diff options
Diffstat (limited to 'src/eap_peer')
| -rw-r--r-- | src/eap_peer/.gitignore | 1 | ||||
| -rw-r--r-- | src/eap_peer/eap_fast.c | 7 | ||||
| -rw-r--r-- | src/eap_peer/eap_gpsk.c | 2 | ||||
| -rw-r--r-- | src/eap_peer/eap_methods.h | 5 | ||||
| -rw-r--r-- | src/eap_peer/eap_sim.c | 2 | ||||
| -rw-r--r-- | src/eap_peer/eap_tls_common.c | 14 | ||||
| -rw-r--r-- | src/eap_peer/eap_tnc.c | 11 | ||||
| -rw-r--r-- | src/eap_peer/eap_ttls.c | 2 | ||||
| -rw-r--r-- | src/eap_peer/eap_wsc.c | 2 | ||||
| -rw-r--r-- | src/eap_peer/tncc.c | 1 |
10 files changed, 33 insertions, 14 deletions
diff --git a/src/eap_peer/.gitignore b/src/eap_peer/.gitignore deleted file mode 100644 index a438335..0000000 --- a/src/eap_peer/.gitignore +++ /dev/null @@ -1 +0,0 @@ -*.d diff --git a/src/eap_peer/eap_fast.c b/src/eap_peer/eap_fast.c index 07e345f..d008670 100644 --- a/src/eap_peer/eap_fast.c +++ b/src/eap_peer/eap_fast.c @@ -918,10 +918,7 @@ static int eap_fast_parse_pac_info(struct eap_fast_pac *entry, int type, entry->a_id_info_len = len; break; case PAC_TYPE_PAC_TYPE: - /* - * draft-cam-winget-eap-fast-provisioning-04.txt, - * Section 4.2.6 - PAC-Type TLV - */ + /* RFC 5422, Section 4.2.6 - PAC-Type TLV */ if (len != 2) { wpa_printf(MSG_INFO, "EAP-FAST: Invalid PAC-Type " "length %lu (expected 2)", @@ -961,7 +958,7 @@ static int eap_fast_process_pac_info(struct eap_fast_pac *entry) size_t left, len; int type; - /* draft-cam-winget-eap-fast-provisioning-04.txt, Section 4.2.4 */ + /* RFC 5422, Section 4.2.4 */ /* PAC-Type defaults to Tunnel PAC (Type 1) */ entry->pac_type = PAC_TYPE_TUNNEL_PAC; diff --git a/src/eap_peer/eap_gpsk.c b/src/eap_peer/eap_gpsk.c index 9126e1c..f6a1955 100644 --- a/src/eap_peer/eap_gpsk.c +++ b/src/eap_peer/eap_gpsk.c @@ -1,5 +1,5 @@ /* - * EAP peer method: EAP-GPSK (draft-ietf-emu-eap-gpsk-08.txt) + * EAP peer method: EAP-GPSK (RFC 5433) * Copyright (c) 2006-2008, Jouni Malinen <j@w1.fi> * * This program is free software; you can redistribute it and/or modify diff --git a/src/eap_peer/eap_methods.h b/src/eap_peer/eap_methods.h index c11bd8c..9fd9b51 100644 --- a/src/eap_peer/eap_methods.h +++ b/src/eap_peer/eap_methods.h @@ -62,6 +62,11 @@ static inline void eap_peer_unregister_methods(void) { } +static inline char ** eap_get_names_as_string_array(size_t *num) +{ + return NULL; +} + #endif /* IEEE8021X_EAPOL */ diff --git a/src/eap_peer/eap_sim.c b/src/eap_peer/eap_sim.c index a7e49f8..5e30d1f 100644 --- a/src/eap_peer/eap_sim.c +++ b/src/eap_peer/eap_sim.c @@ -468,8 +468,6 @@ static struct wpabuf * eap_sim_response_notification(struct eap_sim_data *data, wpa_printf(MSG_DEBUG, "Generating EAP-SIM Notification (id=%d)", id); msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id, EAP_TYPE_SIM, EAP_SIM_SUBTYPE_NOTIFICATION); - wpa_printf(MSG_DEBUG, " AT_NOTIFICATION"); - eap_sim_msg_add(msg, EAP_SIM_AT_NOTIFICATION, notification, NULL, 0); if (k_aut && data->reauth) { wpa_printf(MSG_DEBUG, " AT_IV"); wpa_printf(MSG_DEBUG, " AT_ENCR_DATA"); diff --git a/src/eap_peer/eap_tls_common.c b/src/eap_peer/eap_tls_common.c index 19afb90..186feaa 100644 --- a/src/eap_peer/eap_tls_common.c +++ b/src/eap_peer/eap_tls_common.c @@ -45,6 +45,18 @@ static int eap_tls_check_blob(struct eap_sm *sm, const char **name, } +static void eap_tls_params_flags(struct tls_connection_params *params, + const char *txt) +{ + if (txt == NULL) + return; + if (os_strstr(txt, "tls_allow_md5=1")) + params->flags |= TLS_CONN_ALLOW_SIGN_RSA_MD5; + if (os_strstr(txt, "tls_disable_time_checks=1")) + params->flags |= TLS_CONN_DISABLE_TIME_CHECKS; +} + + static void eap_tls_params_from_conf1(struct tls_connection_params *params, struct eap_peer_config *config) { @@ -62,6 +74,7 @@ static void eap_tls_params_from_conf1(struct tls_connection_params *params, params->key_id = config->key_id; params->cert_id = config->cert_id; params->ca_cert_id = config->ca_cert_id; + eap_tls_params_flags(params, config->phase1); } @@ -82,6 +95,7 @@ static void eap_tls_params_from_conf2(struct tls_connection_params *params, params->key_id = config->key2_id; params->cert_id = config->cert2_id; params->ca_cert_id = config->ca_cert2_id; + eap_tls_params_flags(params, config->phase2); } diff --git a/src/eap_peer/eap_tnc.c b/src/eap_peer/eap_tnc.c index 0a3a01c..c560015 100644 --- a/src/eap_peer/eap_tnc.c +++ b/src/eap_peer/eap_tnc.c @@ -295,7 +295,7 @@ static struct wpabuf * eap_tnc_process(struct eap_sm *sm, void *priv, wpa_printf(MSG_DEBUG, "EAP-TNC: Server did not use " "start flag in the first message"); ret->ignore = TRUE; - return NULL; + goto fail; } tncc_init_connection(data->tncc); @@ -308,7 +308,7 @@ static struct wpabuf * eap_tnc_process(struct eap_sm *sm, void *priv, wpa_printf(MSG_DEBUG, "EAP-TNC: Server used start " "flag again"); ret->ignore = TRUE; - return NULL; + goto fail; } res = tncc_process_if_tnccs(data->tncc, @@ -317,7 +317,7 @@ static struct wpabuf * eap_tnc_process(struct eap_sm *sm, void *priv, switch (res) { case TNCCS_PROCESS_ERROR: ret->ignore = TRUE; - return NULL; + goto fail; case TNCCS_PROCESS_OK_NO_RECOMMENDATION: case TNCCS_RECOMMENDATION_ERROR: wpa_printf(MSG_DEBUG, "EAP-TNC: No " @@ -404,6 +404,11 @@ static struct wpabuf * eap_tnc_process(struct eap_sm *sm, void *priv, data->out_buf = resp; data->state = PROC_MSG; return eap_tnc_build_msg(data, ret, id); + +fail: + if (data->in_buf == &tmpbuf) + data->in_buf = NULL; + return NULL; } diff --git a/src/eap_peer/eap_ttls.c b/src/eap_peer/eap_ttls.c index e1a0fbd..0851f8b 100644 --- a/src/eap_peer/eap_ttls.c +++ b/src/eap_peer/eap_ttls.c @@ -842,7 +842,7 @@ static int eap_ttls_phase2_request_pap(struct eap_sm *sm, /* User-Password; in RADIUS, this is encrypted, but EAP-TTLS encrypts * the data, so no separate encryption is used in the AVP itself. * However, the password is padded to obfuscate its length. */ - pad = (16 - (password_len & 15)) & 15; + pad = password_len == 0 ? 16 : (16 - (password_len & 15)) & 15; pos = eap_ttls_avp_hdr(pos, RADIUS_ATTR_USER_PASSWORD, 0, 1, password_len + pad); os_memcpy(pos, password, password_len); diff --git a/src/eap_peer/eap_wsc.c b/src/eap_peer/eap_wsc.c index 17e42f4..7c8ad2f 100644 --- a/src/eap_peer/eap_wsc.c +++ b/src/eap_peer/eap_wsc.c @@ -144,7 +144,7 @@ static void * eap_wsc_init(struct eap_sm *sm) if (registrar && cfg.pin) { wps_registrar_add_pin(data->wps_ctx->registrar, NULL, - cfg.pin, cfg.pin_len); + cfg.pin, cfg.pin_len, 0); } return data; diff --git a/src/eap_peer/tncc.c b/src/eap_peer/tncc.c index 662662d..eaaa168 100644 --- a/src/eap_peer/tncc.c +++ b/src/eap_peer/tncc.c @@ -1106,6 +1106,7 @@ static struct tnc_if_imc * tncc_parse_imc(char *start, char *end, int *error) if (pos >= end || *pos != ' ') { wpa_printf(MSG_ERROR, "TNC: Ignoring invalid IMC line '%s' " "(no space after name)", start); + os_free(imc->name); os_free(imc); return NULL; } |
