REQUEST *request = handler->request;
tls_session_t *tls_session = handler->opaque;
+ handler->finished = TRUE;
reply.code = EAPTLS_SUCCESS;
reply.length = TLS_HEADER_LEN;
reply.flags = peap_flag;
* user.
*/
if ((!tls_session->allow_session_resumption) ||
- (((vp = pairfind(request->config_items, 1127)) != NULL) &&
+ (((vp = pairfind(request->config_items, 1127, 0)) != NULL) &&
(vp->vp_integer == 0))) {
SSL_CTX_remove_session(tls_session->ctx,
tls_session->ssl->session);
} else if (!SSL_session_reused(tls_session->ssl)) {
RDEBUG2("Saving response in the cache");
- vp = paircopy2(request->reply->vps, PW_USER_NAME);
- pairadd(&vps, vp);
+ vp = paircopy2(request->reply->vps, PW_USER_NAME, 0);
+ if (vp) pairadd(&vps, vp);
- vp = paircopy2(request->packet->vps, PW_STRIPPED_USER_NAME);
- pairadd(&vps, vp);
+ vp = paircopy2(request->packet->vps, PW_STRIPPED_USER_NAME, 0);
+ if (vp) pairadd(&vps, vp);
+
+ vp = paircopy2(request->reply->vps, PW_CACHED_SESSION_POLICY, 0);
+ if (vp) pairadd(&vps, vp);
if (vps) {
SSL_SESSION_set_ex_data(tls_session->ssl->session,
EAPTLS_PACKET reply;
tls_session_t *tls_session = handler->opaque;
+ handler->finished = TRUE;
reply.code = EAPTLS_FAIL;
reply.length = TLS_HEADER_LEN;
reply.flags = peap_flag;
* If more info
* is required then send another request.
*/
- if (!tls_handshake_recv(tls_session)) {
+ if (!tls_handshake_recv(handler->request, tls_session)) {
DEBUG2("TLS receive handshake failed during operation");
eaptls_fail(handler, tls_session->peap_flag);
return EAPTLS_FAIL;
eaptls_status_t status;
REQUEST *request = handler->request;
+ assert(request != NULL);
+
RDEBUG2("processing EAP-TLS");
+ if (handler->certs) pairadd(&request->packet->vps,
+ paircopy(handler->certs));
/* This case is when SSL generates Alert then we
* send that alert to the client and then send the EAP-Failure