EAP-TLS peer: Support fragmentation of last message
With TLS v1.3, the Finished message from the client can require fragmentation. Postpone key derivation and marking of the EAP session fully completed until all the fragments of that last message are sent to avoid losing all the subsequent fragments. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
a80423b521
commit
6dd98483eb
1 changed files with 5 additions and 0 deletions
|
@ -175,6 +175,11 @@ static void eap_tls_success(struct eap_sm *sm, struct eap_tls_data *data,
|
|||
{
|
||||
wpa_printf(MSG_DEBUG, "EAP-TLS: Done");
|
||||
|
||||
if (data->ssl.tls_out) {
|
||||
wpa_printf(MSG_DEBUG, "EAP-TLS: Fragment(s) remaining");
|
||||
return;
|
||||
}
|
||||
|
||||
ret->methodState = METHOD_DONE;
|
||||
ret->decision = DECISION_UNCOND_SUCC;
|
||||
|
||||
|
|
Loading…
Reference in a new issue