Import of hostapd 0.4.8

author: sam <sam@FreeBSD.org> 2006-03-07 05:47:04 +0000
committer: sam <sam@FreeBSD.org> 2006-03-07 05:47:04 +0000
commit: 8d55057fb42bf9070fd379acbcb6fc4ef793d2a7 (patch)
tree: dacc7977efdefefb8b105113edeb5215c0e01234 /contrib/hostapd/eap_tls_common.c
parent: d1a1fd4aa94cd9c5cb443c4c1337f91c8c46fde0 (diff)
download: FreeBSD-src-8d55057fb42bf9070fd379acbcb6fc4ef793d2a7.zip
FreeBSD-src-8d55057fb42bf9070fd379acbcb6fc4ef793d2a7.tar.gz
1 files changed, 8 insertions, 2 deletions
diff --git a/contrib/hostapd/eap_tls_common.c b/contrib/hostapd/eap_tls_common.c
index ca10eca..d573064 100644
--- a/contrib/hostapd/eap_tls_common.c
+++ b/contrib/hostapd/eap_tls_common.c
@@ -38,8 +38,7 @@ int eap_tls_ssl_init(struct eap_sm *sm, struct eap_ssl_data *data,
 		return -1;
 	}
 
-	if (tls_connection_set_verify(sm->ssl_ctx, data->conn, verify_peer,
-				      NULL)) {
+	if (tls_connection_set_verify(sm->ssl_ctx, data->conn, verify_peer)) {
 		wpa_printf(MSG_INFO, "SSL: Failed to configure verification "
 			   "of TLS peer certificate");
 		tls_connection_deinit(sm->ssl_ctx, data->conn);
@@ -185,6 +184,13 @@ int eap_tls_process_helper(struct eap_sm *sm, struct eap_ssl_data *data,
 		wpa_printf(MSG_DEBUG, "SSL: No data to be sent out");
 		free(data->tls_out);
 		data->tls_out = NULL;
+
+		if (tls_connection_get_read_alerts(sm->ssl_ctx, data->conn)) {
+			wpa_printf(MSG_DEBUG, "SSL: Remote end sent a fatal "
+				   "alert - abort handshake");
+			return -1;
+		}
+
 		return 1;
 	}
author	sam <sam@FreeBSD.org>	2006-03-07 05:47:04 +0000
committer	sam <sam@FreeBSD.org>	2006-03-07 05:47:04 +0000
commit	8d55057fb42bf9070fd379acbcb6fc4ef793d2a7 (patch)
tree	dacc7977efdefefb8b105113edeb5215c0e01234 /contrib/hostapd/eap_tls_common.c
parent	d1a1fd4aa94cd9c5cb443c4c1337f91c8c46fde0 (diff)
download	FreeBSD-src-8d55057fb42bf9070fd379acbcb6fc4ef793d2a7.zip FreeBSD-src-8d55057fb42bf9070fd379acbcb6fc4ef793d2a7.tar.gz