3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2025-01-20 09:34:06 +01:00

eap-aka/sim: Automatically prefix identities

The identity retrieved from simauth was required to include the
prefix for SIM/AKA/AKA', but in reality a real SIM would not
include that prefix in the IMSI. Now the correct prefix is
prepended onto the identity depending on the EAP method.
This commit is contained in:
James Prestwood 2017-12-14 14:27:27 -08:00 committed by Denis Kenzior
parent f7a9caef2b
commit f82c2253ce
2 changed files with 16 additions and 2 deletions

View File

@ -608,6 +608,14 @@ static bool eap_aka_common_load_settings(struct eap_state *eap,
const char *prefix) const char *prefix)
{ {
struct eap_aka_handle *aka = eap_get_data(eap); struct eap_aka_handle *aka = eap_get_data(eap);
/*
* RFC 4187 Section 4.1.1.6
* For AKA, the permanent username prefix is '0'
*
* RFC 5448 Section 3
* For AKA', the permanent username prefix is '6'
*/
char id_prefix = (aka->type == EAP_TYPE_AKA) ? '0' : '6';
/* /*
* No specific settings for EAP-SIM, the auth provider will have all * No specific settings for EAP-SIM, the auth provider will have all
@ -622,7 +630,8 @@ static bool eap_aka_common_load_settings(struct eap_state *eap,
aka->auth_watch = sim_auth_unregistered_watch_add(aka->auth, aka->auth_watch = sim_auth_unregistered_watch_add(aka->auth,
auth_destroyed, eap); auth_destroyed, eap);
aka->identity = l_strdup(iwd_sim_auth_get_nai(aka->auth)); aka->identity = l_strdup_printf("%c%s", id_prefix,
iwd_sim_auth_get_nai(aka->auth));
return true; return true;
} }

View File

@ -630,7 +630,12 @@ static bool eap_sim_load_settings(struct eap_state *eap,
sim->auth_watch = sim_auth_unregistered_watch_add(sim->auth, sim->auth_watch = sim_auth_unregistered_watch_add(sim->auth,
auth_destroyed, eap); auth_destroyed, eap);
sim->identity = l_strdup(iwd_sim_auth_get_nai(sim->auth)); /*
* RFC 4186 Section 4.2.1.6
* EAP-SIM identity prefix is '1'
*/
sim->identity = l_strdup_printf("%c%s", '1',
iwd_sim_auth_get_nai(sim->auth));
return true; return true;
} }