On 3/27/04 12:26 AM, [EMAIL PROTECTED] (Alan DeKok) wrote: >> Do you want to remove only the "after" option (the real hack) or the >> entire command? > > Both. The "after" thing runs the packet through the server twice, > which is problematic. The "lower_pass" thing can be done in a module.
I would urge you *not* to do this. We SHA1 encrypt our lowercased, MySQL-stored passwords. We then lowercase the incoming password from the authentication request before the PAP module SHA1-encodes it for comparison. I would rather not process the incoming authentication request through an additional module prior to performing the authentication. Regards, _Mike - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
