MS-CHAP Authentication / Bug 17
Alan Buxey
A.L.M.Buxey at lboro.ac.uk
Mon Sep 21 19:43:08 CEST 2009
Hi,
> Actually, the problem definitely impacts PEAP/MSCHAPv2 (and I believe TTLS/MSCHAPv2 also because it's an error in MS-CHAP, but we don't use TTLS so I can't test that). (I haven't thought about it enough to know whether it affects v1, but it definitely occurs with v2 as that's where I found it.)
>
> The problem occurs when the client creates the MS-CHAPv2 response and uses a userid whose case differs from what FR subsequently uses to create the challenge for ntlm_auth.
hmm, okay - I'll only be able to introduce core systrems with this patch in place
after 2nd October - we currently have a change freeze on main systems until then
alan
More information about the Freeradius-Users
mailing list