[SOLVED] CHAP Modification

ChristosH christov at aztecamobile.com
Wed Feb 28 17:30:05 CET 2007

Alan DeKok-4 wrote:
> ChristosH wrote:
>> It's a VALUE_PAIR type, so could I check and modify the password->length
>> and
>> password->strvalue in that function?
>   Huh?  Why?  Do it elsewhere.

Well, that's part of my issue; where's the best place to check the password
and convert it to binary when needed.

In the rlm_chap.C file I also notice that there's the code:

	DEBUG("  rlm_chap: Using clear text password \"%s\" for user %s
	      passwd_item->strvalue, request->username->strvalue);


	if (memcmp(pass_str+1,request->password->strvalue+1,CHAP_VALUE_LENGTH) !=
		DEBUG("  rlm_chap: Password check failed");
		snprintf(module_fmsg,sizeof(module_fmsg),"rlm_chap: Wrong user password");
		module_fmsg_vp = pairmake("Module-Failure-Message", module_fmsg, T_OP_EQ);
		pairadd(&request->packet->vps, module_fmsg_vp);

Could I also modify the password there? I'm just trying to find the easiest
way to check if the password should be read as a string or binary and then
parse it properly BEFORE it is CHAP encoded because I can't change the
> Also, is there a C function included in the libraries that will allow me
> to
> convert a hex string to binary? I'm worried I might get stuck in ASCII ->
> HEX -> BINARY conversions.

  Yes.  see "bin2hex" and "hex2bin".  See also rlm_pap in 1.1.4, which
does a lot of this kind of normalization already.

  Alan DeKok.
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog
List info/subscribe/unsubscribe? See

View this message in context: http://www.nabble.com/CHAP-Modification-tf3284565.html#a9207275
Sent from the FreeRadius - User mailing list archive at Nabble.com.

More information about the Freeradius-Users mailing list