Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

EAP-FAST: Reorder TLVs in PAC Acknowledgment to fix interop issues

It looks like ACS did not like PAC Acknowledgment TLV before Result TLV, so
reorder the TLVs to match the order shown in a
draft-cam-winget-eap-fast-provisioning-09.txt example. This allows
authenticated provisioning to be terminated with Access-Accept (if ACS has
that option enabled). Previously, provisioning was otherwise successful,
but the server rejected connection due to not understanding the PAC Ack
("Invalid TEAP Data recieved").
Jouni Malinen 16 years ago
parent
1b554eb0d7
commit
ea251b4a23
1 changed files with 2 additions and 2 deletions
Unified View Show Diff Stats
  1. 2 2
      src/eap_peer/eap_fast.c

+ 2 - 2
src/eap_peer/eap_fast.c
View File 

@@ -1208,10 +1208,10 @@ static int eap_fast_process_decrypted(struct eap_sm *sm,
 
 
 
 	if (tlv.result == EAP_TLV_RESULT_SUCCESS && !failed) {
 
 	if (tlv.result == EAP_TLV_RESULT_SUCCESS && !failed) {
 
 		tmp = eap_fast_tlv_result(EAP_TLV_RESULT_SUCCESS, 0);
 
 		tmp = eap_fast_tlv_result(EAP_TLV_RESULT_SUCCESS, 0);
 
-		resp = wpabuf_concat(resp, tmp);
 
+		resp = wpabuf_concat(tmp, resp);
 
 	} else if (failed) {
 
 	} else if (failed) {
 
 		tmp = eap_fast_tlv_result(EAP_TLV_RESULT_FAILURE, 0);
 
 		tmp = eap_fast_tlv_result(EAP_TLV_RESULT_FAILURE, 0);
 
-		resp = wpabuf_concat(resp, tmp);
 
+		resp = wpabuf_concat(tmp, resp);
 
 	}
 
 	}
 
 
 
 	if (resp && tlv.result == EAP_TLV_RESULT_SUCCESS && !failed &&
 
 	if (resp && tlv.result == EAP_TLV_RESULT_SUCCESS && !failed &&