From 89ec14be1beef6a84b759120e2b149de88220b59 Mon Sep 17 00:00:00 2001
From: Sam Hartman <hartmans@debian.org>
Date: Tue, 26 Nov 2013 08:05:37 -0500
Subject: [PATCH] libeap: ignore TLS errors before any TLS calls

Ignore any errors that take place before the packet is started.
---
 libeap/src/eap_peer/eap_tls_common.c | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/libeap/src/eap_peer/eap_tls_common.c b/libeap/src/eap_peer/eap_tls_common.c
index 7bd50f6..8559c4d 100644
--- a/libeap/src/eap_peer/eap_tls_common.c
+++ b/libeap/src/eap_peer/eap_tls_common.c
@@ -747,12 +747,8 @@ const u8 * eap_peer_tls_process_init(struct eap_sm *sm,
 	size_t left;
 	unsigned int tls_msg_len;
 
-	if (tls_get_errors(sm->ssl_ctx)) {
-		wpa_printf(MSG_INFO, "SSL: TLS errors detected");
-		ret->ignore = TRUE;
-		return NULL;
-	}
-
+	/* Ignore errors before we do anything*/
+	(void) tls_get_errors(sm->ssl_ctx);
 	pos = eap_hdr_validate(EAP_VENDOR_IETF, eap_type, reqData, &left);
 	if (pos == NULL) {
 		ret->ignore = TRUE;
-- 
2.1.4