X-Git-Url: https://git.ozlabs.org/?a=blobdiff_plain;f=pppd%2Fauth.c;h=75003523b1a7c47d887c414ec48200306f0f657f;hb=4e2c49755175d05f7f4a3c1c70a42d2eef9d7839;hp=013561ae66bb95053753fc6473d9628cea671faa;hpb=ab4d4992050ec171e1c72d661a3457efc8e7c141;p=ppp.git

diff --git a/pppd/auth.c b/pppd/auth.c
index 013561a..7500352 100644
--- a/pppd/auth.c
+++ b/pppd/auth.c
@@ -271,6 +271,7 @@ char *tls_verify_method = NULL;
 bool tls_verify_key_usage = 0;
 bool need_peer_eap = 0;			/* Require peer to authenticate us */
 #endif
+bool tls_verify_cert = 0;	/* Do not verify server's SSL certificate */
 
 static char *uafname;		/* name of most recent +ua file */
 
@@ -445,6 +446,9 @@ option_t auth_options[] = {
       "Set telephone number(s) which are allowed to connect",
       OPT_PRIV | OPT_A2LIST },
 
+    { "tls-verify-certificate", o_bool, &tls_verify_cert,
+      "Enable server's SSL certificate validation", 1 },
+
 #ifdef USE_EAPTLS
     { "ca", o_string, &cacert_file,   "EAP-TLS CA certificate in PEM format" },
     { "capath", o_string, &ca_path,   "EAP-TLS CA certificate directory" },