Tarkshya wrote:
I tried to enable CHAP protocol support in the freeradius-client library by uncommenting the CHAP code in sendserver.c file. (It is the code which was blocked using #if 0 macro) However, when I send a chap password, the server rejects the request saying that
Found Auth-Type = CHAP +- entering group CHAP {...} [chap] rlm_chap: password supplied has wrong length
What could be wrong here?
What part of that message is unclear?
Also, apparently the radclient testing tools which comes with freeradius SERVER can successfully authenticate using CHAP passwords. Its only the client tool (radiusclient) that gives problem. I noticed that the logic of encoding CHAP passwords is different in freeradius client and free radius server code.
Well... that would seem to be the problem.
Can somebody give me the exact algorithm for encoding and sending CHAP passwords in radius packets.
You could read the FreeRADIUS server source code to see what works. The code *is* publicly available. Or, you could read the specification (RFC 2865). That's publicly available, too. Alan DeKok.