What is needed to support EAP-AKA with HS20?
Ben Greear
greearb at candelatech.com
Tue Mar 4 13:47:50 EST 2014
On 02/28/2014 12:17 PM, Ben Greear wrote:
> On 02/28/2014 12:02 PM, Jouni Malinen wrote:
>> On Fri, Feb 28, 2014 at 11:08:24AM -0800, Ben Greear wrote:
>>> One of our users is interested in using EAP-AKA with HS20.
>>>
>>> It appears this does not work yet (or did not in a slightly older
>>> version of supplicant).
>>
>> I'm not aware of any such issue.
>
> Ok, I'll look at it closer then..maybe some part of the system
> is just mis-configured.
In case it matters, we are using eap-aka with usim.
I instrumented the code, and it fails the eap->method test
(method is 23).
static int nai_realm_cred_username(struct nai_realm_eap *eap, struct wpa_supplicant *wpa_s)
{
if (eap_get_name(EAP_VENDOR_IETF, eap->method) == NULL) {
wpa_msg(wpa_s, MSG_DEBUG,
"nai-realm-cred-username: EAP method not supported: %d",
eap->method);
return 0; /* method not supported */
}
if (eap->method != EAP_TYPE_TTLS && eap->method != EAP_TYPE_PEAP &&
eap->method != EAP_TYPE_FAST) {
/* Only tunneled methods with username/password supported */
wpa_msg(wpa_s, MSG_DEBUG,
"nai-realm-cred-username: Method: %d is not TTLS, PEAP or FAST.",
eap->method);
return 0;
}
Any idea what needs to be done to get this working?
Thanks,
Ben
--
Ben Greear <greearb at candelatech.com>
Candela Technologies Inc http://www.candelatech.com
More information about the HostAP
mailing list