PAP Auto Header
Det Det
det.explorer at yahoo.com
Tue Aug 23 07:13:52 CEST 2011
Yeah, perhaps, the header was not in the password value. I use dialup-admin and MySQL. Anyway, I ended up using the specific password attribute "Crypt-Password" instead of "User-Password".
the debug from freeradius shows this. so i guess could be the password storage as you said.
Module: Instantiating pap
pap {
encryption_scheme = "auto"
auto_header = yes
}
________________________________
From: Arran Cudbard-Bell <a.cudbardb at freeradius.org>
To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Cc: Det Det <det.explorer at yahoo.com>
Sent: Monday, August 22, 2011 6:16 PM
Subject: Re: PAP Auto Header
* added,
And no you shouldn't need to use auto-hearder if you've set the appropriate password attribute.
The recommended way is to prepend the headers, and use auto_header as its more flexible, and allows you to migrate between hash schemes non disruptively.
-Arran
On 22 Aug 2011, at 12:00, Arran Cudbard-Bell wrote:
That would depend on whether you've add the correct header to the hash :)
>
>
>/*
>* For auto-header discovery.
>*/
>static const FR_NAME_NUMBER header_names[] = {
>{ "{clear}", PW_CLEARTEXT_PASSWORD },
>{ "{cleartext}", PW_CLEARTEXT_PASSWORD },
>{ "{md5}", PW_MD5_PASSWORD },
>{ "{smd5}", PW_SMD5_PASSWORD },
>{ "{crypt}", PW_CRYPT_PASSWORD },
>{ "{sha}", PW_SHA_PASSWORD },
>{ "{ssha}", PW_SSHA_PASSWORD },
>{ "{nt}", PW_NT_PASSWORD },
>{ "{nthash}", PW_NT_PASSWORD },
>{ "{x-nthash}", PW_NT_PASSWORD },
>{ "{ns-mta-md5}", PW_NS_MTA_MD5_PASSWORD },
>{ "{x- orcllmv}", PW_LM_PASSWORD },
>{ "{X- ORCLNTV}", PW_NT_PASSWORD },
>{ NULL, 0 }
>};
>
>-Arran
>
>
>
>
>
>
>On 22 Aug 2011, at 11:46, Det Det wrote:
>
>Hi,
>>
>>
>>I set PAP module as below. In my DB, user attribute is User-Password. Value of User-Password is an MD5 or CRYPT password. Shouldn't auto-header=yes able to detect the encryption scheme used in the password? What will the auto-header setting for if I still have to specifically set attributes such as MD5-Password or Cleartext-Password, etc.
>>
>>
>>
>>pap {
>> auto_header = yes
>>}
>>
>>
>>thanks,
>>det-
>>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>Arran Cudbard-Bell
>a.cudbardb at freeradius.org
>
>
>RADIUS - Half the complexity of Diameter
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Arran Cudbard-Bell
a.cudbardb at freeradius.org
RADIUS - Half the complexity of Diameter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110822/74e6d926/attachment.html>
More information about the Freeradius-Users
mailing list