Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_wpa_supplicant_8 / 01904cfafd75a70b9f29c0220b90bdef45595491^! / . / src / eap_server
commit01904cfafd75a70b9f29c0220b90bdef45595491[log] [tgz]
authorDmitry Shmidt <dimitrysh@google.com>Thu Dec 05 11:08:35 2013 -0800
committerDmitry Shmidt <dimitrysh@google.com>Thu Dec 05 14:12:55 2013 -0800
treecdfdfa7b0f49480152b0a358d932bf1ceafe43c1
parente701d41f0adb79913ad5851f52cc6f522c0b34cd [diff]
Cumulative patch from commit 0ad3b9c402ee92863b720bc01f882ebcb1bd42c8

0ad3b9c Use wpa_radio data for get_shared_radio_freqs()
1b544ff Use wpa_radio data for wpas_wpa_is_in_progress()
5b81927 Use wpa_radio data for wpas_p2p_search_delay()
c67e7e2 Use wpa_radio data for channel list updates
f88f19b Use wpa_radio data for scan result updates
202dec2 Add shared per-radio structure for wpa_supplicant
73c00fd Move wpa_supplicant driver initialization into a helper function
7feff06 Add CONFIG_CODE_COVERAGE=y option for gcov
d9c753b EAP server: Handle EAP method initialization failures more cleanly
59d3438 EAP server: Initialize TLS context based on private_key
6b417a1 Reject TLS-based EAP server method if TLS context not initialized
158b090 nl80211: Fix regression in P2P group interface removal
6f72577 P2P: Handle INTERFACE_DISABLED event on a P2P GO interface
336167c AP: Fix inactivity STA timer trigger for driver offload case
1245503 Restore scan_req if sta scan is rescheduled in the scan results event
bdec7ee D-Bus: Add support to set pkcs11_{engine,module}_path
80ed037 Clear beacon_data before usage

Change-Id: I1a87557ad09419b88b993ba13f58359121e3543b
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>

diff --git a/src/eap_server/Makefile b/src/eap_server/Makefile
index 9c41962..adfd3df 100644
--- a/src/eap_server/Makefile
+++ b/src/eap_server/Makefile

@@ -2,7 +2,7 @@
 	@echo Nothing to be made.
 
 clean:
-	rm -f *~ *.o *.d
+	rm -f *~ *.o *.d *.gcno *.gcda *.gcov
 
 install:
 	@echo Nothing to be made.

diff --git a/src/eap_server/eap_server.c b/src/eap_server/eap_server.c
index 54b7533..233e272 100644
--- a/src/eap_server/eap_server.c
+++ b/src/eap_server/eap_server.c

@@ -343,6 +343,7 @@
 
 	SM_ENTRY(EAP, PROPOSE_METHOD);
 
+try_another_method:
 	type = eap_sm_Policy_getNextMethod(sm, &vendor);
 	if (vendor == EAP_VENDOR_IETF)
 		sm->currentMethod = type;
@@ -360,8 +361,14 @@
 				   "method %d", sm->currentMethod);
 			sm->m = NULL;
 			sm->currentMethod = EAP_TYPE_NONE;
+			goto try_another_method;
 		}
 	}
+	if (sm->m == NULL) {
+		wpa_printf(MSG_DEBUG, "EAP: Could not find suitable EAP method");
+		sm->decision = DECISION_FAILURE;
+		return;
+	}
 	if (sm->currentMethod == EAP_TYPE_IDENTITY ||
 	    sm->currentMethod == EAP_TYPE_NOTIFICATION)
 		sm->methodState = METHOD_CONTINUE;
@@ -702,6 +709,15 @@
 			SM_ENTER(EAP, METHOD_RESPONSE);
 		break;
 	case EAP_METHOD_REQUEST:
+		if (sm->m == NULL) {
+			/*
+			 * This transition is not mentioned in RFC 4137, but it
+			 * is needed to handle cleanly a case where EAP method
+			 * initialization fails.
+			 */
+			SM_ENTER(EAP, FAILURE);
+			break;
+		}
 		SM_ENTER(EAP, SEND_REQUEST);
 		break;
 	case EAP_METHOD_RESPONSE:

diff --git a/src/eap_server/eap_server_tls_common.c b/src/eap_server/eap_server_tls_common.c
index 9efb5b2..526e1bc 100644
--- a/src/eap_server/eap_server_tls_common.c
+++ b/src/eap_server/eap_server_tls_common.c

@@ -33,6 +33,11 @@
 int eap_server_tls_ssl_init(struct eap_sm *sm, struct eap_ssl_data *data,
 			    int verify_peer)
 {
+	if (sm->ssl_ctx == NULL) {
+		wpa_printf(MSG_ERROR, "TLS context not initialized - cannot use TLS-based EAP method");
+		return -1;
+	}
+
 	data->eap = sm;
 	data->phase2 = sm->init_phase2;