Message ID | 20140716180238.6A8101406C3@ushik.mtv.corp.google.com |
---|---|
State | Accepted |
Headers | show |
On Wed, Jul 16, 2014 at 11:01:26AM -0700, Dmitry Shmidt wrote: > diff --git a/src/eap_peer/eap_ttls.c b/src/eap_peer/eap_ttls.c > @@ -501,7 +501,7 @@ static int eap_ttls_phase2_request_mschapv2(struct eap_sm *sm, > - if (sm->workaround) { > + if (sm->workaround & EAP_WORKAROUND_FREERADIUS) { > /* At least FreeRADIUS seems to be terminating > * EAP-TTLS/MSHCAPV2 without the expected MS-CHAP-v2 Success > * packet. */ ... Thanks, I applied this with the workaround removed here completely rather than leaving it as an optional workaround based on the sm->workaround value. This is simpler and there does not seem to be enough justification for this workaround to exist anymore. FreeRADIUS changed its behavior in the 1.1.4 release and the older versions of FreeRADIUS were the only documented case having needed this workaround. No one should be using that old version of the server anymore, so it is fine to just get rid of this wpa_supplicant workaround completely.
Jouni Malinen wrote: > FreeRADIUS changed its behavior in the 1.1.4 release and the older > versions of FreeRADIUS were the only documented case having needed this > workaround. No one should be using that old version of the server > anymore, so it is fine to just get rid of this wpa_supplicant workaround > completely. I agree. Alan DeKok.
diff --git a/src/eap_peer/eap_config.h b/src/eap_peer/eap_config.h index 2591e11..f7d37c2 100644 --- a/src/eap_peer/eap_config.h +++ b/src/eap_peer/eap_config.h @@ -9,6 +9,8 @@ #ifndef EAP_CONFIG_H #define EAP_CONFIG_H +#define EAP_WORKAROUND_FREERADIUS BIT(0) + /** * struct eap_peer_config - EAP peer configuration/credentials */ diff --git a/src/eap_peer/eap_ttls.c b/src/eap_peer/eap_ttls.c index e110236..65a20cc 100644 --- a/src/eap_peer/eap_ttls.c +++ b/src/eap_peer/eap_ttls.c @@ -501,7 +501,7 @@ static int eap_ttls_phase2_request_mschapv2(struct eap_sm *sm, wpabuf_put(msg, pos - buf); *resp = msg; - if (sm->workaround) { + if (sm->workaround & EAP_WORKAROUND_FREERADIUS) { /* At least FreeRADIUS seems to be terminating * EAP-TTLS/MSHCAPV2 without the expected MS-CHAP-v2 Success * packet. */ diff --git a/wpa_supplicant/config_ssid.h b/wpa_supplicant/config_ssid.h index ab474ff..dfed662 100644 --- a/wpa_supplicant/config_ssid.h +++ b/wpa_supplicant/config_ssid.h @@ -16,7 +16,8 @@ #define MAX_SSID_LEN 32 -#define DEFAULT_EAP_WORKAROUND ((unsigned int) -1) +#define DEFAULT_EAP_WORKAROUND (((unsigned int) -1) & \ + ~EAP_WORKAROUND_FREERADIUS) #define DEFAULT_EAPOL_FLAGS (EAPOL_FLAG_REQUIRE_KEY_UNICAST | \ EAPOL_FLAG_REQUIRE_KEY_BROADCAST) #define DEFAULT_PROTO (WPA_PROTO_WPA | WPA_PROTO_RSN)
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com> --- src/eap_peer/eap_config.h | 2 ++ src/eap_peer/eap_ttls.c | 2 +- wpa_supplicant/config_ssid.h | 3 ++- 3 files changed, 5 insertions(+), 2 deletions(-)