X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=src%2Feap_peer%2Feap.c;h=0630f9a5aef6e1ff574a0da57b2936c254bddc84;hb=03da66bd59567c90dc3b3b0892c3346472a0b413;hp=8f844347f3a1f0f5596ee17715b3cd4f9b4744e2;hpb=116654ce24fea104bd0eeb66499948df4d4df3ce;p=libeap.git diff --git a/src/eap_peer/eap.c b/src/eap_peer/eap.c index 8f84434..0630f9a 100644 --- a/src/eap_peer/eap.c +++ b/src/eap_peer/eap.c @@ -24,14 +24,14 @@ #include "includes.h" #include "common.h" -#include "eap_i.h" -#include "eap_config.h" -#include "tls.h" -#include "crypto.h" #include "pcsc_funcs.h" -#include "wpa_ctrl.h" #include "state_machine.h" +#include "crypto/crypto.h" +#include "crypto/tls.h" +#include "common/wpa_ctrl.h" #include "eap_common/eap_wsc_common.h" +#include "eap_i.h" +#include "eap_config.h" #define STATE_MACHINE_DATA struct eap_sm #define STATE_MACHINE_DEBUG_PREFIX "EAP" @@ -106,7 +106,7 @@ static void eap_deinit_prev_method(struct eap_sm *sm, const char *txt) * @method: EAP type * Returns: 1 = allowed EAP method, 0 = not allowed */ -static int eap_allowed_method(struct eap_sm *sm, int vendor, u32 method) +int eap_allowed_method(struct eap_sm *sm, int vendor, u32 method) { struct eap_peer_config *config = eap_get_config(sm); int i; @@ -134,7 +134,8 @@ SM_STATE(EAP, INITIALIZE) { SM_ENTRY(EAP, INITIALIZE); if (sm->fast_reauth && sm->m && sm->m->has_reauth_data && - sm->m->has_reauth_data(sm, sm->eap_method_priv)) { + sm->m->has_reauth_data(sm, sm->eap_method_priv) && + !sm->prev_failure) { wpa_printf(MSG_DEBUG, "EAP: maintaining EAP method data for " "fast reauthentication"); sm->m->deinit_for_reauth(sm, sm->eap_method_priv); @@ -165,6 +166,7 @@ SM_STATE(EAP, INITIALIZE) eapol_set_bool(sm, EAPOL_eapResp, FALSE); eapol_set_bool(sm, EAPOL_eapNoResp, FALSE); sm->num_rounds = 0; + sm->prev_failure = 0; } @@ -505,6 +507,8 @@ SM_STATE(EAP, FAILURE) wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_FAILURE "EAP authentication failed"); + + sm->prev_failure = 1; } @@ -1178,16 +1182,15 @@ struct eap_sm * eap_peer_sm_init(void *eapol_ctx, sm->eapol_cb = eapol_cb; sm->msg_ctx = msg_ctx; sm->ClientTimeout = 60; - if (conf->mac_addr) - os_memcpy(sm->mac_addr, conf->mac_addr, ETH_ALEN); - if (conf->uuid) - os_memcpy(sm->uuid, conf->uuid, 16); sm->wps = conf->wps; os_memset(&tlsconf, 0, sizeof(tlsconf)); tlsconf.opensc_engine_path = conf->opensc_engine_path; tlsconf.pkcs11_engine_path = conf->pkcs11_engine_path; tlsconf.pkcs11_module_path = conf->pkcs11_module_path; +#ifdef CONFIG_FIPS + tlsconf.fips_mode = 1; +#endif /* CONFIG_FIPS */ sm->ssl_ctx = tls_init(&tlsconf); if (sm->ssl_ctx == NULL) { wpa_printf(MSG_WARNING, "SSL: Failed to initialize TLS "