EAP-SIM on 2.2.0
Francois Gaudreault
fgaudreault at inverse.ca
Thu Sep 13 14:38:34 CEST 2012
Hi,
>>> Ok so I did bisect, and this commit appears to be the problematic one:
>>>
>>> 177dbabdcef84353768551c0a39d29c566538c06 is the first bad commit
>>> commit 177dbabdcef84353768551c0a39d29c566538c06
>>> Author: Alan T. DeKok <aland at freeradius.org>
>>> Date: Tue Feb 21 08:57:49 2012 +0100
>>>
>>> Try to use identity from SIM protocol, not EAP-Identity
>>
>> Well, the SIM identity doesn't agree with the EAP-Identity.
>>
>> The patch went in because Microsoft ran into inter-operability issues.
>> The SIM identity can change during the protocol exchange. The old way
>> of always using the EAP-Identity was wrong.
I am not too familiar with that, so it's hard to comment. I can ask the
MS EAP team if they want to share more. I guess they tested it working
with their own stuff, but never re-tested with other device type. I
believe it's another 3GPP/RFC understanding kind of thing.
>
> Might also be helpful to know what the supplicant is here, too?
I tested with an iPhone 3GS device running 5.0.1. I still need some
bytes to make it work and test with our Android (get the SRES/Kc from
the Micro-SIM).
I don't know if others on the list made it work with that patch on.
--
Francois Gaudreault, ing. jr
fgaudreault at inverse.ca :: +1.514.447.4918 (x130) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
More information about the Freeradius-Users
mailing list