EAP-TLS: Update specification references to RFC 5216 and 9190

The previously used references were pointing to an obsoleted RFC and
draft versions. Replace these with current versions.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>

diff --git a/src/eap_common/eap_defs.h b/src/eap_common/eap_defs.h
index 70999c4e3e1757c541d5d9ec220261958be1ea40..3346ec53b9a66cf30d6cef5c5bf483a90fcfa19f 100644 (file)
--- a/src/eap_common/eap_defs.h
+++ b/src/eap_common/eap_defs.h
@@ -72,7 +72,7 @@ enum eap_type {
        EAP_TYPE_MD5 = 4, /* RFC 3748 */
        EAP_TYPE_OTP = 5 /* RFC 3748 */,
        EAP_TYPE_GTC = 6, /* RFC 3748 */
-       EAP_TYPE_TLS = 13 /* RFC 2716 */,
+       EAP_TYPE_TLS = 13 /* RFC 5216 */,
        EAP_TYPE_LEAP = 17 /* Cisco proprietary */,
        EAP_TYPE_SIM = 18 /* RFC 4186 */,
        EAP_TYPE_TTLS = 21 /* RFC 5281 */,

diff --git a/src/eap_peer/eap_tls.c b/src/eap_peer/eap_tls.c
index 0d479f1c298c4d1a51e4cc54f324ec68f5b86e24..1c695048ca70d07d32be24dac3e49e3116948ffe 100644 (file)
--- a/src/eap_peer/eap_tls.c
+++ b/src/eap_peer/eap_tls.c
@@ -1,5 +1,5 @@
 /*
- * EAP peer method: EAP-TLS (RFC 2716)
+ * EAP peer method: EAP-TLS (RFC 5216, RFC 9190)
  * Copyright (c) 2004-2008, 2012-2019, Jouni Malinen <j@w1.fi>
  *
  * This software may be distributed under the terms of the BSD license.
@@ -302,7 +302,7 @@ static struct wpabuf * eap_tls_process(struct eap_sm *sm, void *priv,
                return NULL;
        }
 
-       /* draft-ietf-emu-eap-tls13-13 Section 2.5 */
+       /* RFC 9190 Section 2.5 */
        if (res == 2 && data->ssl.tls_v13 && wpabuf_len(resp) == 1 &&
            *wpabuf_head_u8(resp) == 0) {
                wpa_printf(MSG_DEBUG, "EAP-TLS: ACKing Commitment Message");

diff --git a/src/eap_peer/eap_ttls.c b/src/eap_peer/eap_ttls.c
index c4019154d9556f5b9a0056eefe561abba592cfa0..b2740817919fa711bc2165bb178bb5d4909380c1 100644 (file)
--- a/src/eap_peer/eap_ttls.c
+++ b/src/eap_peer/eap_ttls.c
@@ -1473,7 +1473,7 @@ start:
                goto start;
        }
 
-       /* draft-ietf-emu-eap-tls13-13 Section 2.5 */
+       /* RFC 9190 Section 2.5 */
        if (data->ssl.tls_v13 && wpabuf_len(in_decrypted) == 1 &&
            *wpabuf_head_u8(in_decrypted) == 0) {
                wpa_printf(MSG_DEBUG,

diff --git a/src/eap_server/eap_server_tls.c b/src/eap_server/eap_server_tls.c
index 00a496f2c61f5c62f17e6896f8582fea441b654e..6681c1afac22655d5c16a13c4f87f844600eb52c 100644 (file)
--- a/src/eap_server/eap_server_tls.c
+++ b/src/eap_server/eap_server_tls.c
@@ -1,5 +1,5 @@
 /*
- * hostapd / EAP-TLS (RFC 2716)
+ * hostapd / EAP-TLS (RFC 5216, RFC 9190)
  * Copyright (c) 2004-2008, Jouni Malinen <j@w1.fi>
  *
  * This software may be distributed under the terms of the BSD license.

diff --git a/src/eap_server/eap_server_tls_common.c b/src/eap_server/eap_server_tls_common.c
index a9b53b1a06546a4efa661bb8cd618ff3544a63dc..139e97720351b04467198af545ea9dfae5ac04f5 100644 (file)
--- a/src/eap_server/eap_server_tls_common.c
+++ b/src/eap_server/eap_server_tls_common.c
@@ -367,14 +367,14 @@ int eap_server_tls_phase1(struct eap_sm *sm, struct eap_ssl_data *data)
                        sm->cfg->ssl_ctx, data->conn);
 
        /*
-        * https://tools.ietf.org/html/draft-ietf-emu-eap-tls13#section-2.5
+        * RFC 9190 Section 2.5
         *
         * We need to signal the other end that TLS negotiation is done. We
         * can't send a zero-length application data message, so we send
         * application data which is one byte of zero.
         *
         * Note this is only done for when there is no application data to be
-        * sent. So this is done always for EAP-TLS but notibly not for PEAP
+        * sent. So this is done always for EAP-TLS but notably not for PEAP
         * even on resumption.
         */
        if (data->tls_v13 &&