aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_peer/eap_sim.c
diff options
context:
space:
mode:
authorSimon Baatz <gmbnomis@gmail.com>2012-01-28 17:38:46 (GMT)
committerJouni Malinen <j@w1.fi>2012-01-28 17:38:46 (GMT)
commita6689be84fdeb0caa8c5bf1a730c18d47bd12859 (patch)
treef1e63b0047ef884b6492666c31c2f8c8f18f91bf /src/eap_peer/eap_sim.c
parent3d0a843823a05b159eeaa47b59f9e4ec66e74a8f (diff)
downloadhostap-a6689be84fdeb0caa8c5bf1a730c18d47bd12859.zip
hostap-a6689be84fdeb0caa8c5bf1a730c18d47bd12859.tar.gz
hostap-a6689be84fdeb0caa8c5bf1a730c18d47bd12859.tar.bz2
EAP-SIM peer: Append realm when learning the pseudonym
The pseudonym identity should use a realm in environments where a realm is used. Thus, the realm of the permanent identity is added to the pseudonym username sent by the server. Signed-hostap: Simon Baatz <gmbnomis@gmail.com>
Diffstat (limited to 'src/eap_peer/eap_sim.c')
-rw-r--r--src/eap_peer/eap_sim.c39
1 files changed, 30 insertions, 9 deletions
diff --git a/src/eap_peer/eap_sim.c b/src/eap_peer/eap_sim.c
index 06fbc5b..2e81850 100644
--- a/src/eap_peer/eap_sim.c
+++ b/src/eap_peer/eap_sim.c
@@ -287,24 +287,44 @@ static void eap_sim_clear_identities(struct eap_sim_data *data, int id)
}
-static int eap_sim_learn_ids(struct eap_sim_data *data,
+static int eap_sim_learn_ids(struct eap_sm *sm, struct eap_sim_data *data,
struct eap_sim_attrs *attr)
{
if (attr->next_pseudonym) {
+ const u8 *identity = NULL;
+ size_t identity_len = 0;
+ const u8 *realm = NULL;
+ size_t realm_len = 0;
+
+ wpa_hexdump_ascii(MSG_DEBUG,
+ "EAP-SIM: (encr) AT_NEXT_PSEUDONYM",
+ attr->next_pseudonym,
+ attr->next_pseudonym_len);
os_free(data->pseudonym);
- data->pseudonym = os_malloc(attr->next_pseudonym_len);
+ /* Look for the realm of the permanent identity */
+ identity = eap_get_config_identity(sm, &identity_len);
+ if (identity) {
+ for (realm = identity, realm_len = identity_len;
+ realm_len > 0; realm_len--, realm++) {
+ if (*realm == '@')
+ break;
+ }
+ }
+ data->pseudonym = os_malloc(attr->next_pseudonym_len +
+ realm_len);
if (data->pseudonym == NULL) {
wpa_printf(MSG_INFO, "EAP-SIM: (encr) No memory for "
"next pseudonym");
+ data->pseudonym_len = 0;
return -1;
}
os_memcpy(data->pseudonym, attr->next_pseudonym,
attr->next_pseudonym_len);
- data->pseudonym_len = attr->next_pseudonym_len;
- wpa_hexdump_ascii(MSG_DEBUG,
- "EAP-SIM: (encr) AT_NEXT_PSEUDONYM",
- data->pseudonym,
- data->pseudonym_len);
+ if (realm_len) {
+ os_memcpy(data->pseudonym + attr->next_pseudonym_len,
+ realm, realm_len);
+ }
+ data->pseudonym_len = attr->next_pseudonym_len + realm_len;
}
if (attr->next_reauth_id) {
@@ -313,6 +333,7 @@ static int eap_sim_learn_ids(struct eap_sim_data *data,
if (data->reauth_id == NULL) {
wpa_printf(MSG_INFO, "EAP-SIM: (encr) No memory for "
"next reauth_id");
+ data->reauth_id_len = 0;
return -1;
}
os_memcpy(data->reauth_id, attr->next_reauth_id,
@@ -663,7 +684,7 @@ static struct wpabuf * eap_sim_process_challenge(struct eap_sm *sm,
return eap_sim_client_error(
data, id, EAP_SIM_UNABLE_TO_PROCESS_PACKET);
}
- eap_sim_learn_ids(data, &eattr);
+ eap_sim_learn_ids(sm, data, &eattr);
os_free(decrypted);
}
@@ -861,7 +882,7 @@ static struct wpabuf * eap_sim_process_reauthentication(
data->nonce_s, data->mk, data->msk,
data->emsk);
eap_sim_clear_identities(data, CLEAR_REAUTH_ID | CLEAR_EAP_ID);
- eap_sim_learn_ids(data, &eattr);
+ eap_sim_learn_ids(sm, data, &eattr);
if (data->result_ind && attr->result_ind)
data->use_result_ind = 1;