Hi, Cheng. maybe you can check the proposed patch for current CVS version if you find some time : http://bugs.freeradius.org/show_bug.cgi?id=287 It avoids the digest module configuration option given earlier (in the FreeRADIUS 1.0.5 patch), and uses the MD5-Password attribute to store H(username:realm:password). Note that it has been tested with option 'auto_header' in radiusd.conf set to 'yes', as the 'password_header' option is deprecated in CVS. I also successfully tested it along with an LDAP server, with password pullout during the authorization process. Thank you for your feedback regarding this problem, Regards, Philippe On 10/12/05, Philippe Sultan <philippe.sultan@gmail.com> wrote:
ok Cheng. Note that it should be fixed in the CVS version within a few days, without changing the configuration of rlm_digest. The MD5-Password (present in CVS) fits our need in this case, I will try to bring a fix next week including LDAP password pullout during authorization. Bye, Philippe
On 10/12/05, Cheng Zhang <czhang.cmu@gmail.com> wrote:
Thanks Philippe. It works for me as well. I will also let people on serusers and openser-users mailing lists to know. Without your patch, AFATK, the password has to be in clear text form if using RADIUS to do the authentication.
Thanks again.
On 10/12/05, Philippe Sultan <philippe.sultan@gmail.com > wrote:
Hi, Chen.
There is ongoing discussion on this topic :
http://lists.freeradius.org/pipermail/freeradius-users/2005-October/047606.h...
You might also want to check this, for information related to digest authentication with RADIUS and LDAP :
http://www-rocq.inria.fr/who/Philippe.Sultan/Asterisk/asterisk_sip_external_...
Bye,
Philippe
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html