Commit graph

6 commits

Author SHA1 Message Date
Jouni Malinen
cda97d11bb Share EAP-TLS/PEAP/TTLS/FAST core process() functionality
Move the basic processing of received frames into eap_tls_common.c and use
callback functions to handle EAP type specific processing of the version
field and payload.
2008-05-28 17:15:17 +03:00
Jouni Malinen
3c724cc564 Do not refer to Flags::Version field as 'PEAP version'
This field is also used for EAP-TTLS and EAP-FAST, so it is clearer to use
a more generic term for it.
2008-05-28 09:59:55 +03:00
Jouni Malinen
34f564dbd5 Redesigned EAP-TLS/PEAP/TTLS/FAST fragmentation/reassembly
Fragmentation is now done as a separate step to clean up the design and to
allow the same code to be used in both Phase 1 and Phase 2. This adds
support for fragmenting EAP-PEAP/TTLS/FAST Phase 2 (tunneled) data.
2008-05-28 09:57:17 +03:00
Jouni Malinen
ef626b4d50 Added a workaround for handling TLS compression
Even though we try to disable TLS compression, it is possible that this
cannot be done with all TLS libraries. For example, OpenSSL 0.9.8 does not
seem to have a configuration item for disabling all compression (0.9.9 has
such an option). If compression is used, Phase 2 decryption may end up
producing more data than the input buffer due to compressed data. This
shows up especially with EAP-TNC that uses very compressible data format.

As a workaround, increase the decryption buffer length to (orig_len+500)*3.
This is a hack, but at least it handles most cases. TLS compression should
really be disabled for EAP use of TLS, but since this can show up with
common setups, it is better to handle this case.
2008-05-26 12:33:04 +03:00
Jouni Malinen
c80a74d70c TNC: Integrated TNC support into EAP-TTLS server
If TNC is enabled, EAP-TTLS will run a second EAP (TNC) inside the tunnel
after a successful authentication.
2008-03-09 12:05:06 +02:00
Jouni Malinen
6fc6879bd5 Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00