hostapd mixing EAP ids

Ahmet Basagalar ahmet at thebluezone.com
Tue Oct 18 17:44:24 EDT 2005


Hi,

We have recently upgraded to hostapd ver. 3.9 from ver 2.6. But there seems
to be a bug regarding Radius authentication. Randomly some of our users can
not authenticate although they are valid. When I check radius logs I see the
following message:

Either EAP-request timed out OR EAP-response to an unknown EAP-request

I did a packet capture to see the communication between radius server and
hostapd and seems like hostapd is mixing up EAP ids and this confuses RADIUS
server and causes a reject.

Below is a sample packet capture showing the problem.

Everything is normal up to Frame 65 where RADIUS sends MD5 challenge, but
hostapd again responds with a identity instead of challenge response, so
RADIUS sends another challenge for this new identity, then probably hostapd
responds to this challenge with the old EAP id I believe.

I will try to look into the code, but if somebody resolved this before, that
will be helpful. This happens randomly as I mentioned before.

Thanks,
Ahmet

Packet Capture
-------------------------------------------
Frame 63 (220 bytes on wire, 220 bytes captured)
Linux cooked capture
Internet Protocol, Src Addr: 62.12.37.95 (62.12.37.95), Dst Addr:
61.107.119.129 (61.107.119.129)
User Datagram Protocol, Src Port: 32771 (32771), Dst Port: radius (1812)
Radius Protocol
    Code: Access Request (1)
    Packet identifier: 0x6b (107)
    Length: 176
    Authenticator: 0xAFF10C9DD82E5820D891B90112FE7CFD
    Attribute value pairs
        t:User Name(1) l:9, Value:"metzler"
        t:NAS IP Address(4) l:6, Value:62.12.37.95
        t:NAS identifier(32) l:15, Value:"some_nas"
        t:NAS Port(5) l:6, Value:40
        t:Called Station Id(30) l:33, Value:"00-02-6F-07-C3-45:some_nas"
        t:Calling Station Id(31) l:19, Value:"00-02-6F-07-7E-2E"
        t:Framed MTU(12) l:6, Value:1400
        t:NAS Port Type(61) l:6, Value:Wireless IEEE 802.11(19)
        t:Connect Info(77) l:24, Value:"CONNECT 11Mbps 802.11b"
        t:EAP Message(79) l:14
            Extensible Authentication Protocol
                Code: Response (2)
                Id: 138
                Length: 12
                Type: Identity [RFC3748] (1)
                Identity (7 bytes): metzler
        t:Message Authenticator(80) l:18,
Value:779B20E889DC807CE9A785564DA2C5F3

Frame 65 (323 bytes on wire, 323 bytes captured)
Linux cooked capture
Internet Protocol, Src Addr: 61.107.119.129 (61.107.119.129), Dst Addr:
62.12.37.95 (62.12.37.95)
User Datagram Protocol, Src Port: radius (1812), Dst Port: 32771 (32771)
Radius Protocol
    Code: Access challenge (11)
    Packet identifier: 0x6b (107)
    Length: 279
    Authenticator: 0x8EFC0EFB6EE6EBD7853C406FEAF2FDB6
    Attribute value pairs
        t:Vendor Specific(26) l:193, Vendor:Cisco(9)
        t:Acct Interim Interval(85) l:6, Value:1800
        t:EAP Message(79) l:24
            Extensible Authentication Protocol
                Code: Request (1)
                Id: 139
                Length: 22
                Type: MD5-Challenge [RFC3748] (4)
                Value-Size: 16
                Value: 00B5754047F66F1FEB8046FE9F1CB303
        t:Message Authenticator(80) l:18,
Value:C4834492B327FD1B3F33422135F9395D
        t:State(24) l:18, Value:190F2E2DF8FA36E59535A0B853F4ED5E

