EAP-SIM: Keep pseudonym identity

The pseudonym is a temporary identity, but is no one-time identifier (like
the fast re-authentication identity). Thus, do not forget it if the server
does not include it in every challenge. There are servers that include the
pseudonym identity only at full-auth. [Bug 424]
This commit is contained in:
Simon Baatz 2011-12-04 17:15:16 +02:00 committed by Jouni Malinen
parent c8894a3100
commit a9f40ae720

View file

@ -649,11 +649,11 @@ static struct wpabuf * eap_sim_process_challenge(struct eap_sm *sm,
EAP_SIM_UNABLE_TO_PROCESS_PACKET); EAP_SIM_UNABLE_TO_PROCESS_PACKET);
} }
/* Old reauthentication and pseudonym identities must not be used /* Old reauthentication identity must not be used anymore. In
* anymore. In other words, if no new identities are received, full * other words, if no new reauth identity is received, full
* authentication will be used on next reauthentication. */ * authentication will be used on next reauthentication (using
eap_sim_clear_identities(data, CLEAR_PSEUDONYM | CLEAR_REAUTH_ID | * pseudonym identity or permanent identity). */
CLEAR_EAP_ID); eap_sim_clear_identities(data, CLEAR_REAUTH_ID | CLEAR_EAP_ID);
if (attr->encr_data) { if (attr->encr_data) {
u8 *decrypted; u8 *decrypted;