MS-CHAPv2 password change implementation
Phil Mayers
p.mayers at imperial.ac.uk
Tue Apr 19 16:57:43 CEST 2011
All,
I have spent the last few days writing the code to allow rlm_mschap and
rlm_eap_mschapv2 to support password changes.
Rather than slinging tarballs around, the patches are in a branch here:
https://github.com/philmayers/freeradius-server/tree/v2.1.x-mschap-changepass
It basically works for me; I've tried it with a Windows XP client on a
wired 802.1x port, but it needs extensive testing given the scope of the
changes. It supports both password changes via samba/ntlm_auth and also
locally if you have NT-Password/Cleartext-Password.
I've tried to split the patches up into logical units, which should make
the review easier.
Particularly, the first patch in the set interferes with src/main/exec.c
so that we can re-use the code to open a process with a pipe on both
stdin and stdout. This change will need very careful review.
Testing and comments are very welcome, but I'll be offline for most of
the next two weeks enjoying the weather!
Cheers,
Phil
More information about the Freeradius-Users
mailing list