diff options
| author | Jouni Malinen <j@w1.fi> | 2012-02-16 23:27:01 +0200 |
|---|---|---|
| committer | Jouni Malinen <j@w1.fi> | 2012-02-16 23:31:30 +0200 |
| commit | 0047c047fc8bae4a78f48bc687011acc093d9680 (patch) | |
| tree | 3c920edb29a96b254922955dbdbc550a9575d523 /src | |
| parent | 05c15c897d11e15dbb42679f5483e83b73d5044a (diff) | |
| download | external_wpa_supplicant_8_ti-0047c047fc8bae4a78f48bc687011acc093d9680.zip external_wpa_supplicant_8_ti-0047c047fc8bae4a78f48bc687011acc093d9680.tar.gz external_wpa_supplicant_8_ti-0047c047fc8bae4a78f48bc687011acc093d9680.tar.bz2 | |
EAP-SIM/AKA server: Fix re-authentication not to update pseudonym
AT_NEXT_PSEUDONYM is supposed to be included only in the Challenge
messages, not in the Re-authentication messages. This attribute was
incorrectly included in the Re-authentication messages and could have
been used to update the pseudonym state on the server without the peer
updating its state.
Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
Diffstat (limited to 'src')
| -rw-r--r-- | src/eap_server/eap_server_aka.c | 14 | ||||
| -rw-r--r-- | src/eap_server/eap_server_sim.c | 14 |
2 files changed, 14 insertions, 14 deletions
diff --git a/src/eap_server/eap_server_aka.c b/src/eap_server/eap_server_aka.c index 135c02b..1dc8dd1 100644 --- a/src/eap_server/eap_server_aka.c +++ b/src/eap_server/eap_server_aka.c @@ -292,8 +292,13 @@ static int eap_aka_build_encr(struct eap_sm *sm, struct eap_aka_data *data, const u8 *nonce_s) { os_free(data->next_pseudonym); - data->next_pseudonym = - eap_sim_db_get_next_pseudonym(sm->eap_sim_db_priv, 1); + if (nonce_s == NULL) { + data->next_pseudonym = + eap_sim_db_get_next_pseudonym(sm->eap_sim_db_priv, 1); + } else { + /* Do not update pseudonym during re-authentication */ + data->next_pseudonym = NULL; + } os_free(data->next_reauth_id); if (data->counter <= EAP_AKA_MAX_FAST_REAUTHS) { data->next_reauth_id = @@ -1017,11 +1022,6 @@ static void eap_aka_process_reauth(struct eap_sm *sm, identity_len = id2_len; } - if (data->next_pseudonym) { - eap_sim_db_add_pseudonym(sm->eap_sim_db_priv, identity, - identity_len, data->next_pseudonym); - data->next_pseudonym = NULL; - } if (data->next_reauth_id) { if (data->eap_method == EAP_TYPE_AKA_PRIME) { #ifdef EAP_SERVER_AKA_PRIME diff --git a/src/eap_server/eap_server_sim.c b/src/eap_server/eap_server_sim.c index f49f70e..b578ecc 100644 --- a/src/eap_server/eap_server_sim.c +++ b/src/eap_server/eap_server_sim.c @@ -131,8 +131,13 @@ static int eap_sim_build_encr(struct eap_sm *sm, struct eap_sim_data *data, const u8 *nonce_s) { os_free(data->next_pseudonym); - data->next_pseudonym = - eap_sim_db_get_next_pseudonym(sm->eap_sim_db_priv, 0); + if (nonce_s == NULL) { + data->next_pseudonym = + eap_sim_db_get_next_pseudonym(sm->eap_sim_db_priv, 0); + } else { + /* Do not update pseudonym during re-authentication */ + data->next_pseudonym = NULL; + } os_free(data->next_reauth_id); if (data->counter <= EAP_SIM_MAX_FAST_REAUTHS) { data->next_reauth_id = @@ -616,11 +621,6 @@ static void eap_sim_process_reauth(struct eap_sm *sm, identity_len = id2_len; } - if (data->next_pseudonym) { - eap_sim_db_add_pseudonym(sm->eap_sim_db_priv, identity, - identity_len, data->next_pseudonym); - data->next_pseudonym = NULL; - } if (data->next_reauth_id) { eap_sim_db_add_reauth(sm->eap_sim_db_priv, identity, identity_len, data->next_reauth_id, |