jeltz
/
hostap
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix EAP standalone server

Browse Source 
Commit c3fc47ea8e fixed EAP passthrough
server to allow Logoff/Re-authentication to be used. However, it
broke EAP standalone server while doing that. Fix this by reverting
the earlier fix and by clearing the EAP Identity information in the
EAP server code whenever an EAPOL-Start or EAPOL-Logoff packet is
received.
master
Jouni Malinen 14 years ago
parent eacc12bfbb
commit 6fc58a89e1
3 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File

2
src/ap/ieee802_1x.c
Unescape Escape View File

@ -776,6 +776,7 @@ void ieee802_1x_receive(struct hostapd_data *hapd, const u8 *sa, const u8 *buf,
}
sta->eapol_sm->eapolStart = TRUE;
sta->eapol_sm->dot1xAuthEapolStartFramesRx++;
eap_server_clear_identity(sta->eapol_sm->eap);
wpa_auth_sm_event(sta->wpa_sm, WPA_REAUTH_EAPOL);
break;
@ -788,6 +789,7 @@ void ieee802_1x_receive(struct hostapd_data *hapd, const u8 *sa, const u8 *buf,
accounting_sta_stop(hapd, sta);
sta->eapol_sm->eapolLogoff = TRUE;
sta->eapol_sm->dot1xAuthEapolLogoffFramesRx++;
eap_server_clear_identity(sta->eapol_sm->eap);
break;
case IEEE802_1X_TYPE_EAPOL_KEY:

1
src/eap_server/eap.h
Unescape Escape View File

@ -123,5 +123,6 @@ void eap_sm_pending_cb(struct eap_sm *sm);
int eap_sm_method_pending(struct eap_sm *sm);
const u8 * eap_get_identity(struct eap_sm *sm, size_t *len);
struct eap_eapol_interface * eap_get_interface(struct eap_sm *sm);
void eap_server_clear_identity(struct eap_sm *sm);
#endif /* EAP_H */

22
src/eap_server/eap_server.c
Unescape Escape View File

@ -146,13 +146,6 @@ SM_STATE(EAP, INITIALIZE)
sm->eap_if.eapKeyAvailable = FALSE;
sm->eap_if.eapRestart = FALSE;
/*
* Start reauthentication with identity request even if we know the
* previously used identity. This is needed to get reauthentication
* started properly.
*/
sm->start_reauth = TRUE;
/*
* This is not defined in RFC 4137, but method state needs to be
* reseted here so that it does not remain in success state when
@ -1374,3 +1367,18 @@ struct eap_eapol_interface * eap_get_interface(struct eap_sm *sm)
{
return &sm->eap_if;
}
/**
* eap_server_clear_identity - Clear EAP identity information
* @sm: Pointer to EAP state machine allocated with eap_server_sm_init()
*
* This function can be used to clear the EAP identity information in the EAP
* server context. This allows the EAP/Identity method to be used again after
* EAPOL-Start or EAPOL-Logoff.
*/
void eap_server_clear_identity(struct eap_sm *sm)
{
os_free(sm->identity);
sm->identity = NULL;
}

Write Preview
Loading…
Cancel
Save