[PATCH] Send Client-Error when AT_KDF attributes from the server are incorrect
Jouni Malinen
j at w1.fi
Sun Sep 10 12:50:36 PDT 2017
On Tue, Jul 25, 2017 at 12:25:51PM +0900, Tomoharu Hatano wrote:
> After KDF negotiation, must check only requested change occurred in the
> list of AT_KDF attributes. If there are any other changes, the peer must
> behave like the case that AT_MAC had been incorrect and authentication
> is failed. These are defined in EAP-AKA' specification RFC5448.
>
> Adds a complete check of AT_KDF attributes and sends Client-Error if a
> change which is not requested is included in it.
Thanks, applied.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list