kevinowino869/mitrobill
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

simplify Chap verify RadiusRest

Browse Source
This commit is contained in:
Ibnu Maksum 2024-08-07 11:10:43 +07:00
parent e5ff8c5675
commit f1a9ad6d63
No known key found for this signature in database
GPG Key ID: 7FC82848810579E5
2 changed files with 56 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
radius.php
View File

@ -38,11 +38,30 @@ try {
case 'authenticate':
$username = _req('username');
$password = _req('password');
if (empty($username) || empty($password)) {
show_radius_result([
"control:Auth-Type" => "Reject",
"reply:Reply-Message" => 'Login invalid'
], 401);
$CHAPassword = _req('CHAPassword');
$CHAPchallenge = _req('CHAPchallenge');
if (!empty($CHAPassword)) {
$c = ORM::for_table('tbl_customers')->select('password')->where('username', $username)->find_one();
//if verified
if (Password::chap_verify($c['password'], $CHAPassword, $CHAPchallenge)) {
$password = $c['password'];
$isVoucher = false;
}else{
// check if voucher
if (Password::chap_verify($username, $CHAPassword, $CHAPchallenge)) {
$isVoucher = true;
$password = $username;
} else {
show_radius_result(['Reply-Message' => 'Username or Password is wrong'], 401);
}
}
} else {
if (empty($username) || empty($password)) {
show_radius_result([
"control:Auth-Type" => "Reject",
"reply:Reply-Message" => 'Login invalid......'
], 401);
}
}
if ($username == $password) {
$d = ORM::for_table('tbl_voucher')->where('code', $username)->find_one();
@ -68,22 +87,24 @@ try {
$username = _req('username');
$password = _req('password');
$isVoucher = ($username == $password);
$real = _req('CHAPassword');
$challenge = _req('CHAPchallenge');
if (!empty($real)) { //aktif hanya kalo chappasword ada isinya
$dd = ORM::for_table('tbl_customers')->select('password')->where('username', $username)->find_one();
$pwd = $dd['password']; //ambil password text
$challenger = hex2bin(substr($challenge, 2)); //buang 0x
$realr = substr($real, 2); //buang 0x lagi
$chapid = substr($realr, 0, 2); //ambil chap-id dari chap-pass
$chapidr = hex2bin($chapid); //konvert chap-id
$result = $chapidr . $pwd . $challenger; //mix semua
$response = $chapid . md5($result); //enkripsi lagi hasilnya trus di mix sama chap id
if ($response != $realr) { //begal kalo hasil gak sama
show_radius_result(['Reply-Message' => 'Username or Password is wrong'], 401);
$CHAPassword = _req('CHAPassword');
$CHAPchallenge = _req('CHAPchallenge');
if (!empty($CHAPassword)) {
$c = ORM::for_table('tbl_customers')->select('password')->where('username', $username)->find_one();
//if verified
if (Password::chap_verify($c['password'], $CHAPassword, $CHAPchallenge)) {
$password = $c['password'];
$isVoucher = false;
}else{
// check if voucher
if (Password::chap_verify($username, $CHAPassword, $CHAPchallenge)) {
$isVoucher = true;
$password = $username;
} else {
show_radius_result(['Reply-Message' => 'Username or Password is wrong'], 401);
}
}
//if ($response == $realr) { echo 'ok betul 100'; }else{ echo 'salah'; } // untuk keperluan debug
//if ($response == $CHAPr) { echo 'ok betul 100'; }else{ echo 'salah'; } // untuk keperluan debug
} else { //kalo chappassword kosong brrti eksekusi yg ini
if (empty($username) || empty($password)) {

15
system/autoload/Password.php
View File

@ -32,4 +32,19 @@ class Password
$pass = substr(str_shuffle(str_repeat('ABCDEFGHIJKLMNPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz@#!123456789', 8)), 0, 8);
return $pass;
}
/**
* verify CHAP password
* @param string $realPassword
* @param string $CHAPassword
* @param string $CHAPChallenge
* @return bool
*/
public static function chap_verify($realPassword, $CHAPassword, $CHAPChallenge){
$CHAPassword = substr($CHAPassword, 2);
$chapid = substr($CHAPassword, 0, 2);
$result = hex2bin($chapid) . $realPassword . hex2bin(substr($CHAPChallenge, 2));
$response = $chapid . md5($result);
return ($response != $CHAPassword);
}
}