Bug 38785 - univention-radius-ntlm-auth breaks with certain passwords
univention-radius-ntlm-auth breaks with certain passwords
Product: UCS
Classification: Unclassified
Component: Radius
UCS 4.0
Other Linux
: P5 normal (vote)
: UCS 4.0-3-errata
Assigned To: Felix Botner
Daniel Tröder
Depends on:
Blocks: 38794 39301
  Show dependency treegraph
Reported: 2015-06-29 11:12 CEST by Janis Meybohm
Modified: 2018-11-09 14:20 CET (History)
2 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

/usr/share/pyshared/univention/pyMsChapV2.py (6.78 KB, text/x-python)
2015-09-02 18:32 CEST, Felix Botner

Note You need to log in before you can comment on or make changes to this bug.
Description Janis Meybohm univentionstaff 2015-06-29 11:12:16 CEST

univention-radius-ntlm-auth breaks with certain passwords used.
Concrete example with user "lisa" and password "taylor21." (sambaNTPassword == 00563126F04F3875C417F789B00E72D2).

# radtest -t mschap lisa taylor21. localhost 10 testing123 
Sending Access-Request of id 110 to port 1812                                                                                                                                                        
        User-Name = "lisa"                                                                                                                                                                                     
        NAS-IP-Address =                                                                                                                                                                           
        NAS-Port = 10                                                                                                                                                                                          
        MS-CHAP-Challenge = 0x5355f4fc60c8888a                                                                                                                                                                 
        MS-CHAP-Response = 0x00010000000000000000000000000000000000000000000000009681672b365655d0592c3e4009547b9e11bc751b6e97943b                                                                              
rad_recv: Access-Reject packet from host port 1812, id=110, length=38                                                                                                                                
        MS-CHAP-Error = "\000E=691 R=1" 

# univention-radius-ntlm-auth --request-nt-key --username=lisa --challenge=5355f4fc60c8888a --nt-response=9681672b365655d0592c3e4009547b9e11bc751b6e97943b --station-id=b4-52-7e-3e-1a-67
Traceback (most recent call last):
  File "/usr/bin/univention-radius-ntlm-auth", line 81, in <module>
  File "/usr/bin/univention-radius-ntlm-auth", line 73, in main
    if PasswordHash and pyMsChapV2.ChallengeResponse(options.Challenge, PasswordHash) == options.Response:
  File "/usr/lib/pymodules/python2.6/univention/pyMsChapV2.py", line 77, in ChallengeResponse
    Response = DesEncrypt(Challenge, ZPasswordHash[0:7])
  File "/usr/lib/pymodules/python2.6/univention/pyMsChapV2.py", line 55, in DesEncrypt
    return pyDes.des(expandDesKey(key), pyDes.ECB).encrypt(data)
  File "/usr/lib/pymodules/python2.6/univention/pyDes.py", line 400, in __init__
    raise ValueError("Invalid DES key size. Key must be exactly 8 bytes long.")
ValueError: Invalid DES key size. Key must be exactly 8 bytes long.

Looks like DesEncrypt expandDesKey fails to return 8 byte string here.
Comment 1 Felix Botner univentionstaff 2015-09-02 18:32:54 CEST
Created attachment 7152 [details]

Here is a replacement for /usr/share/pyshared/univention/pyMsChapV2.py from univention-radius which uses a different method for expanding keys to 8 bit (stolen from univention-squid).

Seems to work in my tests.

Maybe even better we use passlib.utils.des, which is part of the debian package python-passlib (already maintained).

This does the encryption and expansion and would be a replacement for the whole univention.pyDes stuff.

import passlib.utils.des
passlib.utils.des.des_encrypt_block(key, data)
Comment 2 Felix Botner univentionstaff 2015-09-03 11:13:49 CEST
Replaced univention.pyMsChapV2.DesEncrypt.expandDesKey() with convertKey() from univention-squid. Added some more tests.
4.0-3: r63424
4.1-0: r63427

Create Bug #39301 for replacing this with passlib.utils.des.des_encrypt_block(key, data)

YAML: 2015-09-03-univention-radius.yaml
Comment 3 Daniel Tröder univentionstaff 2015-09-04 13:01:46 CEST
OK: automated test
OK: manual test
 * install radius app, add user lisa, univention-radius-ntlm-auth → Traceback
 * upgrade to fixed version of univention-radius, univention-radius-ntlm-auth → OK
OK: merge to 4.1
Comment 4 Janek Walkenhorst univentionstaff 2015-10-14 14:58:01 CEST