Problem with WISPr in release 1.0.13
Thierry MUSEUX - www.fwt.fr -
tm at fwt.fr
Tue May 12 22:20:17 UTC 2009
Limit.h
#define RADIUS_PASSWORD_LEN 16
Thierry Museux
_____
De : Rodrigo Martínez [mailto:rmartinez at tilsor.com.uy]
Envoyé : mardi 12 mai 2009 22:51
À : chilli at coova.org
Objet : Re: Problem with WISPr in release 1.0.13
David,
thanks for the quick response and for committing the changes to the svn.
In our solution the smart clients use usernames and passwords that are
40 bytes long. When we try to login using these password, CoovaChilli send
to RADIUS the password truncated to 16 bytes. We just found this problem and
we are looking for a solution in the code, any advice would be very helpful.
Rodrigo
wlanmac wrote:
Thanks... I committed a similar fix to svn - the difference being an
option addedd to bstring_buildurl() for what kind of ampersand to use
"&" vs. "%amp;".
David
On Tue, 2009-05-12 at 16:46 -0300, Rodrigo Martínez wrote:
Hello,
We are using CoovaChilli release 1.0.13 in a solution for access
control system. We have smart clients that authenticate using WISPr
protocol to communicate with the CoovaChilli. We start using
CoovaChilli release 1.0.12, with this version the WISPr communication
worked fine, but when we update to release 1.0.13 the client stop
connecting.
Analyzing the problem we found that in the new release, when the
redirect message is send (302 page was moved), the WISPr message had
two tags with the LoginURL. One of the tags had the same value as in
release 1.0.12 and the second one has some differences. The main
problem of the second tag is that the "&" it is not scaped, so when we
check syntax against the xsd, it always fail. Looking around in the
code, we found the piece of code that was generating the WISPr message
and we modify it to match the WISPr standard. Attached in the mail we
are sending the file with the patch that contains the modifications in
the redir.c file. We hope this can help developers to fix this problem
in next releases.
Thanks in advance
Regards,
Rodrigo
--
______________________________________________________________________
Ing. Rodrigo Martínez
Consultor
Consultoría & Desarrollo
Tilsor S.A
Pza.
Independencia 822
Piso 4
C.P. 11100 -
Montevideo
Uruguay
Tel Fax: (598 2)
9039313
www.tilsor.com.uy
plain text document attachment (chilli-wisprLoginURL.patch)
Index: redir.c
===================================================================
--- redir.c (revision 199)
+++ redir.c (working copy)
@@ -221,12 +221,12 @@
bstring bt = bfromcstr("");
bstring bt2 = bfromcstr("");
- bassignformat(str, "%s%cres=%s&uamip=%s&uamport=%d",
+ bassignformat(str, "%s%cres=%s&uamip=%s&uamport=%d",
redir_url, strchr(redir_url, '?') ? '&' : '?',
resp, inet_ntoa(redir->addr), redir->port);
if (hexchal) {
- bassignformat(bt, "&challenge=%s", hexchal);
+ bassignformat(bt, "&challenge=%s", hexchal);
bconcat(str, bt);
bassigncstr(bt,"");
}
@@ -239,37 +239,37 @@
sessiontime = timenow - starttime;
- bassignformat(bt, "&starttime=%ld", starttime);
+ bassignformat(bt, "&starttime=%ld", starttime);
bconcat(str, bt);
- bassignformat(bt, "&sessiontime=%ld", sessiontime);
+ bassignformat(bt, "&sessiontime=%ld", sessiontime);
bconcat(str, bt);
}
if (conn->s_params.sessiontimeout) {
- bassignformat(bt, "&sessiontimeout=%ld",
conn->s_params.sessiontimeout);
+ bassignformat(bt, "&sessiontimeout=%ld",
conn->s_params.sessiontimeout);
bconcat(str, bt);
}
if (conn->s_params.sessionterminatetime) {
- bassignformat(bt, "&stoptime=%ld",
conn->s_params.sessionterminatetime);
+ bassignformat(bt, "&stoptime=%ld",
