CHAP Modification

ChristosH christov at
Sat Feb 24 19:22:22 CET 2007

I'm trying to edit the way the CHAP module fetches passwords before hasing
them due to a limitation in 2 different types of hardware we have.

One set of devices takes a HEX password stored on the device, converts it to
binary, and then calculates the MD5 CHAP challenge to send to the server.
The other set of devices just takes the HEX password and calculates the MD5
as if it were a string. I can distinguish which device is which when I'm
adding passwords to my database (by adding a prefix 0x to let me know it's
going from HEX -> BIN or whatnot) because the password is fixed at 32
characters, but definately not which device is which at run time.

I guess what I'm trying to do is find where in the CHAP encoding module is
the password attribute accessed/read and then passed (I'm guessing as an
arguement) to be hashed. I think I could possibly do my funky math in mind
there by checking the length of the password or the first two letters, and
then converting to binary as needed or just passing it through. 

My problem is where exactly is this password CHAP challege code? I'm sifting
through the radius.c file but can't seem to find anything. I'm comfortable
writing some stuff with C and reading more complex things, so I don't think
that will be a barrier. When I change it, will it require me to recompile
everything every time I want to check? I'm using Fedora Core 6, Freerad
1.1.4, and MySql 5.0.
View this message in context:
Sent from the FreeRadius - User mailing list archive at

More information about the Freeradius-Users mailing list