diff options
author | Eivind Næss <eivnaes@yahoo.com> | 2021-04-11 16:31:02 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-04-12 09:31:02 +1000 |
commit | f1a34da3b2f5336e4993a729e5ac2130d0e0595a (patch) | |
tree | d127d1aaae308ef8fe798050e0c3c08d07ad059d /README.eap-tls | |
parent | e609ed8bb62e4648568eaa49fbbc858dfda6d122 (diff) | |
download | ppp-f1a34da3b2f5336e4993a729e5ac2130d0e0595a.tar.gz |
pppd: Fix SIGSEGV in EAP-TLS code when TLS verify method is not specified
Make sure the tls_verify_method variable has a default value. Also, fix up the
README.eap-tls documentation for the new options.
Fixes github issue #268.
Signed-off-by: Eivind Naess <eivnaes@yahoo.com>
Diffstat (limited to 'README.eap-tls')
-rw-r--r-- | README.eap-tls | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/README.eap-tls b/README.eap-tls index bc1066e..7895b2b 100644 --- a/README.eap-tls +++ b/README.eap-tls @@ -147,7 +147,9 @@ EAP-TLS authentication support for PPP max-tls-version <1.0|1.1|1.2 (default)|1.3> Specify the maximum TLS protocol version to negotiate with peers. Defaults to TLSv1.2 as the TLSv1.3 code is experimental. - verify-tls-peer <none|subject|name|suffix> + tls-verify-key-usage + Validate certificate purpose and extended key usage + tls-verify-method <none|subject|name|suffix> Compare the remotename against the subject, certificate name, or match by suffix. Default is 'name'. |