On 5/26/22 11:01, Andrew Zaborowski wrote:
After one of the eap-tls-common-based methods succeeds keep the TLS
tunnel instance until the method is freed, rather than free it the
moment the method succeeds. This fixes repeated method runs where until
now each next run would attempt to create a new TLS tunnel instance
but would have no authentication data (CA certificate, client
certificate, private key and private key passphrase) since those are
were by the old l_tls object from the moment of the l_tls_set_auth_data()
Use l_tls_reset() to reset the TLS state after method success, followed
by a new l_tls_start() when the reauthentication starts.
Depends on the ell l_tls_reset patch.
src/eap-tls-common.c | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)