Re: [RADIATOR] Special characters in passwords using mschapv2 (eduroam)

2018-07-04 Thread Henk van Lingen 
On Tue, Jul 03, 2018 at 07:02:15PM +0200, Alfred Reibenschuh wrote:
  > hello
  > 
  > 
  > seams like the Radius::MSCHAP::ASCIItoUnicode function is not Unicode save.

  It looks like in my case the function check_mschapv2 is called whereas
  ASCIItoUnicode is being used in check_mschapv2_plaintext?

  I'm trying to understand how this works. Am i right that the
  eduroam client is creating the respons hash and radiator is making the
  challenge hash based on the plaintext pwd it gets from the LDAP server
  (via GetNovellUP)?

  Regards,

-- 
Henk van Lingen, ITS Infrastructuur & Exploitatie, 
Universiteit Utrecht, Heidelberglaan 8, room 3.50
phone: +31-30-2538453   
___
radiator mailing list
[email protected]
http://lists.open.com.au/mailman/listinfo/radiator

Re: [RADIATOR] Special characters in passwords using mschapv2 (eduroam)

2018-07-03 Thread Alfred Reibenschuh 
hello
 
 
seams like the Radius::MSCHAP::ASCIItoUnicode function is not Unicode save.
 
should use the right encoding like that:
 

use Encode qw/encode/;
 
sub ASCIItoUnicode{    return encode("UCS-2LE", $_[0]);}

 
 
Yours sincerelyAlfred ReibenschuhNetwork-Management ArchitectCOE Network-Service-Delivery-ManagementNetwork & Telecommunication ATV.T.S. Value Transformation Services GmbHAn IBM CompanyObere Donaustrasse 951020 WienPhone: +43-1-2056320-143Mobile: +43-664-3523820mailto:[email protected] consider the environment before printing this e-mail.This e-mail is confidential and may also contain privileged information. If you are not the intended recipient you are not authorized to read, print, save, process or disclose this message. If you have received this message by mistake, please inform the sender immediately and delete this e-mail, its attachments and any copies.Any use, distribution, reproduction or disclosure by any person other than the intended recipient is strictly prohibited and the person responsible may incur penalties.Thank you! 
 
 
- Original message -From: [email protected] by: "radiator" To: [email protected]:Subject: radiator Digest, Vol 110, Issue 1Date: Tue, Jul 3, 2018 2:00 PM 
Send radiator mailing list submissions [email protected] subscribe or unsubscribe via the World Wide Web, visithttp://lists.open.com.au/mailman/listinfo/radiatoror, via email, send a message with subject or body 'help' [email protected] can reach the person managing the list [email protected] replying, please edit your Subject line so it is more specificthan "Re: Contents of radiator digest..."Today's Topics:   1. Special characters in passwords using mschapv2 (eduroam)      (Henk van Lingen)--Message: 1Date: Mon, 2 Jul 2018 14:11:26 +0200From: Henk van Lingen To: Subject: [RADIATOR] Special characters in passwords using mschapv2(eduroam)Message-ID: <[email protected]>Content-Type: text/plain; charset="us-ascii"Hi,Does anybody know if it should be possible to use characters > ascii-127in passwords when using radiator in an eduroam setup in combination with anNovell LDAP server providing 'Novel Universal Passwords' for the innerauthentication.All works well as long as users don't use exotic characters. If they do thehashes compared in/usr/lib/perl5/site_perl/5.14.2/Radius//AuthGeneric.pmare different.Regards,--Henk van Lingen, ITS Infrastructuur & Exploitatie,Universiteit Utrecht, Heidelberglaan 8, room 3.50phone: +31-30-2538453  --Subject: Digest Footer___radiator mailing [email protected]://lists.open.com.au/mailman/listinfo/radiator--End of radiator Digest, Vol 110, Issue 1 
 

___
radiator mailing list
[email protected]
http://lists.open.com.au/mailman/listinfo/radiator