From 31bc3b32155c1f9509f0e7d999b10f4305b508ca Mon Sep 17 00:00:00 2001 From: Jett Wang Date: Sun, 31 Dec 2023 03:36:54 +0800 Subject: [PATCH] 2023-12-31 03:36:45 : eap-mschapv2 success --- assets/buildinfo.txt | 10 +++---- toughradius/radius_eap_mschapv2.go | 48 +++++++++++++++++------------- 2 files changed, 32 insertions(+), 26 deletions(-) diff --git a/assets/buildinfo.txt b/assets/buildinfo.txt index 70d956a9..6a51855e 100644 --- a/assets/buildinfo.txt +++ b/assets/buildinfo.txt @@ -1,8 +1,8 @@ -BuildVersion=latest v8.0.4 2023-12-31 03:10:51 +BuildVersion=latest v8.0.4 2023-12-31 03:36:45 ReleaseVersion=v8.0.4 -BuildTime=2023-12-31 03:10:51 +BuildTime=2023-12-31 03:36:45 BuildName=toughradius -CommitID=8add7ca3ca44fb2c53d130115854f0e5f2e2b032 -CommitDate=Thu, 28 Dec 2023 23:06:09 +0800 +CommitID=f871aea6d9c0c3eda4f50423d44c241822bf3154 +CommitDate=Sun, 31 Dec 2023 03:11:03 +0800 CommitUser=jamiesun.net@gmail.com -CommitSubject=2023-12-28 23:05:59 : translate +CommitSubject=2023-12-31 03:10:51 : mschapv2 auth diff --git a/toughradius/radius_eap_mschapv2.go b/toughradius/radius_eap_mschapv2.go index 6e19f799..217ecd2b 100644 --- a/toughradius/radius_eap_mschapv2.go +++ b/toughradius/radius_eap_mschapv2.go @@ -27,11 +27,13 @@ const ( // EAPMSCHAPv2Challenge represents an EAP-MSCHAPv2 Challenge message. type EAPMSCHAPv2Challenge struct { EAPHeader - Type uint8 - OpCode uint8 - ValueSize uint8 - Challenge [MSCHAPChallengeSize]byte - Name []byte + Type uint8 + OpCode uint8 + MsIdentifier uint8 + MsChapV2Length uint16 + ValueSize uint8 + Challenge [MSCHAPChallengeSize]byte + Name []byte } // NewEAPMSCHAPv2Challenge creates a new EAP-MSCHAPv2 Challenge packet with a random challenge. @@ -46,14 +48,21 @@ func NewEAPMSCHAPv2Challenge(identifier uint8, name string) *EAPMSCHAPv2Challeng Identifier: identifier, Length: 0, // Will be set later }, - Type: EAPTypeMSCHAPv2, - OpCode: MSCHAPv2Challenge, - ValueSize: MSCHAPChallengeSize, - Challenge: challenge, - Name: []byte(name), + Type: EAPTypeMSCHAPv2, + OpCode: MSCHAPv2Challenge, + MsIdentifier: identifier, // Assuming the same as EAP Identifier + MsChapV2Length: 0, // Will be set later + ValueSize: MSCHAPChallengeSize, + Challenge: challenge, + Name: []byte(name), } - eap.Length = uint16(5 + MSCHAPChallengeSize + len(eap.Name)) // EAP header (4 bytes) + Type (1 byte) + Challenge + Name + // Calculate the MS-CHAPv2 Length + msChapV2Length := uint16(1 + 1 + 2 + 1 + MSCHAPChallengeSize + len(eap.Name)) // OpCode (1 byte) + MsIdentifier (1 byte) + MsChapV2Length (2 bytes) + ValueSize (1 byte) + Challenge + Name + eap.MsChapV2Length = msChapV2Length + + // Calculate the EAP Length + eap.Length = uint16(4 + msChapV2Length) // EAP header (4 bytes) + MS-CHAPv2 data return eap } @@ -64,12 +73,14 @@ func (eap *EAPMSCHAPv2Challenge) Serialize() []byte { // Write EAP header _ = binary.Write(buffer, binary.BigEndian, eap.EAPHeader) - // Write Type, OpCode, and ValueSize + // Write Type, OpCode, MsIdentifier, and MsChapV2Length buffer.WriteByte(eap.Type) buffer.WriteByte(eap.OpCode) - buffer.WriteByte(eap.ValueSize) + buffer.WriteByte(eap.MsIdentifier) + _ = binary.Write(buffer, binary.BigEndian, eap.MsChapV2Length) - // Write Challenge + // Write ValueSize and Challenge + buffer.WriteByte(eap.ValueSize) buffer.Write(eap.Challenge[:]) // Write Name @@ -286,18 +297,13 @@ func (s *AuthService) sendEapMsChapV2Request(w radius.ResponseWriter, r *radius. var resp = r.Response(radius.CodeAccessChallenge) name := "toughradius" - eapChallenge, err := generateRandomBytes(16) - if err != nil { - return err - } + eapMessage := NewEAPMSCHAPv2Challenge(r.Identifier, name) state := common.UUID() - s.AddEapState(state, rfc2865.UserName_GetString(r.Packet), eapChallenge, EapMschapv2Method) + s.AddEapState(state, rfc2865.UserName_GetString(r.Packet), eapMessage.Challenge[:], EapMschapv2Method) rfc2865.State_SetString(resp, state) - eapMessage := NewEAPMSCHAPv2Challenge(r.Identifier, name) - // 设置EAP-Message属性 _ = rfc2869.EAPMessage_Set(resp, eapMessage.Serialize()) _ = rfc2869.MessageAuthenticator_Set(resp, make([]byte, 16))