EAP-TTLS server: Add Ident field to MS-CHAP-Error

Per RFC 2548, 2.1.5, MS-CHAP-Error contains an Ident field of one octet
followed by an ASCII message. Add the missing Ident field.

Signed-off-by: Yihong Wu <wu@domosekai.com>

diff --git a/src/eap_server/eap_server_ttls.c b/src/eap_server/eap_server_ttls.c
index b89352244148ea0666bda40deed6155e286ebf4f..b21f12da7919d91f0b8b604b57c643127b7f5cb2 100644 (file)
--- a/src/eap_server/eap_server_ttls.c
+++ b/src/eap_server/eap_server_ttls.c
@@ -445,7 +445,8 @@ static struct wpabuf * eap_ttls_build_phase2_mschapv2(
                        sizeof(data->mschapv2_auth_response));
        } else {
                pos = eap_ttls_avp_hdr(pos, RADIUS_ATTR_MS_CHAP_ERROR,
-                                      RADIUS_VENDOR_ID_MICROSOFT, 1, 6);
+                                      RADIUS_VENDOR_ID_MICROSOFT, 1, 7);
+               *pos++ = data->mschapv2_ident;
                os_memcpy(pos, "Failed", 6);
                pos += 6;
                AVP_PAD(req, pos);