Merge branch 'develop'

talkincode · Dec 30, 2023 · 3e7bb78 · 3e7bb78
2 parents 5cf74e3 + 31bc3b3
commit 3e7bb78
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 26 deletions.
diff --git a/assets/buildinfo.txt b/assets/buildinfo.txt
@@ -1,8 +1,8 @@
-BuildVersion=latest v8.0.4 2023-12-31 03:10:51
+BuildVersion=latest v8.0.4 2023-12-31 03:36:45
 ReleaseVersion=v8.0.4
-BuildTime=2023-12-31 03:10:51
+BuildTime=2023-12-31 03:36:45
 BuildName=toughradius
-CommitID=8add7ca3ca44fb2c53d130115854f0e5f2e2b032
-CommitDate=Thu, 28 Dec 2023 23:06:09 +0800
+CommitID=f871aea6d9c0c3eda4f50423d44c241822bf3154
+CommitDate=Sun, 31 Dec 2023 03:11:03 +0800
 CommitUser=jamiesun.net@gmail.com
-CommitSubject=2023-12-28 23:05:59 : translate
+CommitSubject=2023-12-31 03:10:51 : mschapv2 auth
diff --git a/toughradius/radius_eap_mschapv2.go b/toughradius/radius_eap_mschapv2.go
@@ -27,11 +27,13 @@ const (
 // EAPMSCHAPv2Challenge represents an EAP-MSCHAPv2 Challenge message.
 type EAPMSCHAPv2Challenge struct {
 	EAPHeader
-	Type      uint8
-	OpCode    uint8
-	ValueSize uint8
-	Challenge [MSCHAPChallengeSize]byte
-	Name      []byte
+	Type           uint8
+	OpCode         uint8
+	MsIdentifier   uint8
+	MsChapV2Length uint16
+	ValueSize      uint8
+	Challenge      [MSCHAPChallengeSize]byte
+	Name           []byte
 }
 
 // NewEAPMSCHAPv2Challenge creates a new EAP-MSCHAPv2 Challenge packet with a random challenge.
@@ -46,14 +48,21 @@ func NewEAPMSCHAPv2Challenge(identifier uint8, name string) *EAPMSCHAPv2Challeng
 			Identifier: identifier,
 			Length:     0, // Will be set later
 		},
-		Type:      EAPTypeMSCHAPv2,
-		OpCode:    MSCHAPv2Challenge,
-		ValueSize: MSCHAPChallengeSize,
-		Challenge: challenge,
-		Name:      []byte(name),
+		Type:           EAPTypeMSCHAPv2,
+		OpCode:         MSCHAPv2Challenge,
+		MsIdentifier:   identifier, // Assuming the same as EAP Identifier
+		MsChapV2Length: 0,          // Will be set later
+		ValueSize:      MSCHAPChallengeSize,
+		Challenge:      challenge,
+		Name:           []byte(name),
 	}
 
-	eap.Length = uint16(5 + MSCHAPChallengeSize + len(eap.Name)) // EAP header (4 bytes) + Type (1 byte) + Challenge + Name
+	// Calculate the MS-CHAPv2 Length
+	msChapV2Length := uint16(1 + 1 + 2 + 1 + MSCHAPChallengeSize + len(eap.Name)) // OpCode (1 byte) + MsIdentifier (1 byte) + MsChapV2Length (2 bytes) + ValueSize (1 byte) + Challenge + Name
+	eap.MsChapV2Length = msChapV2Length
+
+	// Calculate the EAP Length
+	eap.Length = uint16(4 + msChapV2Length) // EAP header (4 bytes) + MS-CHAPv2 data
 	return eap
 }
 
@@ -64,12 +73,14 @@ func (eap *EAPMSCHAPv2Challenge) Serialize() []byte {
 	// Write EAP header
 	_ = binary.Write(buffer, binary.BigEndian, eap.EAPHeader)
 
-	// Write Type, OpCode, and ValueSize
+	// Write Type, OpCode, MsIdentifier, and MsChapV2Length
 	buffer.WriteByte(eap.Type)
 	buffer.WriteByte(eap.OpCode)
-	buffer.WriteByte(eap.ValueSize)
+	buffer.WriteByte(eap.MsIdentifier)
+	_ = binary.Write(buffer, binary.BigEndian, eap.MsChapV2Length)
 
-	// Write Challenge
+	// Write ValueSize and Challenge
+	buffer.WriteByte(eap.ValueSize)
 	buffer.Write(eap.Challenge[:])
 
 	// Write Name
@@ -286,18 +297,13 @@ func (s *AuthService) sendEapMsChapV2Request(w radius.ResponseWriter, r *radius.
 	var resp = r.Response(radius.CodeAccessChallenge)
 
 	name := "toughradius"
-	eapChallenge, err := generateRandomBytes(16)
-	if err != nil {
-		return err
-	}
+	eapMessage := NewEAPMSCHAPv2Challenge(r.Identifier, name)
 
 	state := common.UUID()
-	s.AddEapState(state, rfc2865.UserName_GetString(r.Packet), eapChallenge, EapMschapv2Method)
+	s.AddEapState(state, rfc2865.UserName_GetString(r.Packet), eapMessage.Challenge[:], EapMschapv2Method)
 
 	rfc2865.State_SetString(resp, state)
 
-	eapMessage := NewEAPMSCHAPv2Challenge(r.Identifier, name)
-
 	// 设置EAP-Message属性
 	_ = rfc2869.EAPMessage_Set(resp, eapMessage.Serialize())
 	_ = rfc2869.MessageAuthenticator_Set(resp, make([]byte, 16))