Description
I am using Chewie as a standalone authenticator (as a component in a system outside of faucetsdn) for a switch that does not have a built-in authenticator.
When a supplicant attached to the switch sends an EAPOL-Start, it sets the DA to the PAE Group address (01-80-C2-00-00-03), and SA to its own MAC address.
Chewie receives the EAPOL-Start and responds, as expected, with an EAPOL-EAP message. This message sets DA to the MAC address of the supplicant, and SA to the PAE Group Address.
I believe setting SA=PAE Group Address is invalid, and is being dropped by the supplicant and/or other network elements in the path between Chewie and the supplicant (depending on the specific network topology I am testing).
I think the cause of this is that Chewie is simply setting the SA of sent EAPOL frames to the port_id which is copied from the DA of the received EAPOL-Start. I think the fix is as simple as checking if the received DA is 01-80-C2-00-00-03, and if it is, setting port_id to the local MAC address.
I am willing to submit a patch to fix this, but it is unclear where in the code is best to make this check.
Please provide guidance and I will make my best attempt to supply a patch.