aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_peer
diff options
context:
space:
mode:
authorJouni Malinen <jouni.malinen@atheros.com>2008-11-20 10:49:34 (GMT)
committerJouni Malinen <j@w1.fi>2008-11-20 10:49:34 (GMT)
commitc31a11c962388d5e07780c16a0725447e8bad0cd (patch)
tree29ae1fca2197961625d4ac8cec9a44a7233344aa /src/eap_peer
parentbd1d13c199a51f4a1a31ec164e9cef3ed5237d88 (diff)
downloadhostap-06-c31a11c962388d5e07780c16a0725447e8bad0cd.zip
hostap-06-c31a11c962388d5e07780c16a0725447e8bad0cd.tar.gz
hostap-06-c31a11c962388d5e07780c16a0725447e8bad0cd.tar.bz2
Changed PEAPv0 cryptobinding to be disabled by default
There are some interoperability issues with Windows Server 2008 NPS, so better disable cryptobinding use by default for now.
Diffstat (limited to 'src/eap_peer')
-rw-r--r--src/eap_peer/eap_config.h4
-rw-r--r--src/eap_peer/eap_peap.c2
2 files changed, 3 insertions, 3 deletions
diff --git a/src/eap_peer/eap_config.h b/src/eap_peer/eap_config.h
index bd526ff..f6126bb 100644
--- a/src/eap_peer/eap_config.h
+++ b/src/eap_peer/eap_config.h
@@ -353,8 +353,8 @@ struct eap_peer_config {
*
* crypto_binding option can be used to control PEAPv0 cryptobinding
* behavior:
- * 0 = do not use cryptobinding
- * 1 = use cryptobinding if server supports it (default)
+ * 0 = do not use cryptobinding (default)
+ * 1 = use cryptobinding if server supports it
* 2 = require cryptobinding
*/
char *phase1;
diff --git a/src/eap_peer/eap_peap.c b/src/eap_peer/eap_peap.c
index 3af888c..a350448 100644
--- a/src/eap_peer/eap_peap.c
+++ b/src/eap_peer/eap_peap.c
@@ -140,7 +140,7 @@ static void * eap_peap_init(struct eap_sm *sm)
data->peap_version = EAP_PEAP_VERSION;
data->force_peap_version = -1;
data->peap_outer_success = 2;
- data->crypto_binding = OPTIONAL_BINDING;
+ data->crypto_binding = NO_BINDING;
if (config && config->phase1 &&
eap_peap_parse_phase1(data, config->phase1) < 0) {