Project

General

Profile

Bug #109

Vendor checking in EAP authenticator missing

Added by Ingo Kubbilun over 10 years ago. Updated over 10 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
charon
Target version:
Start date:
03.03.2010
Due date:
Estimated time:
Affected version:
5.9.0
Resolution:

Description

Dear strongSwan developers,

please apply the patch shown below to the EAP authenticator (vendor checking was missing in switch stmt.); this was found and fixed by my colleague Reinhard Pfau (secunet AG).
He created an EAP plugin and ran into this problem.
Btw: thanks for adding get_sa to bus.h/bus.c (we patched this in the past) and thanks for adding experimental draft-eronen-ipsec-ikev2-eap-auth support - great for mutual authentication based on smartcards!

Thank you, Ingo.


--- strongswan-4.3.6/src/charon/sa/authenticators/eap_authenticator.c 2010-01-09 21:43:32.000000000 0100
+
+ strongswan-4.3.6-modified/src/charon/sa/authenticators/eap_authenticator.c 2010-03-03 12:00:22.000000000 0100
@ -251,7 +251,7 @
case NEED_MORE:
return out;
case SUCCESS:
- if (type EAP_IDENTITY)
if ((!vendor) && (type EAP_IDENTITY)) {
chunk_t data;

patch.txt (403 Bytes) patch.txt Patch file Ingo Kubbilun, 03.03.2010 12:10

History

#1 Updated by Ingo Kubbilun over 10 years ago

Sorry, patch was nuked. Added as attachment.

#2 Updated by Martin Willi over 10 years ago

  • Status changed from New to Closed
  • Target version changed from 4.3.6 to 4.4.0

please apply the patch shown below

Thanks for the patch, applied to master.

Btw: thanks for adding get_sa to bus.h/bus.c (we patched this in the past) and thanks for adding experimental draft-eronen-ipsec-ikev2-eap-auth support - great for mutual authentication based on smartcards!

You're welcome :-).

Also available in: Atom PDF