mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-25 16:58:41 -05:00
EAP-TLS server: Determine whether TLS v1.3 or newer is used
This is needed to be able to handle different key derivation and message handshakes in EAP implementation. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
c26ac18958
commit
fe7b06c5e1
@ -305,6 +305,8 @@ static int eap_server_tls_process_fragment(struct eap_ssl_data *data,
|
|||||||
|
|
||||||
int eap_server_tls_phase1(struct eap_sm *sm, struct eap_ssl_data *data)
|
int eap_server_tls_phase1(struct eap_sm *sm, struct eap_ssl_data *data)
|
||||||
{
|
{
|
||||||
|
char buf[20];
|
||||||
|
|
||||||
if (data->tls_out) {
|
if (data->tls_out) {
|
||||||
/* This should not happen.. */
|
/* This should not happen.. */
|
||||||
wpa_printf(MSG_INFO, "SSL: pending tls_out data when "
|
wpa_printf(MSG_INFO, "SSL: pending tls_out data when "
|
||||||
@ -327,6 +329,11 @@ int eap_server_tls_phase1(struct eap_sm *sm, struct eap_ssl_data *data)
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (tls_get_version(sm->ssl_ctx, data->conn, buf, sizeof(buf)) == 0) {
|
||||||
|
wpa_printf(MSG_DEBUG, "SSL: Using TLS version %s", buf);
|
||||||
|
data->tls_v13 = os_strcmp(buf, "TLSv1.3") == 0;
|
||||||
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -50,6 +50,11 @@ struct eap_ssl_data {
|
|||||||
|
|
||||||
enum { MSG, FRAG_ACK, WAIT_FRAG_ACK } state;
|
enum { MSG, FRAG_ACK, WAIT_FRAG_ACK } state;
|
||||||
struct wpabuf tmpbuf;
|
struct wpabuf tmpbuf;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* tls_v13 - Whether TLS v1.3 or newer is used
|
||||||
|
*/
|
||||||
|
int tls_v13;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user