#include <assert.h>
+#include "smbdes.h"
+#include "mschap.h"
+
static int success = 0;
static int retries = 3;
static float timeout = 5;
free(radclient);
}
+static int mschapv1_encode(VALUE_PAIR **request, const char *password)
+{
+ unsigned int i;
+ VALUE_PAIR *challenge, *response;
+ uint8_t nthash[16];
+
+ challenge = paircreate(PW_MSCHAP_CHALLENGE, VENDORPEC_MICROSOFT, PW_TYPE_OCTETS);
+ if (!challenge) {
+ fprintf(stderr, "GOT IT %d!\n", __LINE__);
+ return 0;
+ }
+
+ pairadd(request, challenge);
+ challenge->length = 8;
+ for (i = 0; i < challenge->length; i++) {
+ challenge->vp_octets[i] = fr_rand();
+ }
+
+ response = paircreate(PW_MSCHAP_RESPONSE, VENDORPEC_MICROSOFT, PW_TYPE_OCTETS);
+ if (!response) {
+ fprintf(stderr, "GOT IT %d!\n", __LINE__);
+ return 0;
+ }
+
+ pairadd(request, response);
+ response->length = 50;
+ memset(response->vp_octets, 0, response->length);
+
+ response->vp_octets[1] = 0x01; /* NT hash */
+
+ mschap_ntpwdhash(nthash, password);
+
+ smbdes_mschap(nthash, challenge->vp_octets,
+ response->vp_octets + 26);
+ return 1;
+}
+
+
/*
* Initialize a radclient data structure and add it to
* the global linked list.
/*
* Keep a copy of the the User-Password attribute.
*/
- if ((vp = pairfind(radclient->request->vps, PW_USER_PASSWORD)) != NULL) {
+ if ((vp = pairfind(radclient->request->vps, PW_USER_PASSWORD, 0)) != NULL) {
strlcpy(radclient->password, vp->vp_strvalue,
sizeof(radclient->password));
/*
* Otherwise keep a copy of the CHAP-Password attribute.
*/
- } else if ((vp = pairfind(radclient->request->vps, PW_CHAP_PASSWORD)) != NULL) {
+ } else if ((vp = pairfind(radclient->request->vps, PW_CHAP_PASSWORD, 0)) != NULL) {
+ strlcpy(radclient->password, vp->vp_strvalue,
+ sizeof(radclient->password));
+
+ } else if ((vp = pairfind(radclient->request->vps, PW_MSCHAP_PASSWORD, 0)) != NULL) {
strlcpy(radclient->password, vp->vp_strvalue,
sizeof(radclient->password));
} else {
if (radclient->password[0] != '\0') {
VALUE_PAIR *vp;
- if ((vp = pairfind(radclient->request->vps, PW_USER_PASSWORD)) != NULL) {
+ if ((vp = pairfind(radclient->request->vps, PW_USER_PASSWORD, 0)) != NULL) {
strlcpy(vp->vp_strvalue, radclient->password,
sizeof(vp->vp_strvalue));
vp->length = strlen(vp->vp_strvalue);
- } else if ((vp = pairfind(radclient->request->vps, PW_CHAP_PASSWORD)) != NULL) {
+ } else if ((vp = pairfind(radclient->request->vps, PW_CHAP_PASSWORD, 0)) != NULL) {
/*
* FIXME: AND there's no CHAP-Challenge,
* AND vp->length != 17
vp->vp_octets,
radclient->request->id, vp);
vp->length = 17;
+
+ } else if (pairfind(radclient->request->vps, PW_MSCHAP_PASSWORD, 0) != NULL) {
+ mschapv1_encode(&radclient->request->vps,
+ radclient->password);
+ } else if (fr_debug_flag) {
+ printf("WARNING: No password in the request\n");
}
}
timeout = atof(optarg);
break;
case 'v':
- printf("radclient: $Id$ built on " __DATE__ " at " __TIME__ "\n");
+ printf("radclient: " RADIUSD_VERSION " built on " __DATE__ " at " __TIME__ "\n");
exit(0);
break;
case 'x':