rlm_pap code tidy
Alan DeKok
aland at deployingradius.com
Sat Sep 29 06:58:00 CEST 2012
Matthew Newton wrote:
> As another thought, maybe rlm_pap should now also refuse to auth
> against a password in User-Password? I moved the warning over from
> auth.c, but pap still allows it to work. 3.0 would seem to be a
> good place to finally break this.
It's probably a good idea. Doing the User-Password thing breaks many
authentication types. It's time to NOT be backwards compatible with 10+
years of stupidity.
Cleartext-Password has been around since 1.1.3. It's time people used it.
> I guess it's a balance between forcing the Right Thing, and the
> number of questions on freeradius-users... although I guess they
> will be many when 3.0 is released anyway.
Hopefully the documentation will be clear on the subject. See
raddb/README.md. It explains the upgrade process.
Alan DeKok.
More information about the Freeradius-Devel
mailing list