ChilliSpot 1.1.0 patches (not only for x64)

ChilliSpot is a well-known captive portal solution for wireless hotspot providers. With its Universal Access Method (UAM), all user communication is intercepted and HTTP requests with the user’s web browser are redirected to a webserver running a script which asks for authentication credentials. The script feeds those back to ChilliSpot which in turn contacts a RADIUS server for verification. If successful, ChilliSpot will let all traffic pass. Alternatively ChilliSpot also supports WPA/EAPOL for automatic browser-less authentication.

ChilliSpot has been unsupported for almost 4 years now but still can be downloaded thanks to the fact that someone has mirrored the original pages at An alternative fork by a former ChilliSpot contributor, CoovaChilli, has been available for some time and seen active development, but there may be reasons to stay with ChilliSpot.

Such attempts are however undermined by two bugs in the last ChilliSpot 1.1.0 release, a compilation bug and segfaults resp. authentication failures on 64-bit platforms:

  • the compilation bug occurs in src/tun.c: apparantly older compilers didn’t complain about missing ||s between defined predicates.
  • the segfault resp. the authentication failures occur in src/md5.c and are due to the fact that almost all functions in this file rely on 32-bit semantics by using a unsigned data type without any size specification instead of size_t for lengths. ChilliSpot thus either generates an invalid message authenticator in its communication with the RADIUS server (see eg. this forum post), causing it to deny login, or segfaults during generation.

I’ve created two patches, one for each of these bugs. chillispot-1.1.0-md5.c for src/md5.c is similar to the version of that file in CoovaChilli, seeing that there is only one correct way to fix it. CoovaChilli’s version differs, however, in using OpenSSL’s MD5 implementation, if available. chillispot-1.1.0-tun.c_defined is the other patch. With those two patches, ChilliSpot works correctly for me, even on x84-64.


Leave a comment