aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_peer/eap_fast.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2015-07-28 13:30:41 (GMT)
committerJouni Malinen <j@w1.fi>2015-07-28 18:00:18 (GMT)
commitbb91243047d22952490ff1d6cd626dd0301c5371 (patch)
tree28b7c18da6ce4f330f6a1c3fd135274376b6e8ff /src/eap_peer/eap_fast.c
parent6ee66b4251866298a370101f272a01b7f62daa1b (diff)
downloadhostap-bb91243047d22952490ff1d6cd626dd0301c5371.zip
hostap-bb91243047d22952490ff1d6cd626dd0301c5371.tar.gz
hostap-bb91243047d22952490ff1d6cd626dd0301c5371.tar.bz2
EAP-TTLS/PEAP/FAST peer: Stop immediately on local TLS processing failure
EAP-TLS was already doing this, but the other TLS-based EAP methods did not mark methodState DONE and decision FAIL on local TLS processing errors (instead, they left the connection waiting for a longer timeout). Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/eap_peer/eap_fast.c')
-rw-r--r--src/eap_peer/eap_fast.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/src/eap_peer/eap_fast.c b/src/eap_peer/eap_fast.c
index f636e74..4cbe3ba 100644
--- a/src/eap_peer/eap_fast.c
+++ b/src/eap_peer/eap_fast.c
@@ -1572,6 +1572,13 @@ static struct wpabuf * eap_fast_process(struct eap_sm *sm, void *priv,
EAP_TYPE_FAST,
data->fast_version, id, &msg,
&resp);
+ if (res < 0) {
+ wpa_printf(MSG_DEBUG,
+ "EAP-FAST: TLS processing failed");
+ ret->methodState = METHOD_DONE;
+ ret->decision = DECISION_FAIL;
+ return resp;
+ }
if (tls_connection_established(sm->ssl_ctx, data->ssl.conn)) {
char cipher[80];