Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_wpa_supplicant_8 / 37a3652d1e3e7b7724d7e0a7c68197c396979d97^! / .
commit37a3652d1e3e7b7724d7e0a7c68197c396979d97[log] [tgz]
authorJimmy Chen <jimmycmchen@google.com>Thu Jun 09 22:35:49 2022 +0800
committerJimmy Chen <jimmycmchen@google.com>Thu Jun 09 22:35:49 2022 +0800
tree0e80812da590dc9d901c4cba6a8ad7db672b4cec
parent0fe68957445dae4fc22734d29a12af0a4945c351 [diff]
eap: look for the realm of anonymous identity as well

Some carriers won't ask for real identity at the beginning,
they will use anonymous identity instead,
ex. anonymous@wlan.mncXXX.mccYYY.3gppnetwork.org.
In this case, wpa_supplicant should look for the realm of
anonymous identity to decorate new pseudonym.

Bug: 233283842
Test: verify roaming flow: AP1 -> AP2 -> AP1 -> AP2
Change-Id: I2099bcd5554aed68b36fad1b866541fa441d210a

diff --git a/src/eap_peer/eap_aka.c b/src/eap_peer/eap_aka.c
index 8c475f1..ee7010d 100644
--- a/src/eap_peer/eap_aka.c
+++ b/src/eap_peer/eap_aka.c

@@ -385,6 +385,7 @@
 		size_t identity_len = 0;
 		const u8 *realm = NULL;
 		size_t realm_len = 0;
+		struct eap_peer_config *config = eap_get_config(sm);
 
 		wpa_hexdump_ascii(MSG_DEBUG,
 				  "EAP-AKA: (encr) AT_NEXT_PSEUDONYM",
@@ -400,6 +401,17 @@
 					break;
 			}
 		}
+		// If no realm from the permanent identity, look for the
+		// realm of the anonymous identity.
+		if (realm_len == 0 && config && config->anonymous_identity
+		    && config->anonymous_identity_len > 0) {
+			for (realm = config->anonymous_identity,
+			    realm_len = config->anonymous_identity_len;
+			    realm_len > 0; realm_len--, realm++) {
+				if (*realm == '@')
+					break;
+			}
+		}
 		data->pseudonym = os_malloc(attr->next_pseudonym_len +
 					    realm_len);
 		if (data->pseudonym == NULL) {

diff --git a/src/eap_peer/eap_sim.c b/src/eap_peer/eap_sim.c
index 0986627..de423e8 100644
--- a/src/eap_peer/eap_sim.c
+++ b/src/eap_peer/eap_sim.c

@@ -407,6 +407,7 @@
 		size_t identity_len = 0;
 		const u8 *realm = NULL;
 		size_t realm_len = 0;
+		struct eap_peer_config *config = eap_get_config(sm);
 
 		wpa_hexdump_ascii(MSG_DEBUG,
 				  "EAP-SIM: (encr) AT_NEXT_PSEUDONYM",
@@ -422,6 +423,17 @@
 					break;
 			}
 		}
+		// If no realm from the permanent identity, look for the
+		// realm of the anonymous identity.
+		if (realm_len == 0 && config && config->anonymous_identity
+		    && config->anonymous_identity_len > 0) {
+			for (realm = config->anonymous_identity,
+			    realm_len = config->anonymous_identity_len;
+			    realm_len > 0; realm_len--, realm++) {
+				if (*realm == '@')
+					break;
+			}
+		}
 		data->pseudonym = os_malloc(attr->next_pseudonym_len +
 					    realm_len);
 		if (data->pseudonym == NULL) {