From: Jouni Malinen <j@w1.fi>
Date: Fri, 16 Aug 2019 20:11:28 +0000 (+0300)
Subject: EAP-TEAP peer: Add Intermediate-Result TLV with Crypto-Binding TLV
X-Git-Tag: hostap_2_10~2453
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=0f7c91f2b9ede8d04c807e08ffb5b6adc1fcd225;p=thirdparty%2Fhostap.git

EAP-TEAP peer: Add Intermediate-Result TLV with Crypto-Binding TLV

Previously, only the Result TLV was added when writing Crypto-Binding
TLV response. This is not sufficient, since RFC 7170 require
Intermediate-Result TLV response to be included from the peer if the
server included Intermediate-Result TLV.

Signed-off-by: Jouni Malinen <j@w1.fi>
---

diff --git a/src/eap_peer/eap_teap.c b/src/eap_peer/eap_teap.c
index 7ab919b16..dd2c9d6a6 100644
--- a/src/eap_peer/eap_teap.c
+++ b/src/eap_peer/eap_teap.c
@@ -1193,6 +1193,7 @@ static int eap_teap_process_decrypted(struct eap_sm *sm,
 	struct eap_teap_tlv_parse tlv;
 	int failed = 0;
 	enum teap_error_codes error = 0;
+	int iresult_added = 0;
 
 	if (eap_teap_parse_decrypted(decrypted, &tlv, &resp) < 0) {
 		/* Parsing failed - no response available */
@@ -1262,6 +1263,7 @@ static int eap_teap_process_decrypted(struct eap_sm *sm,
 			resp = wpabuf_concat(resp, tmp);
 			if (tlv.iresult == TEAP_STATUS_FAILURE)
 				failed = 1;
+			iresult_added = 1;
 		}
 	}
 
@@ -1348,6 +1350,13 @@ done:
 		tmp = eap_teap_tlv_result(TEAP_STATUS_SUCCESS, 0);
 		resp = wpabuf_concat(tmp, resp);
 	}
+	if ((tlv.iresult == TEAP_STATUS_SUCCESS ||
+	     tlv.iresult == TEAP_STATUS_FAILURE) && !iresult_added) {
+		tmp = eap_teap_tlv_result((!failed && data->phase2_success) ?
+					  TEAP_STATUS_SUCCESS :
+					  TEAP_STATUS_FAILURE, 1);
+		resp = wpabuf_concat(tmp, resp);
+	}
 
 	if (resp && tlv.result == TEAP_STATUS_SUCCESS && !failed &&
 	    tlv.crypto_binding && data->phase2_success) {