CHAP Modification

Graeme Crawford graeme.crawford at
Sat Feb 24 21:24:30 CET 2007

On 2/24/07, ChristosH <christov at> wrote:
> I'm trying to edit the way the CHAP module fetches passwords before hasing
> them due to a limitation in 2 different types of hardware we have.
> One set of devices takes a HEX password stored on the device, converts it to
> binary, and then calculates the MD5 CHAP challenge to send to the server.
> The other set of devices just takes the HEX password and calculates the MD5
> as if it were a string. I can distinguish which device is which when I'm
> adding passwords to my database (by adding a prefix 0x to let me know it's
> going from HEX -> BIN or whatnot) because the password is fixed at 32
> characters, but definately not which device is which at run time.
> I guess what I'm trying to do is find where in the CHAP encoding module is
> the password attribute accessed/read and then passed (I'm guessing as an
> arguement) to be hashed. I think I could possibly do my funky math in mind
> there by checking the length of the password or the first two letters, and
> then converting to binary as needed or just passing it through.
> My problem is where exactly is this password CHAP challege code? I'm sifting
> through the radius.c file but can't seem to find anything. I'm comfortable
> writing some stuff with C and reading more complex things, so I don't think
> that will be a barrier. When I change it, will it require me to recompile
> everything every time I want to check? I'm using Fedora Core 6, Freerad
> 1.1.4, and MySql 5.0.
> --
> View this message in context:
> Sent from the FreeRadius - User mailing list archive at
> -
> List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list