From 49607880fc1b016f35315d7e19d16cf30d1a161c Mon Sep 17 00:00:00 2001 From: Tim Kourt Date: Fri, 31 Jan 2020 14:25:17 -0800 Subject: [PATCH] peap: Fail auth. if invalid compound MAC is received Since the interoperability with the Windows server has been achieved, witch back to failing authentication if invalid compound MAC is received. --- src/eap-peap.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/src/eap-peap.c b/src/eap-peap.c index a8a58a92..c17e5b92 100644 --- a/src/eap-peap.c +++ b/src/eap-peap.c @@ -244,11 +244,7 @@ static int eap_extensions_handle_cryptobinding_tlv(struct eap_state *eap, cryptobinding_compound_mac_len)) { l_error("PEAP: Generated compound MAC and server compound MAC " "don't match."); - /* - * Ignore the Crypto-Binding TLV in the case of unmatched - * compound MACs. - */ - return 0; + return -EIO; } /* Build response Crypto-Binding TLV */