[SOLVED] CHAP Modification

[ChristosH]

Alan DeKok-4 wrote:
> 
> ChristosH wrote:
>> It's a VALUE_PAIR type, so could I check and modify the password->length
>> and
>> password->strvalue in that function?
> 
>   Huh?  Why?  Do it elsewhere.
> 

Well, that's part of my issue; where's the best place to check the password
and convert it to binary when needed.

In the rlm_chap.C file I also notice that there's the code:

	DEBUG("  rlm_chap: Using clear text password \"%s\" for user %s
authentication.",
	      passwd_item->strvalue, request->username->strvalue);


rad_chap_encode(request->packet,pass_str,request->password->strvalue[0],passwd_item);

	if (memcmp(pass_str+1,request->password->strvalue+1,CHAP_VALUE_LENGTH) !=
0){
		DEBUG("  rlm_chap: Password check failed");
		snprintf(module_fmsg,sizeof(module_fmsg),"rlm_chap: Wrong user password");
		module_fmsg_vp = pairmake("Module-Failure-Message", module_fmsg, T_OP_EQ);
		pairadd(&request->packet->vps, module_fmsg_vp);
		return RLM_MODULE_REJECT;
	}

Could I also modify the password there? I'm just trying to find the easiest
way to check if the password should be read as a string or binary and then
parse it properly BEFORE it is CHAP encoded because I can't change the
hardware.
> Also, is there a C function included in the libraries that will allow me
> to
> convert a hex string to binary? I'm worried I might get stuck in ASCII ->
> HEX -> BINARY conversions.

  Yes.  see "bin2hex" and "hex2bin".  See also rlm_pap in 1.1.4, which
does a lot of this kind of normalization already.

  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog
- 
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html



-- 
View this message in context: http://www.nabble.com/CHAP-Modification-tf3284565.html#a9207275
Sent from the FreeRadius - User mailing list archive at Nabble.com.