"Jerlique Ban" <[EMAIL PROTECTED]> wrote:
> I've now switched to using freeradius 1.0.0-pre3 on freebsd. I am trying to
> authenticate users via my Exec-Program call, which does a whole lot of other
> queries and tests before granting access. It all works if a PAP request is
> made, but fails on a CHAP request. Now I understand that CHAP requests are
> encrypted. Can you compare chap passwords like you would do so with let say
> $alreadycrypt == crypt($alreadycrypt, $test)??
No. The design of CHAP makes that impossible.
> My question is how can I confirm that the %{CHAP_PASSWORD} variable is
> correct? Ideally I'd like to do this in php, but I cannot find a function
> to do this??
See src/lib/radius.c, function rad_chap_encode() for an
implementation in C.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
