diff options
author | Martin Willi <martin@revosec.ch> | 2010-08-24 08:41:12 +0200 |
---|---|---|
committer | Martin Willi <martin@revosec.ch> | 2010-08-24 08:45:49 +0200 |
commit | f55f9c4e1ed1b0cfdd9e0ae75b4b76ec22ff80b4 (patch) | |
tree | e97fff2ac4df7869af4c2393b62ce51e63ff353f /src | |
parent | c5142f110ec8376b8e5cef9bb92fe4a375e4622e (diff) | |
download | strongswan-f55f9c4e1ed1b0cfdd9e0ae75b4b76ec22ff80b4.tar.bz2 strongswan-f55f9c4e1ed1b0cfdd9e0ae75b4b76ec22ff80b4.tar.xz |
Client sends empty EAP-TTLS packet on fatal alerts to properly shut down TLS
Diffstat (limited to 'src')
-rw-r--r-- | src/libcharon/plugins/eap_ttls/eap_ttls.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls.c b/src/libcharon/plugins/eap_ttls/eap_ttls.c index d7372fe76..35a529091 100644 --- a/src/libcharon/plugins/eap_ttls/eap_ttls.c +++ b/src/libcharon/plugins/eap_ttls/eap_ttls.c @@ -338,6 +338,12 @@ METHOD(eap_method_t, process, status_t, { *out = read_buf(this, pkt->identifier); } + else if (status == FAILED && !this->is_server) + { /* client sends an empty TLS message, waits for a EAP-Failure */ + chunk_free(&this->output); + *out = read_buf(this, pkt->identifier); + return NEED_MORE; + } return status; } |