Possible EAP bugs

Matthew Caron Matt.Caron at sixnet.com
Fri Oct 1 08:28:00 EDT 2010


Hello list,

I'm a bit new to hostapd/EAP/802.1X/etc. to please bear with me. I'm 
asking the list because I'm not certain if these are *actually* bugs or 
of I'm wrong. If these are bug, I'm happy to add them, and I have patches.

Most of what I'm speaking about here is in eap_server.c.

This is in a passthrough configuration (authenticator using a separate 
RADIUS server)

(1) I believe that the identity is not being correctly cleared.

Firstly, if you successfully authenticate, but then reject the 
certificate, then attempt to reauthenticate, you go into the INITIALIZE 
state, sm->currentId is set to -1 (NONE), but sm->identity is left 
alone. When getDecision then fires, it leads to a bad decision in a 
PASSTHROUGH case, where it should CONTINUE (send an identity request 
packet, etc.) rather than just drop to INITIALIZE_PASSTHROUGH. If it 
goes to INITIALIZE_PASSTHROUGH, since currentId is NONE (because that 
WAS cleared in INITIALIZE), it then goes to AAA_IDLE, but will never get 
a response from the AAA sever, because it never saw a packet.

Secondly, if you fail authentication, the same thing happens. You try to 
reauthenticate, hit INITIALIZE, sm->currentId is cleared but 
sm->identity is left alone, and so you never ask for credentials.

Proposed fix: Clear sm->identity along with sm->currentId in INITIALIZE

(2) Given the above, you can never get out of AAA_IDLE, because 
aaaTimeout is never set.

I presume this is a "to be implemented", correct? As in, we need to add 
a configuration parameter for timeout values talking to the AAA server, 
etc.?

-- 
Matthew Caron
Build Engineer
Sixnet | www.sixnet.com
O +1 518 877 5173 Ext. 138
F +1 518 602 9209
matt.caron at sixnet.com


More information about the HostAP mailing list