Kernel
/
iwd
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git
3
0
Fork 0
Code Releases Activity

eap: Fix Expanded Nak processing 

Expanded Nak packet contains (possibly multiple) 8 byte chunks that
contain the type (1 byte, always '254') vendor-id (3 bytes) and
vendor-type (4) bytes.

Unfortunately the current logic was reading the vendor-id at the wrong
offset (0 instead of 1) and so the extracted vendor-type was incorrect.

Fixes: 17c569ba4c ("eap: Add authenticator method logic and API")
This commit is contained in:
Denis Kenzior 2021-03-09 18:28:42 -06:00
parent 28e58887ec
commit a483ec7b68
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/eap.c
View File

@ -442,12 +442,13 @@ static void eap_handle_response(struct eap_state *eap, const uint8_t *pkt,
}
else
while (len >= 8) {
uint32_t v_id = (pkt[0] << 16) | (pkt[1] << 8) |
pkt[2];
uint32_t v_id = (pkt[1] << 16) |
(pkt[2] << 8) |
pkt[3];
l_debug("EAP peer proposed method: %s",
eap_type_to_str(pkt[0], v_id,
l_get_be32(pkt + 3)));
l_get_be32(pkt + 4)));
pkt += 8;
len -= 8;
}