aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_peer/eap.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2009-02-15 15:36:49 (GMT)
committerJouni Malinen <j@w1.fi>2009-02-15 17:57:44 (GMT)
commit04d13263f86e6f17cc2a489b98c6a0e37e94f790 (patch)
tree0cd4652e6ad37ea53a69841ee913a72655cf0b70 /src/eap_peer/eap.c
parentf2b9939e51cdc83f0f1bc9e01704a5bf3b105696 (diff)
downloadhostap-06-04d13263f86e6f17cc2a489b98c6a0e37e94f790.zip
hostap-06-04d13263f86e6f17cc2a489b98c6a0e37e94f790.tar.gz
hostap-06-04d13263f86e6f17cc2a489b98c6a0e37e94f790.tar.bz2
Do not try session resumption after EAP failure
If session resumption fails for any reason, do not try it again because that is just likely to fail. Instead, drop back to using full authentication which may work. This is a workaround for servers that do not like session resumption, but do not know how to fall back to full authentication properly. (cherry picked from commit f2d8fc3d9670ae90a04f38d4344d8dfc0f0929ab)
Diffstat (limited to 'src/eap_peer/eap.c')
-rw-r--r--src/eap_peer/eap.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/src/eap_peer/eap.c b/src/eap_peer/eap.c
index 5f1c9e0..e8e504a 100644
--- a/src/eap_peer/eap.c
+++ b/src/eap_peer/eap.c
@@ -134,7 +134,8 @@ SM_STATE(EAP, INITIALIZE)
{
SM_ENTRY(EAP, INITIALIZE);
if (sm->fast_reauth && sm->m && sm->m->has_reauth_data &&
- sm->m->has_reauth_data(sm, sm->eap_method_priv)) {
+ sm->m->has_reauth_data(sm, sm->eap_method_priv) &&
+ !sm->prev_failure) {
wpa_printf(MSG_DEBUG, "EAP: maintaining EAP method data for "
"fast reauthentication");
sm->m->deinit_for_reauth(sm, sm->eap_method_priv);
@@ -165,6 +166,7 @@ SM_STATE(EAP, INITIALIZE)
eapol_set_bool(sm, EAPOL_eapResp, FALSE);
eapol_set_bool(sm, EAPOL_eapNoResp, FALSE);
sm->num_rounds = 0;
+ sm->prev_failure = 0;
}
@@ -505,6 +507,8 @@ SM_STATE(EAP, FAILURE)
wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_FAILURE
"EAP authentication failed");
+
+ sm->prev_failure = 1;
}