projects / mech_eap.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 336a46a)
EAP-SIM server: Require SIM/Start response to include identity
authorJouni Malinen <j@w1.fi>
Sat, 1 Sep 2012 15:56:35 +0000 (18:56 +0300)
committerJouni Malinen <j@w1.fi>
Sat, 1 Sep 2012 15:56:35 +0000 (18:56 +0300)
Since we always request an identity in the request, the response
has to include AT_IDENTITY. This allows the SIM/Start response
processing to be simplified a bit.

Signed-hostap: Jouni Malinen <j@w1.fi>

src/eap_server/eap_server_sim.c patch | blob | history

diff --git a/src/eap_server/eap_server_sim.c b/src/eap_server/eap_server_sim.c
index 6b0f676..ec20c78 100644 (file)
--- a/src/eap_server/eap_server_sim.c
+++ b/src/eap_server/eap_server_sim.c
@@ -405,19 +405,34 @@ static void eap_sim_process_start(struct eap_sm *sm,
        const u8 *identity;
        size_t identity_len;
        u8 ver_list[2];
+       u8 *new_identity;
 
        wpa_printf(MSG_DEBUG, "EAP-SIM: Receive start response");
 
-       if (attr->identity) {
-               os_free(sm->identity);
-               sm->identity = os_malloc(attr->identity_len);
-               if (sm->identity) {
-                       os_memcpy(sm->identity, attr->identity,
-                                 attr->identity_len);
-                       sm->identity_len = attr->identity_len;
-               }
+       /*
+        * We always request identity in SIM/Start, so the peer is required to
+        * have replied with one.
+        */
+       if (!attr->identity || attr->identity_len == 0) {
+               wpa_printf(MSG_DEBUG, "EAP-SIM: Peer did not provide any "
+                          "identity");
+               eap_sim_state(data, FAILURE);
+               return;
        }
 
+       new_identity = os_malloc(attr->identity_len);
+       if (new_identity == NULL) {
+               eap_sim_state(data, FAILURE);
+               return;
+       }
+       os_free(sm->identity);
+       sm->identity = new_identity;
+       os_memcpy(sm->identity, attr->identity, attr->identity_len);
+       sm->identity_len = attr->identity_len;
+
+       wpa_hexdump_ascii(MSG_DEBUG, "EAP-SIM: Identity",
+                         sm->identity, sm->identity_len);
+
        identity = NULL;
        identity_len = 0;
 
@@ -453,9 +468,6 @@ static void eap_sim_process_start(struct eap_sm *sm,
                return;
        }
 
-       wpa_hexdump_ascii(MSG_DEBUG, "EAP-SIM: Identity",
-                         identity, identity_len);
-
        if (data->reauth) {
                eap_sim_state(data, REAUTH);
                return;
Moonshot GSS-API mechanism