(RADIATOR) Problem with Tunnel-Password encryption
Francisco Rodrigo Cortinas Maseda
francisco.cortinas at jazztel.com
Wed Apr 23 10:31:59 CDT 2008
<mailto:francisco.cortinas at jazztel.com>
hi all,
i think i have found a solution:
sub {
my $p=${$_[1]};
if (my @avpair = $p->get_attr('Tunnel-Server-Endpoint')) {
foreach my $avpair (@avpair) {
my $tag = substr($avpair,0,1);
# my ($self, $pwdin, $secret, $tag) = @_;
my $self=$p;
my $pwdin='laboratorio';
my $secret='mysecret';
$tag = $tag || 0;
my $P = pack('C', length($pwdin)) . $pwdin;
my $A = pack('n', rand(65535) | 0x8000);
my $c_i = $self->authenticator . $A; # Ciphertext blocks
my $C; # Encrypted result
while (length($P))
{
$c_i = substr($P, 0, 16, undef) ^ Digest::MD5::md5($secret . $c_i);
$C .= $c_i;
}
# return chr($tag) . $A . $C;
my $passwordd=chr($tag) . $A . $C;
$p->add_attr('Tunnel-Password', $passwordd);
}
}
}
Any of the experts can tell me if im right, and this seems to be a solution?
Regards.
-----Mensaje original-----
De: owner-radiator at open.com.au [mailto:owner-radiator at open.com.au] En nombre de Francisco Rodrigo Cortinas Maseda
Enviado el: miércoles 23 de abril de 2008 16:47
Para: radiator at open.com.au
Asunto: (RADIATOR) Problem with Tunnel-Password encryption
Hello,
we are designing a new service for one of our customers, and i have a problem with the encryption of the tunnel-password attribute.
the problem is that we have to read the index of the Tunnel-Server-Endpoint, and the concatenating it to the password ("laboratorio"); so that we have written the script:
sub {
my $p=${$_[1]};
my $id;
if (my @avpair = $p->get_attr('Tunnel-Server-Endpoint')) {
foreach my $avpair (@avpair) {
my $part = substr($avpair,0,1);
$p->add_attr('Tunnel-Password', $part.':laboratorio');
}
}
}
but the problem now is the encryption of the attribute.
Someone lnows how to do this?
Regards.
Antes de imprimir este e-mail piense bien si es necesario hacerlo.
_____
Este mensaje es privado y CONFIDENCIAL y se dirige exclusivamente a su destinatario. Si usted ha recibido este mensaje por error, no debe revelar, copiar, distribuir o usarlo en ningun sentido. Le rogamos lo comunique al remitente y borre dicho mensaje y cualquier documento adjunto que pudiera contener. El correo electronico via Internet no permite asegurar la confidencialidad de los mensajes que se transmiten ni su integridad o correcta recepcion. JAZZTEL no asume responsabilidad por estas circunstancias. Si el destinatario de este mensaje no consintiera la utilizacion del correo electronico via Internet y la grabacion de los mensajes, rogamos lo ponga en nuestro conocimiento de forma inmediata.Cualquier opinion expresada en este mensaje pertenece unicamente al autor remitente, y no representa necesariamente la opinion de JAZZTEL, a no ser que expresamente se diga y el remitente este autorizado para hacerlo.
_____
This message is private and CONFIDENTIAL and it is intended exclusively for its addressee. If you receive this message in error, you should not disclose, copy, distribute this e-mail or use it in any other way. Please inform the sender and delete the message and attachments from your system.Internet e-mail neither guarantees the confidentiality nor the integrity or proper receipt of the messages sent. JAZZTEL does not assume any liability for those circumstances. If the addressee of this message does not consent to the use of Internet e-mail and message recording, please notify us immediately.Any views or opinions contained in this message are solely those of the author, and do not necessarily represent those of JAZZTEL, unless otherwise specifically stated and the sender is authorised to do so.
_____
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20080423/e3db5f79/attachment.html>
More information about the radiator
mailing list