EAP-TTLS setting is refused

[hgot07]

App refuses configuring EAP-TTLS. (Plz. see the next comment)If EAPMethod=21 (EAP-TTLS) is specified in .eap-config file, the app shows "The profile you have selected is not supported by this application." error and fails configuring Wi-Fi. This is problematic because PEAP isn't the standard in Passpoint, while EAP-TTLS is a standard.

[hgot07]

Nah, it was due to my mistake in the .eap-config file. I'm very sorry about it.

Besides, I've found a kind of vulnerability. If the .eap-config file contains the following, the app seems to stop probably due to an exception.

    <InnerAuthenticationMethod>
      <NonEAPAuthMethod>
        <Type>MSCHAPv2</Type>
      </NonEAPAuthMethod>
    </InnerAuthenticationMethod>

Of course, the description is wrong. MSCHAPv2 must be replaced with 3. However, this means that a wrong / malicious config file can shoot down the app potentially in a harmful way.

[hgot07]

Thanks for addressing the problem. Is the XSD defining the tag ordering? If it's not, introducing a new (undefined) tag order restriction would be problematic. This may be related the choice of C14N (canonicalization) method accompanying with the XML validator.