Added attribute to control behaviour of TLS

author aland <aland>

Thu, 14 Aug 2003 17:24:11 +0000 (17:24 +0000)

committer aland <aland>

Thu, 14 Aug 2003 17:24:11 +0000 (17:24 +0000)
author aland <aland>
Thu, 14 Aug 2003 17:24:11 +0000 (17:24 +0000)
committer aland <aland>
Thu, 14 Aug 2003 17:24:11 +0000 (17:24 +0000)
diff --git a/share/dictionary b/share/dictionary

index 25b0b33..79ca025 100644 (file)
--- a/share/dictionary
+++ b/share/dictionary
@@ -259,6 +259,7 @@ ATTRIBUTE   Pre-Acct-Type           1017    integer
  #      by the EAP module, for informational purposed only.
  #
  ATTRIBUTE      EAP-Type                1018    integer
+ATTRIBUTE      EAP-TLS-Require-Client-Cert     1019    integer
  
  #
  #      Integer Translations
@@ -575,3 +576,10 @@ VALUE              EAP-Type        SecuriSuite-EAP         39
  VALUE          EAP-Type        DeviceConnect-EAP       40
  VALUE          EAP-Type        EAP-SPEKE               41
  VALUE          EAP-Type        EAP-MOBAC               42
+
+#
+#      This says TLS, but it's only valid for TTLS & PEAP.
+#      EAP-TLS *always* requires a client certificate.
+#
+VALUE  EAP-TLS-Require-Client-Cert No  0
+VALUE  EAP-TLS-Require-Client-Cert Yes 1
diff --git a/src/include/radius.h b/src/include/radius.h

index 08a7230..76f846a 100644 (file)
--- a/src/include/radius.h
+++ b/src/include/radius.h
@@ -138,6 +138,7 @@
  #define PW_POST_PROXY_TYPE             1016
  #define PW_PRE_ACCT_TYPE               1017
  #define PW_EAP_TYPE                    1018
+#define PW_EAP_TLS_REQUIRE_CLIENT_CERT 1019
  
  #define PW_USER_CATEGORY               1029
  #define PW_GROUP_NAME                  1030
author	aland <aland>
	Thu, 14 Aug 2003 17:24:11 +0000 (17:24 +0000)
committer	aland <aland>
	Thu, 14 Aug 2003 17:24:11 +0000 (17:24 +0000)
share/dictionary		patch \| blob \| history
src/include/radius.h		patch \| blob \| history