diff --git a/src/eap_server/eap.h b/src/eap_server/eap.h index 4fbc661c2..45e1212cf 100644 --- a/src/eap_server/eap.h +++ b/src/eap_server/eap.h @@ -153,6 +153,8 @@ void eap_sm_pending_cb(struct eap_sm *sm); int eap_sm_method_pending(struct eap_sm *sm); const u8 * eap_get_identity(struct eap_sm *sm, size_t *len); const char * eap_get_serial_num(struct eap_sm *sm); +const char * eap_get_method(struct eap_sm *sm); +const char * eap_get_imsi(struct eap_sm *sm); struct eap_eapol_interface * eap_get_interface(struct eap_sm *sm); void eap_server_clear_identity(struct eap_sm *sm); void eap_server_mschap_rx_callback(struct eap_sm *sm, const char *source, diff --git a/src/eap_server/eap_i.h b/src/eap_server/eap_i.h index cf8a9f0d9..1cade10be 100644 --- a/src/eap_server/eap_i.h +++ b/src/eap_server/eap_i.h @@ -160,6 +160,7 @@ struct eap_sm { u8 *identity; size_t identity_len; char *serial_num; + char imsi[20]; /* Whether Phase 2 method should validate identity match */ int require_identity_match; int lastId; /* Identifier used in the last EAP-Packet */ diff --git a/src/eap_server/eap_server.c b/src/eap_server/eap_server.c index 38a1b5c9e..b33f6324e 100644 --- a/src/eap_server/eap_server.c +++ b/src/eap_server/eap_server.c @@ -2003,6 +2003,32 @@ const char * eap_get_serial_num(struct eap_sm *sm) } +/** + * eap_get_method - Get the used EAP method + * @sm: Pointer to EAP state machine allocated with eap_server_sm_init() + * Returns: Pointer to the method name or %NULL if not available + */ +const char * eap_get_method(struct eap_sm *sm) +{ + if (!sm || !sm->m) + return NULL; + return sm->m->name; +} + + +/** + * eap_get_imsi - Get IMSI of the user + * @sm: Pointer to EAP state machine allocated with eap_server_sm_init() + * Returns: Pointer to IMSI or %NULL if not available + */ +const char * eap_get_imsi(struct eap_sm *sm) +{ + if (!sm || sm->imsi[0] == '\0') + return NULL; + return sm->imsi; +} + + void eap_erp_update_identity(struct eap_sm *sm, const u8 *eap, size_t len) { #ifdef CONFIG_ERP diff --git a/src/eap_server/eap_server_aka.c b/src/eap_server/eap_server_aka.c index 175021163..1bea706d4 100644 --- a/src/eap_server/eap_server_aka.c +++ b/src/eap_server/eap_server_aka.c @@ -796,6 +796,10 @@ static void eap_aka_fullauth(struct eap_sm *sm, struct eap_aka_data *data) return; } + if (data->permanent[0] == EAP_AKA_PERMANENT_PREFIX || + data->permanent[0] == EAP_AKA_PRIME_PERMANENT_PREFIX) + os_strlcpy(sm->imsi, &data->permanent[1], sizeof(sm->imsi)); + #ifdef EAP_SERVER_AKA_PRIME if (data->eap_method == EAP_TYPE_AKA_PRIME) { /* Note: AUTN = (SQN ^ AK) || AMF || MAC which gives us the diff --git a/src/eap_server/eap_server_sim.c b/src/eap_server/eap_server_sim.c index 10637d4c6..128782735 100644 --- a/src/eap_server/eap_server_sim.c +++ b/src/eap_server/eap_server_sim.c @@ -535,6 +535,9 @@ skip_id_update: goto failed; } + if (data->permanent[0] == EAP_SIM_PERMANENT_PREFIX) + os_strlcpy(sm->imsi, &data->permanent[1], sizeof(sm->imsi)); + identity_len = sm->identity_len; while (identity_len > 0 && sm->identity[identity_len - 1] == '\0') { wpa_printf(MSG_DEBUG, "EAP-SIM: Workaround - drop last null "