On Thu, 11 Jul 2002, Deramus, Chris wrote: > I believe I have found a problem with the PAP module in FreeRadius 0.6. In > our environment, we have a production box, running FreeRadius 0.5 and a > development box running 0.6 > > We're using MySQL for user authorization and PAP for password > authentication. Passwords are using MD5 encryption in the database. I made a > test user on both the 0.5 server, and the 0.6 server. I then verified all > information and tried connecting with each. The 0.5 server has no problem > with the entered information, however, 0.6 can't seem to encrypt correctly > to match up the password with the one in the database. When I take off MD5 > encryption and do Clear-Text it goes through beautifully in 0.6. > > Did something change with the MD5 part of the module, or is there something > missing? I ran radiusd -X on both boxes and compared my results and they are > 100% identical with the exception of 0.5 going through and 0.6 rejecting the > user. > > Thanks, > > Chris
Yes I introduced a stupid bug in MD5 and SHA1. Do a cvs update on the rlm_pap module and things should work ok again. -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 10 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
