Hi,
Ok so I did bisect, and this commit appears to be the problematic one:
177dbabdcef84353768551c0a39d29c566538c06 is the first bad commit commit 177dbabdcef84353768551c0a39d29c566538c06 Author: Alan T. DeKok <aland@freeradius.org> Date: Tue Feb 21 08:57:49 2012 +0100
Try to use identity from SIM protocol, not EAP-Identity
Well, the SIM identity doesn't agree with the EAP-Identity.
The patch went in because Microsoft ran into inter-operability issues. The SIM identity can change during the protocol exchange. The old way of always using the EAP-Identity was wrong. I am not too familiar with that, so it's hard to comment. I can ask the MS EAP team if they want to share more. I guess they tested it working with their own stuff, but never re-tested with other device type. I believe it's another 3GPP/RFC understanding kind of thing.
Might also be helpful to know what the supplicant is here, too?
I tested with an iPhone 3GS device running 5.0.1. I still need some bytes to make it work and test with our Android (get the SRES/Kc from the Micro-SIM). I don't know if others on the list made it work with that patch on. -- Francois Gaudreault, ing. jr fgaudreault@inverse.ca :: +1.514.447.4918 (x130) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org)