Re: [Seagull-users] freeradius performance testing with seagull

[Vladimir R. <vro...@gm...>]

1) <setfield name="Authenticator" value="0000000000000000">
</setfield> - this don't fill Authenticator field with zeroes. This
fill this field with 303030303030303030 (ASCII code for 0). I can't
find way to fill string filed with zeroes using script.
2) MD5_Update called in wrong order. " The Request Authenticator field
in Accounting-Request packets contains a one- way MD5 hash calculated
over a stream of octets consisting of the Code +   Identifier + Length
+ 16 zero octets + request attributes + shared secret" (from RFC). In
code field calculated as shared secret + Code +   Identifier + Length
+ 16 zero octets + request attributes.

This is original code from CryptExternalMethods.cpp
=============================================================================
int create_algo_MD5_radius(char          *  P_msg,
                           int              P_msg_size,
                           char          *  P_shared_secret,
                           unsigned char *  P_result) {
  int        L_ret         = 0 ;
  int        L_size_shared = 0 ;
..
  MD5_CTX    L_Md5Ctx ;

  if (P_shared_secret != NULL) {
    L_size_shared = strlen(P_shared_secret);
  }

  MD5_Init(&L_Md5Ctx);
  if (L_size_shared > 0) {
    MD5_Update(&L_Md5Ctx, P_shared_secret, L_size_shared);
  }
  MD5_Update(&L_Md5Ctx, P_msg, P_msg_size);
  MD5_Final(P_result, &L_Md5Ctx);

  return (L_ret);
}
===================================================================
This is my fixed version
===================================================================
int create_algo_MD5_radius(char          *  P_msg,
                           int              P_msg_size,
                           char          *  P_shared_secret,
                           unsigned char *  P_result) {
  int        L_ret         = 0 ;
  int        L_size_shared = 0 ;
..
  for (int j=0;j<16;j++) { //fill with zeroes Authenticator. Bad hack :(
    P_msg[j+4]=0;
  }

  MD5_CTX    L_Md5Ctx ;

  if (P_shared_secret != NULL) {
    L_size_shared = strlen(P_shared_secret);
  }

  MD5_Init(&L_Md5Ctx);
  MD5_Update(&L_Md5Ctx, P_msg, P_msg_size);
  if (L_size_shared > 0) {
    MD5_Update(&L_Md5Ctx, P_shared_secret, L_size_shared);
  }
  MD5_Final(P_result, &L_Md5Ctx);

  return (L_ret);
}
===========================================================

-- 
Vladimir Romanov