📄 eapleap.c
字号:
// Set up our response frame. memcpy(outframe, answer, total_length); *outsize = total_length; if (answer != NULL) free(answer); answer=NULL; break; case EAP_SUCCESS: // *********************************************************************************************** debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) Got EAP-SUCCESS\n"); memset(chall_response, 0x0, 8); NtChallengeResponse((char *)leaprequest->randval, userdata->password, (char *)&chall_response, 0); GenerateNTResponse((char *)leapchallenges->pr, (char *)leapchallenges->pc, username, userdata->password, (char *) chall_response, 0); // store Access Point Challenge memcpy((uint8_t *)leapchallenges->apc, (char *)chall_response, 8); debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) GenerateNTResponse Calculated : "); debug_hex_printf(DEBUG_AUTHTYPES, (uint8_t *)&chall_response, 8); total_length = 8+3+strlen(username)+1; answer = (char *)malloc(total_length); if (answer == NULL) { debug_printf(DEBUG_NORMAL, "(EAP-LEAP) Couldn't allocate memory for building hash source!\n"); return XEMALLOC; } // Construct the LEAP request sub fields packet // let's start with the version number (LEAP subfield) // byte 0: Version // byte 1: Unused - Reserved // byte 2: Count // byte 3..10: MS-CHAP Nt Challenge Response // byte 11..m: username answer[0] = 0x01; answer[1] = 0x00; // Reserved - Unused answer[2] = 8; // Count // Include MSCHAP Challenge response in the built packet memcpy(&answer[3],&chall_response,8); // Include username in the built packet memcpy(&answer[8+3],username,strlen(username)+1); // be sure that the username (last field) will be NUL terminated! answer[strlen(answer)] = '\0'; // Set up our response frame. memcpy(outframe, answer, total_length); *outsize = total_length; // Store the new random value to the leapdata for further validation of the AP response ! memcpy((char *)leaprequest->randval, (char *)&chall_response,8); if (answer != NULL) free(answer); answer=NULL; debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) Request Packet for Mutual Authentication Built\n"); break; case EAP_RESPONSE: // *********************************************************************************************** // Verify an AP-Challenge Response from an EAP LEAP response frame. debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) Got EAP-RESPONSE\n"); debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) Verification phase....\n"); leapresponse = (struct leap_responses *)dataoffs; challenge_response_got = (uint8_t *)malloc(leapresponse->count+1); if (!challenge_response_got) { debug_printf(DEBUG_NORMAL, "(EAP-LEAP) challenge_response_got is NULL after malloc!\n"); } memcpy(challenge_response_got, &leapresponse->randval, leapresponse->count); // store Access Point Response memcpy((uint8_t *)leapchallenges->apr, (char *)leapresponse->randval, 24); // Let's construct the expected one memset(challenge_response_expected, 0x0, 24); // Calculate the 24 bytes MS-CHAP Challenge Response leap_mschap(userdata->password, (char *) challenge_response_expected); if (memcmp(challenge_response_got, challenge_response_expected, 24) == 0) { debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) AP ChallengeResponse got is valid.\n"); *outsize = 0; // Authentication was successful. mydata->eapsuccess = TRUE; } else { debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) AP ChallengeResponse got is NOT valid.