EAP-pwd peer: Comment out MS password hash if CONFIG_FIPS=y

The needed hash functions are not available in FIPS mode.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2015-08-01 21:03:30 +03:00
parent cd94f0d159
commit 4549607b04

View file

@ -288,6 +288,12 @@ eap_pwd_perform_id_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
} }
if (id->prep == EAP_PWD_PREP_MS) { if (id->prep == EAP_PWD_PREP_MS) {
#ifdef CONFIG_FIPS
wpa_printf(MSG_ERROR,
"EAP-PWD (peer): MS password hash not supported in FIPS mode");
eap_pwd_state(data, FAILURE);
return;
#else /* CONFIG_FIPS */
if (data->password_hash) { if (data->password_hash) {
res = hash_nt_password_hash(data->password, pwhashhash); res = hash_nt_password_hash(data->password, pwhashhash);
} else { } else {
@ -307,6 +313,7 @@ eap_pwd_perform_id_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
password = pwhashhash; password = pwhashhash;
password_len = sizeof(pwhashhash); password_len = sizeof(pwhashhash);
#endif /* CONFIG_FIPS */
} else { } else {
password = data->password; password = data->password;
password_len = data->password_len; password_len = data->password_len;