jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

EAP-TTLS peer: Fix user input during implicit identity request

Browse source 
Special processing is needed to handle EAP user request for
identity or password at the beginning of Phase 2 when the implicit
identity request is used. data->pending_phase2_req needs to be set
to an empty buffer in that case to avoid re-processing the previous
part of TLS negotiation when the user enters the needed information.

Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2011-10-30 12:02:20 +02:00
parent a6d94e1b56
commit af72d17e72
1 changed files with 15 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
src/eap_peer/eap_ttls.c
View file

@ -1220,6 +1220,21 @@ static int eap_ttls_implicit_identity_request(struct eap_sm *sm,
"processing failed");
retval = -1;
} else {
struct eap_peer_config *config = eap_get_config(sm);
if (resp == NULL &&
(config->pending_req_identity ||
config->pending_req_password ||
config->pending_req_otp ||
config->pending_req_new_password)) {
/*
* Use empty buffer to force implicit request
* processing when EAP request is re-processed after
* user input.
*/
wpabuf_free(data->pending_phase2_req);
data->pending_phase2_req = wpabuf_alloc(0);
}
retval = eap_ttls_encrypt_response(sm, data, resp, identifier,
out_data);
}