488
489
*buf_len += need;
491
*pos += snprintf(*pos, *buf + *buf_len - *pos, "%s=", field);
492
ret = snprintf(*pos, *buf + *buf_len - *pos, "%s=", field);
493
if (ret < 0 || ret >= *buf + *buf_len - *pos)
492
496
*pos += wpa_snprintf_hex(*pos, *buf + *buf_len - *pos, data, len);
493
*pos += snprintf(*pos, *buf + *buf_len - *pos, "\n");
497
ret = snprintf(*pos, *buf + *buf_len - *pos, "\n");
498
if (ret < 0 || ret >= *buf + *buf_len - *pos)
496
*pos += snprintf(*pos, *buf + *buf_len - *pos,
503
ret = snprintf(*pos, *buf + *buf_len - *pos,
505
if (ret < 0 || ret >= *buf + *buf_len - *pos)
498
508
for (i = 0; i < len; i++) {
499
*pos += snprintf(*pos, *buf + *buf_len - *pos,
509
ret = snprintf(*pos, *buf + *buf_len - *pos,
511
if (ret < 0 || ret >= *buf + *buf_len - *pos)
502
*pos += snprintf(*pos, *buf + *buf_len - *pos, "\n");
515
ret = snprintf(*pos, *buf + *buf_len - *pos, "\n");
516
if (ret < 0 || ret >= *buf + *buf_len - *pos)
524
pos += snprintf(pos, buf + buf_len - pos, "%s\n", pac_file_hdr);
540
ret = snprintf(pos, buf + buf_len - pos, "%s\n", pac_file_hdr);
541
if (ret < 0 || ret >= buf + buf_len - pos)
528
pos += snprintf(pos, buf + buf_len - pos, "START\n");
547
ret = snprintf(pos, buf + buf_len - pos, "START\n");
548
if (ret < 0 || ret >= buf + buf_len - pos)
529
551
eap_fast_write(&buf, &pos, &buf_len, "PAC-Key", pac->pac_key,
530
552
EAP_FAST_PAC_KEY_LEN, 0);
531
553
eap_fast_write(&buf, &pos, &buf_len, "PAC-Opaque",
538
560
pac->i_id_len, 1);
539
561
eap_fast_write(&buf, &pos, &buf_len, "A-ID-Info",
540
562
pac->a_id_info, pac->a_id_info_len, 1);
541
pos += snprintf(pos, buf + buf_len - pos, "END\n");
563
ret = snprintf(pos, buf + buf_len - pos, "END\n");
564
if (ret < 0 || ret >= buf + buf_len - pos)
1859
1885
wpa_printf(MSG_DEBUG, "EAP-FAST: No PAC found - "
1860
1886
"starting provisioning");
1861
if (tls_connection_set_anon_dh(sm->ssl_ctx,
1887
ciphers[0] = TLS_CIPHER_ANON_DH_AES128_SHA;
1888
ciphers[1] = TLS_CIPHER_NONE;
1889
if (tls_connection_set_cipher_list(sm->ssl_ctx,
1863
1892
wpa_printf(MSG_INFO, "EAP-FAST: Could not "
1864
1893
"configure anonymous DH for TLS "
1970
if (data->phase2_priv && data->phase2_method &&
1971
data->phase2_method->init_for_reauth)
1972
data->phase2_method->init_for_reauth(sm, data->phase2_priv);
1941
1973
data->phase2_success = 0;
1942
1974
data->resuming = 1;
1943
1975
data->provisioning = 0;
1950
1982
size_t buflen, int verbose)
1952
1984
struct eap_fast_data *data = priv;
1955
1987
len = eap_tls_status(sm, &data->ssl, buf, buflen, verbose);
1956
1988
if (data->phase2_method) {
1957
len += snprintf(buf + len, buflen - len,
1958
"EAP-FAST Phase2 method=%s\n",
1959
data->phase2_method->name);
1989
ret = snprintf(buf + len, buflen - len,
1990
"EAP-FAST Phase2 method=%s\n",
1991
data->phase2_method->name);
1992
if (ret < 0 || (size_t) ret >= buflen - len)