MSCHAP2 local Password change failure - "MS-CHAP-New-Cleartext-Password" char buffer not \0 terminated
Isaac Boukris
iboukris at gmail.com
Sat Sep 27 18:26:30 CEST 2014
Hi Alan,
On Sat, Sep 27, 2014 at 4:54 PM, Alan DeKok <aland at deployingradius.com> wrote:
> Isaac Boukris wrote:
>> I've encounter this issue while running some tests with the new
>> MSCHAP2 password change feature.
>
> I've pushed a fix.
>
> Alan DeKok.
I am getting a new error now.
# radiusd -v
radiusd: FreeRADIUS Version 3.0.5 (git #ba5087c), for host
i686-pc-linux-gnu, built on Sep 24 2014 at 20:22:52
(1) mschap : MS-CHAPv2 password change request received
(1) mschap : Password change payload valid
(1) mschap : Doing MS-CHAPv2 password change locally
CONSISTENCY CHECK FAILED src/lib/cursor.c[151]: VALUE_PAIR
"MS-CHAP-New-Cleartext-Password" length 8 is greater than char buffer
length 4
SOFT ASSERT FAILED src/lib/debug.c[1001]: 0
CAUGHT SIGNAL: User defined signal 1
Backtrace of last 35 frames:
/usr/local/lib/libfreeradius-radius.so(fr_fault+0x105)[0xfa9281]
...
I am currently testing with simple ASCII passwords, original is 'aaaa'
and the new is 'bbbb'.
Note that the decrypted password is in UTF-16-LE which - i think -
always uses 2 bytes for each character (not always actually, but even
for ASCII chars) so its length will be 8 in my test but after the
conversion to UTF-8 the length will depend on characters used and may
vary, in my test it will be 4 only since for ASCII characters UTF-8
uses one byte per char.
Thank you,
Isaac B.
More information about the Freeradius-Users
mailing list