Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Having trouble with Windows & Android #111

Open
afgarcia86 opened this issue Feb 13, 2021 · 5 comments
Open

Having trouble with Windows & Android #111

afgarcia86 opened this issue Feb 13, 2021 · 5 comments

Comments

@afgarcia86
Copy link

I am super excited to find this package as I am like a lost boy trying to read through the Free Radius docs.

I am trying to put together a POC using the StaticAuth which if I can get working I will replace with our custom oAuth solution. However I am hitting a wall on Windows & Android. iOS and OSX connected without issues, from what I gather Android seems to want me to install the CA pem however even after that I can't get the credentials to validate. I don't have a windows machine on me but I am pretty sure its a similar problem my co-worker was having when we were testing.

I am hoping there is just something simple I am missing and if you have anything you can share to unblock me I will be really grateful!

Thanks for sharing this package regardless, it has helped me wrap my head around Radius servers very quickly.
@afgarcia86
Copy link
Author

So I figured out why the StaticAuth was failing for me on Android.

The 'User-Password' buffer had extra empty bytes. I added these lines on line 17 of UserPasswordHandler.ts.

const passwordBuffer = packet.attributes['User-Password'];
const password = passwordBuffer.slice(0, passwordBuffer.indexOf(0x00));

Still need to test on Windows to confirm it was the same issue.

Any thoughts on how difficult it would be to enable PEAP authentication?

@simllll
Copy link
Owner

simllll commented Feb 18, 2021
edited
Loading

Feel free to open a PR to address the issue in the code base!

Regarding PEAP: PEAP itself is not the challenge, I think that would be easily possible. The main problem is that as far as I remember PEAP only works with mschapv2 on windows, and mschapv2 is not so easy to implement yourself.. if I remember correctly you need some kind of certificates, but not quite sure what made it look quite difficult.

But feel free to look into it. Try to find all related Rfcs, the radius server itself should be modular enough to extend. In case you have any specific questions, just let me know ;)

@afgarcia86
Copy link
Author

So I have been giving adding PEAP a go and I have hit a wall when it comes to sending the encrypted data. I was able to get MD5 working which I realize is not widely used due to it being insecure. Going to just put my work in progress here and hopefully I can make some time to keep cracking away at this. PEAP is just the default network on android so I am hoping to get it working otherwise I imagine support will get a lot of calls from people not being able to connect to the network.

https://github.com/afgarcia86/node-radius-server/tree/eap-methods

@simllll
Copy link
Owner

simllll commented Feb 24, 2021
edited
Loading

Nice work! Thanks for you work! Just quickly looked over it, if you open a PR I will add some feedback if you like :)

@afgarcia86
Copy link
Author

I opened a PR, I was planning on cleaning it up a lot more before actually opening it but I figure this will allow us to talk about specific areas of the code more easily. I added some comments as well.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@afgarcia86 @simllll