smbencrypt calculates false hash for German umlauts and other non-ASCII letters
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Sat Sep 7 17:57:05 CEST 2013
On 7 Sep 2013, at 16:43, Alan DeKok <aland at deployingradius.com> wrote:
> Matthias Nagel wrote:
>> Hi Phil,
>>> Probably a fairly trivial patch if you feel like it ;o)
>> I had a quick glace at the source code and I found two files named "smbencrypt.c". If you give me a hint, which is the correct file to start with, I will brosw the source code from that point and see what I can do. But probably not before next month.
>
> Please check src/modules/rlm_mschap/smbencrypt.c
>
> The main issue is that there is *no* character set information in the
> MS-CHAP calculations. The character set could be UTF-8, or any
> non-standard 16-bit encoding. So the calculation of the NT hash will
> depend on the character set... which is largely secret.
>
> This makes it very difficult to create the *correct* NT hash.
Can't we assume src as UTF8 for NAI (RFC4282)?
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team
More information about the Freeradius-Users
mailing list