23 Jan
2025
23 Jan
'25
9:50 a.m.
On Jan 23, 2025, at 12:02 AM, daoxuan shi <shidaoxuan@gmail.com> wrote:
I have found the method to achieve this goal, and I will provide a few examples below:
That surprises me. RFC 2759 is very clear that the Success packet has to be checked by the client; https://datatracker.ietf.org/doc/html/rfc2759#section-5 The authenticating peer MUST verify the authenticator response when a Success packet is received. The method for verifying the authenticator is described in section 8.8, below. If the authenticator response is either missing or incorrect, the peer MUST end the session. I'll have to try this out. If it works, we'll update the examples and documentation. Alan DeKok.