On 01/13/2014 06:58 PM, Hartmaier Alexander wrote:
> Patching is welcome! If you'd add those formats we would immediately
> switch to using them.
Hello Alexander,
support for {SHA256}, {SSHA256} and the 384 and 512 digest lengths is
now in patches. These new formats are similar to the existing {SHA} and
{SSHA} formats.
Support for PBKDF2 derived passwords should also be available soon.
Because of EAP-PSK, Radiator already has a portable PBKDF2
implementation so using it for password stretching is fairly straight
forward.
The suitable format is still a bit of question. Crypt-PBKDF2, for
example, seems to support LDAP and crypt style formats:
{X-PBKDF2}HMACSHA1:AAAD6A:8ODUPA==:1HSdSVVwlWSZhbPGO7GIZ4iUbrk=
$PBKDF2$HMACSHA1:1000:4q9OTg==$9Pb6bCRgnct/dga+4v4Lyv8x31s=
We would be interested to hear if there are other formats that should be
supported.
Thanks,
Heikki
--
Heikki Vatiainen <h...@open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
_______________________________________________
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