conn->s_params.sessionterminatetime);
bconcat(str, bt);
}
}
if (uid) {
- bcatcstr(str, "&uid=");
+ bcatcstr(str, "&uid=");
bassigncstr(bt, uid);
redir_urlencode(bt, bt2);
bconcat(str, bt2);
}
if (timeleft) {
- bassignformat(bt, "&timeleft=%ld", timeleft);
+ bassignformat(bt, "&timeleft=%ld", timeleft);
bconcat(str, bt);
}
if (hismac) {
- bcatcstr(str, "&mac=");
+ bcatcstr(str, "&mac=");
bassignformat(bt, "%.2X-%.2X-%.2X-%.2X-%.2X-%.2X",
hismac[0], hismac[1],
hismac[2], hismac[3],
@@ -279,54 +279,54 @@
}
if (hisip) {
- bassignformat(bt, "&ip=%s", inet_ntoa(*hisip));
+ bassignformat(bt, "&ip=%s", inet_ntoa(*hisip));
bconcat(str, bt);
}
if (reply) {
- bcatcstr(str, "&reply=");
+ bcatcstr(str, "&reply=");
bassigncstr(bt, reply);
redir_urlencode(bt, bt2);
bconcat(str, bt2);
}
if (redir->ssid) {
- bcatcstr(str, "&ssid=");
+ bcatcstr(str, "&ssid=");
bassigncstr(bt, redir->ssid);
redir_urlencode(bt, bt2);
bconcat(str, bt2);
}
if (redir->nasmac) {
- bcatcstr(str, "&called=");
+ bcatcstr(str, "&called=");
bassigncstr(bt, redir->nasmac);
redir_urlencode(bt, bt2);
bconcat(str, bt2);
}
if (redir->radiusnasid) {
- bcatcstr(str, "&nasid=");
+ bcatcstr(str, "&nasid=");
bassigncstr(bt, redir->radiusnasid);
redir_urlencode(bt, bt2);
bconcat(str, bt2);
}
if (conn->lang[0]) {
- bcatcstr(str, "&lang=");
+ bcatcstr(str, "&lang=");
bassigncstr(bt, conn->lang);
redir_urlencode(bt, bt2);
bconcat(str, bt2);
}
if (redirurl) {
- bcatcstr(str, "&redirurl=");
+ bcatcstr(str, "&redirurl=");
bassigncstr(bt, redirurl);
redir_urlencode(bt, bt2);
bconcat(str, bt2);
}
if (userurl) {
- bcatcstr(str, "&userurl=");
+ bcatcstr(str, "&userurl=");
bassigncstr(bt, userurl);
redir_urlencode(bt, bt2);
bconcat(str, bt2);
@@ -347,7 +347,7 @@
for (i=0; i<16; i++)
sprintf(hex+strlen(hex), "%.2X", cksum[i]);
- bcatcstr(str, "&md=");
+ bcatcstr(str, "&md=");
bcatcstr(str, hex);
}
@@ -478,12 +478,14 @@
bconcat(b, bt);
bcatcstr(b, "</LoginURL>\r\n");
-
+
+/*
bassignformat(bt,
"<LoginURL>%s%cres=smartclient&uamip=%s&uamport=%d&challenge=%s<
/LoginURL>\r\n",
options.wisprlogin ? options.wisprlogin : redir->url,
strchr(options.wisprlogin ? options.wisprlogin : redir->url,
'?') ? '&' : '?',
inet_ntoa(redir->addr), redir->port, hexchal);
bconcat(b, bt);
+*/
bassignformat(bt, "<AbortLoginURL>http://%s:%d/abort
<http://%25s:%25d/abort> </AbortLoginURL>\r\n",
inet_ntoa(redir->addr), redir->port);
---------------------------------------------------------------------
To unsubscribe, e-mail: chilli-unsubscribe at coova.org
For additional commands, e-mail: chilli-help at coova.org
Wiki: http://coova.org/wiki/index.php/CoovaChilli
Forum: http://coova.org/phpBB3/viewforum.php?f=4
---------------------------------------------------------------------
To unsubscribe, e-mail: chilli-unsubscribe at coova.org
For additional commands, e-mail: chilli-help at coova.org
Wiki: http://coova.org/wiki/index.php/CoovaChilli
Forum: http://coova.org/phpBB3/viewforum.php?f=4
--
_____
Ing. Rodrigo Martínez
Consultor
Consultoría & Desarrollo
Tilsor S.A
Pza. Independencia 822 Piso 4
C.P. 11100 - Montevideo Uruguay
Tel Fax: (598 2) 9039313
<http://www.tilsor.com.uy> www.tilsor.com.uy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20090513/d3292b3c/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 17463 bytes
Desc: not available
URL: <http://lists.coova.org/pipermail/chilli/attachments/20090513/d3292b3c/attachment.jpeg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 2119 bytes
Desc: not available
URL: <http://lists.coova.org/pipermail/chilli/attachments/20090513/d3292b3c/attachment.gif>
More information about the Chilli
mailing list