Thanks,Alan. But I have a few questions. First, if I create a new attribute "My-Aes-Password" and include it in the Access-Requet packet, I should not include the attributes such as "User-Password" or "Chap-Password".Is it right? For I have read RFC 2865, and gotten the message from page 64th as "[Note 1] An Access-Request MUST contain either a User-Password or a CHAP-Password or State. An Access-Request MUST NOT contain both a User-Password and a CHAP-Password. If future extensions allow other kinds of authentication information to be conveyed, the attribute for that can be used in an Access-Request instead of User-Password or CHAP-Password.", I have this question. The second question is about how to write modules.Sorry to ask the same question,but I want to verify my plan to see if it is pratical. The plan is as follow: I dont amend the module "rlm_chap" , I just copy all files in the ./src/modules/rlm_chap/ to a new dictory "rlm_aes" and rename files rlm_chap.* to rlm_aes.*. Then I edit rlm-chap.c to alter it to use AES to analyze the request packet. Is it pratical?
2007/2/3, Alan DeKok <[EMAIL PROTECTED]>:
yao guoxian wrote: > Second,suppose we have enabled the NAS(client) and Freeradius to support > our specified attribute "My-Aes-Password" , how to write the new module > to handle the attribute? See the examples & the documentation. What about them is unclear? > Third , how to enable Freeradius and Nas(client) to support our new > attribute?Does it need to append the dictionary file a new entry? All of this is documented. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html