3.0.x - Issue with EAP-SIM - EAP-Message too short in Challenge

Chaigneau, Nicolas nicolas.chaigneau at capgemini.com
Thu Jun 12 10:31:29 CEST 2014

Yes, I confirm it works on a build with the following commit (2014/06/01):

But I don't know exactly on which commit it stopped working since...

-----Message d'origine-----
De : freeradius-users-bounces+nicolas.chaigneau=capgemini.com at lists.freeradius.org [mailto:freeradius-users-bounces+nicolas.chaigneau=capgemini.com at lists.freeradius.org] De la part de Alan DeKok
Envoyé : mercredi 11 juin 2014 19:43
À : FreeRadius users mailing list
Objet : Re: 3.0.x - Issue with EAP-SIM - EAP-Message too short in Challenge

Chaigneau, Nicolas wrote:
> I've noticed some changes to eapsimlib.c (not sure if it's linked...) in the following commit :
> https://github.com/FreeRADIUS/freeradius-server/commit/39df09e42d80a96
> 363be0bddee2ff0ba97fdb035
> So I tried a prior commit :
> https://github.com/FreeRADIUS/freeradius-server/tree/7edb8dd4a91d0111d
> a0950e21c113cfc3e4d2a28 With this version I don't have the problem.

  The only differences in eapsimlib are to change some header definitions:

$ git diff 7edb8dd4a91..39df09e42d80 src/modules/rlm_eap/libeap/eapsimlib.c
diff --git a/src/modules/rlm_eap/libeap/eapsimlib.c
index 8afed40..c2975ed 100644
--- a/src/modules/rlm_eap/libeap/eapsimlib.c
+++ b/src/modules/rlm_eap/libeap/eapsimlib.c
@@ -408,7 +408,7 @@ int eapsim_checkmac(TALLOC_CTX *ctx, VALUE_PAIR *rvps, uint8_t key[EAPSIM_AUTH_S
                attr = buffer+8;
                while(attr < (buffer+elen)) {
-                       if(attr[0] == PW_EAP_SIM_MAC) {
+                       if (attr[0] == (PW_EAP_SIM_MAC - 
                                /* zero the data portion, after making sure
                                 * the size is >=5. Maybe future versions.
                                 * will use more bytes, so be liberal.

  That shouldn't affect anything.

  Can you confirm that the commit before 39df09e42d works?  If so, the fix should be simple.

  Alan DeKok.
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.

More information about the Freeradius-Users mailing list