Interworking: Reject EAP configuration with unsupported inner method
Instead of allowing the connection attempt to occur with an unsupported inner method, check for that explicitly at the time the network block is added and drop the network if the identified inner method is not supported. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
f2ca0e9770
commit
9c6c5589e0
1 changed files with 7 additions and 5 deletions
|
@ -1515,6 +1515,7 @@ static int interworking_connect_helper(struct wpa_supplicant *wpa_s,
|
||||||
u16 count, i;
|
u16 count, i;
|
||||||
char buf[100];
|
char buf[100];
|
||||||
int excluded = 0, *excl = allow_excluded ? &excluded : NULL;
|
int excluded = 0, *excl = allow_excluded ? &excluded : NULL;
|
||||||
|
const char *name;
|
||||||
|
|
||||||
if (wpa_s->conf->cred == NULL || bss == NULL)
|
if (wpa_s->conf->cred == NULL || bss == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -1728,11 +1729,12 @@ static int interworking_connect_helper(struct wpa_supplicant *wpa_s,
|
||||||
if (wpa_config_set(ssid, "pac_file",
|
if (wpa_config_set(ssid, "pac_file",
|
||||||
"\"blob://pac_interworking\"", 0) < 0)
|
"\"blob://pac_interworking\"", 0) < 0)
|
||||||
goto fail;
|
goto fail;
|
||||||
os_snprintf(buf, sizeof(buf), "\"auth=%s\"",
|
name = eap_get_name(EAP_VENDOR_IETF,
|
||||||
eap_get_name(EAP_VENDOR_IETF,
|
eap->inner_method ? eap->inner_method :
|
||||||
eap->inner_method ?
|
EAP_TYPE_MSCHAPV2);
|
||||||
eap->inner_method :
|
if (name == NULL)
|
||||||
EAP_TYPE_MSCHAPV2));
|
goto fail;
|
||||||
|
os_snprintf(buf, sizeof(buf), "\"auth=%s\"", name);
|
||||||
if (wpa_config_set(ssid, "phase2", buf, 0) < 0)
|
if (wpa_config_set(ssid, "phase2", buf, 0) < 0)
|
||||||
goto fail;
|
goto fail;
|
||||||
break;
|
break;
|
||||||
|
|
Loading…
Reference in a new issue