RADIUS + EAP AVP Structure

Eliot, Wireless and Server Administrator, Great Lakes Internet support8 at greatlakes.net
Tue Nov 29 19:04:59 EST 2005

I am trying to write an IAS extension DLL, but I'm having trouble
figuring out the EAP stuff that I need to do. I thought someone on this
list might be able to help me.

When an EAP attribute (79) is specified in a RADIUS Access-Challenge,
what is the structure of the value?

What I know is that it is basically a pointer to some data structure
(I'm assuming some EAP data structure). I have seen about 5 different
structures in the Microsoft documentation and I'm not sure which one is
used in the RADIUS attribute or how to tell what is being used. Is it
this one:

1 bit mandatory flag
1 bit reserved flag
14 bit type
16 bit length
Followed by data

Or, is it an array of these where the next one starts after <length>
bytes of data have been read, or is it something else entirely?

And, does the type field I listed in this packet layout correspond to
the same type field that you would set to a value of 8 to specify an
EAP-TLV URI attribute? 

Is this information encrypted in some way and needs to be decrypted
first, or should I be able to read it if I can read the username,
password, and other RADIUS attributes?

Also, if I test the RADIUS attributes, there are two types that interest
me. One type is what FreeRADIUS terms "EAP-Message" and that is type ID
79. The other type is what Microsoft calls ratEAPTLV, which I'm not
certain what the number is for that one. Are these two different RADIUS
attributes, or does a TLV go in an "EAP-Message" attribute as the value?

Anyway, I thought maybe the authors of WPA Supplicant or people who
contribute might be able to answer my questions for me. 

Thanks in advance for any help. 

Eliot Gable
Certified Wireless Network Administrator (CWNA)
Certified Wireless Security Professional (CWSP)
Cisco Certified Network Associate (CCNA)
CompTIA Security+ Certified
CompTIA Network+ Certified
Network and Systems Administrator
Great Lakes Internet, Inc.
112 North Howard
Croswell, MI 48422
(810) 679-3395
(877) 558-8324
Now offering Broadband Wireless Internet access in Croswell, Lexington,
Brown City, Yale, and Sandusky. Call for details.

More information about the HostAP mailing list