[PATCH] 'hostapd_cli sta <mac-addr>' returned 'dot1xAuthSessionUsername=(null)', when the integrated eap_server was used. This fixes that so the actual username is returned.

Michael Baird Michael.Baird at ecs.vuw.ac.nz
Mon Sep 18 13:19:40 PDT 2017 

Hi,

In relation to this patch (and still occurred at the previous commit 
https://w1.fi/cgit/hostap/commit/?id=3c7863f812d23fefa9987b29308006a29f1d6e9d).

Often the username (dot1XAuthSessionUsername) is <username> plus random 
bytes e.g. 'dot1XAuthSessionUsername=hostuser3ifier 115', where the 
username is 'hostuser3'.


I was thinking that the issue is with not allocating space for a null 
terminator and when used in conjunction with printf-like functions 
running past the end of the char*. As specified in 
https://tools.ietf.org/html/rfc3748#section-5.1 eap identity does not 
send the null terminator,

5.1

"The Identity Response field MUST NOT be null terminated.  In all cases, 
the length of the Type-Data field is derived from the Length field of 
the Request/Response packet."


 From what i can tell when it is used it is expected to be null 
terminated, as a normal char *, or is this wrong? If it is not supposed 
to be null terminated I will amend the above patch to take the 
identity_len field into account when used in the printf function.


Thanks,

Michael
On 14/09/17 16:00, Michael Baird wrote:
> See also http://lists.infradead.org/pipermail/hostap/2017-September/037933.html
>
> Signed-off-by: Michael Baird <Michael.Baird at ecs.vuw.ac.nz>
> ---
>   src/ap/ieee802_1x.c | 3 ++-
>   1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c
> index 6ea1ebe..3517f7d 100644
> --- a/src/ap/ieee802_1x.c
> +++ b/src/ap/ieee802_1x.c
> @@ -17,6 +17,7 @@
>   #include "radius/radius.h"
>   #include "radius/radius_client.h"
>   #include "eap_server/eap.h"
> +#include "eap_server/eap_i.h"
>   #include "eap_common/eap_wsc_common.h"
>   #include "eapol_auth/eapol_auth_sm.h"
>   #include "eapol_auth/eapol_auth_sm_i.h"
> @@ -2638,7 +2639,7 @@ int ieee802_1x_get_mib_sta(struct hostapd_data *hapd, struct sta_info *sta,
>   				   wpa_auth_sta_key_mgmt(sta->wpa_sm))) ?
>   			  1 : 2,
>   			  (unsigned int) diff.sec,
> -			  sm->identity);
> +			  sm->eap->identity);
>   	if (os_snprintf_error(buflen - len, ret))
>   		return len;
>   	len += ret;

More information about the Hostap mailing list