eapol_test and MSCHAPv2 691 - Retry allowed

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

here's a little feature request: when using eapol_test and talking to a
PEAP/MSCHAPv2 server without knowing the account password, usually the
conversation ends in Access-Reject immediately.

However, some servers send E=691 Retry Allowed back and wait for the
client side to send another password.

In these situations, eapol_test just sits there until ^C or timeout.
Sure: it has no other password to try, and there is no protocol message
for "Thanks for allowing, but I don't want to".

Question: would it be possible to bail out of the conversation instead
of waiting for timeout? I could imagine either
* eapol_test quitting with a matching error message
* eapol_test sending TLS close back, tearing down the EAP session in a
way that the server knows about it, too

The latter has the advantage of not leaving a "dangling" session on the
server as it waits for a response.

Greetings,

Stefan Winter

-- 
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
2, avenue de l'Université
L-4365 Esch-sur-Alzette

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66

Attachment: 0x8A39DC66.asc
Description: application/pgp-keys

Attachment: 0x8A39DC66.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap

[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux