[PATCH] EAP-TEAP peer: keep inner EAP method when processing Identity method

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



We need the inner EAP method's MSK/EMSK material to verify/calculate
the Cryptobinding CMACs so do not dispose of them when seeing an
Identity request; this occurs duing EAP sequences (machine+user auth)

Signed-off-by: Alexander Clouter <aclouter@xxxxxxxxxxxxxxxxx>
---
 src/eap_peer/eap_teap.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/eap_peer/eap_teap.c b/src/eap_peer/eap_teap.c
index 42769eb64..86529f41c 100644
--- a/src/eap_peer/eap_teap.c
+++ b/src/eap_peer/eap_teap.c
@@ -429,7 +429,7 @@ static int eap_teap_phase2_request(struct eap_sm *sm,
 	wpa_printf(MSG_DEBUG, "EAP-TEAP: Phase 2 Request: type=%u:%u",
 		   vendor, method);
 	if (vendor == EAP_VENDOR_IETF && method == EAP_TYPE_IDENTITY) {
-		eap_teap_deinit_inner_eap(sm, data);
+		/* do not deinit the inner EAP method as we need it for the Cryptobinding CMACs */
 		*resp = eap_sm_buildIdentity(sm, hdr->identifier, 1);
 		return 0;
 	}
-- 
2.35.1

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux