Kernel
/
iwd
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git
3
0
Fork 0
Code Releases Activity

peap: Send cleartext ACK to tunneled EAP-Success 

Some of the EAP-PEAP server implementations seem to require a
cleartext ACK for the tunneled EAP-Success message similar to EAP-TLS
specification, instead of simply shutting down the tunnel like
EAP-PEAPv1 requires.

ACKing the tunneled EAP-Success seems also to work for implementations
which were relying on the tunnel close event.
This commit is contained in:
Tim Kourt 2019-09-11 13:13:26 -07:00 committed by Denis Kenzior
parent 692a15368c
commit 0db5f59d07
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/eap-peap.c
View File

@ -71,7 +71,15 @@ static void eap_peap_phase2_complete(enum eap_result result, void *user_data)
* The receipt of a EAP-Failure or EAP-Success within the TLS protected
* channel results in a shutdown of the TLS channel by the peer.
*/
eap_tls_common_tunnel_close(eap);
if (result == EAP_RESULT_SUCCESS)
/*
* Some of the EAP-PEAP server implementations seem to require a
* cleartext ACK for the tunneled EAP-Success messages instead
* of simply closing the tunnel.
*/
eap_tls_common_send_empty_response(eap);
else
eap_tls_common_tunnel_close(eap);
eap_discard_success_and_failure(eap, false);
eap_tls_common_set_completed(eap);