From 1c34452a7b084a4ca0ed009e1e7139d297aa4620 Mon Sep 17 00:00:00 2001 From: James Prestwood Date: Wed, 30 Aug 2017 16:22:47 -0700 Subject: [PATCH] eap-aka: RAND and AUTN were not being checked When processing the challenge, the AT_RAND and AT_AUTN attributes were never being checked if they were present. --- src/eap-aka.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/eap-aka.c b/src/eap-aka.c index 6ae86d3b..05620b0a 100644 --- a/src/eap-aka.c +++ b/src/eap-aka.c @@ -324,6 +324,12 @@ static void handle_challenge(struct eap_state *eap, const uint8_t *pkt, } } + /* check that the right attributes were found */ + if (!rand || !autn) { + l_error("AT_RAND or AT_AUTN were not found"); + goto chal_error; + } + if (aka->type == EAP_TYPE_AKA_PRIME && (!kdf_in || !kdf_func)) { l_error("AT_KDF or AT_KDF_INPUT were not found"); goto chal_error;