Help: PAP with Sha1
vishal_nitr
vishal_nitr at rediffmail.com
Fri Apr 20 17:46:37 CEST 2012
Hi, I am using free-radius-2.1.12. I see that radius uses MD5 for encoding/decoding passwords. I am using PAP authentication. In my radius client I changed encoding to SHA1; due to which radius started rejecting auth requests saying password mismatch from rlm_pap which is obvious. I tried changing few things in lib/radius.c to SHA1 but with no success.
I ran radiusd with -X option and I saw following:With MD5 from client: User-Name = "vishal" Calling-Station-Id = "00-23-68-0F-1A-E6" NAS-Port = 0 NAS-Port-Type = Wireless-802.11 Framed-MTU = 1400 Service-Type = Framed-User NAS-IP-Address = 127.0.0.1 NAS-Identifier = "ap7131-0F1AE6" NAS-Port-Id = "0" User-Password = "vishal123"
With SHA1 from client: User-Name = "vishal" Calling-Station-Id = "00-23-68-0F-1A-E6" NAS-Port = 0 NAS-Port-Type = Wireless-802.11 Framed-MTU = 1400 Service-Type = Framed-User NAS-IP-Address = 127.0.0.1 NAS-Identifier = "ap7131-0F1AE6" NAS-Port-Id = "0" User-Password = "\356Ew\2310\347\326\367h\r1\223,\224\024\352\027\241>5"
Alan Dekok just informed me that RADIUS uses MD5 and it can't be changed (thanks ALAN). And I don't want to go against protocol. But as I have spent almost a week in finding a location where RADIUS decodes the password received from client. Please can somebody point me the place where this happens.
Thanks and Regards,
Vishal Kotalwar,
Bangalore-35.
09900055647.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20120420/a35b7a5f/attachment.html>
More information about the Freeradius-Devel
mailing list