]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b7204c1)
Don't check content type if it wasn't set by a received message
authorNick Porter <nick@portercomputing.co.uk>
Fri, 1 Nov 2024 14:59:36 +0000 (14:59 +0000)
committerNick Porter <nick@portercomputing.co.uk>
Tue, 5 Nov 2024 10:13:56 +0000 (10:13 +0000)
This is seen in EAP-TTLS-MSCHAPv2, where the final client -> server
message is an ACK with zero data length.

src/lib/eap/tls.c patch | blob | blame | history

diff --git a/src/lib/eap/tls.c b/src/lib/eap/tls.c
index a3cdfae5d04ca33bcea150f8c57172f4363560e8..261c048e06f784e24ea9e6b274e7b412dd3797c7 100644 (file)
--- a/src/lib/eap/tls.c
+++ b/src/lib/eap/tls.c
@@ -531,6 +531,10 @@ static eap_tls_status_t eap_tls_session_status(request_t *request, eap_session_t
                 *      to the default section below.
                 */
        default:
+               /*
+                *      If the last message was from us, then the session is established
+                */
+               if (tls_session->info.origin == 1) return EAP_TLS_ESTABLISHED;
                REDEBUG("Invalid ACK received: %d", tls_session->info.content_type);
                return EAP_TLS_INVALID;
        }
Mirror of https://github.com/FreeRADIUS/freeradius-server.git