Bug #109
Vendor checking in EAP authenticator missing
Description
Dear strongSwan developers,
please apply the patch shown below to the EAP authenticator (vendor checking was missing in switch stmt.); this was found and fixed by my colleague Reinhard Pfau (secunet AG).
He created an EAP plugin and ran into this problem.
Btw: thanks for adding get_sa to bus.h/bus.c (we patched this in the past) and thanks for adding experimental draft-eronen-ipsec-ikev2-eap-auth support - great for mutual authentication based on smartcards!
Thank you, Ingo.
--- strongswan-4.3.6/src/charon/sa/authenticators/eap_authenticator.c 2010-01-09 21:43:32.000000000 0100
++ strongswan-4.3.6-modified/src/charon/sa/authenticators/eap_authenticator.c 2010-03-03 12:00:22.000000000 0100@ -251,7 +251,7 @
case NEED_MORE:
return out;
case SUCCESS:
- if (type EAP_IDENTITY)
if ((!vendor) && (type EAP_IDENTITY))
{
chunk_t data;
History
#1 Updated by Ingo Kubbilun over 12 years ago
Sorry, patch was nuked. Added as attachment.
#2 Updated by Martin Willi over 12 years ago
- Status changed from New to Closed
- Target version changed from 4.3.6 to 4.4.0
please apply the patch shown below
Thanks for the patch, applied to master.
Btw: thanks for adding get_sa to bus.h/bus.c (we patched this in the past) and thanks for adding experimental draft-eronen-ipsec-ikev2-eap-auth support - great for mutual authentication based on smartcards!
You're welcome :-).