different user names for the same session

Jouni Malinen j at w1.fi
Thu Nov 13 12:14:33 EST 2008


On Thu, Nov 13, 2008 at 06:05:12PM +0100, Dajul Goa wrote:

> Hello, I've setup hostapd 0.5.10-1(with bridge) + freeradius 2.1.1(with mysql). Everything works fine except one thing: when windows(vista sp1) users turn their machine off, the user name of the session is changed from user ("goa" in my debug log) into his machine name ("host/filteria"). If users disconnect manually from AP, it works fine.

Windows is apparently doing machine authentication when this happen. If
the client does not re-associate, hostapd will continue using the same
accounting session for the connection with the identity of the user
changed to match the latest authentication.

> hostapd -ddt /etc/hostapd/hostapd.conf: (stripped because 25k limit)

Could you please send me a more complete debug log and please also make
sure you have set logger_stdout=-1 and logger_stdout_level=1 in
hostapd.conf to get couple of additional debugging statements. I would
like to make sure whether the client sent an EAPOL-Logoff frame before
changing its identity. Feel free to send this directly to me (j at w1.fi)
if the file size goes beyond the mailing list limit.


> 1226549045.311821: wlan0: STA 00:60:b3:fe:3e:57 IEEE 802.1X: old identity 'goa' updated with User-Name from Access-Accept 'goa'

This is where the user identity was used for the last time (in the end
of first authentication).

> 1226549709.251477: wlan0: STA 00:60:b3:fe:3e:57 IEEE 802.1X: received EAPOL-Start from STA

Here the client (Supplicant) requested new authentication; no
EAPOL-Logoff for the previous session was shown in the log.

> 1226549709.255657: wlan0: STA 00:60:b3:fe:3e:57 IEEE 802.1X: STA identity 'host/filteria'

And the supplicant used the machine identity this time. However, since
there was no re-association or EAPOL-Logoff for the previous session,
this is still consider to be part of the previous session by hostapd.

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list