EAP-TEAP peer: Clear Phase 2 EAP method on new Identity exchange
This is needed to allow clean transition from one inner EAP authentication method to another one if EAP method negotiation is needed within Phase 2. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
70990138ec
commit
4d78ba9900
1 changed files with 19 additions and 9 deletions
|
@ -378,6 +378,22 @@ static int eap_teap_select_phase2_method(struct eap_teap_data *data,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static void eap_teap_deinit_inner_eap(struct eap_sm *sm,
|
||||||
|
struct eap_teap_data *data)
|
||||||
|
{
|
||||||
|
if (!data->phase2_priv || !data->phase2_method)
|
||||||
|
return;
|
||||||
|
|
||||||
|
wpa_printf(MSG_DEBUG,
|
||||||
|
"EAP-TEAP: Phase 2 EAP sequence - deinitialize previous method");
|
||||||
|
data->phase2_method->deinit(sm, data->phase2_priv);
|
||||||
|
data->phase2_method = NULL;
|
||||||
|
data->phase2_priv = NULL;
|
||||||
|
data->phase2_type.vendor = EAP_VENDOR_IETF;
|
||||||
|
data->phase2_type.method = EAP_TYPE_NONE;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
static int eap_teap_phase2_request(struct eap_sm *sm,
|
static int eap_teap_phase2_request(struct eap_sm *sm,
|
||||||
struct eap_teap_data *data,
|
struct eap_teap_data *data,
|
||||||
struct eap_method_ret *ret,
|
struct eap_method_ret *ret,
|
||||||
|
@ -413,21 +429,15 @@ static int eap_teap_phase2_request(struct eap_sm *sm,
|
||||||
wpa_printf(MSG_DEBUG, "EAP-TEAP: Phase 2 Request: type=%u:%u",
|
wpa_printf(MSG_DEBUG, "EAP-TEAP: Phase 2 Request: type=%u:%u",
|
||||||
vendor, method);
|
vendor, method);
|
||||||
if (vendor == EAP_VENDOR_IETF && method == EAP_TYPE_IDENTITY) {
|
if (vendor == EAP_VENDOR_IETF && method == EAP_TYPE_IDENTITY) {
|
||||||
|
eap_teap_deinit_inner_eap(sm, data);
|
||||||
*resp = eap_sm_buildIdentity(sm, hdr->identifier, 1);
|
*resp = eap_sm_buildIdentity(sm, hdr->identifier, 1);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (data->phase2_priv && data->phase2_method &&
|
if (data->phase2_priv && data->phase2_method &&
|
||||||
(vendor != data->phase2_type.vendor ||
|
(vendor != data->phase2_type.vendor ||
|
||||||
method != data->phase2_type.method)) {
|
method != data->phase2_type.method))
|
||||||
wpa_printf(MSG_DEBUG,
|
eap_teap_deinit_inner_eap(sm, data);
|
||||||
"EAP-TEAP: Phase 2 EAP sequence - deinitialize previous method");
|
|
||||||
data->phase2_method->deinit(sm, data->phase2_priv);
|
|
||||||
data->phase2_method = NULL;
|
|
||||||
data->phase2_priv = NULL;
|
|
||||||
data->phase2_type.vendor = EAP_VENDOR_IETF;
|
|
||||||
data->phase2_type.method = EAP_TYPE_NONE;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (data->phase2_type.vendor == EAP_VENDOR_IETF &&
|
if (data->phase2_type.vendor == EAP_VENDOR_IETF &&
|
||||||
data->phase2_type.method == EAP_TYPE_NONE &&
|
data->phase2_type.method == EAP_TYPE_NONE &&
|
||||||
|
|
Loading…
Reference in a new issue