aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_peer/eap_fast.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2008-03-09 09:21:01 (GMT)
committerJouni Malinen <j@w1.fi>2008-03-09 09:21:01 (GMT)
commit4f1c5617254b2a0f5b2028714f9f39e4025307e8 (patch)
tree7ef51e38a46cb07aa43e358188ab281a93f897ea /src/eap_peer/eap_fast.c
parentc3e258ae9fd4317f09bb7e24c8161c8b4bb671b3 (diff)
downloadhostap-4f1c5617254b2a0f5b2028714f9f39e4025307e8.zip
hostap-4f1c5617254b2a0f5b2028714f9f39e4025307e8.tar.gz
hostap-4f1c5617254b2a0f5b2028714f9f39e4025307e8.tar.bz2
TNC: Added support for using TNC with EAP-FAST
Diffstat (limited to 'src/eap_peer/eap_fast.c')
-rw-r--r--src/eap_peer/eap_fast.c26
1 files changed, 26 insertions, 0 deletions
diff --git a/src/eap_peer/eap_fast.c b/src/eap_peer/eap_fast.c
index bf94e0f..33e5232 100644
--- a/src/eap_peer/eap_fast.c
+++ b/src/eap_peer/eap_fast.c
@@ -358,6 +358,9 @@ static int eap_fast_select_phase2_method(struct eap_fast_data *data, u8 type)
{
size_t i;
+ /* TODO: TNC with anonymous provisioning; need to require both
+ * completed MSCHAPv2 and TNC */
+
if (data->anon_provisioning && type != EAP_TYPE_MSCHAPV2) {
wpa_printf(MSG_INFO, "EAP-FAST: Only EAP-MSCHAPv2 is allowed "
"during unauthenticated provisioning; reject phase2"
@@ -365,6 +368,18 @@ static int eap_fast_select_phase2_method(struct eap_fast_data *data, u8 type)
return -1;
}
+#ifdef EAP_TNC
+ if (type == EAP_TYPE_TNC) {
+ data->phase2_type.vendor = EAP_VENDOR_IETF;
+ data->phase2_type.method = EAP_TYPE_TNC;
+ wpa_printf(MSG_DEBUG, "EAP-FAST: Selected Phase 2 EAP "
+ "vendor %d method %d for TNC",
+ data->phase2_type.vendor,
+ data->phase2_type.method);
+ return 0;
+ }
+#endif /* EAP_TNC */
+
for (i = 0; i < data->num_phase2_types; i++) {
if (data->phase2_types[i].vendor != EAP_VENDOR_IETF ||
data->phase2_types[i].method != type)
@@ -410,6 +425,17 @@ static int eap_fast_phase2_request(struct eap_sm *sm,
return 0;
}
+ if (data->phase2_priv && data->phase2_method &&
+ *pos != data->phase2_type.method) {
+ wpa_printf(MSG_DEBUG, "EAP-FAST: Phase 2 EAP sequence - "
+ "deinitialize previous method");
+ data->phase2_method->deinit(sm, data->phase2_priv);
+ data->phase2_method = NULL;
+ data->phase2_priv = NULL;
+ data->phase2_type.vendor = EAP_VENDOR_IETF;
+ data->phase2_type.method = EAP_TYPE_NONE;
+ }
+
if (data->phase2_type.vendor == EAP_VENDOR_IETF &&
data->phase2_type.method == EAP_TYPE_NONE &&
eap_fast_select_phase2_method(data, *pos) < 0) {