11 Feb
2013
11 Feb
'13
7:49 a.m.
JCA wrote:
Thanks for you clarifications. Now I have noticed that the way in which freeradius-server 2.2.0 encrypts CHAP passwords before casting them to wire format is totally different from its counterpart in freeradius-client 1.1.6. The way in which 2.2.0 does it clearly agrees with the description given in section 2.2 of RFC 2865, whereas the approach followed in 1.1.6 is completely different and, therefore, wrong - which is perhaps why it is not compiled in by default. Would you know why that code in 1.1.6 is there at all?
No idea. That code is left over from probably 8 years ago. Alan DeKok.