diff --git a/src/eap-tls-common.c b/src/eap-tls-common.c index bec44fbf..a2c66270 100644 --- a/src/eap-tls-common.c +++ b/src/eap-tls-common.c @@ -95,6 +95,7 @@ struct eap_tls_state { struct l_tls *tunnel; bool method_completed:1; + bool phase2_failed:1; struct databuf *plain_buf; struct databuf *tx_pdu_buf; @@ -117,6 +118,7 @@ static void __eap_tls_common_state_reset(struct eap_tls_state *eap_tls) { eap_tls->version_negotiated = EAP_TLS_VERSION_NOT_NEGOTIATED; eap_tls->method_completed = false; + eap_tls->phase2_failed = false; eap_tls->expecting_frag_ack = false; if (eap_tls->tunnel) { @@ -587,12 +589,19 @@ proceed: eap_tls->rx_pdu_buf = NULL; } - if (!eap_tls->tx_pdu_buf) + if (!eap_tls->tx_pdu_buf) { + if (eap_tls->phase2_failed) + goto error; + return; + } eap_tls_send_response(eap, eap_tls->tx_pdu_buf->data, eap_tls->tx_pdu_buf->len); + if (eap_tls->phase2_failed) + goto error; + return; error: @@ -751,3 +760,10 @@ void eap_tls_common_set_completed(struct eap_state *eap) eap_tls->method_completed = true; } + +void eap_tls_common_set_phase2_faild(struct eap_state *eap) +{ + struct eap_tls_state *eap_tls = eap_get_data(eap); + + eap_tls->phase2_failed = true; +} diff --git a/src/eap-tls-common.h b/src/eap-tls-common.h index 4c1f8100..57320491 100644 --- a/src/eap-tls-common.h +++ b/src/eap-tls-common.h @@ -52,6 +52,7 @@ struct eap_tls_variant_ops { void eap_tls_common_state_free(struct eap_state *eap); void eap_tls_common_set_completed(struct eap_state *eap); +void eap_tls_common_set_phase2_faild(struct eap_state *eap); void eap_tls_common_handle_request(struct eap_state *eap, const uint8_t *pkt, size_t len);