Hostapd sends unencrypted Data Packets during EAP Handshake on an encrypted Network
flole at flole.de
Tue Aug 6 07:40:34 PDT 2019
I have a WPA2 Enterprise Network configured running hostapd 2.5 and I
had a device do the EAP Handshake and in the middle of the Handshake
there were 2 packets targeted to that device sent to the Access Point to
be forwarded to the client (meaning its target IP/Mac was set to the
clients IP/Mac). The packets were forwarded unencrypted on-air and it is
visible in a wifi capture in clear text, even though this is a WPA2
Enterprise encrypted network. I think under no circumstances should any
data packet be sent unencrypted, and that sending of the packets should
either be delayed or the packets should be discarded at that point
because the client is not currently fully connected.
Is this known? Has someone seen something similar? is this intended? Is
this maybe fixed in a newer version (the changelog doesnt indicate that)?
If someone wants to look into this I can provide a packet capture of
this showing the EAPOL Packets aswell as the unencrypted packets that
just appeared during the Handshake.
More information about the Hostap