3 Feb
2017
3 Feb
'17
10:28 a.m.
On 3.2. 16:41, Matthew Newton wrote:
On Fri, Feb 03, 2017 at 04:34:23PM +0200, Ilkka Virta wrote:
The User-Password contained in the initial request appears as 16 random-looking bytes:
I don't think this is the expected behaviour given the documentation, any thoughts?
Shared secret is wrong? Check it's identical at both ends.
No, the shared secret is correct. If it were wrong, _all_ passwords would be garbled, not just the one in the initial query. The client would also complain about an invalid authenticator. But user-entered passwords work, empty or otherwise.