diff -ru freeradius-1.1.3/share/dictionary freeradius-1.1.3-orig/share/dictionary
--- freeradius-1.1.3/share/dictionary	2006-09-18 08:00:43.000000000 +0200
+++ freeradius-1.1.3-orig/share/dictionary	2006-07-27 01:00:19.000000000 +0200
@@ -159,8 +159,9 @@
 #
 ATTRIBUTE	Originating-Line-Info			94	string
 
-#  As defined in rfc 4590
-$INCLUDE dictionary.digest
+#  As defined in draft-sterman-aaa-sip-00.txt
+ATTRIBUTE	Digest-Response				206	string
+ATTRIBUTE	Digest-Attributes			207	octets	# stupid format
 
 #
 #	Integer Translations
diff -ru freeradius-1.1.3/share/dictionary.digest freeradius-1.1.3-orig/share/dictionary.digest
--- freeradius-1.1.3/share/dictionary.digest	2006-09-18 08:01:47.000000000 +0200
+++ freeradius-1.1.3-orig/share/dictionary.digest	2005-11-30 23:17:23.000000000 +0100
@@ -1,31 +1,16 @@
-#  As defined in rfc 4590
-ATTRIBUTE	Digest-Realm				104	string
-ATTRIBUTE	Digest-Nonce				105	string
-ATTRIBUTE	Digest-Response				106	string
-ATTRIBUTE	Digest-Nextonce				107	string
-ATTRIBUTE	Digest-Method				108	string
-ATTRIBUTE	Digest-URI				109	string
-ATTRIBUTE	Digest-QOP				110	string
-ATTRIBUTE	Digest-Algorithm			111	string
-ATTRIBUTE	Digest-Body-Digest			112	string
-ATTRIBUTE	Digest-CNonce				113	string
-ATTRIBUTE	Digest-Nonce-Count			114	string
-ATTRIBUTE	Digest-User-Name			115	string
-ATTRIBUTE	Digest-Opaque				116	string
-ATTRIBUTE	Digest-Auth-Param			117	string
-ATTRIBUTE	Digest-AKA-Auts				118	string
-ATTRIBUTE	Digest-Domain				119	string
-ATTRIBUTE	Digest-Stale				120	string
-ATTRIBUTE	Digest-HA1				121	string
-ATTRIBUTE	SIP-AOR					122	string
-
-#draft-00 format to avoid regression of freeradius
-ATTRIBUTE       Digest-Obselete-Response                         206     string
-ATTRIBUTE       Digest-Obselete-Attributes                       207     octets  # stupid format
-
-
-
-
-
-
-
+#  As defined in draft-sterman-aaa-sip-00.txt
+ATTRIBUTE	Digest-Response				206	string
+ATTRIBUTE	Digest-Attributes			207	octets	# stupid format
+
+BEGIN-SUB-ATTR Digest-Attributes
+ATTRIBUTE	Digest-Realm				1	string
+ATTRIBUTE	Digest-Nonce				2	string
+ATTRIBUTE	Digest-Method				3	string
+ATTRIBUTE	Digest-URI				4	string
+ATTRIBUTE	Digest-QOP				5	string
+ATTRIBUTE	Digest-Algorithm			6	string
+ATTRIBUTE	Digest-Body-Digest			7	string
+ATTRIBUTE	Digest-CNonce				8	string
+ATTRIBUTE	Digest-Nonce-Count			9	string
+ATTRIBUTE	Digest-User-Name			10	string
+END-SUB-ATTR
diff -ru freeradius-1.1.3/share/dictionary.freeradius.internal freeradius-1.1.3-orig/share/dictionary.freeradius.internal
--- freeradius-1.1.3/share/dictionary.freeradius.internal	2006-09-15 08:42:39.000000000 +0200
+++ freeradius-1.1.3-orig/share/dictionary.freeradius.internal	2006-03-07 19:10:09.000000000 +0100
@@ -89,6 +89,16 @@
 ATTRIBUTE	SMB-Account-CTRL			1059	integer
 ATTRIBUTE	SMB-Account-CTRL-TEXT			1061	string
 ATTRIBUTE	User-Profile				1062	string
+ATTRIBUTE	Digest-Realm				1063	string
+ATTRIBUTE	Digest-Nonce				1064	string
+ATTRIBUTE	Digest-Method				1065	string
+ATTRIBUTE	Digest-URI				1066	string
+ATTRIBUTE	Digest-QOP				1067	string
+ATTRIBUTE	Digest-Algorithm			1068	string
+ATTRIBUTE	Digest-Body-Digest			1069	string
+ATTRIBUTE	Digest-CNonce				1070	string
+ATTRIBUTE	Digest-Nonce-Count			1071	string
+ATTRIBUTE	Digest-User-Name			1072	string
 ATTRIBUTE	Pool-Name				1073	string
 ATTRIBUTE	Ldap-Group				1074	string
 ATTRIBUTE	Module-Success-Message			1075	string
@@ -97,6 +107,7 @@
 ATTRIBUTE	Rewrite-Rule				1078	string
 ATTRIBUTE	Sql-Group				1079	string
 ATTRIBUTE	Response-Packet-Type			1080	integer
+ATTRIBUTE	Digest-HA1				1081	string
 ATTRIBUTE	MS-CHAP-Use-NTLM-Auth			1082	integer
 ATTRIBUTE	NTLM-User-Name				1083	string
 ATTRIBUTE	Packet-Src-IP-Address			1084	ipaddr
diff -ru freeradius-1.1.3/src/include/radius.h freeradius-1.1.3-orig/src/include/radius.h
--- freeradius-1.1.3/src/include/radius.h	2006-09-18 09:41:33.000000000 +0200
+++ freeradius-1.1.3-orig/src/include/radius.h	2006-03-07 19:10:08.000000000 +0100
@@ -113,12 +113,8 @@
 #define PW_FRAMED_POOL			88
 #define PW_NAS_IPV6_ADDRESS		95
 
