summaryrefslogtreecommitdiffstats
path: root/src/include/tls-h
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-08-26 10:41:52 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-08-26 10:41:52 +0000
commitde8bf9112695763664912e340b265fa898188460 (patch)
tree9bcd5f8d45fc3b81174d3de8abfd573b68e9d7f6 /src/include/tls-h
parentAdding debian version 3.2.3+dfsg-2. (diff)
downloadfreeradius-de8bf9112695763664912e340b265fa898188460.tar.xz
freeradius-de8bf9112695763664912e340b265fa898188460.zip
Merging upstream version 3.2.5+dfsg.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/include/tls-h')
-rw-r--r--src/include/tls-h10
1 files changed, 9 insertions, 1 deletions
diff --git a/src/include/tls-h b/src/include/tls-h
index 4bf1665..506fb19 100644
--- a/src/include/tls-h
+++ b/src/include/tls-h
@@ -152,6 +152,9 @@ typedef struct _tls_session_t {
//!< If set to no then only the first fragment contains length.
int peap_flag;
+ VALUE_PAIR *outer_tlvs; //!< only for TEAP, and only for the first fragment.
+ uint8_t *outer_tlvs_octets; //!< only for TEAP, needed for Crypto-Binding TLV
+
size_t tls_record_in_total_len; //!< How long the peer indicated the complete tls record
//!< would be.
size_t tls_record_in_recvd_len; //!< How much of the record we've received so far.
@@ -176,17 +179,19 @@ typedef struct _tls_session_t {
*
* 0 1 2 3 4 5 6 7 8
* +-+-+-+-+-+-+-+-+
- * |L M S R R R R R|
+ * |L M S O R R R R|
* +-+-+-+-+-+-+-+-+
*
* L = Length included
* M = More fragments
* S = EAP-TLS start
+ * O = outer TLV length included (4 octets, only for TEAP)
* R = Reserved
*/
#define TLS_START(x) (((x) & 0x20) != 0)
#define TLS_MORE_FRAGMENTS(x) (((x) & 0x40) != 0)
#define TLS_LENGTH_INCLUDED(x) (((x) & 0x80) != 0)
+#define TLS_OUTER_TLV_INCLUDED(x) (((x) & 0x10) != 0)
#define TLS_CHANGE_CIPHER_SPEC(x) (((x) & 0x0014) == 0x0014)
#define TLS_ALERT(x) (((x) & 0x0015) == 0x0015)
@@ -195,6 +200,7 @@ typedef struct _tls_session_t {
#define SET_START(x) ((x) | (0x20))
#define SET_MORE_FRAGMENTS(x) ((x) | (0x40))
#define SET_LENGTH_INCLUDED(x) ((x) | (0x80))
+#define SET_OUTER_TLV_INCLUDED(x) ((x) | (0x10))
/*
* Following enums from rfc2246
@@ -351,6 +357,8 @@ struct fr_tls_server_conf_t {
SSL_CTX *ctx;
CONF_SECTION *cs;
+ char const *name; //!< name of the thing doing TLS.
+
char const *private_key_password;
char const *private_key_file;
char const *certificate_file;