pppd: add experimental support for PEAP protocol, an extension of EAP

[ppp.git] / pppd / auth.c

diff --git a/pppd/auth.c b/pppd/auth.c
index 013561ae66bb95053753fc6473d9628cea671faa..75003523b1a7c47d887c414ec48200306f0f657f 100644 (file)
--- a/pppd/auth.c
+++ b/pppd/auth.c
@@ -271,6 +271,7 @@ char *tls_verify_method = NULL;
 bool tls_verify_key_usage = 0;
 bool need_peer_eap = 0;                        /* Require peer to authenticate us */
 #endif
+bool tls_verify_cert = 0;      /* Do not verify server's SSL certificate */
 
 static char *uafname;          /* name of most recent +ua file */
 
@@ -445,6 +446,9 @@ option_t auth_options[] = {
       "Set telephone number(s) which are allowed to connect",
       OPT_PRIV | OPT_A2LIST },
 
+    { "tls-verify-certificate", o_bool, &tls_verify_cert,
+      "Enable server's SSL certificate validation", 1 },
+
 #ifdef USE_EAPTLS
     { "ca", o_string, &cacert_file,   "EAP-TLS CA certificate in PEM format" },
     { "capath", o_string, &ca_path,   "EAP-TLS CA certificate directory" },