From 1aff2c2b3a1f54c2c2cf6233392fb51f4abefa0a Mon Sep 17 00:00:00 2001
From: "Jens L." <jens@goauthentik.io>
Date: Mon, 3 Nov 2025 16:10:41 +0100
Subject: [PATCH] providers/radius: revert fix inverted message authenticator
 validation (#17855) (#17915)

Revert "providers/radius: fix inverted message authenticator validation (#17855)"

This reverts commit 09e3301c8fae277adaa736ce700aa0010947af23.
---
 internal/outpost/radius/request.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/internal/outpost/radius/request.go b/internal/outpost/radius/request.go
index 7c64af91bb..962c929832 100644
--- a/internal/outpost/radius/request.go
+++ b/internal/outpost/radius/request.go
@@ -1,6 +1,7 @@
 package radius
 
 import (
+	"bytes"
 	"crypto/hmac"
 	"crypto/md5"
 	"errors"
@@ -45,7 +46,7 @@ func (r *RadiusRequest) validateMessageAuthenticator() error {
 		return err
 	}
 	hash.Write(encode)
-	if !hmac.Equal(mauth, hash.Sum(nil)) {
+	if bytes.Equal(mauth, hash.Sum(nil)) {
 		return ErrInvalidMessageAuthenticator
 	}
 	return nil