From 689a248260c9708e6c92cd8635382725a29e34ca Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sat, 16 Mar 2024 11:16:12 +0200 Subject: [PATCH] eapol_test: Move Message-Authenticator attribute to be the first one Even if this is not strictly speaking necessary for mitigating certain RADIUS protocol attacks, be consistent with the RADIUS server behavior and move the Message-Authenticator attribute to be the first attribute in the message from RADIUS client. Signed-off-by: Jouni Malinen --- wpa_supplicant/eapol_test.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/wpa_supplicant/eapol_test.c b/wpa_supplicant/eapol_test.c index 95953de92..0c17aaea4 100644 --- a/wpa_supplicant/eapol_test.c +++ b/wpa_supplicant/eapol_test.c @@ -195,6 +195,9 @@ static void ieee802_1x_encapsulate_radius(struct eapol_test_data *e, return; } + if (!radius_msg_add_msg_auth(msg)) + goto fail; + radius_msg_make_authenticator(msg); hdr = (const struct eap_hdr *) eap;