3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2025-01-08 15:52:32 +01:00

peap: Send cleartext ACK to tunneled EAP-Success

Some of the EAP-PEAP server implementations seem to require a
cleartext ACK for the tunneled EAP-Success message similar to EAP-TLS
specification, instead of simply shutting down the tunnel like
EAP-PEAPv1 requires.

ACKing the tunneled EAP-Success seems also to work for implementations
which were relying on the tunnel close event.
This commit is contained in:
Tim Kourt 2019-09-11 13:13:26 -07:00 committed by Denis Kenzior
parent 692a15368c
commit 0db5f59d07

View File

@ -71,7 +71,15 @@ static void eap_peap_phase2_complete(enum eap_result result, void *user_data)
* The receipt of a EAP-Failure or EAP-Success within the TLS protected * The receipt of a EAP-Failure or EAP-Success within the TLS protected
* channel results in a shutdown of the TLS channel by the peer. * channel results in a shutdown of the TLS channel by the peer.
*/ */
eap_tls_common_tunnel_close(eap); if (result == EAP_RESULT_SUCCESS)
/*
* Some of the EAP-PEAP server implementations seem to require a
* cleartext ACK for the tunneled EAP-Success messages instead
* of simply closing the tunnel.
*/
eap_tls_common_send_empty_response(eap);
else
eap_tls_common_tunnel_close(eap);
eap_discard_success_and_failure(eap, false); eap_discard_success_and_failure(eap, false);
eap_tls_common_set_completed(eap); eap_tls_common_set_completed(eap);