-#define PW_DIGEST_RESPONSE		106
-
-/* Draft version of digest to avoid regression of freeradius*/ 
-#define PW_DIGEST_OBSELETE_RESPONSE              206
-#define PW_DIGEST_OBSELETE_ATTRIBUTES            207
-
+#define PW_DIGEST_RESPONSE		206
+#define PW_DIGEST_ATTRIBUTES		207
 
 #define PW_FALL_THROUGH			500
 #define PW_ADD_PORT_TO_IP_ADDRESS	501
@@ -170,33 +166,16 @@
 #define PW_SMB_ACCOUNT_CTRL		1059
 #define PW_SMB_ACCOUNT_CTRL_TEXT	1061
 #define PW_USER_PROFILE			1062
-
-
-#define PW_DIGEST_REALM			104
-#define PW_DIGEST_NONCE			105
-#define PW_DIGEST_METHOD		108
-#define PW_DIGEST_URI			109
-#define PW_DIGEST_QOP			110
-#define PW_DIGEST_ALGORITHM		111
-#define PW_DIGEST_BODY_DIGEST		112
-#define PW_DIGEST_CNONCE		113
-#define PW_DIGEST_NONCE_COUNT		114
-#define PW_DIGEST_USER_NAME		115
-#define PW_DIGEST_HA1     121
-
-/* Draft version of digest to avoid regression of freeradius */ 
-#define PW_DIGEST_OBSELETE_REALM                 1
-#define PW_DIGEST_OBSELETE_NONCE                 2
-#define PW_DIGEST_OBSELETE_METHOD                3
-#define PW_DIGEST_OBSELETE_URI                   4
-#define PW_DIGEST_OBSELETE_QOP                   5
-#define PW_DIGEST_OBSELETE_ALGORITHM             6
-#define PW_DIGEST_OBSELETE_BODY_DIGEST           7
-#define PW_DIGEST_OBSELETE_CNONCE                8
-#define PW_DIGEST_OBSELETE_NONCE_COUNT           9
-#define PW_DIGEST_OBSELETE_USER_NAME             10
-
-
+#define PW_DIGEST_REALM			1063
+#define PW_DIGEST_NONCE			1064
+#define PW_DIGEST_METHOD		1065
+#define PW_DIGEST_URI			1066
+#define PW_DIGEST_QOP			1067
+#define PW_DIGEST_ALGORITHM		1068
+#define PW_DIGEST_BODY_DIGEST		1069
+#define PW_DIGEST_CNONCE		1070
+#define PW_DIGEST_NONCE_COUNT		1071
+#define PW_DIGEST_USER_NAME		1072
 #define PW_POOL_NAME			1073
 #define PW_LDAP_GROUP			1074
 #define PW_MODULE_SUCCESS_MESSAGE	1075
@@ -207,6 +186,7 @@
 #define PW_REWRITE_RULE			1078
 #define PW_SQL_GROUP			1079
 #define PW_RESPONSE_PACKET_TYPE		1080
+#define PW_DIGEST_HA1			1081
 #define PW_MS_CHAP_USE_NTLM_AUTH	1082
 #define PW_PACKET_SRC_IP_ADDRESS	1084
 #define PW_PACKET_DST_IP_ADDRESS	1085
diff -ru freeradius-1.1.3/src/main/radclient.c freeradius-1.1.3-orig/src/main/radclient.c
--- freeradius-1.1.3/src/main/radclient.c	2006-09-18 08:59:31.000000000 +0200
+++ freeradius-1.1.3-orig/src/main/radclient.c	2006-05-16 20:26:08.000000000 +0200
@@ -233,7 +233,6 @@
 		 *  Fix up Digest-Attributes issues
 		 */
 		for (vp = radclient->request->vps; vp != NULL; vp = vp->next) {
-      int attrib = 0;
 			switch (vp->attribute) {
 			default:
 				break;
@@ -251,75 +250,21 @@
 				break;
 
