At 10:53 AM 11/14/2001 -0500, you wrote: >Nathan Miller <[EMAIL PROTECTED]> wrote: > > 1. When received requests directly to the new freeradius machine from > > either UUNet or other CHAP enabled provider, freeradius is _never_ sending > > the CHAP-Challenge to the script nor logging it in the radius debug > > output. I show this below in some debug outputs. > > That's because it isn't receiving the CHAP-Challenge. Look at the >example packet you sent. There's no CHAP-Challenge there.
I agree it's certainly not in the debug; however, I do know the provider is sending the CHAP-Challenge as it arrives on my other radius servers just fine. > The RFC's (in their infinite wisdom) allow the CHAP-Challenge to be >implicit in the request authenticator. The preprocess module should >probably look for CHAP-Password, CHAP-Challenge, and add a >CHAP-Challenge if it's not there. > > Right now, only the proxy code does this. It would be a ~5 line >change to rlm_preprocess to fix it. If the code is "adding" a CHAP-Challenge is it going to be adding the correct one? Or is it just grappling it from the packet it received somehow? I assume the NAS originally sends the chap-challenge? Also, I am certainly not a C coder. I have asked a fellow coder to look at the rlm_preprocess and do as you say, but does anyone in devel team have an idea what these ~5 lines should be to make this happen? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html