pppd: Fix SIGSEGV in EAP-TLS code when TLS verify method is not specified

Make sure the tls_verify_method variable has a default value. Also, fix up the README.eap-tls documentation for the new options. Fixes github issue #268. Signed-off-by: Eivind Naess <eivnaes@yahoo.com>
author: Eivind Næss <eivnaes@yahoo.com> 2021-04-11 16:31:02 -0700
committer: GitHub <noreply@github.com> 2021-04-12 09:31:02 +1000
commit: f1a34da3b2f5336e4993a729e5ac2130d0e0595a (patch)
tree: d127d1aaae308ef8fe798050e0c3c08d07ad059d /README.eap-tls
parent: e609ed8bb62e4648568eaa49fbbc858dfda6d122 (diff)
download: ppp-f1a34da3b2f5336e4993a729e5ac2130d0e0595a.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/README.eap-tls b/README.eap-tls
index bc1066e..7895b2b 100644
--- a/README.eap-tls
+++ b/README.eap-tls
@@ -147,7 +147,9 @@ EAP-TLS authentication support for PPP
       max-tls-version <1.0|1.1|1.2 (default)|1.3>
         Specify the maximum TLS protocol version to negotiate with peers. Defaults
         to TLSv1.2 as the TLSv1.3 code is experimental.
-      verify-tls-peer <none|subject|name|suffix>
+      tls-verify-key-usage
+        Validate certificate purpose and extended key usage
+      tls-verify-method <none|subject|name|suffix>
         Compare the remotename against the subject, certificate name, or
         match by suffix. Default is 'name'.
author	Eivind Næss <eivnaes@yahoo.com>	2021-04-11 16:31:02 -0700
committer	GitHub <noreply@github.com>	2021-04-12 09:31:02 +1000
commit	f1a34da3b2f5336e4993a729e5ac2130d0e0595a (patch)
tree	d127d1aaae308ef8fe798050e0c3c08d07ad059d /README.eap-tls
parent	e609ed8bb62e4648568eaa49fbbc858dfda6d122 (diff)
download	ppp-f1a34da3b2f5336e4993a729e5ac2130d0e0595a.tar.gz