DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Make TLS version number available in STATUS command

Browse source 
This adds a new STATUS command field "eap_tls_version" that shows the
TLS version number that was used during EAP-TLS/TTLS/PEAP/FAST exchange.
For now, this is only supported with OpenSSL.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2015-07-08 19:51:03 +03:00
parent 5650d379a3
commit fe1bf32974
6 changed files with 68 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

28
src/eap_peer/eap_tls_common.c
View file

@ -753,20 +753,24 @@ int eap_peer_tls_reauth_init(struct eap_sm *sm, struct eap_ssl_data *data)
int eap_peer_tls_status(struct eap_sm *sm, struct eap_ssl_data *data,
char *buf, size_t buflen, int verbose)
{
char name[128];
char version[20], name[128];
int len = 0, ret;
if (tls_get_cipher(data->ssl_ctx, data->conn, name, sizeof(name)) == 0)
{
ret = os_snprintf(buf + len, buflen - len,
"EAP TLS cipher=%s\n"
"tls_session_reused=%d\n",
name, tls_connection_resumed(data->ssl_ctx,
data->conn));
if (os_snprintf_error(buflen - len, ret))
return len;
len += ret;
}
if (tls_get_version(data->ssl_ctx, data->conn, version,
sizeof(version)) < 0)
version[0] = '\0';
if (tls_get_cipher(data->ssl_ctx, data->conn, name, sizeof(name)) < 0)
name[0] = '\0';
ret = os_snprintf(buf + len, buflen - len,
"eap_tls_version=%s\n"
"EAP TLS cipher=%s\n"
"tls_session_reused=%d\n",
version, name,
tls_connection_resumed(data->ssl_ctx, data->conn));
if (os_snprintf_error(buflen - len, ret))
return len;
len += ret;
return len;
}