22 Oct
2015
22 Oct
'15
11:07 a.m.
On Oct 22, 2015, at 3:21 AM, Daniel Pocock <daniel@pocock.pro> wrote:
We tried that, we can see freeradius is authorizing the requests
libfreeradius-client is logging the following:
rc_check_reply: received invalid reply digest from RADIUS server
So the shared secret is wrong.
I disabled the check in the libfreeradius-client code and everything else appears to work (commenting out the return BADRESP_RC):
Which means anyone can forge replies to authentication packets. Don't do that. Fix the shared secret. Alan DeKok.