 			case PW_DIGEST_REALM:
-        memmove(&vp->strvalue[2], &vp->strvalue[0], vp->length);
-        vp->strvalue[0] = PW_DIGEST_OBSELETE_REALM;
-        vp->length += 2;
-        vp->strvalue[1] = vp->length;
-        vp->attribute = PW_DIGEST_OBSELETE_ATTRIBUTES;
-        break;
 			case PW_DIGEST_NONCE:
-        memmove(&vp->strvalue[2], &vp->strvalue[0], vp->length);
-        vp->strvalue[0] = PW_DIGEST_OBSELETE_NONCE;
-        vp->length += 2;
-        vp->strvalue[1] = vp->length;
-        vp->attribute = PW_DIGEST_OBSELETE_ATTRIBUTES;
-        break;
-      case PW_DIGEST_METHOD:
-        memmove(&vp->strvalue[2], &vp->strvalue[0], vp->length);
-        vp->strvalue[0] = PW_DIGEST_OBSELETE_METHOD;
-        vp->length += 2;
-        vp->strvalue[1] = vp->length;
-        vp->attribute = PW_DIGEST_OBSELETE_ATTRIBUTES;
-        break;
+			case PW_DIGEST_METHOD:
 			case PW_DIGEST_URI:
-        memmove(&vp->strvalue[2], &vp->strvalue[0], vp->length);
-        vp->strvalue[0] = PW_DIGEST_OBSELETE_URI;
-        vp->length += 2;
-        vp->strvalue[1] = vp->length;
-        vp->attribute = PW_DIGEST_OBSELETE_ATTRIBUTES;
-        break;
 			case PW_DIGEST_QOP:
-        memmove(&vp->strvalue[2], &vp->strvalue[0], vp->length);
-        vp->strvalue[0] = PW_DIGEST_OBSELETE_QOP;
-        vp->length += 2;
-        vp->strvalue[1] = vp->length;
-        vp->attribute = PW_DIGEST_OBSELETE_ATTRIBUTES;
-        break;
 			case PW_DIGEST_ALGORITHM:
-        memmove(&vp->strvalue[2], &vp->strvalue[0], vp->length);
-        vp->strvalue[0] = PW_DIGEST_OBSELETE_ALGORITHM;
-        vp->length += 2;
-        vp->strvalue[1] = vp->length;
-        vp->attribute = PW_DIGEST_OBSELETE_ATTRIBUTES;
-        break;
 			case PW_DIGEST_BODY_DIGEST:
-      memmove(&vp->strvalue[2], &vp->strvalue[0], vp->length);
-        vp->strvalue[0] = PW_DIGEST_OBSELETE_BODY_DIGEST;
-        vp->length += 2;
-        vp->strvalue[1] = vp->length;
-        vp->attribute = PW_DIGEST_OBSELETE_ATTRIBUTES;
-        break;
 			case PW_DIGEST_CNONCE:
-      memmove(&vp->strvalue[2], &vp->strvalue[0], vp->length);
-        vp->strvalue[0] = PW_DIGEST_OBSELETE_CNONCE;
-        vp->length += 2;
-        vp->strvalue[1] = vp->length;
-        vp->attribute = PW_DIGEST_OBSELETE_ATTRIBUTES;
-        break;
 			case PW_DIGEST_NONCE_COUNT:
-      memmove(&vp->strvalue[2], &vp->strvalue[0], vp->length);
-        vp->strvalue[0] = PW_DIGEST_OBSELETE_NONCE_COUNT;
-        vp->length += 2;
-        vp->strvalue[1] = vp->length;
-        vp->attribute = PW_DIGEST_OBSELETE_ATTRIBUTES;
-        break;
 			case PW_DIGEST_USER_NAME:
 				/* overlapping! */
 				memmove(&vp->strvalue[2], &vp->strvalue[0], vp->length);
-				vp->strvalue[0] = PW_DIGEST_OBSELETE_USER_NAME;
+				vp->strvalue[0] = vp->attribute - PW_DIGEST_REALM + 1;
 				vp->length += 2;
 				vp->strvalue[1] = vp->length;
-				vp->attribute = PW_DIGEST_OBSELETE_ATTRIBUTES;
+				vp->attribute = PW_DIGEST_ATTRIBUTES;
 				break;
 			}
 		} /* loop over the VP's we read in */
diff -ru freeradius-1.1.3/src/modules/rlm_digest/rlm_digest.c freeradius-1.1.3-orig/src/modules/rlm_digest/rlm_digest.c
--- freeradius-1.1.3/src/modules/rlm_digest/rlm_digest.c	2006-09-18 08:15:37.000000000 +0200
+++ freeradius-1.1.3-orig/src/modules/rlm_digest/rlm_digest.c	2006-04-29 01:44:31.000000000 +0200
@@ -39,136 +39,9 @@
 
