3.0.x - Issue with EAP-SIM - EAP-Message too short in Challenge
Chaigneau, Nicolas
nicolas.chaigneau at capgemini.com
Thu Jun 12 10:26:01 CEST 2014
I've rebuilt with the latest 3.0.x HEAD commit.
I still have the same issue:
Received Access-Request Id 193 from 10.67.106.10:58041 to 10.67.141.74:31812 length 189
Code: 1
Id: 193
Length: 189
Vector: 35d595e426b9322bff64f012f33e1119
Data: 01 35 31 32 30 38 30 31 30 30 30 30 30 30 30 30 30 32
40 77 6c 61 6e 2e 6d 6e 63 30 30 31 2e 6d 63 63
32 30 38 2e 33 67 70 70 6e 65 74 77 6f 72 6b 2e
6f 72 67
50 12 60 1c 1a fe 28 fd b9 c9 0e 36 49 1f 51 09 13 cb
04 06 0a 14 00 00
20 0a 4c 69 76 65 42 6f 78 31
1f 13 46 37 3a 42 42 3a 43 38 3a 32 45 3a 42 36 3a 36
31
4f 3a 02 3f 00 38 01 31 32 30 38 30 31 30 30 30 30 30
30 30 30 30 32 40 77 6c 61 6e 2e 6d 6e 63 30 30
31 2e 6d 63 63 32 30 38 2e 33 67 70 70 6e 65 74
77 6f 72 6b 2e 6f 72 67
21 05 31 36 31
User-Name = '1208010000000002 at wlan.mnc001.mcc208.3gppnetwork.org'
Message-Authenticator = 0x601c1afe28fdb9c90e36491f510913cb
NAS-IP-Address = 10.20.0.0
NAS-Identifier = 'LiveBox1'
Calling-Station-Id = 'F7:BB:C8:2E:B6:61'
EAP-Message = 0x023f0038013132303830313030303030303030303240776c616e2e6d6e633030312e6d63633230382e336770706e6574776f726b2e6f7267
Proxy-State = 0x313631
Thu Jun 12 10:19:05 2014 : Debug: (0) # Executing section authorize from file /opt/application/sim3gppb/current/etc/raddb/sites-enabled/server-sim3gpp-b
Thu Jun 12 10:19:05 2014 : Debug: (0) authorize {
Thu Jun 12 10:19:05 2014 : Debug: (0) modsingle[authorize]: calling files (rlm_files) for request 0
Thu Jun 12 10:19:05 2014 : Debug: (0) files : users: Matched entry DEFAULT at line 1
Thu Jun 12 10:19:05 2014 : Debug: (0) files : ::: FROM 0 TO 0 MAX 0
Thu Jun 12 10:19:05 2014 : Debug: (0) files : ::: TO in 0 out 0
Thu Jun 12 10:19:05 2014 : Debug: (0) modsingle[authorize]: returned from files (rlm_files) for request 0
Thu Jun 12 10:19:05 2014 : Debug: (0) [files] = ok
Thu Jun 12 10:19:05 2014 : Debug: (0) modsingle[authorize]: calling eap (rlm_eap) for request 0
Thu Jun 12 10:19:05 2014 : Debug: (0) eap : EAP packet type response id 63 length 56
Thu Jun 12 10:19:05 2014 : Debug: (0) eap : EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
Thu Jun 12 10:19:05 2014 : Debug: (0) modsingle[authorize]: returned from eap (rlm_eap) for request 0
Thu Jun 12 10:19:05 2014 : Debug: (0) [eap] = ok
Thu Jun 12 10:19:05 2014 : Debug: (0) } # authorize = ok
Thu Jun 12 10:19:05 2014 : Debug: (0) Found Auth-Type = EAP
Thu Jun 12 10:19:05 2014 : Debug: (0) # Executing group from file /opt/application/sim3gppb/current/etc/raddb/sites-enabled/server-sim3gpp-b
Thu Jun 12 10:19:05 2014 : Debug: (0) authenticate {
Thu Jun 12 10:19:05 2014 : Debug: (0) modsingle[authenticate]: calling eap (rlm_eap) for request 0
Thu Jun 12 10:19:05 2014 : Debug: (0) eap : Peer sent Identity (1)
Thu Jun 12 10:19:05 2014 : Debug: (0) eap : Calling eap_sim to process EAP data
Thu Jun 12 10:19:05 2014 : Debug: (0) eap : Underlying EAP-Type set EAP ID to 121
Thu Jun 12 10:19:05 2014 : Debug: (0) eap : New EAP session, adding 'State' attribute to reply 0xa8ab2afea8d238ec
Thu Jun 12 10:19:05 2014 : Debug: (0) modsingle[authenticate]: returned from eap (rlm_eap) for request 0
Thu Jun 12 10:19:05 2014 : Debug: (0) [eap] = handled
Thu Jun 12 10:19:05 2014 : Debug: (0) } # authenticate = handled
Sending Access-Challenge Id 193 from 10.67.141.74:31812 to 10.67.106.10:58041
EAP-Message = 0x01790008120a0000
4f 0a 01 79 00 08 12 0a 00 00
Message-Authenticator = 0x00000000000000000000000000000000
50 12 ...
