Free Radius problem with sending large certificate chains, usingEAP-TLS

Smith, Brian (ESEA IS&A) brian.smith at honeywell.com
Mon Feb 23 19:39:51 CET 2009 

Hi Alan,
Thanks for the great reply.  It makes perfect sense to me.  Just be
clear, FreeRadius will support a certificate/chain length up to the TLS
record limit of 16384 bytes (minus some overhead).  And, you don't know
of anyone that has every tried to test beyond this, which tells me in
practice, it's not done....  Also, you point out that very likely AP's
and STA' might not support multiple records, though the RFC says they
should.  Also telling me, this is not normally done.

Two quick questions for you.  

	-  What do you think the market penetration of FreeRadius (or
commercial clones) to authenticate wireless WPA2 clients is, verses
commercial products?
	- Do you know of any other Radius Server that does support
multiple TLS records for a single message?
	- What is the largest certificate chain you have seen used with
FreeRadius?

Thanks Again!
 
Brian Smith
Ph. 602-436-6691
Honeywell

-----Original Message-----
From:
freeradius-users-bounces+brian.smith=honeywell.com at lists.freeradius.org
[mailto:freeradius-users-bounces+brian.smith=honeywell.com at lists.freerad
ius.org] On Behalf Of Alan DeKok
Sent: Saturday, February 21, 2009 1:37 AM
To: FreeRadius users mailing list
Subject: Re: Free Radius problem with sending large certificate chains,
usingEAP-TLS

Smith, Brian (ESEA IS&A) wrote:
> We are running freeradius, version 1.1.7, on Fedora.  We are testing
> WPA2/EAP-TLS authentication, with large certificate chains (just under
> 64K in PEM format). 

  Ouch... that's big.

> Some individual cert sizes in the chain approach
> 10K in DER format.  If the chain is small enough to fit in a single
TLS
> message, authentication works fine.  But is the chain is greater than
> 16,384 bytes, eap-tls fails.  Looking at a packet trace, freeradius
does
> not send a message above 16.438 bytes.  Instead of breaking it up into
> different records, it attempts to send it in one TLS record, with
> fragments that are too large. 

  Hmm... OK.

> Per RFC's 2716 and 5216, it seems freeradius should brake a single TLS
> message (larger than one 16,384 byte record can support) into multiple
> TLS records. 

  It's supposed to.  It doesn't, however.

> We could not find anything on this problem in the FAQ or user lists.
>  Can someone tell us what we are doing wrong, or is this a bug which
> hasn't been reports, since this large cert chain is rare?  We will
> update to the latest freeradius release.

  I think that this is the first time someone ran into this problem.

  The other issue is that 64k certificate chains may cause other
problems.  Both supplicants && access points have EAP packet counters.
Aftert 30-50 packets in one EAP session, they simply drop the session as
"taking too long".

  i.e. You might get FreeRADIUS to support 64K certificate chains, and
then discover that none of the access points or PC's can support it.

  I don't think it's too hard to fix this, it just requires some
additional code to deal with messages greater than 16K.  Right now, all
of the internal code assumes that the maximum message size is one TLS
fragment.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list