to allow arbitrary data to be specified as the contents of the message. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'hostapd/config_file.c')
-rw-r--r--hostapd/config_file.c14
1 files changed, 14 insertions, 0 deletions
diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index c4106c1..3a29438 100644
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -2675,6 +2675,20 @@ static int hostapd_config_fill(struct hostapd_config *conf,
} else if (os_strcmp(buf, "pac_key_refresh_time") == 0) {
bss->pac_key_refresh_time = atoi(pos);
#endif /* EAP_SERVER_FAST */
+#ifdef EAP_SERVER_TEAP
+ } else if (os_strcmp(buf, "eap_teap_auth") == 0) {
+ int val = atoi(pos);
+
+ if (val < 0 || val > 1) {
+ wpa_printf(MSG_ERROR,
+ "Line %d: Invalid eap_teap_auth value",
+ line);
+ return 1;
+ }
+ bss->eap_teap_auth = val;
+ } else if (os_strcmp(buf, "eap_teap_pac_no_inner") == 0) {
+ bss->eap_teap_pac_no_inner = atoi(pos);
+#endif /* EAP_SERVER_TEAP */
#ifdef EAP_SERVER_SIM
} else if (os_strcmp(buf, "eap_sim_db") == 0) {
os_free(bss->eap_sim_db);