@ -3,7 +3,7 @@
/* eslint-disable no-bitwise */
import * as tls from 'tls' ;
import * as NodeCache from 'node-cache' ;
// eslint-disable-next-line @typescript-eslint/ban-ts- ignore
// eslint-disable-next-line @typescript-eslint/ban-ts- comment
// @ts-ignore
import { attr_id_to_name , attr_name_to_id } from 'radius' ;
import debug from 'debug' ;
@ -219,12 +219,13 @@ export class EAPTTLS implements IEAPMethod {
if ( decodedFlags . lengthIncluded ) {
msglength = msg . slice ( 6 , 10 ) . readUInt32BE ( 0 ) ; // .readDoubleLE(0); // .toString('hex');
}
const data = msg . slice ( decodedFlags . lengthIncluded ? 10 : 6 , msg . length) ;
const data = msg . slice ( decodedFlags . lengthIncluded ? 10 : 6 ). slice ( 0 , msg length) ;
log ( '>>>>>>>>>>>> REQUEST FROM CLIENT: EAP TTLS' , {
flags : ` 00000000 ${ flags . toString ( 2 ) } ` . substr ( - 8 ) ,
decodedFlags ,
identifier ,
msglengthBuffer : msg.length ,
msglength ,
data ,
// dataStr: data.toString()
@ -388,15 +389,24 @@ export class EAPTTLS implements IEAPMethod {
} ;
const responseHandler = ( encryptedResponseData : Buffer ) = > {
log ( 'complete' ) ;
// send back...
sendResponsePromise . resolve (
this . buildEAPTTLSResponse ( identifier , 21 , 0x00 , stateID , encryptedResponseData )
) ;
} ;
const checkExistingSession = ( isSessionReused ) = > {
if ( isSessionReused ) {
log ( 'secured, session reused, accept auth!' ) ;
sendResponsePromise . resolve ( this . authResponse ( identifier , true , connection . tls , packet ) ) ;
}
} ;
// register event listeners
connection . events . on ( 'incoming' , incomingMessageHandler ) ;
connection . events . on ( 'response' , responseHandler ) ;
connection . events . on ( 'secured' , checkExistingSession ) ;
// emit data to tls server
connection . events . emit ( 'decrypt' , data ) ;
@ -405,6 +415,9 @@ export class EAPTTLS implements IEAPMethod {
// cleanup
connection . events . off ( 'incoming' , incomingMessageHandler ) ;
connection . events . off ( 'response' , responseHandler ) ;
connection . events . off ( 'secured' , checkExistingSession ) ;
// connection.events.off('secured');
// send response
return responseData ; // this.buildEAPTTLSResponse(identifier, 21, 0x00, stateID, encryptedResponseData);
@ -473,7 +486,7 @@ export class EAPTTLS implements IEAPMethod {
let vendorId ;
let data ;
if ( flags & 0 b010000000 ) {
if ( decodedFlags. V ) {
// V flag set
vendorId = currentBuffer . slice ( 8 , 12 ) . readUInt32BE ( 0 ) ;
data = currentBuffer . slice ( 12 , length ) ;