2.x.x (and earier?): yet another decoding SSHA issue

Matthew Newton mcn4 at leicester.ac.uk
Tue Jul 16 17:53:38 CEST 2013

On Tue, Jul 16, 2013 at 04:12:53PM +0100, Arran Cudbard-Bell wrote:
> > Is it possible to add a qualifier indicating the format of the item,
> > e.g. base64, hex, etc.?
> You could use as part of the atribute name to indicate a cast.
> <string>SSHA-Password := <hash>
> But it's still awful.
> Anyway Stefan's point about SSHA is correct. Maybe an option to
> turn off the normalisation done by rlm_pap would be useful.

Having rehashed the rlm_pap code for v3, I'd question anyone's
sanity wanting to touch the v2 code... I'm still in recovery :-)

I've done a pull request for v3 that adds this option. It
compiles, but I've not tested it yet.

The most sane thing for rlm_pap in v2 would be to pull in the
module from master, but it probably wouldn't be hard to add a
normalize option to that as well.


Matthew Newton, Ph.D. <mcn4 at le.ac.uk>

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>

More information about the Freeradius-Devel mailing list