Mac OSX + PEAP/MSCHAPv2 + Special characters in password
Stefan Paetow
Stefan.Paetow at ja.net
Wed May 14 17:36:41 CEST 2014
Unfortunately all too much software makes that mistake. :-/
Stefan
-----Original Message-----
From: freeradius-users-bounces+stefan.paetow=ja.net at lists.freeradius.org [mailto:freeradius-users-bounces+stefan.paetow=ja.net at lists.freeradius.org] On Behalf Of Phil Mayers
Sent: 14 May 2014 16:03
To: freeradius-users at lists.freeradius.org
Subject: Re: Mac OSX + PEAP/MSCHAPv2 + Special characters in password
On 14/05/14 14:21, Olivier Beytrison wrote:
> On 14.05.2014 15:12, Phil Mayers wrote:
>> What locale are those OSX devices set to?
>
> fr_CH.UTF-8
They could be making the obvious mistake of treating the password as bytes rather than a unicode string, and generating "pseudo" utf-16-le by padding "xyz" to "x\x00y\x00z\x00"
The string:
test§
...is UTF-8 bytes 74657374c2a7 (note the "c2" in penultimate octet)
...but UTF-16-LE 7400650073007400a700
If they are making this obvious mistake, they're effectively generating the MD4/NT hash from "test§" instead of "test§". Might be possible to confirm this by changing the server-side password to the "wrong" one.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Janet(UK) is a trading name of Jisc Collections and Janet Limited, a
not-for-profit company which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238
More information about the Freeradius-Users
mailing list