Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

"Last Authentication Failed" flag extended to support finer feedback, why last authentication failed

Browse Source
This commit is contained in:
Simon Rozman
2016-09-06 14:10:02 +02:00
parent b7ed9d076f
commit c765954c0f
15 changed files with 149 additions and 125 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/TTLS/src/Method.cpp
View File

@@ -130,10 +130,10 @@ void eap::method_ttls::get_result(
if (result.fSaveConnectionData)
ppResult->fSaveConnectionData = TRUE;
if (m_inner->m_cfg.m_auth_failed) {
// Inner method admitted its credentials failed, so autentication must have proceeded to inner authentication already.
// Therefore, outer credentials must have been OK.
m_cfg.m_auth_failed = false;
if (m_inner->m_cfg.m_last_status != config_method_with_cred::status_success) {
// Inner method admitted problems, so autentication must have proceeded to inner authentication already.
// Therefore, outer authentication must have been OK.
m_cfg.m_last_status = config_method_with_cred::status_success;
}
}
}

4
lib/TTLS/src/Module.cpp
View File

@@ -416,13 +416,13 @@ const eap::config_method_ttls* eap::peer_ttls::combine_credentials(
// If we got here, we have all credentials we need. But, wait!
if ((dwFlags & EAP_FLAG_MACHINE_AUTH) == 0) {
if (cfg_method->m_auth_failed) {
if (config_method_with_cred::status_cred_begin <= cfg_method->m_last_status && cfg_method->m_last_status < config_method_with_cred::status_cred_end) {
// Outer: Credentials failed on last connection attempt.
log_event(&EAPMETHOD_TRACE_EVT_CRED_PROBLEM1, event_data(target_name), event_data((unsigned int)eap_type_tls), event_data::blank);
continue;
}
if (cfg_method->m_inner->m_auth_failed) {
if (config_method_with_cred::status_cred_begin <= cfg_method->m_inner->m_last_status && cfg_method->m_inner->m_last_status < config_method_with_cred::status_cred_end) {
// Inner: Credentials failed on last connection attempt.
log_event(&EAPMETHOD_TRACE_EVT_CRED_PROBLEM1, event_data(target_name), event_data((unsigned int)cfg_method->m_inner->get_method_id()), event_data::blank);
continue;