On Mon, 2007-07-09 at 22:44 +0100, Arran Cudbard-Bell wrote:
Alan DeKok wrote:
Johan wrote:
I'm wondering if it's possible to authenticate a user who is using mschap authentication with perl.
Sure. Just re-write all of the MS-CHAP authentication protocol in rlm_mschap in Perl.
But why the heck would you want to do that?
You know i've been thinking of doing that in PHP (PHP Based supplicant for weblogin via RADIUS), i'm sure it's possible... and it would be of some benefit, just the RFC makes my head hurt... one of the few times I've regreted not studying computer science. *sigh* something to do with hashing the nt hash using different sha functions.
I suggested this to a BlueSocket rep after my 802.1x talk at NetworkShop 2006 (I think...) to get over the problems of PAP on eduroam - but my suggestion went further and was to do it in JavaScript on the browser, have the server simply act as a relay. I imagine that'd be even trickier. I got about an hour into coding it and lost the will to live...