Malformed RADIUS packet from host Invalid attribute 0


I'm trying to configure RADIUS at home (because I can).
freeradius is up and running @ (Debian PC, acting as a router and DHCP)

openwrt is up and running @ (TP Link Archer C6U, OpenWrt 21.02.1 r16325-88151b8303 acting as AP and switch).

old DGT VDSL2 @ with native firmware used as a AP and switch

I've set up my RADIUS @Debian box, tested, mostly default settings. I've configured both DGT VDSL2 and Openwrt as a client to the RADIUS, using the same settings.

I cannot authenticate via WiFi network - dedicated AP set up with WPA2-Enterprise, WPA2-PSK networks do work.

Error was previously reported:

Receive - Malformed RADIUS packet from host Invalid attribute 0

( Malformed RADIUS packet after upgrade to latest snapshot 53b9cc4 )

The commit made it to upstream on 3.06.2021 r., so I assume that is some kind of regression - or, it was not implemented into my version of wpad - i've picked wpad-wolfssl - due to lack of WPA3 in wpad package).

RADIUS does work via DGT VDSL2 device, does not via Openwrt. I might be configuring something wrong, if You've got any ideas- help me, otherwise consider this post as a bug report please.

It was reported that OpenWRT 21.02.1 has issue with Radius. You can downgrade to 21.02.0 or use snapshot build.

Ok thank You, I'll just wait for the fix in the next release, I don't need it right now.

Kind regards

I had the same problem and applied the patch from @blogic from this thread which solved the problem for me.

There was some work done on hostapd on the 21.02 branch around November 23; looks like this patch has been forgotten. Maybe @blogic could take a look at it and add it back to the 21.02 branch?

Edit: This commit introduced append_radius_*_req_attr functions to 21.02 and caused this issue.

I'm somehow torn between learning how to cross-compile openwrt packages on my own and waiting for this simple, 30 bytes patch migrating into upstream/stable release. : (
As somebody new in the community I don't know which one would be less painful.

No need to cross-compile, you can simply edit the /lib/netifd/ file accordingly and then restart wifi with the wifi command on the shell, as a quick fix on your system. That's what I did and it worked for me.

I was not too bright not having noticed that it's a shell script...
Thank You!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.