projects / libeap.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Remove src/crypto from default include path
[libeap.git] / src / eap_peer / eap.c
diff --git a/src/eap_peer/eap.c b/src/eap_peer/eap.c
index 8f84434..0630f9a 100644 (file)
--- a/src/eap_peer/eap.c
+++ b/src/eap_peer/eap.c
@@ -24,14 +24,14 @@
 #include "includes.h"
 
 #include "common.h"
-#include "eap_i.h"
-#include "eap_config.h"
-#include "tls.h"
-#include "crypto.h"
 #include "pcsc_funcs.h"
-#include "wpa_ctrl.h"
 #include "state_machine.h"
+#include "crypto/crypto.h"
+#include "crypto/tls.h"
+#include "common/wpa_ctrl.h"
 #include "eap_common/eap_wsc_common.h"
+#include "eap_i.h"
+#include "eap_config.h"
 
 #define STATE_MACHINE_DATA struct eap_sm
 #define STATE_MACHINE_DEBUG_PREFIX "EAP"
@@ -106,7 +106,7 @@ static void eap_deinit_prev_method(struct eap_sm *sm, const char *txt)
  * @method: EAP type
  * Returns: 1 = allowed EAP method, 0 = not allowed
  */
-static int eap_allowed_method(struct eap_sm *sm, int vendor, u32 method)
+int eap_allowed_method(struct eap_sm *sm, int vendor, u32 method)
 {
        struct eap_peer_config *config = eap_get_config(sm);
        int i;
@@ -134,7 +134,8 @@ SM_STATE(EAP, INITIALIZE)
 {
        SM_ENTRY(EAP, INITIALIZE);
        if (sm->fast_reauth && sm->m && sm->m->has_reauth_data &&
-           sm->m->has_reauth_data(sm, sm->eap_method_priv)) {
+           sm->m->has_reauth_data(sm, sm->eap_method_priv) &&
+           !sm->prev_failure) {
                wpa_printf(MSG_DEBUG, "EAP: maintaining EAP method data for "
                           "fast reauthentication");
                sm->m->deinit_for_reauth(sm, sm->eap_method_priv);
@@ -165,6 +166,7 @@ SM_STATE(EAP, INITIALIZE)
        eapol_set_bool(sm, EAPOL_eapResp, FALSE);
        eapol_set_bool(sm, EAPOL_eapNoResp, FALSE);
        sm->num_rounds = 0;
+       sm->prev_failure = 0;
 }
 
 
@@ -505,6 +507,8 @@ SM_STATE(EAP, FAILURE)
 
        wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_FAILURE
                "EAP authentication failed");
+
+       sm->prev_failure = 1;
 }
 
 
@@ -1178,16 +1182,15 @@ struct eap_sm * eap_peer_sm_init(void *eapol_ctx,
        sm->eapol_cb = eapol_cb;
        sm->msg_ctx = msg_ctx;
        sm->ClientTimeout = 60;
-       if (conf->mac_addr)
-               os_memcpy(sm->mac_addr, conf->mac_addr, ETH_ALEN);
-       if (conf->uuid)
-               os_memcpy(sm->uuid, conf->uuid, 16);
        sm->wps = conf->wps;
 
        os_memset(&tlsconf, 0, sizeof(tlsconf));
        tlsconf.opensc_engine_path = conf->opensc_engine_path;
        tlsconf.pkcs11_engine_path = conf->pkcs11_engine_path;
        tlsconf.pkcs11_module_path = conf->pkcs11_module_path;
+#ifdef CONFIG_FIPS
+       tlsconf.fips_mode = 1;
+#endif /* CONFIG_FIPS */
        sm->ssl_ctx = tls_init(&tlsconf);
        if (sm->ssl_ctx == NULL) {
                wpa_printf(MSG_WARNING, "SSL: Failed to initialize TLS "
EAP library