Open part1cleth1ef opened 6 months ago
astr0n8t
commented
6 months ago Unfortunately not yet. Basically the rust radius bindings don't support 802.1x which is what implements it, so right now this only does MAC based auth and plaintext password. I either need to implement 802.1x myself or find a crate to do it, but as I really only use the MAC based auth I haven't gotten to it
part1cleth1ef
commented
6 months ago Currently, I'm working on an implementation of eap-mschapv2 however I'm having trouble with the message authenticator attrib, do you have any suspicions? "Invalid Message-Authenticator! Incoming RADIUS packet did not have correct Message-Authenticator - dropped"
both radtest and eapol_test return a similar error message, perhaps these calculate the authenticator in a slightly different way? weirdly I also check the incoming message authenticators and those are calculated correctly....
astr0n8t
commented
6 months ago I would check the packets over the wire with wireshark or tcpdump and then reference them vs the rfc for it. I had to do that because padding wasn't being added properly to some aspects and that helped me identify it
Will this support eap-mschapv2?