EAP-FAST: Reorder TLVs in PAC Acknowledgment to fix interop issues
It looks like ACS did not like PAC Acknowledgment TLV before Result TLV, so reorder the TLVs to match the order shown in a draft-cam-winget-eap-fast-provisioning-09.txt example. This allows authenticated provisioning to be terminated with Access-Accept (if ACS has that option enabled). Previously, provisioning was otherwise successful, but the server rejected connection due to not understanding the PAC Ack ("Invalid TEAP Data recieved").
This commit is contained in:
parent
1b554eb0d7
commit
ea251b4a23
1 changed files with 2 additions and 2 deletions
|
@ -1208,10 +1208,10 @@ static int eap_fast_process_decrypted(struct eap_sm *sm,
|
||||||
|
|
||||||
if (tlv.result == EAP_TLV_RESULT_SUCCESS && !failed) {
|
if (tlv.result == EAP_TLV_RESULT_SUCCESS && !failed) {
|
||||||
tmp = eap_fast_tlv_result(EAP_TLV_RESULT_SUCCESS, 0);
|
tmp = eap_fast_tlv_result(EAP_TLV_RESULT_SUCCESS, 0);
|
||||||
resp = wpabuf_concat(resp, tmp);
|
resp = wpabuf_concat(tmp, resp);
|
||||||
} else if (failed) {
|
} else if (failed) {
|
||||||
tmp = eap_fast_tlv_result(EAP_TLV_RESULT_FAILURE, 0);
|
tmp = eap_fast_tlv_result(EAP_TLV_RESULT_FAILURE, 0);
|
||||||
resp = wpabuf_concat(resp, tmp);
|
resp = wpabuf_concat(tmp, resp);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (resp && tlv.result == EAP_TLV_RESULT_SUCCESS && !failed &&
|
if (resp && tlv.result == EAP_TLV_RESULT_SUCCESS && !failed &&
|
||||||
|
|
Loading…
Reference in a new issue