rlm_pap code tidy

Alan DeKok aland at deployingradius.com
Sat Sep 29 06:58:00 CEST 2012


Matthew Newton wrote:
> As another thought, maybe rlm_pap should now also refuse to auth
> against a password in User-Password? I moved the warning over from
> auth.c, but pap still allows it to work. 3.0 would seem to be a
> good place to finally break this.

  It's probably a good idea.  Doing the User-Password thing breaks many
authentication types.  It's time to NOT be backwards compatible with 10+
years of stupidity.

  Cleartext-Password has been around since 1.1.3.  It's time people used it.

> I guess it's a balance between forcing the Right Thing, and the
> number of questions on freeradius-users... although I guess they
> will be many when 3.0 is released anyway.

  Hopefully the documentation will be clear on the subject.  See
raddb/README.md.  It explains the upgrade process.

  Alan DeKok.


More information about the Freeradius-Devel mailing list