\n"); *outsize = -1; return XELEAP; } if (challenge_response_got != NULL) free(challenge_response_got); // We were successful, so generate keying material. ntPwdHash(MD4Hash, userdata->password); md4_calc(MD4HashHash, MD4Hash, 16); debug_printf(DEBUG_AUTHTYPES, "leap_session_key : "); debug_hex_printf(DEBUG_AUTHTYPES, MD4HashHash, 16); debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) leapchallenges->pc : "); debug_hex_printf(DEBUG_AUTHTYPES, (uint8_t *)leapchallenges->pc, 8); debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) leapchallenges->pr : "); debug_hex_printf(DEBUG_AUTHTYPES, (uint8_t *)leapchallenges->pr, 24); debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) leapchallenges->apc : "); debug_hex_printf(DEBUG_AUTHTYPES, (uint8_t *)leapchallenges->apc, 8); debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) leapchallenges->apr : "); debug_hex_printf(DEBUG_AUTHTYPES, (uint8_t *)leapchallenges->apr, 24); GetMasterLEAPKey((char *)MD4HashHash, (char *) leapchallenges->apc, (char *) leapchallenges->apr, (char *) leapchallenges->pc, (char *) leapchallenges->pr, (char *)&MasterKey); debug_printf(DEBUG_AUTHTYPES, "MasterLEAPKey : "); debug_hex_printf(DEBUG_AUTHTYPES, (unsigned char *)&MasterKey, 16); // Finally, populate our thisint->keyingMaterial. if (mydata->keyingMaterial != NULL) { free(mydata->keyingMaterial); mydata->keyingMaterial = NULL; } mydata->keyingMaterial = (char *)malloc(64); // 32 bytes each. if (mydata->keyingMaterial == NULL) return XEMALLOC; bzero(mydata->keyingMaterial, 64); memcpy(&mydata->keyingMaterial[32], &MasterKey, 16); memcpy(mydata->keyingMaterial, &MasterKey, 16); break; } return XENONE;}/******************************************************* * * Assign our keying material. (Return -1 if we can't generate keys.) * *******************************************************/int eapleap_get_keys(struct interface_data *thisint){ struct leap_data *mydata; struct config_network *network_data; // If we return keys, we return 0. If we don't, return -1; if (!xsup_assert((thisint != NULL), "thisint != NULL", FALSE)) return XEMALLOC; network_data = config_get_network_config(); if (!xsup_assert((network_data != NULL), "network_data != NULL", FALSE)) return XEMALLOC; if (!xsup_assert((network_data->activemethod != NULL), "network_data->activemethod != NULL", FALSE)) return XEMALLOC; mydata = (struct leap_data *)network_data->activemethod->eap_data; // Right now, we don't return anything from LEAP. thisint->keyingMaterial = (uint8_t *) mydata->keyingMaterial; thisint->keyingLength = 16; // We only use 16 bytes for this keying material! return 0;}/******************************************************* * * Return if we have successfully authenticated. * *******************************************************/int eapleap_done(struct generic_eap_data *thisint){ struct leap_data *mydata; if (!xsup_assert((thisint != NULL), "thisint != NULL", FALSE)) return XEMALLOC; mydata = (struct leap_data *)thisint->eap_data; if (!xsup_assert((mydata != NULL), "mydata != NULL", FALSE)) return XEMALLOC; return mydata->eapsuccess;}/******************************************************* * * Clean up after ourselves. This will get called when we get a packet that * needs to be processed requests a different EAP type. It will also be * called on termination of the program. * *******************************************************/int eapleap_cleanup(struct generic_eap_data *thisint){ struct leap_data *mydata; if (!xsup_assert((thisint != NULL), "thisint != NULL", FALSE)) return XEMALLOC; if (!xsup_assert((thisint->eap_data != NULL), "thisint->eap_data != NULL", FALSE)) return XEMALLOC; mydata = (struct leap_data *)thisint->eap_data; if (mydata->keyingMaterial != NULL) { free(mydata->keyingMaterial); } free(mydata); debug_printf(DEBUG_AUTHTYPES, "(EAP-LEAP) Cleaning up.\n"); return XENONE;}/******************************************************** * * We failed authentication for some reason, so clear out our password so * that we are prompted again at a later time. * ********************************************************/int eapleap_failed(struct generic_eap_data *thisint){ struct config_eap_leap *userdata; if (!xsup_assert((thisint != NULL), "thisint != NULL", FALSE)) return XEMALLOC; if (!xsup_assert((thisint->eap_conf_data != NULL), "thisint->eap_conf_data != NULL", FALSE)) return XEMALLOC; userdata = (struct config_eap_leap *)thisint->eap_conf_data;#ifndef NO_PWD_RESET /* if (userdata->password != NULL) { free(userdata->password); userdata->password = NULL; } */#endif return XENONE;}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -