diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2006-05-24 18:06:09 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2006-05-24 18:06:09 +0000 |
commit | 409d2492682478aa3b1f79117bbe21fa6f18ddeb (patch) | |
tree | e1c6058851b5c7317db46af7bd3e7fdcff96a9e5 /usr/local/captiveportal | |
parent | 16eb509a0d3f5052328912742272354bd01cb128 (diff) | |
download | pfsense-409d2492682478aa3b1f79117bbe21fa6f18ddeb.zip pfsense-409d2492682478aa3b1f79117bbe21fa6f18ddeb.tar.gz |
Fix > 16 char password auth issues.
Diffstat (limited to 'usr/local/captiveportal')
-rw-r--r-- | usr/local/captiveportal/radius_authentication.inc | 45 |
1 files changed, 34 insertions, 11 deletions
diff --git a/usr/local/captiveportal/radius_authentication.inc b/usr/local/captiveportal/radius_authentication.inc index 86e5bfe..7417029 100644 --- a/usr/local/captiveportal/radius_authentication.inc +++ b/usr/local/captiveportal/radius_authentication.inc @@ -105,25 +105,48 @@ function RADIUS_AUTHENTICATION($username,$password,$radiusip,$radiusport,$radius // 3 -> Access-Reject // See RFC2865 for this. } - +/* +* $password = users password +* $key = shared secret +* $RA = Request Authenticator (random value it seems like) +*/ function Encrypt($password,$key,$RA) { global $debug; - $keyRA=$key.$RA; - if ($debug) - echo "<br>key: $key<br>password: $password<hr>\n"; + echo "<br>key: $key<br>password: $password<hr>\n"; - $md5checksum=md5($keyRA); $output=""; + $passlen = strlen($password); + /* figure out the number of xor rounds we need to run through */ + for ($i=16; $i <= 128; $i += 16) { + if ($len <= $i) { + $rounds = $i/16; + break; + } + } - for ($i=0;$i<=15;$i++) { - if (2*$i>strlen($md5checksum)) $m=0; else $m=hexdec(substr($md5checksum,2*$i,2)); - if ($i>strlen($keyRA)) $k=0; else $k=ord(substr($keyRA,$i,1)); - if ($i>strlen($password)) $p=0; else $p=ord(substr($password,$i,1)); - $c=$m^$p; - $output.=chr($c); + $z = 0; // How many chars have we xor'd + for ($x=0; $x<=$rounds; $x++) { + $keyRA=$key.$RA; + $md5checksum=md5($keyRA); + + // Loop 16 times (md5() output / 2) + for ($i=0;$i<=15;$i++) { + // Convert md5 hex output to decimal (md5 lengths are 32 chars) + if (2*$i>32) $m=0; else $m=hexdec(substr($md5checksum,2*$i,2)); + // get the decimal character value for this character in the password + if ($z>$passlen-1) $p=0; else $p=ord(substr($password,$z,1)); + // xor the md5 character with the password character + $c=$m^$p; + // Convert back to 8-bit output + $output.=chr($c); + $z++; + } + $RA=$output; } + return $output; } + ?> |