TNC: Added support for using TNC with EAP-FAST

author Jouni Malinen <j@w1.fi>

Sun, 9 Mar 2008 09:21:01 +0000 (11:21 +0200)

committer Jouni Malinen <j@w1.fi>

Sun, 9 Mar 2008 09:21:01 +0000 (11:21 +0200)
author Jouni Malinen <j@w1.fi>
Sun, 9 Mar 2008 09:21:01 +0000 (11:21 +0200)
committer Jouni Malinen <j@w1.fi>
Sun, 9 Mar 2008 09:21:01 +0000 (11:21 +0200)
diff --git a/src/eap_peer/eap_fast.c b/src/eap_peer/eap_fast.c

index bf94e0f0ca50c4332994dffb2bb089236ebfb337..33e52320846fc37b560225779c8bce7de411d580 100644 (file)
--- a/src/eap_peer/eap_fast.c
+++ b/src/eap_peer/eap_fast.c
@@ -358,6 +358,9 @@ static int eap_fast_select_phase2_method(struct eap_fast_data *data, u8 type)
  {
         size_t i;
  
+       /* TODO: TNC with anonymous provisioning; need to require both
+        * completed MSCHAPv2 and TNC */
+
         if (data->anon_provisioning && type != EAP_TYPE_MSCHAPV2) {
                 wpa_printf(MSG_INFO, "EAP-FAST: Only EAP-MSCHAPv2 is allowed "
                            "during unauthenticated provisioning; reject phase2"
@@ -365,6 +368,18 @@ static int eap_fast_select_phase2_method(struct eap_fast_data *data, u8 type)
                 return -1;
         }
  
+#ifdef EAP_TNC
+       if (type == EAP_TYPE_TNC) {
+               data->phase2_type.vendor = EAP_VENDOR_IETF;
+               data->phase2_type.method = EAP_TYPE_TNC;
+               wpa_printf(MSG_DEBUG, "EAP-FAST: Selected Phase 2 EAP "
+                          "vendor %d method %d for TNC",
+                          data->phase2_type.vendor,
+                          data->phase2_type.method);
+               return 0;
+       }
+#endif /* EAP_TNC */
+
         for (i = 0; i < data->num_phase2_types; i++) {
                 if (data->phase2_types[i].vendor != EAP_VENDOR_IETF ||
                     data->phase2_types[i].method != type)
@@ -410,6 +425,17 @@ static int eap_fast_phase2_request(struct eap_sm *sm,
                 return 0;
         }
  
+       if (data->phase2_priv && data->phase2_method &&
+           *pos != data->phase2_type.method) {
+               wpa_printf(MSG_DEBUG, "EAP-FAST: Phase 2 EAP sequence - "
+                          "deinitialize previous method");
+               data->phase2_method->deinit(sm, data->phase2_priv);
+               data->phase2_method = NULL;
+               data->phase2_priv = NULL;
+               data->phase2_type.vendor = EAP_VENDOR_IETF;
+               data->phase2_type.method = EAP_TYPE_NONE;
+       }
+
         if (data->phase2_type.vendor == EAP_VENDOR_IETF &&
             data->phase2_type.method == EAP_TYPE_NONE &&
             eap_fast_select_phase2_method(data, *pos) < 0) {
diff --git a/wpa_supplicant/ChangeLog b/wpa_supplicant/ChangeLog

index 8e80802ef4bc7fa2b42dca6679f2cb5a40644fdb..947b6e1cbe1dbbfcda50832dd0d739080c37e3ab 100644 (file)
--- a/wpa_supplicant/ChangeLog
+++ b/wpa_supplicant/ChangeLog
@@ -2,6 +2,7 @@ ChangeLog for wpa_supplicant
  
  ????-??-?? - v0.6.4
         * added support for EAP Sequences in EAP-FAST Phase 2
+       * added support for using TNC with EAP-FAST
  
  2008-02-22 - v0.6.3
         * removed 'nai' and 'eappsk' network configuration variables that were
author	Jouni Malinen <j@w1.fi>
	Sun, 9 Mar 2008 09:21:01 +0000 (11:21 +0200)
committer	Jouni Malinen <j@w1.fi>
	Sun, 9 Mar 2008 09:21:01 +0000 (11:21 +0200)
src/eap_peer/eap_fast.c		patch \| blob \| blame \| history
wpa_supplicant/ChangeLog		patch \| blob \| blame \| history