Password attrib problem

Alan DeKok aland at deployingradius.com
Thu Sep 11 13:09:23 CEST 2008


Yawar Hadi wrote:
> dear alan,
>               my code is correct 

  It's not.  The pairfind() function MAY return NULL.  You are not
checking for this.

.i know user-password not belongs to
> accounting packets.but its a requirment to have user-password in
> accounting  packet.

  For who?  Your local configuration?

  Sorry... User-Passwords CANNOT and MUST NOT appear in accounting
packets.  Putting them in accounting packets is a security problem.

>               and code is correct 100 %.  so kindly u just suggest me
> how i can get plain text password in accounting stop packets.

  Have you bothered running the server in debugging mode as I suggested?
 If the password is printed there, then it's in the packet, it's decoded
correctly, and your code is wrong.

  If the password isn't printed there, then it's not supposed to be in
accounting packets.

  Alan DeKok.



More information about the Freeradius-Users mailing list