aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_server/eap_sim.c
Commit message (Collapse)AuthorAgeFilesLines
* Extend the identity workaround to remove all trailing null charactersJouni Malinen2008-02-041-1/+1
|
* Fixed EAP-SIM Start response processing for fast reauthentication caseJouni Malinen2008-02-031-14/+14
| | | | | | The AT_NONCE_MT and AT_SELECTED_VERSION attributes are only included in the SIM/Start response when using full authentication. Fixed the code not to require these to be present when fast reauthentication is used.
* EAP-SIM/AKA: Ignore client error when sending success result indicationJouni Malinen2008-02-031-1/+4
| | | | | | RFCs require the EAP-SIM/AKA server to ignore the contents of a response to the protected success indication, so ignore client error in this case and reply with EAP-Success.
* Remove AT_COUNTER from EAP-SIM/AKA result indication in full authenticationJouni Malinen2008-02-031-15/+18
| | | | | | | | Previous version was incorrectly including AT_COUNTER in the Notification message even for full authentication. This caused interoperability issues and was against the RFCs, so AT_COUNTER (and the additional encryption attributes) is now only included in case the notification follows fast reauthentication.
* Include AT_ANY_ID_REQ in EAP-SIM/AKA start/identity per RFC recommendationJouni Malinen2008-02-031-0/+7
| | | | | | | This identity request is not really needed if EAP-Response/Identity already includes the correct identity. However, since the RFC 4186/4187 recommend that the EAP identity is ignored, it is safer to do that here should some peer implementations behave incorrectly.
* EAP-SIM/AKA workaround for incorrect null termination in the usernameJouni Malinen2008-02-031-3/+9
| | | | | | | | It looks like some EAP-SIM/AKA peer implementations include an extra null termination in the end of the identity/username. These implementations do not seem to include these null characters in key derivation and that would result in a key mismatch. As a workaround, drop the possible null characters from the end of the identity/username for key derivation.
* Added support for protected result indication with AT_RESULT_IND forJouni Malinen2007-12-211-3/+90
| | | | | | EAP-SIM and EAP-AKA. This is disabled by default, but can be enabled in configuration file (hostapd: eap_sim_aka_result_ind=1 and wpa_supplicant: phase1="result_ind=1").
* Added 'struct wpabuf' data structure for presenting data buffers.Jouni Malinen2007-12-161-39/+38
| | | | | | | | | | | | | | This can be used to clean up various code areas that are storing a pointer to an allocated buffer and a length field separately. wpabuf.h defines number of helper functions to make it simpler to use wpabuf. In addition, this adds some bounds checking to buffer writes since wpabuf_put*() functions will abort the program should something try to write beyond the end of a buffer. This commit is also changing EAP and EAPOL interfaces to use struct wpabuf which makes the number of changes quite large. This will, obviously, also mean that 0.6.x branch is not anymore source code compatible with 0.5.x as far as EAP method interface is concerned.
* Use eap_hdr_validate() instead of local implementation to validate EAPJouni Malinen2007-12-011-7/+7
| | | | header.
* Added 'os_' prefix to common C library functions.Jouni Malinen2007-12-011-22/+22
| | | | Converted some printf() calls to use wpa_printf().
* Replaced the old hostapd_get_rand() calls with os_get_random().Jouni Malinen2007-12-011-1/+1
|
* Replaced remaining occurrences of wpa_zalloc() calls with os_zalloc() toJouni Malinen2007-05-271-1/+1
| | | | get rid of the temporary backwards compatibility definition in common.h.
* Updated my email address jkmaline@cc.hut.fi to j@w1.fi since the HUTJouni Malinen2007-03-091-1/+1
| | | | address is about to be removed.
* Include EAP header files using an explicit path (eap_{peer,server,common})Jouni Malinen2007-02-251-3/+3
| | | | | | instead of adding all the directories into includes path for the pre-processor. This allows EAP peer and server header files to be loaded properly even when they are using the same file names.
* First step in moving EAP server/peer methods and EAP state machines intoJouni Malinen2007-02-251-0/+692
src/eap_{server,peer,common} directories.