I need some help building WEP keys (MS-MPPE-Send-Key and MS-MPPE-Recv-Key). First, from other material I read here on the list, I understand there are static and dynamic keys. I checked the RFC but didnt see this mentioned. I assume dynamic keys are re-issued with every session? I need to send new ones with every Access-Accept, so I assume this requires a dynamic key.
I briefly asked about WEP keys a while back, and Alan referred me to the mppe code in rlm_mschap. I was wondering if I could get a quick comment on how this differs from the mppe code in rlm_eap_tls. That code appears to use an SSL session, while the mschap code does not. Anything else? I dont have any other need for SSL, so the mschap code is probably better for me.
Finally, I just have a question about the mschap mppe code. In mppe_chap2_gen_keys128 there is a section commented out. That section appears to set the salt, which I thought was required. Does the mppe_chap2_get_keys128 function just get a static key, while the commented out code gets a different one every time? Later, I see that mppe_gen_respkey is also commented out, and there is a note that says it's not required because encoding will be done by tunnel_pwencode. What's going on there? Is that only for passwords or can other attributes use it too?
Regards, Dave
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
