[RFC][PATCH 0/5] wpa_supplicant: Support realms according to 3GPP TS 23.003

Dan Williams dcbw at redhat.com
Wed Jan 4 13:25:22 EST 2012


On Tue, 2012-01-03 at 00:29 +0100, Simon Baatz wrote:
> Hi,
> 
> here is a set of proposed patches to derive the realm from the IMSI
> according to 3GPP TS 23.003 for EAP-SIM and EAP-AKA in wpa_supplicant as
> recommended by the respective RFCs.
> 
> Patches 1/5 and 2/5 are improvements with respect to pseudonym handling. RFC
> 4186 states in section 4.2.1.9:
> 
>   When using a pseudonym username in an environment where a realm
>   portion is used, the peer concatenates the received pseudonym
>   username with the "@" character and an NAI realm portion.
> 
> (The same applies to EAP-AKA.) Thus, if the permanent identity includes a
> realm, this realm should be appended to the received pseudonyms as well.
> 
> Patch 3/5 adds a function to read the MNC length from the EF-AD file on the
> SIM/USIM.  I could only test this with one SIM/USIM card, which has an MNC
> length of two.  If possible, this should be tested with other cards as well,
> but I don't have the means to do this.
> 
> Patch 4/5 adds the config item to enable the feature and 5/5 adds the actual
> derivation of the realm from the IMSI.

Does the user or sysadmin just have to know that the realm is required?
Or can this be determined automatically?

Dan




More information about the HostAP mailing list