aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_server/eap_server_sim.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2012-09-01 22:26:05 (GMT)
committerJouni Malinen <j@w1.fi>2012-09-01 22:42:05 (GMT)
commitf585c6a6d62998f256495b5775da33551ab17016 (patch)
treecfdf41daec412eb3782327e05055ca8a57822276 /src/eap_server/eap_server_sim.c
parentc95c8b1859d7aa47f0ecaefdffeef0a8c9b0f598 (diff)
downloadhostap-f585c6a6d62998f256495b5775da33551ab17016.zip
hostap-f585c6a6d62998f256495b5775da33551ab17016.tar.gz
hostap-f585c6a6d62998f256495b5775da33551ab17016.tar.bz2
EAP-SIM server: Move subtype validation from check into process
This is needed to be able to use SIM-Notification round to indicate failure per RFC 4186, chapter 6.3.3. Signed-hostap: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/eap_server/eap_server_sim.c')
-rw-r--r--src/eap_server/eap_server_sim.c18
1 files changed, 15 insertions, 3 deletions
diff --git a/src/eap_server/eap_server_sim.c b/src/eap_server/eap_server_sim.c
index e5af2fa..f83c3cb 100644
--- a/src/eap_server/eap_server_sim.c
+++ b/src/eap_server/eap_server_sim.c
@@ -345,18 +345,22 @@ static struct wpabuf * eap_sim_buildReq(struct eap_sm *sm, void *priv, u8 id)
static Boolean eap_sim_check(struct eap_sm *sm, void *priv,
struct wpabuf *respData)
{
- struct eap_sim_data *data = priv;
const u8 *pos;
size_t len;
- u8 subtype;
pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_SIM, respData, &len);
if (pos == NULL || len < 3) {
wpa_printf(MSG_INFO, "EAP-SIM: Invalid frame");
return TRUE;
}
- subtype = *pos;
+ return FALSE;
+}
+
+
+static Boolean eap_sim_unexpected_subtype(struct eap_sim_data *data,
+ u8 subtype)
+{
if (subtype == EAP_SIM_SUBTYPE_CLIENT_ERROR)
return FALSE;
@@ -719,6 +723,14 @@ static void eap_sim_process(struct eap_sm *sm, void *priv,
subtype = *pos;
pos += 3;
+ if (eap_sim_unexpected_subtype(data, subtype)) {
+ wpa_printf(MSG_DEBUG, "EAP-SIM: Unrecognized or unexpected "
+ "EAP-SIM Subtype in EAP Response");
+ data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH;
+ eap_sim_state(data, NOTIFICATION);
+ return;
+ }
+
if (eap_sim_parse_attr(pos, end, &attr, 0, 0)) {
wpa_printf(MSG_DEBUG, "EAP-SIM: Failed to parse attributes");
if (subtype != EAP_SIM_SUBTYPE_CLIENT_ERROR &&