<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style>
</head>
<body class='hmmessage'>
Hi, Jouni Malinen,<BR>
Thank you for your reply.<BR>
Now, I have pass the whole process of eap-aka with hostapd, and the MAC error is because of the error username I filled.<BR>
but I have work around a problem to pass the test. so I have to debug it and need your help. I will explain as following:<BR>
*******************************************************************************<BR>
the first step of send identity to server, but in eap_aka_determine_identity() of hostapd, I used the permanent identity with '0' prefix.<BR>
it would said permanent user name not know, and will send identity request to peer again.<BR>
<FONT color=#ff0000>I found the return value of </FONT><FONT color=#ff0000>eap_sim_db_identity_known() is -1 forever if permanent identity used. </FONT><FONT color=#ff0000>I don't know why?</FONT><BR>
<FONT color=#ff0000>And what the meaning of 'before_identity'? I found the value is set 0 when process identity response from peer again.</FONT><BR>
if (identity == NULL ||<BR> <FONT color=#ff0000>eap_sim_db_identity_known</FONT>(sm->eap_sim_db_priv, sm->identity,<BR> sm->identity_len) < 0) {<BR> if (<FONT color=#ff0000>before_identity</FONT>) {<BR> wpa_printf(MSG_DEBUG, "EAP-AKA: Permanent user name "<BR> "not known - send AKA-Identity request"); <BR> eap_aka_state(data, IDENTITY);<BR> return;<BR> } else {<BR> wpa_printf(MSG_DEBUG, "EAP-AKA: Unknown whether the "<BR> "permanent user name is known; try to use "<BR> "it");<BR> /* eap_sim_db_get_aka_auth() will report failure, if<BR> * this identity is not known. */<BR> }<BR> }<BR>
<BR>
<BR>
Thanks.<BR>
<BR>
Yan<BR> <BR>
<BR>
> Date: Mon, 21 Feb 2011 21:34:36 +0200<BR>> From: j@w1.fi<BR>> To: hostap@lists.shmoo.com<BR>> Subject: Re: About eap-aka test with hostapd<BR>> <BR>> On Thu, Feb 17, 2011 at 09:54:38AM +0000, Ñå ÕÅ wrote:<BR>> <BR>> > 1. the supplicant i used is Xsupplicant, I found that the xsupplicant didn't support with eap-aka in the eap_testing.txt. Is it means the hostapd is not supported to work with xsupplicant for eap-aka?<BR>> <BR>> It means that I have not tested this combination. Though, I would expect<BR>> it to work.<BR>> <BR>> > 2. Now,the parameters filled in the hlr_auc_gw.milenage_db are same as the parameters in Xsupplicant side, Is it right? I found the SQN of milenage_db is increasing.<BR>> <BR>> I do not know how to configure this type of test mode for Xsupplicant.<BR>> <BR>> -- <BR>> Jouni Malinen PGP id EFC895FA<BR>> _______________________________________________<BR>> HostAP mailing list<BR>> HostA
P@lists.shmoo.com<BR>> http://lists.shmoo.com/mailman/listinfo/hostap<BR> </body>
</html>