EAP-SIM peer: Remove AT_NOTIFICATION from Notification response

This attribute is not supposed to be used in the response frame (i.e.,
it is only in the EAP-Request/SIM-Notification frame) per RFC 4186
chapters 10.1 and 9.9. This is a minor bug since the server is required
to ignore the contents of the EAP-Response/SIM-Notification during
protected result indication per chapter 6.2.

EAP-AKA peer was already following the similar specification in RFC 4187,
but this was somehow missed in the EAP-SIM peer implementation.

diff --git a/src/eap_peer/eap_sim.c b/src/eap_peer/eap_sim.c
index a7e49f8..5e30d1f 100644 (file)
--- a/src/eap_peer/eap_sim.c
+++ b/src/eap_peer/eap_sim.c
@@ -468,8 +468,6 @@ static struct wpabuf * eap_sim_response_notification(struct eap_sim_data *data,
        wpa_printf(MSG_DEBUG, "Generating EAP-SIM Notification (id=%d)", id);
        msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id,
                               EAP_TYPE_SIM, EAP_SIM_SUBTYPE_NOTIFICATION);
-       wpa_printf(MSG_DEBUG, "   AT_NOTIFICATION");
-       eap_sim_msg_add(msg, EAP_SIM_AT_NOTIFICATION, notification, NULL, 0);
        if (k_aut && data->reauth) {
                wpa_printf(MSG_DEBUG, "   AT_IV");
                wpa_printf(MSG_DEBUG, "   AT_ENCR_DATA");