50a51,52
> if (state == FAILURE)
> tls_connection_remove_session(data->ssl.conn);
53a56,70
> static void eap_tls_valid_session(struct eap_sm *sm, struct eap_tls_data *data)
> {
> struct wpabuf *buf;
>
> if (!sm->tls_session_lifetime)
> return;
>
> buf = wpabuf_alloc(1);
> if (!buf)
> return;
> wpabuf_put_u8(buf, data->eap_type);
> tls_connection_set_success_data(data->ssl.conn, buf);
> }
>
>
63c80
< if (eap_server_tls_ssl_init(sm, &data->ssl, 1)) {
---
> if (eap_server_tls_ssl_init(sm, &data->ssl, 1, EAP_TYPE_TLS)) {
85c102
< if (eap_server_tls_ssl_init(sm, &data->ssl, 0)) {
---
> if (eap_server_tls_ssl_init(sm, &data->ssl, 0, EAP_UNAUTH_TLS_TYPE)) {
107c124,125
< if (eap_server_tls_ssl_init(sm, &data->ssl, 0)) {
---
> if (eap_server_tls_ssl_init(sm, &data->ssl, 0,
> EAP_WFA_UNAUTH_TLS_TYPE)) {
185a204
> eap_tls_valid_session(sm, data);
236a256,258
> const struct wpabuf *buf;
> const u8 *pos;
>
239c261
< 0)
---
> 0) {
240a263,290
> return;
> }
>
> if (!tls_connection_established(sm->ssl_ctx, data->ssl.conn) ||
> !tls_connection_resumed(sm->ssl_ctx, data->ssl.conn))
> return;
>
> buf = tls_connection_get_success_data(data->ssl.conn);
> if (!buf || wpabuf_len(buf) < 1) {
> wpa_printf(MSG_DEBUG,
> "EAP-TLS: No success data in resumed session - reject attempt");
> eap_tls_state(data, FAILURE);
> return;
> }
>
> pos = wpabuf_head(buf);
> if (*pos != data->eap_type) {
> wpa_printf(MSG_DEBUG,
> "EAP-TLS: Resumed session for another EAP type (%u) - reject attempt",
> *pos);
> eap_tls_state(data, FAILURE);
> return;
> }
>
> wpa_printf(MSG_DEBUG,
> "EAP-TLS: Resuming previous session");
> eap_tls_state(data, SUCCESS);
> tls_connection_set_success_data_resumed(data->ssl.conn);
> if (state == FAILURE)
> tls_connection_remove_session(data->ssl.conn);
53a56,70
> static void eap_tls_valid_session(struct eap_sm *sm, struct eap_tls_data *data)
> {
> struct wpabuf *buf;
>
> if (!sm->tls_session_lifetime)
> return;
>
> buf = wpabuf_alloc(1);
> if (!buf)
> return;
> wpabuf_put_u8(buf, data->eap_type);
> tls_connection_set_success_data(data->ssl.conn, buf);
> }
>
>
63c80
< if (eap_server_tls_ssl_init(sm, &data->ssl, 1)) {
---
> if (eap_server_tls_ssl_init(sm, &data->ssl, 1, EAP_TYPE_TLS)) {
85c102
< if (eap_server_tls_ssl_init(sm, &data->ssl, 0)) {
---
> if (eap_server_tls_ssl_init(sm, &data->ssl, 0, EAP_UNAUTH_TLS_TYPE)) {
107c124,125
< if (eap_server_tls_ssl_init(sm, &data->ssl, 0)) {
---
> if (eap_server_tls_ssl_init(sm, &data->ssl, 0,
> EAP_WFA_UNAUTH_TLS_TYPE)) {
185a204
> eap_tls_valid_session(sm, data);
236a256,258
> const struct wpabuf *buf;
> const u8 *pos;
>
239c261
< 0)
---
> 0) {
240a263,290
> return;
> }
>
> if (!tls_connection_established(sm->ssl_ctx, data->ssl.conn) ||
> !tls_connection_resumed(sm->ssl_ctx, data->ssl.conn))
> return;
>
> buf = tls_connection_get_success_data(data->ssl.conn);
> if (!buf || wpabuf_len(buf) < 1) {
> wpa_printf(MSG_DEBUG,
> "EAP-TLS: No success data in resumed session - reject attempt");
> eap_tls_state(data, FAILURE);
> return;
> }
>
> pos = wpabuf_head(buf);
> if (*pos != data->eap_type) {
> wpa_printf(MSG_DEBUG,
> "EAP-TLS: Resumed session for another EAP type (%u) - reject attempt",
> *pos);
> eap_tls_state(data, FAILURE);
> return;
> }
>
> wpa_printf(MSG_DEBUG,
> "EAP-TLS: Resuming previous session");
> eap_tls_state(data, SUCCESS);
> tls_connection_set_success_data_resumed(data->ssl.conn);