Problem with secrets

Michael Lecuyer mjl at theorem.com
Wed Jul 19 14:55:40 CEST 2006


This has been explained before in this list and it's how RADIUS works.

The Even though the secret is incorrect the authentication can be 
correct. The server returns an Access-Accept. Why? The server trusts the 
client (it's in the accepted NAS list) and performs the authentication. 
The server then signs the response packet with it's version of the 
secret. The client doesn't trust the server and checks the signature. If 
the signature is not correct the client rejects the packet.

The opposite is true with accounting packets - the client signs the 
request and the server checks the signature.

The Message-Authenticator attribute can be used to sign the 
Access-Request packet which will cause the server to reject a packet 
with the an incorrect MA signature.

David Goodenough wrote:
> I just hit a really odd problem with a secrets.
> 
> We were asked to use FreeRadius to provide IP addresses to an Ericsonn
> NAS.  We set up the server and have some test clients with simple secrets.
> If those are right it works, if they are wrong it fails.
> 
> Then we put in the secret for the Ericsonn (I can not put it in this 
> note as it is someone else's secret and I do not know what else it might
> be the secret for, but privately I could make it available for testing).
> 
> This secret is 13 digits long, mixed numbers and letters, looks reasonably
> random, and in the proper secret all the letters were upper case.  However
> somehow one of the letters (an O) got put into the server in lower case.
> 
> The server happily accepts Access-Request packets with an authenticator 
> built from the all upper case secret, even though its secret was different,
> it was only the client which rejected the Access-Accept.  Diagnosing this
> however was very difficult as we had no access to the Ericsonn box and any
> console messages it might log (we could only see what went on the wire and
> whether the connection succeeded).
> 
> A quick look at the code did not find anywhere where the secret gets folded
> to all upper case (but I might have missed it) and if there were such folding
> it would be unfortunate if this was only done on checking the received packet
> not on generating the reply.
> 
> I am new to RADIUS, and I could not find any rules about case folding for
> secrets, but I might have missed them.
> 
> It could simply be one of those freak places where the MD5 checksum happens
> to be the same for the request but not the response, but that does not feel
> right.
> 
> I am using 1.1.1 (I am also using JRadius which last time I looked only 
> produced patches for 1.1.1, not 1.1.2).
> 
> David
> - 
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> 
> 




More information about the Freeradius-Users mailing list