DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
hostapd/src/eap_peer
History
Paul Stewart 9e2afe10e6 EAP-SIM: Don't use anonymous identity in phase2 
The "anonymous_identity" configuration field has more than one
semantic meaning. For tunneled EAP methods, this refers to the
outer EAP identity. For EAP-SIM, this refers to the pseudonym
identity. Also, interestingly, EAP-SIM can overwrite the
"anonymous_identity" field if one is provided to it by the
authenticator.

When EAP-SIM is tunneled within an outer method, it makes sense
to only use this value for the outer method, since it's unlikely
that this will also be valid as an identity for the inner EAP-SIM
method. Also, presumably since the outer method protects the
EAP-SIM transaction, there is no need for a pseudonym in this
usage.

Similarly, if EAP-SIM is being used as an inner method, it must
not push the pseudonym identity using eap_set_anon_id() since it
could overwrite the identity for the outer EAP method.

Signed-off-by: Paul Stewart <pstew@google.com>
2017-02-10 19:48:12 +02:00
..
eap.c EAP peer: Cache decrypted requests for EAP-SIM/AKA/AKA' 2017-02-10 19:48:12 +02:00
eap.h eap_proxy: Add support for SIM state change indication from eap_proxy 2016-12-19 22:21:07 +02:00
eap_aka.c EAP peer: Simplify EAP method registration call 2016-01-13 23:30:25 +02:00
eap_config.h EAP peer: Cache decrypted requests for EAP-SIM/AKA/AKA' 2017-02-10 19:48:12 +02:00
eap_eke.c EAP peer: Simplify EAP method registration call 2016-01-13 23:30:25 +02:00
eap_fast.c EAP peer: Cache decrypted requests for EAP-SIM/AKA/AKA' 2017-02-10 19:48:12 +02:00
eap_fast_pac.c EAP-FAST: Fix an error path in PAC binary format parsing 2016-02-06 00:26:31 +02:00
eap_fast_pac.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
eap_gpsk.c EAP peer: Simplify EAP method registration call 2016-01-13 23:30:25 +02:00
eap_gtc.c EAP peer: Simplify EAP method registration call 2016-01-13 23:30:25 +02:00
eap_i.h EAP peer: External server certificate chain validation 2015-12-12 18:24:27 +02:00
eap_ikev2.c EAP peer: Simplify EAP method registration call 2016-01-13 23:30:25 +02:00
eap_leap.c EAP peer: Simplify EAP method registration call 2016-01-13 23:30:25 +02:00
eap_md5.c EAP peer: Simplify EAP method registration call 2016-01-13 23:30:25 +02:00
eap_methods.c EAP peer: Simplify EAP method registration call 2016-01-13 23:30:25 +02:00
eap_methods.h EAP peer: Simplify EAP method registration call 2016-01-13 23:30:25 +02:00
eap_mschapv2.c EAP peer: Simplify EAP method registration call 2016-01-13 23:30:25 +02:00
eap_otp.c EAP peer: Simplify EAP method registration call 2016-01-13 23:30:25 +02:00
eap_pax.c EAP-PAX: Do not debug print result if eap_pax_mac() fails 2016-05-16 22:25:25 +03:00
eap_peap.c EAP peer: Cache decrypted requests for EAP-SIM/AKA/AKA' 2017-02-10 19:48:12 +02:00
eap_proxy.h eap_proxy: Fix eap_proxy_init() prototype to use const eapol_cb 2016-12-19 22:14:07 +02:00
eap_proxy_dummy.c eap_proxy: Fix eap_proxy_init() prototype to use const eapol_cb 2016-12-19 22:14:07 +02:00
eap_psk.c EAP peer: Simplify EAP method registration call 2016-01-13 23:30:25 +02:00
eap_pwd.c EAP-pwd: Fix Prep in EAP-pwd-ID/Response when EAP_PWD_PREP_MS is used 2016-10-08 19:43:09 +03:00
eap_sake.c EAP-SAKE: Do not debug print result if eap_sake_compute_mic() fails 2016-05-16 22:26:37 +03:00
eap_sim.c EAP-SIM: Don't use anonymous identity in phase2 2017-02-10 19:48:12 +02:00
eap_tls.c EAP peer: Simplify EAP method registration call 2016-01-13 23:30:25 +02:00
eap_tls_common.c TLS: Split tls_connection_prf() into two functions 2016-05-23 20:40:12 +03:00
eap_tls_common.h EAP-TLS/PEAP/TTLS/FAST: Move more towards using struct wpabuf 2015-05-03 16:32:23 +03:00
eap_tnc.c EAP peer: Simplify EAP method registration call 2016-01-13 23:30:25 +02:00
eap_ttls.c EAP peer: Cache decrypted requests for EAP-SIM/AKA/AKA' 2017-02-10 19:48:12 +02:00
eap_vendor_test.c EAP peer: Simplify EAP method registration call 2016-01-13 23:30:25 +02:00
eap_wsc.c EAP peer: Simplify EAP method registration call 2016-01-13 23:30:25 +02:00
ikev2.c EAP-IKEv2 peer: Avoid undefined behavior in pointer arithmetic 2015-10-24 21:43:54 +03:00
ikev2.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
Makefile tests: Add eapol-fuzzer 2015-04-22 11:44:19 +03:00
mschapv2.c EAP-MSCHAPv2: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:48 +03:00
mschapv2.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
tncc.c TNCC: Mark functions static 2016-06-24 01:38:04 +03:00
tncc.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00