>a counterquestion: which scenario/eap type do you use and with which nas
>did you manage to send an eap-start message to the radius server? i know
>that eap-start can be sent to the server but usually the nas begins the
>conversation with the peer itself and forwards the response identity to
>th
I don't see the EAP-Start packet in your example, I see a MD5 type packet
coming back, which isn't what one would expect to get when the server
should be requesting an Identity.
>rlm_eap_md5: Issuing Challenge
>Login OK: [artur/] (from client ap-1 port 38
>cli 004096426f05)
>Sending Access-Cha
If an EAP Start packet is sent by a client (two bytes, CODE=request) the
server returns the appropriate Access-Challenge with a Request for Identity.
The State attribute is not sent with the Access-Challenge.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
In the MS-CHAP 2 RFC it's claimed that the user name should be in Unicode
like the password.
Examining the code in rlm_mschap.c the user name is not converted to
unicode before the hashing in challenge_hash(). Examining just what was in
the user_name before the showed it was just regular ASC
Using radiusd: FreeRADIUS Version 0.5, for host i686-pc-linux-gnu, built on
Jun 14 2002 at 10:26:10
If I send a packet with both the MS-CHAP-Challenge & MS-CHAP-Response I get
a Segmentation fault. If I don't send the MS-CHAP-Response, just the
MS-CHAP-Challenge the server runs, but of course