radclient fails to validate Message-Authenticator on Disconnect-ACK packets
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
freeradius (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
When I send a "Disconnect-
However, radclient thinks the value of this Message-
This bug has been fixed in upstream version 2.2.0.
A patch is discussed here:
http://
ProblemType: Bug
DistroRelease: Ubuntu 13.10
Package: freeradius (not installed)
ProcVersionSign
Uname: Linux 3.10.0-5-generic x86_64
ApportVersion: 2.11-0ubuntu1
Architecture: amd64
Date: Tue Jul 30 07:00:36 2013
InstallationDate: Installed on 2013-06-02 (57 days ago)
InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release amd64 (20130424)
MarkForUpload: True
SourcePackage: freeradius
UpgradeStatus: Upgraded to saucy on 2013-06-05 (54 days ago)
Changed in freeradius (Ubuntu): | |
importance: | Undecided → Medium |
I send the packet like this (IP of the hostap instance is 10.0.0.2, Event-Timestamp is "current" when I try this, otherwise hostapd wouldn't send a Disconnect-ACK, but just not reply at all, this happened to me during some earlier debugging):
$ cat packet.txt Id=XXXXXXXX- XXXXXXX Authenticator= 0 =1375159866
Acct-Session-
<email address hidden>
Message-
Event-Timestamp
$ radclient -x 10.0.0.2:3799 disconnect 'SharedSecret' < packet.txt Authenticator = 0x0000000000000 000000000000000 0000 Authenticator! (Shared secret is incorrect.)
Sending Disconnect-Request of id 176 to 10.0.0.2 port 3799
Acct-Session-Id = "XXXXXXXX-XXXXXXX"
User-Name = "<email address hidden>"
Message-
Event-Timestamp = "Jul 30 2013 06:51:06 CEST"
rad_recv: Disconnect-ACK packet from host 10.0.0.2 port 3799, id=176, length=44
rad_verify: Received packet from 10.0.0.2 with invalid Message-
The last line is where the problem is: the incoming "Disconnect-ACK" isn't verified properly.