Does eapol_test lie about the data it exchanges with FreeRADIUS?

Joe Garcia joe27256 at gmail.com
Sat Apr 22 13:55:31 UTC 2023


On Fri, 21 Apr 2023 at 03:59, Alan DeKok <aland at deployingradius.com> wrote:
>On Apr 20, 2023, at 11:28 AM, Joe Garcia <joe27256 at gmail.com> wrote:
>
>>(which is indeed what's being sent) and on the second line it's magically
>>converted itself into an EAP message, which isn't actually sent.
>
>Exactly.

Thanks for clarifying that!  I was guessing that eapol_test was synthesising
an EAP message using values like the Identifier from outside the PEAP (TLS)
tunnel because that value certainly wasn't present inside the tunnel (the
identity request, for example, was just a PEAP-style single-byte 0x01 without
an EAP header), and then printing it as if it was an EAP message.  This made
debugging what was actually being sent tricky.

JG.


More information about the Freeradius-Users mailing list