Cannot lookup EAP user on reauthentication (PEAP/TTLS)
James Prestwood
prestwoj at gmail.com
Fri May 27 09:22:20 PDT 2022
Hi Alan,
On Fri, 2022-05-27 at 09:54 -0400, Alan DeKok wrote:
> On May 26, 2022, at 6:21 PM, James Prestwood <prestwoj at gmail.com>
> wrote:
> > For tunneled methods like PEAP/TTLS, on a reauthentication request,
> > hostapd uses the phase2 identity stored in the sm but hard codes the
> > phase to 0. This happens in eap_sm_Policy_getDecision().
>
> The outer identity should be the same for both the initial
> authentication, and any resumption. For details, see:
>
> https://datatracker.ietf.org/doc/html/rfc9190#section-2.1.3
>
> When NAI reuse can be
> done without privacy implications, it is RECOMMENDED to use the same
> NAI in the resumption as was used in the original full handshake
> [RFC7542]
>
> Changing outer identities for resumption seems wrong.
I'm not sure I follow, EAP-TLS doesn't suffer this issue since it
doesn't have two phases. TTLS/PEAP use an anonymous/outer identity and
the real identity for phase2 which is encrypted. Using the same
identities for both phases removes any privacy from the real identity.
Several example configurations for wpa_supplicant even uses two
separate identities e.g.
# EAP-TTLS/EAP-MD5-Challenge configuration with anonymous identity for
the
# unencrypted use. Real identity is sent only within an encrypted TLS
tunnel.
network={
ssid="example"
key_mgmt=WPA-EAP
eap=TTLS
identity="user at example.com"
anonymous_identity="anonymous at example.com"
password="foobar"
ca_cert="/etc/cert/ca.pem"
priority=2
}
The hostapd tests avoid this issue it seems by allowing any outer
identity to be accepted:
* TTLS,TLS,PEAP,FAST,TEAP,SIM,AKA',AKA
Maybe this is standard practice for all authentication servers? But
from what I can gather there is no requirement they two identities must
be the same.
Thanks,
James
>
> Alan DeKok.
>
More information about the Hostap
mailing list