EAP-TLS peer: Handle Commitment Message for TLS 1.3
Recognize the explicitly defined Commitment Message per draft-ietf-emu-eap-tls13-13 at the conclusion of the EAP-TLS with TLS 1.3. Signed-off-by: Alexander Clouter <alex@digriz.org.uk>
This commit is contained in:
parent
3a457509db
commit
155125b02a
1 changed files with 4 additions and 8 deletions
|
@ -302,15 +302,11 @@ static struct wpabuf * eap_tls_process(struct eap_sm *sm, void *priv,
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (res == 2) {
|
/* draft-ietf-emu-eap-tls13-13 Section 2.5 */
|
||||||
/* Application data included in the handshake message (used by
|
if (res == 2 && data->ssl.tls_v13 && wpabuf_len(resp) == 1 &&
|
||||||
* EAP-TLS 1.3 to indicate conclusion of the exchange). */
|
*wpabuf_head_u8(resp) == 0) {
|
||||||
wpa_hexdump_buf(MSG_DEBUG, "EAP-TLS: Received Application Data",
|
wpa_printf(MSG_DEBUG, "EAP-TLS: ACKing Commitment Message");
|
||||||
resp);
|
|
||||||
wpa_hexdump_buf(MSG_DEBUG, "EAP-TLS: Remaining tls_out data",
|
|
||||||
data->ssl.tls_out);
|
|
||||||
eap_peer_tls_reset_output(&data->ssl);
|
eap_peer_tls_reset_output(&data->ssl);
|
||||||
/* Send an ACK to allow the server to complete exchange */
|
|
||||||
res = 1;
|
res = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue