From fae4eafe4ad593dff5a536a935e473cfe6eac2bd Mon Sep 17 00:00:00 2001
From: Alexander Clouter <alex@digriz.org.uk>
Date: Fri, 16 Oct 2020 09:49:38 +0100
Subject: [PATCH] EAP-TTLS peer: Handle Commitment Message for TLS 1.3

Recognize the explicitly defined Commitment Message per
draft-ietf-emu-eap-tls13-13 at the conclusion of the EAP-TTLS with TLS
1.3.

Signed-off-by: Alexander Clouter <alex@digriz.org.uk>
---
 src/eap_peer/eap_ttls.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/eap_peer/eap_ttls.c b/src/eap_peer/eap_ttls.c
index b8e33217b..c4019154d 100644
--- a/src/eap_peer/eap_ttls.c
+++ b/src/eap_peer/eap_ttls.c
@@ -1473,6 +1473,16 @@ start:
 		goto start;
 	}
 
+	/* draft-ietf-emu-eap-tls13-13 Section 2.5 */
+	if (data->ssl.tls_v13 && wpabuf_len(in_decrypted) == 1 &&
+	    *wpabuf_head_u8(in_decrypted) == 0) {
+		wpa_printf(MSG_DEBUG,
+			   "EAP-TTLS: ACKing EAP-TLS Commitment Message");
+		eap_peer_tls_reset_output(&data->ssl);
+		wpabuf_free(in_decrypted);
+		return 1;
+	}
+
 continue_req:
 	data->phase2_start = 0;