jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

TNC: Added support for using TNC with EAP-FAST

Browse source
This commit is contained in:
Jouni Malinen 2008-03-09 11:21:01 +02:00
parent c3e258ae9f
commit 4f1c561725
2 changed files with 27 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
src/eap_peer/eap_fast.c
View file

@ -358,6 +358,9 @@ static int eap_fast_select_phase2_method(struct eap_fast_data *data, u8 type)
{ {
size_t i; size_t i;
/* TODO: TNC with anonymous provisioning; need to require both
* completed MSCHAPv2 and TNC */
if (data->anon_provisioning && type != EAP_TYPE_MSCHAPV2) { if (data->anon_provisioning && type != EAP_TYPE_MSCHAPV2) {
wpa_printf(MSG_INFO, "EAP-FAST: Only EAP-MSCHAPv2 is allowed " wpa_printf(MSG_INFO, "EAP-FAST: Only EAP-MSCHAPv2 is allowed "
"during unauthenticated provisioning; reject phase2" "during unauthenticated provisioning; reject phase2"
@ -365,6 +368,18 @@ static int eap_fast_select_phase2_method(struct eap_fast_data *data, u8 type)
return -1; return -1;
} }
#ifdef EAP_TNC
if (type == EAP_TYPE_TNC) {
data->phase2_type.vendor = EAP_VENDOR_IETF;
data->phase2_type.method = EAP_TYPE_TNC;
wpa_printf(MSG_DEBUG, "EAP-FAST: Selected Phase 2 EAP "
"vendor %d method %d for TNC",
data->phase2_type.vendor,
data->phase2_type.method);
return 0;
}
#endif /* EAP_TNC */
for (i = 0; i < data->num_phase2_types; i++) { for (i = 0; i < data->num_phase2_types; i++) {
if (data->phase2_types[i].vendor != EAP_VENDOR_IETF || if (data->phase2_types[i].vendor != EAP_VENDOR_IETF ||
data->phase2_types[i].method != type) data->phase2_types[i].method != type)
@ -410,6 +425,17 @@ static int eap_fast_phase2_request(struct eap_sm *sm,
return 0; return 0;
} }
if (data->phase2_priv && data->phase2_method &&
*pos != data->phase2_type.method) {
wpa_printf(MSG_DEBUG, "EAP-FAST: Phase 2 EAP sequence - "
"deinitialize previous method");
data->phase2_method->deinit(sm, data->phase2_priv);
data->phase2_method = NULL;
data->phase2_priv = NULL;
data->phase2_type.vendor = EAP_VENDOR_IETF;
data->phase2_type.method = EAP_TYPE_NONE;
}
if (data->phase2_type.vendor == EAP_VENDOR_IETF && if (data->phase2_type.vendor == EAP_VENDOR_IETF &&
data->phase2_type.method == EAP_TYPE_NONE && data->phase2_type.method == EAP_TYPE_NONE &&
eap_fast_select_phase2_method(data, *pos) < 0) { eap_fast_select_phase2_method(data, *pos) < 0) {

1
wpa_supplicant/ChangeLog
View file

@ -2,6 +2,7 @@ ChangeLog for wpa_supplicant
????-??-?? - v0.6.4 ????-??-?? - v0.6.4
* added support for EAP Sequences in EAP-FAST Phase 2 * added support for EAP Sequences in EAP-FAST Phase 2
* added support for using TNC with EAP-FAST
2008-02-22 - v0.6.3 2008-02-22 - v0.6.3
* removed 'nai' and 'eappsk' network configuration variables that were * removed 'nai' and 'eappsk' network configuration variables that were