aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_server/eap_sim.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2008-02-03 03:34:24 (GMT)
committerJouni Malinen <j@w1.fi>2008-02-03 03:34:24 (GMT)
commitf6417bcf58bd6e3c0a231bc8b3ba450265e5a2fe (patch)
treeb54d82ddc2b36b2f552558b52cdc6145e1086985 /src/eap_server/eap_sim.c
parent52b450dd741929d9290dac81ac172a80eafd8632 (diff)
downloadhostap-history-f6417bcf58bd6e3c0a231bc8b3ba450265e5a2fe.zip
hostap-history-f6417bcf58bd6e3c0a231bc8b3ba450265e5a2fe.tar.gz
hostap-history-f6417bcf58bd6e3c0a231bc8b3ba450265e5a2fe.tar.bz2
EAP-SIM/AKA workaround for incorrect null termination in the username
It looks like some EAP-SIM/AKA peer implementations include an extra null termination in the end of the identity/username. These implementations do not seem to include these null characters in key derivation and that would result in a key mismatch. As a workaround, drop the possible null characters from the end of the identity/username for key derivation.
Diffstat (limited to 'src/eap_server/eap_sim.c')
-rw-r--r--src/eap_server/eap_sim.c12
1 files changed, 9 insertions, 3 deletions
diff --git a/src/eap_server/eap_sim.c b/src/eap_server/eap_sim.c
index bc67116..40886b2 100644
--- a/src/eap_server/eap_sim.c
+++ b/src/eap_server/eap_sim.c
@@ -1,6 +1,6 @@
/*
* hostapd / EAP-SIM (RFC 4186)
- * Copyright (c) 2005-2007, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2005-2008, Jouni Malinen <j@w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
@@ -474,12 +474,18 @@ static void eap_sim_process_start(struct eap_sm *sm,
return;
}
+ identity_len = sm->identity_len;
+ if (identity_len > 0 && sm->identity[identity_len - 1] == '\0') {
+ wpa_printf(MSG_DEBUG, "EAP-SIM: Workaround - drop last null "
+ "character from identity");
+ identity_len--;
+ }
wpa_hexdump_ascii(MSG_DEBUG, "EAP-SIM: Identity for MK derivation",
- sm->identity, sm->identity_len);
+ sm->identity, identity_len);
os_memcpy(data->nonce_mt, attr->nonce_mt, EAP_SIM_NONCE_MT_LEN);
WPA_PUT_BE16(ver_list, EAP_SIM_VERSION);
- eap_sim_derive_mk(sm->identity, sm->identity_len, attr->nonce_mt,
+ eap_sim_derive_mk(sm->identity, identity_len, attr->nonce_mt,
attr->selected_version, ver_list, sizeof(ver_list),
data->num_chal, (const u8 *) data->kc, data->mk);
eap_sim_derive_keys(data->mk, data->k_encr, data->k_aut, data->msk,