Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2024-11-29 02:38:22 -05:00
Code Issues Projects Releases Wiki Activity

EAP-TLS peer: Determine whether TLS v1.3 or newer is used

Browse Source 
This is needed to be able to handle different key derivation and message
handshakes in EAP implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2018-05-01 17:45:37 +03:00
parent fe7b06c5e1
commit bac1bdba3e
2 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/eap_peer/eap_tls_common.c
View File

@ -669,6 +669,8 @@ int eap_peer_tls_process_helper(struct eap_sm *sm, struct eap_ssl_data *data,
* the AS. * the AS.
*/ */
int res = eap_tls_process_input(sm, data, in_data, out_data); int res = eap_tls_process_input(sm, data, in_data, out_data);
char buf[20];
if (res) { if (res) {
/* /*
* Input processing failed (res = -1) or more data is * Input processing failed (res = -1) or more data is
@ -681,6 +683,12 @@ int eap_peer_tls_process_helper(struct eap_sm *sm, struct eap_ssl_data *data,
* The incoming message has been reassembled and processed. The * The incoming message has been reassembled and processed. The
* response was allocated into data->tls_out buffer. * response was allocated into data->tls_out buffer.
*/ */
if (tls_get_version(data->ssl_ctx, data->conn,
buf, sizeof(buf)) == 0) {
wpa_printf(MSG_DEBUG, "SSL: Using TLS version %s", buf);
data->tls_v13 = os_strcmp(buf, "TLSv1.3") == 0;
}
} }
if (data->tls_out == NULL) { if (data->tls_out == NULL) {

5
src/eap_peer/eap_tls_common.h
View File

@ -73,6 +73,11 @@ struct eap_ssl_data {
* eap_type - EAP method used in Phase 1 (EAP_TYPE_TLS/PEAP/TTLS/FAST) * eap_type - EAP method used in Phase 1 (EAP_TYPE_TLS/PEAP/TTLS/FAST)
*/ */
u8 eap_type; u8 eap_type;
/**
* tls_v13 - Whether TLS v1.3 or newer is used
*/
int tls_v13;
}; };