aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_common
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2019-08-17 13:12:09 (GMT)
committerJouni Malinen <j@w1.fi>2019-08-17 13:18:21 (GMT)
commit62af2b18f74dbb848cba31dcf5fa7db6863df4bd (patch)
tree4be2078a132efce64d957c483784d60862fca640 /src/eap_common
parentaba8dc82fcdc6a88fc37adb339d7017f1f974632 (diff)
downloadhostap-62af2b18f74dbb848cba31dcf5fa7db6863df4bd.zip
hostap-62af2b18f74dbb848cba31dcf5fa7db6863df4bd.tar.gz
hostap-62af2b18f74dbb848cba31dcf5fa7db6863df4bd.tar.bz2
EAP-TEAP peer: Support vendor EAP method in Phase 2
The implementation was previously hardcoded to use only the non-expanded IETF EAP methods in Phase 2. Extend that to allow vendor EAP methods with expanded header to be used. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/eap_common')
-rw-r--r--src/eap_common/eap_teap_common.c5
-rw-r--r--src/eap_common/eap_teap_common.h3
2 files changed, 5 insertions, 3 deletions
diff --git a/src/eap_common/eap_teap_common.c b/src/eap_common/eap_teap_common.c
index 0af7f4a..3c21d8b 100644
--- a/src/eap_common/eap_teap_common.c
+++ b/src/eap_common/eap_teap_common.c
@@ -679,12 +679,13 @@ struct wpabuf * eap_teap_tlv_error(enum teap_error_codes error)
}
-int eap_teap_allowed_anon_prov_phase2_method(u8 type)
+int eap_teap_allowed_anon_prov_phase2_method(int vendor, enum eap_type type)
{
/* RFC 7170, Section 3.8.3: MUST provide mutual authentication,
* provide key generation, and be resistant to dictionary attack.
* Section 3.8 also mentions requirement for using EMSK Compound MAC. */
- return type == EAP_TYPE_PWD || type == EAP_TYPE_EKE;
+ return vendor == EAP_VENDOR_IETF &&
+ (type == EAP_TYPE_PWD || type == EAP_TYPE_EKE);
}
diff --git a/src/eap_common/eap_teap_common.h b/src/eap_common/eap_teap_common.h
index 7448cf5..d92e4ca 100644
--- a/src/eap_common/eap_teap_common.h
+++ b/src/eap_common/eap_teap_common.h
@@ -215,7 +215,8 @@ int eap_teap_parse_tlv(struct eap_teap_tlv_parse *tlv,
const char * eap_teap_tlv_type_str(enum teap_tlv_types type);
struct wpabuf * eap_teap_tlv_result(int status, int intermediate);
struct wpabuf * eap_teap_tlv_error(enum teap_error_codes error);
-int eap_teap_allowed_anon_prov_phase2_method(u8 type);
+enum eap_type;
+int eap_teap_allowed_anon_prov_phase2_method(int vendor, enum eap_type type);
int eap_teap_allowed_anon_prov_cipher_suite(u16 cs);
#endif /* EAP_TEAP_H */