MS-CHAP-V2 with no retry
Phil Mayers
p.mayers at imperial.ac.uk
Fri Mar 4 13:20:42 CET 2011
On 04/03/11 09:46, Alan DeKok wrote:
> Phil Mayers wrote:
>> The FreeRadius EAP-MSCHAP (rlm_eap_mschap) has a hardcoded error message:
>>
>> E=691 R=0
>
> Really? I don't see that.
Isn't that what this code does in rlm_eap_mschapv2.c:
static int eapmschapv2_compose(EAP_HANDLER *handler, VALUE_PAIR *reply)
{
...
case PW_MSCHAP_ERROR:
DEBUG2("MSCHAP Failure\n");
length = 4 + MSCHAPV2_FAILURE_MESSAGE_LEN;
....
memcpy((eap_ds->request->type.data + 4),
MSCHAPV2_FAILURE_MESSAGE, MSCHAPV2_FAILURE_MESSAGE_LEN);
...and MSCHAPV2_FAILURE_MESSAGE is defined in eap_mschapv2.h:
#define MSCHAPV2_FAILURE_MESSAGE "E=691 R=0"
#define MSCHAPV2_FAILURE_MESSAGE_LEN 9
Perhaps I'm mis-reading it?
More information about the Freeradius-Users
mailing list