Hi everybody:
I am installing a lab test server with Freeradius 2.0.4 with all the
authentication installed: CHAP, PAP, EAP and authorization over MySQL,
users, system, and LDAP.
I installed it in the few last days and I have everything working now, but
as I was testing it, I could notice a bug. I created users in every DB and
file all of them with own password and user entries. When I was testing with
radtest ALL worked fine, but I noticed that ONLY with PAP authentication and
MySQL user it doesn't matter if I put a clear password in radtest larger
than the original one I get an Access-Accept message.
Example:
radtest papsqluser papsecret localhost 0 testing123
Access-Accept
radtest papsqluser papsecret43343 localhost 0 testing123
Access-Accept
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
