EAP-SIM/AKA: fixed initialization to verify PIN even if identity is set

Previously, hardcoded identity in the network configuration skipped both
IMSI reading and PIN verification. This broke cases where PIN is needed for
GSM/UMTS authentication. Now, only IMSI reading is skipped if identity is
hardcoded.
This commit is contained in:
Jouni Malinen 2008-11-07 20:09:44 +02:00 committed by Jouni Malinen
parent 04a5bad682
commit 6982784e20

View file

@ -906,8 +906,8 @@ static int eap_sm_imsi_identity(struct eap_sm *sm,
#endif /* PCSC_FUNCS */ #endif /* PCSC_FUNCS */
static int eap_sm_get_scard_identity(struct eap_sm *sm, static int eap_sm_set_scard_pin(struct eap_sm *sm,
struct eap_peer_config *conf) struct eap_peer_config *conf)
{ {
#ifdef PCSC_FUNCS #ifdef PCSC_FUNCS
if (scard_set_pin(sm->scard_ctx, conf->pin)) { if (scard_set_pin(sm->scard_ctx, conf->pin)) {
@ -922,6 +922,18 @@ static int eap_sm_get_scard_identity(struct eap_sm *sm,
eap_sm_request_pin(sm); eap_sm_request_pin(sm);
return -1; return -1;
} }
return 0;
#else /* PCSC_FUNCS */
return -1;
#endif /* PCSC_FUNCS */
}
static int eap_sm_get_scard_identity(struct eap_sm *sm,
struct eap_peer_config *conf)
{
#ifdef PCSC_FUNCS
if (eap_sm_set_scard_pin(sm, conf))
return -1;
return eap_sm_imsi_identity(sm, conf); return eap_sm_imsi_identity(sm, conf);
#else /* PCSC_FUNCS */ #else /* PCSC_FUNCS */
@ -985,6 +997,9 @@ struct wpabuf * eap_sm_buildIdentity(struct eap_sm *sm, int id, int encrypted)
eap_sm_request_identity(sm); eap_sm_request_identity(sm);
return NULL; return NULL;
} }
} else if (config->pcsc) {
if (eap_sm_set_scard_pin(sm, config) < 0)
return NULL;
} }
resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_IDENTITY, identity_len, resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_IDENTITY, identity_len,