Dear Martin Gadbois, read doc/rlm_mschap carefully. All you need is update dictionary.microsoft.
--Tuesday, December 10, 2002, 11:46:51 PM, you wrote to [EMAIL PROTECTED]: MG> -----BEGIN PGP SIGNED MESSAGE----- MG> Hash: SHA1 MG> Hello all, MG> I found that freeradius-0.8 does not encrypt the MS-CHAPv1 MPPE keys as specified by RFC 2548 sec. MG> 2.4.1. MG> In fact, that code was commented out. MG> Here is the patch: MG> - --- freeradius-0.8/src/modules/rlm_mschap/rlm_mschap.c Wed Oct 2 10:37:08 2002 MG> +++ freeradius-0.8-modif/src/modules/rlm_mschap/rlm_mschap.c Tue Dec 10 15:40:33 2002 MG> @@ -860,6 +860,7 @@ MG> ~ /* now create MPPE attributes */ MG> ~ if (inst->use_mppe) { MG> ~ if (chap == 1){ MG> + int len; MG> ~ DEBUG2("rlm_mschap: adding MS-CHAPv1 MPPE keys"); MG> ~ memset (mppe_sendkey, 0, 32); MG> ~ if (smbPasswd.smb_passwd) MG> @@ -875,10 +876,10 @@ MG> ~ memcpy (mppe_sendkey+8,smbPasswd.smb_nt_passwd,16); MG> ~ */ MG> ~ md4_calc(mppe_sendkey+8, smbPasswd.smb_nt_passwd,16); MG> - -/* MG> + MG> ~ rad_pwencode(mppe_sendkey, &len, MG> ~ request->secret, request->packet->vector); MG> - -*/ MG> + MG> ~ mppe_add_reply( &request->reply->vps, MG> ~ "MS-CHAP-MPPE-Keys",mppe_sendkey,32); MG> ~ } MG> Sorry if this is a repeat. MG> That code works well with Win2K Professional. MG> - -- MG> ============== MG> Martin Gadbois MG> S/W Developper MG> Colubris Networks Inc. MG> PS: I do not subscribe to this list... MG> -----BEGIN PGP SIGNATURE----- MG> Version: GnuPG v1.0.4 (GNU/Linux) MG> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org MG> iEYEARECAAYFAj32UroACgkQ9Y3/iTTCEDkmqACfdt7uSiZSR6Gjn0sN1rv4Lk7T MG> pSsAn0rw55GXyAnAU8TmYK/M1k59SwrP MG> =n1iW MG> -----END PGP SIGNATURE----- MG> - MG> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- ~/ZARAZA Пока вы во власти провидения, вам не удастся умереть раньше срока. (Твен) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html