chillispot is not authenticating correctly to radius server on 64 bits systems

Bug #427918 reported by Beastyvoid on 2009-09-11
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
chillispot (Ubuntu)
Undecided
Unassigned

Bug Description

Binary package hint: chillispot

The way chillispot prepares a hash for the "Message-Authentifactor" is not 64 bits proof.
As a result the 32 bytes string hash is only filled with 8 bytes (as

wrong field reported sniffing the wire with wireshark :
Message-Authenticator: DF09B19E000000000000000000000000

good one, obtained with radtest and radclient :
Message-Authenticator: 9A67B23A03BDC920A49E0F59413023B8

As you can see the string is truncated. Then the radius server reject the authentifaction request asap with that error :

Wed Sep 9 12:48:00 2009 : Error: Received packet from 127.0.0.1 with invalid Message-Authenticator! (Shared secret is incorrect.) Dropping packet without response.

tried with Ubuntu 8.04 server AMD64, Ubuntu 9.04 server AMD64.

all is working fine on Ubuntu server 9.04 i386, on a 32 bits system.

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in chillispot (Ubuntu):
status: New → Confirmed
Roman (mefystofel) wrote :

Hello, I experience a slightly different issue under Ubuntu 12.04.1 LTS (precise):

$ uname -ar
Linux 3.2.0-31-generic #50-Ubuntu SMP Fri Sep 7 16:16:45 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux

If the freeradius service is hosted on the same server where chillispot is then I'm authenticated no problem. If I use a remote freeradius server then I cannot authenticate anymore. radtest and radclient work fine though.

No issues with the authentication if I switch to a 32 bit version of chillispot.

hieu nguyen (hieunguyenminh-93) wrote :

Hello every one!

My name is Hieu, i met the same bug. I tried search some patch and i found a patch that fixed this bug.
it was fixed! now, you can get it here: http://www.0xf8.org/2010/02/chillispot-1-1-0-patches-not-only-for-x64/

The attachment "chillispot-1.1.0-md5.c.diff" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags: added: patch
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers