Mikrotik Dissconect

[Alan DeKok]

f0rud wrote:
> Thats the problem, version 1.1.8 have no problem!(This time I check this
> myself. with the code from download page.)

  OK... you haven't said which version of FreeRADIUS you're using.  Let
me guess: it's not 2.1.9.

>>> I see the code for another messages (for ex: PW_AUTHENTICATION_REQUEST)
>>> you just ignore the code,
>>   Uh... no.  It does not do that.
>>
> So check this at radius.c about line 2110

  <sigh>  Please read the text you post to the list.

> 		case PW_AUTHENTICATION_REQUEST:
> 		case PW_STATUS_SERVER:
> 			/*
> 			 *	The authentication vector is random
> 			 *	nonsense, invented by the client.
> 			 */

  What do you think that means?

> and after this break, the function return 0 that means OK , so where the
> code take care of this messages digest?

  It doesn't.  It's not *supposed* to.  Read the RFCs.

> This timing attack (I read the comment on the code) so bypassing this
> function (rad_verify) means some one can do this attack,

  Nonsense.  The timing attack is being able to tell the difference
between comparing 8, or 16 bytes for equality. "Bypassing the function"
means it always compares *zero* bytes for equality.

  How do you do a timing attack by telling the difference between
comparing zero, or zero bytes for equality?  The answer is: you don't.

> and If yo don't
> believe me, check the code, any PW_AUTHENTICATION_REQUEST package will
> pass this function. 
> so what difference, and why this pass exist at all when there is some
> exception?

  I suggest reading the code *and* the RFCs before leaping to conclusions.

  Alan DeKok.