EAP-SIM peer: Send AT_IDENTITY first

For EAP-SIM connections, reorder the order of the attributes in EAP-Response/SIM/Start message: Send AT_IDENTITY first, then AT_NONCE and AT_VERSION instead of AT_IDENTITY last. Even though there is no order requirements in the RFC, some implementations expect the order of the attributes to be exactly as described in the RFC figures. Peer Authenticator | | | +------------------------------+ | | Server does not have a | | | Subscriber identity available| | | When starting EAP-SIM | | +------------------------------+ | | | EAP-Request/SIM/Start | | (AT_ANY_ID_REQ, AT_VERSION_LIST) | |<------------------------------------------------| | | | | | EAP-Response/SIM/Start | | (AT_IDENTITY, AT_NONCE_MT, | | AT_SELECTED_VERSION) | |------------------------------------------------>| | | Signed-off-by: Hai Shalom <haishalom@google.com>
4 years ago · 5e779873ed
parent 0577e8e679
commit 5e779873ed
1 changed files with 6 additions and 7 deletions
--- a/src/eap_peer/eap_sim.c
+++ b/src/eap_peer/eap_sim.c
@ -520,6 +520,12 @@ static struct wpabuf * eap_sim_response_start(struct eap_sm *sm,
 	wpa_printf(MSG_DEBUG, "Generating EAP-SIM Start (id=%d)", id);
 	msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id,
 			       EAP_TYPE_SIM, EAP_SIM_SUBTYPE_START);
+	if (identity) {
+		wpa_hexdump_ascii(MSG_DEBUG, "   AT_IDENTITY",
+				  identity, identity_len);
+		eap_sim_msg_add(msg, EAP_SIM_AT_IDENTITY, identity_len,
+				identity, identity_len);
+	}
 	if (!data->reauth) {
 		wpa_hexdump(MSG_DEBUG, "   AT_NONCE_MT",
 			    data->nonce_mt, EAP_SIM_NONCE_MT_LEN);
@ -531,13 +537,6 @@ static struct wpabuf * eap_sim_response_start(struct eap_sm *sm,
 				data->selected_version, NULL, 0);
 	}

-	if (identity) {
-		wpa_hexdump_ascii(MSG_DEBUG, "   AT_IDENTITY",
-				  identity, identity_len);
-		eap_sim_msg_add(msg, EAP_SIM_AT_IDENTITY, identity_len,
-				identity, identity_len);
-	}
-
 	resp = eap_sim_msg_finish(msg, EAP_TYPE_SIM, NULL, NULL, 0);
 	if (resp)
 		eap_sim_state(data, START_DONE);