[EXTERNAL] Help in Configuring EAP-SIM

Shane Guan shaneguan at microsoft.com
Tue Feb 8 21:34:13 UTC 2022 

Hi Alan,

Which commit would you suggest to use for testing EAP-SIM in v4? I tried using the nested_coding branch for the eap-aka-sim submodule, since that branch had its latest commit last year while passing all tests on github. However, I could not get it working -- it results in a segfault and I have attached the logs (*segfault.log).

gdb said that the segfault was caused by src/lib/eap_aka_sim/vector.c:vector_gsm_from_ki, specifically the following line
memcpy(keys->auc.opc, opc_p, sizeof(keys->auc.opc));
opc_p was a pointer that was not properly initialized.

I set SIM-Algo-Version to be 1 in the send Challenge-Request section.

I was unsure where to put SIM-Algo-Version, as I know that EAP-SIM has a version negotiation step (at least eapol_test expects that step). I noticed in the comments for the send Start-Request section that the version could be negotiated here, but when I put the SIM-Algo-Version attribute in that section instead of in the Challenge-Request section, that didn't cause the version negotiation step to happen.
send Start {
update control {
&SIM-Algo-Version := 1
}
}

I have attatched logs for that scenario (*no_version_negotiate.log).

Again, thanks for your help!
Shane
________________________________
From: Freeradius-Users <freeradius-users-bounces+shaneguan=microsoft.com at lists.freeradius.org> on behalf of Alan DeKok <aland at deployingradius.com>
Sent: Monday, February 7, 2022 7:31 PM
To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Subject: Re: [EXTERNAL] Help in Configuring EAP-SIM

On Feb 7, 2022, at 6:29 PM, Shane Guan via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> Thanks for the response! I put everything in the first line as per your suggestion and the server did put them in the control list. Unfortunately, the server ran into a segfault after parsing a packet from the peer and I have attached the logs below.

  That's pretty bad.  :(

> I did some preliminary investigations on this and gdb says that the segfault happened at src/modules/rlm_eap/libeap/eapsimlib.c:341
> To be exact,
> fr_pair_afrom_num(r, eapsim_attribute+PW_EAP_SIM_BASE, 0);
> returned a null pointer, because the attr/vendor combination was not recognized by the server. I noticed that in the comments for that function, it says that it is supposed to call a function to create a dynamic DICT_ATTR, but the function never did.

  I don't see any such comments there.

  The function is supposed to create a new VALUE_PAIR, which references a DICT_ATTR.  But if the DICT_ATTR doesn't exist... it runs into the problem you saw.

> Could you direct me to the documentation on this? Perhaps I didn't configure the server to recognize some attribute sent by eapol_test? Thanks!

  There really isn't much documentation on EAP-SIM.  It hasn't been widely used that I can recall.  The code was written in 2003, and then largely left untouched since then.

  I've pushed a patch to the v3.0.x branch on GitHub so it won't crash any more.  But... v3 doesn't do identity negotiation, session resumption, identity hints, or resync for EAP-SIM.  So it's a bare-bones implementation.

  The code in "master" has a full implementation of EAP-SIM with all of that.  It's also been tested with real-world traffic, so it's a lot better.  We hope to release v4 real soon now.  :(

  Alan DeKok.

-
List info/subscribe/unsubscribe? See https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.freeradius.org%2Flist%2Fusers.html&data=04%7C01%7Cshaneguan%40microsoft.com%7C5af933b23c444bfc2e3808d9eab39205%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637798879545593250%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=twKmJTj6uCiUDBrksspv7cZN4GfkhmDI1KSoP9EKvzY%3D&reserved=0
-------------- next part --------------
A non-text attachment was scrubbed...
Name: eapol_test_segfault.log
Type: application/octet-stream
Size: 6863 bytes
Desc: eapol_test_segfault.log
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20220208/69c33208/attachment-0004.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeradius_segfault.log
Type: application/octet-stream
Size: 46166 bytes
Desc: freeradius_segfault.log
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20220208/69c33208/attachment-0005.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: eapol_test_no_version_negotiate.log
Type: application/octet-stream
Size: 11675 bytes
Desc: eapol_test_no_version_negotiate.log
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20220208/69c33208/attachment-0006.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeradius_no_version_negotiate.log
Type: application/octet-stream
Size: 54178 bytes
Desc: freeradius_no_version_negotiate.log
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20220208/69c33208/attachment-0007.obj>

More information about the Freeradius-Users mailing list