Frame 66 (238 bytes on wire, 238 bytes captured)
Linux cooked capture
Internet Protocol, Src Addr: 62.12.37.95 (62.12.37.95), Dst Addr:
61.107.119.129 (61.107.119.129)
User Datagram Protocol, Src Port: 32771 (32771), Dst Port: radius (1812)
Radius Protocol
    Code: Access Request (1)
    Packet identifier: 0x6d (109)
    Length: 194
    Authenticator: 0x21FEB636DEAD236CD292F840409AFB7D
    Attribute value pairs
        t:User Name(1) l:9, Value:"metzler"
        t:NAS IP Address(4) l:6, Value:62.12.37.95
        t:NAS identifier(32) l:15, Value:"some_nas"
        t:NAS Port(5) l:6, Value:40
        t:Called Station Id(30) l:33, Value:"00-02-6F-07-C3-45:some_nas"
        t:Calling Station Id(31) l:19, Value:"00-02-6F-07-7E-2E"
        t:Framed MTU(12) l:6, Value:1400
        t:NAS Port Type(61) l:6, Value:Wireless IEEE 802.11(19)
        t:Connect Info(77) l:24, Value:"CONNECT 11Mbps 802.11b"
        t:EAP Message(79) l:14
            Extensible Authentication Protocol
                Code: Response (2)
                Id: 139
                Length: 12
                Type: Identity [RFC3748] (1)
                Identity (7 bytes): metzler
        t:State(24) l:18, Value:190F2E2DF8FA36E59535A0B853F4ED5E
        t:Message Authenticator(80) l:18,
Value:6E1AB597A228D65BBA27D0B0535EA45B

Frame 69 (323 bytes on wire, 323 bytes captured)
Linux cooked capture
Internet Protocol, Src Addr: 61.107.119.129 (61.107.119.129), Dst Addr:
62.12.37.95 (62.12.37.95)
User Datagram Protocol, Src Port: radius (1812), Dst Port: 32771 (32771)
Radius Protocol
    Code: Access challenge (11)
    Packet identifier: 0x6d (109)
    Length: 279
    Authenticator: 0xB65E5719D35053C0189D18DF67A60183
    Attribute value pairs
        t:Vendor Specific(26) l:193, Vendor:Cisco(9)
        t:Acct Interim Interval(85) l:6, Value:1800
        t:EAP Message(79) l:24
            Extensible Authentication Protocol
                Code: Request (1)
                Id: 140
                Length: 22
                Type: MD5-Challenge [RFC3748] (4)
                Value-Size: 16
                Value: ACBC9E2DF2140A42E986511C899D3D12
        t:Message Authenticator(80) l:18,
Value:C58FD6905CF891777D29E251FE93E80B
        t:State(24) l:18, Value:8F403AADDCF9C9CA88B32A87589BEE54

Frame 70 (248 bytes on wire, 248 bytes captured)
Linux cooked capture
Internet Protocol, Src Addr: 62.12.37.95 (62.12.37.95), Dst Addr:
61.107.119.129 (61.107.119.129)
User Datagram Protocol, Src Port: 32771 (32771), Dst Port: radius (1812)
Radius Protocol
    Code: Access Request (1)
    Packet identifier: 0x6f (111)
    Length: 204
    Authenticator: 0xE889CB8BDEAAAC447E9471EC44DCBB80
    Attribute value pairs
        t:User Name(1) l:9, Value:"metzler"
        t:NAS IP Address(4) l:6, Value:62.12.37.95
        t:NAS identifier(32) l:15, Value:"some_nas"
        t:NAS Port(5) l:6, Value:40
        t:Called Station Id(30) l:33, Value:"00-02-6F-07-C3-45:some_nas"
        t:Calling Station Id(31) l:19, Value:"00-02-6F-07-7E-2E"
        t:Framed MTU(12) l:6, Value:1400
        t:NAS Port Type(61) l:6, Value:Wireless IEEE 802.11(19)
        t:Connect Info(77) l:24, Value:"CONNECT 11Mbps 802.11b"
        t:EAP Message(79) l:24
            Extensible Authentication Protocol
                Code: Response (2)
                Id: 139
                Length: 22
                Type: MD5-Challenge [RFC3748] (4)
                Value-Size: 16
                Value: 059DD3270C74D9097277BE0EE5145F5F
        t:State(24) l:18, Value:8F403AADDCF9C9CA88B32A87589BEE54
        t:Message Authenticator(80) l:18,
Value:1636B50009207281FE441CAF659990F3

Frame 73 (257 bytes on wire, 257 bytes captured)
Linux cooked capture
Internet Protocol, Src Addr: 61.107.119.129 (61.107.119.129), Dst Addr:
62.12.37.95 (62.12.37.95)
User Datagram Protocol, Src Port: radius (1812), Dst Port: 32771 (32771)
Radius Protocol
    Code: Access Reject (3)
    Packet identifier: 0x6f (111)
    Length: 213
    Authenticator: 0x09D75A74F1ECF6294F1429EC1F80BF96
    Attribute value pairs
        t:Vendor Specific(26) l:193, Vendor:Cisco(9)




More information about the HostAP mailing list