EAP-TTLS/PEAP/FAST: Reject unsupported Phase 2 method in configuration

Instead of using default list of methods, reject a configuration with an
unsupported EAP method at the time the main TLS method is being
initialized.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2015-12-20 17:32:10 +02:00
parent 18704f6cdc
commit cb73008594

View file

@ -1039,6 +1039,9 @@ int eap_peer_select_phase2_methods(struct eap_peer_config *config,
if (vendor == EAP_VENDOR_IETF && method == EAP_TYPE_NONE) { if (vendor == EAP_VENDOR_IETF && method == EAP_TYPE_NONE) {
wpa_printf(MSG_ERROR, "TLS: Unsupported Phase2 EAP " wpa_printf(MSG_ERROR, "TLS: Unsupported Phase2 EAP "
"method '%s'", start); "method '%s'", start);
os_free(methods);
os_free(buf);
return -1;
} else { } else {
num_methods++; num_methods++;
_methods = os_realloc_array(methods, num_methods, _methods = os_realloc_array(methods, num_methods,