All password checks disabled... ugh

Stefan Winter stefan.winter at
Thu Apr 17 09:17:16 CEST 2014


>   The auto_header directive has been removed in v3.  The User-Password
> is now always just the password.  The Password-With-Header attribute
> should contain the header.

Well, it exists as documentation / sample config piece in 3.0.2's

Not that I care; I don't use that functionality. But if it has been
removed, the docs shouldn't talk about it any more.

But seriously... this is just a side issue. I'm MUCH more concerned
about proxy-to-vserver requests behaving very strangely, to the extent
of defaulting to Accept.

Any news on that main issue?


Stefan Winter

>> Might do. Meanwhile, one of the mini things I found while chasing ghosts
>> is that my "files" instance separates the username and the NT-Password
>> := ABCDFOO with *spaces*, while the doc says it need to be tabs.
>  Both spaces and tabs are accepted.  The "users" file parsing code
> hasn't changed in v3.
>> My theory is that it might have matched line 22, but not actually picked
>> up the password; and then by some dubious assumption concluded "nothing
>> to check, so Accept"?
>   No.  If there's no Cleartext-Password, it should default to rejecting
> the request.
>> This doesn't explain why other clients on the same virtual server do
>> check the NT-Password. Oh well.
>   No idea.
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See

Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x8A39DC66.asc
Type: application/pgp-keys
Size: 3243 bytes
Desc: not available
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Freeradius-Devel mailing list