How to send Permanent ID request in EAP-SIM method?
lambertdev
lambertdev at gmail.com
Tue Sep 6 16:41:11 CEST 2011
Hello,
As we know,EAP-SIM specifacation defines three kinds of identity.But
when I read the source code of "rlm_eap_sim.c",freeradius only sends
FULL_AUTH_ID_REQUEST.
i.e.In function "eap_sim_sendstart",there is
newvp = paircreate(ATTRIBUTE_EAP_SIM_BASE+PW_EAP_SIM_FULLAUTH_ID_REQ,
PW_TYPE_OCTETS);
For sending eap permanent id request to peer,I tried to modify this
sentence to:
newvp =
paircreate(ATTRIBUTE_EAP_SIM_BASE+PW_EAP_SIM_PERMANENT_ID_REQ,
PW_TYPE_OCTETS);
and compiled it successfully.
But when I tried to test the server,with the command below:
radeapclient -x localhost auth testing123 <eapsim-in.txt
the server will return:
rad_recv: Access-Request packet from host 127.0.0.1 port 57914, id=86,
length=89
User-Name = "232420100000015"
NAS-IP-Address = 209.87.252.247
Message-Authenticator = 0x745c37803f66ee28ae1e5de97b4dbafc
NAS-Port = 0
EAP-Message = 0x0255001401323332343230313030303030303135
# Executing section authorize from file
/etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "232420100000015", looking up realm
NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 85 length 20
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
[files] users: Matched entry 232420100000015 at line 93
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.
Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type sim
[eap] Underlying EAP-Type set EAP ID to 230
++[eap] returns handled
Sending Access-Challenge of id 86 to 127.0.0.1 port 57914
EAP-Message = 0x01e60014120a00000f020002000100000d010000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x6548900d65ae82b9c8a9eb100d26724a
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 127.0.0.1 port 57914, id=87,
length=85
User-Name = "232420100000015"
NAS-IP-Address = 209.87.252.247
Message-Authenticator = 0x9a0e653561af56be21543aec5da35963
NAS-Port = 0
State = 0x6548900d65ae82b9c8a9eb100d26724a
# Executing section authorize from file
/etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "232420100000015", looking up realm
NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry 232420100000015 at line 93
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.
Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group authenticate {...}
[eap] ERROR: You set 'Auth-Type = EAP' for a request that does not contain
an EAP-Message attribute!
++[eap] returns invalid
Failed to authenticate the user.
Using Post-Auth-Type Reject
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> 232420100000015
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
I wonder why did this happen?How should I do if I want send a PERMANENT_ID
request to the server?Thank you!!
--
View this message in context: http://freeradius.1045715.n5.nabble.com/How-to-send-Permanent-ID-request-in-EAP-SIM-method-tp4774635p4774635.html
Sent from the FreeRadius - Dev mailing list archive at Nabble.com.
More information about the Freeradius-Devel
mailing list