aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/libtls/tls.h2
-rw-r--r--src/libtls/tls_crypto.c1
-rw-r--r--src/libtls/tls_server.c1
3 files changed, 4 insertions, 0 deletions
diff --git a/src/libtls/tls.h b/src/libtls/tls.h
index a426d7618..5c06686b7 100644
--- a/src/libtls/tls.h
+++ b/src/libtls/tls.h
@@ -96,6 +96,8 @@ enum tls_purpose_t {
TLS_PURPOSE_EAP_TLS,
/** outer authentication and protection in EAP-TTLS */
TLS_PURPOSE_EAP_TTLS,
+ /** EAP-TTLS with client authentication */
+ TLS_PURPOSE_EAP_TTLS_CLIENT_AUTH,
};
/**
diff --git a/src/libtls/tls_crypto.c b/src/libtls/tls_crypto.c
index 26e4dfa41..a12944af1 100644
--- a/src/libtls/tls_crypto.c
+++ b/src/libtls/tls_crypto.c
@@ -926,6 +926,7 @@ tls_crypto_t *tls_crypto_create(tls_t *tls)
build_cipher_suite_list(this, FALSE);
break;
case TLS_PURPOSE_EAP_TTLS:
+ case TLS_PURPOSE_EAP_TTLS_CLIENT_AUTH:
/* MSK PRF ASCII constant label according to EAP-TTLS RFC 5281 */
this->msk_label = "ttls keying material";
build_cipher_suite_list(this, TRUE);
diff --git a/src/libtls/tls_server.c b/src/libtls/tls_server.c
index 4f988c603..77e26d6fa 100644
--- a/src/libtls/tls_server.c
+++ b/src/libtls/tls_server.c
@@ -682,6 +682,7 @@ tls_server_t *tls_server_create(tls_t *tls,
switch (tls->get_purpose(tls))
{
case TLS_PURPOSE_EAP_TLS:
+ case TLS_PURPOSE_EAP_TTLS_CLIENT_AUTH:
this->request_peer_auth = TRUE;
break;
case TLS_PURPOSE_EAP_TTLS:
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-19 22:08:56 +0000