EAP-SIM: Don't use anonymous identity in phase2

The "anonymous_identity" configuration field has more than one
semantic meaning. For tunneled EAP methods, this refers to the
outer EAP identity. For EAP-SIM, this refers to the pseudonym
identity. Also, interestingly, EAP-SIM can overwrite the
"anonymous_identity" field if one is provided to it by the
authenticator.

When EAP-SIM is tunneled within an outer method, it makes sense
to only use this value for the outer method, since it's unlikely
that this will also be valid as an identity for the inner EAP-SIM
method. Also, presumably since the outer method protects the
EAP-SIM transaction, there is no need for a pseudonym in this
usage.

Similarly, if EAP-SIM is being used as an inner method, it must
not push the pseudonym identity using eap_set_anon_id() since it
could overwrite the identity for the outer EAP method.

Signed-off-by: Paul Stewart <pstew@google.com>

diff --git a/src/eap_peer/eap_sim.c b/src/eap_peer/eap_sim.c
index b97c95db196f0c8394013edd8c858476647f6eb6..95ecdf73fe98627d00a9fd3419129339f037f57f 100644 (file)
--- a/src/eap_peer/eap_sim.c
+++ b/src/eap_peer/eap_sim.c
@@ -46,6 +46,7 @@ struct eap_sim_data {
                CONTINUE, RESULT_SUCCESS, SUCCESS, FAILURE
        } state;
        int result_ind, use_result_ind;
+       int use_pseudonym;
 };
 
 
@@ -115,7 +116,8 @@ static void * eap_sim_init(struct eap_sm *sm)
                        NULL;
        }
 
-       if (config && config->anonymous_identity) {
+       data->use_pseudonym = !sm->init_phase2;
+       if (config && config->anonymous_identity && data->use_pseudonym) {
                data->pseudonym = os_malloc(config->anonymous_identity_len);
                if (data->pseudonym) {
                        os_memcpy(data->pseudonym, config->anonymous_identity,
@@ -372,7 +374,8 @@ static void eap_sim_clear_identities(struct eap_sm *sm,
                os_free(data->pseudonym);
                data->pseudonym = NULL;
                data->pseudonym_len = 0;
-               eap_set_anon_id(sm, NULL, 0);
+               if (data->use_pseudonym)
+                       eap_set_anon_id(sm, NULL, 0);
        }
        if ((id & CLEAR_REAUTH_ID) && data->reauth_id) {
                wpa_printf(MSG_DEBUG, "EAP-SIM: forgetting old reauth_id");
@@ -427,7 +430,9 @@ static int eap_sim_learn_ids(struct eap_sm *sm, struct eap_sim_data *data,
                                  realm, realm_len);
                }
                data->pseudonym_len = attr->next_pseudonym_len + realm_len;
-               eap_set_anon_id(sm, data->pseudonym, data->pseudonym_len);
+               if (data->use_pseudonym)
+                       eap_set_anon_id(sm, data->pseudonym,
+                                       data->pseudonym_len);
        }
 
        if (attr->next_reauth_id) {