Arbitrary RADIUS attributes from WPA2 handshake
Kyle Leissner
kyle at wirestar.net
Tue Nov 16 07:56:53 PST 2021
When an endpoint is performing WPA2-PSK and a RADIUS server is
configured for dynamic PSK, we would like to be able to send some of
the data of the WPA2 handshake inside the RADIUS request. The data we
would like to have is: the EAPOL key frame; the ANonce; the BSSID and
the WLAN name (SSID).
Is there a way to accomplish this natively in Hostadp today? I see
from the documentation, there is an option to add Arbitrary RADIUS
attributes, but I am unsure if these four attributes are available
natively?
# Arbitrary RADIUS attributes can be added into Access-Request and
# Accounting-Request packets by specifying the contents of the attributes with
# the following configuration parameters. There can be multiple of these to
# add multiple attributes. These parameters can also be used to override some
# of the attributes added automatically by hostapd.
# Format: <attr_id>[:<syntax:value>]
# attr_id: RADIUS attribute type (e.g., 26 = Vendor-Specific)
# syntax: s = string (UTF-8), d = integer, x = octet string
# value: attribute value in format indicated by the syntax
# If syntax and value parts are omitted, a null value (single 0x00 octet) is
# used.
More information about the Hostap
mailing list