EAP-PEAP server: Fix Phase 2 TLV length in error case

The payload length in a Phase 2 TLV message reporting error was not set
correctly. Fix this to not include the TLVs that are included only in
success case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2015-01-28 16:15:58 +02:00 committed by Jouni Malinen
parent 95a15d793e
commit bfaefd5174

View file

@ -344,12 +344,14 @@ static struct wpabuf * eap_peap_build_phase2_tlv(struct eap_sm *sm,
size_t mlen;
mlen = 6; /* Result TLV */
if (data->crypto_binding != NO_BINDING)
if (data->peap_version == 0 && data->tlv_request == TLV_REQ_SUCCESS &&
data->crypto_binding != NO_BINDING) {
mlen += 60; /* Cryptobinding TLV */
#ifdef EAP_SERVER_TNC
if (data->soh_response)
mlen += wpabuf_len(data->soh_response);
#endif /* EAP_SERVER_TNC */
}
buf = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_TLV, mlen,
EAP_CODE_REQUEST, id);