DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

EAP-AKA': Comment out EAP-AKA' server KDF negotiation

Browse source 
Since only one KDF is currently supported, the negotiation is not
allowed and peer must be rejected if it tries to send KDF selection in a
Challenge message. The negotiation code is left in the file and just
commented out since it was tested to work and can be used in the future
if another KDF is added.
This commit is contained in:
Jouni Malinen 2008-12-04 20:32:56 +02:00
parent 6ec4021c03
commit a49c428a1b
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/eap_server/eap_aka_prime.c
View file

@ -761,6 +761,9 @@ static void eap_aka_process_challenge(struct eap_sm *sm,
wpa_printf(MSG_DEBUG, "EAP-AKA: Processing Challenge");
#if 0
/* KDF negotiation; to be enabled only after more than one KDF is
* supported */
if (data->eap_method == EAP_TYPE_AKA_PRIME &&
attr->kdf_count == 1 && attr->mac == NULL) {
if (attr->kdf[0] != EAP_AKA_PRIME_KDF) {
@ -779,6 +782,7 @@ static void eap_aka_process_challenge(struct eap_sm *sm,
wpa_printf(MSG_DEBUG, "EAP-AKA': KDF %d selected", data->kdf);
return;
}
#endif
if (attr->checkcode &&
eap_aka_verify_checkcode(data, attr->checkcode,