aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2008-02-03 19:38:24 (GMT)
committerJouni Malinen <j@w1.fi>2008-02-03 19:38:24 (GMT)
commit6f61b6e1265700ac71d597554a6a0cf4151fbbe6 (patch)
tree34a6395a549bfeb5be4f446f2c4abf995b2c5bb1
parente9926d6366da771bdd2471d1464931fadd763a35 (diff)
downloadhostap-history-6f61b6e1265700ac71d597554a6a0cf4151fbbe6.zip
hostap-history-6f61b6e1265700ac71d597554a6a0cf4151fbbe6.tar.gz
hostap-history-6f61b6e1265700ac71d597554a6a0cf4151fbbe6.tar.bz2
Mark EAP-TTLS Phase 2 successfully completed even in MAY_CONT state
This used to require EAP workarounds to be enabled, but EAP-SIM and EAP-AKA can leave Phase 2 in MAY_CONT state if protected result indication is not used. Consequently, EAP-TTLS would be unable to derive keys in such a case even though authentication was completed successfully.
-rw-r--r--src/eap_peer/eap_ttls.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/eap_peer/eap_ttls.c b/src/eap_peer/eap_ttls.c
index 8b5aecc..a3ded89 100644
--- a/src/eap_peer/eap_ttls.c
+++ b/src/eap_peer/eap_ttls.c
@@ -1769,12 +1769,12 @@ static void eap_ttls_check_auth_status(struct eap_sm *sm,
}
#endif /* EAP_TNC */
}
- } else if (data->ttls_version == 0 && sm->workaround &&
+ } else if (data->ttls_version == 0 &&
ret->methodState == METHOD_MAY_CONT &&
(ret->decision == DECISION_UNCOND_SUCC ||
ret->decision == DECISION_COND_SUCC)) {
wpa_printf(MSG_DEBUG, "EAP-TTLS: Authentication "
- "completed successfully (EAP workaround)");
+ "completed successfully (MAY_CONT)");
data->phase2_success = 1;
}
}