 	/* quiet the compiler */
 	instance = instance;
-  
-  DEBUG("    rlm_digest: Converting Digest-Attributes to something sane...");
-  
-  vp = pairfind(request->packet->vps, PW_DIGEST_OBSELETE_ATTRIBUTES);
-  
-  while (vp) {
-    int length = vp->length;
-    int attrlen;
-    uint8_t *p = &vp->strvalue[0];
-    VALUE_PAIR *sub;
-
-    /*
-     *  Convert old draft-style attributes to rfc4590 flat style attributes 
-     */
-    while (length > 0) {
-      /*
-       *  The attribute type must be valid
-       */
-      if ((p[0] == 0) || (p[0] > 10)) {
-        DEBUG("ERROR: Received Digest-Attributes with invalid sub-attribute %d", p[0]);
-        return RLM_MODULE_INVALID;
-      }
-
-      attrlen = p[1]; /* stupid VSA format */
-
-      /*
-       *  Too short.
-       */
-      if (attrlen < 3) {
-        DEBUG("ERROR: Received Digest-Attributes with short sub-attribute %d, of length %d", p[0], attrlen);
-        return RLM_MODULE_INVALID;
-      }
-
-      /*
-       *  Too long.
-       */
-      if (attrlen > length) {
-        DEBUG("ERROR: Received Digest-Attributes with long sub-attribute %d, of length %d", p[0], attrlen);
-        return RLM_MODULE_INVALID;
-      }
-
-      /*
-       *  Create a new attribute, broken out of
-       *  the stupid sub-attribute crap.
-       *
-       *  Didn't they know that VSA's exist?
-       */
-     switch(p[0]) {
-        case PW_DIGEST_OBSELETE_REALM:
-          sub = paircreate(PW_DIGEST_REALM,
-           PW_TYPE_STRING);
-           break;
-        case PW_DIGEST_OBSELETE_NONCE:
-          sub = paircreate(PW_DIGEST_NONCE,
-           PW_TYPE_STRING);
-           break;
-        case PW_DIGEST_OBSELETE_METHOD:
-          sub = paircreate(PW_DIGEST_METHOD,
-           PW_TYPE_STRING);
-           break;
-        case PW_DIGEST_OBSELETE_URI:
-          sub = paircreate(PW_DIGEST_URI,
-           PW_TYPE_STRING);
-           break;
-        case PW_DIGEST_OBSELETE_QOP:
-          sub = paircreate(PW_DIGEST_QOP,
-           PW_TYPE_STRING);
-           break;
-        case PW_DIGEST_OBSELETE_ALGORITHM:
-          sub = paircreate(PW_DIGEST_ALGORITHM,
-           PW_TYPE_STRING);
-           break;
-        case PW_DIGEST_OBSELETE_BODY_DIGEST:
-          sub = paircreate(PW_DIGEST_BODY_DIGEST,
-           PW_TYPE_STRING);
-           break;
-        case PW_DIGEST_OBSELETE_CNONCE:
-          sub = paircreate(PW_DIGEST_CNONCE,
-           PW_TYPE_STRING);
-           break;
-        case PW_DIGEST_OBSELETE_NONCE_COUNT:
-          sub = paircreate(PW_DIGEST_NONCE_COUNT,
-           PW_TYPE_STRING);
-           break;
-        case PW_DIGEST_OBSELETE_USER_NAME:
-          sub = paircreate(PW_DIGEST_USER_NAME,
-           PW_TYPE_STRING);
-           break;
-        default:
-          return RLM_MODULE_FAIL;
-     }
-       
-     
-      if (!sub) {
-        return RLM_MODULE_FAIL; /* out of memory */
-      }
-      memcpy(&sub->strvalue[0], &p[2], attrlen - 2);
-      sub->strvalue[attrlen - 2] = '\0';
-      sub->length = attrlen - 2;
-
-      if (debug_flag) {
-        putchar('\t');
-        vp_print(stdout, sub);
-        putchar('\n');
-      }
-
-      /*
-       *  And add it to the request pairs.
-       */
-      pairadd(&request->packet->vps, sub);
-
-      /*
-       *  FIXME: Check for the existence
-       *  of the necessary attributes!
-       */
-
-      length -= attrlen;
-      p += attrlen;
-    } /* loop over this one attribute */
-
-    /*
-     *  Find the next one, if it exists.
-     */
-    vp = pairfind(vp->next, PW_DIGEST_OBSELETE_ATTRIBUTES);
-  }
-  
-  
 
