[Solved]RADIUS passwords are cut off after 23 characters

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
strob
Posts: 2
Joined: Fri Nov 16, 2018 10:23 am

[Solved]RADIUS passwords are cut off after 23 characters

Post by strob » Fri Nov 16, 2018 11:42 am

Hey everyone,

is it possible, that the Softether VPN Client cuts passwords with RADIUS authentication after 24 (respectively 23) characters?

I have a Softether VPN Server (4.28.9669) on Ubuntu 18.04 running with a local freeradius server.

I modified my freeradius config to print out the password in plain text and found different behaviors of cutting the password.

username: test.user
password: 1234567890123456789012345678901234567890

set password in the GUI (version (windows version 4.27 9668 via wine):
Fri Nov 16 10:17:10 2018 : ERROR: (0) scriptauth: ERROR: Program returned code (1) and output 'Reply-Message = "user: test.user - pass: 123456789012345678901234",Auth-Type = Reject,Reply-Message = "Username or password incorrect."'

set password in the CLI (version 4.27.9668):
/opt/vpnclient/vpncmd localhost /CLIENT /CMD AccountPasswordSet test /PASSWORD:123456789012345678901234567890 /TYPE:radius
Fri Nov 16 11:00:13 2018 : ERROR: (78) scriptauth: ERROR: Program returned code (1) and output 'Reply-Message = "user: test.user - pass: 12345678901234567890123",Auth-Type = Reject,Reply-Message = "Username or password incorrect."'

send a radius request with radtest from the server:
radtest -x test.user '1234567890123456789012345678901234567890' 127.0.0.1 1812 <radiussecret>
Sent Access-Request Id 150 from 0.0.0.0:34465 to 127.0.0.1:1812 length 111
User-Name = "test.user"
User-Password = "1234567890123456789012345678901234567890"
NAS-IP-Address = 127.0.1.1
NAS-Port = 1812
Message-Authenticator = 0x00
Cleartext-Password = "1234567890123456789012345678901234567890"
Received Access-Reject Id 150 from 127.0.0.1:1812 to 0.0.0.0:0 length 113
Reply-Message = "user: test.user - pass: 1234567890123456789012345678901234"
Reply-Message = "Username or password incorrect."
(0) -: Expected Access-Accept got Access-Reject

Can someone else confirm this? Should i open an issue in github for this?

Regards strob

davidebeatrici
Posts: 33
Joined: Tue Aug 28, 2018 6:44 am

Re: RADIUS passwords are cut off after 23 characters

Post by davidebeatrici » Sun Nov 18, 2018 6:54 pm

Hi,

Please open an issue on GitHub, so that we keep track of it.

Regards.

strob
Posts: 2
Joined: Fri Nov 16, 2018 10:23 am

Re: RADIUS passwords are cut off after 23 characters

Post by strob » Fri Nov 30, 2018 9:21 am

i figured it out and it was totally my fault.

i did cut the last 6 chars from the password to compare it with a MFA token and i had one error in my code, which made the difference between CLI and GUI..

Sorry!

fenice
Posts: 183
Joined: Sun Jul 19, 2015 4:23 pm

Re: [Solved]RADIUS passwords are cut off after 23 characters

Post by fenice » Fri Nov 30, 2018 10:14 am

That's good to hear you've solved it and thanks for the feedback. :)
Regards


Bill

Post Reply