[ppp][chap] - PPP

This is a discussion on [ppp][chap] - PPP ; Hi Server sends me chap chalenge packet: IN Unescaped (29): |194||35||1||2||0||25||20||6||154||214||49||37||40 ||180||63||66||54||145||204||95||194||109||216||12 2||205||72||98||158||242| so I use MD5 algorithm to generate Value and send him Response: OUT Unescaped (25): |194||35||2||2||0||21||16||137||68||171||241||132| |80||55||6||207||59||18||155||123||195||86||196||7 8||214| then server send me another chap chaleenge with incressed ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: [ppp][chap]

  1. [ppp][chap]

    Hi

    Server sends me chap chalenge packet:

    IN Unescaped (29):
    |194||35||1||2||0||25||20||6||154||214||49||37||40 ||180||63||66||54||145||204||95||194||109||216||12 2||205||72||98||158||242|
    so I use MD5 algorithm to generate Value and send him Response:
    OUT Unescaped (25):
    |194||35||2||2||0||21||16||137||68||171||241||132| |80||55||6||207||59||18||155||123||195||86||196||7 8||214|

    then server send me another chap chaleenge with incressed IDENTIFIER.
    My question is how to make string that is put in the MD5?:
    login: ppp
    password: ppp
    so string should be like that?:
    IdentifierppppppChalenge_value



  2. Re: [ppp][chap]

    "Gustlik[MoC]" writes:
    > IN Unescaped (29):
    > |194||35||1||2||0||25||20||6||154||214||49||37||40 ||180||63||66||54||145||204||95||194||109||216||12 2||205||72||98||158||242|


    Wow. That's impressively hard to read. It looks like:

    C2 23 - CHAP
    01 - Code 1 -- Challenge
    02 - ID=2
    00 19 - length 25
    14 06 9A D6 31 25 28 B4 3F 42 36 91 CC 5F C2 6D D8 7A CD 48 62
    - 20 octet-long challenge value
    9E F2 - FCS

    > so I use MD5 algorithm to generate Value and send him Response:
    > OUT Unescaped (25):
    > |194||35||2||2||0||21||16||137||68||171||241||132| |80||55||6||207||59||18||155||123||195||86||196||7 8||214|


    C2 23 - CHAP
    02 - Code 2 -- Response
    02 - ID=2
    00 15 - length 21
    10 89 44 AB F1 84 50 37 06 CF 3B 12 9B 7B C3 56 C4
    - 16 octet-long response

    .... but the packet looks like nonsense to me. It doesn't even have a
    peer name in it.

    > then server send me another chap chaleenge with incressed IDENTIFIER.
    > My question is how to make string that is put in the MD5?:
    > login: ppp
    > password: ppp
    > so string should be like that?:
    > IdentifierppppppChalenge_value


    The string input to MD5 is:

    - one octet representing the identifier (02, in this case)
    - the shared "secret" (three octets of 70 70 70 "ppp" in this case)
    - the challenge (20 octets of data in this case)

    You have to include your name as part of the response. That's
    probably what's causing your peer to ignore the packet -- no name
    field is present.

    Either read RFC 1994 or just use the open source, which already gets
    it right. There's probably little reason to reinvent this particular
    wheel.

    --
    James Carlson, KISS Network
    Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084
    MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677

  3. Re: [ppp][chap]

    Hi

    I use your tips but something is still wrong.

    Server send me:
    IN Unescaped (29):
    |194||35||1||4||0||25||20||137||49||210||226||218| |50||98||226||42||178||242||97||121||177||128||96| |199||46||14||221||237||112|

    ID: 4
    Value:
    ||137||49||210||226||218||50||98||226||42||178||24 2||97||121||177||128||96||199||46||14||221||237||


    so i make string(login and password: erainternet):
    id: ||4||
    Password(erainternet):
    |101||114||97||105||110||116||101||114||110||101|| 116|
    Value:
    ||137||49||210||226||218||50||98||226||42||178||24 2||97||121||177||128||96||199||46||14||221||237||
    I combine IDPasswotfValue toogether and Put to MD5 algorihtm (i use function
    from RFC 1321)

    Next step (follow the RFC 1994) is make response packet.
    so it looks like that:

    OUT Unescaped (36):
    |194||35||2||4||0||32||16||104||172||245||18||50|| 70||2||205||223||98||88||202||13||224||172||35||10 1||114||97||105||110||116||101||114||110||101||116 ||140||157|

    where:
    |194||35| - chap
    |2| code ->response
    |4| -id
    |0||32| - length
    |16| waluesize
    |104||172||245||18||50||70||2||205||223||98||88||2 02||13||224||172||35| -
    16 octets from MD5
    |101||114||97||105||110||116||101||114||110||101|| 116|| -name
    erainternet
    |140||157| FCS


    I think 16 octets from MD5 doesn't matter because the packet is silently
    discarded and new chap chalenge sends to me.
    If the all packet is right i think that the server seends me a failure(if
    md5 is wrong) or succes (if md5 is ok) packet.
    What u thinhking about it?


