DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

EAP-TTLS/PEAP/FAST peer: Stop immediately on local TLS processing failure

Browse source 
EAP-TLS was already doing this, but the other TLS-based EAP methods did
not mark methodState DONE and decision FAIL on local TLS processing
errors (instead, they left the connection waiting for a longer timeout).

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2015-07-28 16:30:41 +03:00
parent 6ee66b4251
commit bb91243047
3 changed files with 20 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/eap_peer/eap_peap.c
View file

@ -1011,6 +1011,13 @@ static struct wpabuf * eap_peap_process(struct eap_sm *sm, void *priv,
data->peap_version, id, &msg,
&resp);
if (res < 0) {
wpa_printf(MSG_DEBUG,
"EAP-PEAP: TLS processing failed");
ret->methodState = METHOD_DONE;
ret->decision = DECISION_FAIL;
return resp;
}
if (tls_connection_established(sm->ssl_ctx, data->ssl.conn)) {
char *label;
wpa_printf(MSG_DEBUG,