fragattacks/src
Dmitry Shmidt 870dfe9932 EAP-TTLS: Remove FreeRADIUS workaround for EAP-TTLS/MSCHAPv2
FreeRADIUS releases before 1.1.4 did not send MS-CHAP2-Success in
EAP-TTLS/MSCHAPv2. A wpa_supplicant workaround for that was added in
2005 and it has been enabled by default to avoid interoperability
issues. This could be disabled with all other EAP workarounds
(eap_workaround=0). However, that will disable some workarounds that are
still needed with number of authentication servers.

Old FreeRADIUS versions should not be in use anymore, so it makes sense
to remove this EAP-TTLS/MSCHAPv2 workaround completely to get more
complete validation of server behavior. This allows MSCHAPv2 to verify
that the server knows the password instead of relying only on the TLS
certificate validation.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2014-07-20 10:20:24 +03:00
..
ap DFS: Remove dead assignment 2014-07-03 00:51:47 +03:00
common P2P: Make unrecognized vendor elements available in P2P_PEER 2014-07-08 15:57:30 +03:00
crypto Milenage: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:47 +03:00
drivers nl80211: Ensure nl_preq unregistration on driver deinit 2014-07-08 16:01:43 +03:00
eap_common EAP-GPSK: Avoid dead increment by checking pos pointer 2014-07-02 12:38:48 +03:00
eap_peer EAP-TTLS: Remove FreeRADIUS workaround for EAP-TTLS/MSCHAPv2 2014-07-20 10:20:24 +03:00
eap_server EAP server: Clear keying material on deinit 2014-07-02 12:38:48 +03:00
eapol_auth RADIUS server: Allow EAP methods to log into SQLite DB 2014-03-09 18:21:13 +02:00
eapol_supp EAPOL supplicant: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:47 +03:00
l2_packet l2_packet: Fix l2_packet_none (hostapd default) 2014-04-14 23:04:55 +03:00
p2p P2P: Make unrecognized vendor elements available in P2P_PEER 2014-07-08 15:57:30 +03:00
pae MACsec: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:47 +03:00
radius Clear hostapd configuration keys explicitly 2014-07-02 12:38:48 +03:00
rsn_supp RSN supplicant: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:47 +03:00
tls TLS: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:47 +03:00
utils HS 2.0 R2: Clear hs20-osu-client configuration keys explicitly 2014-07-02 12:38:48 +03:00
wps WPS: Clear keys/PINs explicitly 2014-07-02 12:52:08 +03:00
lib.rules Add rules for building src/crypto as a library 2009-12-05 22:03:46 +02:00
Makefile MACsec: Add PAE implementation 2014-05-09 20:42:44 +03:00