a 802.1x-ttls supplicant (client) needs to compute a
session-key using material gathered in the tls handshake:
the prf, master secret, client-random and server-random.
Either all these have to be exposed to the user,
or the session-key computation has to be done as part
of the tls handshake. I'm suggesting to do the latter here,
by extending the TLSconn.

As far as I can see, this change should not break any
existing code, although recompilation is needed.

I could imagine other situations where also a session-key
has to be computed, but in a different way.
I tried to cater for that by the sessionType field
which allows/forces the user to specify some kind of
computation scheme.

If there is a better way to do this please let me know
(I tried to get feedback via 9fans, without success).

Axel.