From d8a625be03f260b13c569b44f431351c008eb294 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Fri, 23 May 2025 21:24:26 +0200 Subject: [PATCH] fix a bunch of stuff ig Signed-off-by: Jens Langhammer --- internal/outpost/radius/eap/handler.go | 34 ++++++++----------- .../radius/eap/protocol/peap/payload.go | 10 +++++- 2 files changed, 24 insertions(+), 20 deletions(-) diff --git a/internal/outpost/radius/eap/handler.go b/internal/outpost/radius/eap/handler.go index 69fe8df5d1..ba807bdc10 100644 --- a/internal/outpost/radius/eap/handler.go +++ b/internal/outpost/radius/eap/handler.go @@ -119,7 +119,21 @@ func (p *Packet) handleEAP(pp protocol.Payload, stm protocol.StateManager) (*eap } ctx.log.Debug("Root-EAP: Passing to protocol") - res := p.GetChallengeForType(ctx, np, t) + res := &eap.Payload{ + Code: protocol.CodeRequest, + ID: p.eap.ID + 1, + MsgType: t, + } + var payload any + if ctx.IsProtocolStart(t) { + p.eap.Payload = np + p.eap.Payload.Decode(pp.(*eap.Payload).RawPayload) + } + payload = p.eap.Payload.Handle(ctx) + if payload != nil { + res.Payload = payload.(protocol.Payload) + } + stm.SetEAPState(p.state, st) if ctx.endModifier != nil { @@ -145,24 +159,6 @@ func (p *Packet) handleInner() (*eap.Payload, error) { return p.handleEAP(p.eap, p.stm) } -func (p *Packet) GetChallengeForType(ctx *context, np protocol.Payload, t protocol.Type) *eap.Payload { - res := &eap.Payload{ - Code: protocol.CodeRequest, - ID: p.eap.ID + 1, - MsgType: t, - } - var payload any - if ctx.IsProtocolStart(t) { - p.eap.Payload = np - p.eap.Payload.Decode(p.eap.RawPayload) - } - payload = p.eap.Payload.Handle(ctx) - if payload != nil { - res.Payload = payload.(protocol.Payload) - } - return res -} - func (p *Packet) setMessageAuthenticator(rp *radius.Packet) error { _ = rfc2869.MessageAuthenticator_Set(rp, make([]byte, 16)) hash := hmac.New(md5.New, rp.Secret) diff --git a/internal/outpost/radius/eap/protocol/peap/payload.go b/internal/outpost/radius/eap/protocol/peap/payload.go index 774aaa8cfd..54721420eb 100644 --- a/internal/outpost/radius/eap/protocol/peap/payload.go +++ b/internal/outpost/radius/eap/protocol/peap/payload.go @@ -46,13 +46,16 @@ func (p *Payload) Decode(raw []byte) error { } func (p *Payload) Encode() ([]byte, error) { + log.Debug("PEAP: Encode") return p.eap.Encode() } // Inner EAP packets in PEAP may not include the header, hence we need a custom decoder // https://datatracker.ietf.org/doc/html/draft-kamath-pppext-peapv0-00.txt#section-1.1 func (p *Payload) eapInnerDecode(ctx protocol.Context) (*eap.Payload, error) { - ep := &eap.Payload{} + ep := &eap.Payload{ + Settings: p.GetEAPSettings(), + } rootEap := ctx.RootPayload().(*eap.Payload) fixedRaw := []byte{ byte(rootEap.Code), @@ -71,6 +74,10 @@ func (p *Payload) eapInnerDecode(ctx protocol.Context) (*eap.Payload, error) { return ep, nil } +func (p *Payload) eapEncodeInner(ctx protocol.Context) ([]byte, error) { + return []byte{}, nil +} + func (p *Payload) Handle(ctx protocol.Context) protocol.Payload { defer func() { ctx.SetProtocolState(TypePEAP, p.st) @@ -101,6 +108,7 @@ func (p *Payload) Handle(ctx protocol.Context) protocol.Payload { ID: rootEap.ID + 1, } } + p.eap = ep ctx.Log().Debugf("PEAP: Decoded inner EAP to %s", ep.String()) res, err := ctx.HandleInnerEAP(ep, p)