Support for other hash (like MD5, SHA1) using MSCHAPv2
We use OpenLDAP here, and have many users with many fields userPassword each one with one hash like, MD5, SHA1, SSHA, SMD5 and others. Using PAP, work perfect, but, we want to use MSCHAPv2 because work with simple conf (thinking on user side) on Windows, MacOSX and sometimes Linux too. I read the rlm_mschap.c and see that code use SMB (using directly the domain or the ClearText password to generate NTLM encoding or OD of Apple, right?), but I need to auth using OpenLDAP, and using this hashes (we have a idP using shibboleth with this OpenLDAP too, but not think if it is possible to use with auth purpose on FreeRadius). Exist an explanation why this isn't exist? or only because isn't implemented yet? We think to use PAP code implementation to help our modification, of course, with that kind of modification don't represent a problem for the rlm_mschap.c module. Our idea is to get ClearText decoded on MSCHAP connection (get this information) and encode using OpenSSL (same form used on PAP) to check if hashes are the same of which were obtained from OpenLDAP. Regards, -- Brivaldo Junior/DIGR/NIN
Brivaldo Junior wrote:
We use OpenLDAP here, and have many users with many fields userPassword each one with one hash like, MD5, SHA1, SSHA, SMD5 and others. Using PAP, work perfect, but, we want to use MSCHAPv2 because work with simple conf (thinking on user side) on Windows, MacOSX and sometimes Linux too.
http://deployingradius.com/documents/protocols/compatibility.html
Our idea is to get ClearText decoded on MSCHAP connection (get this information) and encode using OpenSSL (same form used on PAP) to check if hashes are the same of which were obtained from OpenLDAP.
It's impossible. Alan DeKok.
Brivaldo Junior wrote:
We use OpenLDAP here, and have many users with many fields userPassword each one with one hash like, MD5, SHA1, SSHA, SMD5 and others. Using PAP, work perfect, but, we want to use MSCHAPv2 because work with simple conf (thinking on user side) on Windows, MacOSX and sometimes Linux too. http://deployingradius.com/documents/protocols/compatibility.html [1]
I read this... ok.
Our idea is to get ClearText decoded on MSCHAP connection (get this information) and encode using OpenSSL (same form used on PAP) to check if hashes are the same of which were obtained from OpenLDAP. It's impossible. Alan DeKok.
I really try to understand why it's impossible, because another softwares like dovecot and postfix do this. I imagine, the FreeRadius work with auth using another form (OpenLDAP is used do retrieve information, not to parse or auth, and of course, I see this enviroment on FreeRadius, and like it). Get information of OpenLDAP, encode password from user, and compare each other, this idea is so simple, of course, on simple enviroment too. On this case, I will use the "hard way", to understand why it's impossible. Thanks for information Alan, Brivaldo Jr
Brivaldo Junior wrote:
I really try to understand why it's impossible, because another softwares like dovecot and postfix do this.
Nonsense. You *cannot* turn MS-CHAP into the cleartext-password. It's impossible.
I imagine, the FreeRadius work with auth using another form (OpenLDAP is used do retrieve information, not to parse or auth, and of course, I see this enviroment on FreeRadius, and like it).
Get information of OpenLDAP, encode password from user, and compare each other, this idea is so simple, of course, on simple enviroment too. On this case, I will use the "hard way", to understand why it's impossible.
Yes, *that* is possible. Turning Cleartext-Password into MS-CHAP. But that's not what you asked. Alan DeKok.
On Wed, Feb 02, 2011 at 01:46:11PM -0300, Brivaldo Junior wrote:
I really try to understand why it's impossible, because another softwares like dovecot and postfix do this.
I think you're looking at things like POP3 USER/PASS and SMTP AUTH PLAIN authentication, where in both cases the user sends the cleartext password to the server. Using the cleartext password you can do lots of things (such as compare it to a hash of the password, or use it to login to another service). Of course, it also means the actual password is being sent across the wire and is therefore vulnerable. This is how PAP works. CHAP and MS-CHAP don't work that way. The server sends a random string, known as the "CHAP challenge", and the client sends back a hash of (challenge + password). This hashed value is only of use to you if you already know the cleartext password, because you can calculate the hash of (same challenge + expected password) and see if you get the same value, and so decide if the user knows the correct password. But you can't use the CHAP response to login to anything else. You can't even use it to login to another machine which uses CHAP, because it will send you a different CHAP challenge, and you can't calculate the CHAP response without knowing the cleartext password. The nearest thing to this in the POP world is APOP (RFC 1939). You can't use an APOP response to make an LDAP bind; you would have to read the cleartext password out of LDAP to validate the response. HTH, Brian.
string, known as the "CHAP challenge", and the client sends back a hash of (challenge + password). This hashed value is only of use to you if you
after I read a little of MSCHAP RFC, I understand this.
already know the cleartext password, because you can calculate the hash of (same challenge + expected password) and see if you get the same value, and so decide if the user knows the correct password. But you can't use the CHAP response to login to anything else. You can't even use
Thanks for support, I spend some hours, but I really learn more, and this is a good thing. Regards, Brivaldo Jr
participants (3)
-
Alan DeKok -
Brian Candler -
Brivaldo Junior