EAP-SIM: Keep pseudonym identity
The pseudonym is a temporary identity, but is no one-time identifier (like the fast re-authentication identity). Thus, do not forget it if the server does not include it in every challenge. There are servers that include the pseudonym identity only at full-auth. [Bug 424]
This commit is contained in:
parent
c8894a3100
commit
a9f40ae720
1 changed files with 5 additions and 5 deletions
|
@ -649,11 +649,11 @@ static struct wpabuf * eap_sim_process_challenge(struct eap_sm *sm,
|
||||||
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
|
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Old reauthentication and pseudonym identities must not be used
|
/* Old reauthentication identity must not be used anymore. In
|
||||||
* anymore. In other words, if no new identities are received, full
|
* other words, if no new reauth identity is received, full
|
||||||
* authentication will be used on next reauthentication. */
|
* authentication will be used on next reauthentication (using
|
||||||
eap_sim_clear_identities(data, CLEAR_PSEUDONYM | CLEAR_REAUTH_ID |
|
* pseudonym identity or permanent identity). */
|
||||||
CLEAR_EAP_ID);
|
eap_sim_clear_identities(data, CLEAR_REAUTH_ID | CLEAR_EAP_ID);
|
||||||
|
|
||||||
if (attr->encr_data) {
|
if (attr->encr_data) {
|
||||||
u8 *decrypted;
|
u8 *decrypted;
|
||||||
|
|
Loading…
Reference in a new issue