Hi All,
Hope all of you are having a nice day. This is my first post on this list, so kindly overlook any novice mistakes.
I am facing a problem while working with freeradius. The description of the problem and a probable solution is given below:
Problem Scenario:
I work on a router. I am working on PEAP with default_eap_type=mschapv2. On the router, I am a tunnel exchanging packets with the port on one side and the radius server on the other. rad_decode is used to get the EAP attributes coming from the server, so that they can be sent to the port which is being authenticated.
While invoking rad_decode, the secret is set to NULL. This causes a trap while trying to decode Microsoft specific attributes as dictionary.microsoft says the key should be encrypted.
ATTRIBUTE MS-MPPE-Send-Key 16 octets encrypt=2
ATTRIBUTE MS-MPPE-Recv-Key 17 octets encrypt=2
Resolution:
To resolve this issue, I had to add a NULL ptr check in radius.c, function data2vp.
diff -Naur radius.c.orig radius.c
--- radius.c.orig 2011-05-02 17:19:33.988204676 -0400
+++ radius.c 2011-05-02 17:21:29.528702423 -0400
@@ -2242,7 +2242,7 @@
/*
* Decrypt the attribute.
*/
- switch (vp->flags.encrypt) {
+ switch (vp->flags.encrypt && (NULL != secret)) {
/*
* User-Password
*/
I would highly appreciate your opinions regarding the issue. If this resolution is not acceptable, then kindly let me know alternatives that would be acceptable.
Warm Rgds,
Makarand.
--
NOTICE OF CONFIDENTIALITY:
-------------------------------------------
This e-mail and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return e-mail and delete this e-mail and any copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal.