DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

EAP server: Allow reauth to be started with passthrough

Browse source 
Some sequencies of EAPOL logoff/logon/start messages seem to be
able to get the previous implementation into state where hostapd
would not be able to start reauthentication when external
authentication server is used. The EAP server code would bypass
the initial Identity Request generation and EAPOL code would not
be able to send anything to the authentication server or supplicant
at that point. Work around this by forcing EAP server code to
start with Identity Request after INITIALIZE state even if the
Identity is known.
This commit is contained in:
Jouni Malinen 2010-10-09 08:53:45 +03:00
parent dce044cce5
commit c3fc47ea8e
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
src/eap_server/eap_server.c
View file

@ -146,6 +146,13 @@ SM_STATE(EAP, INITIALIZE)
sm->eap_if.eapKeyAvailable = FALSE;
sm->eap_if.eapRestart = FALSE;
/*
* Start reauthentication with identity request even if we know the
* previously used identity. This is needed to get reauthentication
* started properly.
*/
sm->start_reauth = TRUE;
/*
* This is not defined in RFC 4137, but method state needs to be
* reseted here so that it does not remain in success state when