State = 0xa8ab2afea8d238ec4956f8ce757a9e32
18 12 a8 ab 2a fe a8 d2 38 ec 49 56 f8 ce 75 7a 9e 32
Proxy-State = 0x313631
21 05 31 36 31
Code: 11
Id: 193
Length: 71
Vector: 0e34bd79e3526936947128728e3576b1
Data: 4f 0a 01 79 00 08 12 0a 00 00
50 12 12 8a 55 2f a5 f5 61 bd ef e8 85 a4 e2 2a 97 83
18 12 a8 ab 2a fe a8 d2 38 ec 49 56 f8 ce 75 7a 9e 32
21 05 31 36 31
Thu Jun 12 10:19:05 2014 : Debug: (0) Finished request
Thu Jun 12 10:19:05 2014 : Debug: Waking up in 0.3 seconds.
Thu Jun 12 10:19:05 2014 : Debug: (0) Cleaning up request packet ID 193 with timestamp +76
Thu Jun 12 10:19:05 2014 : Info: Ready to process requests
-----Message d'origine-----
De : freeradius-users-bounces+nicolas.chaigneau=capgemini.com at lists.freeradius.org [mailto:freeradius-users-bounces+nicolas.chaigneau=capgemini.com at lists.freeradius.org] De la part de Arran Cudbard-Bell
Envoyé : mercredi 11 juin 2014 19:58
À : FreeRadius users mailing list
Objet : Re: 3.0.x - Issue with EAP-SIM - EAP-Message too short in Challenge
On 11 Jun 2014, at 18:42, Alan DeKok <aland at deployingradius.com> wrote:
> Chaigneau, Nicolas wrote:
>> I've noticed some changes to eapsimlib.c (not sure if it's linked...) in the following commit :
>> https://github.com/FreeRADIUS/freeradius-server/commit/39df09e42d80a9
>> 6363be0bddee2ff0ba97fdb035
>>
>> So I tried a prior commit :
>> https://github.com/FreeRADIUS/freeradius-server/tree/7edb8dd4a91d0111
>> da0950e21c113cfc3e4d2a28 With this version I don't have the problem.
>
> The only differences in eapsimlib are to change some header definitions:
>
> ....
> $ git diff 7edb8dd4a91..39df09e42d80
> src/modules/rlm_eap/libeap/eapsimlib.c
> diff --git a/src/modules/rlm_eap/libeap/eapsimlib.c
> b/src/modules/rlm_eap/libeap/eapsimlib.c
> index 8afed40..c2975ed 100644
> --- a/src/modules/rlm_eap/libeap/eapsimlib.c
> +++ b/src/modules/rlm_eap/libeap/eapsimlib.c
> @@ -408,7 +408,7 @@ int eapsim_checkmac(TALLOC_CTX *ctx, VALUE_PAIR
> *rvps, uint8_t key[EAPSIM_AUTH_S
> */
> attr = buffer+8;
> while(attr < (buffer+elen)) {
> - if(attr[0] == PW_EAP_SIM_MAC) {
> + if (attr[0] == (PW_EAP_SIM_MAC -
> + PW_EAP_SIM_BASE)) {
> /* zero the data portion, after making sure
> * the size is >=5. Maybe future versions.
> * will use more bytes, so be liberal.
> ....
>
>
> That shouldn't affect anything.
>
> Can you confirm that the commit before 39df09e42d works? If so, the
> fix should be simple.
Or try the latest head... we still had a bunch of duplicate c preprocessor macros for the attribute numbers, and i'd messed up the fallback to searching in the reply list.
That broke between v3.0.2 and v3.0.3, though it could be worked around by putting the triplets in the control list, which i'm guessing is what you're doing...
Arran Cudbard-Bell <a.cudbardb at freeradius.org> FreeRADIUS Development Team
FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.
More information about the Freeradius-Users
mailing list