 	/*
-	 *	Make sure we have all the required attributes 
+	 *	We need both of these attributes to do the authentication.
 	 */
 	vp = pairfind(request->packet->vps, PW_DIGEST_RESPONSE);
 	if (vp == NULL) {
@@ -186,55 +59,11 @@
 	/*
 	 *	We need these, too.
 	 */
-	vp = pairfind(request->packet->vps, PW_DIGEST_REALM);
-	if (vp == NULL) {
-		DEBUG("ERROR: Received Digest-Response without Digest-Realm");
-		return RLM_MODULE_INVALID;
-	}
-	vp = pairfind(request->packet->vps, PW_DIGEST_NONCE);
-	if (vp == NULL) {
-		DEBUG("ERROR: Received Digest-Response without Digest-Nonce");
-		return RLM_MODULE_INVALID;
-	}
-	vp = pairfind(request->packet->vps, PW_DIGEST_METHOD);
-	if (vp == NULL) {
-		DEBUG("ERROR: Received Digest-Response without Digest-Method");
-		return RLM_MODULE_INVALID;
-	}
-	vp = pairfind(request->packet->vps, PW_DIGEST_URI);
-	if (vp == NULL) {
-		DEBUG("ERROR: Received Digest-Response without Digest-URI");
-		return RLM_MODULE_INVALID;
-	}
-	vp = pairfind(request->packet->vps, PW_DIGEST_ALGORITHM);
+	vp = pairfind(request->packet->vps, PW_DIGEST_ATTRIBUTES);
 	if (vp == NULL) {
-		DEBUG("ERROR: Received Digest-Response without Digest-Algorithm");
+		DEBUG("ERROR: Received Digest-Response without Digest-Attributes");
 		return RLM_MODULE_INVALID;
 	}
-	vp = pairfind(request->packet->vps, PW_DIGEST_USER_NAME);
-	if (vp == NULL) {
-		DEBUG("ERROR: Received Digest-Response without Digest-Username");
-		return RLM_MODULE_INVALID;
-	}
-	vp = pairfind(request->packet->vps, PW_DIGEST_QOP);
-	if (vp == NULL) {
-		DEBUG("ERROR: Received Digest-Response without Digest-Qop");
-		return RLM_MODULE_INVALID;
-	}
-	/*
-	 * According to rfc 4590 2.2.1 the value of this attribute decides if a few other
-	 * attributes are required. 
-	 */
-	if (strncmp("auth-int", &vp->strvalue[0], vp->length) != 0) {
-	  vp = pairfind(request->packet->vps, PW_DIGEST_BODY_DIGEST);
-	  if (vp == NULL) {
-	    DEBUG("ERROR: Received Digest-Response without Digest-Body-Digest");
-	    return RLM_MODULE_INVALID;
-	  }
-	}
-
-	
-
 
