Add tls_session_reused=<0/1> into EAP peer TLS status

This can be used to determine whether the last TLS-based EAP
authentication instance re-used a previous session (e.g., TLS session
resumption or EAP-FAST session ticket).

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2014-12-09 23:41:09 +02:00
parent bccbd51a80
commit b90d064f1a

View file

@ -794,7 +794,10 @@ int eap_peer_tls_status(struct eap_sm *sm, struct eap_ssl_data *data,
if (tls_get_cipher(data->ssl_ctx, data->conn, name, sizeof(name)) == 0) if (tls_get_cipher(data->ssl_ctx, data->conn, name, sizeof(name)) == 0)
{ {
ret = os_snprintf(buf + len, buflen - len, ret = os_snprintf(buf + len, buflen - len,
"EAP TLS cipher=%s\n", name); "EAP TLS cipher=%s\n"
"tls_session_reused=%d\n",
name, tls_connection_resumed(data->ssl_ctx,
data->conn));
if (os_snprintf_error(buflen - len, ret)) if (os_snprintf_error(buflen - len, ret))
return len; return len;
len += ret; len += ret;