aboutsummaryrefslogtreecommitdiffstats
path: root/hostapd/eap_register.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2012-08-22 19:34:11 (GMT)
committerJouni Malinen <j@w1.fi>2012-08-22 19:34:11 (GMT)
commit065d2895b4693e8c923580dbfa31123297c8bb7d (patch)
tree3af626199a8454ced913214db958bc2910764e23 /hostapd/eap_register.c
parentd13f9857f8cb7b90e78bf4725f4765f233606eb5 (diff)
downloadhostap-065d2895b4693e8c923580dbfa31123297c8bb7d.zip
hostap-065d2895b4693e8c923580dbfa31123297c8bb7d.tar.gz
hostap-065d2895b4693e8c923580dbfa31123297c8bb7d.tar.bz2
Add UNAUTH-TLS vendor specific EAP type
This EAP type uses a vendor specific expanded EAP header to encapsulate EAP-TLS with a configuration where the EAP server does not authenticate the EAP peer. In other words, this method includes only server authentication. The peer is configured with only the ca_cert parameter (similarly to other TLS-based EAP methods). This method can be used for cases where the network provides free access to anyone, but use of RSN with a securely derived unique PMK for each station is desired. The expanded EAP header uses the hostapd/wpa_supplicant vendor code 39068 and vendor type 1 to identify the UNAUTH-TLS method. Signed-hostap: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'hostapd/eap_register.c')
-rw-r--r--hostapd/eap_register.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/hostapd/eap_register.c b/hostapd/eap_register.c
index 089c7b2..0a7ff91 100644
--- a/hostapd/eap_register.c
+++ b/hostapd/eap_register.c
@@ -39,6 +39,11 @@ int eap_server_register_methods(void)
ret = eap_server_tls_register();
#endif /* EAP_SERVER_TLS */
+#ifdef EAP_SERVER_UNAUTH_TLS
+ if (ret == 0)
+ ret = eap_server_unauth_tls_register();
+#endif /* EAP_SERVER_TLS */
+
#ifdef EAP_SERVER_MSCHAPV2
if (ret == 0)
ret = eap_server_mschapv2_register();