    Best Regards
    Gustlik[MoC]



  4. Re: [ppp][chap]

    "Gustlik[MoC]" writes:
    > I use your tips but something is still wrong.
    >
    > Server send me:
    > IN Unescaped (29):
    > |194||35||1||4||0||25||20||137||49||210||226||218| |50||98||226||42||178||242||97||121||177||128||96| |199||46||14||221||237||112|


    Would it be possible to print these things out in hex? Decimal is
    just about completely unreadable for this purpose.

    Why are you writing PPP from scratch anyway? There are several good
    sources to work from.

    > so i make string(login and password: erainternet):
    > id: ||4||
    > Password(erainternet):
    > |101||114||97||105||110||116||101||114||110||101|| 116|
    > Value:
    > ||137||49||210||226||218||50||98||226||42||178||24 2||97||121||177||128||96||199||46||14||221||237||


    That's not right. The peer sent you a 20 octet Challenge value. The
    above string has 21 octets by my count. That last "237" is the first
    octet of the FCS.

    For what it's worth, your AHDLC unescaping routine should *ALSO* strip
    off the FCS. The design needs some improvement here.

    > where:
    > |194||35| - chap
    > |2| code ->response
    > |4| -id
    > |0||32| - length
    > |16| waluesize
    > |104||172||245||18||50||70||2||205||223||98||88||2 02||13||224||172||35| -
    > 16 octets from MD5
    > |101||114||97||105||110||116||101||114||110||101|| 116|| -name
    > erainternet
    > |140||157| FCS


    That's not right, though it's perhaps getting closer.

    First off, the 'length' is the length of the overall message, starting
    with the "Code" field. For the message above it should be:

    1 - Code
    1 - Id
    2 - Length
    1 - value size
    16 - value
    16 - name
    --
    37

    Secondly, the value computed isn't right. The right value is:

    3C B5 BA 1A 34 EC CE 8C 92 D4 8C DE 39 42 00 EC

    .... based on the provided Id, secret, and challenge value. I don't
    get the value you do even when I include the extra FCS octet that I
    think you did, so I have no idea what's wrong with the code you're
    using.

    You might want to use some MD5 test vectors to make sure that this
    part of the code is right. If that's right and you're still having
    trouble, then post your code.

    (Or _please_ use the open source. No debug necessary. It's already
    right!)

    > I think 16 octets from MD5 doesn't matter because the packet is silently
    > discarded and new chap chalenge sends to me.
    > If the all packet is right i think that the server seends me a failure(if
    > md5 is wrong) or succes (if md5 is ok) packet.
    > What u thinhking about it?


    The peer will ignore your message if the packet is mangled. This is a
    basic feature of all networking protocols: you get a response (such as
    "Success" or "Failure") only if the packet itself is well-formed.
    Badly-formed packets are assumed to be some sort of transmission error
    and are _silently_ discarded.

    The behavior you're describing is consistent with malformed packets
    being transmitted from your side of the connection.

    --
    James Carlson, KISS Network
    Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084
    MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677

  5. Re: [ppp][chap]

    Hi

    > Why are you writing PPP from scratch anyway? There are several good
    > sources to work from.


    Yes, but write this in c++ to the PC is the first step. Next step will be
    write
    the same program to microprocesor(I want use old cellular to connect uP to
    the internet, something like little monitoring)

    > For what it's worth, your AHDLC unescaping routine should *ALSO* strip
    > off the FCS. The design needs some improvement here.

    Yes. It work's good (i negiotiate LCP before CHAP )


    > First off, the 'length' is the length of the overall message, starting
    > with the "Code" field. For the message above it should be:
    >
    > 1 - Code
    > 1 - Id
    > 2 - Length
    > 1 - value size
    > 16 - value
    > 16 - name
    > --
    > 37


    Hmmm name's length is 16?? why? login is: erainternet (11octets) and in
    RFC 1996 about a name write "The name field is one or more octets...."


    > Secondly, the value computed isn't right. The right value is:
    >
    > 3C B5 BA 1A 34 EC CE 8C 92 D4 8C DE 39 42 00 EC

    What a shame..it's my mistake. Now MD5 work's good, but my packets are
    still silently discarded.


    Best Regards




  6. Re: [ppp][chap]

    Hi

    Program works good. i receive success.

    Thx for advice

    Best Regards



  7. Re: [ppp][chap]

    "Gustlik[MoC]" writes:
    > > Why are you writing PPP from scratch anyway? There are several good
    > > sources to work from.

    >
    > Yes, but write this in c++ to the PC is the first step. Next step will be
    > write
    > the same program to microprocesor(I want use old cellular to connect uP to
    > the internet, something like little monitoring)


    I suppose it depends on what your time is worth to you.

    --
    James Carlson, KISS Network
    Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084
    MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677

+ Reply to Thread