11 Aug
2021
11 Aug
'21
9:53 a.m.
On Aug 11, 2021, at 9:51 AM, Suneth Kariyawasam <sunethnk@gmail.com> wrote:
I am trying to develop a freeradius module for authorization with OpenIAM and the module works fine with PAP and EAP-TTLS with PAP. Is there a way to decode the EAP packet and access the User-Password attributes within the mod_authorize method of my module or using an unlang policy?
No. It's impossible.
Currently, EAP-TTLS wth PAP only woks because when the request is tunneled eap_ttls copy all attributes but with MS-CHAP and others are not working due to missing Cleartext-Password.
Yes. It's impossible to get the clear-text password from MS-CHAP. Alan DeKok.