aboutsummaryrefslogtreecommitdiff
path: root/src/eap_server/eap_server_peap.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/eap_server/eap_server_peap.c')
-rw-r--r--src/eap_server/eap_server_peap.c18
1 files changed, 18 insertions, 0 deletions
diff --git a/src/eap_server/eap_server_peap.c b/src/eap_server/eap_server_peap.c
index f526e8bf..998d0e8a 100644
--- a/src/eap_server/eap_server_peap.c
+++ b/src/eap_server/eap_server_peap.c
@@ -56,6 +56,10 @@ struct eap_peap_data {
};
+static int eap_peap_phase2_init(struct eap_sm *sm, struct eap_peap_data *data,
+ int vendor, enum eap_type eap_type);
+
+
static const char * eap_peap_state_txt(int state)
{
switch (state) {
@@ -558,10 +562,24 @@ static struct wpabuf * eap_peap_buildReq(struct eap_sm *sm, void *priv, u8 id)
wpa_printf(MSG_DEBUG, "EAP-PEAP: Phase1 done, "
"starting Phase2");
eap_peap_state(data, PHASE2_START);
+ if (data->ssl.tls_v13 && data->ssl.tls_out &&
+ wpabuf_len(data->ssl.tls_out) == 0) {
+ /* This can happen with TLS 1.3 when a new
+ * session ticket is not generated and the
+ * Finished message from the peer terminates
+ * Phase 1. */
+ wpa_printf(MSG_DEBUG,
+ "EAP-PEAP: No pending data to send - move directly to Phase 2 ID query");
+ eap_peap_state(data, PHASE2_ID);
+ eap_peap_phase2_init(sm, data, EAP_VENDOR_IETF,
+ EAP_TYPE_IDENTITY);
+ goto phase2_id;
+ }
}
break;
case PHASE2_ID:
case PHASE2_METHOD:
+ phase2_id:
wpabuf_free(data->ssl.tls_out);
data->ssl.tls_out_pos = 0;
data->ssl.tls_out = eap_peap_build_phase2_req(sm, data, id);
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-29 20:13:05 +0000