 	/*
 	 *	Everything's OK, add a digest authentication type.
@@ -265,22 +94,7 @@
 	instance = instance;	/* -Wunused */
 
 	/*
-	 * Check the nonce
-	 */
-	nonce = pairfind(request->packet->vps, PW_DIGEST_NONCE);
-	if (nonce == NULL) {
-	  DEBUG("ERROR: No Digest-Nonce: Cannot perform Digest authentication");
-	  return RLM_MODULE_INVALID;
-	}
-	
-	if ((nonce->length & 1) != 0) {
-	  DEBUG("ERROR: Received Digest-Nonce hex string with invalid length: Cannot perform Digest authentication");
-	  return RLM_MODULE_INVALID;
-	}
-
-
-	/*
-	 *	We require access to the plain-text password or the Digest-HA1
+	 *	We require access to the plain-text password.
 	 */
 	passwd = pairfind(request->config_items, PW_DIGEST_HA1);
 	if (passwd) {
@@ -292,10 +106,108 @@
 		passwd = pairfind(request->config_items, PW_PASSWORD);
 	}
 	if (!passwd) {
-		radlog(L_AUTH, "rlm_digest: Configuration item \"User-Password\" or \"Digest-HA1\" is required for authentication with this module.");
+		radlog(L_AUTH, "rlm_digest: Configuration item \"User-Password\" or Digest-HA1 is required for authentication.");
 		return RLM_MODULE_INVALID;
 	}
 
