Arbitrary RADIUS attributes from WPA2 handshake
Kyle Leissner
kyle at wirestar.net
Mon Jan 10 07:13:26 PST 2022
I am reposting this request as I haven't heard back from anyone
neither onlist nor offlist.
When an endpoint is performing WPA2-PSK and a RADIUS server is
configured for dynamic PSK, we would like to be able to send some of
the data of the WPA2 handshake inside the RADIUS request. The data we
would like to have is: the EAPOL key frame; the ANonce; the BSSID and
the WLAN name (SSID).
Is there a way to accomplish this natively in Hostadp today? I see
from the documentation, there is an option to add Arbitrary RADIUS
attributes, but I am unsure if these four attributes are available
natively?
# Arbitrary RADIUS attributes can be added into Access-Request and
# Accounting-Request packets by specifying the contents of the attributes with
# the following configuration parameters. There can be multiple of these to
# add multiple attributes. These parameters can also be used to override some
# of the attributes added automatically by hostapd.
# Format: <attr_id>[:<syntax:value>]
# attr_id: RADIUS attribute type (e.g., 26 = Vendor-Specific)
# syntax: s = string (UTF-8), d = integer, x = octet string
# value: attribute value in format indicated by the syntax
# If syntax and value parts are omitted, a null value (single 0x00 octet) is
# used.
Sincerely,
Kyle W. Leissner
President of WireStar Networks
kyle at wirestar.net
www.wirestar.net
Office: 979-721-9000 Extension 9100
Direct: 979-721-9100
Fax: 979-721-9099
Sincerely,
Kyle W. Leissner
President of WireStar Networks
kyle at wirestar.net
www.wirestar.net
Office: 979-721-9000 Extension 9100
Direct: 979-721-9100
Fax: 979-721-9099
On Mon, Jan 10, 2022 at 9:11 AM Kyle Leissner <kyle at wirestar.net> wrote:
>
> I am reposting this as I haven't heard back from anyone about this request:
>
> When an endpoint is performing WPA2-PSK and a RADIUS server is
> configured for dynamic PSK, we would like to be able to send some of
> the data of the WPA2 handshake inside the RADIUS request. The data we
> would like to have is: the EAPOL key frame; the ANonce; the BSSID and
> the WLAN name (SSID).
>
> Is there a way to accomplish this natively in Hostadp today? I see
> from the documentation, there is an option to add Arbitrary RADIUS
> attributes, but I am unsure if these four attributes are available
> natively?
>
> # Arbitrary RADIUS attributes can be added into Access-Request and
> # Accounting-Request packets by specifying the contents of the attributes with
> # the following configuration parameters. There can be multiple of these to
> # add multiple attributes. These parameters can also be used to override some
> # of the attributes added automatically by hostapd.
> # Format: <attr_id>[:<syntax:value>]
> # attr_id: RADIUS attribute type (e.g., 26 = Vendor-Specific)
> # syntax: s = string (UTF-8), d = integer, x = octet string
> # value: attribute value in format indicated by the syntax
> # If syntax and value parts are omitted, a null value (single 0x00 octet) is
> # used.
>
> Sincerely,
> Kyle W. Leissner
>
> President of WireStar Networks
>
>
> kyle at wirestar.net
> www.wirestar.net
> Office: 979-721-9000 Extension 9100
> Direct: 979-721-9100
> Fax: 979-721-9099
>
>
>
> On Tue, Nov 16, 2021 at 9:56 AM Kyle Leissner <kyle at wirestar.net> wrote:
>>
>> When an endpoint is performing WPA2-PSK and a RADIUS server is
>> configured for dynamic PSK, we would like to be able to send some of
>> the data of the WPA2 handshake inside the RADIUS request. The data we
>> would like to have is: the EAPOL key frame; the ANonce; the BSSID and
>> the WLAN name (SSID).
>>
>> Is there a way to accomplish this natively in Hostadp today? I see
>> from the documentation, there is an option to add Arbitrary RADIUS
>> attributes, but I am unsure if these four attributes are available
>> natively?
>>
>> # Arbitrary RADIUS attributes can be added into Access-Request and
>> # Accounting-Request packets by specifying the contents of the attributes with
>> # the following configuration parameters. There can be multiple of these to
>> # add multiple attributes. These parameters can also be used to override some
>> # of the attributes added automatically by hostapd.
>> # Format: <attr_id>[:<syntax:value>]
>> # attr_id: RADIUS attribute type (e.g., 26 = Vendor-Specific)
>> # syntax: s = string (UTF-8), d = integer, x = octet string
>> # value: attribute value in format indicated by the syntax
>> # If syntax and value parts are omitted, a null value (single 0x00 octet) is
>> # used.
More information about the Hostap
mailing list