-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Question] Anyone know of an EAP library? #9
Comments
I dont think there should be any problems implementing eap of some sort on top of this but i havent had the need or time. Then there is also tje question of which eap flavor?
…Sent from my iPhone
On 9. Apr 2020, at 23.58, Allen Byron Penner ***@***.***> wrote:
Anyone know of an EAP library that can be used with this?
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
by flavor I assume you mean which auth scheme? |
Yes exactly
…Sent from my iPhone
On 11. Apr 2020, at 2.16, Allen Byron Penner ***@***.***> wrote:
by flavor I assume you mean which auth scheme?
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
I think only a few really would need to be added since most only use a select few like mschapv2, I think md5 is kinda depreciated, etc... |
Mschapv2 and eap-tls i guess.
I actually got a bit inspired so if i have the time ill probably add eap message parsing and creation. Then it would also need to handle fragmented packets.
Then it would of course still need to do something sensible with the eap messages
…Sent from my iPhone
On 11. Apr 2020, at 21.26, Allen Byron Penner ***@***.***> wrote:
I think only a few really would need to be added since most only use a select few like mschapv2, I think md5 is kinda depreciated, etc...
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
Invoke a plugin :-) like everything else does. I have a guy working on adding it but he may have questions so I refereed him to this thread. |
Hey @vforteli , I am the guy @ByronAP referring to, The biggest issue I had came across is failure to parse all attributes by RadiusPacketParser library even though it has the same secret key, and with a bit of research it seems, it's using PEAP and EAP-TLS in top to be able to access the other attributes like User-Password, those other attributes are crucial to to implement the Mschapv2 handshake. How would you advise me to do this in an efficient way? |
Thats the thing, if its EAP the interesting attribute is eap-message. There can be several in one packet and then they have to be concatenated and then parsed. This should be doable with the library with a custom packet handler. Also if its EAP it shouldnt have a user-password at all
…Sent from my iPhone
On 15. Apr 2020, at 19.14, neals-sudo ***@***.***> wrote:
Hey @vforteli , I am the guy @ByronAP referring to, The biggest issue I had came across is failure to parse all attributes by RadiusPacketParser library even though it has the same secret key, and with a bit of research it seems, it's using PEAP and EAP-TLS in top to be able to access the other attributes like User-Password, that is crucial to to implement the Mschapv2 handshake.
How would you advise me to do this in an efficient way with speed in mind?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
Yeah it's just a lot of reading for us both as we try to figure out the whole flow and back and encryption/decryption properly. It is very cryptic when looking at the actual eap message bytes which I guess is the point and the docs are very scattered and seem to have t o be pieced together to make a working flow from what I have seen. |
Anyone know of an EAP library that can be used with this?
The text was updated successfully, but these errors were encountered: