[BUG] EAP-pwd with EAP_PWD_PREP_MS
Brian Candler
b.candler at pobox.com
Fri Oct 7 10:51:40 PDT 2016
I found a bug in wpa_supplicant 2.6 and its handling of EAP-pwd with
password preparation type EAP_PWD_PREP_MS.
If the server proposes PREP_MS as the password preparation scheme, the
response from wpa_supplicant still contains PREP_NONE. This causes the
server to abandon the exchange.
The one-liner fix is below. With this fix, I was able to interoperate
with a version of FreeRADIUS also modified to handle EAP_PWD_PREP_MS.
Regards,
Brian Candler.
--- ./src/eap_peer/eap_pwd.c.orig 2016-10-02 19:51:11.000000000 +0100
+++ ./src/eap_peer/eap_pwd.c 2016-10-07 18:01:33.092325628 +0100
@@ -345,7 +345,7 @@
wpabuf_put_u8(data->outbuf, EAP_PWD_DEFAULT_RAND_FUNC);
wpabuf_put_u8(data->outbuf, EAP_PWD_DEFAULT_PRF);
wpabuf_put_data(data->outbuf, id->token, sizeof(id->token));
- wpabuf_put_u8(data->outbuf, EAP_PWD_PREP_NONE);
+ wpabuf_put_u8(data->outbuf, id->prep);
wpabuf_put_data(data->outbuf, data->id_peer, data->id_peer_len);
eap_pwd_state(data, PWD_Commit_Req);
More information about the Hostap
mailing list