mirror of
https://git.kernel.org/pub/scm/network/wireless/iwd.git
synced 2024-10-31 17:19:22 +01:00
1296e4eacb
This allows the EAP tests to pass, but the fix really needs to be in hostapd itself. Hostapd currently tries to lookup the EAP session immediately after receiving EAPOL_REAUTH. This uses the identity it has stored which, in the case of PEAP/TTLS, will always be a phase2 identity. During this initial lookup hostapd hard codes the identity to be phase1 which is not true for PEAP/TTLS, and the lookup fails.
28 lines
942 B
Plaintext
28 lines
942 B
Plaintext
"112345678@phonesim.org" SIM
|
|
"012345678@phonesim.org" AKA
|
|
"612345678@phonesim.org" AKA'
|
|
"mschapv2@example.com" MSCHAPV2 "Password"
|
|
"pwd@example.com" PWD "Password"
|
|
|
|
# Phase 1 users
|
|
"tls@example.com" TLS
|
|
"ttls@example.com" TTLS
|
|
"peap@example.com" PEAP
|
|
"peapv0@example.com" PEAP [ver=0]
|
|
"peapv1@example.com" PEAP [ver=1]
|
|
|
|
# Phase 2
|
|
"md5-phase2@example.com" MD5 "Password" [2]
|
|
"gtc-phase2@example.com" GTC "Password" [2]
|
|
"mschapv2-phase2@example.com" MSCHAPV2 "Password" [2]
|
|
"ttls-chap-phase2@example.com" TTLS-CHAP "Password" [2]
|
|
"ttls-mschap-phase2@example.com" TTLS-MSCHAP "Password" [2]
|
|
"ttls-mschapv2-phase2@example.com" TTLS-MSCHAPV2 "Password" [2]
|
|
"ttls-pap-phase2@example.com" TTLS-PAP "Password" [2]
|
|
"112345678@phonesim.org" SIM [2]
|
|
|
|
# TODO: Hostapd is broken with phase1 lookups for reauthentication.
|
|
# Allowing a wildcard phase1 for PEAP/TTLS is a stop gap until
|
|
# hostapd is actually fixed.
|
|
* PEAP,TTLS
|