From: Jouni Malinen <j@w1.fi>
Date: Tue, 9 Dec 2014 21:41:09 +0000 (+0200)
Subject: Add tls_session_reused=<0/1> into EAP peer TLS status
X-Git-Tag: hostap_2_4~844
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b90d064f1abef59ad82487fd1ac646fa7e83cb18;p=thirdparty%2Fhostap.git

Add tls_session_reused=<0/1> into EAP peer TLS status

This can be used to determine whether the last TLS-based EAP
authentication instance re-used a previous session (e.g., TLS session
resumption or EAP-FAST session ticket).

Signed-off-by: Jouni Malinen <j@w1.fi>
---

diff --git a/src/eap_peer/eap_tls_common.c b/src/eap_peer/eap_tls_common.c
index 934ab34b3..3641a2c83 100644
--- a/src/eap_peer/eap_tls_common.c
+++ b/src/eap_peer/eap_tls_common.c
@@ -794,7 +794,10 @@ int eap_peer_tls_status(struct eap_sm *sm, struct eap_ssl_data *data,
 	if (tls_get_cipher(data->ssl_ctx, data->conn, name, sizeof(name)) == 0)
 	{
 		ret = os_snprintf(buf + len, buflen - len,
-				  "EAP TLS cipher=%s\n", name);
+				  "EAP TLS cipher=%s\n"
+				  "tls_session_reused=%d\n",
+				  name, tls_connection_resumed(data->ssl_ctx,
+							       data->conn));
 		if (os_snprintf_error(buflen - len, ret))
 			return len;
 		len += ret;