+	/*
+	 *	We need these, too.
+	 */
+	vp = pairfind(request->packet->vps, PW_DIGEST_ATTRIBUTES);
+	if (vp == NULL) {
+		DEBUG("ERROR: You set 'Auth-Type = Digest' for a request that did not contain any digest attributes!");
+		return RLM_MODULE_INVALID;
+	}
+
+	/*
+	 *	Loop through the Digest-Attributes, sanity checking them.
+	 */
+	DEBUG("    rlm_digest: Converting Digest-Attributes to something sane...");
+	while (vp) {
+		int length = vp->length;
+		int attrlen;
+		uint8_t *p = &vp->strvalue[0];
+		VALUE_PAIR *sub;
+
+		/*
+		 *	Until this stupidly encoded attribure is exhausted.
+		 */
+		while (length > 0) {
+			/*
+			 *	The attribute type must be valid
+			 */
+			if ((p[0] == 0) || (p[0] > 10)) {
+				DEBUG("ERROR: Received Digest-Attributes with invalid sub-attribute %d", p[0]);
+				return RLM_MODULE_INVALID;
+			}
+
+			attrlen = p[1];	/* stupid VSA format */
+
+			/*
+			 *	Too short.
+			 */
+			if (attrlen < 3) {
+				DEBUG("ERROR: Received Digest-Attributes with short sub-attribute %d, of length %d", p[0], attrlen);
+				return RLM_MODULE_INVALID;
+			}
+
+			/*
+			 *	Too long.
+			 */
+			if (attrlen > length) {
+				DEBUG("ERROR: Received Digest-Attributes with long sub-attribute %d, of length %d", p[0], attrlen);
+				return RLM_MODULE_INVALID;
+			}
+
+			/*
+			 *	Create a new attribute, broken out of
+			 *	the stupid sub-attribute crap.
+			 *
+			 *	Didn't they know that VSA's exist?
+			 */
+			sub = paircreate(PW_DIGEST_REALM - 1 + p[0],
+					 PW_TYPE_STRING);
+			if (!sub) {
+				return RLM_MODULE_FAIL; /* out of memory */
+			}
+			memcpy(&sub->strvalue[0], &p[2], attrlen - 2);
+			sub->strvalue[attrlen - 2] = '\0';
+			sub->length = attrlen - 2;
+
+			if (debug_flag) {
+			  putchar('\t');
+			  vp_print(stdout, sub);
+			  putchar('\n');
+			}
+
+			/*
+			 *	And add it to the request pairs.
+			 */
+			pairadd(&request->packet->vps, sub);
+
+			/*
+			 *	FIXME: Check for the existence
+			 *	of the necessary attributes!
+			 */
+
+			length -= attrlen;
+			p += attrlen;
+		} /* loop over this one attribute */
+
+		/*
+		 *	Find the next one, if it exists.
+		 */
+		vp = pairfind(vp->next, PW_DIGEST_ATTRIBUTES);
+	}
+
+	/*
+	 *	We require access to the Digest-Nonce-Value
+	 */
+	nonce = pairfind(request->packet->vps, PW_DIGEST_NONCE);
+	if (!nonce) {
+		DEBUG("ERROR: No Digest-Nonce: Cannot perform Digest authentication");
+		return RLM_MODULE_INVALID;
+	}
 
 	/*
 	 *	A1 = Digest-User-Name ":" Realm ":" Password
@@ -368,6 +280,10 @@
 		/*
 		 *	Tack on the Digest-Nonce. Length must be even
 		 */
+		if ((nonce->length & 1) != 0) {
+			DEBUG("ERROR: Received Digest-Nonce hex string with invalid length: Cannot perform Digest authentication");
+			return RLM_MODULE_INVALID;
+		}
 		memcpy(&a1[a1_len], &nonce->strvalue[0], nonce->length);
 		a1_len += nonce->length;
 
@@ -526,7 +442,6 @@
 			DEBUG("ERROR: No Digest-CNonce: Cannot perform Digest authentication");
 			return RLM_MODULE_INVALID;
 		}
-
 		memcpy(&kd[kd_len], &vp->strvalue[0], vp->length);
 		kd_len += vp->length;
 
diff -ru freeradius-1.1.3/src/modules/rlm_eap/radeapclient.c freeradius-1.1.3-orig/src/modules/rlm_eap/radeapclient.c
--- freeradius-1.1.3/src/modules/rlm_eap/radeapclient.c	2006-09-18 08:13:51.000000000 +0200
+++ freeradius-1.1.3-orig/src/modules/rlm_eap/radeapclient.c	2006-05-19 16:22:23.000000000 +0200
@@ -837,7 +837,7 @@
 			vp->strvalue[0] = vp->attribute - PW_DIGEST_REALM + 1;
 			vp->length += 2;
 			vp->strvalue[1] = vp->length;
-			vp->attribute = PW_DIGEST_OBSELETE_ATTRIBUTES;
+			vp->attribute = PW_DIGEST_ATTRIBUTES;
 			break;
 		}
 	}
