mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-28 18:28:23 -05:00
EAP: Make method and IMSI available from server structures
Expose EAP method and IMSI from the completed (or ongoing) EAP authentication session. These are needed for implementing Hotspot 2.0 SIM provisioning. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
fb2dc898d6
commit
79fec6a92d
@ -153,6 +153,8 @@ void eap_sm_pending_cb(struct eap_sm *sm);
|
|||||||
int eap_sm_method_pending(struct eap_sm *sm);
|
int eap_sm_method_pending(struct eap_sm *sm);
|
||||||
const u8 * eap_get_identity(struct eap_sm *sm, size_t *len);
|
const u8 * eap_get_identity(struct eap_sm *sm, size_t *len);
|
||||||
const char * eap_get_serial_num(struct eap_sm *sm);
|
const char * eap_get_serial_num(struct eap_sm *sm);
|
||||||
|
const char * eap_get_method(struct eap_sm *sm);
|
||||||
|
const char * eap_get_imsi(struct eap_sm *sm);
|
||||||
struct eap_eapol_interface * eap_get_interface(struct eap_sm *sm);
|
struct eap_eapol_interface * eap_get_interface(struct eap_sm *sm);
|
||||||
void eap_server_clear_identity(struct eap_sm *sm);
|
void eap_server_clear_identity(struct eap_sm *sm);
|
||||||
void eap_server_mschap_rx_callback(struct eap_sm *sm, const char *source,
|
void eap_server_mschap_rx_callback(struct eap_sm *sm, const char *source,
|
||||||
|
@ -160,6 +160,7 @@ struct eap_sm {
|
|||||||
u8 *identity;
|
u8 *identity;
|
||||||
size_t identity_len;
|
size_t identity_len;
|
||||||
char *serial_num;
|
char *serial_num;
|
||||||
|
char imsi[20];
|
||||||
/* Whether Phase 2 method should validate identity match */
|
/* Whether Phase 2 method should validate identity match */
|
||||||
int require_identity_match;
|
int require_identity_match;
|
||||||
int lastId; /* Identifier used in the last EAP-Packet */
|
int lastId; /* Identifier used in the last EAP-Packet */
|
||||||
|
@ -2003,6 +2003,32 @@ const char * eap_get_serial_num(struct eap_sm *sm)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* eap_get_method - Get the used EAP method
|
||||||
|
* @sm: Pointer to EAP state machine allocated with eap_server_sm_init()
|
||||||
|
* Returns: Pointer to the method name or %NULL if not available
|
||||||
|
*/
|
||||||
|
const char * eap_get_method(struct eap_sm *sm)
|
||||||
|
{
|
||||||
|
if (!sm || !sm->m)
|
||||||
|
return NULL;
|
||||||
|
return sm->m->name;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* eap_get_imsi - Get IMSI of the user
|
||||||
|
* @sm: Pointer to EAP state machine allocated with eap_server_sm_init()
|
||||||
|
* Returns: Pointer to IMSI or %NULL if not available
|
||||||
|
*/
|
||||||
|
const char * eap_get_imsi(struct eap_sm *sm)
|
||||||
|
{
|
||||||
|
if (!sm || sm->imsi[0] == '\0')
|
||||||
|
return NULL;
|
||||||
|
return sm->imsi;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
void eap_erp_update_identity(struct eap_sm *sm, const u8 *eap, size_t len)
|
void eap_erp_update_identity(struct eap_sm *sm, const u8 *eap, size_t len)
|
||||||
{
|
{
|
||||||
#ifdef CONFIG_ERP
|
#ifdef CONFIG_ERP
|
||||||
|
@ -796,6 +796,10 @@ static void eap_aka_fullauth(struct eap_sm *sm, struct eap_aka_data *data)
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (data->permanent[0] == EAP_AKA_PERMANENT_PREFIX ||
|
||||||
|
data->permanent[0] == EAP_AKA_PRIME_PERMANENT_PREFIX)
|
||||||
|
os_strlcpy(sm->imsi, &data->permanent[1], sizeof(sm->imsi));
|
||||||
|
|
||||||
#ifdef EAP_SERVER_AKA_PRIME
|
#ifdef EAP_SERVER_AKA_PRIME
|
||||||
if (data->eap_method == EAP_TYPE_AKA_PRIME) {
|
if (data->eap_method == EAP_TYPE_AKA_PRIME) {
|
||||||
/* Note: AUTN = (SQN ^ AK) || AMF || MAC which gives us the
|
/* Note: AUTN = (SQN ^ AK) || AMF || MAC which gives us the
|
||||||
|
@ -535,6 +535,9 @@ skip_id_update:
|
|||||||
goto failed;
|
goto failed;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (data->permanent[0] == EAP_SIM_PERMANENT_PREFIX)
|
||||||
|
os_strlcpy(sm->imsi, &data->permanent[1], sizeof(sm->imsi));
|
||||||
|
|
||||||
identity_len = sm->identity_len;
|
identity_len = sm->identity_len;
|
||||||
while (identity_len > 0 && sm->identity[identity_len - 1] == '\0') {
|
while (identity_len > 0 && sm->identity[identity_len - 1] == '\0') {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-SIM: Workaround - drop last null "
|
wpa_printf(MSG_DEBUG, "EAP-SIM: Workaround - drop last null "
|
||||||
|
Loading…
Reference in New Issue
Block a user