EAP/MSCHAPv2 code question
aland at deployingradius.com
Wed Nov 15 20:48:02 CET 2006
Julien.HOCHART at fr.thalesgroup.com wrote:
> The changes concern the case where the server receives a success.
> I actually cant figure how it can happen, because rfcs are always stating the server to send such messages to the clients.
What if someone doesn't follow the RFC's? You can't trust attackers
to do what they're supposed to do.
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Devel