* [PATCH v2] peap: Adjust V0 not to close tunnel on Success of Phase2
@ 2019-11-06 0:42 Tim Kourt
0 siblings, 0 replies; 3+ messages in thread
From: Tim Kourt @ 2019-11-06 0:42 UTC (permalink / raw
To: iwd
[-- Attachment #1: Type: text/plain, Size: 746 bytes --]
---
src/eap-peap.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/eap-peap.c b/src/eap-peap.c
index c8949ca2..e7d23dca 100644
--- a/src/eap-peap.c
+++ b/src/eap-peap.c
@@ -182,17 +182,19 @@ static void eap_extensions_handle_request(struct eap_state *eap,
eap_peap_phase2_send_response(response, sizeof(response), eap);
- eap_tls_common_tunnel_close(eap);
-
eap_discard_success_and_failure(eap, false);
eap_tls_common_set_completed(eap);
if (r != EAP_EXTENSIONS_RESULT_SUCCCESS) {
eap_tls_common_set_phase2_failed(eap);
+ eap_tls_common_tunnel_close(eap);
+
return;
}
+ eap_tls_common_send_empty_response(eap);
+
eap_method_success(eap);
}
--
2.13.6
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH v2] peap: Adjust V0 not to close tunnel on Success of Phase2
@ 2019-11-12 0:19 Tim Kourt
2019-11-12 0:29 ` Denis Kenzior
0 siblings, 1 reply; 3+ messages in thread
From: Tim Kourt @ 2019-11-12 0:19 UTC (permalink / raw
To: iwd
[-- Attachment #1: Type: text/plain, Size: 1013 bytes --]
Despite that PEAPv0 spec indicates that TLS tunnel needs to be torn
down after the transmission of a secure Result response, some servers
treat this TLS close alert as a failure. This patch changes the above
behavior to explicitly torn the tunnel only in the case of
authentication failure and leave it open after the success.
---
src/eap-peap.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/eap-peap.c b/src/eap-peap.c
index c8949ca2..16ab0319 100644
--- a/src/eap-peap.c
+++ b/src/eap-peap.c
@@ -182,14 +182,14 @@ static void eap_extensions_handle_request(struct eap_state *eap,
eap_peap_phase2_send_response(response, sizeof(response), eap);
- eap_tls_common_tunnel_close(eap);
-
eap_discard_success_and_failure(eap, false);
eap_tls_common_set_completed(eap);
if (r != EAP_EXTENSIONS_RESULT_SUCCCESS) {
eap_tls_common_set_phase2_failed(eap);
+ eap_tls_common_tunnel_close(eap);
+
return;
}
--
v2: Add description
2.13.6
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH v2] peap: Adjust V0 not to close tunnel on Success of Phase2
2019-11-12 0:19 Tim Kourt
@ 2019-11-12 0:29 ` Denis Kenzior
0 siblings, 0 replies; 3+ messages in thread
From: Denis Kenzior @ 2019-11-12 0:29 UTC (permalink / raw
To: iwd
[-- Attachment #1: Type: text/plain, Size: 525 bytes --]
Hi Tim,
On 11/11/19 6:19 PM, Tim Kourt wrote:
> Despite that PEAPv0 spec indicates that TLS tunnel needs to be torn
> down after the transmission of a secure Result response, some servers
> treat this TLS close alert as a failure. This patch changes the above
> behavior to explicitly torn the tunnel only in the case of
> authentication failure and leave it open after the success.
> ---
> src/eap-peap.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
Applied, thanks.
Regards,
-denis
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-11-12 0:29 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-11-06 0:42 [PATCH v2] peap: Adjust V0 not to close tunnel on Success of Phase2 Tim Kourt
-- strict thread matches above, loose matches on Subject: below --
2019-11-12 0:19 Tim Kourt
2019-11-12 0:29 ` Denis Kenzior
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.