|
|
@@ -235,21 +235,20 @@ static int eap_aka_umts_auth(struct eap_sm *sm, struct eap_aka_data *data)
|
|
|
|
|
|
static void eap_aka_clear_identities(struct eap_aka_data *data, int id)
|
|
|
{
|
|
|
- wpa_printf(MSG_DEBUG, "EAP-AKA: forgetting old%s%s%s",
|
|
|
- id & CLEAR_PSEUDONYM ? " pseudonym" : "",
|
|
|
- id & CLEAR_REAUTH_ID ? " reauth_id" : "",
|
|
|
- id & CLEAR_EAP_ID ? " eap_id" : "");
|
|
|
if (id & CLEAR_PSEUDONYM) {
|
|
|
+ wpa_printf(MSG_DEBUG, "EAP-AKA: forgetting old pseudonym");
|
|
|
os_free(data->pseudonym);
|
|
|
data->pseudonym = NULL;
|
|
|
data->pseudonym_len = 0;
|
|
|
}
|
|
|
if (id & CLEAR_REAUTH_ID) {
|
|
|
+ wpa_printf(MSG_DEBUG, "EAP-AKA: forgetting old reauth_id");
|
|
|
os_free(data->reauth_id);
|
|
|
data->reauth_id = NULL;
|
|
|
data->reauth_id_len = 0;
|
|
|
}
|
|
|
if (id & CLEAR_EAP_ID) {
|
|
|
+ wpa_printf(MSG_DEBUG, "EAP-AKA: forgetting old eap_id");
|
|
|
os_free(data->last_eap_identity);
|
|
|
data->last_eap_identity = NULL;
|
|
|
data->last_eap_identity_len = 0;
|
|
|
@@ -880,11 +879,11 @@ static struct wpabuf * eap_aka_process_challenge(struct eap_sm *sm,
|
|
|
EAP_AKA_UNABLE_TO_PROCESS_PACKET);
|
|
|
}
|
|
|
|
|
|
- /* Old reauthentication and pseudonym identities must not be used
|
|
|
- * anymore. In other words, if no new identities are received, full
|
|
|
- * authentication will be used on next reauthentication. */
|
|
|
- eap_aka_clear_identities(data, CLEAR_PSEUDONYM | CLEAR_REAUTH_ID |
|
|
|
- CLEAR_EAP_ID);
|
|
|
+ /* Old reauthentication identity must not be used anymore. In
|
|
|
+ * other words, if no new identities are received, full
|
|
|
+ * authentication will be used on next reauthentication (using
|
|
|
+ * pseudonym identity or permanent identity). */
|
|
|
+ eap_aka_clear_identities(data, CLEAR_REAUTH_ID | CLEAR_EAP_ID);
|
|
|
|
|
|
if (attr->encr_data) {
|
|
|
u8 *decrypted;
|
Jouni Malinen