aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorMartin Willi <martin@revosec.ch>2010-08-24 08:41:12 +0200
committerMartin Willi <martin@revosec.ch>2010-08-24 08:45:49 +0200
commitf55f9c4e1ed1b0cfdd9e0ae75b4b76ec22ff80b4 (patch)
treee97fff2ac4df7869af4c2393b62ce51e63ff353f /src
parentc5142f110ec8376b8e5cef9bb92fe4a375e4622e (diff)
downloadstrongswan-f55f9c4e1ed1b0cfdd9e0ae75b4b76ec22ff80b4.tar.bz2
strongswan-f55f9c4e1ed1b0cfdd9e0ae75b4b76ec22ff80b4.tar.xz
Client sends empty EAP-TTLS packet on fatal alerts to properly shut down TLS
Diffstat (limited to 'src')
-rw-r--r--src/libcharon/plugins/eap_ttls/eap_ttls.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls.c b/src/libcharon/plugins/eap_ttls/eap_ttls.c
index d7372fe76..35a529091 100644
--- a/src/libcharon/plugins/eap_ttls/eap_ttls.c
+++ b/src/libcharon/plugins/eap_ttls/eap_ttls.c
@@ -338,6 +338,12 @@ METHOD(eap_method_t, process, status_t,
{
*out = read_buf(this, pkt->identifier);
}
+ else if (status == FAILED && !this->is_server)
+ { /* client sends an empty TLS message, waits for a EAP-Failure */
+ chunk_free(&this->output);
+ *out = read_buf(this, pkt->identifier);
+ return NEED_MORE;
+ }
return status;
}