projects
/
freeradius.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
150e6d2
)
If we're inside of a TLS tunnel, don't require a client
author
aland
<aland>
Sun, 16 Dec 2007 08:26:56 +0000
(08:26 +0000)
committer
aland
<aland>
Sun, 16 Dec 2007 08:26:56 +0000
(08:26 +0000)
certificate. I'm not sure how the user gets authenticated,
but it's what hostapd does...
src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
patch
|
blob
|
history
diff --git
a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
index
239a473
..
c97ca34
100644
(file)
--- a/
src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
+++ b/
src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
@@
-615,6
+615,13
@@
static int eaptls_initiate(void *type_arg, EAP_HANDLER *handler)
} else {
client_cert = vp->vp_integer;
}
+
+ } else if (handler->request->parent) {
+ /*
+ * If we're doing EAP-TLS inside of a TLS tunnel,
+ * we don't need a client certificate.
+ */
+ client_cert = FALSE;
}
/*